From 788cb2409390386d4d41c56aa52119ea165e2bf8 Mon Sep 17 00:00:00 2001
From: "J. Ryan Stinnett" <jryans@gmail.com>
Date: Thu, 30 Jan 2020 14:18:12 +0000
Subject: [PATCH] Add advanced option to keep secret storage in memory for
 session

This adds a default-off option to keep the secret storage passphrase cached in
memory for the current session to avoid death by prompts.
---
 src/CrossSigningManager.js                    | 22 ++++++++++++++-----
 .../settings/tabs/user/LabsUserSettingsTab.js |  1 +
 src/i18n/strings/en_EN.json                   |  1 +
 src/settings/Settings.js                      |  5 +++++
 4 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/src/CrossSigningManager.js b/src/CrossSigningManager.js
index 085764214f..6922214d19 100644
--- a/src/CrossSigningManager.js
+++ b/src/CrossSigningManager.js
@@ -20,6 +20,7 @@ import {MatrixClientPeg} from './MatrixClientPeg';
 import { deriveKey } from 'matrix-js-sdk/src/crypto/key_passphrase';
 import { decodeRecoveryKey } from 'matrix-js-sdk/src/crypto/recoverykey';
 import { _t } from './languageHandler';
+import SettingsStore from './settings/SettingsStore';
 
 // This stores the secret storage private keys in memory for the JS SDK. This is
 // only meant to act as a cache to avoid prompting the user multiple times
@@ -27,7 +28,14 @@ import { _t } from './languageHandler';
 // single secret storage operation, as it will clear the cached keys once the
 // operation ends.
 let secretStorageKeys = {};
-let cachingAllowed = false;
+let secretStorageBeingAccessed = false;
+
+function isCachingAllowed() {
+    return (
+        secretStorageBeingAccessed ||
+        SettingsStore.getValue("keepSecretStoragePassphraseForSession")
+    );
+}
 
 async function getSecretStorageKey({ keys: keyInfos }) {
     const keyInfoEntries = Object.entries(keyInfos);
@@ -37,7 +45,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
     const [name, info] = keyInfoEntries[0];
 
     // Check the in-memory cache
-    if (cachingAllowed && secretStorageKeys[name]) {
+    if (isCachingAllowed() && secretStorageKeys[name]) {
         return [name, secretStorageKeys[name]];
     }
 
@@ -71,7 +79,7 @@ async function getSecretStorageKey({ keys: keyInfos }) {
     const key = await inputToKey(input);
 
     // Save to cache to avoid future prompts in the current session
-    if (cachingAllowed) {
+    if (isCachingAllowed()) {
         secretStorageKeys[name] = key;
     }
 
@@ -104,7 +112,7 @@ export const crossSigningCallbacks = {
  */
 export async function accessSecretStorage(func = async () => { }) {
     const cli = MatrixClientPeg.get();
-    cachingAllowed = true;
+    secretStorageBeingAccessed = true;
 
     try {
         if (!await cli.hasSecretStorageKey()) {
@@ -143,7 +151,9 @@ export async function accessSecretStorage(func = async () => { }) {
         return await func();
     } finally {
         // Clear secret storage key cache now that work is complete
-        cachingAllowed = false;
-        secretStorageKeys = {};
+        secretStorageBeingAccessed = false;
+        if (!isCachingAllowed()) {
+            secretStorageKeys = {};
+        }
     }
 }
diff --git a/src/components/views/settings/tabs/user/LabsUserSettingsTab.js b/src/components/views/settings/tabs/user/LabsUserSettingsTab.js
index ec5f984d46..2b992c7add 100644
--- a/src/components/views/settings/tabs/user/LabsUserSettingsTab.js
+++ b/src/components/views/settings/tabs/user/LabsUserSettingsTab.js
@@ -66,6 +66,7 @@ export default class LabsUserSettingsTab extends React.Component {
                     <SettingsFlag name={"showHiddenEventsInTimeline"} level={SettingLevel.DEVICE} />
                     <SettingsFlag name={"lowBandwidth"} level={SettingLevel.DEVICE} />
                     <SettingsFlag name={"sendReadReceipts"} level={SettingLevel.ACCOUNT} />
+                    <SettingsFlag name={"keepSecretStoragePassphraseForSession"} level={SettingLevel.DEVICE} />
                 </div>
             </div>
         );
diff --git a/src/i18n/strings/en_EN.json b/src/i18n/strings/en_EN.json
index ea986e6324..ed660351f5 100644
--- a/src/i18n/strings/en_EN.json
+++ b/src/i18n/strings/en_EN.json
@@ -415,6 +415,7 @@
     "Send read receipts for messages (requires compatible homeserver to disable)": "Send read receipts for messages (requires compatible homeserver to disable)",
     "Show previews/thumbnails for images": "Show previews/thumbnails for images",
     "Enable message search in encrypted rooms": "Enable message search in encrypted rooms",
+    "Keep secret storage passphrase in memory for this session": "Keep secret storage passphrase in memory for this session",
     "Collecting app version information": "Collecting app version information",
     "Collecting logs": "Collecting logs",
     "Uploading report": "Uploading report",
diff --git a/src/settings/Settings.js b/src/settings/Settings.js
index 0ab30e02e1..5ea871dc69 100644
--- a/src/settings/Settings.js
+++ b/src/settings/Settings.js
@@ -485,4 +485,9 @@ export const SETTINGS = {
         displayName: _td("Enable message search in encrypted rooms"),
         default: true,
     },
+    "keepSecretStoragePassphraseForSession": {
+        supportedLevels: LEVELS_DEVICE_ONLY_SETTINGS,
+        displayName: _td("Keep secret storage passphrase in memory for this session"),
+        default: false,
+    },
 };