Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for .ready verification event (MSC2366) & other things #1140

Merged
merged 44 commits into from
Jan 20, 2020
Merged
Show file tree
Hide file tree
Changes from 29 commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
882d3a7
support .ready event in VerificationRequest
bwindels Dec 10, 2019
2da7253
return request instead of verifier from verification methods
bwindels Dec 10, 2019
10e2947
waitForVerifier is unused now, make it more broadly useful with callback
bwindels Dec 10, 2019
28e46a8
expose common phases as properties
bwindels Dec 10, 2019
4c6dd56
filter verification methods from argument
bwindels Dec 10, 2019
cd7cc1b
set verification request on event
bwindels Dec 10, 2019
b34a2c7
WIP
bwindels Dec 10, 2019
c4142d9
store in-room verification requests by roomId, txnId
bwindels Dec 18, 2019
5f9e822
more ready and remote echo support
bwindels Dec 19, 2019
dac4a54
make this a public prop
bwindels Dec 20, 2019
984b623
don't block remote echos to VerificationRequests
bwindels Dec 20, 2019
29c04b6
only move to PHASE_DONE when both .done events are received
bwindels Dec 20, 2019
efe2488
get other user id from channel
bwindels Dec 20, 2019
48977e6
get other party user id by inspecting initial event sender/to fields
bwindels Dec 20, 2019
883b83f
move blocking non-participating users back to InRoomChannel
bwindels Dec 20, 2019
e7bcb61
attempt at only creating verifier for live events
bwindels Dec 20, 2019
cf42ad8
WIP historical
bwindels Dec 27, 2019
0d3d27a
fixes and cleanup for historical
bwindels Jan 2, 2020
57135a8
don't mark events loaded from cache as live events
bwindels Jan 3, 2020
8ed51c8
don't cancel or timeout when verify isn't called
bwindels Jan 3, 2020
3ec8233
fixes & implement timeout
bwindels Jan 3, 2020
423c8a8
use isRemoteEcho to determine if the event is theirs or not
bwindels Jan 3, 2020
3a9dc37
new state machine relies on having remote echos, so fake for to_device
bwindels Jan 3, 2020
213bb9d
allow to move straight from UNSENT to STARTED
bwindels Jan 3, 2020
5919874
check !unsent instead of requested for emitting the crypto.request event
bwindels Jan 3, 2020
75fc25f
fix method names
bwindels Jan 3, 2020
9338d9c
commit logging
bwindels Jan 3, 2020
f44e0a8
parenthesis in wrong place broke logic
bwindels Jan 3, 2020
72fd1e4
add note to fix bug later
bwindels Jan 3, 2020
1205178
Merge branch 'develop' into bwindels/verification-right-panel
turt2live Jan 16, 2020
07cc93c
fix lint
bwindels Jan 17, 2020
59bfc45
use setTimeout of setInterval
bwindels Jan 17, 2020
cbe2965
mention reason in cancellation error
bwindels Jan 17, 2020
e51ba79
to make this work while using fake timers, don't use setTimeout
bwindels Jan 20, 2020
c34ccc9
adjust test: requestVerification returns the request instead of verifier
bwindels Jan 20, 2020
e895283
enable fake timers for consistency
bwindels Jan 20, 2020
77d0a76
fixup: another timeout
bwindels Jan 20, 2020
c12a3b6
more fixup: make sure remote echo doesn't arrive earlier for TestClient
bwindels Jan 20, 2020
121e9d0
don't overwrite a request when the remote echo arrives before event_id
bwindels Jan 20, 2020
e5c65d5
set transaction_id for remote echos in TestClient
bwindels Jan 20, 2020
bd9a2c1
implement API change in sas test for requestVerificationDM
bwindels Jan 20, 2020
aac6829
remove obsolete comment
bwindels Jan 20, 2020
d526229
update jsdoc of requestVerificationDM
bwindels Jan 20, 2020
9d6f873
remove obsolete and now broken method
bwindels Jan 20, 2020
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/client.js
Original file line number Diff line number Diff line change
Expand Up @@ -894,8 +894,8 @@ MatrixClient.prototype.acceptVerificationDM = function(event, method) {
* @param {Array} devices array of device IDs to send requests to. Defaults to
* all devices owned by the user
*
* @returns {Promise<module:crypto/verification/Base>} resolves to a verifier
* when the request is accepted by the other user
* @returns {Promise<module:crypto/verification/request/VerificationRequest>} resolves to a VerificationRequest
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Usually we don't change the contract of our public functions, though in this case we're about to do a major version bump for the new build system anyways so this seems fine and convenient.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, see the breaking change comment in the description.

