Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cross-signing: refactor secret storage loading at startup and show user shield in member details panel #1062

Merged
merged 36 commits into from
Mar 27, 2023
Merged

Cross-signing: refactor secret storage loading at startup and show user shield in member details panel #1062

merged 36 commits into from
Mar 27, 2023

Conversation

bwindels
Copy link
Contributor

@bwindels bwindels commented Mar 24, 2023
edited
Loading

Makes the crossSigning object available on Session after load is called, so it is immediately available to the UI when first shown.
Checks all the signatures in the chain to see if a user is trusted.

image

@bwindels
Store cross-signing keys in format as returned from server, in separa…
1510905 
…te store

This will make it easier to sign and verify signatures with these keys,
as the signed value needs to have the same layout when signing and
for every verification.
@bwindels
Store device keys in format needed to sign/verify, convert to TS
b8fb2b6 
In order to sign and verify signatures of design keys, we need
to have them in the format as they are uploaded and downloaded
from the homeserver. So, like the cross-signing keys, we store
them in locally in the same format to avoid constant convertions.

I also renamed deviceIdentities to deviceKeys, analogue to
crossSigningKeys. In order to prevent mistakes in this refactor,
I also converted DeviceTracker to typescript.
@bwindels
implement signing users and other devices
daf66e1
@bwindels
fix import paths after TS conversion
a9412aa
@bwindels
make sure the key property doesn't leak out of the storage layer
4dce93e 
as it ends up in the value we're signing and uploading,
corrupting the signature
@bwindels
don't allow signing own user
20a6fcd
@bwindels
provide correct user id for signing key owner when signing other user
504d869
@bwindels
don't upload pre-existing signatures when signing
34b113b
@bwindels
cleanup comments
3a303ff
@bwindels
show cross-sign user option in right panel
fa662db
@bwindels
cleanup
9789e58
@bwindels
use enum for device tracking status
1dc3aca
@bwindels
mark all existing user identities outdated as cross-signing keys missing
7d806b0
@bwindels
rename deviceTrackingStatus to keysTrackingStatus
c747d5f 
as this field also reflects the tracking status of the cross-signing
keys for a given user.
@bwindels
actually write modified values in migration
2563aa2
@bwindels
log amount of marked user identities in migration
08984ad
@bwindels
also delete old crossSigningKeys field on userIdentities
eff495c
@bwindels
fix lint warning from previous cross-signing PR
c2ee824
@bwindels
extract method to sign key, as most params are always the same
774efc1
@bwindels
implement verifying signaturs for user trust (green shield/red shield)
4c7f784
@bwindels
expose user trust in member panel
149f187
@bwindels
fix ts error
e00d02a
@bwindels
return enum explaining user trust level rather than boolean
bae18c0
@bwindels
adjust UI to more detailed trust level
f1ecad5
@bwindels
delay signature validation of cross-signing keys until calculating trust
a065189 
always store them, if not we'll think that the user hasn't uploaded
the cross-signing keys if we don't store them in spite of invalid or
missing signature.
@bwindels
return undefined if we don't have the signing key
a69246f
@bwindels
remove unused transaction
760da62
@bwindels
WIP
780dfeb
@bwindels
WIP2
dd59f37
@bwindels
don't reuse existing transaction to read from 4S, as webcrypto termin…
762a91b 
…ates idb transactions
@bwindels bwindels marked this pull request as ready for review March 24, 2023 22:14
@bwindels bwindels mentioned this pull request Mar 27, 2023
Closed
MidhunSureshR
MidhunSureshR approved these changes Mar 27, 2023
View reviewed changes
Copy link
Member

@MidhunSureshR MidhunSureshR left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

src/domain/session/rightpanel/MemberDetailsViewModel.js Show resolved Hide resolved
src/domain/session/rightpanel/MemberDetailsViewModel.js Show resolved Hide resolved
@bwindels bwindels merged commit 07df6a8 into master Mar 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MidhunSureshR MidhunSureshR MidhunSureshR approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bwindels @MidhunSureshR