Skip to content

Enable key upload to backups where we have the decryption key #4677

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 35 commits into from
Feb 14, 2025
Merged

Enable key upload to backups where we have the decryption key #4677

merged 35 commits into from
Feb 14, 2025

Conversation

ajbura
Copy link
Contributor

@ajbura ajbura commented Feb 3, 2025
edited
Loading

Fixes #4676

Signed-off-by: Ajay Bura [email protected]

Checklist

  • Tests written for new code (and old code if feasible).
  • New or updated public/exported symbols have accurate TSDoc documentation.
  • Linter and other CI checks pass.
  • Sign-off given on the changes (see CONTRIBUTING.md).

@ajbura ajbura requested a review from a team as a code owner February 3, 2025 07:53
@ajbura ajbura requested review from uhoreg and richvdh February 3, 2025 07:53
@github-actions github-actions bot added the Z-Community-PR Issue is solved by a community member's PR label Feb 3, 2025
richvdh
richvdh requested changes Feb 3, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Putting this on hold while we try to understand what bug it is trying to fix, per #4676 (comment).

In any case, we'll need to see an integration test which demonstrates the problem.

@richvdh richvdh changed the title Disable key backup only when both trust via signatures and private key fail Enable key upload to backups where we have the decryption key Feb 3, 2025
richvdh
richvdh reviewed Feb 3, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, the fix looks like it makes sense, but the main thing this is missing is a regression test.

Please could you take a look at matrix-js-sdk/spec/integ/crypto/megolm-backup.spec.ts. In there there are some existing tests for checkKeyBackupAndEnable: please could you take a look at them and see if you can add another which covers your usecase.

@ajbura ajbura requested a review from richvdh February 4, 2025 05:19
richvdh
richvdh reviewed Feb 4, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks generally good to me, thanks.

A few minor requests.

@richvdh richvdh removed their request for review February 13, 2025 17:44
@ajbura ajbura requested a review from richvdh February 14, 2025 09:47
richvdh
richvdh reviewed Feb 14, 2025
View reviewed changes
spec/integ/crypto/verification.spec.ts Outdated
Comment on lines 1279 to 1288
// We are lacking a way to signal that the secret has been received, so we wait a bit..
jest.useRealTimers();
await new Promise((resolve) => {
setTimeout(resolve, 500);
});
jest.useFakeTimers({ doNotFake: ["queueMicrotask"] });

// the backup secret should not be cached
const cachedKey = await aliceClient.getCrypto()!.getSessionBackupPrivateKey();
expect(cachedKey).toBeNull();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be nice to factor the 5 copies of this code out to a helper function, but I'll not insist

spec/integ/crypto/verification.spec.ts Outdated
@@ -1338,7 +1383,7 @@ describe("verification", () => {
async function sendBackupGossipAndExpectVersion(
requestId: string,
secret: string,
expectBackup: KeyBackupInfo,
expectBackup?: KeyBackupInfo | { errcode?: string; error?: string },
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you document the behavior of expectBackup? What does it mean if it is undefined, what if it has an errcode, etc?

@ajbura @richvdh
fix test message typo
a088b95 
Co-authored-by: Richard van der Hoff <[email protected]>
@ajbura ajbura requested a review from richvdh February 14, 2025 12:52
richvdh
richvdh reviewed Feb 14, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nearly there I think!

spec/integ/crypto/verification.spec.ts Outdated
errcode: "M_NOT_FOUND",
error: "No backup found",
},
401,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't this be a 404?

spec/integ/crypto/verification.spec.ts Outdated
Comment on lines 1278 to 1284
new MatrixError(
{
errcode: "M_NOT_FOUND",
error: "No backup found",
},
401,
),
Copy link
Member

@richvdh richvdh Feb 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this could be more neatly written:

Suggested change
new MatrixError(
{
errcode: "M_NOT_FOUND",
error: "No backup found",
},
401,
),
new MatrixError({ errcode: "M_NOT_FOUND", error: "No backup found" }, 404),

@ajbura @richvdh
improve expectBackup param description
bbdb1ed 
Co-authored-by: Richard van der Hoff <[email protected]>
@ajbura ajbura requested a review from richvdh February 14, 2025 14:17
richvdh
richvdh approved these changes Feb 14, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you!

🚢

@richvdh richvdh linked an issue Feb 14, 2025 that may be closed by this pull request
Key backup not signed by MSK, leading to UTDs on new devices element-hq/element-meta#2595
Closed
@richvdh richvdh added this pull request to the merge queue Feb 14, 2025
Merged via the queue into matrix-org:develop with commit a1a0463 Feb 14, 2025
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richvdh richvdh richvdh approved these changes

Assignees
No one assigned
Labels
T-Enhancement Z-Community-PR Issue is solved by a community member's PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Keys are not uploaded to backup if the backup is not signed Key backup not signed by MSK, leading to UTDs on new devices
2 participants
@ajbura @richvdh