element-web/src/verification.ts

/*
Copyright 2019, 2020, 2021 The Matrix.org Foundation C.I.C.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

import { User } from "matrix-js-sdk/src/models/user";

import { MatrixClientPeg } from './MatrixClientPeg';
import dis from "./dispatcher/dispatcher";
import Modal from './Modal';
import * as sdk from './index';
import { RightPanelPhases } from "./stores/RightPanelStorePhases";
import { findDMForUser } from './createRoom';
import { accessSecretStorage } from './SecurityManager';
import { verificationMethods } from 'matrix-js-sdk/src/crypto';
import { Action } from './dispatcher/actions';
import UntrustedDeviceDialog from "./components/views/dialogs/UntrustedDeviceDialog";
import {IDevice} from "./components/views/right_panel/UserInfo";

async function enable4SIfNeeded() {
    const cli = MatrixClientPeg.get();
    if (!cli.isCryptoEnabled()) {
        return false;
    }
    const usk = cli.getCrossSigningId("user_signing");
    if (!usk) {
        await accessSecretStorage();
        return false;
    }

    return true;
}

export async function verifyDevice(user: User, device: IDevice) {
    const cli = MatrixClientPeg.get();
    if (cli.isGuest()) {
        dis.dispatch({action: 'require_registration'});
        return;
    }
    // if cross-signing is not explicitly disabled, check if it should be enabled first.
    if (cli.getCryptoTrustCrossSignedDevices()) {
        if (!await enable4SIfNeeded()) {
            return;
        }
    }

    Modal.createTrackedDialog("Verification warning", "unverified session", UntrustedDeviceDialog, {
        user,
        device,
        onFinished: async (action) => {
            if (action === "sas") {
                const verificationRequestPromise = cli.legacyDeviceVerification(
                    user.userId,
                    device.deviceId,
                    verificationMethods.SAS,
                );
                dis.dispatch({
                    action: Action.SetRightPanelPhase,
                    phase: RightPanelPhases.EncryptionPanel,
                    refireParams: {member: user, verificationRequestPromise},
                });
            } else if (action === "legacy") {
                const ManualDeviceKeyVerificationDialog =
                    sdk.getComponent("dialogs.ManualDeviceKeyVerificationDialog");
                Modal.createTrackedDialog("Legacy verify session", "legacy verify session",
                    ManualDeviceKeyVerificationDialog,
                    {
                        userId: user.userId,
                        device,
                    },
                );
            }
        },
    });
}

export async function legacyVerifyUser(user: User) {
    const cli = MatrixClientPeg.get();
    if (cli.isGuest()) {
        dis.dispatch({action: 'require_registration'});
        return;
    }
    // if cross-signing is not explicitly disabled, check if it should be enabled first.
    if (cli.getCryptoTrustCrossSignedDevices()) {
        if (!await enable4SIfNeeded()) {
            return;
        }
    }
    const verificationRequestPromise = cli.requestVerification(user.userId);
    dis.dispatch({
        action: Action.SetRightPanelPhase,
        phase: RightPanelPhases.EncryptionPanel,
        refireParams: {member: user, verificationRequestPromise},
    });
}

export async function verifyUser(user: User) {
    const cli = MatrixClientPeg.get();
    if (cli.isGuest()) {
        dis.dispatch({action: 'require_registration'});
        return;
    }
    if (!await enable4SIfNeeded()) {
        return;
    }
    const existingRequest = pendingVerificationRequestForUser(user);
    dis.dispatch({
        action: Action.SetRightPanelPhase,
        phase: RightPanelPhases.EncryptionPanel,
        refireParams: {
            member: user,
            verificationRequest: existingRequest,
        },
    });
}

export function pendingVerificationRequestForUser(user: User) {
    const cli = MatrixClientPeg.get();
    const dmRoom = findDMForUser(cli, user.userId);
    if (dmRoom) {
        return cli.findVerificationRequestDMInProgress(dmRoom.roomId);
    }
}
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`/*`
Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`Copyright 2019, 2020, 2021 The Matrix.org Foundation C.I.C.`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00
			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`import { User } from "matrix-js-sdk/src/models/user";`

