Merge pull request #5169 from matrix-org/jryans/defer-cross-signing-setup

Prep work for Settings changes with cross-signing deferral
This commit is contained in:
J. Ryan Stinnett 2020-09-04 12:51:25 +01:00 committed by GitHub
commit 7b1031d6a6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 50 additions and 43 deletions

View file

@ -1,5 +1,5 @@
/* /*
Copyright 2019 New Vector Ltd Copyright 2019, 2020 New Vector Ltd
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
@ -22,6 +22,7 @@ limitations under the License.
font-size: $font-20px; font-size: $font-20px;
font-weight: 600; font-weight: 600;
color: $primary-fg-color; color: $primary-fg-color;
margin-bottom: 10px;
} }
.mx_SettingsTab_heading:nth-child(n + 2) { .mx_SettingsTab_heading:nth-child(n + 2) {

View file

@ -30,7 +30,7 @@ import {
showToast as showUnverifiedSessionsToast, showToast as showUnverifiedSessionsToast,
} from "./toasts/UnverifiedSessionToast"; } from "./toasts/UnverifiedSessionToast";
import { privateShouldBeEncrypted } from "./createRoom"; import { privateShouldBeEncrypted } from "./createRoom";
import { isSecretStorageBeingAccessed, accessSecretStorage } from "./CrossSigningManager"; import { isSecretStorageBeingAccessed, accessSecretStorage } from "./SecurityManager";
import { isSecureBackupRequired } from './utils/WellKnownUtils'; import { isSecureBackupRequired } from './utils/WellKnownUtils';
import { isLoggedIn } from './components/structures/MatrixChat'; import { isLoggedIn } from './components/structures/MatrixChat';

View file

@ -31,7 +31,7 @@ import {verificationMethods} from 'matrix-js-sdk/src/crypto';
import MatrixClientBackedSettingsHandler from "./settings/handlers/MatrixClientBackedSettingsHandler"; import MatrixClientBackedSettingsHandler from "./settings/handlers/MatrixClientBackedSettingsHandler";
import * as StorageManager from './utils/StorageManager'; import * as StorageManager from './utils/StorageManager';
import IdentityAuthClient from './IdentityAuthClient'; import IdentityAuthClient from './IdentityAuthClient';
import { crossSigningCallbacks } from './CrossSigningManager'; import { crossSigningCallbacks } from './SecurityManager';
import {SHOW_QR_CODE_METHOD} from "matrix-js-sdk/src/crypto/verification/QRCode"; import {SHOW_QR_CODE_METHOD} from "matrix-js-sdk/src/crypto/verification/QRCode";
export interface IMatrixClientCreds { export interface IMatrixClientCreds {

View file

@ -1,5 +1,5 @@
/* /*
Copyright 2019 The Matrix.org Foundation C.I.C. Copyright 2019, 2020 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
@ -142,7 +142,7 @@ const onSecretRequested = async function({
return; return;
} }
if (!deviceTrust || !deviceTrust.isVerified()) { if (!deviceTrust || !deviceTrust.isVerified()) {
console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`); console.log(`Ignoring secret request from untrusted device ${deviceId}`);
return; return;
} }
if ( if (

View file

@ -21,7 +21,7 @@ import * as sdk from '../../../../index';
import {MatrixClientPeg} from '../../../../MatrixClientPeg'; import {MatrixClientPeg} from '../../../../MatrixClientPeg';
import PropTypes from 'prop-types'; import PropTypes from 'prop-types';
import {_t, _td} from '../../../../languageHandler'; import {_t, _td} from '../../../../languageHandler';
import { accessSecretStorage } from '../../../../CrossSigningManager'; import { accessSecretStorage } from '../../../../SecurityManager';
import AccessibleButton from "../../../../components/views/elements/AccessibleButton"; import AccessibleButton from "../../../../components/views/elements/AccessibleButton";
import {copyNode} from "../../../../utils/strings"; import {copyNode} from "../../../../utils/strings";
import PassphraseField from "../../../../components/views/auth/PassphraseField"; import PassphraseField from "../../../../components/views/auth/PassphraseField";

View file

@ -22,7 +22,7 @@ import {MatrixClientPeg} from '../../../../MatrixClientPeg';
import FileSaver from 'file-saver'; import FileSaver from 'file-saver';
import {_t, _td} from '../../../../languageHandler'; import {_t, _td} from '../../../../languageHandler';
import Modal from '../../../../Modal'; import Modal from '../../../../Modal';
import { promptForBackupPassphrase } from '../../../../CrossSigningManager'; import { promptForBackupPassphrase } from '../../../../SecurityManager';
import {copyNode} from "../../../../utils/strings"; import {copyNode} from "../../../../utils/strings";
import {SSOAuthEntry} from "../../../../components/views/auth/InteractiveAuthEntryComponents"; import {SSOAuthEntry} from "../../../../components/views/auth/InteractiveAuthEntryComponents";
import PassphraseField from "../../../../components/views/auth/PassphraseField"; import PassphraseField from "../../../../components/views/auth/PassphraseField";

View file

@ -21,7 +21,7 @@ import * as sdk from '../../../../index';
import {MatrixClientPeg} from '../../../../MatrixClientPeg'; import {MatrixClientPeg} from '../../../../MatrixClientPeg';
import { MatrixClient } from 'matrix-js-sdk'; import { MatrixClient } from 'matrix-js-sdk';
import { _t } from '../../../../languageHandler'; import { _t } from '../../../../languageHandler';
import { accessSecretStorage } from '../../../../CrossSigningManager'; import { accessSecretStorage } from '../../../../SecurityManager';
const RESTORE_TYPE_PASSPHRASE = 0; const RESTORE_TYPE_PASSPHRASE = 0;
const RESTORE_TYPE_RECOVERYKEY = 1; const RESTORE_TYPE_RECOVERYKEY = 1;

View file

@ -19,8 +19,9 @@ import React from 'react';
import {MatrixClientPeg} from '../../../MatrixClientPeg'; import {MatrixClientPeg} from '../../../MatrixClientPeg';
import { _t } from '../../../languageHandler'; import { _t } from '../../../languageHandler';
import * as sdk from '../../../index'; import * as sdk from '../../../index';
import { accessSecretStorage } from '../../../CrossSigningManager'; import { accessSecretStorage } from '../../../SecurityManager';
import Modal from '../../../Modal'; import Modal from '../../../Modal';
import Spinner from '../elements/Spinner';
export default class CrossSigningPanel extends React.PureComponent { export default class CrossSigningPanel extends React.PureComponent {
constructor(props) { constructor(props) {
@ -163,8 +164,7 @@ export default class CrossSigningPanel extends React.PureComponent {
let summarisedStatus; let summarisedStatus;
if (homeserverSupportsCrossSigning === undefined) { if (homeserverSupportsCrossSigning === undefined) {
const InlineSpinner = sdk.getComponent('views.elements.InlineSpinner'); summarisedStatus = <Spinner />;
summarisedStatus = <p><InlineSpinner /></p>;
} else if (!homeserverSupportsCrossSigning) { } else if (!homeserverSupportsCrossSigning) {
summarisedStatus = <p>{_t( summarisedStatus = <p>{_t(
"Your homeserver does not support cross-signing.", "Your homeserver does not support cross-signing.",

View file

@ -25,7 +25,7 @@ const SETTING_MANUALLY_VERIFY_ALL_SESSIONS = "e2ee.manuallyVerifyAllSessions";
const E2eAdvancedPanel = props => { const E2eAdvancedPanel = props => {
const SettingsFlag = sdk.getComponent('views.elements.SettingsFlag'); const SettingsFlag = sdk.getComponent('views.elements.SettingsFlag');
return <div className="mx_SettingsTab_section"> return <div className="mx_SettingsTab_section">
<span className="mx_SettingsTab_subheading">{_t("Advanced")}</span> <span className="mx_SettingsTab_subheading">{_t("Encryption")}</span>
<SettingsFlag name={SETTING_MANUALLY_VERIFY_ALL_SESSIONS} <SettingsFlag name={SETTING_MANUALLY_VERIFY_ALL_SESSIONS}
level={SettingLevel.DEVICE} level={SettingLevel.DEVICE}

