Respond to backup key sharing requests

2024-10-25 12:16:00 +03:00 · 2020-03-25 14:06:47 +00:00 · 2020-03-25 14:06:47 +00:00 · 4d63c11f26
commit 4d63c11f26
parent d869ac9a69
1 changed files with 25 additions and 10 deletions
--- a/src/CrossSigningManager.js
+++ b/src/CrossSigningManager.js
@ -145,18 +145,33 @@ const onSecretRequested = async function({
        console.log(`CrossSigningManager: Ignoring request from untrusted device ${deviceId}`);
        return;
    }
+    if (name.startsWith("m.cross_signing")) {
        const callbacks = client.getCrossSigningCacheCallbacks();
        if (!callbacks.getCrossSigningKeyCache) return;
+        /* Explicit enumeration here is deliberate – never share the master key! */
        if (name === "m.cross_signing.self_signing") {
            const key = await callbacks.getCrossSigningKeyCache("self_signing");
            if (!key) {
-            console.log(`self_signing requested by ${deviceId}, but not found in cache`);
+                console.log(
+                    `self_signing requested by ${deviceId}, but not found in cache`
+                );
            }
            return key && encodeBase64(key);
        } else if (name === "m.cross_signing.user_signing") {
            const key = await callbacks.getCrossSigningKeyCache("user_signing");
            if (!key) {
-            console.log(`user_signing requested by ${deviceId}, but not found in cache`);
+                console.log(
+                    `user_signing requested by ${deviceId}, but not found in cache`
+                );
+            }
+            return key && encodeBase64(key);
+        }
+    } else if (name === "m.megolm_backup.v1") {
+        const key = await client._crypto.getSessionBackupPrivateKey();
+        if (!key) {
+            console.log(
+                `session backup key requested by ${deviceId}, but not found in cache`
+            );
        }
        return key && encodeBase64(key);
    }