e2e key backups #684
e2e key backups #684
Conversation
src/client.js
Outdated
| keys.push(key); | ||
| return this.importRoomKeys(keys); | ||
| } else { | ||
| callback("aargh!"); |
There was a problem hiding this comment.
we might need to do better than aargh ;)
|
@dbkr here is the initial draft of the API. I haven't really tested it to see if it actually works yet -- this is mainly to give a general idea of what the API might look like (and to give a somewhat plausible implementation). If you have any suggestions for improving the API (especially to make it fit in better with the rest of the SDK), let me know. As far as implementation goes, I'm guessing you'll probably want to just replace things with stubs when you're doing the UI work, until I get it all working and tested. The general idea is that you would call To restore from the key backup, you would call You can also delete keys from the backup by calling Currently missing are:
|
…nto uhoreg-e2e_backups
…nto uhoreg-e2e_backups
Continues from uhoreg's branch
Add method to check if a given string is a valid recovery key
wasm Olm has a new interface: it now has an init method that needs to be called and the promise it returns waited on before the Olm module is used. Support that, and allow Crypto etc to be imported whether Olm is enabled or not. Change whether olm is enabled to be async since now it will be unavailable if the async module init fails. Don't call getOlmVersion() until the Olm.init() is done.
By doing `Olm = global.Olm` on script load, we require that Olm is available right from the start, which isn't really necessary. As long as it appears some time before we actually want to use it, this is fine (we can probably assume it's not going to go away again..?) This means Riot doesn't need to faff about making sure olm is loaded before starting anything else.
base58check seems way overcomplicated for this purpose (plus the module was exporting an es6 file, breaking the js-sdk build). A parity check empirically detects single substitution and transposition errors. Another option would be Luhn's algorithm.
There was a problem hiding this comment.
Looking good. Remaining things I think:
- Remove XXXs from
matrix-js-sdk/src/crypto/algorithms/megolm.js
Line 852 in 258adda
- Localstorage crypto store (for Firefox in private mode).
- We should also trigger a backup from
matrix-js-sdk/src/crypto/algorithms/megolm.js
Line 969 in 258adda
| sessionData: sessionGetReq.result.session | ||
| }); | ||
| } | ||
| //sessions.push(cursor.value); |
| const objectStore = txn.objectStore("sessions_needing_backup"); | ||
| return Promise.all(sessions.map((session) => { | ||
| return new Promise((resolve, reject) => { | ||
| console.log(session); |
src/crypto/index.js
Outdated
| } | ||
| ); | ||
|
|
||
| this._maybeSendKeyBackup(); |
There was a problem hiding this comment.
should await on this so the backupAllGroupSessions promise doesn't complete until the backup is done
src/crypto/index.js
Outdated
| sessionId: sessionId, | ||
| }]); | ||
|
|
||
| this._maybeSendKeyBackup(); |
There was a problem hiding this comment.
probably worth awaiting on this too? Actually possibly not: when we call it from megolm we only want to wait for it to be saved to indexeddb, not actually backed up. worth a comment though.
There was a problem hiding this comment.
Actually, I think it does make sense to await here, and then remove the awaits from megolm.
src/crypto/index.js
Outdated
| // FIXME: pause | ||
| } | ||
| } while (!successful); | ||
| // FIXME: pause between iterations? |
There was a problem hiding this comment.
to consolidate my comments from the individual commits, we should put the pause in, or just stop & retry next time a backup is triggered which would be my inclination.
|
lgtm once new Olm is released |
src/crypto/index.js
Outdated
| const encrypted = this.backupKey.encrypt(JSON.stringify(sessionData)); | ||
|
|
||
| data[roomId]['sessions'][session.sessionId] = { | ||
| first_message_index: 1, // FIXME |
There was a problem hiding this comment.
Comment to make sure I don't keep forgetting to fix this
| return null; | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
This is a bit magic, but given the name of the function I can't really suggest anything better. Maybe in the future we can deprecate the 3 arg usage of this function altogether.
| }, | ||
| ); | ||
|
|
||
| await this._maybeSendKeyBackup(); |
There was a problem hiding this comment.
backupAllGroupSessions is called on user action but _maybeSendKeyBackup can delay its actual execution randomly up to 10s.
In the context of this function, we would like _maybeSendKeyBackup to start ASAP.
There was a problem hiding this comment.
NB. I've added a delay param in #736
| delete sessionData.first_known_index; | ||
| const encrypted = this.backupKey.encrypt(JSON.stringify(sessionData)); | ||
|
|
||
| const forwardedCount = |
There was a problem hiding this comment.
There is no forwardingCurve25519KeyChain field in the dict returned by exportInboundGroupSession but forwarding_curve25519_key_chain.
The mix of forwarding_curve25519_key_chain and forwardingCurve25519KeyChain in the js code makes me terrified.
There was a problem hiding this comment.
Good spot - turns out this was completely broken
| @@ -956,6 +973,18 @@ MegolmDecryption.prototype.importRoomKey = function(session) { | |||
| session.sender_claimed_keys, | |||
| true, | |||
| ).then(() => { | |||
| if (this._crypto.backupInfo) { | |||
| // don't wait for it to complete | |||
| this._crypto.backupGroupSession( | |||
There was a problem hiding this comment.
If this method is called because we are restoring keys from the current backup session, it looks inefficient to send back up the key to the homeserver.
There was a problem hiding this comment.
Yeah, at some point we may want to flag keys that came from the backup in the first place (and what version)
|
replaced by #736 |
Follow-on work to #595