Merge pull request #5181 from nextcloud/feature/dont-spam-user-with-mnemonic-request

Only show mnemonic request dialog when user explicitly wants to enable E2EE
2022-12-09 12:39:27 +01:00 · 2022-12-09 12:39:27 +01:00 · 1baa303519
parent 7a3d30a047 3b6064390c
commit 1baa303519
4 changed files with 25 additions and 0 deletions
--- a/src/gui/accountsettings.cpp
+++ b/src/gui/accountsettings.cpp
@ -258,6 +258,7 @@ void AccountSettings::slotE2eEncryptionGenerateKeys()
 {
    connect(_accountState->account()->e2e(), &ClientSideEncryption::initializationFinished, this, &AccountSettings::slotE2eEncryptionInitializationFinished);
    _accountState->account()->setE2eEncryptionKeysGenerationAllowed(true);
+    _accountState->account()->setAskUserForMnemonic(true);
    _accountState->account()->e2e()->initialize(_accountState->account());
 }

@ -271,6 +272,7 @@ void AccountSettings::slotE2eEncryptionInitializationFinished(bool isNewMnemonic
            displayMnemonic(_accountState->account()->e2e()->_mnemonic);
        }
    }
+    _accountState->account()->setAskUserForMnemonic(false);
 }

 void AccountSettings::slotEncryptFolderFinished(int status)
--- a/src/libsync/account.cpp
+++ b/src/libsync/account.cpp
@ -966,4 +966,15 @@ void Account::setE2eEncryptionKeysGenerationAllowed(bool allowed)
    return _e2eEncryptionKeysGenerationAllowed;
 }

+bool Account::askUserForMnemonic() const
+{
+    return _e2eAskUserForMnemonic;
+}
+
+void Account::setAskUserForMnemonic(const bool ask)
+{
+    _e2eAskUserForMnemonic = ask;
+    emit askUserForMnemonicChanged();
+}
+
 } // namespace OCC
--- a/src/libsync/account.h
+++ b/src/libsync/account.h
@ -86,6 +86,7 @@ class OWNCLOUDSYNC_EXPORT Account : public QObject
    Q_PROPERTY(QString prettyName READ prettyName NOTIFY prettyNameChanged)
    Q_PROPERTY(QUrl url MEMBER _url)
    Q_PROPERTY(bool e2eEncryptionKeysGenerationAllowed MEMBER _e2eEncryptionKeysGenerationAllowed)
+    Q_PROPERTY(bool askUserForMnemonic READ askUserForMnemonic WRITE setAskUserForMnemonic NOTIFY askUserForMnemonicChanged)

 public:
    static AccountPtr create();
@ -314,10 +315,13 @@ public:
    void setE2eEncryptionKeysGenerationAllowed(bool allowed);
    [[nodiscard]] bool e2eEncryptionKeysGenerationAllowed() const;

+    [[nodiscard]] bool askUserForMnemonic() const;
+
 public slots:
    /// Used when forgetting credentials
    void clearQNAMCache();
    void slotHandleSslErrors(QNetworkReply *, QList<QSslError>);
+    void setAskUserForMnemonic(const bool ask);

 signals:
    /// Emitted whenever there's network activity
@ -340,6 +344,7 @@ signals:
    void accountChangedAvatar();
    void accountChangedDisplayName();
    void prettyNameChanged();
+    void askUserForMnemonicChanged();

    /// Used in RemoteWipe
    void appPasswordRetrieved(QString);
@ -370,6 +375,7 @@ private:
    bool _trustCertificates = false;

    bool _e2eEncryptionKeysGenerationAllowed = false;
+    bool _e2eAskUserForMnemonic = false;

    QWeakPointer<Account> _sharedThis;
    QString _id;
--- a/src/libsync/clientsideencryption.cpp
+++ b/src/libsync/clientsideencryption.cpp
@ -1248,6 +1248,12 @@ void ClientSideEncryption::encryptPrivateKey(const AccountPtr &account)
 }

 void ClientSideEncryption::decryptPrivateKey(const AccountPtr &account, const QByteArray &key) {
+    if (!account->askUserForMnemonic()) {
+        qCDebug(lcCse) << "Not allowed to ask user for mnemonic";
+        emit initializationFinished();
+        return;
+    }
+
    QString msg = tr("Please enter your end-to-end encryption passphrase:<br>"
                     "<br>"
                     "Username: %2<br>"