Skip to content
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.

Add in a "verify" slash command to confirm signing keys #912

Closed
wants to merge 8 commits into from
Closed

Add in a "verify" slash command to confirm signing keys #912

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
1c221f2
Add in a "verify" slash command to confirm signing keys
kscz May 14, 2017
92ca3c2
Make wording more consistent, notify user of edgecases
kscz May 21, 2017
6897c60
Fix nit to make if conditional more straightforward
kscz May 21, 2017
4be5d88
Prefer const over var, replace validated with verified
kscz May 21, 2017
352f81b
Streamline "accept" dialog and fix missing period
kscz May 23, 2017
68df4a8
Fix missing space before username in verify dialog
kscz May 23, 2017
fbfbcc1
Change acceptance dialog to confirmation dialog
kscz May 23, 2017
97c98b1
Make the confirmation dialog after verification
kscz May 23, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 55 additions & 1 deletion src/SlashCommands.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -282,7 +282,61 @@ var commands = {
}
}
return reject(this.getUsage());
})
}),

// Verify a user, device, and pubkey tuple
verify: new Command("verify", "<userId> <deviceId> <deviceSigningKey>", function(room_id, args) {
if (args) {
var matches = args.match(/^(\S+) +(\S+) +(\S+)$/);
if (matches) {
const userId = matches[1];
const deviceId = matches[2];
const fingerprint = matches[3];

const device = MatrixClientPeg.get().getStoredDevice(userId, deviceId);
if (!device) {
return reject(`Unknown (user, device) pair: (${userId}, ${deviceId})`);
}

if (device.isVerified()) {
if (device.getFingerprint() === fingerprint) {
return reject(`Device already verified!`);
} else {
return reject(`WARNING: Device already verified, but keys do NOT MATCH!`);
}
}

if (device.getFingerprint() === fingerprint) {
MatrixClientPeg.get().setDeviceVerified(
userId, deviceId, true
);

// Tell the user we verified everything!
const QuestionDialog = sdk.getComponent("dialogs.QuestionDialog");
Modal.createDialog(QuestionDialog, {
title: "Verified key",
description: (
<div>
<p>
The signing key you provided matches the signing key you received
from { userId }'s device { deviceId }. Device marked as verified.
</p>
</div>
),
button: "Ok",
hasCancelButton: false,
});

return success();
} else {
return reject(`WARNING: KEY VERIFICATION FAILED! The signing key for ${userId} and device
${deviceId} is "${device.getFingerprint()}" which does not match the provided key
"${fingerprint}". This could mean your communications are being intercepted!`);
}
}
}
return reject(this.getUsage());
}),
};

// helpful aliases
Expand Down