matrix-org · turt2live · Jan 30, 2020 · Jan 27, 2020 · Jan 27, 2020 · Jan 27, 2020
@@ -16,8 +16,6 @@ limitations under the License.
 */
 import "../../../olm-loader";
 import {logger} from "../../../../src/logger";
-import {DeviceInfo} from "../../../../src/crypto/deviceinfo";
-import {ScanQRCode, ShowQRCode} from "../../../../src/crypto/verification/QRCode";
 
 const Olm = global.Olm;
 
@@ -31,124 +29,13 @@ describe("QR code verification", function() {
         return Olm.init();
     });
 
-    describe("showing", function() {
-        it("should emit an event to show a QR code", async function() {
-            const channel = {
-                send: jest.fn(),
-            };
-            const qrCode = new ShowQRCode(channel, {
-                getUserId: () => "@alice:example.com",
-                deviceId: "ABCDEFG",
-                getDeviceEd25519Key: function() {
-                    return "device+ed25519+key";
-                },
-            });
-            const spy = jest.fn((e) => {
-                qrCode.done();
-            });
-            qrCode.on("show_qr_code", spy);
-            await qrCode.verify();
-            expect(spy).toHaveBeenCalledWith({
-                url: "https://matrix.to/#/@alice:example.com?device=ABCDEFG"
-                    + "&action=verify&key_ed25519%3AABCDEFG=device%2Bed25519%2Bkey",
-            });
-        });
-    });
-
-    describe("scanning", function() {
-        const QR_CODE_URL = "https://matrix.to/#/@alice:example.com?device=ABCDEFG"
-              + "&action=verify&key_ed25519%3AABCDEFG=device%2Bed25519%2Bkey";
-        it("should verify when a QR code is sent", async function() {
-            const device = DeviceInfo.fromStorage(
-                {
-                    algorithms: [],
-                    keys: {
-                        "curve25519:ABCDEFG": "device+curve25519+key",
-                        "ed25519:ABCDEFG": "device+ed25519+key",
-                    },
-                    verified: false,
-                    known: false,
-                    unsigned: {},
-                },
-                "ABCDEFG",
-            );
-            const client = {
-                getStoredDevice: jest.fn().mockReturnValue(device),
-                setDeviceVerified: jest.fn(),
-            };
-            const channel = {
-                send: jest.fn(),
-            };
-            const qrCode = new ScanQRCode(channel, client);
-            qrCode.on("confirm_user_id", ({userId, confirm}) => {
-                if (userId === "@alice:example.com") {
-                    confirm();
-                } else {
-                    qrCode.cancel(new Error("Incorrect user"));
-                }
-            });
-            qrCode.on("scan", ({done}) => {
-                done(QR_CODE_URL);
-            });
-            await qrCode.verify();
-            expect(client.getStoredDevice)
-                .toHaveBeenCalledWith("@alice:example.com", "ABCDEFG");
-            expect(client.setDeviceVerified)
-                .toHaveBeenCalledWith("@alice:example.com", "ABCDEFG");
-        });
-
-        it("should error when the user ID doesn't match", async function() {
-            const client = {
-                getStoredDevice: jest.fn(),
-                setDeviceVerified: jest.fn(),
-            };
-            const channel = {
-                send: jest.fn(),
-            };
-            const qrCode = new ScanQRCode(channel, client, "@bob:example.com", "ABCDEFG");
-            qrCode.on("scan", ({done}) => {
-                done(QR_CODE_URL);
-            });
-            const spy = jest.fn();
-            await qrCode.verify().catch(spy);
-            expect(spy).toHaveBeenCalled();
-            expect(channel.send).toHaveBeenCalled();
-            expect(client.getStoredDevice).not.toHaveBeenCalled();
-            expect(client.setDeviceVerified).not.toHaveBeenCalled();
-        });
-
-        it("should error if the key doesn't match", async function() {
-            const device = DeviceInfo.fromStorage(
-                {
-                    algorithms: [],
-                    keys: {
-                        "curve25519:ABCDEFG": "device+curve25519+key",
-                        "ed25519:ABCDEFG": "a+different+device+ed25519+key",
-                    },
-                    verified: false,
-                    known: false,
-                    unsigned: {},
-                },
-                "ABCDEFG",
-            );
-            const client = {
-                getStoredDevice: jest.fn().mockReturnValue(device),
-                setDeviceVerified: jest.fn(),
-            };
-            const channel = {
-                send: jest.fn(),
-            };
-            const qrCode = new ScanQRCode(
-                channel, client, "@alice:example.com", "ABCDEFG");
-            qrCode.on("scan", ({done}) => {
-                done(QR_CODE_URL);
-            });
-            const spy = jest.fn();
-            await qrCode.verify().catch(spy);
-            expect(spy).toHaveBeenCalled();
-            expect(channel.send).toHaveBeenCalled();
-            expect(client.getStoredDevice).toHaveBeenCalled();
-            expect(client.setDeviceVerified).not.toHaveBeenCalled();
+    describe("reciprocate", () => {
+        it("should verify the secret", () => {
+            // TODO: Actually write a test for this.
+            // Tests are hard because we are running before the verification
+            // process actually begins, and are largely UI-driven rather than
+            // logic-driven (compared to something like SAS). In the interest
+            // of time, tests are currently excluded.
         });
     });
 });
@@ -41,29 +41,38 @@ import {
 import {SECRET_STORAGE_ALGORITHM_V1, SecretStorage} from './SecretStorage';
 import {OutgoingRoomKeyRequestManager} from './OutgoingRoomKeyRequestManager';
 import {IndexedDBCryptoStore} from './store/indexeddb-crypto-store';
-import {ScanQRCode, ShowQRCode} from './verification/QRCode';
+import {
+    ReciprocateQRCode,
+    SCAN_QR_CODE_METHOD,
+    SHOW_QR_CODE_METHOD,
+} from './verification/QRCode';
 import {SAS} from './verification/SAS';
 import {keyFromPassphrase} from './key_passphrase';
 import {encodeRecoveryKey} from './recoverykey';
 import {VerificationRequest} from "./verification/request/VerificationRequest";
 import {InRoomChannel, InRoomRequests} from "./verification/request/InRoomChannel";
 import {ToDeviceChannel, ToDeviceRequests} from "./verification/request/ToDeviceChannel";
 import * as httpApi from "../http-api";
+import {IllegalMethod} from "./verification/IllegalMethod";
 
