Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid key prompts when resetting crypto #4586

Merged
merged 3 commits into from
Dec 17, 2024
Merged

Avoid key prompts when resetting crypto #4586

merged 3 commits into from
Dec 17, 2024

Conversation

dbkr
Copy link
Member

@dbkr dbkr commented Dec 13, 2024

Attempting to get the backup key out of secret storage can cause the user to be prompted for their key, which is not helpful if this is being done as part of a reset. This check was redundant anyway and we can just overwrite the key with the same value.

Also fix docs and remove check for active backup.

Checklist

  • Tests written for new code (and old code if feasible).
  • New or updated public/exported symbols have accurate TSDoc documentation.
  • Linter and other CI checks pass.
  • Sign-off given on the changes (see CONTRIBUTING.md).

@dbkr
Avoid key prompts when resetting crypto
2c8d122 
Attempting to get the backup key out of secret storage can cause
the user to be prompted for their key, which is not helpful if this
is being done as part of a reset. This check was redundant anyway
and we can just overwrite the key with the same value.

Also fix docs and remove check for active backup.
@dbkr dbkr added the T-Defect label Dec 13, 2024
@dbkr dbkr marked this pull request as ready for review December 13, 2024 11:57
@dbkr dbkr requested a review from a team as a code owner December 13, 2024 11:57
@dbkr dbkr requested review from richvdh and BillCarsonFr December 13, 2024 11:57
@richvdh
Copy link
Member

richvdh commented Dec 16, 2024

AIUI this fixes a regression introduced in #4542? Could we get them combined in the changelog?

richvdh
richvdh reviewed Dec 16, 2024
View reviewed changes
src/rust-crypto/rust-crypto.ts
if (backupKeyFromStorage !== backupKeyBase64) {
await this.secretStorage.store("m.megolm_backup.v1", backupKeyBase64);
}
await this.secretStorage.store("m.megolm_backup.v1", backupKeyBase64);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The documentation on this method says "... and we have secret storage active ..." - is that correct?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mmm, doesn't look like there's a way to determine if we have 4s set up, afaics, so I guess I'll just remove that bit.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is this.secretStorageHasAESKey() which is what resetKeyBackup does, but given this is only called from bootstrapSecretStorage, I don't think there's any need to call it.

richvdh
richvdh reviewed Dec 16, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bit alarmed by the fact we can change this stuff without any tests breaking. Is this behaviour actually tested at all?

@dbkr
Copy link
Member Author

dbkr commented Dec 16, 2024

AIUI this fixes a regression introduced in #4542? Could we get them combined in the changelog?

I don't think we have a way of doing that automatically, but we could annotate it and flag it for does the release, although as far as what will do in the changelog, I don't believe it would be any different?

bit alarmed by the fact we can change this stuff without any tests breaking. Is this behaviour actually tested at all?

Behaviour that specific didn't have its own tests, no.

@richvdh
Copy link
Member

richvdh commented Dec 16, 2024

I don't think we have a way of doing that automatically, but we could annotate it and flag it for does the release, although as far as what will do in the changelog, I don't believe it would be any different?

It's a bit of a hobbyhorse of mine, but ideally a changelog would list all the PRs that contributed to making a particular change. In other words, if it takes a few PRs to land the complete feature and shake out the bugs, they all get listed and linked under one entry in the changelog, rather than dotted throughout the changelog. The Synapse changelog does quite a good job of this, for example:

image

@dbkr
Copy link
Member Author

dbkr commented Dec 16, 2024

Ah, I see. Unfortunately I don't think that's a thing supported by https://github.com/t3chguy/release-drafter as far as I can see.

richvdh
richvdh approved these changes Dec 16, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dbkr dbkr added this pull request to the merge queue Dec 17, 2024
Merged via the queue into develop with commit 3219aef Dec 17, 2024
29 checks passed
@dbkr dbkr deleted the dbkr/improve_backup_key_storage branch December 17, 2024 09:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richvdh richvdh richvdh approved these changes

@BillCarsonFr BillCarsonFr Awaiting requested review from BillCarsonFr BillCarsonFr is a code owner automatically assigned from matrix-org/element-crypto-web-reviewers

Assignees
No one assigned
Labels
T-Defect
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dbkr @richvdh