View file

@ -332,9 +332,8 @@ export default class SecurityUserSettingsTab extends React.Component {
return ( return (
<div className="mx_SettingsTab mx_SecurityUserSettingsTab"> <div className="mx_SettingsTab mx_SecurityUserSettingsTab">
{warning} {warning}
<div className="mx_SettingsTab_heading">{_t("Security & Privacy")}</div> <div className="mx_SettingsTab_heading">{_t("Where youre logged in")}</div>
<div className="mx_SettingsTab_section"> <div className="mx_SettingsTab_section">
<span className="mx_SettingsTab_subheading">{_t("Where youre logged in")}</span>
<span> <span>
{_t( {_t(
"Manage the names of and sign out of your sessions below or " + "Manage the names of and sign out of your sessions below or " +
@ -351,11 +350,15 @@ export default class SecurityUserSettingsTab extends React.Component {
<DevicesPanel /> <DevicesPanel />
</div> </div>
</div> </div>
{keyBackup} <div className="mx_SettingsTab_heading">{_t("Encryption")}</div>
{eventIndex} <div className="mx_SettingsTab_section">
{crossSigning} {keyBackup}
{this._renderCurrentDeviceInfo()} {eventIndex}
<div className='mx_SettingsTab_section'> {crossSigning}
{this._renderCurrentDeviceInfo()}
</div>
<div className="mx_SettingsTab_heading">{_t("Privacy")}</div>
<div className="mx_SettingsTab_section">
<span className="mx_SettingsTab_subheading">{_t("Analytics")}</span> <span className="mx_SettingsTab_subheading">{_t("Analytics")}</span>
<div className='mx_SettingsTab_subsectionText'> <div className='mx_SettingsTab_subsectionText'>
{_t( {_t(
@ -372,9 +375,12 @@ export default class SecurityUserSettingsTab extends React.Component {
<SettingsFlag name='analyticsOptIn' level={SettingLevel.DEVICE} <SettingsFlag name='analyticsOptIn' level={SettingLevel.DEVICE}
onChange={this._updateAnalytics} /> onChange={this._updateAnalytics} />
</div> </div>
{this._renderIgnoredUsers()} <div className="mx_SettingsTab_heading">{_t("Advanced")}</div>
{this._renderManageInvites()} <div className="mx_SettingsTab_section">
<E2eAdvancedPanel /> {this._renderIgnoredUsers()}
{this._renderManageInvites()}
<E2eAdvancedPanel />
</div>
</div> </div>
); );
} }

