Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve handling of invalid keys on message compose #2438

Closed
sosnovsky opened this issue Nov 15, 2023 · 3 comments · Fixed by #2458
Closed

Improve handling of invalid keys on message compose #2438

sosnovsky opened this issue Nov 15, 2023 · 3 comments · Fixed by #2458
Assignees
@ioanmo226
Labels
actionable
Milestone
1.3.0: Maintenance

Comments

@sosnovsky
Copy link
Collaborator

When user tries to send encrypted message, but stored local keys are invalid (expired or revoked) then we just show Your account keys are not usable for encryption error message:

In this case, before showing error message, we should try to fetch updated keys from EKM and show error only if there are no valid keys on EKM.
@sosnovsky sosnovsky added this to the 1.3.0: Maintenance milestone Nov 15, 2023
@ioanmo226
Copy link
Collaborator

Currently, I don't believe retrieving the public key is related to EKM. We only seem to use EKM for fetching and updating private keys, during which we update KeypairRealmObject. However, for retrieving public keys, we use RecipientRealmObject.

Should I add functionality to retrieve public keys from KeypairRealmObject as well?
Or am I misunderstanding something here?

flowcrypt-ios/FlowCrypt/Functionality/Services/Local Contacts Provider/LocalContactsProvider.swift

Line 147 in de5c954

try storage.object(ofType: RecipientRealmObject.self, forPrimaryKey: email)

flowcrypt-ios/FlowCrypt/Functionality/DataManager/Encrypted Storage/EncryptedStorage.swift

Line 194 in 914a16e

let object = try KeypairRealmObject(key, passphrase: passPhrase, source: source, user: user)

In this case, before showing error message, we should try to fetch updated keys from EKM and show error only if there are no valid keys on EKM.

@sosnovsky
Copy link
Collaborator Author

Here I meant retrieving of private keys, as it was reported by customer - some user had expired private key on EKM and couldn't sent encrypted message. Then key on EKM was updated but user still got error keys are not usable for encryption, as updated key wasn't fetched.

So here we should attempt to fetch the latest keys from EKM if sender's local keys can't be used for encryption.

@ioanmo226
Copy link
Collaborator

Aha, I see

This was referenced Nov 30, 2023
Closed
Merged
sosnovsky pushed a commit that referenced this issue Dec 1, 2023
@ioanmo226
#2438 improve handling of invalid keys on message compose (#2458)
4b3e6d8 
* feat: refresh EKM keys for invalid keys on message screen

* temp: ts module

* Revert "temp: ts module"

This reverts commit b2c526d.

* temp: remove cache restore

* Revert "temp: remove cache restore"

This reverts commit 7b02e4a.

* fix: node version
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ioanmo226 ioanmo226

Labels
actionable
Projects
None yet
Milestone
1.3.0: Maintenance
2 participants
@sosnovsky @ioanmo226