Merge pull request #3887 from matrix-org/jryans/user-verif-mismatch
Change user info verification checks to use cross-signing
This commit is contained in:
commit
224528afd4
2 changed files with 38 additions and 10 deletions
|
@ -75,7 +75,7 @@ export default class DeviceListener {
|
|||
if (device.deviceId == cli.deviceId) continue;
|
||||
|
||||
const deviceTrust = await cli.checkDeviceTrust(cli.getUserId(), device.deviceId);
|
||||
if (deviceTrust.isVerified() || this._dismissed.has(device.deviceId)) {
|
||||
if (deviceTrust.isCrossSigningVerified() || this._dismissed.has(device.deviceId)) {
|
||||
ToastStore.sharedInstance().dismissToast(toastKey(device));
|
||||
} else {
|
||||
ToastStore.sharedInstance().addOrReplaceToast({
|
||||
|
|
|
@ -64,10 +64,17 @@ const _getE2EStatus = (cli, userId, devices) => {
|
|||
const hasUnverifiedDevice = devices.some((device) => device.isUnverified());
|
||||
return hasUnverifiedDevice ? "warning" : "verified";
|
||||
}
|
||||
const isMe = userId === cli.getUserId();
|
||||
const userVerified = cli.checkUserTrust(userId).isCrossSigningVerified();
|
||||
const allDevicesVerified = devices.every(device => {
|
||||
const { deviceId } = device;
|
||||
return cli.checkDeviceTrust(userId, deviceId).isCrossSigningVerified();
|
||||
// For your own devices, we use the stricter check of cross-signing
|
||||
// verification to encourage everyone to trust their own devices via
|
||||
// cross-signing so that other users can then safely trust you.
|
||||
// For other people's devices, the more general verified check that
|
||||
// includes locally verified devices can be used.
|
||||
const deviceTrust = cli.checkDeviceTrust(userId, deviceId);
|
||||
return isMe ? deviceTrust.isCrossSigningVerified() : deviceTrust.isVerified();
|
||||
});
|
||||
if (allDevicesVerified) {
|
||||
return userVerified ? "verified" : "normal";
|
||||
|
@ -128,19 +135,28 @@ function verifyUser(user) {
|
|||
|
||||
function DeviceItem({userId, device}) {
|
||||
const cli = useContext(MatrixClientContext);
|
||||
const isMe = userId === cli.getUserId();
|
||||
const deviceTrust = cli.checkDeviceTrust(userId, device.deviceId);
|
||||
// For your own devices, we use the stricter check of cross-signing
|
||||
// verification to encourage everyone to trust their own devices via
|
||||
// cross-signing so that other users can then safely trust you.
|
||||
// For other people's devices, the more general verified check that
|
||||
// includes locally verified devices can be used.
|
||||
const isVerified = (isMe && SettingsStore.isFeatureEnabled("feature_cross_signing")) ?
|
||||
deviceTrust.isCrossSigningVerified() :
|
||||
deviceTrust.isVerified();
|
||||
|
||||
const classes = classNames("mx_UserInfo_device", {
|
||||
mx_UserInfo_device_verified: deviceTrust.isVerified(),
|
||||
mx_UserInfo_device_unverified: !deviceTrust.isVerified(),
|
||||
mx_UserInfo_device_verified: isVerified,
|
||||
mx_UserInfo_device_unverified: !isVerified,
|
||||
});
|
||||
const iconClasses = classNames("mx_E2EIcon", {
|
||||
mx_E2EIcon_verified: deviceTrust.isVerified(),
|
||||
mx_E2EIcon_warning: !deviceTrust.isVerified(),
|
||||
mx_E2EIcon_verified: isVerified,
|
||||
mx_E2EIcon_warning: !isVerified,
|
||||
});
|
||||
|
||||
const onDeviceClick = () => {
|
||||
if (!deviceTrust.isVerified()) {
|
||||
if (!isVerified) {
|
||||
verifyDevice(userId, device);
|
||||
}
|
||||
};
|
||||
|
@ -148,7 +164,7 @@ function DeviceItem({userId, device}) {
|
|||
const deviceName = device.ambiguous ?
|
||||
(device.getDisplayName() ? device.getDisplayName() : "") + " (" + device.deviceId + ")" :
|
||||
device.getDisplayName();
|
||||
const trustedLabel = deviceTrust.isVerified() ? _t("Trusted") : _t("Not trusted");
|
||||
const trustedLabel = isVerified ? _t("Trusted") : _t("Not trusted");
|
||||
return (<AccessibleButton className={classes} onClick={onDeviceClick}>
|
||||
<div className={iconClasses} />
|
||||
<div className="mx_UserInfo_device_name">{deviceName}</div>
|
||||
|
@ -169,6 +185,7 @@ function DevicesSection({devices, userId, loading}) {
|
|||
if (devices === null) {
|
||||
return _t("Unable to load device list");
|
||||
}
|
||||
const isMe = userId === cli.getUserId();
|
||||
const deviceTrusts = devices.map(d => cli.checkDeviceTrust(userId, d.deviceId));
|
||||
|
||||
const unverifiedDevices = [];
|
||||
|
@ -177,8 +194,16 @@ function DevicesSection({devices, userId, loading}) {
|
|||
for (let i = 0; i < devices.length; ++i) {
|
||||
const device = devices[i];
|
||||
const deviceTrust = deviceTrusts[i];
|
||||
// For your own devices, we use the stricter check of cross-signing
|
||||
// verification to encourage everyone to trust their own devices via
|
||||
// cross-signing so that other users can then safely trust you.
|
||||
// For other people's devices, the more general verified check that
|
||||
// includes locally verified devices can be used.
|
||||
const isVerified = (isMe && SettingsStore.isFeatureEnabled("feature_cross_signing")) ?
|
||||
deviceTrust.isCrossSigningVerified() :
|
||||
deviceTrust.isVerified();
|
||||
|
||||
if (deviceTrust.isVerified()) {
|
||||
if (isVerified) {
|
||||
verifiedDevices.push(device);
|
||||
} else {
|
||||
unverifiedDevices.push(device);
|
||||
|
@ -1277,7 +1302,10 @@ const UserInfo = ({user, groupId, roomId, onClose}) => {
|
|||
text = _t("Messages in this room are end-to-end encrypted.");
|
||||
}
|
||||
|
||||
const userVerified = cli.checkUserTrust(user.userId).isVerified();
|
||||
const userTrust = cli.checkUserTrust(user.userId);
|
||||
const userVerified = SettingsStore.isFeatureEnabled("feature_cross_signing") ?
|
||||
userTrust.isCrossSigningVerified() :
|
||||
userTrust.isVerified();
|
||||
const isMe = user.userId === cli.getUserId();
|
||||
let verifyButton;
|
||||
if (!userVerified && !isMe) {
|
||||
|
|
Loading…
Reference in a new issue