			`import { MatrixClientPeg } from './MatrixClientPeg';`
Move dispatcher into a subdirectory We're expecting to have a whole bunch of types for the dispatched payloads, so pull the thing into a directory we can throw them in. 2020-05-14 05:41:41 +03:00			`import dis from "./dispatcher/dispatcher";`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`import Modal from './Modal';`
			`import * as sdk from './index';`
Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`import { RightPanelPhases } from "./stores/RightPanelStorePhases";`
			`import { findDMForUser } from './createRoom';`
			`import { accessSecretStorage } from './SecurityManager';`
			`import { verificationMethods } from 'matrix-js-sdk/src/crypto';`
			`import { Action } from './dispatcher/actions';`
Extract UntrustedDeviceDialog and fix e2ee icon 2021-05-12 19:04:24 +03:00			`import UntrustedDeviceDialog from "./components/views/dialogs/UntrustedDeviceDialog";`
Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`import {IDevice} from "./components/views/right_panel/UserInfo";`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00
Revert "also enable 4s when accepting a verification request" This reverts commit ab2e3a346599a4f092d43dc8d2de94954ac34f88. 2020-03-11 12:11:54 +03:00			`async function enable4SIfNeeded() {`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`const cli = MatrixClientPeg.get();`
Remove feature_cross_signing Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> 2020-05-27 12:28:25 +03:00			`if (!cli.isCryptoEnabled()) {`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`return false;`
			`}`
use USK as we'll only have that around when using key sharing 2020-03-10 20:40:24 +03:00			`const usk = cli.getCrossSigningId("user_signing");`
			`if (!usk) {`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`await accessSecretStorage();`
			`return false;`
			`}`

			`return true;`
			`}`

Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`export async function verifyDevice(user: User, device: IDevice) {`
dont try to enable 4S if cross-signing is disabled 2020-04-14 18:53:33 +03:00			`const cli = MatrixClientPeg.get();`
Require registration for verification actions Fixes https://github.com/vector-im/element-web/issues/16277 2021-01-26 14:00:56 +03:00			`if (cli.isGuest()) {`
			`dis.dispatch({action: 'require_registration'});`
			`return;`
			`}`
dont try to enable 4S if cross-signing is disabled 2020-04-14 18:53:33 +03:00			`// if cross-signing is not explicitly disabled, check if it should be enabled first.`
			`if (cli.getCryptoTrustCrossSignedDevices()) {`
			`if (!await enable4SIfNeeded()) {`
			`return;`
			`}`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`}`
Use the New Session review dialog for verifying our own devices 2020-04-27 22:31:14 +03:00
Separate toasts for existing & new device verification Separate device verification toasts into ones for devices that were there when the app loaded and a separate toast for each device that has appeared since. Reverts part of https://github.com/matrix-org/matrix-react-sdk/pull/4506 (clicking a device from your own UserInfo now triggers the legacy verification flow again). Fixes https://github.com/vector-im/riot-web/issues/13422 Fixes https://github.com/vector-im/riot-web/issues/13418 2020-04-28 20:35:16 +03:00			`Modal.createTrackedDialog("Verification warning", "unverified session", UntrustedDeviceDialog, {`
			`user,`
			`device,`
			`onFinished: async (action) => {`
			`if (action === "sas") {`
			`const verificationRequestPromise = cli.legacyDeviceVerification(`
			`user.userId,`
			`device.deviceId,`
			`verificationMethods.SAS,`
			`);`
			`dis.dispatch({`
Replaced string actions with their corresponding types 2020-07-18 14:08:20 +03:00			`action: Action.SetRightPanelPhase,`
			`phase: RightPanelPhases.EncryptionPanel,`
Separate toasts for existing & new device verification Separate device verification toasts into ones for devices that were there when the app loaded and a separate toast for each device that has appeared since. Reverts part of https://github.com/matrix-org/matrix-react-sdk/pull/4506 (clicking a device from your own UserInfo now triggers the legacy verification flow again). Fixes https://github.com/vector-im/riot-web/issues/13422 Fixes https://github.com/vector-im/riot-web/issues/13418 2020-04-28 20:35:16 +03:00			`refireParams: {member: user, verificationRequestPromise},`
			`});`
			`} else if (action === "legacy") {`
			`const ManualDeviceKeyVerificationDialog =`
			`sdk.getComponent("dialogs.ManualDeviceKeyVerificationDialog");`
			`Modal.createTrackedDialog("Legacy verify session", "legacy verify session",`
			`ManualDeviceKeyVerificationDialog,`
			`{`
			`userId: user.userId,`
			`device,`
			`},`
			`);`
			`}`
			`},`
			`});`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`}`

Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`export async function legacyVerifyUser(user: User) {`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`const cli = MatrixClientPeg.get();`
Require registration for verification actions Fixes https://github.com/vector-im/element-web/issues/16277 2021-01-26 14:00:56 +03:00			`if (cli.isGuest()) {`
			`dis.dispatch({action: 'require_registration'});`
			`return;`
			`}`
dont try to enable 4S if cross-signing is disabled 2020-04-14 18:53:33 +03:00			`// if cross-signing is not explicitly disabled, check if it should be enabled first.`
			`if (cli.getCryptoTrustCrossSignedDevices()) {`
			`if (!await enable4SIfNeeded()) {`
			`return;`
			`}`
			`}`
fix legacy verify user 2020-04-01 11:32:27 +03:00			`const verificationRequestPromise = cli.requestVerification(user.userId);`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`dis.dispatch({`
Replaced string actions with their corresponding types 2020-07-18 14:08:20 +03:00			`action: Action.SetRightPanelPhase,`
			`phase: RightPanelPhases.EncryptionPanel,`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`refireParams: {member: user, verificationRequestPromise},`
			`});`
			`}`

Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`export async function verifyUser(user: User) {`
Require registration for verification actions Fixes https://github.com/vector-im/element-web/issues/16277 2021-01-26 14:00:56 +03:00			`const cli = MatrixClientPeg.get();`
			`if (cli.isGuest()) {`
			`dis.dispatch({action: 'require_registration'});`
			`return;`
			`}`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`if (!await enable4SIfNeeded()) {`
			`return;`
			`}`
Show EncryptionPanel straight away when there is an ongoing verification request for a user 2020-03-26 19:31:31 +03:00			`const existingRequest = pendingVerificationRequestForUser(user);`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`dis.dispatch({`
Replaced string actions with their corresponding types 2020-07-18 14:08:20 +03:00			`action: Action.SetRightPanelPhase,`
			`phase: RightPanelPhases.EncryptionPanel,`
enable 4S if needed when trying to verify 2020-03-10 18:31:40 +03:00			`refireParams: {`
			`member: user,`
			`verificationRequest: existingRequest,`
			`},`
			`});`
			`}`
Show EncryptionPanel straight away when there is an ongoing verification request for a user 2020-03-26 19:31:31 +03:00
Convert verification and UntrustedDeviceDialog to TS 2021-05-12 19:08:44 +03:00			`export function pendingVerificationRequestForUser(user: User) {`
Show EncryptionPanel straight away when there is an ongoing verification request for a user 2020-03-26 19:31:31 +03:00			`const cli = MatrixClientPeg.get();`
			`const dmRoom = findDMForUser(cli, user.userId);`
			`if (dmRoom) {`
			`return cli.findVerificationRequestDMInProgress(dmRoom.roomId);`
			`}`
			`}`