mirror of
https://github.com/vector-im/hydrogen-web.git
synced 2024-12-23 03:25:12 +01:00
Delete secrets when cross-signing is reset
This commit is contained in:
parent
071aa2c2a3
commit
d00f140309
@ -772,6 +772,7 @@ export class Session {
|
|||||||
e2eeAccountChanges: null,
|
e2eeAccountChanges: null,
|
||||||
hasNewRoomKeys: false,
|
hasNewRoomKeys: false,
|
||||||
deviceMessageDecryptionResults: null,
|
deviceMessageDecryptionResults: null,
|
||||||
|
changedDevices: null,
|
||||||
};
|
};
|
||||||
const syncToken = syncResponse.next_batch;
|
const syncToken = syncResponse.next_batch;
|
||||||
if (syncToken !== this.syncToken) {
|
if (syncToken !== this.syncToken) {
|
||||||
@ -789,6 +790,7 @@ export class Session {
|
|||||||
const deviceLists = syncResponse.device_lists;
|
const deviceLists = syncResponse.device_lists;
|
||||||
if (this._deviceTracker && Array.isArray(deviceLists?.changed) && deviceLists.changed.length) {
|
if (this._deviceTracker && Array.isArray(deviceLists?.changed) && deviceLists.changed.length) {
|
||||||
await log.wrap("deviceLists", log => this._deviceTracker.writeDeviceChanges(deviceLists.changed, txn, log));
|
await log.wrap("deviceLists", log => this._deviceTracker.writeDeviceChanges(deviceLists.changed, txn, log));
|
||||||
|
changes.changedDevices = deviceLists.changed;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (preparation) {
|
if (preparation) {
|
||||||
@ -838,6 +840,9 @@ export class Session {
|
|||||||
if (changes.deviceMessageDecryptionResults) {
|
if (changes.deviceMessageDecryptionResults) {
|
||||||
await this._deviceMessageHandler.afterSyncCompleted(changes.deviceMessageDecryptionResults, this._deviceTracker, this._hsApi, log);
|
await this._deviceMessageHandler.afterSyncCompleted(changes.deviceMessageDecryptionResults, this._deviceTracker, this._hsApi, log);
|
||||||
}
|
}
|
||||||
|
if (changes.changedDevices?.includes(this.userId)) {
|
||||||
|
this._secretSharing?.checkSecretValidity();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
_tryReplaceRoomBeingCreated(roomId, log) {
|
_tryReplaceRoomBeingCreated(roomId, log) {
|
||||||
|
@ -225,6 +225,17 @@ export class SecretSharing {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async checkSecretValidity(log: ILogItem): Promise<void> {
|
||||||
|
const crossSigning = this.crossSigning.get();
|
||||||
|
const needsDeleting = !await crossSigning?.areWeVerified(log);
|
||||||
|
if (needsDeleting) {
|
||||||
|
// User probably reset their cross-signing keys
|
||||||
|
// Can't trust the secrets anymore!
|
||||||
|
const txn = await this.storage.readWriteTxn([this.storage.storeNames.sharedSecrets]);
|
||||||
|
txn.sharedSecrets.deleteAllSecrets();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
async getLocallyStoredSecret(name: string): Promise<any> {
|
async getLocallyStoredSecret(name: string): Promise<any> {
|
||||||
const txn = await this.storage.readTxn([
|
const txn = await this.storage.readTxn([
|
||||||
this.storage.storeNames.sharedSecrets,
|
this.storage.storeNames.sharedSecrets,
|
||||||
|
@ -118,6 +118,16 @@ export class QueryTargetWrapper<T> {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
clear(): IDBRequest<undefined> {
|
||||||
|
try {
|
||||||
|
LOG_REQUESTS && logRequest("clear", [], this._qt);
|
||||||
|
return this._qtStore.clear();
|
||||||
|
}
|
||||||
|
catch (err) {
|
||||||
|
throw new IDBRequestAttemptError("delete", this._qt, err, []);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
count(keyRange?: IDBKeyRange): IDBRequest<number> {
|
count(keyRange?: IDBKeyRange): IDBRequest<number> {
|
||||||
try {
|
try {
|
||||||
return this._qt.count(keyRange);
|
return this._qt.count(keyRange);
|
||||||
@ -195,6 +205,11 @@ export class Store<T> extends QueryTarget<T> {
|
|||||||
this._prepareErrorLog(request, log, "delete", keyOrKeyRange, undefined);
|
this._prepareErrorLog(request, log, "delete", keyOrKeyRange, undefined);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
clear(log?: ILogItem): void {
|
||||||
|
const request = this._idbStore.clear();
|
||||||
|
this._prepareErrorLog(request, log, "delete", undefined, undefined);
|
||||||
|
}
|
||||||
|
|
||||||
private _prepareErrorLog(request: IDBRequest, log: ILogItem | undefined, operationName: string, key: IDBKey | undefined, value: T | undefined) {
|
private _prepareErrorLog(request: IDBRequest, log: ILogItem | undefined, operationName: string, key: IDBKey | undefined, value: T | undefined) {
|
||||||
if (log) {
|
if (log) {
|
||||||
log.ensureRefId();
|
log.ensureRefId();
|
||||||
|
@ -36,4 +36,8 @@ export class SharedSecretStore {
|
|||||||
remove(name: string): void {
|
remove(name: string): void {
|
||||||
this._store.delete(name);
|
this._store.delete(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
deleteAllSecrets(): void {
|
||||||
|
this._store.clear();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user