From c67e67af4ea8872b258229b466d26cc5a4732149 Mon Sep 17 00:00:00 2001 From: Florian Duros Date: Wed, 13 Nov 2024 11:32:06 +0100 Subject: [PATCH 1/2] Use new `CrytoApi.restoreKeyBackup` & `CrytoApi.restoreKeyBackupFromPassphrase` api (#28385) * Use new `CrytoApi.restoreKeyBackup` & `CrytoApi.restoreKeyBackupFromPassprhase` api * Use new `CrytoApi.restoreKeyBackup` api in `SetupEncryptionStore` * Add tests to `RestoreKeyBackupDialog` --- .../security/RestoreKeyBackupDialog.tsx | 81 +++--- src/stores/SetupEncryptionStore.ts | 3 +- test/test-utils/test-utils.ts | 5 + .../security/RestoreKeyBackupDialog-test.tsx | 78 +++++- .../RestoreKeyBackupDialog-test.tsx.snap | 260 ++++++++++++++++++ 5 files changed, 383 insertions(+), 44 deletions(-) diff --git a/src/components/views/dialogs/security/RestoreKeyBackupDialog.tsx b/src/components/views/dialogs/security/RestoreKeyBackupDialog.tsx index 4d29c1cfa34..af84feb8480 100644 --- a/src/components/views/dialogs/security/RestoreKeyBackupDialog.tsx +++ b/src/components/views/dialogs/security/RestoreKeyBackupDialog.tsx @@ -8,9 +8,8 @@ Please see LICENSE files in the repository root for full details. */ import React, { ChangeEvent } from "react"; -import { MatrixClient, MatrixError, SecretStorage } from "matrix-js-sdk/src/matrix"; -import { decodeRecoveryKey, KeyBackupInfo } from "matrix-js-sdk/src/crypto-api"; -import { IKeyBackupRestoreResult } from "matrix-js-sdk/src/crypto/keybackup"; +import { MatrixClient, MatrixError } from "matrix-js-sdk/src/matrix"; +import { decodeRecoveryKey, KeyBackupInfo, KeyBackupRestoreResult } from "matrix-js-sdk/src/crypto-api"; import { logger } from "matrix-js-sdk/src/logger"; import { MatrixClientPeg } from "../../../../MatrixClientPeg"; @@ -42,12 +41,11 @@ interface IProps { interface IState { backupInfo: KeyBackupInfo | null; - backupKeyStored: Record | null; loading: boolean; loadError: boolean | null; restoreError: unknown | null; recoveryKey: string; - recoverInfo: IKeyBackupRestoreResult | null; + recoverInfo: KeyBackupRestoreResult | null; recoveryKeyValid: boolean; forceRecoveryKey: boolean; passPhrase: string; @@ -72,7 +70,6 @@ export default class RestoreKeyBackupDialog extends React.PureComponent => { - if (!this.state.backupInfo) return; + const crypto = MatrixClientPeg.safeGet().getCrypto(); + if (!crypto) return; this.setState({ loading: true, restoreError: null, @@ -146,13 +144,9 @@ export default class RestoreKeyBackupDialog extends React.PureComponent => { - if (!this.state.recoveryKeyValid || !this.state.backupInfo) return; + const crypto = MatrixClientPeg.safeGet().getCrypto(); + if (!this.state.recoveryKeyValid || !this.state.backupInfo?.version || !crypto) return; this.setState({ loading: true, @@ -180,13 +175,14 @@ export default class RestoreKeyBackupDialog extends React.PureComponent { + private async restoreWithSecretStorage(): Promise { + const crypto = MatrixClientPeg.safeGet().getCrypto(); + if (!crypto) return false; + this.setState({ - loading: true, restoreError: null, restoreType: RestoreType.SecretStorage, }); try { + let recoverInfo: KeyBackupRestoreResult | null = null; // `accessSecretStorage` may prompt for storage access as needed. await accessSecretStorage(async (): Promise => { - if (!this.state.backupInfo) return; - await MatrixClientPeg.safeGet().restoreKeyBackupWithSecretStorage( - this.state.backupInfo, - undefined, - undefined, - { progressCallback: this.progressCallback }, - ); + await crypto.loadSessionBackupPrivateKeyFromSecretStorage(); + recoverInfo = await crypto.restoreKeyBackup({ progressCallback: this.progressCallback }); }); this.setState({ loading: false, + recoverInfo, }); + return true; } catch (e) { - logger.log("Error restoring backup", e); + logger.log("restoreWithSecretStorage failed:", e); this.setState({ restoreError: e, loading: false, }); + return false; } } private async restoreWithCachedKey(backupInfo: KeyBackupInfo | null): Promise { - if (!backupInfo) return false; + const crypto = MatrixClientPeg.safeGet().getCrypto(); + if (!crypto) return false; try { - const recoverInfo = await MatrixClientPeg.safeGet().restoreKeyBackupWithCache( - undefined /* targetRoomId */, - undefined /* targetSessionId */, - backupInfo, - { progressCallback: this.progressCallback }, - ); + const recoverInfo = await