Merge pull request #5169 from matrix-org/jryans/defer-cross-signing-setup

Prep work for Settings changes with cross-signing deferral

res/css/views/settings/tabs/_SettingsTab.scss

@@ -1,5 +1,5 @@
 /*
-Copyright 2019 New Vector Ltd
+Copyright 2019, 2020 New Vector Ltd
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -22,6 +22,7 @@ limitations under the License.
     font-size: $font-20px;
     font-weight: 600;
     color: $primary-fg-color;
+    margin-bottom: 10px;
 }
 
 .mx_SettingsTab_heading:nth-child(n + 2) {

src/DeviceListener.ts

@@ -30,7 +30,7 @@ import {
     showToast as showUnverifiedSessionsToast,
 } from "./toasts/UnverifiedSessionToast";
 import { privateShouldBeEncrypted } from "./createRoom";
-import { isSecretStorageBeingAccessed, accessSecretStorage } from "./CrossSigningManager";
+import { isSecretStorageBeingAccessed, accessSecretStorage } from "./SecurityManager";
 import { isSecureBackupRequired } from './utils/WellKnownUtils';
 import { isLoggedIn } from './components/structures/MatrixChat';
 

src/MatrixClientPeg.ts

@@ -31,7 +31,7 @@ import {verificationMethods} from 'matrix-js-sdk/src/crypto';
 import MatrixClientBackedSettingsHandler from "./settings/handlers/MatrixClientBackedSettingsHandler";
 import * as StorageManager from './utils/StorageManager';
 import IdentityAuthClient from './IdentityAuthClient';
-import { crossSigningCallbacks } from './CrossSigningManager';
+import { crossSigningCallbacks } from './SecurityManager';
 import {SHOW_QR_CODE_METHOD} from "matrix-js-sdk/src/crypto/verification/QRCode";
 
 export interface IMatrixClientCreds {

src/SecurityManager.js

@@ -1,5 +1,5 @@
 /*
-Copyright 2019 The Matrix.org Foundation C.I.C.
+Copyright 2019, 2020 The Matrix.org Foundation C.I.C.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -142,7 +142,7 @@ const onSecretRequested = async function({
         return;
     }
     if (!deviceTrust || !deviceTrust.isVerified()) {
-        console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`);
+        console.log(`Ignoring secret request from untrusted device ${deviceId}`);
         return;
     }
     if (

src/async-components/views/dialogs/keybackup/CreateKeyBackupDialog.js

@@ -21,7 +21,7 @@ import * as sdk from '../../../../index';
 import {MatrixClientPeg} from '../../../../MatrixClientPeg';
 import PropTypes from 'prop-types';
 import {_t, _td} from '../../../../languageHandler';
-import { accessSecretStorage } from '../../../../CrossSigningManager';
+import { accessSecretStorage } from '../../../../SecurityManager';
 import AccessibleButton from "../../../../components/views/elements/AccessibleButton";
 import {copyNode} from "../../../../utils/strings";
 import PassphraseField from "../../../../components/views/auth/PassphraseField";

src/async-components/views/dialogs/secretstorage/CreateSecretStorageDialog.js

@@ -22,7 +22,7 @@ import {MatrixClientPeg} from '../../../../MatrixClientPeg';
 import FileSaver from 'file-saver';
 import {_t, _td} from '../../../../languageHandler';
 import Modal from '../../../../Modal';
-import { promptForBackupPassphrase } from '../../../../CrossSigningManager';
+import { promptForBackupPassphrase } from '../../../../SecurityManager';
 import {copyNode} from "../../../../utils/strings";
 import {SSOAuthEntry} from "../../../../components/views/auth/InteractiveAuthEntryComponents";
 import PassphraseField from "../../../../components/views/auth/PassphraseField";

src/components/views/dialogs/keybackup/RestoreKeyBackupDialog.js

@@ -21,7 +21,7 @@ import * as sdk from '../../../../index';
 import {MatrixClientPeg} from '../../../../MatrixClientPeg';
 import { MatrixClient } from 'matrix-js-sdk';
 import { _t } from '../../../../languageHandler';
-import { accessSecretStorage } from '../../../../CrossSigningManager';
+import { accessSecretStorage } from '../../../../SecurityManager';
 
 const RESTORE_TYPE_PASSPHRASE = 0;
 const RESTORE_TYPE_RECOVERYKEY = 1;

src/components/views/settings/CrossSigningPanel.js

@@ -19,8 +19,9 @@ import React from 'react';
 import {MatrixClientPeg} from '../../../MatrixClientPeg';
 import { _t } from '../../../languageHandler';
 import * as sdk from '../../../index';
-import { accessSecretStorage } from '../../../CrossSigningManager';
+import { accessSecretStorage } from '../../../SecurityManager';
 import Modal from '../../../Modal';
+import Spinner from '../elements/Spinner';
 
 export default class CrossSigningPanel extends React.PureComponent {
     constructor(props) {
@@ -163,8 +164,7 @@ export default class CrossSigningPanel extends React.PureComponent {
 
