Skip to content

Add restoreKeybackup to CryptoApi. #4476

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
florianduros merged 39 commits into from
Nov 13, 2024
Merged

Add restoreKeybackup to CryptoApi. #4476

florianduros merged 39 commits into from
Nov 13, 2024
+540 −64

Conversation

@florianduros
Copy link
Contributor

@florianduros florianduros commented Oct 29, 2024
edited
Loading

Checklist

  • Tests written for new code (and old code if feasible).
  • New or updated public/exported symbols have accurate TSDoc documentation.
  • Linter and other CI checks pass.
  • Sign-off given on the changes (see CONTRIBUTING.md).

Task element-hq/element-web#26922

The goal is to simplify the restoreKeyBackup api and move it out of the MatrixClient to the CryptoApi.

  • Added two methods to CryptoApi
    • restoreKeyBackup
      • if a recovery key is provided, we use it otherwise we try to getting form our local cache or from the secret storage.
      • In RestoreKeyBackupDialog we never target a specific session or room when calling the restoreKeyBackup* consequently I get rid of the targetRoomId and targetSessionId.
      • Also IKeyBackupRestoreOpts.cacheCompleteCallback is not used in RestoreKeyBackupDialog, I removed also this parameter.
      • Instead of having the keyBackupInfo as a parameter, we directly retrieve it internally.
    • restoreKeyBackupWithPassphrase which is deprecated because deriving a key backup from the passphrase is not in the spec.
    • Moved the key backup specific code into the RustBackupManager.
  • Deprecate the restoreKeyBackup* in MatrixClient

@florianduros florianduros mentioned this pull request Oct 29, 2024
Closed
@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from bc49f0b to 65bf2b0 Compare October 29, 2024 09:55
@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from 65bf2b0 to 5e9ed6b Compare October 29, 2024 10:28
@florianduros florianduros requested a review from richvdh October 29, 2024 10:41
@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from 5e9ed6b to 61c1940 Compare October 29, 2024 10:44
@richvdh
Copy link
Member

richvdh commented Oct 29, 2024

  • Added two methods to CryptoApi

    • restoreKeyBackup

      • I went with the following logic to avoid to have to much public methods to restore a key backup: If a recovery key is provided, we use it otherwise we try to getting form our local cache or from the secret storage.

Sounds sensible.

* In [`RestoreKeyBackupDialog.`](https://github.com/element-hq/element-web/blob/develop/src/components/views/dialogs/security/RestoreKeyBackupDialog.tsx?rgh-link-date=2024-10-29T09%3A43%3A16Z) we never target a specific session or room when calling the `restoreKeyBackup*` consequently I get rid of the `targetRoomId` and `targetSessionId`. However since the `js-sdk` is used also by other clients, should we keep this parameters ?

No. There is no real reason for applications to be restoring keys at the room level (and certainly not at the session level). The crypto stack will fetch keys on demand. Let's drop support for those parameters.

  • restoreKeyBackupWithPassphrase which is deprecated because deriving a key backup from the passphrase is not in the spec. However we are still deriving in EW so we have also to support the restoration. (But maybe we should not deprecated it ? Should we only deprecate the keybackup creation from the passphrase and not the backup restoration)

Yeah, I think that it makes sense to mark restoreKeyBackupWithPassphrase as deprecated.

richvdh
richvdh reviewed Oct 29, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks like a very sensible start. Obviously, please make sure that any new public types and methods are clearly documented, but I think you know that.

@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from eaa2357 to d385c72 Compare October 30, 2024 09:35
@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from bad71c7 to e55aee9 Compare November 6, 2024 17:41
@florianduros florianduros force-pushed the florianduros/rip-out-legacy-crypto/restorekeybackup branch from db068a4 to 250b7e9 Compare November 7, 2024 14:18
@florianduros florianduros requested a review from richvdh November 7, 2024 14:25
richvdh
richvdh reviewed Nov 7, 2024
View reviewed changes
@florianduros florianduros requested a review from richvdh November 8, 2024 09:04
richvdh
richvdh approved these changes Nov 12, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM otherwise

@florianduros florianduros mentioned this pull request Nov 13, 2024
Merged
4 tasks
@florianduros florianduros added this pull request to the merge queue Nov 13, 2024
Merged via the queue into develop with commit c93b7ce Nov 13, 2024
26 checks passed
@florianduros florianduros deleted the florianduros/rip-out-legacy-crypto/restorekeybackup branch November 13, 2024 09:35
Johennes pushed a commit to Johennes/matrix-js-sdk that referenced this pull request Feb 28, 2025
@florianduros @richvdh @Johennes
Add restoreKeybackup to CryptoApi. (matrix-org#4476)
142d6e7 
* First draft of moving out restoreKeyBackup out of MatrixClient

* Deprecate `restoreKeyBackup*` in `MatrixClient`

* Move types

* Handle only the room keys response

* Renaming and refactor `keysCountInBatch` & `getTotalKeyCount`

* Fix `importRoomKeysAsJson` tsdoc

* Fix typo

* Move `backupDecryptor.free()``

* Comment and simplify a bit `handleDecryptionOfAFullBackup`

* Fix decryption crash by moving`backupDecryptor.free`

* Use new api in `megolm-backup.spec.ts`

* Add tests to get recovery key from secret storage

* Add doc to `KeyBackupRestoreOpts` & `KeyBackupRestoreResult`

* Add doc to `restoreKeyBackupWithKey`

* Add doc to `backup.ts`

* Apply comment suggestions

Co-authored-by: Richard van der Hoff <[email protected]>

* - Decryption key is recovered from the cache in `RustCrypto.restoreKeyBackup`
- Add `CryptoApi.getSecretStorageBackupPrivateKey` to get the decryption key from the secret storage.

* Add `CryptoApi.restoreKeyBackup` to `ImportRoomKeyProgressData` doc.

* Add deprecated symbol to all the `restoreKeyBackup*` overrides.

* Update tests

* Move `RustBackupManager.getTotalKeyCount` to `backup#calculateKeyCountInKeyBackup`

* Fix `RustBackupManager.restoreKeyBackup` tsdoc

* Move `backupDecryptor.free` in rust crypto.

* Move `handleDecryptionOfAFullBackup` in `importKeyBackup`

* Rename `calculateKeyCountInKeyBackup` to `countKeystInBackup`

* Fix `passphrase` typo

* Rename `backupInfoVersion` to `backupVersion`

* Complete restoreKeyBackup* methods documentation

* Add `loadSessionBackupPrivateKeyFromSecretStorage`

* Remove useless intermediary result variable.

* Check that decryption key matchs key backup info in `loadSessionBackupPrivateKeyFromSecretStorage`

* Get backup info from a specific version

* Fix typo in `countKeysInBackup`

* Improve documentation and naming

* Use `RustSdkCryptoJs.BackupDecryptionKey` as `decryptionKeyMatchesKeyBackupInfo` parameter.

* Call directly `olmMachine.getBackupKeys` in `restoreKeyBackup`

* Last review changes

---------

Co-authored-by: Richard van der Hoff <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@richvdh richvdh richvdh approved these changes

@t3chguy t3chguy t3chguy approved these changes

@andybalaam andybalaam Awaiting requested review from andybalaam andybalaam is a code owner automatically assigned from matrix-org/element-crypto-web-reviewers

@uhoreg uhoreg Awaiting requested review from uhoreg uhoreg is a code owner automatically assigned from matrix-org/element-crypto-web-reviewers

Assignees

No one assigned

Labels

T-Deprecation A pull request that makes something deprecated T-Enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@florianduros @richvdh @t3chguy