* when the request has been sent to the other party.
*/
MatrixClient.prototype.requestVerification = function(userId, methods, devices) {
if (this._crypto === null) {
Expand Down
161 changes: 70 additions & 91 deletions src/crypto/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ import { keyFromPassphrase } from './key_passphrase';
import { encodeRecoveryKey } from './recoverykey';

import VerificationRequest from "./verification/request/VerificationRequest";
import InRoomChannel from "./verification/request/InRoomChannel";
import ToDeviceChannel from "./verification/request/ToDeviceChannel";
import {InRoomChannel, InRoomRequests} from "./verification/request/InRoomChannel";
import {ToDeviceChannel, ToDeviceRequests} from "./verification/request/ToDeviceChannel";

const defaultVerificationMethods = {
[ScanQRCode.NAME]: ScanQRCode,
Expand Down Expand Up @@ -206,8 +206,8 @@ export default function Crypto(baseApis, sessionStore, userId, deviceId,
// }
this._lastNewSessionForced = {};

this._toDeviceVerificationRequests = new Map();
this._inRoomVerificationRequests = new Map();
this._toDeviceVerificationRequests = new ToDeviceRequests();
this._inRoomVerificationRequests = new InRoomRequests();

const cryptoCallbacks = this._baseApis._cryptoCallbacks || {};

Expand Down Expand Up @@ -1128,17 +1128,13 @@ Crypto.prototype.registerEventHandlers = function(eventEmitter) {
}
});

eventEmitter.on("toDeviceEvent", function(event) {
crypto._onToDeviceEvent(event);
});
eventEmitter.on("toDeviceEvent", crypto._onToDeviceEvent.bind(crypto));

eventEmitter.on("Room.timeline", function(event) {
crypto._onTimelineEvent(event);
});
const timelineHandler = crypto._onTimelineEvent.bind(crypto);

eventEmitter.on("Event.decrypted", function(event) {
crypto._onTimelineEvent(event);
});
eventEmitter.on("Room.timeline", timelineHandler);

eventEmitter.on("Event.decrypted", timelineHandler);
};


Expand Down Expand Up @@ -1515,98 +1511,78 @@ Crypto.prototype.setDeviceVerification = async function(
return deviceObj;
};

Crypto.prototype.requestVerificationDM = async function(userId, roomId, methods) {
Crypto.prototype.requestVerificationDM = function(userId, roomId, methods) {
const channel = new InRoomChannel(this._baseApis, roomId, userId);
const request = await this._requestVerificationWithChannel(
return this._requestVerificationWithChannel(
userId,
methods,
channel,
this._inRoomVerificationRequests,
);
return await request.waitForVerifier();
};

Crypto.prototype.acceptVerificationDM = function(event, method) {
if(!InRoomChannel.validateEvent(event, this._baseApis)) {
return;
}

const sender = event.getSender();
const requestsByTxnId = this._inRoomVerificationRequests.get(sender);
if (!requestsByTxnId) {
return;
}
const transactionId = InRoomChannel.getTransactionId(event);
const request = requestsByTxnId.get(transactionId);
if (!request) {
return;
}

return request.beginKeyVerification(method);
};

Crypto.prototype.requestVerification = async function(userId, methods, devices) {
Crypto.prototype.requestVerification = function(userId, methods, devices) {
if (!devices) {
devices = Object.keys(this._deviceList.getRawStoredDevicesForUser(userId));
}
const channel = new ToDeviceChannel(this._baseApis, userId, devices);
const request = await this._requestVerificationWithChannel(
return this._requestVerificationWithChannel(
userId,
methods,
channel,
this._toDeviceVerificationRequests,
);
return await request.waitForVerifier();
};

