matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-28 05:03:59 +03:00
Code Activity

allow backup algorithm to determine whether restored keys should be trusted

Browse Source
This commit is contained in:
Hubert Chathi
2021-06-09 13:02:47 -04:00
parent c04d79d9a0
commit cf21d64aa8
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/client.ts
View File

@@ -2490,6 +2490,8 @@ export class MatrixClient extends EventEmitter {
const algorithm = await BackupManager.makeAlgorithm(backupInfo, async () => { return privKey; }); const algorithm = await BackupManager.makeAlgorithm(backupInfo, async () => { return privKey; });
const untrusted = algorithm.untrusted;
try { try {
// If the pubkey computed from the private data we've been given // If the pubkey computed from the private data we've been given
// doesn't match the one in the auth_data, the user has entered // doesn't match the one in the auth_data, the user has entered
@@ -2557,7 +2559,7 @@ export class MatrixClient extends EventEmitter {
await this.importRoomKeys(keys, { await this.importRoomKeys(keys, {
progressCallback, progressCallback,
untrusted: true, untrusted,
source: "backup", source: "backup",
}); });

5
src/crypto/backup.ts
View File

@@ -71,6 +71,7 @@ interface BackupAlgorithmClass {
} }
interface BackupAlgorithm { interface BackupAlgorithm {
untrusted: boolean;
encryptSession(data: Record<string, any>): Promise<any>; encryptSession(data: Record<string, any>): Promise<any>;
decryptSessions(ciphertexts: Record<string, any>): Promise<Record<string, any>[]>; decryptSessions(ciphertexts: Record<string, any>): Promise<Record<string, any>[]>;
authData: AuthData; authData: AuthData;
@@ -589,6 +590,8 @@ export class Curve25519 implements BackupAlgorithm {
} }
} }
public get untrusted() { return true; }
public async encryptSession(data: Record<string, any>): Promise<any> { public async encryptSession(data: Record<string, any>): Promise<any> {
const plainText: Record<string, any> = Object.assign({}, data); const plainText: Record<string, any> = Object.assign({}, data);
delete plainText.session_id; delete plainText.session_id;
@@ -716,6 +719,8 @@ export class Aes256 implements BackupAlgorithm {
return [outKey, authData]; return [outKey, authData];
} }
public get untrusted() { return false; }
async encryptSession(data: Record<string, any>): Promise<any> { async encryptSession(data: Record<string, any>): Promise<any> {
const plainText: Record<string, any> = Object.assign({}, data); const plainText: Record<string, any> = Object.assign({}, data);
delete plainText.session_id; delete plainText.session_id;