initial version of device rehydration support

2020-08-31 14:40:16 -04:00 · 2020-08-31 14:40:16 -04:00 · 1c2e05e925
commit 1c2e05e925
parent c9d98a1d19
3 changed files with 85 additions and 5 deletions
--- a/src/CrossSigningManager.js
+++ b/src/CrossSigningManager.js
@ -40,7 +40,7 @@ export class AccessCancelledError extends Error {
    }
 }

-async function confirmToDismiss() {
+export async function confirmToDismiss() {
    const QuestionDialog = sdk.getComponent("dialogs.QuestionDialog");
    const [sure] = await Modal.createDialog(QuestionDialog, {
        title: _t("Cancel entering passphrase?"),
--- a/src/Login.js
+++ b/src/Login.js
@ -18,7 +18,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

+import Modal from './Modal';
+import * as sdk from './index';
+import { AccessCancelledError, confirmToDismiss } from "./CrossSigningManager";
 import Matrix from "matrix-js-sdk";
+import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase';
+import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey';

 export default class Login {
    constructor(hsUrl, isUrl, fallbackHsUrl, opts) {
@ -159,12 +164,18 @@ export default class Login {
 * @returns {MatrixClientCreds}
 */
 export async function sendLoginRequest(hsUrl, isUrl, loginType, loginParams) {
+    let rehydrationKeyInfo;
+    let rehydrationKey;
+
    const client = Matrix.createClient({
        baseUrl: hsUrl,
        idBaseUrl: isUrl,
+        cryptoCallbacks: {
+            getDehydrationKey
+        }
    });

-    const data = await client.login(loginType, loginParams);
+    const data = await client.loginWithRehydration(null, loginType, loginParams);

    const wellknown = data.well_known;
    if (wellknown) {
@ -185,5 +196,52 @@ export async function sendLoginRequest(hsUrl, isUrl, loginType, loginParams) {
        userId: data.user_id,
        deviceId: data.device_id,
        accessToken: data.access_token,
+        rehydrationKeyInfo,
+        rehydrationKey,
+        olmAccount: data._olm_account,
    };
 }
+
+async function getDehydrationKey(keyInfo) {
+    const inputToKey = async ({ passphrase, recoveryKey }) => {
+        if (passphrase) {
+            return deriveKey(
+                passphrase,
+                keyInfo.passphrase.salt,
+                keyInfo.passphrase.iterations,
+            );
+        } else {
+            return decodeRecoveryKey(recoveryKey);
+        }
+    };
+    const AccessSecretStorageDialog =
+        sdk.getComponent("dialogs.secretstorage.AccessSecretStorageDialog");
+    const { finished } = Modal.createTrackedDialog("Access Secret Storage dialog", "",
+        AccessSecretStorageDialog,
+        /* props= */
+        {
+            keyInfo,
+            checkPrivateKey: async (input) => {
+                // FIXME:
+                return true;
+            },
+        },
+        /* className= */ null,
+        /* isPriorityModal= */ false,
+        /* isStaticModal= */ false,
+        /* options= */ {
+            onBeforeClose: async (reason) => {
+                if (reason === "backgroundClick") {
+                    return confirmToDismiss();
+                }
+                return true;
+            },
+        },
+    );
+    const [input] = await finished;
+    if (!input) {
+        throw new AccessCancelledError();
+    }
+    const key = await inputToKey(input);
+    return key;
+}
--- a/src/MatrixClientPeg.ts
+++ b/src/MatrixClientPeg.ts
@ -42,6 +42,9 @@ export interface IMatrixClientCreds {
    accessToken: string;
    guest: boolean;
    pickleKey?: string;
+    rehydrationKey?: Uint8Array;
+    rehydrationKeyInfo?: {[props: string]: any};
+    olmAccount?: any;
 }

 // TODO: Move this to the js-sdk
@ -248,12 +251,10 @@ class _MatrixClientPeg implements IMatrixClientPeg {

    private createClient(creds: IMatrixClientCreds): void {
        // TODO: Make these opts typesafe with the js-sdk
-        const opts = {
+        const opts: any = {
            baseUrl: creds.homeserverUrl,
            idBaseUrl: creds.identityServerUrl,
            accessToken: creds.accessToken,
-            userId: creds.userId,
-            deviceId: creds.deviceId,
            pickleKey: creds.pickleKey,
            timelineSupport: true,
            forceTURN: !SettingsStore.getValue('webRtcAllowPeerToPeer'),
@ -268,6 +269,23 @@ class _MatrixClientPeg implements IMatrixClientPeg {
            cryptoCallbacks: {},
        };

+        if (creds.olmAccount) {
+            opts.deviceToImport = {
+                olmDevice: {
+                    pickledAccount: creds.olmAccount.pickle("DEFAULT_KEY"),
+                    sessions: [],
+                    pickleKey: "DEFAULT_KEY",
+                },
+                userId: creds.userId,
+                deviceId: creds.deviceId,
+            };
+        } else {
+            opts.userId = creds.userId;
+            opts.deviceId = creds.deviceId;
+        }
+
+        // FIXME: modify crossSigningCallbacks.getSecretStorageKey so that it tries using rehydrationkey and/or saves the passphrase info
+
        // These are always installed regardless of the labs flag so that
        // cross-signing features can toggle on without reloading and also be
        // accessed immediately after login.
@ -275,6 +293,10 @@ class _MatrixClientPeg implements IMatrixClientPeg {

        this.matrixClient = createMatrixClient(opts);

+        if (creds.rehydrationKey) {
+            this.matrixClient.cacheDehydrationKey(creds.rehydrationKey, creds.rehydrationKeyInfo || {});
+        }
+
        // we're going to add eventlisteners for each matrix event tile, so the
        // potential number of event listeners is quite high.
        this.matrixClient.setMaxListeners(500);