         let summarisedStatus;
         if (homeserverSupportsCrossSigning === undefined) {
-            const InlineSpinner = sdk.getComponent('views.elements.InlineSpinner');
+            summarisedStatus = <Spinner />;
-            summarisedStatus = <p><InlineSpinner /></p>;
         } else if (!homeserverSupportsCrossSigning) {
             summarisedStatus = <p>{_t(
                 "Your homeserver does not support cross-signing.",

src/components/views/settings/E2eAdvancedPanel.js

@@ -25,7 +25,7 @@ const SETTING_MANUALLY_VERIFY_ALL_SESSIONS = "e2ee.manuallyVerifyAllSessions";
 const E2eAdvancedPanel = props => {
     const SettingsFlag = sdk.getComponent('views.elements.SettingsFlag');
     return <div className="mx_SettingsTab_section">
-        <span className="mx_SettingsTab_subheading">{_t("Advanced")}</span>
+        <span className="mx_SettingsTab_subheading">{_t("Encryption")}</span>
 
         <SettingsFlag name={SETTING_MANUALLY_VERIFY_ALL_SESSIONS}
             level={SettingLevel.DEVICE}

src/components/views/settings/tabs/user/SecurityUserSettingsTab.js

@@ -332,9 +332,8 @@ export default class SecurityUserSettingsTab extends React.Component {
         return (
             <div className="mx_SettingsTab mx_SecurityUserSettingsTab">
                 {warning}
-                <div className="mx_SettingsTab_heading">{_t("Security & Privacy")}</div>
+                <div className="mx_SettingsTab_heading">{_t("Where you’re logged in")}</div>
                 <div className="mx_SettingsTab_section">
-                    <span className="mx_SettingsTab_subheading">{_t("Where you’re logged in")}</span>
                     <span>
                         {_t(
                             "Manage the names of and sign out of your sessions below or " +
@@ -351,11 +350,15 @@ export default class SecurityUserSettingsTab extends React.Component {
                         <DevicesPanel />
                     </div>
                 </div>
+                <div className="mx_SettingsTab_heading">{_t("Encryption")}</div>
+                <div className="mx_SettingsTab_section">
                     {keyBackup}
                     {eventIndex}
                     {crossSigning}
                     {this._renderCurrentDeviceInfo()}
-                <div className='mx_SettingsTab_section'>
+                </div>
+                <div className="mx_SettingsTab_heading">{_t("Privacy")}</div>
+                <div className="mx_SettingsTab_section">
                     <span className="mx_SettingsTab_subheading">{_t("Analytics")}</span>
                     <div className='mx_SettingsTab_subsectionText'>
                         {_t(
@@ -372,10 +375,13 @@ export default class SecurityUserSettingsTab extends React.Component {
                     <SettingsFlag name='analyticsOptIn' level={SettingLevel.DEVICE}
                                   onChange={this._updateAnalytics} />
                 </div>
+                <div className="mx_SettingsTab_heading">{_t("Advanced")}</div>
+                <div className="mx_SettingsTab_section">
                     {this._renderIgnoredUsers()}
                     {this._renderManageInvites()}
                     <E2eAdvancedPanel />
                 </div>
+            </div>
         );
     }
 }

src/i18n/strings/en_EN.json

@@ -62,11 +62,6 @@
     "Server may be unavailable, overloaded, or you hit a bug.": "Server may be unavailable, overloaded, or you hit a bug.",
     "The server does not support the room version specified.": "The server does not support the room version specified.",
     "Failure to create room": "Failure to create room",
-    "Cancel entering passphrase?": "Cancel entering passphrase?",
-    "Are you sure you want to cancel entering passphrase?": "Are you sure you want to cancel entering passphrase?",
-    "Go Back": "Go Back",
-    "Cancel": "Cancel",
-    "Setting up keys": "Setting up keys",
     "Sun": "Sun",
     "Mon": "Mon",
     "Tue": "Tue",
@@ -142,6 +137,11 @@
     "Missing room_id in request": "Missing room_id in request",
     "Room %(roomId)s not visible": "Room %(roomId)s not visible",
     "Missing user_id in request": "Missing user_id in request",
+    "Cancel entering passphrase?": "Cancel entering passphrase?",
+    "Are you sure you want to cancel entering passphrase?": "Are you sure you want to cancel entering passphrase?",
+    "Go Back": "Go Back",
+    "Cancel": "Cancel",
+    "Setting up keys": "Setting up keys",
     "Messages": "Messages",
     "Actions": "Actions",
     "Advanced": "Advanced",
@@ -684,6 +684,7 @@
     "Public Name": "Public Name",
     "Last seen": "Last seen",
     "Failed to set display name": "Failed to set display name",
+    "Encryption": "Encryption",
     "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.": "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.",
     "Securely cache encrypted messages locally for them to appear in search results, using ": "Securely cache encrypted messages locally for them to appear in search results, using ",
     " to store messages from ": " to store messages from ",
@@ -907,10 +908,10 @@
     "Message search": "Message search",
     "Cross-signing": "Cross-signing",
     "Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.": "Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.",
-    "Security & Privacy": "Security & Privacy",
     "Where you’re logged in": "Where you’re logged in",
     "Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.": "Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.",
     "A session's public name is visible to people you communicate with": "A session's public name is visible to people you communicate with",
+    "Privacy": "Privacy",
     "%(brand)s collects anonymous analytics to allow us to improve the application.": "%(brand)s collects anonymous analytics to allow us to improve the application.",
     "Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.": "Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.",
     "Learn more about how we use analytics.": "Learn more about how we use analytics.",
@@ -993,7 +994,7 @@
     "Members only (since the point in time of selecting this option)": "Members only (since the point in time of selecting this option)",
     "Members only (since they were invited)": "Members only (since they were invited)",
     "Members only (since they joined)": "Members only (since they joined)",
-    "Encryption": "Encryption",
+    "Security & Privacy": "Security & Privacy",
     "Once enabled, encryption cannot be disabled.": "Once enabled, encryption cannot be disabled.",
     "Encrypted": "Encrypted",
     "Who can access this room?": "Who can access this room?",

