rust backup support ground work #3548
Conversation
|
Looks like this needs a rust crypto update to function, will leave it to vdh as the matter expert |
I commented out for now, and just put a blank stub to see what CI is saying |
| beforeAll(function () { | ||
| return Olm.init(); | ||
| /** | ||
| * Integration tests for cross-signing functionality. |
| return session; | ||
| }); | ||
| } | ||
| // jest.useFakeTimers(); |
src/crypto-api/keybackup.ts
Outdated
| export interface KeyBackupStatus { | ||
| version: string; | ||
| enabled: boolean; | ||
| } | ||
|
|
||
| export type SigInfo = { | ||
| deviceId: string; | ||
| valid?: boolean | null; // true: valid, false: invalid, null: cannot attempt validation | ||
| device?: DeviceInfo | null; | ||
| crossSigningId?: boolean; | ||
| deviceTrust?: DeviceTrustLevel; | ||
| }; | ||
|
|
||
| export type TrustInfo = { | ||
| usable: boolean; // is the backup trusted, true iff there is a sig that is valid & from a trusted device | ||
| sigs: SigInfo[]; | ||
| // eslint-disable-next-line camelcase | ||
| trusted_locally?: boolean; | ||
| }; | ||
|
|
||
| export interface IKeyBackupCheck { | ||
| backupInfo?: IKeyBackupInfo; | ||
| trustInfo: TrustInfo; | ||
| } | ||
|
|
||
| export interface SecureKeyBackup { | ||
| getKeyBackupStatus(): Promise<KeyBackupStatus | null>; | ||
|
|
||
| stop(): void; | ||
|
|
||
| /** | ||
| * Check the server for an active key backup and | ||
| * if one is present and has a valid signature from | ||
| * one of the user's verified devices, start backing up | ||
| * to it. | ||
| */ | ||
| checkAndStart(): Promise<IKeyBackupCheck | null>; | ||
| } |
There was a problem hiding this comment.
these things all need good doc-comments explaining the concepts they represent and what each of the properties are for.
There was a problem hiding this comment.
ok, will try revert engineer it ;)
| /** | ||
| * sign the given object with our ed25519 key | ||
| * | ||
| * @param obj - Object to which we will add a 'signatures' property | ||
| */ | ||
| signObject<T extends ISignableObject & object>(obj: T): Promise<void>; |
There was a problem hiding this comment.
do you think we actually need this? I note that the only place it is called (MatrixClient.createKeyBackupVersion) has this comment:
This can probably go away very soon in
favour of just signing with the cross-singing master key.
is "very soon" less than 3.5 years?
There was a problem hiding this comment.
mm, not sure about the comment. What we will stop doing is trusting a backup if it's signed by a device we trust. But I think signing with our own device is a way to mark as trusted.
|
I think this is on hold pending #3555 ? marking as draft for now |
| /** | ||
| * Implementation of {@link CryptoApi#signObject} | ||
| */ | ||
| public async signObject<T extends ISignableObject & object>(obj: T): Promise<void> { |
There was a problem hiding this comment.
I need to update that it's not correct at the moment, but having this rust PR available would make it easier to implement
Ground work for support of key backup in rust:
Fixes https://github.com/vector-im/crypto-internal/issues/104
Fixes https://github.com/vector-im/crypto-internal/issues/105
Changes:
Replace use of TestClient (using fetch mock). Rust test is now skipped until all implementedcryptoThe client was not stopped correctly when there is an active backup, added astop()api in backupManager to clear any pending backup upload.Checklist
This PR currently has none of the required changelog labels.
Add one of:
T-Deprecation,T-Enhancement,T-Defect,T-Taskto indicate what type of change this is plusX-Breaking-Changeif it's a breaking change.