matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-26 17:03:12 +03:00
Code Activity

Adjust secret key adding to consume instead of create

Browse Source 
This changes `addKey` for secret storage to consume info about a pre-generated
key, rather than creating the key in middle of the method. This eases UI work
that want to have the public and private keys earlier on in the flow.
This commit is contained in:
J. Ryan Stinnett
2019-12-05 11:00:40 +00:00
parent 65f8556ee9
commit 33f5894547
4 changed files with 13 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/unit/crypto/secrets.spec.js
View File

@@ -284,7 +284,7 @@ describe("Secrets", function() {
it("bootstraps when cross-signing keys in secret storage", async function() { it("bootstraps when cross-signing keys in secret storage", async function() {
const decryption = new global.Olm.PkDecryption(); const decryption = new global.Olm.PkDecryption();
decryption.generate_key(); const storagePublicKey = decryption.generate_key();
const storagePrivateKey = decryption.get_private_key(); const storagePrivateKey = decryption.get_private_key();
let crossSigningKeys = {}; let crossSigningKeys = {};
@@ -324,7 +324,7 @@ describe("Secrets", function() {
// Set up cross-signing keys from scratch with specific storage key // Set up cross-signing keys from scratch with specific storage key
await bob.bootstrapSecretStorage({ await bob.bootstrapSecretStorage({
createSecretStorageKey: async () => ({ privkey: storagePrivateKey }), createSecretStorageKey: async () => ({ pubkey: storagePublicKey }),
}); });
// Clear local cross-signing keys and read from secret storage // Clear local cross-signing keys and read from secret storage

3
src/client.js
View File

@@ -1075,8 +1075,7 @@ MatrixClient.prototype.checkEventSenderTrust = async function(event) {
* @function module:client~MatrixClient#addSecretStorageKey * @function module:client~MatrixClient#addSecretStorageKey
* @param {string} algorithm the algorithm used by the key * @param {string} algorithm the algorithm used by the key
* @param {object} opts the options for the algorithm. The properties used * @param {object} opts the options for the algorithm. The properties used
* depend on the algorithm given. This object may be modified to pass * depend on the algorithm given.
* information back about the key.
* @param {string} [keyName] the name of the key. If not given, a random * @param {string} [keyName] the name of the key. If not given, a random
* name will be generated. * name will be generated.
* *

26
src/crypto/SecretStorage.js
View File

@@ -18,8 +18,6 @@ import {EventEmitter} from 'events';
import logger from '../logger'; import logger from '../logger';
import olmlib from './olmlib'; import olmlib from './olmlib';
import { randomString } from '../randomstring'; import { randomString } from '../randomstring';
import { keyFromPassphrase } from './key_passphrase';
import { encodeRecoveryKey } from './recoverykey';
import { pkVerify } from './olmlib'; import { pkVerify } from './olmlib';
export const SECRET_STORAGE_ALGORITHM_V1 = "m.secret_storage.v1.curve25519-aes-sha2"; export const SECRET_STORAGE_ALGORITHM_V1 = "m.secret_storage.v1.curve25519-aes-sha2";
@@ -71,8 +69,7 @@ export default class SecretStorage extends EventEmitter {
* *
* @param {string} algorithm the algorithm used by the key. * @param {string} algorithm the algorithm used by the key.
* @param {object} opts the options for the algorithm. The properties used * @param {object} opts the options for the algorithm. The properties used
* depend on the algorithm given. This object may be modified to pass * depend on the algorithm given.
* information back about the key.
* @param {string} [keyId] the ID of the key. If not given, a random * @param {string} [keyId] the ID of the key. If not given, a random
* ID will be generated. * ID will be generated.
* *
@@ -92,21 +89,16 @@ export default class SecretStorage extends EventEmitter {
{ {
const decryption = new global.Olm.PkDecryption(); const decryption = new global.Olm.PkDecryption();
try { try {
if (opts.passphrase) { const { passphrase, pubkey } = opts;
const key = await keyFromPassphrase(opts.passphrase); // Copies in public key details of the form generated by
keyData.passphrase = { // the Crypto module's `createRecoveryKeyFromPassphrase`.
algorithm: "m.pbkdf2", if (passphrase && pubkey) {
iterations: key.iterations, keyData.passphrase = passphrase;
salt: key.salt, keyData.pubkey = pubkey;
}; } else if (pubkey) {
opts.encodedkey = encodeRecoveryKey(key.key); keyData.pubkey = pubkey;
keyData.pubkey = decryption.init_with_private_key(key.key);
} else if (opts.privkey) {
keyData.pubkey = decryption.init_with_private_key(opts.privkey);
opts.encodedkey = encodeRecoveryKey(opts.privkey);
} else { } else {
keyData.pubkey = decryption.generate_key(); keyData.pubkey = decryption.generate_key();
opts.encodedkey = encodeRecoveryKey(decryption.get_private_key());
} }
} finally { } finally {
decryption.free(); decryption.free();

3
src/crypto/index.js
View File

@@ -365,8 +365,7 @@ Crypto.prototype.createRecoveryKeyFromPassphrase = async function(password) {
* called to await a secret storage key creation flow. * called to await a secret storage key creation flow.
* Returns: * Returns:
* {Promise} A promise which resolves to key creation data for * {Promise} A promise which resolves to key creation data for
* SecretStorage#addKey: an object with either `passphrase` or `privkey` * SecretStorage#addKey: an object with `passphrase` and/or `pubkey` fields.
* fields.
*/ */
Crypto.prototype.bootstrapSecretStorage = async function({ Crypto.prototype.bootstrapSecretStorage = async function({
authUploadDeviceSigningKeys, authUploadDeviceSigningKeys,