matrix_sdk/encryption/recovery/mod.rs
1// Copyright 2023 The Matrix.org Foundation C.I.C.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15//! The recovery module
16//!
17//! The recovery module attempts to provide a unified and simplified view over
18//! the secret storage and backup subsystems.
19//!
20//! **Note**: If you are using this module, do not use the [`SecretStorage`] and
21//! [`Backups`] subsystems directly. This module makes assumptions that might be
22//! broken by the direct usage of the respective lower level modules.
23//!
24//! **Note**: The term Recovery used in this submodule is not the same as the
25//! [`Recovery key`] mentioned in the spec. The recovery key from the spec is
26//! solely about backups, while the term recovery in this file includes both the
27//! backups and the secret storage subsystems. The recovery key mentioned in
28//! this file is the secret storage key.
29//!
30//! You should configure your client to bootstrap cross-signing automatically
31//! and may choose to let your client automatically create a backup, if it
32//! doesn't exist, as well:
33//!
34//! ```no_run
35//! use matrix_sdk::{Client, encryption::EncryptionSettings};
36//!
37//! # async {
38//! # let homeserver = "http://example.org";
39//! let client = Client::builder()
40//! .homeserver_url(homeserver)
41//! .with_encryption_settings(EncryptionSettings {
42//! auto_enable_cross_signing: true,
43//! auto_enable_backups: true,
44//! ..Default::default()
45//! })
46//! .build()
47//! .await?;
48//! # anyhow::Ok(()) };
49//! ```
50//!
51//! # Examples
52//!
53//! For a newly registered user you will want to enable recovery, either
54//! immediately or before the user logs out.
55//!
56//! ```no_run
57//! # use matrix_sdk::{Client, encryption::recovery::EnableProgress};
58//! # use url::Url;
59//! # async {
60//! # let homeserver = Url::parse("http://example.com")?;
61//! # let client = Client::new(homeserver).await?;
62//! let recovery = client.encryption().recovery();
63//!
64//! // Create a new recovery key, you can use the provided passphrase, or the returned recovery key
65//! // to recover.
66//! let recovery_key = recovery
67//! .enable()
68//! .wait_for_backups_to_upload()
69//! .with_passphrase("my passphrase")
70//! .await;
71//! # anyhow::Ok(()) };
72//! ```
73//!
74//! If the user logs in with another device, you'll want to let the user recover
75//! its secrets by entering the recovery key or recovery passphrase.
76//!
77//! ```no_run
78//! # use matrix_sdk::{Client, encryption::recovery::EnableProgress};
79//! # use url::Url;
80//! # async {
81//! # let homeserver = Url::parse("http://example.com")?;
82//! # let client = Client::new(homeserver).await?;
83//! let recovery = client.encryption().recovery();
84//!
85//! // Create a new recovery key, you can use the provided passphrase, or the returned recovery key
86//! // to recover.
87//! recovery.recover("my recovery key or passphrase").await;
88//! # anyhow::Ok(()) };
89//! ```
90//!
91//! [`Recovery key`]: https://spec.matrix.org/v1.8/client-server-api/#recovery-key
92
93use futures_core::{Future, Stream};
94use futures_util::StreamExt as _;
95use ruma::{
96 api::client::keys::get_keys,
97 events::{
98 GlobalAccountDataEventType,
99 secret::{request::SecretName, send::ToDeviceSecretSendEvent},
100 secret_storage::{default_key::SecretStorageDefaultKeyEvent, secret::SecretEventContent},
101 },
102 serde::Raw,
103};
104use serde_json::{json, value::to_raw_value};
105use tracing::{error, info, instrument, warn};
106
107#[cfg(doc)]
108use crate::encryption::{
109 backups::Backups,
110 secret_storage::{SecretStorage, SecretStore},
111};
112use crate::{
113 Client,
114 client::WeakClient,
115 encryption::{backups::BackupState, secret_storage::SecretStorageError},
116};
117
118pub mod futures;
119mod types;
120pub use self::types::{EnableProgress, RecoveryError, RecoveryState, Result};
121use self::{
122 futures::{Enable, RecoverAndReset, Reset},
123 types::{BackupDisabledContent, KeyBackupContent, SecretStorageDisabledContent},
124};
125use crate::encryption::{AuthData, CrossSigningResetAuthType, CrossSigningResetHandle};
126
127/// The recovery manager for the [`Client`].
