From 507aa3c61caf3ed6a5bef9d01d9636f2201d3fbc Mon Sep 17 00:00:00 2001 From: FIGBERT Date: Tue, 8 Aug 2023 18:15:52 -0700 Subject: [PATCH] Use recovery code with all verification methods The previous commit made one attempt at fixing an issue with verifying keys, but was misguided: the issue at hand was not in attempting the wrong method of authorization, but rather what was *passed* to the method. Namely, the account password as opposed to the recovery phrase. Regardless of terminology, the latter should be used. Certain code has been restored, while the password parameter remains deleted. --- headless/headless.go | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/headless/headless.go b/headless/headless.go index ddb856c..9d92417 100644 --- a/headless/headless.go +++ b/headless/headless.go @@ -147,11 +147,19 @@ func getSSSS(mach *crypto.OlmMachine, recoveryPhrase string) (*ssss.Key, error) } } - key, err := keyData.VerifyRecoveryKey(recoveryPhrase) - if errors.Is(err, ssss.ErrInvalidRecoveryKey) { - return nil, fmt.Errorf("Malformed recovery key") - } else if errors.Is(err, ssss.ErrIncorrectSSSSKey) { - return nil, fmt.Errorf("Incorrect recovery key") + var key *ssss.Key + if keyData.Passphrase != nil && keyData.Passphrase.Algorithm == ssss.PassphraseAlgorithmPBKDF2 { + key, err = keyData.VerifyPassphrase(recoveryPhrase) + if errors.Is(err, ssss.ErrIncorrectSSSSKey) { + return nil, fmt.Errorf("Incorrect passphrase") + } + } else { + key, err = keyData.VerifyRecoveryKey(recoveryPhrase) + if errors.Is(err, ssss.ErrInvalidRecoveryKey) { + return nil, fmt.Errorf("Malformed recovery key") + } else if errors.Is(err, ssss.ErrIncorrectSSSSKey) { + return nil, fmt.Errorf("Incorrect recovery key") + } } // All the errors should already be handled above, this is just for backup if err != nil {