Handle backup secret gossip #3778
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
richvdh
requested changes
Oct 17, 2023
src/rust-crypto/backup.ts
Outdated
| * @param backupDecryptionKey - The `BackupDecryptionKey` private key to check against. | ||
| * @returns `true` if the private key can decrypt the backup, `false` otherwise. | ||
| */ | ||
| private backupInfoMatchesBackupDecryptionKey( |
There was a problem hiding this comment.
can we use this in isKeyBackupTrusted? I think we just need
const backupMatchesSavedPrivateKey = backupKeys?.decryptionKey !== undefined && backupInfoMatchesBackupDecruptionKey(info, backupKeys.decryptionKey);
There was a problem hiding this comment.
not anymore because as per previous comment we move it to a standalone function
There was a problem hiding this comment.
It's not a big deal, but I don't understand why that makes any difference.
Here's what I'm suggesting, in full:
/**
* Determine if a key backup can be trusted.
*
* @param info - key backup info dict from {@link MatrixClient#getKeyBackupVersion}.
*/
public async isKeyBackupTrusted(info: KeyBackupInfo): Promise<BackupTrustInfo> {
const signatureVerification: SignatureVerification = await this.olmMachine.verifyBackup(info);
const backupKeys: RustSdkCryptoJs.BackupKeys = await this.olmMachine.getBackupKeys();
const decryptionKey = backupKeys?.decryptionKey;
const backupMatchesSavedPrivateKey = !!decryptionKey && backupInfoMatchesBackupDecryptionKey(info, decryptionKey);
return {
matchesDecryptionKey: backupMatchesSavedPrivateKey,
trusted: signatureVerification.trusted(),
};
}does that not work?
There was a problem hiding this comment.
Didn't know about the !! trick.
Yes it should work, looks better, updated.
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]>
richvdh
approved these changes
Oct 19, 2023
Co-authored-by: Richard van der Hoff <[email protected]>
…into valere/element-r/backup/gossip
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes element-hq/element-web#26288
Second step will be to automatically restore after the secret is received (in a following PR)
Checklist
This change is marked as an internal change (Task), so will not be included in the changelog.