element-hq · dbkr · Jan 16, 2025 · Dec 4, 2024 · Dec 4, 2024 · Dec 6, 2024
@@ -66,6 +66,9 @@ test.describe("Cryptography", function () {
             // Bob has a second, not cross-signed, device
             const bobSecondDevice = await createSecondBotDevice(page, homeserver, bob);
 
+            // Dismiss the toast nagging us to set up recovery otherwise it gets in the way of clicking the room list
+            await page.getByRole("button", { name: "Not now" }).click();
+
             await bob.sendEvent(testRoomId, null, "m.room.encrypted", {
                 algorithm: "m.megolm.v1.aes-sha2",
                 ciphertext: "the bird is in the hand",

@@ -413,3 +413,25 @@ export async function createSecondBotDevice(page: Page, homeserver: HomeserverIn
     await bobSecondDevice.prepareClient();
     return bobSecondDevice;
 }
+
+/**
+ * Remove the cached secrets from the indexedDB
+ * This is a workaround to simulate the case where the secrets are not cached.
+ */
+export async function deleteCachedSecrets(page: Page) {
+    await page.evaluate(async () => {
+        const removeCachedSecrets = new Promise((resolve) => {
+            const request = window.indexedDB.open("matrix-js-sdk::matrix-sdk-crypto");
+            request.onsuccess = async (event: Event & { target: { result: IDBDatabase } }) => {
+                const db = event.target.result;
+                const request = db.transaction("core", "readwrite").objectStore("core").delete("private_identity");
+                request.onsuccess = () => {
+                    db.close();
+                    resolve(undefined);
+                };
+            };
+        });
+        await removeCachedSecrets;
+    });
+    await page.reload();
+}
@@ -6,13 +6,13 @@
  */
 
 import { GeneratedSecretStorageKey } from "matrix-js-sdk/src/crypto-api";
-import { Page } from "@playwright/test";
 
 import { test, expect } from ".";
 import {
     checkDeviceIsConnectedKeyBackup,
     checkDeviceIsCrossSigned,
     createBot,
+    deleteCachedSecrets,
     verifySession,
 } from "../../crypto/utils";
 
@@ -154,25 +154,3 @@ test.describe("Recovery section in Encryption tab", () => {
         },
     );
 });
-
-/**
- * Remove the cached secrets from the indexedDB
- * This is a workaround to simulate the case where the secrets are not cached.
- */
-async function deleteCachedSecrets(page: Page) {
-    await page.evaluate(async () => {
-        const removeCachedSecrets = new Promise((resolve) => {
-            const request = window.indexedDB.open("matrix-js-sdk::matrix-sdk-crypto");
-            request.onsuccess = async (event: Event & { target: { result: IDBDatabase } }) => {
-                const db = event.target.result;
-                const request = db.transaction("core", "readwrite").objectStore("core").delete("private_identity");
-                request.onsuccess = () => {
-                    db.close();
-                    resolve(undefined);
-                };
-            };
-        });
-        await removeCachedSecrets;
-    });
-    await page.reload();
-}
diff --git a/res/css/structures/_ToastContainer.pcss b/res/css/structures/_ToastContainer.pcss
@@ -141,7 +141,7 @@ Please see LICENSE files in the repository root for full details.
         }
 
         .mx_Toast_description {
-            max-width: 272px;
+            max-width: 366px;
             overflow: hidden;
             text-overflow: ellipsis;
             margin: 4px 0 11px 0;

@@ -34,11 +34,9 @@ import {
     hideToast as hideUnverifiedSessionsToast,
     showToast as showUnverifiedSessionsToast,
 } from "./toasts/UnverifiedSessionToast";
-import { accessSecretStorage, isSecretStorageBeingAccessed } from "./SecurityManager";
-import { isSecureBackupRequired } from "./utils/WellKnownUtils";
+import { isSecretStorageBeingAccessed } from "./SecurityManager";
 import { ActionPayload } from "./dispatcher/payloads";
 import { Action } from "./dispatcher/actions";
-import { isLoggedIn } from "./utils/login";
 import SdkConfig from "./SdkConfig";
 import PlatformPeg from "./PlatformPeg";
 import { recordClientInformation, removeClientInformation } from "./utils/device/clientInformation";
@@ -283,7 +281,21 @@ export default class DeviceListener {
 
         const crossSigningReady = await crypto.isCrossSigningReady();
         const secretStorageReady = await crypto.isSecretStorageReady();
-        const allSystemsReady = crossSigningReady && secretStorageReady;
+        const crossSigningStatus = await crypto.getCrossSigningStatus();
+        const allCrossSigningSecretsCached =
+            crossSigningStatus.privateKeysCachedLocally.masterKey &&
+            crossSigningStatus.privateKeysCachedLocally.selfSigningKey &&
+            crossSigningStatus.privateKeysCachedLocally.userSigningKey;
+
+        const defaultKeyId = await cli.secretStorage.getDefaultKeyId();
+
+        const isCurrentDeviceTrusted =
+            crossSigningReady &&
+            Boolean(
+                (await crypto.getDeviceVerificationStatus(cli.getSafeUserId(), cli.deviceId!))?.crossSigningVerified,
+            );
+
+        const allSystemsReady = crossSigningReady && secretStorageReady && allCrossSigningSecretsCached;
         await this.reportCryptoSessionStateToAnalytics(cli);
 
         if (this.dismissedThisDeviceToast || allSystemsReady) {
@@ -294,31 +306,31 @@ export default class DeviceListener {
             // make sure our keys are finished downloading
             await crypto.getUserDeviceInfo([cli.getSafeUserId()]);
 
