matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-11-23 17:02:25 +03:00
Code Activity

CryptoApi.resetEncryption should always create a new key backup (#4648)

Browse Source 
* fix(crypto api): `resetEncryption` always calls `resetKeyBackup`

* test(crypto api): update `resetEncryption` tests

* chore(crypto api): add logging in `resetEncryption`
This commit is contained in:
Florian Duros
2025-01-23 16:35:37 +01:00
committed by GitHub
parent c0e30ceca0
commit ed397d99ed
3 changed files with 13 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
spec/unit/rust-crypto/rust-crypto.spec.ts
View File

@@ -1896,22 +1896,6 @@ describe("RustCrypto", () => {
}); });
it("reset should reset 4S, backup and cross-signing", async () => { it("reset should reset 4S, backup and cross-signing", async () => {
// We don't have a key backup
fetchMock.get("path:/_matrix/client/v3/room_keys/version", {});
const rustCrypto = await makeTestRustCrypto(makeMatrixHttpApi(), undefined, undefined, secretStorage);
const authUploadDeviceSigningKeys = jest.fn();
await rustCrypto.resetEncryption(authUploadDeviceSigningKeys);
// The default key id should be deleted
expect(secretStorage.setDefaultKeyId).toHaveBeenCalledWith(null);
expect(await rustCrypto.getActiveSessionBackupVersion()).toBeNull();
// The new cross signing keys should be uploaded
expect(authUploadDeviceSigningKeys).toHaveBeenCalledWith(expect.any(Function));
});
it("key backup should be re-enabled after reset", async () => {
// When we will delete the key backup // When we will delete the key backup
let backupIsDeleted = false; let backupIsDeleted = false;
fetchMock.delete("path:/_matrix/client/v3/room_keys/version/1", () => { fetchMock.delete("path:/_matrix/client/v3/room_keys/version/1", () => {
@@ -1923,6 +1907,13 @@ describe("RustCrypto", () => {
return backupIsDeleted ? {} : testData.SIGNED_BACKUP_DATA; return backupIsDeleted ? {} : testData.SIGNED_BACKUP_DATA;
}); });
// A new key backup should be created after the reset
let newKeyBackupInfo!: KeyBackupInfo;
fetchMock.post("path:/_matrix/client/v3/room_keys/version", (res, options) => {
newKeyBackupInfo = JSON.parse(options.body as string);
return { version: "2" };
});
// We consider the key backup as trusted // We consider the key backup as trusted
jest.spyOn(RustBackupManager.prototype, "isKeyBackupTrusted").mockResolvedValue({ jest.spyOn(RustBackupManager.prototype, "isKeyBackupTrusted").mockResolvedValue({
trusted: true, trusted: true,
@@ -1933,13 +1924,6 @@ describe("RustCrypto", () => {
// We have a key backup // We have a key backup
expect(await rustCrypto.getActiveSessionBackupVersion()).not.toBeNull(); expect(await rustCrypto.getActiveSessionBackupVersion()).not.toBeNull();
// A new key backup should be created after the reset
let newKeyBackupInfo!: KeyBackupInfo;
fetchMock.post("path:/_matrix/client/v3/room_keys/version", (res, options) => {
newKeyBackupInfo = JSON.parse(options.body as string);
return { version: "2" };
});
const authUploadDeviceSigningKeys = jest.fn(); const authUploadDeviceSigningKeys = jest.fn();
await rustCrypto.resetEncryption(authUploadDeviceSigningKeys); await rustCrypto.resetEncryption(authUploadDeviceSigningKeys);

2
src/crypto-api/index.ts
View File

@@ -401,7 +401,7 @@ export interface CryptoApi {
* - Disable backing up room keys and delete any existing backups. * - Disable backing up room keys and delete any existing backups.
* - Remove the default secret storage key from the account data (ie: the recovery key). * - Remove the default secret storage key from the account data (ie: the recovery key).
* - Reset the cross-signing keys. * - Reset the cross-signing keys.
* - Re-enable backing up room keys if enabled before. * - Create a new key backup.
* *
* @param authUploadDeviceSigningKeys - Callback to authenticate the upload of device signing keys. * @param authUploadDeviceSigningKeys - Callback to authenticate the upload of device signing keys.
* Used when resetting the cross signing keys. * Used when resetting the cross signing keys.

8
src/rust-crypto/rust-crypto.ts
View File

@@ -1477,7 +1477,7 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
* Implementation of {@link CryptoApi#resetEncryption}. * Implementation of {@link CryptoApi#resetEncryption}.
*/ */
public async resetEncryption(authUploadDeviceSigningKeys: UIAuthCallback<void>): Promise<void> { public async resetEncryption(authUploadDeviceSigningKeys: UIAuthCallback<void>): Promise<void> {
const backupEnabled = (await this.backupManager.getActiveBackupVersion()) !== null; this.logger.debug("resetEncryption: resetting encryption");
// Disable backup, and delete all the backups from the server // Disable backup, and delete all the backups from the server
await this.backupManager.deleteAllKeyBackupVersions(); await this.backupManager.deleteAllKeyBackupVersions();
@@ -1491,10 +1491,10 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventH
authUploadDeviceSigningKeys, authUploadDeviceSigningKeys,
}); });
// If key backup was enabled, we create a new backup // Create a new key backup
if (backupEnabled) {
await this.resetKeyBackup(); await this.resetKeyBackup();
}
this.logger.debug("resetEncryption: ended");
} }
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////