Crypto.prototype._requestVerificationWithChannel = async function(
userId, methods, channel, requestsMap,
) {
if (!methods) {
// .keys() returns an iterator, so we need to explicitly turn it into an array
methods = [...this._verificationMethods.keys()];
let verificationMethods = this._verificationMethods;
if (methods) {
verificationMethods = methods.reduce((map, name) => {
const method = this._verificationMethods.get(name);
if (!method) {
throw new Error(`Verification method ${name} is not supported.`);
} else {
map.set(name, method);
}
return map;
}, new Map());
}
// TODO: filter by given methods
const request = new VerificationRequest(
channel, this._verificationMethods, userId, this._baseApis);
channel, verificationMethods, this._baseApis);
await request.sendRequest();

let requestsByTxnId = requestsMap.get(userId);
if (!requestsByTxnId) {
requestsByTxnId = new Map();
requestsMap.set(userId, requestsByTxnId);
}
// TODO: we're only adding the request to the map once it has been sent
// but if the other party is really fast they could potentially respond to the
// request before the server tells us the event got sent, and we would probably
// create a new request object
requestsByTxnId.set(channel.transactionId, request);
console.log(`Crypto: adding new request to requestsByTxnId with id ${channel.transactionId}`);
requestsMap.setRequestByChannel(channel, request);

return request;
};

Crypto.prototype.beginKeyVerification = function(
method, userId, deviceId, transactionId = null,
) {
let requestsByTxnId = this._toDeviceVerificationRequests.get(userId);
if (!requestsByTxnId) {
requestsByTxnId = new Map();
this._toDeviceVerificationRequests.set(userId, requestsByTxnId);
}
let request;
if (transactionId) {
request = requestsByTxnId.get(transactionId);
request = this._toDeviceVerificationRequests.getRequestBySenderAndTxnId(
userId, transactionId);
if (!request) {
throw new Error(
`No request found for user ${userId} with ` +
`transactionId ${transactionId}`);
}
} else {
transactionId = ToDeviceChannel.makeTransactionId();
const channel = new ToDeviceChannel(
this._baseApis, userId, [deviceId], transactionId, deviceId);
request = new VerificationRequest(
channel, this._verificationMethods, userId, this._baseApis);
requestsByTxnId.set(transactionId, request);
}
if (!request) {
throw new Error(
`No request found for user ${userId} with transactionId ${transactionId}`);
channel, this._verificationMethods, this._baseApis);
this._toDeviceVerificationRequests.setRequestBySenderAndTxnId(
userId, transactionId, request);
}
return request.beginKeyVerification(method, {userId, deviceId});
};
Expand Down Expand Up @@ -2454,7 +2430,6 @@ Crypto.prototype._onKeyVerificationMessage = function(event) {
if (!ToDeviceChannel.validateEvent(event, this._baseApis)) {
return;
}
const transactionId = ToDeviceChannel.getTransactionId(event);
const createRequest = event => {
if (!ToDeviceChannel.canCreateRequest(ToDeviceChannel.getEventType(event))) {
return;
Expand All @@ -2471,76 +2446,80 @@ Crypto.prototype._onKeyVerificationMessage = function(event) {
[deviceId],
);
return new VerificationRequest(
channel, this._verificationMethods, userId, this._baseApis);
channel, this._verificationMethods, this._baseApis);
};
this._handleVerificationEvent(event, transactionId,
this._toDeviceVerificationRequests, createRequest);
this._handleVerificationEvent(
event,
this._toDeviceVerificationRequests,
createRequest,
);
};