-            // cross signing isn't enabled - nag to enable it
-            // There are 3 different toasts for:
-            if (!(await crypto.getCrossSigningKeyId()) && (await crypto.userHasCrossSigningKeys())) {
-                // Toast 1. Cross-signing on account but this device doesn't trust the master key (verify this session)
+            if (!crossSigningReady) {
+                // This account is legacy and doesn't have cross-signing set up at all.
+                // Prompt the user to set it up.
+                showSetupEncryptionToast(SetupKind.SET_UP_ENCRYPTION);
+            } else if (!isCurrentDeviceTrusted) {
+                // cross signing is ready but the current device is not trusted: prompt the user to verify
                 showSetupEncryptionToast(SetupKind.VERIFY_THIS_SESSION);
-                this.checkKeyBackupStatus();
+            } else if (!allCrossSigningSecretsCached) {
+                // cross signing ready & device trusted, but we are missing secrets from our local cached.
+                // prompt the user to enter their recovery key.
+                showSetupEncryptionToast(SetupKind.KEY_STORAGE_OUT_OF_SYNC);
+            } else if (defaultKeyId === null) {
+                // the user just hasn't set up 4S yet: prompt them to do so
+                showSetupEncryptionToast(SetupKind.SET_UP_RECOVERY);
             } else {
-                const backupInfo = await this.getKeyBackupInfo();
-                if (backupInfo) {
-                    // Toast 2: Key backup is enabled but recovery (4S) is not set up: prompt user to set up recovery.
-                    // Since we now enable key backup at registration time, this will be the common case for
-                    // new users.
-                    showSetupEncryptionToast(SetupKind.SET_UP_RECOVERY);
-                } else {
-                    // Toast 3: No cross-signing or key backup on account (set up encryption)
-                    await cli.waitForClientWellKnown();
-                    if (isSecureBackupRequired(cli) && isLoggedIn()) {
-                        // If we're meant to set up, and Secure Backup is required,
-                        // trigger the flow directly without a toast once logged in.
-                        hideSetupEncryptionToast();
-                        accessSecretStorage();
-                    } else {
-                        showSetupEncryptionToast(SetupKind.SET_UP_ENCRYPTION);
-                    }
-                }
+                // some other condition... yikes! Show the 'set up encryption' toast: this is what we previously did
+                // in 'other' situations. Possibly we should consider prompting for a full reset in this case?
+                logger.warn("Couldn't match encryption state to a know case: showing 'setup encryption' prompt", {
+                    crossSigningReady,
+                    secretStorageReady,
+                    allCrossSigningSecretsCached,
+                    isCurrentDeviceTrusted,
+                    defaultKeyId,
+                });
+                showSetupEncryptionToast(SetupKind.SET_UP_ENCRYPTION);
             }
         }
 
@@ -334,12 +346,6 @@ export default class DeviceListener {
         // Unverified devices that have appeared since then
         const newUnverifiedDeviceIds = new Set<string>();
 
-        const isCurrentDeviceTrusted =
-            crossSigningReady &&
-            Boolean(
-                (await crypto.getDeviceVerificationStatus(cli.getSafeUserId(), cli.deviceId!))?.crossSigningVerified,
-            );
-
         // as long as cross-signing isn't ready,
         // you can't see or dismiss any device toasts
         if (crossSigningReady) {

@@ -879,14 +879,18 @@
             "title": "Destroy cross-signing keys?",
             "warning": "Deleting cross-signing keys is permanent. Anyone you have verified with will see security alerts. You almost certainly don't want to do this, unless you've lost every device you can cross-sign from."
         },
+        "enter_recovery_key": "Enter recovery key",
         "event_shield_reason_authenticity_not_guaranteed": "The authenticity of this encrypted message can't be guaranteed on this device.",
         "event_shield_reason_mismatched_sender_key": "Encrypted by an unverified session",
         "event_shield_reason_unknown_device": "Encrypted by an unknown or deleted device.",
         "event_shield_reason_unsigned_device": "Encrypted by a device not verified by its owner.",
         "event_shield_reason_unverified_identity": "Encrypted by an unverified user.",
         "export_unsupported": "Your browser does not support the required cryptography extensions",
+        "forgot_recovery_key": "Forgot recovery key?",
         "import_invalid_keyfile": "Not a valid %(brand)s keyfile",
         "import_invalid_passphrase": "Authentication check failed: incorrect password?",
+        "key_storage_out_of_sync": "Your key storage is out of sync.",
+        "key_storage_out_of_sync_description": "Confirm your recovery key to maintain access to your key storage and message history.",
         "messages_not_secure": {
             "cause_1": "Your homeserver",
             "cause_2": "The homeserver the user you're verifying is connected to",

