From 4396d85d1f8bf0f6c4f5ed9a2abfa7865d45a5e7 Mon Sep 17 00:00:00 2001 From: Zoe Date: Mon, 2 Mar 2020 16:28:10 +0000 Subject: [PATCH 1/2] Share secrets with another device on request --- src/CrossSigningManager.js | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/CrossSigningManager.js b/src/CrossSigningManager.js index f19be035749..8549742c053 100644 --- a/src/CrossSigningManager.js +++ b/src/CrossSigningManager.js @@ -21,6 +21,7 @@ import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase'; import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey'; import { _t } from './languageHandler'; import SettingsStore from './settings/SettingsStore'; +import {encodeBase64} from "matrix-js-sdk/src/crypto/olmlib"; // This stores the secret storage private keys in memory for the JS SDK. This is // only meant to act as a cache to avoid prompting the user multiple times @@ -125,8 +126,37 @@ async function getSecretStorageKey({ keys: keyInfos }, ssssItemName) { return [name, key]; } +const onSecretRequested = async function({ + user_id: userId, + device_id: deviceId, + request_id: requestId, + name, + device_trust: deviceTrust, +}) { + console.log("onSecretRequested", userId, deviceId, requestId, name, deviceTrust); + const client = MatrixClientPeg.get(); + if (userId !== client.getUserId()) { + return; + } + if (!deviceTrust || !deviceTrust.isVerified()) { + console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`); + return; + } + const crossSigning = client._crypto._crossSigningInfo; + if (!crossSigning._cacheCallbacks.getCrossSigningKeyCache) return; + if (name === "m.key.self_signing") { + const key = await crossSigning._cacheCallbacks.getCrossSigningKeyCache("self_signing"); + return key && encodeBase64(key); + } else if (name === "m.key.user_signing") { + const key = await crossSigning._cacheCallbacks.getCrossSigningKeyCache("user_signing"); + return key && encodeBase64(key); + } + console.warn("onSecretRequested didn't recognise the secret named ", name); +}; + export const crossSigningCallbacks = { getSecretStorageKey, + onSecretRequested, }; /** From 26177a19d5406739d067b9ccc3bf42bc4b8d5d46 Mon Sep 17 00:00:00 2001 From: Zoe Date: Thu, 5 Mar 2020 10:45:37 +0000 Subject: [PATCH 2/2] access cross-signing callbacks via method --- src/CrossSigningManager.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/CrossSigningManager.js b/src/CrossSigningManager.js index 8549742c053..0cf2c9e2ac8 100644 --- a/src/CrossSigningManager.js +++ b/src/CrossSigningManager.js @@ -142,13 +142,13 @@ const onSecretRequested = async function({ console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`); return; } - const crossSigning = client._crypto._crossSigningInfo; - if (!crossSigning._cacheCallbacks.getCrossSigningKeyCache) return; + const callbacks = client.getCrossSigningCacheCallbacks(); + if (!callbacks.getCrossSigningKeyCache) return; if (name === "m.key.self_signing") { - const key = await crossSigning._cacheCallbacks.getCrossSigningKeyCache("self_signing"); + const key = await callbacks.getCrossSigningKeyCache("self_signing"); return key && encodeBase64(key); } else if (name === "m.key.user_signing") { - const key = await crossSigning._cacheCallbacks.getCrossSigningKeyCache("user_signing"); + const key = await callbacks.getCrossSigningKeyCache("user_signing"); return key && encodeBase64(key); } console.warn("onSecretRequested didn't recognise the secret named ", name);