128#[derive(Debug)]
129pub struct Recovery {
130 pub(super) client: Client,
131}
132
133impl Recovery {
134 /// The list of known secrets that are contained in secret storage once
135 /// recover is enabled.
136 pub const KNOWN_SECRETS: &[SecretName] = &[
137 SecretName::CrossSigningMasterKey,
138 SecretName::CrossSigningUserSigningKey,
139 SecretName::CrossSigningSelfSigningKey,
140 SecretName::RecoveryKey,
141 ];
142
143 /// Get the current [`RecoveryState`] for this [`Client`].
144 pub fn state(&self) -> RecoveryState {
145 self.client.inner.e2ee.recovery_state.get()
146 }
147
148 /// Get a stream of updates to the [`RecoveryState`].
149 ///
150 /// This method will send out the current state as the first update.
151 ///
152 /// # Examples
153 ///
154 /// ```no_run
155 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
156 /// # use url::Url;
157 /// # async {
158 /// # let homeserver = Url::parse("http://example.com")?;
159 /// # let client = Client::new(homeserver).await?;
160 /// use futures_util::StreamExt;
161 ///
162 /// let recovery = client.encryption().recovery();
163 ///
164 /// let mut state_stream = recovery.state_stream();
165 ///
166 /// while let Some(update) = state_stream.next().await {
167 /// match update {
168 /// RecoveryState::Enabled => {
169 /// println!("Recovery has been enabled");
170 /// }
171 /// _ => (),
172 /// }
173 /// }
174 /// # anyhow::Ok(()) };
175 /// ```
176 pub fn state_stream(&self) -> impl Stream<Item = RecoveryState> + use<> {
177 self.client.inner.e2ee.recovery_state.subscribe_reset()
178 }
179
180 /// Enable secret storage *and* backups.
181 ///
182 /// This method will create a new secret storage key and a new backup if one
183 /// doesn't already exist. It will then upload all the locally cached
184 /// secrets, including the backup recovery key, to the new secret store.
185 ///
186 /// This method will throw an error if a backup already exists on the
187 /// homeserver but this [`Client`] isn't connected to the existing backup.
188 ///
189 /// # Examples
190 ///
191 /// ```no_run
192 /// # use matrix_sdk::{Client, encryption::recovery::EnableProgress};
193 /// # use url::Url;
194 /// # async {
195 /// # let homeserver = Url::parse("http://example.com")?;
196 /// # let client = Client::new(homeserver).await?;
197 /// use futures_util::StreamExt;
198 ///
199 /// let recovery = client.encryption().recovery();
200 ///
201 /// let enable = recovery
202 /// .enable()
203 /// .wait_for_backups_to_upload()
204 /// .with_passphrase("my passphrase");
205 ///
206 /// let mut progress_stream = enable.subscribe_to_progress();
207 ///
208 /// tokio::spawn(async move {
209 /// while let Some(update) = progress_stream.next().await {
210 /// let Ok(update) = update else {
211 /// panic!("Update to the enable progress lagged")
212 /// };
213 ///
214 /// match update {
215 /// EnableProgress::CreatingBackup => {
216 /// println!("Creating a new backup");
217 /// }
218 /// EnableProgress::CreatingRecoveryKey => {
219 /// println!("Creating a new recovery key");
220 /// }
221 /// EnableProgress::Done { .. } => {
222 /// println!("Recovery has been enabled");
223 /// break;
224 /// }
225 /// _ => (),
226 /// }
227 /// }
228 /// });
229 ///
230 /// let recovery_key = enable.await?;
231 ///
232 /// # anyhow::Ok(()) };
233 /// ```
234 #[instrument(skip_all)]
235 pub fn enable(&self) -> Enable<'_> {
236 Enable::new(self)
237 }
238
239 /// Create a new backup if one does not exist yet.
240 ///
241 /// This method will throw an error if a backup already exists on the
242 /// homeserver but this [`Client`] isn't connected to the existing backup.