src/rageshake/submit-rageshake.ts

@@ -90,32 +90,31 @@ async function collectBugReport(opts: IOpts = {}, gzipLogs = true) {
             body.append('device_keys', keys.join(', '));
             body.append('cross_signing_key', client.getCrossSigningId());
 
-            body.append('device_keys', keys.join(', '));
-
             // add cross-signing status information
             const crossSigning = client._crypto._crossSigningInfo;
             const secretStorage = client._crypto._secretStorage;
 
+            body.append("cross_signing_ready", String(await client.isCrossSigningReady()));
+            body.append("cross_signing_supported_by_hs",
+                String(await client.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing")));
             body.append("cross_signing_key", crossSigning.getId());
-            body.append("cross_signing_pk_in_ssss",
+            body.append("cross_signing_pk_in_secret_storage",
                 String(!!(await crossSigning.isStoredInSecretStorage(secretStorage))));
-            body.append("ssss_key_in_account", String(!!(await secretStorage.hasKey())));
 
             const pkCache = client.getCrossSigningCacheCallbacks();
-            body.append("master_pk_cached",
+            body.append("cross_signing_master_pk_cached",
                 String(!!(pkCache && await pkCache.getCrossSigningKeyCache("master"))));
-            body.append("self_signing_pk_cached",
+            body.append("cross_signing_self_signing_pk_cached",
                 String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"))));
-            body.append("user_signing_pk_cached",
+            body.append("cross_signing_user_signing_pk_cached",
                 String(!!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing"))));
 
+            body.append("secret_storage_ready", String(await client.isSecretStorageReady()));
+            body.append("secret_storage_key_in_account", String(!!(await secretStorage.hasKey())));
+
             const sessionBackupKeyFromCache = await client._crypto.getSessionBackupPrivateKey();
             body.append("session_backup_key_cached", String(!!sessionBackupKeyFromCache));
             body.append("session_backup_key_well_formed", String(sessionBackupKeyFromCache instanceof Uint8Array));
-            body.append("cross_signing_supported_by_hs",
-                String(await client.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing")));
-            body.append("cross_signing_ready", String(await client.isCrossSigningReady()));
-            body.append("secret_storage_ready", String(await client.isSecretStorageReady()));
         }
     }
 

src/stores/SetupEncryptionStore.js

@@ -16,7 +16,7 @@ limitations under the License.
 
 import EventEmitter from 'events';
 import { MatrixClientPeg } from '../MatrixClientPeg';
-import { accessSecretStorage, AccessCancelledError } from '../CrossSigningManager';
+import { accessSecretStorage, AccessCancelledError } from '../SecurityManager';
 import { PHASE_DONE as VERIF_PHASE_DONE } from "matrix-js-sdk/src/crypto/verification/request/VerificationRequest";
 
 export const PHASE_INTRO = 0;

src/toasts/SetupEncryptionToast.ts

@@ -19,7 +19,7 @@ import * as sdk from "../index";
 import { _t } from "../languageHandler";
 import DeviceListener from "../DeviceListener";
 import SetupEncryptionDialog from "../components/views/dialogs/SetupEncryptionDialog";
-import { accessSecretStorage } from "../CrossSigningManager";
+import { accessSecretStorage } from "../SecurityManager";
 import ToastStore from "../stores/ToastStore";
 import GenericToast from "../components/views/toasts/GenericToast";
 

src/verification.js

@@ -21,7 +21,7 @@ import * as sdk from './index';
 import { _t } from './languageHandler';
 import {RightPanelPhases} from "./stores/RightPanelStorePhases";
 import {findDMForUser} from './createRoom';
-import {accessSecretStorage} from './CrossSigningManager';
+import {accessSecretStorage} from './SecurityManager';
 import {verificationMethods} from 'matrix-js-sdk/src/crypto';
 import {Action} from './dispatcher/actions';