View file

@ -62,11 +62,6 @@
"Server may be unavailable, overloaded, or you hit a bug.": "Server may be unavailable, overloaded, or you hit a bug.", "Server may be unavailable, overloaded, or you hit a bug.": "Server may be unavailable, overloaded, or you hit a bug.",
"The server does not support the room version specified.": "The server does not support the room version specified.", "The server does not support the room version specified.": "The server does not support the room version specified.",
"Failure to create room": "Failure to create room", "Failure to create room": "Failure to create room",
"Cancel entering passphrase?": "Cancel entering passphrase?",
"Are you sure you want to cancel entering passphrase?": "Are you sure you want to cancel entering passphrase?",
"Go Back": "Go Back",
"Cancel": "Cancel",
"Setting up keys": "Setting up keys",
"Sun": "Sun", "Sun": "Sun",
"Mon": "Mon", "Mon": "Mon",
"Tue": "Tue", "Tue": "Tue",
@ -142,6 +137,11 @@
"Missing room_id in request": "Missing room_id in request", "Missing room_id in request": "Missing room_id in request",
"Room %(roomId)s not visible": "Room %(roomId)s not visible", "Room %(roomId)s not visible": "Room %(roomId)s not visible",
"Missing user_id in request": "Missing user_id in request", "Missing user_id in request": "Missing user_id in request",
"Cancel entering passphrase?": "Cancel entering passphrase?",
"Are you sure you want to cancel entering passphrase?": "Are you sure you want to cancel entering passphrase?",
"Go Back": "Go Back",
"Cancel": "Cancel",
"Setting up keys": "Setting up keys",
"Messages": "Messages", "Messages": "Messages",
"Actions": "Actions", "Actions": "Actions",
"Advanced": "Advanced", "Advanced": "Advanced",
@ -684,6 +684,7 @@
"Public Name": "Public Name", "Public Name": "Public Name",
"Last seen": "Last seen", "Last seen": "Last seen",
"Failed to set display name": "Failed to set display name", "Failed to set display name": "Failed to set display name",
"Encryption": "Encryption",
"Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.": "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.", "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.": "Individually verify each session used by a user to mark it as trusted, not trusting cross-signed devices.",
"Securely cache encrypted messages locally for them to appear in search results, using ": "Securely cache encrypted messages locally for them to appear in search results, using ", "Securely cache encrypted messages locally for them to appear in search results, using ": "Securely cache encrypted messages locally for them to appear in search results, using ",
" to store messages from ": " to store messages from ", " to store messages from ": " to store messages from ",
@ -907,10 +908,10 @@
"Message search": "Message search", "Message search": "Message search",
"Cross-signing": "Cross-signing", "Cross-signing": "Cross-signing",
"Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.": "Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.", "Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.": "Your server admin has disabled end-to-end encryption by default in private rooms & Direct Messages.",
"Security & Privacy": "Security & Privacy",
"Where youre logged in": "Where youre logged in", "Where youre logged in": "Where youre logged in",
"Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.": "Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.", "Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.": "Manage the names of and sign out of your sessions below or <a>verify them in your User Profile</a>.",
"A session's public name is visible to people you communicate with": "A session's public name is visible to people you communicate with", "A session's public name is visible to people you communicate with": "A session's public name is visible to people you communicate with",
"Privacy": "Privacy",
"%(brand)s collects anonymous analytics to allow us to improve the application.": "%(brand)s collects anonymous analytics to allow us to improve the application.", "%(brand)s collects anonymous analytics to allow us to improve the application.": "%(brand)s collects anonymous analytics to allow us to improve the application.",
"Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.": "Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.", "Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.": "Privacy is important to us, so we don't collect any personal or identifiable data for our analytics.",
"Learn more about how we use analytics.": "Learn more about how we use analytics.", "Learn more about how we use analytics.": "Learn more about how we use analytics.",
@ -993,7 +994,7 @@
"Members only (since the point in time of selecting this option)": "Members only (since the point in time of selecting this option)", "Members only (since the point in time of selecting this option)": "Members only (since the point in time of selecting this option)",
"Members only (since they were invited)": "Members only (since they were invited)", "Members only (since they were invited)": "Members only (since they were invited)",
"Members only (since they joined)": "Members only (since they joined)", "Members only (since they joined)": "Members only (since they joined)",
"Encryption": "Encryption", "Security & Privacy": "Security & Privacy",
"Once enabled, encryption cannot be disabled.": "Once enabled, encryption cannot be disabled.", "Once enabled, encryption cannot be disabled.": "Once enabled, encryption cannot be disabled.",
"Encrypted": "Encrypted", "Encrypted": "Encrypted",
"Who can access this room?": "Who can access this room?", "Who can access this room?": "Who can access this room?",