243 ///
244 /// # Examples
245 ///
246 /// ```no_run
247 /// # use matrix_sdk::{Client, encryption::backups::BackupState};
248 /// # use url::Url;
249 /// # async {
250 /// # let homeserver = Url::parse("http://example.com")?;
251 /// # let client = Client::new(homeserver).await?;
252 /// let recovery = client.encryption().recovery();
253 ///
254 /// recovery.enable_backup().await?;
255 ///
256 /// assert_eq!(client.encryption().backups().state(), BackupState::Enabled);
257 ///
258 /// # anyhow::Ok(()) };
259 /// ```
260 #[instrument(skip_all)]
261 pub async fn enable_backup(&self) -> Result<()> {
262 if !self.client.encryption().backups().fetch_exists_on_server().await? {
263 self.mark_backup_as_enabled().await?;
264
265 self.client.encryption().backups().create().await?;
266 self.client.encryption().backups().maybe_trigger_backup();
267
268 Ok(())
269 } else {
270 Err(RecoveryError::BackupExistsOnServer)
271 }
272 }
273
274 /// Disable recovery completely.
275 ///
276 /// This method will do the following steps:
277 ///
278 /// 1. Disable the uploading of room keys to a currently active backup.
279 /// 2. Delete the currently active backup.
280 /// 3. Set the `m.secret_storage.default_key` global account data event to
281 /// an empty JSON content.
282 /// 4. Set a global account data event so clients won't attempt to
283 /// automatically re-enable a backup.
284 ///
285 /// # Examples
286 ///
287 /// ```no_run
288 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
289 /// # use url::Url;
290 /// # async {
291 /// # let homeserver = Url::parse("http://example.com")?;
292 /// # let client = Client::new(homeserver).await?;
293 /// let recovery = client.encryption().recovery();
294 ///
295 /// recovery.disable().await?;
296 ///
297 /// assert_eq!(recovery.state(), RecoveryState::Disabled);
298 ///
299 /// # anyhow::Ok(()) };
300 /// ```
301 #[instrument(skip_all)]
302 pub async fn disable(&self) -> Result<()> {
303 self.client.encryption().backups().disable().await?;
304
305 // Why oh why, can't we delete account data events?
306 //
307 // Alright, let's attempt to "delete" the content of our current default key,
308 // for this we first need to check if there is a default key, then
309 // deserialize the content and find out the key ID.
310 //
311 // Then we finally set the event to an empty JSON content.
312 if let Ok(Some(default_event)) =
313 self.client.encryption().secret_storage().fetch_default_key_id().await
314 && let Ok(default_event) = default_event.deserialize()
315 {
316 let key_id = default_event.key_id;
317 let event_type = GlobalAccountDataEventType::SecretStorageKey(key_id);
318
319 self.client
320 .account()
321 .set_account_data_raw(event_type, Raw::new(&json!({})).expect("").cast_unchecked())
322 .await?;
323 }
324
325 // Now let's "delete" the actual `m.secret.storage.default_key` event.
326 self.client.account().set_account_data(SecretStorageDisabledContent {}).await?;
327 // Make sure that we don't re-enable backups automatically.
328 self.client.account().set_account_data(KeyBackupContent { enabled: false }).await?;
329 // (Unstable prefix version of KeyBackupContent)
330 self.client.account().set_account_data(BackupDisabledContent { disabled: true }).await?;
331 // Finally, "delete" all the known secrets we have in the account data.
332 self.delete_all_known_secrets().await?;
333
334 self.update_recovery_state().await?;
335
336 Ok(())
337 }
338
339 /// Reset the recovery key.
340 ///
341 /// This will rotate the secret storage key and re-upload all the secrets to
342 /// the [`SecretStore`].
343 ///
344 /// # Examples
345 ///
346 /// ```no_run
347 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
348 /// # use url::Url;
349 /// # async {
350 /// # let homeserver = Url::parse("http://example.com")?;
351 /// # let client = Client::new(homeserver).await?;
352 /// let recovery = client.encryption().recovery();
353 ///
354 /// let new_recovery_key =
355 /// recovery.reset_key().with_passphrase("my passphrase").await;
356 /// # anyhow::Ok(()) };
357 /// ```
358 #[instrument(skip_all)]
359 pub fn reset_key(&self) -> Reset<'_> {
360 // TODO: Should this only be possible if we're in the RecoveryState::Enabled
361 // state? Otherwise we'll create a new secret store but won't be able to
362 // upload all the secrets.
