CringeStudios/element-desktop
5
0
Fork 0
mirror of https://github.com/CringeStudios/element-desktop.git synced 2025-01-31 13:39:58 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

electron-main: Use keytar to for the seshat passphrase.

Browse Source 
This will also change the passphrase for existing setups if no
passphrase is found in the secret store.
This commit is contained in:
Damir Jelić 2020-10-13 15:59:21 +02:00
parent 50a4069893
commit 1d811b6f4b
1 changed files with 62 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
src/electron-main.js
View File

@ -61,7 +61,7 @@ let Seshat;
let SeshatRecovery; let SeshatRecovery;
let ReindexError; let ReindexError;
const seshatPassphrase = "DEFAULT_PASSPHRASE"; const seshatDefaultPassphrase = "DEFAULT_PASSPHRASE";
try { try {
const seshatModule = require('matrix-seshat'); const seshatModule = require('matrix-seshat');
@ -505,19 +505,43 @@ ipcMain.on('seshat', async function(ev, payload) {
break; break;
case 'initEventIndex': case 'initEventIndex':
const userId = args[0];
const deviceId = args[1];
if (eventIndex === null) { if (eventIndex === null) {
try { let changePassphrase = false;
await afs.mkdir(eventStorePath, {recursive: true}); let passphrase = seshatDefaultPassphrase;
eventIndex = new Seshat(eventStorePath, {passphrase: seshatPassphrase});
} catch (e) { if (keytar) {
if (e instanceof ReindexError) { try {
// If this is a reindex error, the index schema // Try to get a passphrase for seshat.
// changed. Try to open the database in recovery mode, const passphraseKey = `seshat|${userId}|${deviceId}`;
// reindex the database and finally try to open the const storedPassphrase = await keytar.getPassword("element.io", passphraseKey);
// database again.
try { // If no passphrase was found mark that we should change
// it, if one is found, use that one.
if (storedPassphrase === null) {
changePassphrase = true;
} else {
passphrase = storedPassphrase;
}
} catch (e) {
console.log("Error getting the event index passphrase out of the secret store", e);
}
}
const openSeshat = async () => {
try {
await afs.mkdir(eventStorePath, {recursive: true});
return new Seshat(eventStorePath, {passphrase});
} catch (e) {
if (e instanceof ReindexError) {
// If this is a reindex error, the index schema
// changed. Try to open the database in recovery mode,
// reindex the database and finally try to open the
// database again.
const recoveryIndex = new SeshatRecovery(eventStorePath, { const recoveryIndex = new SeshatRecovery(eventStorePath, {
passphrase: seshatPassphrase, passphrase,
}); });
const userVersion = await recoveryIndex.getUserVersion(); const userVersion = await recoveryIndex.getUserVersion();
@ -535,14 +559,33 @@ ipcMain.on('seshat', async function(ev, payload) {
await recoveryIndex.reindex(); await recoveryIndex.reindex();
} }
eventIndex = new Seshat(eventStorePath, { return new Seshat(eventStorePath, {passphrase});
passphrase: seshatPassphrase, } else {
}); throw (e);
} catch (e) {
sendError(payload.id, e);
return;
} }
} else { }
}
try {
eventIndex = await openSeshat();
} catch(e) {
sendError(payload.id, e);
return;
}
if (changePassphrase) {
try {
// Generate a new random passphrase.
const newPassphrase = await randomArray(32);
await keytar.setPassword("element.io", passphraseKey, newPassphrase);
// Set the new passphrase, this will close the event
// index.
await eventIndex.changePassphrase(newPassphrase);
// Re-open the event index with the new passphrase.
eventIndex = new Seshat(eventStorePath, {newPassphrase});
} catch(e) {
sendError(payload.id, e); sendError(payload.id, e);
return; return;
} }