mirror of
https://github.com/vector-im/hydrogen-web.git
synced 2024-12-23 03:25:12 +01:00
Don't return if MSK is not trusted
This commit is contained in:
parent
fbc31e6fbe
commit
696b4a243f
@ -614,13 +614,8 @@ export class Session {
|
||||
e2eeAccount: this._e2eeAccount,
|
||||
deviceId: this.deviceId,
|
||||
});
|
||||
await crossSigning.load(log);
|
||||
this._crossSigning.set(crossSigning);
|
||||
// if (await crossSigning.load(log)) {
|
||||
// this._crossSigning.set(crossSigning);
|
||||
// }
|
||||
// else {
|
||||
// crossSigning.dispose();
|
||||
// }
|
||||
});
|
||||
}
|
||||
await this._keyBackup.get()?.start(log);
|
||||
|
@ -277,10 +277,17 @@ export class CrossSigning {
|
||||
async signDevice(verification: IVerificationMethod, log: ILogItem): Promise<DeviceKey | undefined> {
|
||||
return log.wrap("CrossSigning.signDevice", async log => {
|
||||
if (!this._isMasterKeyTrusted) {
|
||||
/**
|
||||
* If we're the unverified device that is participating in
|
||||
* the verification process, it is expected that we do not
|
||||
* have access to the private part of MSK and thus
|
||||
* cannot determine if the MSK is trusted. In this case, we
|
||||
* do not need to sign anything because the other (verified)
|
||||
* device will sign our device key with the SSK.
|
||||
*/
|
||||
log.set("mskNotTrusted", true);
|
||||
return;
|
||||
}
|
||||
const shouldSign = await verification.verify();
|
||||
const shouldSign = await verification.verify() && this._isMasterKeyTrusted;
|
||||
log.set("shouldSign", shouldSign);
|
||||
if (!shouldSign) {
|
||||
return;
|
||||
|
Loading…
Reference in New Issue
Block a user