crypto.restoreKeyBackup({ progressCallback: this.progressCallback }); this.setState({ recoverInfo, }); @@ -270,7 +263,6 @@ export default class RestoreKeyBackupDialog extends React.PureComponent ", () => { + const keyBackupRestoreResult = { + total: 2, + imported: 1, + }; + + let matrixClient: MatrixClient; beforeEach(() => { - stubClient(); + matrixClient = stubClient(); jest.spyOn(recoveryKeyModule, "decodeRecoveryKey").mockReturnValue(new Uint8Array(32)); + jest.spyOn(matrixClient, "getKeyBackupVersion").mockResolvedValue({ version: "1" } as KeyBackupInfo); }); it("should render", async () => { @@ -48,4 +57,71 @@ describe("", () => { await waitFor(() => expect(screen.getByText("👍 This looks like a valid Security Key!")).toBeInTheDocument()); expect(asFragment()).toMatchSnapshot(); }); + + it("should restore key backup when the key is cached", async () => { + jest.spyOn(matrixClient.getCrypto()!, "restoreKeyBackup").mockResolvedValue(keyBackupRestoreResult); + + const { asFragment } = render(); + await waitFor(() => expect(screen.getByText("Successfully restored 1 keys")).toBeInTheDocument()); + expect(asFragment()).toMatchSnapshot(); + }); + + it("should restore key backup when the key is in secret storage", async () => { + jest.spyOn(matrixClient.getCrypto()!, "restoreKeyBackup") + // Reject when trying to restore from cache + .mockRejectedValueOnce(new Error("key backup not found")) + // Resolve when trying to restore from secret storage + .mockResolvedValue(keyBackupRestoreResult); + jest.spyOn(matrixClient.secretStorage, "hasKey").mockResolvedValue(true); + jest.spyOn(matrixClient, "isKeyBackupKeyStored").mockResolvedValue({}); + + const { asFragment } = render(); + await waitFor(() => expect(screen.getByText("Successfully restored 1 keys")).toBeInTheDocument()); + expect(asFragment()).toMatchSnapshot(); + }); + + it("should restore key backup when security key is filled by user", async () => { + jest.spyOn(matrixClient.getCrypto()!, "restoreKeyBackup") + // Reject when trying to restore from cache + .mockRejectedValueOnce(new Error("key backup not found")) + // Resolve when trying to restore from recovery key + .mockResolvedValue(keyBackupRestoreResult); + + const { asFragment } = render(); + await waitFor(() => expect(screen.getByText("Enter Security Key")).toBeInTheDocument()); + + await userEvent.type(screen.getByRole("textbox"), "my security key"); + await userEvent.click(screen.getByRole("button", { name: "Next" })); + + await waitFor(() => expect(screen.getByText("Successfully restored 1 keys")).toBeInTheDocument()); + expect(asFragment()).toMatchSnapshot(); + }); + + test("should restore key backup when passphrase is filled", async () => { + // Determine that the passphrase is required + jest.spyOn(matrixClient, "getKeyBackupVersion").mockResolvedValue({ + version: "1", + auth_data: { + private_key_salt: "salt", + private_key_iterations: 1, + }, + } as KeyBackupInfo); + + jest.spyOn(matrixClient.getCrypto()!, "restoreKeyBackup") + // Reject when trying to restore from cache + .mockRejectedValue(new Error("key backup not found")); + + jest.spyOn(matrixClient.getCrypto()!, "restoreKeyBackupWithPassphrase").mockResolvedValue( + keyBackupRestoreResult, + ); + + const { asFragment } = render(); + await waitFor(() => expect(screen.getByText("Enter Security Phrase")).toBeInTheDocument()); + // Not role for password https://github.com/w3c/aria/issues/935 + await userEvent.type(screen.getByTestId("passphraseInput"), "my passphrase"); + await userEvent.click(screen.getByRole("button", { name: "Next" })); + + await waitFor(() => expect(screen.getByText("Successfully restored 1 keys")).toBeInTheDocument()); + expect(asFragment()).toMatchSnapshot(); + }); }); diff --git a/test/unit-tests/components/views/dialogs/security/__snapshots__/RestoreKeyBackupDialog-test.tsx.snap b/test/unit-tests/components/views/dialogs/security/__snapshots__/RestoreKeyBackupDialog-test.tsx.snap index 5990d482b8c..1b14530b902 100644 --- a/test/unit-tests/components/views/dialogs/security/__snapshots__/RestoreKeyBackupDialog-test.tsx.snap +++ b/test/unit-tests/components/views/dialogs/security/__snapshots__/RestoreKeyBackupDialog-test.tsx.snap @@ -296,3 +296,263 @@ exports[` should render 1`] = ` /> `; + +exports[` should restore key backup when passphrase is filled 1`] = ` + +
+