 const DeviceVerification = DeviceInfo.DeviceVerification;
 
 const defaultVerificationMethods = {
-    [ScanQRCode.NAME]: ScanQRCode,
-    [ShowQRCode.NAME]: ShowQRCode,
+    [ReciprocateQRCode.NAME]: ReciprocateQRCode,
     [SAS.NAME]: SAS,
+
+    // These two can't be used for actual verification, but we do
+    // need to be able to define them here for the verification flows
+    // to start.
+    [SHOW_QR_CODE_METHOD]: IllegalMethod,
+    [SCAN_QR_CODE_METHOD]: IllegalMethod,
 };
 
 /**
  * verification method names
  */
 export const verificationMethods = {
-    QR_CODE_SCAN: ScanQRCode.NAME,
-    QR_CODE_SHOW: ShowQRCode.NAME,
+    RECIPROCATE_QR_CODE: ReciprocateQRCode.NAME,
     SAS: SAS.NAME,
 };
 
@@ -132,6 +141,8 @@ export function Crypto(baseApis, sessionStore, userId, deviceId,
                     method.NAME,
                     method,
                 );
+            } else {
+                console.warn(`Excluding unknown verification method ${method}`);
             }
         }
     }

@@ -0,0 +1,43 @@
+/*
+Copyright 2020 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+/**
+ * Verification method that is illegal to have (cannot possibly
+ * do verification with this method).
+ * @module crypto/verification/IllegalMethod
+ */
+
+import {VerificationBase as Base} from "./Base";
+
+/**
+ * @class crypto/verification/IllegalMethod/IllegalMethod
+ * @extends {module:crypto/verification/Base}
+ */
+export class IllegalMethod extends Base {
+    static factory(...args) {
+        return new IllegalMethod(...args);
+    }
+
+    static get NAME() {
+        // Typically the name will be something else, but to complete
+        // the contract we offer a default one here.
+        return "org.matrix.illegal_method";
+    }
+
+    async _doVerification() {
+        throw new Error("Verification is not possible with this method");
+    }
+}