363 Reset::new(self)
364 }
365
366 /// Reset the recovery key but first import all the secrets from secret
367 /// storage.
368 ///
369 /// # Examples
370 ///
371 /// ```no_run
372 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
373 /// # use url::Url;
374 /// # async {
375 /// # let homeserver = Url::parse("http://example.com")?;
376 /// # let client = Client::new(homeserver).await?;
377 /// let recovery = client.encryption().recovery();
378 ///
379 /// let new_recovery_key = recovery
380 /// .recover_and_reset("my old passphrase or key")
381 /// .with_passphrase("my new passphrase")
382 /// .await?;
383 /// # anyhow::Ok(()) };
384 /// ```
385 #[instrument(skip_all)]
386 pub fn recover_and_reset<'a>(&'a self, old_key: &'a str) -> RecoverAndReset<'a> {
387 RecoverAndReset::new(self, old_key)
388 }
389
390 /// Completely reset the current user's crypto identity.
391 /// This method will go through the following steps:
392 ///
393 /// 1. Disable backing up room keys and delete the active backup
394 /// 2. Disable recovery and delete secret storage
395 /// 3. Go through the cross-signing key reset flow
396 /// 4. Finally, re-enable key backups (only if they were already enabled)
397 ///
398 /// Disclaimer: failures in this flow will potentially leave the user in
399 /// an inconsistent state but they're expected to just run the reset flow
400 /// again as presumably the reason they started it to begin with was
401 /// that they no longer had access to any of their data.
402 ///
403 /// # Examples
404 ///
405 /// ```no_run
406 /// # use matrix_sdk::{
407 /// encryption::recovery, encryption::CrossSigningResetAuthType, ruma::api::client::uiaa,
408 /// Client,
409 /// };
410 /// # use url::Url;
411 /// # async {
412 /// # let homeserver = Url::parse("http://example.com")?;
413 /// # let client = Client::new(homeserver).await?;
414 /// # let user_id = unimplemented!();
415 /// let encryption = client.encryption();
416 ///
417 /// if let Some(handle) = encryption.recovery().reset_identity().await? {
418 /// match handle.auth_type() {
419 /// CrossSigningResetAuthType::Uiaa(uiaa) => {
420 /// let password = "1234".to_owned();
421 /// let mut password = uiaa::Password::new(user_id, password);
422 /// password.session = uiaa.session;
423 ///
424 /// handle.reset(Some(uiaa::AuthData::Password(password))).await?;
425 /// }
426 /// CrossSigningResetAuthType::OAuth(o) => {
427 /// println!(
428 /// "To reset your end-to-end encryption cross-signing identity, \
429 /// you first need to approve it at {}",
430 /// o.approval_url
431 /// );
432 /// handle.reset(None).await?;
433 /// }
434 /// }
435 /// }
436 /// # anyhow::Ok(()) };
437 /// ```
438 pub async fn reset_identity(&self) -> Result<Option<IdentityResetHandle>> {
439 self.client.encryption().backups().disable_and_delete().await?; // 1.
440
441 // 2. (We can't delete account data events)
442 self.client.account().set_account_data(SecretStorageDisabledContent {}).await?;
443 self.client.encryption().recovery().update_recovery_state().await?;
444
445 let cross_signing_reset_handle = self.client.encryption().reset_cross_signing().await?;
446
447 if let Some(handle) = cross_signing_reset_handle {
448 // Authentication required, backups will be re-enabled after the reset
449 Ok(Some(IdentityResetHandle {
450 client: self.client.clone(),
451 cross_signing_reset_handle: handle,
452 }))
453 } else {
454 // No authentication required, re-enable backups
455 if self.client.encryption().recovery().should_auto_enable_backups().await? {
456 self.client.encryption().recovery().enable_backup().await?; // 4.
457 }
458
459 Ok(None)
460 }
461 }
462
463 /// Recover all the secrets from the homeserver.
464 ///
465 /// This method is a convenience method around the
466 /// [`SecretStore::import_secrets()`] method, please read the documentation
467 /// of this method for more information about what happens if you call
468 /// this method.
469 ///
470 /// In short, this method will turn a newly created [`Client`] into a fully
471 /// end-to-end encryption enabled client.
