This repository has been archived by the owner on Sep 11, 2024. It is now read-only.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The initial situation is that the user has set up key backups but not 4s (at least possible via the settings of the android-client.)
The aim here is to setup 4s if the passphrase / recovery key is entered correctly and we have access to the backup. Furthermore the signature of the backup is updated to ensure that all clients accept this backup is trusted.
It is assumed that an update of the backup's signature is no problem in this case because this session is the first using 4s and "obviously" trusted.
This is related to the issue element-web issue 27383
and is maybe also related to element-web issue 27100.
restoreBackup & checkForBackupMigrationAndApply
: Start migrating the key backup to 4s if it is observed, that the passphrase /recovery key was entered correctly (checked viabackupTrustInfo?.matchesDecryptionKey
) but the user has no 4s. The start of the migration is introduced by invokingbootstrapSecretStorage
.keyCallback
: Before switching to the rust-crypto.ts the bootstrapSecretStorage got the same value for the "createSecretStorageKey" parameter, but just used it if!storageExists && !keyBackupInfo
. The setting in this PR didn't cause this condition to become true before v1.11.57. Now the CreateSecretStorageDialog opens the RestoreBackupDialog, but does not delegate the recoveryKey to the CreateSecretStorageDialog. This is fixed via extending keyCallback.resignBackupIfRequired
: At the end the signature of the backup is updated using the cross signing keys introduced in this session. This step does NOT upload a new backup and does NOT change the version. The "PUT /room_keys/version/{version}" endpoint is used.What alternatives were considered
setupNewKeyBackup
parameter which leads torust-crypto.ts resetKeyBackup
). This led to a situation where a (quick sign out) caused all messages from the last backup being encrypted forever, because all old room keys where lost and not replaced by new.How you know this is the right solution
I don't know it, but all tests indicate that the original problem does not appear with this. The following database entries where checked in many steps:
account_data, e2e_room_keys_versions, e2e_room_keys, e2e_cross_signing_keys, e2e_cross_signing_signatures, e2e_device_keys_json
The review of this PR should help clearing the question if these changes fix both described problems or give at least an acceptable workaround until proper fixes are done.
Checklist
public
/exported
symbols have accurate TSDoc documentation.Signed-off-by: Michael Schrader [email protected]