mirror of
https://github.com/vector-im/hydrogen-web.git
synced 2024-12-23 03:25:12 +01:00
Don't return if MSK is not trusted
This commit is contained in:
parent
fbc31e6fbe
commit
696b4a243f
@ -614,13 +614,8 @@ export class Session {
|
|||||||
e2eeAccount: this._e2eeAccount,
|
e2eeAccount: this._e2eeAccount,
|
||||||
deviceId: this.deviceId,
|
deviceId: this.deviceId,
|
||||||
});
|
});
|
||||||
|
await crossSigning.load(log);
|
||||||
this._crossSigning.set(crossSigning);
|
this._crossSigning.set(crossSigning);
|
||||||
// if (await crossSigning.load(log)) {
|
|
||||||
// this._crossSigning.set(crossSigning);
|
|
||||||
// }
|
|
||||||
// else {
|
|
||||||
// crossSigning.dispose();
|
|
||||||
// }
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
await this._keyBackup.get()?.start(log);
|
await this._keyBackup.get()?.start(log);
|
||||||
|
@ -277,10 +277,17 @@ export class CrossSigning {
|
|||||||
async signDevice(verification: IVerificationMethod, log: ILogItem): Promise<DeviceKey | undefined> {
|
async signDevice(verification: IVerificationMethod, log: ILogItem): Promise<DeviceKey | undefined> {
|
||||||
return log.wrap("CrossSigning.signDevice", async log => {
|
return log.wrap("CrossSigning.signDevice", async log => {
|
||||||
if (!this._isMasterKeyTrusted) {
|
if (!this._isMasterKeyTrusted) {
|
||||||
|
/**
|
||||||
|
* If we're the unverified device that is participating in
|
||||||
|
* the verification process, it is expected that we do not
|
||||||
|
* have access to the private part of MSK and thus
|
||||||
|
* cannot determine if the MSK is trusted. In this case, we
|
||||||
|
* do not need to sign anything because the other (verified)
|
||||||
|
* device will sign our device key with the SSK.
|
||||||
|
*/
|
||||||
log.set("mskNotTrusted", true);
|
log.set("mskNotTrusted", true);
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
const shouldSign = await verification.verify();
|
const shouldSign = await verification.verify() && this._isMasterKeyTrusted;
|
||||||
log.set("shouldSign", shouldSign);
|
log.set("shouldSign", shouldSign);
|
||||||
if (!shouldSign) {
|
if (!shouldSign) {
|
||||||
return;
|
return;
|
||||||
|
Loading…
Reference in New Issue
Block a user