472 ///
473 /// # Examples
474 ///
475 /// ```no_run
476 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
477 /// # use url::Url;
478 /// # async {
479 /// # let homeserver = Url::parse("http://example.com")?;
480 /// # let client = Client::new(homeserver).await?;
481 /// let recovery = client.encryption().recovery();
482 ///
483 /// recovery.recover("my recovery key or passphrase").await;
484 ///
485 /// assert_eq!(recovery.state(), RecoveryState::Enabled);
486 /// # anyhow::Ok(()) };
487 /// ```
488 #[instrument(skip_all)]
489 pub async fn recover(&self, recovery_key: &str) -> Result<()> {
490 let store =
491 self.client.encryption().secret_storage().open_secret_store(recovery_key).await?;
492
493 store.import_secrets().await?;
494 self.update_recovery_state().await?;
495
496 Ok(())
497 }
498
499 /// Recover all the secrets from the homeserver, and, if the
500 /// key backup information is inconsistent, create a new key backup.
501 ///
502 /// Please read the documentation for [`SecretStore::import_secrets()`]
503 /// for more information about the recovery of identity information.
504 ///
505 /// This will create a new key backup if:
506 ///
507 /// * Key backup is enabled and the backup decryption key is missing from
508 /// Recovery, or
509 /// * Key backup is enabled and the backup decryption key does not match the
510 /// public key
511 ///
512 /// # Examples
513 ///
514 /// ```no_run
515 /// # use matrix_sdk::{Client, encryption::recovery::RecoveryState};
516 /// # use url::Url;
517 /// # async {
518 /// # let homeserver = Url::parse("http://example.com")?;
519 /// # let client = Client::new(homeserver).await?;
520 /// let recovery = client.encryption().recovery();
521 ///
522 /// recovery.recover_and_fix_backup("my recovery key or passphrase").await;
523 ///
524 /// assert_eq!(recovery.state(), RecoveryState::Enabled);
525 /// # anyhow::Ok(()) };
526 /// ```
527 #[instrument(skip_all)]
528 pub async fn recover_and_fix_backup(&self, recovery_key: &str) -> Result<()> {
529 let store =
530 self.client.encryption().secret_storage().open_secret_store(recovery_key).await?;
531
532 let delete_and_recreate_backup = match store.import_secrets().await {
533 Ok(()) => false,
534 Err(SecretStorageError::InconsistentBackupDecryptionKey) => {
535 warn!(
536 "Key storage decryption key does not match the current backup - creating a new key backup"
537 );
538 true
539 }
540 Err(SecretStorageError::MissingOrInvalidBackupDecryptionKey) => {
541 warn!("Missing or invalid backup decryption key - creating a new key backup");
542 true
543 }
544 Err(e) => return Err(e.into()),
545 };
546
547 if delete_and_recreate_backup {
548 self.client.encryption().backups().disable_and_delete().await?;
549 self.enable_backup().await?;
550 store.export_secrets().await?;
551 }
552
553 self.update_recovery_state().await?;
554
555 Ok(())
556 }
557
558 /// Is this device the last device the user has?
559 ///
560 /// This method is useful to check if we should recommend to the user that
561 /// they should enable recovery, typically done before logging out.
562 ///
563 /// If the user does not enable recovery before logging out of their last
564 /// device, they will not be able to decrypt historic messages once they
565 /// create a new device.
566 pub async fn is_last_device(&self) -> Result<bool> {
567 let olm_machine = self.client.olm_machine().await;
568 let olm_machine = olm_machine.as_ref().ok_or(crate::Error::NoOlmMachine)?;
569 let user_id = olm_machine.user_id();
570
571 self.client.encryption().ensure_initial_key_query().await?;
572
573 let devices = self.client.encryption().get_user_devices(user_id).await?;
574
575 Ok(devices.devices().count() == 1)
576 }
577
578 /// Did we correctly set up cross-signing and backups?
579 async fn all_known_secrets_available(&self) -> Result<bool> {
580 // Cross-signing state is fine if we have all the private cross-signing keys, as
581 // indicated in the status.
582 let cross_signing_complete = self
583 .client
584 .encryption()
585 .cross_signing_status()
586 .await
587 .map(|status| status.is_complete());
588 if !cross_signing_complete.unwrap_or_default() {
589 return Ok(false);
590 }
591
592 // The backup state is fine if we have backups enabled locally, or if backups
593 // have been marked as disabled.
