Switch to Rust crypto stack for all logins (#12630)
* Use Rust crypto stack universally Ignore the `feature_rust_crypto` and `RustCrypto.staged_rollout_percent` settings, and just use RustCrypto everywhere. * Remove labs setting for rust crypto * Remove support for legacy crypto stack in `StorageManager` We're not going to use the legacy stack any more. * Update docs on `Features.RustCrypto` * Remove now-unreachable `tryToUnlockSecretStorageWithDehydrationKey` * Comment out test which doesn't work * fix typo
This commit is contained in:
Richard van der Hoff
GitHub
parent
2843545d1e
commit
9c862907f9
11 changed files with 96 additions and 931 deletions
|
|
@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
|
|||
limitations under the License.
|
||||
*/
|
||||
|
||||
import { Crypto, ICryptoCallbacks, MatrixClient, encodeBase64, SecretStorage } from "matrix-js-sdk/src/matrix";
|
||||
import { Crypto, ICryptoCallbacks, encodeBase64, SecretStorage } from "matrix-js-sdk/src/matrix";
|
||||
import { deriveKey } from "matrix-js-sdk/src/crypto/key_passphrase";
|
||||
import { decodeRecoveryKey } from "matrix-js-sdk/src/crypto/recoverykey";
|
||||
import { logger } from "matrix-js-sdk/src/logger";
|
||||
|
|
@ -40,8 +40,6 @@ let secretStorageKeys: Record<string, Uint8Array> = {};
|
|||
let secretStorageKeyInfo: Record<string, SecretStorage.SecretStorageKeyDescription> = {};
|
||||
let secretStorageBeingAccessed = false;
|
||||
|
||||
let nonInteractive = false;
|
||||
|
||||
let dehydrationCache: {
|
||||
key?: Uint8Array;
|
||||
keyInfo?: SecretStorage.SecretStorageKeyDescription;
|
||||
|
|
@ -138,10 +136,6 @@ async function getSecretStorageKey({
|
|||
return [keyId, keyFromCustomisations];
|
||||
}
|
||||
|
||||
if (nonInteractive) {
|
||||
throw new Error("Could not unlock non-interactively");
|
||||
}
|
||||
|
||||
const inputToKey = makeInputToKey(keyInfo);
|
||||
const { finished } = Modal.createDialog(
|
||||
AccessSecretStorageDialog,
|
||||
|
|
@ -430,52 +424,3 @@ async function doAccessSecretStorage(func: () => Promise<void>, forceReset: bool
|
|||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
// FIXME: this function name is a bit of a mouthful
|
||||
export async function tryToUnlockSecretStorageWithDehydrationKey(client: MatrixClient): Promise<void> {
|
||||
const key = dehydrationCache.key;
|
||||
let restoringBackup = false;
|
||||
if (key && (await client.isSecretStorageReady())) {
|
||||
logger.log("Trying to set up cross-signing using dehydration key");
|
||||
secretStorageBeingAccessed = true;
|
||||
nonInteractive = true;
|
||||
try {
|
||||
await client.checkOwnCrossSigningTrust();
|
||||
|
||||
// we also need to set a new dehydrated device to replace the
|
||||
// device we rehydrated
|
||||
let dehydrationKeyInfo = {};
|
||||
if (dehydrationCache.keyInfo && dehydrationCache.keyInfo.passphrase) {
|
||||
dehydrationKeyInfo = { passphrase: dehydrationCache.keyInfo.passphrase };
|
||||
}
|
||||
await client.setDehydrationKey(key, dehydrationKeyInfo, "Backup device");
|
||||
|
||||
// and restore from backup
|
||||
const backupInfo = await client.getKeyBackupVersion();
|
||||
if (backupInfo) {
|
||||
restoringBackup = true;
|
||||
// don't await, because this can take a long time
|
||||
client.restoreKeyBackupWithSecretStorage(backupInfo).finally(() => {
|
||||
secretStorageBeingAccessed = false;
|
||||
nonInteractive = false;
|
||||
if (!isCachingAllowed()) {
|
||||
secretStorageKeys = {};
|
||||
secretStorageKeyInfo = {};
|
||||
}
|
||||
});
|
||||
}
|
||||
} finally {
|
||||
dehydrationCache = {};
|
||||
// the secret storage cache is needed for restoring from backup, so
|
||||
// don't clear it yet if we're restoring from backup
|
||||
if (!restoringBackup) {
|
||||
secretStorageBeingAccessed = false;
|
||||
nonInteractive = false;
|
||||
if (!isCachingAllowed()) {
|
||||
secretStorageKeys = {};
|
||||
secretStorageKeyInfo = {};
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue