Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Accept key backups as usable if they're signed with the master cross-signing key #1492

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from

Conversation

bradtgmurray
Copy link
Contributor

@bradtgmurray bradtgmurray commented Jun 7, 2022

Accept key backups if they're signed by the master cross-signing key.

Used matrix-js-sdk as a reference which accepts it as usable if either the signing device is verified or it's the cross-signing key. https://github.com/matrix-org/matrix-js-sdk/blob/develop/src/crypto/backup.ts#L426-L433

Signed-off-by: Brad Murray [email protected]

Pull Request Checklist

@stefanceriu stefanceriu requested a review from Anderas June 8, 2022 13:03
Copy link
Contributor

@Anderas Anderas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Brad, thanks for the contribution. I made one comment regarding ensuring we do indeed have the master key when trusting a backup, and it would be also great to add a test case if possible for this, for instance in MXCryptoBackupTests

@@ -1154,6 +1154,8 @@ - (MXKeyBackupVersionTrust *)trustForKeyBackupVersionFromCryptoQueue:(MXKeyBacku
}
else
{
keyBackupVersionTrust.usable = YES;
Copy link
Contributor

@Anderas Anderas Jun 8, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The existing parent else branch does not ensure that the deviceId is indeed a master key (it only mentions it in a comment), as opposed to other type of key. Could you please change the else // Try interpreting it as the MSK public key into something like else if ([deviceId isEqualToString:masterKey])? The master key can be obtained for instance as crypto.crossSigning.myUserCrossSigningKeys.masterKeys.keys. See also Android implementation for reference.

If the comparison check fails, we can log that as another issue.

Additionally it may be worth renaming the deviceId local variable into deviceIdOrCrossSigningKey, otherwise the name can be misleading

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only a month and a half later I've finally addressed this feedback, thanks @Anderas !

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making the change. I see that we will now be adding a signature object even if the master key verification did not succeed, but it will be set as invalid (plus this copies js / android behaviour) so it sounds good to me

@bradtgmurray bradtgmurray force-pushed the accept-key-backups-signed-with-the-cross-signing-key branch from a0b3a87 to dda6477 Compare July 25, 2022 20:22
// - Check the returned MXKeyBackupVersion is trusted
// -> It must be trusted by 2 entities
// -> Trusted by her device
// -> It must be trusted by 1 entities
// -> Trusted by her MSK
- (void)testCrossSigningMSKTrustForKeyBackupVersion
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Repurposed an existing test. Based on the name it seems to have been wanting to test MSKTrust, but because the valid device signature was marking the device usable it was hiding the bug that I'm fixing with this PR. Now the only signature on the backup is the MSK.

@codecov-commenter
Copy link

codecov-commenter commented Jul 25, 2022

Codecov Report

Attention: Patch coverage is 0% with 17 lines in your changes missing coverage. Please review.

Project coverage is 12.49%. Comparing base (2b96b99) to head (43c107e).
Report is 857 commits behind head on develop.

Files with missing lines Patch % Lines
MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m 0.00% 17 Missing ⚠️
Additional details and impacted files
@@             Coverage Diff             @@
##           develop    #1492      +/-   ##
===========================================
- Coverage    12.49%   12.49%   -0.01%     
===========================================
  Files          521      521              
  Lines        85051    85056       +5     
  Branches     36216    36219       +3     
===========================================
  Hits         10626    10626              
- Misses       74039    74044       +5     
  Partials       386      386              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@bradtgmurray bradtgmurray force-pushed the accept-key-backups-signed-with-the-cross-signing-key branch from 5081a33 to 1e23875 Compare July 26, 2022 15:26
@bradtgmurray
Copy link
Contributor Author

Strange, these tests seem to pass locally, any ideas?

XCTAssertNotNil(keyBackupVersionTrust);
XCTAssertTrue(keyBackupVersionTrust.usable);
XCTAssertEqual(keyBackupVersionTrust.signatures.count, 2);
Copy link
Contributor

@Anderas Anderas Aug 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new test looks good, however it might be better to create it as copy and leave testCrossSigningMSKTrustForKeyBackupVersion as is, otherwise we loose the test case for getting a device signature (XCTAssertEqual(keyBackupVersionTrust.signatures.count, 2))

@@ -1154,6 +1154,8 @@ - (MXKeyBackupVersionTrust *)trustForKeyBackupVersionFromCryptoQueue:(MXKeyBacku
}
else
{
keyBackupVersionTrust.usable = YES;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making the change. I see that we will now be adding a signature object even if the master key verification did not succeed, but it will be set as invalid (plus this copies js / android behaviour) so it sounds good to me

@Anderas
Copy link
Contributor

Anderas commented Aug 23, 2022

Strange, these tests seem to pass locally, any ideas?

Unfortunatelly crypto + integration tests are very flaky, we are in the process of enabling + fixing them. I'd say make sure that they pass on your local branch, and optionally you can rerun the GitHub tests a few times. We cannot just turn them off because locally they are not as flaky and thus hard to spot the misbehaving ones.

@bradtgmurray bradtgmurray force-pushed the accept-key-backups-signed-with-the-cross-signing-key branch from 1f1324a to 43c107e Compare September 6, 2022 12:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants