2020-01-17 11:43:35 +00:00
|
|
|
|
/*
|
|
|
|
|
Copyright 2020 The Matrix.org Foundation C.I.C.
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
import { MatrixClientPeg } from './MatrixClientPeg';
|
|
|
|
|
import SettingsStore from './settings/SettingsStore';
|
|
|
|
|
import * as sdk from './index';
|
|
|
|
|
import { _t } from './languageHandler';
|
|
|
|
|
import ToastStore from './stores/ToastStore';
|
|
|
|
|
|
2020-01-25 16:52:12 +00:00
|
|
|
|
const KEY_BACKUP_POLL_INTERVAL = 5 * 60 * 1000;
|
|
|
|
|
const THIS_DEVICE_TOAST_KEY = 'setupencryption';
|
2020-04-27 17:33:54 +00:00
|
|
|
|
const OTHER_DEVICES_TOAST_KEY = 'reviewsessions';
|
2020-01-25 16:52:12 +00:00
|
|
|
|
|
2020-01-17 11:43:35 +00:00
|
|
|
|
export default class DeviceListener {
|
|
|
|
|
static sharedInstance() {
|
|
|
|
|
if (!global.mx_DeviceListener) global.mx_DeviceListener = new DeviceListener();
|
|
|
|
|
return global.mx_DeviceListener;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
constructor() {
|
|
|
|
|
// device IDs for which the user has dismissed the verify toast ('Later')
|
|
|
|
|
this._dismissed = new Set();
|
2020-01-25 16:52:12 +00:00
|
|
|
|
// has the user dismissed any of the various nag toasts to setup encryption on this device?
|
|
|
|
|
this._dismissedThisDeviceToast = false;
|
|
|
|
|
|
|
|
|
|
// cache of the key backup info
|
|
|
|
|
this._keyBackupInfo = null;
|
|
|
|
|
this._keyBackupFetchedAt = null;
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
start() {
|
|
|
|
|
MatrixClientPeg.get().on('crypto.devicesUpdated', this._onDevicesUpdated);
|
|
|
|
|
MatrixClientPeg.get().on('deviceVerificationChanged', this._onDeviceVerificationChanged);
|
2020-01-25 16:52:12 +00:00
|
|
|
|
MatrixClientPeg.get().on('userTrustStatusChanged', this._onUserTrustStatusChanged);
|
2020-04-09 11:43:51 +00:00
|
|
|
|
MatrixClientPeg.get().on('crossSigning.keysChanged', this._onCrossSingingKeysChanged);
|
2020-03-20 18:53:31 +00:00
|
|
|
|
MatrixClientPeg.get().on('accountData', this._onAccountData);
|
2020-04-20 13:36:15 +00:00
|
|
|
|
MatrixClientPeg.get().on('sync', this._onSync);
|
2020-01-25 16:52:12 +00:00
|
|
|
|
this._recheck();
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
stop() {
|
|
|
|
|
if (MatrixClientPeg.get()) {
|
|
|
|
|
MatrixClientPeg.get().removeListener('crypto.devicesUpdated', this._onDevicesUpdated);
|
|
|
|
|
MatrixClientPeg.get().removeListener('deviceVerificationChanged', this._onDeviceVerificationChanged);
|
2020-01-25 16:52:12 +00:00
|
|
|
|
MatrixClientPeg.get().removeListener('userTrustStatusChanged', this._onUserTrustStatusChanged);
|
2020-04-09 11:43:51 +00:00
|
|
|
|
MatrixClientPeg.get().removeListener('crossSigning.keysChanged', this._onCrossSingingKeysChanged);
|
2020-03-20 18:53:31 +00:00
|
|
|
|
MatrixClientPeg.get().removeListener('accountData', this._onAccountData);
|
2020-04-20 13:36:15 +00:00
|
|
|
|
MatrixClientPeg.get().removeListener('sync', this._onSync);
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
this._dismissed.clear();
|
2020-04-24 14:58:28 +00:00
|
|
|
|
this._dismissedThisDeviceToast = false;
|
|
|
|
|
this._keyBackupInfo = null;
|
|
|
|
|
this._keyBackupFetchedAt = null;
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-04-27 17:33:54 +00:00
|
|
|
|
async dismissVerifications() {
|
|
|
|
|
const cli = MatrixClientPeg.get();
|
|
|
|
|
const devices = await cli.getStoredDevicesForUser(cli.getUserId());
|
|
|
|
|
this._dismissed = new Set(devices.filter(d => d.deviceId !== cli.deviceId).map(d => d.deviceId));
|
|
|
|
|
|
2020-01-25 16:52:12 +00:00
|
|
|
|
this._recheck();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dismissEncryptionSetup() {
|
|
|
|
|
this._dismissedThisDeviceToast = true;
|
|
|
|
|
this._recheck();
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_onDevicesUpdated = (users) => {
|
|
|
|
|
if (!users.includes(MatrixClientPeg.get().getUserId())) return;
|
2020-01-25 16:52:12 +00:00
|
|
|
|
this._recheck();
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-01-29 21:55:27 +00:00
|
|
|
|
_onDeviceVerificationChanged = (userId) => {
|
|
|
|
|
if (userId !== MatrixClientPeg.get().getUserId()) return;
|
2020-01-25 16:52:12 +00:00
|
|
|
|
this._recheck();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_onUserTrustStatusChanged = (userId, trustLevel) => {
|
|
|
|
|
if (userId !== MatrixClientPeg.get().getUserId()) return;
|
|
|
|
|
this._recheck();
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-09 11:43:51 +00:00
|
|
|
|
_onCrossSingingKeysChanged = () => {
|
|
|
|
|
this._recheck();
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-20 18:53:31 +00:00
|
|
|
|
_onAccountData = (ev) => {
|
2020-04-07 09:57:10 +00:00
|
|
|
|
// User may have:
|
|
|
|
|
// * migrated SSSS to symmetric
|
|
|
|
|
// * uploaded keys to secret storage
|
|
|
|
|
// * completed secret storage creation
|
|
|
|
|
// which result in account data changes affecting checks below.
|
|
|
|
|
if (
|
|
|
|
|
ev.getType().startsWith('m.secret_storage.') ||
|
|
|
|
|
ev.getType().startsWith('m.cross_signing.')
|
|
|
|
|
) {
|
2020-03-20 18:53:31 +00:00
|
|
|
|
this._recheck();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-20 13:36:15 +00:00
|
|
|
|
_onSync = (state, prevState) => {
|
|
|
|
|
if (state === 'PREPARED' && prevState === null) this._recheck();
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-25 16:52:12 +00:00
|
|
|
|
// The server doesn't tell us when key backup is set up, so we poll
|
|
|
|
|
// & cache the result
|
|
|
|
|
async _getKeyBackupInfo() {
|
|
|
|
|
const now = (new Date()).getTime();
|
|
|
|
|
if (!this._keyBackupInfo || this._keyBackupFetchedAt < now - KEY_BACKUP_POLL_INTERVAL) {
|
|
|
|
|
this._keyBackupInfo = await MatrixClientPeg.get().getKeyBackupVersion();
|
|
|
|
|
this._keyBackupFetchedAt = now;
|
|
|
|
|
}
|
|
|
|
|
return this._keyBackupInfo;
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-01-25 16:52:12 +00:00
|
|
|
|
async _recheck() {
|
2020-01-17 11:43:35 +00:00
|
|
|
|
const cli = MatrixClientPeg.get();
|
|
|
|
|
|
2020-03-12 18:03:18 +00:00
|
|
|
|
if (
|
2020-04-15 19:18:42 +00:00
|
|
|
|
!SettingsStore.getValue("feature_cross_signing") ||
|
2020-03-12 18:03:18 +00:00
|
|
|
|
!await cli.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing")
|
|
|
|
|
) return;
|
|
|
|
|
|
2020-01-25 16:52:12 +00:00
|
|
|
|
if (!cli.isCryptoEnabled()) return;
|
2020-04-20 13:36:15 +00:00
|
|
|
|
// don't recheck until the initial sync is complete: lots of account data events will fire
|
|
|
|
|
// while the initial sync is processing and we don't need to recheck on each one of them
|
|
|
|
|
// (we add a listener on sync to do once check after the initial sync is done)
|
|
|
|
|
if (!cli.isInitialSyncComplete()) return;
|
2020-03-23 18:36:37 +00:00
|
|
|
|
|
2020-03-24 13:03:07 +00:00
|
|
|
|
const crossSigningReady = await cli.isCrossSigningReady();
|
2020-03-23 18:36:37 +00:00
|
|
|
|
|
2020-03-27 15:45:46 +00:00
|
|
|
|
if (this._dismissedThisDeviceToast) {
|
|
|
|
|
ToastStore.sharedInstance().dismissToast(THIS_DEVICE_TOAST_KEY);
|
|
|
|
|
} else {
|
|
|
|
|
if (!crossSigningReady) {
|
2020-04-24 14:58:28 +00:00
|
|
|
|
// make sure our keys are finished downlaoding
|
|
|
|
|
await cli.downloadKeys([cli.getUserId()]);
|
2020-03-27 15:45:46 +00:00
|
|
|
|
// cross signing isn't enabled - nag to enable it
|
|
|
|
|
// There are 3 different toasts for:
|
|
|
|
|
if (cli.getStoredCrossSigningForUser(cli.getUserId())) {
|
|
|
|
|
// Cross-signing on account but this device doesn't trust the master key (verify this session)
|
2020-01-25 16:52:12 +00:00
|
|
|
|
ToastStore.sharedInstance().addOrReplaceToast({
|
|
|
|
|
key: THIS_DEVICE_TOAST_KEY,
|
2020-03-27 15:45:46 +00:00
|
|
|
|
title: _t("Verify this session"),
|
2020-01-25 16:52:12 +00:00
|
|
|
|
icon: "verification_warning",
|
2020-03-27 15:45:46 +00:00
|
|
|
|
props: {kind: 'verify_this_session'},
|
2020-01-25 16:52:12 +00:00
|
|
|
|
component: sdk.getComponent("toasts.SetupEncryptionToast"),
|
|
|
|
|
});
|
|
|
|
|
} else {
|
2020-03-27 15:45:46 +00:00
|
|
|
|
const backupInfo = await this._getKeyBackupInfo();
|
|
|
|
|
if (backupInfo) {
|
|
|
|
|
// No cross-signing on account but key backup available (upgrade encryption)
|
|
|
|
|
ToastStore.sharedInstance().addOrReplaceToast({
|
|
|
|
|
key: THIS_DEVICE_TOAST_KEY,
|
|
|
|
|
title: _t("Encryption upgrade available"),
|
|
|
|
|
icon: "verification_warning",
|
|
|
|
|
props: {kind: 'upgrade_encryption'},
|
|
|
|
|
component: sdk.getComponent("toasts.SetupEncryptionToast"),
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
// No cross-signing or key backup on account (set up encryption)
|
|
|
|
|
ToastStore.sharedInstance().addOrReplaceToast({
|
|
|
|
|
key: THIS_DEVICE_TOAST_KEY,
|
|
|
|
|
title: _t("Set up encryption"),
|
|
|
|
|
icon: "verification_warning",
|
|
|
|
|
props: {kind: 'set_up_encryption'},
|
|
|
|
|
component: sdk.getComponent("toasts.SetupEncryptionToast"),
|
|
|
|
|
});
|
|
|
|
|
}
|
2020-01-25 16:52:12 +00:00
|
|
|
|
}
|
2020-03-20 19:01:26 +00:00
|
|
|
|
return;
|
2020-03-27 15:45:46 +00:00
|
|
|
|
} else if (await cli.secretStorageKeyNeedsUpgrade()) {
|
|
|
|
|
ToastStore.sharedInstance().addOrReplaceToast({
|
|
|
|
|
key: THIS_DEVICE_TOAST_KEY,
|
|
|
|
|
title: _t("Encryption upgrade available"),
|
|
|
|
|
icon: "verification_warning",
|
|
|
|
|
props: {kind: 'upgrade_ssss'},
|
|
|
|
|
component: sdk.getComponent("toasts.SetupEncryptionToast"),
|
|
|
|
|
});
|
2020-04-02 14:07:55 +00:00
|
|
|
|
} else {
|
|
|
|
|
// cross-signing is ready, and we don't need to upgrade encryption
|
|
|
|
|
ToastStore.sharedInstance().dismissToast(THIS_DEVICE_TOAST_KEY);
|
2020-03-20 19:01:26 +00:00
|
|
|
|
}
|
2020-01-25 16:52:12 +00:00
|
|
|
|
}
|
2020-01-17 14:08:37 +00:00
|
|
|
|
|
2020-03-27 15:45:46 +00:00
|
|
|
|
// as long as cross-signing isn't ready,
|
|
|
|
|
// you can't see or dismiss any device toasts
|
|
|
|
|
if (crossSigningReady) {
|
2020-04-28 08:49:03 +00:00
|
|
|
|
let haveUnverifiedDevices = false;
|
2020-01-25 17:08:31 +00:00
|
|
|
|
|
2020-03-27 15:45:46 +00:00
|
|
|
|
const devices = await cli.getStoredDevicesForUser(cli.getUserId());
|
|
|
|
|
for (const device of devices) {
|
|
|
|
|
if (device.deviceId == cli.deviceId) continue;
|
2020-01-17 11:43:35 +00:00
|
|
|
|
|
2020-03-27 15:45:46 +00:00
|
|
|
|
const deviceTrust = await cli.checkDeviceTrust(cli.getUserId(), device.deviceId);
|
2020-04-27 17:33:54 +00:00
|
|
|
|
if (!deviceTrust.isCrossSigningVerified() && !this._dismissed.has(device.deviceId)) {
|
2020-04-28 08:42:39 +00:00
|
|
|
|
haveUnverifiedDevices = true;
|
|
|
|
|
break;
|
2020-03-27 15:45:46 +00:00
|
|
|
|
}
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
2020-01-25 17:08:31 +00:00
|
|
|
|
|
2020-04-28 08:42:39 +00:00
|
|
|
|
if (haveUnverifiedDevices) {
|
2020-04-27 17:33:54 +00:00
|
|
|
|
ToastStore.sharedInstance().addOrReplaceToast({
|
|
|
|
|
key: OTHER_DEVICES_TOAST_KEY,
|
|
|
|
|
title: _t("Review where you’re logged in"),
|
|
|
|
|
icon: "verification_warning",
|
|
|
|
|
component: sdk.getComponent("toasts.UnverifiedSessionToast"),
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
ToastStore.sharedInstance().dismissToast(OTHER_DEVICES_TOAST_KEY);
|
2020-03-27 15:45:46 +00:00
|
|
|
|
}
|
2020-01-25 17:08:31 +00:00
|
|
|
|
}
|
2020-01-17 11:43:35 +00:00
|
|
|
|
}
|
|
|
|
|
}
|