View file

@ -90,32 +90,31 @@ async function collectBugReport(opts: IOpts = {}, gzipLogs = true) {
body.append('device_keys', keys.join(', ')); body.append('device_keys', keys.join(', '));
body.append('cross_signing_key', client.getCrossSigningId()); body.append('cross_signing_key', client.getCrossSigningId());
body.append('device_keys', keys.join(', '));
// add cross-signing status information // add cross-signing status information
const crossSigning = client._crypto._crossSigningInfo; const crossSigning = client._crypto._crossSigningInfo;
const secretStorage = client._crypto._secretStorage; const secretStorage = client._crypto._secretStorage;
body.append("cross_signing_ready", String(await client.isCrossSigningReady()));
body.append("cross_signing_supported_by_hs",
String(await client.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing")));
body.append("cross_signing_key", crossSigning.getId()); body.append("cross_signing_key", crossSigning.getId());
body.append("cross_signing_pk_in_ssss", body.append("cross_signing_pk_in_secret_storage",
String(!!(await crossSigning.isStoredInSecretStorage(secretStorage)))); String(!!(await crossSigning.isStoredInSecretStorage(secretStorage))));
body.append("ssss_key_in_account", String(!!(await secretStorage.hasKey())));
const pkCache = client.getCrossSigningCacheCallbacks(); const pkCache = client.getCrossSigningCacheCallbacks();
body.append("master_pk_cached", body.append("cross_signing_master_pk_cached",
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("master")))); String(!!(pkCache && await pkCache.getCrossSigningKeyCache("master"))));
body.append("self_signing_pk_cached", body.append("cross_signing_self_signing_pk_cached",
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing")))); String(!!(pkCache && await pkCache.getCrossSigningKeyCache("self_signing"))));
body.append("user_signing_pk_cached", body.append("cross_signing_user_signing_pk_cached",
String(!!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing")))); String(!!(pkCache && await pkCache.getCrossSigningKeyCache("user_signing"))));
body.append("secret_storage_ready", String(await client.isSecretStorageReady()));
body.append("secret_storage_key_in_account", String(!!(await secretStorage.hasKey())));
const sessionBackupKeyFromCache = await client._crypto.getSessionBackupPrivateKey(); const sessionBackupKeyFromCache = await client._crypto.getSessionBackupPrivateKey();
body.append("session_backup_key_cached", String(!!sessionBackupKeyFromCache)); body.append("session_backup_key_cached", String(!!sessionBackupKeyFromCache));
body.append("session_backup_key_well_formed", String(sessionBackupKeyFromCache instanceof Uint8Array)); body.append("session_backup_key_well_formed", String(sessionBackupKeyFromCache instanceof Uint8Array));
body.append("cross_signing_supported_by_hs",
String(await client.doesServerSupportUnstableFeature("org.matrix.e2e_cross_signing")));
body.append("cross_signing_ready", String(await client.isCrossSigningReady()));
body.append("secret_storage_ready", String(await client.isSecretStorageReady()));
} }
} }

View file

@ -16,7 +16,7 @@ limitations under the License.
import EventEmitter from 'events'; import EventEmitter from 'events';
import { MatrixClientPeg } from '../MatrixClientPeg'; import { MatrixClientPeg } from '../MatrixClientPeg';
import { accessSecretStorage, AccessCancelledError } from '../CrossSigningManager'; import { accessSecretStorage, AccessCancelledError } from '../SecurityManager';
import { PHASE_DONE as VERIF_PHASE_DONE } from "matrix-js-sdk/src/crypto/verification/request/VerificationRequest"; import { PHASE_DONE as VERIF_PHASE_DONE } from "matrix-js-sdk/src/crypto/verification/request/VerificationRequest";
export const PHASE_INTRO = 0; export const PHASE_INTRO = 0;

View file

@ -19,7 +19,7 @@ import * as sdk from "../index";
import { _t } from "../languageHandler"; import { _t } from "../languageHandler";
import DeviceListener from "../DeviceListener"; import DeviceListener from "../DeviceListener";
import SetupEncryptionDialog from "../components/views/dialogs/SetupEncryptionDialog"; import SetupEncryptionDialog from "../components/views/dialogs/SetupEncryptionDialog";
import { accessSecretStorage } from "../CrossSigningManager"; import { accessSecretStorage } from "../SecurityManager";
import ToastStore from "../stores/ToastStore"; import ToastStore from "../stores/ToastStore";
import GenericToast from "../components/views/toasts/GenericToast"; import GenericToast from "../components/views/toasts/GenericToast";

View file

@ -21,7 +21,7 @@ import * as sdk from './index';
import { _t } from './languageHandler'; import { _t } from './languageHandler';
import {RightPanelPhases} from "./stores/RightPanelStorePhases"; import {RightPanelPhases} from "./stores/RightPanelStorePhases";
import {findDMForUser} from './createRoom'; import {findDMForUser} from './createRoom';
import {accessSecretStorage} from './CrossSigningManager'; import {accessSecretStorage} from './SecurityManager';
import {verificationMethods} from 'matrix-js-sdk/src/crypto'; import {verificationMethods} from 'matrix-js-sdk/src/crypto';
import {Action} from './dispatcher/actions'; import {Action} from './dispatcher/actions';