/**
* Handle key verification requests sent as timeline events
*
* @private
* @param {module:models/event.MatrixEvent} event the timeline event
* @param {module:models/Room} room not used
* @param {bool} atStart not used
* @param {bool} removed not used
* @param {bool} data.liveEvent whether this is a live event
*/
Crypto.prototype._onTimelineEvent = function(event) {
Crypto.prototype._onTimelineEvent = function(
event, room, atStart, removed, {liveEvent} = {},
) {
// TODO: we still need a request object for past requests, so we can show it in the timeline
// validation now excludes old requests
if (!InRoomChannel.validateEvent(event, this._baseApis)) {
return;
}
const transactionId = InRoomChannel.getTransactionId(event);
const createRequest = event => {
if (!InRoomChannel.canCreateRequest(InRoomChannel.getEventType(event))) {
return;
}
const userId = event.getSender();
const channel = new InRoomChannel(
this._baseApis,
event.getRoomId(),
userId,
);
return new VerificationRequest(
channel, this._verificationMethods, userId, this._baseApis);
channel, this._verificationMethods, this._baseApis);
};
this._handleVerificationEvent(event, transactionId,
this._inRoomVerificationRequests, createRequest);
this._handleVerificationEvent(
event,
this._inRoomVerificationRequests,
createRequest,
liveEvent,
);
};

Crypto.prototype._handleVerificationEvent = async function(
event, transactionId, requestsMap, createRequest,
event, requestsMap, createRequest, isLiveEvent = true,
) {
const sender = event.getSender();
let requestsByTxnId = requestsMap.get(sender);
let request = requestsMap.getRequest(event);
let isNewRequest = false;
let request = requestsByTxnId && requestsByTxnId.get(transactionId);
if (!request) {
request = createRequest(event);
// a request could not be made from this event, so ignore event
if (!request) {
console.log(`Crypto: could not find VerificationRequest for ${event.getType()}, and could not create one, so ignoring.`);
bwindels marked this conversation as resolved.
Show resolved Hide resolved
return;
}
isNewRequest = true;
if (!requestsByTxnId) {
requestsByTxnId = new Map();
requestsMap.set(sender, requestsByTxnId);
}
requestsByTxnId.set(transactionId, request);
requestsMap.setRequest(event, request);
}
event.setVerificationRequest(request);
try {
const hadVerifier = !!request.verifier;
await request.channel.handleEvent(event, request);
await request.channel.handleEvent(event, request, isLiveEvent);
// emit start event when verifier got set
if (!hadVerifier && request.verifier) {
this._baseApis.emit("crypto.verification.start", request.verifier);
}
} catch (err) {
console.error("error while handling verification event", event, err);
}
if (!request.pending) {
requestsByTxnId.delete(transactionId);
if (requestsByTxnId.size === 0) {
requestsMap.delete(sender);
}
} else if (isNewRequest && !request.initiatedByMe) {
const shouldEmit = isNewRequest &&
!request.initiatedByMe &&
!request.invalid && // check it has enough events to pass the UNSENT stage
!request.observeOnly;
if (shouldEmit) {
this._baseApis.emit("crypto.verification.request", request);
}
};
Expand Down
9 changes: 5 additions & 4 deletions src/crypto/verification/Base.js
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,6 @@ export default class VerificationBase extends EventEmitter {
this._done = false;
this._promise = null;
this._transactionTimeoutTimer = null;

// At this point, the verification request was received so start the timeout timer.
this._resetTimer();
}

_resetTimer() {
Expand Down Expand Up @@ -123,7 +120,11 @@ export default class VerificationBase extends EventEmitter {
const reject = this._reject;
this._reject = undefined;
reject(new Error("Other side cancelled verification"));
} else {
} else if (this._expectedEvent) {
// only cancel if there is an event expected.
// if there is no event expected, it means verify() wasn't called
// and we're just replaying the timeline events when syncing
// after a refresh when the events haven't been stored in the cache yet.
const exception = new Error(
"Unexpected message: expecting " + this._expectedEvent
+ " but got " + e.getType(),
Expand Down
6 changes: 2 additions & 4 deletions src/crypto/verification/Error.js
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,10 @@ limitations under the License.
import {MatrixEvent} from "../../models/event";

export function newVerificationError(code, reason, extradata) {
extradata = extradata || {};
extradata.code = code;
extradata.reason = reason;
const content = Object.assign({}, {code, reason}, extradata);
return new MatrixEvent({
type: "m.key.verification.cancel",
content: extradata,
content,
});
}

Expand Down
Loading