Skip to content
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.

Room header & message box shields now reflect cross-signing state #3850

Merged
merged 7 commits into from
Jan 17, 2020
Merged

Room header & message box shields now reflect cross-signing state #3850

Changes from 2 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ff05041
Update room shield icons to represent encrypted but unverified chats …
foldleft Jan 15, 2020
9ac3cb6
Merge remote-tracking branch 'origin/develop' into zip/11225-shields-…
foldleft Jan 16, 2020
82c5349
Updated to properly handle logic
foldleft Jan 16, 2020
8efc45b
no need to verify our own devices for every room
foldleft Jan 17, 2020
510b08c
changed logic to reflect the task
foldleft Jan 17, 2020
d02185e
whoops, the number of unverified users matters to the logic
foldleft Jan 17, 2020
908630c
*rude grumbling noises about @dbkr*
foldleft Jan 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 48 additions & 10 deletions src/components/structures/RoomView.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,7 @@ export default createReactClass({
MatrixClientPeg.get().on("accountData", this.onAccountData);
MatrixClientPeg.get().on("crypto.keyBackupStatus", this.onKeyBackupStatus);
MatrixClientPeg.get().on("deviceVerificationChanged", this.onDeviceVerificationChanged);
MatrixClientPeg.get().on("userTrustStatusChanged", this.onUserVerificationChanged);
// Start listening for RoomViewStore updates
this._roomStoreToken = RoomViewStore.addListener(this._onRoomViewStoreUpdate);
this._onRoomViewStoreUpdate(true);
Expand Down Expand Up @@ -492,6 +493,7 @@ export default createReactClass({
MatrixClientPeg.get().removeListener("accountData", this.onAccountData);
MatrixClientPeg.get().removeListener("crypto.keyBackupStatus", this.onKeyBackupStatus);
MatrixClientPeg.get().removeListener("deviceVerificationChanged", this.onDeviceVerificationChanged);
MatrixClientPeg.get().removeListener("userTrustStatusChanged", this.onUserVerificationChanged);
}

window.removeEventListener('beforeunload', this.onPageUnload);
Expand Down Expand Up @@ -762,6 +764,14 @@ export default createReactClass({
this._updateE2EStatus(room);
},

onUserVerificationChanged: function(userId, _trustStatus) {
const room = this.state.room;
if (!room.currentState.getMember(userId)) {
return;
}
this._updateE2EStatus(room);
},

_updateE2EStatus: async function(room) {
const cli = MatrixClientPeg.get();
if (!cli.isRoomEncrypted(room.roomId)) {
Expand All @@ -785,29 +795,57 @@ export default createReactClass({
return;
}
const e2eMembers = await room.getEncryptionTargetMembers();

/*
Ensure we trust our own signing key, ie, nobody's used our credentials to
replace it and sign all our devices
*/
if (!cli.checkUserTrust(cli.getUserId())) {
this.setState({
e2eStatus: "warning",
});
debuglog("e2e status set to warning due to not trusting our own signing key");
return;
}
foldleft marked this conversation as resolved.
Show resolved Hide resolved

/*
Gather verification state of every user in the room.
If _any_ user is verified then _every_ user must be verified, or we'll bail.
Note we don't count our own user so that the all/any check behaves properly.
*/
const verificationState = e2eMembers.map(({userId}) => userId)
.filter((userId) => userId !== cli.getUserId())
.map((userId) => cli.checkUserTrust(userId).isCrossSigningVerified());
if (verificationState.includes(true) && verificationState.includes(false)) {
this.setState({
e2eStatus: "warning",
foldleft marked this conversation as resolved.
Show resolved Hide resolved
});
debuglog("e2e status set to warning as some, but not all, users are verified");
return;
}

/*
Whether we verify or not, a user having an untrusted device requires warnings.
Check every user's devices, including ourselves.
foldleft marked this conversation as resolved.
Show resolved Hide resolved
*/
for (const member of e2eMembers) {
const { userId } = member;
const userVerified = cli.checkUserTrust(userId).isCrossSigningVerified();
if (!userVerified) {
this.setState({
e2eStatus: "warning",
});
return;
}
const devices = await cli.getStoredDevicesForUser(userId);
const allDevicesVerified = devices.every(device => {
const { deviceId } = device;
const allDevicesVerified = devices.every(({deviceId}) => {
return cli.checkDeviceTrust(userId, deviceId).isCrossSigningVerified();
foldleft marked this conversation as resolved.
Show resolved Hide resolved
});
if (!allDevicesVerified) {
this.setState({
e2eStatus: "warning",
});
debuglog("e2e status set to warning as not all users trust all of their devices." +
" Aborted on user", userId);
return;
}
}

this.setState({
e2eStatus: "verified",
e2eStatus: verificationState.includes(true) ? "verified" : "normal",
});
},

Expand Down