594 if self.client.encryption().backups().are_enabled().await {
595 Ok(true)
596 } else {
597 self.are_backups_marked_as_disabled().await
598 }
599 }
600
601 async fn should_auto_enable_backups(&self) -> Result<bool> {
602 // If we didn't already enable backups, we don't see a backup version on the
603 // server, and finally if backups have not been marked to be explicitly
604 // disabled, then we can automatically enable them.
605 Ok(self.client.inner.e2ee.encryption_settings.auto_enable_backups
606 && !self.client.encryption().backups().are_enabled().await
607 && !self.client.encryption().backups().fetch_exists_on_server().await?
608 && !self.are_backups_marked_as_disabled().await?)
609 }
610
611 pub(crate) async fn setup(&self) -> Result<()> {
612 info!("Setting up account data listeners and trying to setup recovery");
613
614 self.client.add_event_handler(Self::default_key_event_handler);
615 self.client.add_event_handler(Self::secret_send_event_handler);
616 self.client.inner.e2ee.initialize_recovery_state_update_task(&self.client);
617
618 self.update_recovery_state().await?;
619
620 if self.should_auto_enable_backups().await? {
621 info!("Trying to automatically enable backups");
622
623 if let Err(e) = self.enable_backup().await {
624 warn!("Could not automatically enable backups: {e:?}");
625 }
626 }
627
628 Ok(())
629 }
630
631 /// Delete all the known secrets we are keeping in secret storage.
632 ///
633 /// The exact list of secrets is defined in [`Recovery::KNOWN_SECRETS`] and
634 /// might change over time.
635 ///
636 /// Since account data events can't actually be deleted, due to a missing
637 /// DELETE API, we're replacing the events with an empty
638 /// [`SecretEventContent`].
639 async fn delete_all_known_secrets(&self) -> Result<()> {
640 for secret_name in Self::KNOWN_SECRETS {
641 let event_type = GlobalAccountDataEventType::from(secret_name.to_owned());
642 let content = SecretEventContent::new(Default::default());
643 let secret_content = Raw::from_json(
644 to_raw_value(&content)
645 .expect("We should be able to serialize a raw empty secret event content"),
646 );
647 self.client.account().set_account_data_raw(event_type, secret_content).await?;
648 }
649
650 Ok(())
651 }
652
653 /// Run a network request to figure whether backups have been disabled at
654 /// the account level.
655 async fn are_backups_marked_as_disabled(&self) -> Result<bool> {
656 if let Some(key_backup_content) =
657 self.client.account().fetch_account_data_static::<KeyBackupContent>().await?
658 {
659 Ok(key_backup_content.deserialize().map(|event| !event.enabled).unwrap_or(false))
660 } else {
661 Ok(self
662 .client
663 .account()
664 .fetch_account_data_static::<BackupDisabledContent>()
665 .await?
666 .map(|event| event.deserialize().map(|event| event.disabled).unwrap_or(false))
667 .unwrap_or(false))
668 }
669 }
670
671 async fn mark_backup_as_enabled(&self) -> Result<()> {
672 self.client.account().set_account_data(KeyBackupContent { enabled: true }).await?;
673
674 // Unstable prefix: will be removed when sufficient time has passed for clients
675 // to use the stable prefix.
676 self.client.account().set_account_data(BackupDisabledContent { disabled: false }).await?;
677
678 Ok(())
679 }
680
681 async fn check_recovery_state(&self) -> Result<RecoveryState> {
682 Ok(if self.client.encryption().secret_storage().is_enabled().await? {
683 if self.all_known_secrets_available().await? {
684 RecoveryState::Enabled
685 } else {
686 RecoveryState::Incomplete
687 }
688 } else {
689 RecoveryState::Disabled
690 })
691 }
692
693 async fn update_recovery_state(&self) -> Result<()> {
694 let new_state = self.check_recovery_state().await?;
695 let old_state = self.client.inner.e2ee.recovery_state.set(new_state);
696
697 if new_state != old_state {
698 info!("Recovery state changed from {old_state:?} to {new_state:?}");
699 }
700
701 Ok(())
702 }
703
704 async fn update_recovery_state_no_fail(&self) {
705 if let Err(e) = self.update_recovery_state().await {
706 error!("Couldn't update the recovery state: {e:?}");
707 }
708 }
709
710 #[instrument]
711 async fn secret_send_event_handler(_: ToDeviceSecretSendEvent, client: Client) {
712 client.encryption().recovery().update_recovery_state_no_fail().await;
713 }
714
715 #[instrument]
716 async fn default_key_event_handler(_: SecretStorageDefaultKeyEvent, client: Client) {
717 client.encryption().recovery().update_recovery_state_no_fail().await;
718 }
719
720 /// Listen for changes in the [`BackupState`] and, if necessary, update the
721 /// [`RecoveryState`] accordingly.
