From 098cd1b8d4b495ba3a77c5d61f49f069ee0bc2bf Mon Sep 17 00:00:00 2001
From: "J. Ryan Stinnett" <jryans@gmail.com>
Date: Thu, 6 Aug 2020 14:04:56 +0100
Subject: [PATCH] Request master cross-signing private key during verification

This change adds a request for the master cross-signing private key, in case the
other device is willing to share it.

Part of https://github.com/vector-im/element-web/issues/13896
---
 spec/unit/crypto/verification/secret_request.spec.js | 7 ++++---
 src/crypto/CrossSigning.js                           | 1 +
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/spec/unit/crypto/verification/secret_request.spec.js b/spec/unit/crypto/verification/secret_request.spec.js
index fb10c14bc..e848bb18d 100644
--- a/spec/unit/crypto/verification/secret_request.spec.js
+++ b/spec/unit/crypto/verification/secret_request.spec.js
@@ -54,6 +54,7 @@ describe("self-verifications", () => {
             cacheCallbacks,
         );
         _crossSigningInfo.keys = {
+            master: { keys: { X: testKeyPub } },
             self_signing: { keys: { X: testKeyPub } },
             user_signing: { keys: { X: testKeyPub } },
         };
@@ -96,9 +97,9 @@ describe("self-verifications", () => {
 
         const result = await verification.done();
 
-        /* We should request, and store, two cross signing key and the key backup key */
-        expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls.length).toBe(2);
-        expect(_secretStorage.request.mock.calls.length).toBe(3);
+        /* We should request, and store, 3 cross signing keys and the key backup key */
+        expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls.length).toBe(3);
+        expect(_secretStorage.request.mock.calls.length).toBe(4);
 
         expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls[0][1])
           .toEqual(testKey);
diff --git a/src/crypto/CrossSigning.js b/src/crypto/CrossSigning.js
index 9c5bbf03b..a6cd8a341 100644
--- a/src/crypto/CrossSigning.js
+++ b/src/crypto/CrossSigning.js
@@ -761,6 +761,7 @@ export async function requestKeysDuringVerification(baseApis, userId, deviceId)
         // We call getCrossSigningKey() for its side-effects
         return Promise.race([
             Promise.all([
+                crossSigning.getCrossSigningKey("master"),
                 crossSigning.getCrossSigningKey("self_signing"),
                 crossSigning.getCrossSigningKey("user_signing"),
                 backupKeyPromise,