@@ -27,6 +27,8 @@ const getTitle = (kind: Kind): string => {
             return _t("encryption|set_up_recovery");
         case Kind.VERIFY_THIS_SESSION:
             return _t("encryption|verify_toast_title");
+        case Kind.KEY_STORAGE_OUT_OF_SYNC:
+            return _t("encryption|key_storage_out_of_sync");
     }
 };
 
@@ -37,6 +39,7 @@ const getIcon = (kind: Kind): string | undefined => {
         case Kind.SET_UP_RECOVERY:
             return undefined;
         case Kind.VERIFY_THIS_SESSION:
+        case Kind.KEY_STORAGE_OUT_OF_SYNC:
             return "verification_warning";
     }
 };
@@ -49,6 +52,8 @@ const getSetupCaption = (kind: Kind): string => {
             return _t("action|continue");
         case Kind.VERIFY_THIS_SESSION:
             return _t("action|verify");
+        case Kind.KEY_STORAGE_OUT_OF_SYNC:
+            return _t("encryption|enter_recovery_key");
     }
 };
 
@@ -59,6 +64,8 @@ const getSecondaryButtonLabel = (kind: Kind): string => {
         case Kind.SET_UP_ENCRYPTION:
         case Kind.VERIFY_THIS_SESSION:
             return _t("encryption|verification|unverified_sessions_toast_reject");
+        case Kind.KEY_STORAGE_OUT_OF_SYNC:
+            return _t("encryption|forgot_recovery_key");
     }
 };
 
@@ -70,6 +77,8 @@ const getDescription = (kind: Kind): string => {
             return _t("encryption|set_up_recovery_toast_description");
         case Kind.VERIFY_THIS_SESSION:
             return _t("encryption|verify_toast_description");
+        case Kind.KEY_STORAGE_OUT_OF_SYNC:
+            return _t("encryption|key_storage_out_of_sync_description");
     }
 };
 
@@ -89,6 +98,10 @@ export enum Kind {
      * Prompt the user to verify this session
      */
     VERIFY_THIS_SESSION = "verify_this_session",
+    /**
+     * Prompt the user to enter their recovery key
+     */
+    KEY_STORAGE_OUT_OF_SYNC = "key_storage_out_of_sync",
 }
 
 const onReject = (): void => {

@@ -329,32 +329,33 @@ describe("DeviceListener", () => {
                 });
 
                 it("shows verify session toast when account has cross signing", async () => {
-                    mockCrypto!.userHasCrossSigningKeys.mockResolvedValue(true);
+                    mockCrypto!.isCrossSigningReady.mockResolvedValue(true);
                     await createAndStart();
 
                     expect(mockCrypto!.getUserDeviceInfo).toHaveBeenCalled();
                     expect(SetupEncryptionToast.showToast).toHaveBeenCalledWith(
                         SetupEncryptionToast.Kind.VERIFY_THIS_SESSION,
                     );
                 });
-
-                it("checks key backup status when when account has cross signing", async () => {
-                    mockCrypto!.getCrossSigningKeyId.mockResolvedValue(null);
-                    mockCrypto!.userHasCrossSigningKeys.mockResolvedValue(true);
-                    await createAndStart();
-
-                    expect(mockCrypto!.getActiveSessionBackupVersion).toHaveBeenCalled();
-                });
             });
 
             describe("when user does have a cross signing id on this device", () => {
                 beforeEach(() => {
+                    mockCrypto!.isCrossSigningReady.mockResolvedValue(true);
                     mockCrypto!.getCrossSigningKeyId.mockResolvedValue("abc");
+                    mockCrypto!.getDeviceVerificationStatus.mockResolvedValue(
+                        new DeviceVerificationStatus({
+                            trustCrossSignedDevices: true,
+                            crossSigningVerified: true,
+                        }),
+                    );
                 });
 
                 it("shows set up recovery toast when user has a key backup available", async () => {
                     // non falsy response
                     mockCrypto.getKeyBackupInfo.mockResolvedValue({} as unknown as KeyBackupInfo);
+                    mockClient.secretStorage.getDefaultKeyId.mockResolvedValue(null);
+
                     await createAndStart();
 
                     expect(SetupEncryptionToast.showToast).toHaveBeenCalledWith(

@@ -16,9 +16,15 @@ describe("SetupEncryptionToast", () => {
         render(<ToastContainer />);
     });
 
-    it("should render the se up recovery toast", async () => {
+    it("should render the 'set up recovery' toast", async () => {
         showToast(Kind.SET_UP_RECOVERY);
 
         await expect(screen.findByText("Set up recovery")).resolves.toBeInTheDocument();
     });
+
+    it("should render the 'key storage out of sync' toast", async () => {
+        showToast(Kind.KEY_STORAGE_OUT_OF_SYNC);
+
+        await expect(screen.findByText("Your key storage is out of sync.")).resolves.toBeInTheDocument();
+    });
 });