Migrate own identity local trust to rust crypto #4090
Conversation
BillCarsonFr
changed the title
I might be confused, but I don't think that is what we normally mean by "verification"? Or is it? |
Am I right in understanding that this only applies to legacy crypto? When I read the description in the PR I assumed it was a general description of how MSK trust works in both legacy and ER -- is that not correct? |
It's a bit ambiguous. I think we generally lack a great term for the concept that encompasses both
Semantically, this is authentication of the user identity. We're also referring to this as "trusting" or "establishing trust" in various places, but some people found that confusing for whatever reason. This is an area which would benefit from some spec work, in order to introduce and define sensible terms and consolidate all public resources to use them consistently. |
spec/test-utils/test_indexeddb_cryptostore_dump/unverified/README.md
Outdated
Show resolved
Hide resolved
spec/test-utils/test_indexeddb_cryptostore_dump/no_cached_msk_dump/index.ts
Outdated
Show resolved
Hide resolved
src/rust-crypto/libolm_migration.ts
Outdated
| /** The logger to use */ | ||
| logger: Logger; | ||
| }): Promise<void> { | ||
| const { legacyCryptoStore, rustCrypto, logger } = args; | ||
| // Now get the cross-signing identity from rust. | ||
| // If this is null that means that there are no cross-signing keys published server side. |
There was a problem hiding this comment.
this line is redundant to the comment on line 416 now: that's why I asked you to split out the if statements, and why my suggestion removed this comment.
There was a problem hiding this comment.
| // If this is null that means that there are no cross-signing keys published server side. |
src/rust-crypto/index.ts
Outdated
| @@ -197,6 +201,14 @@ async function initOlmMachine( | |||
| // It will be retried by the sdk. | |||
There was a problem hiding this comment.
It's a bit more annoying for migrating local trust, as if it fails we wont migrate local trust. But worst case you'll have to verify manually after?
Right, this is my point. We decided that having to re-verify was unacceptable, didn't we? Especially given we don't actually tell the user they have to re-verify.
Tbh, I feel like it would be a lesser evil to block the application here - ie, sit in a loop repeatedly retrying userHasCrossSigningKeys until it works. [We know that the server is reachable, because we've already done a /room_keys/version request?] Or we could try once, and if that doesn't work, fire off a background thread to keep retrying in a loop?
spec/test-utils/test_indexeddb_cryptostore_dump/full_account/index.ts
Outdated
Show resolved
Hide resolved
spec/test-utils/test_indexeddb_cryptostore_dump/full_account/README.md
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Still a few comments I'm afraid. Some of this is getting a bit nit-picky so feel free to push back if you think it's excessive. The only thing that I think really matters is the part about updating the trust if the initial /keys/query request fails.
Also please look above: there are a few unresolved threads.
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
…s://github.com/matrix-org/matrix-js-sdk into valere/element-r/migrate_local_trust_if_needed
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
src/rust-crypto/libolm_migration.ts
Outdated
| /** The logger to use */ | ||
| logger: Logger; | ||
| }): Promise<void> { | ||
| const { legacyCryptoStore, rustCrypto, logger } = args; | ||
| // Now get the cross-signing identity from rust. | ||
| // If this is null that means that there are no cross-signing keys published server side. |
There was a problem hiding this comment.
| // If this is null that means that there are no cross-signing keys published server side. |
| /** Additional dump info specific for some tests.*/ | ||
| [key: string]: any; |
There was a problem hiding this comment.
I don't think this is necessary: a class can have additional fields which aren't specified in an interface.
| /** Additional dump info specific for some tests.*/ | |
| [key: string]: any; |
There was a problem hiding this comment.
I am getting that error Object literal may only specify known properties if it's not there
Fixes: element-hq/element-web#27079
When you log in with a new session, that session will do a
/keys/queryto see if the user has existing published cross-signing keys. The new login has now to decide if these published keys can be trusted.This is done by performing verification:
storeTrustedSelfKeys. Later on the the new session will request the private keys from the existing session via secret gossiping.There are several cases where you can end up with a trusted session that doesn't have the private MSK, for example it can happen if the session you verified against don't have it, or if secret gossiping failed for some reason.
The problem is that rust crypto will only consider the current session as trusted if we import the private MSK itself.
That means that a legacy trusted session that does not have the MSK in cache will revert to untrusted after migration.
This PR adds a way to detect that case, and then mark the migrated session as trusted (
mark_as_verified) if the legacy session was trusted. (aka migration of local trust of own identity).Checklist