722 ///
723 /// This should not be called directly, this method is put into a background
724 /// task which is always listening for updates in the [`BackupState`].
725 pub(crate) fn update_state_after_backup_state_change(
726 client: &Client,
727 ) -> impl Future<Output = ()> + use<> {
728 let mut stream = client.encryption().backups().state_stream();
729 let weak = WeakClient::from_client(client);
730
731 async move {
732 while let Some(update) = stream.next().await {
733 if let Some(client) = weak.get() {
734 match update {
735 Ok(update) => {
736 // The recovery state only cares about these two states, the
737 // intermediate states that tell us that
738 // we're creating a backup are not interesting.
739 if matches!(update, BackupState::Unknown | BackupState::Enabled) {
740 client
741 .encryption()
742 .recovery()
743 .update_recovery_state_no_fail()
744 .await;
745 }
746 }
747 Err(_) => {
748 // We missed some updates, let's update our state in case something
749 // changed.
750 client.encryption().recovery().update_recovery_state_no_fail().await;
751 }
752 }
753 } else {
754 break;
755 }
756 }
757 }
758 }
759
760 #[instrument(skip_all)]
761 pub(crate) async fn update_state_after_keys_query(&self, response: &get_keys::v3::Response) {
762 if let Some(user_id) = self.client.user_id()
763 && response.master_keys.contains_key(user_id)
764 {
765 // TODO: This is unnecessarily expensive, we could let the crypto crate notify
766 // us that our private keys got erased... But, the OlmMachine
767 // gets recreated and... You know the drill by now...
768 self.update_recovery_state_no_fail().await;
769 }
770 }
771}
772
773/// A helper struct that handles continues resetting a user's crypto identity
774/// after authentication was required and re-enabling backups (if necessary) at
775/// the end of it
776#[derive(Debug)]
777pub struct IdentityResetHandle {
778 client: Client,
779 cross_signing_reset_handle: CrossSigningResetHandle,
780}
781
782impl IdentityResetHandle {
783 /// Get the underlying [`CrossSigningResetAuthType`] this identity reset
784 /// process is using.
785 pub fn auth_type(&self) -> &CrossSigningResetAuthType {
786 &self.cross_signing_reset_handle.auth_type
787 }
788
789 /// This method will retry to upload the device keys after the previous try
790 /// failed due to required authentication
791 pub async fn reset(&self, auth: Option<AuthData>) -> Result<()> {
792 self.cross_signing_reset_handle.auth(auth).await?;
793
794 if self.client.encryption().recovery().should_auto_enable_backups().await? {
795 self.client.encryption().recovery().enable_backup().await?;
796 }
797
798 Ok(())
799 }
800
801 /// Cancel the ongoing identity reset process
802 pub async fn cancel(&self) {
803 self.cross_signing_reset_handle.cancel().await;
804 }
805}
806
807// The http mocking library is not supported for wasm32
808#[cfg(all(test, not(target_family = "wasm")))]
809pub(crate) mod tests {
810 use assert_matches::assert_matches;
811 use matrix_sdk_test::async_test;
812 use ruma::{
813 events::{secret::request::SecretName, secret_storage::key},
814 serde::Base64,
815 };
816 use serde_json::json;
817
818 use super::Recovery;
819 use crate::{
820 encryption::{recovery::types::RecoveryError, secret_storage::SecretStorageError},
821 test_utils::mocks::MatrixMockServer,
822 };
823
824 // If recovery fails due when importing a secret from secret storage, we
825 // should get the `ImportError` variant of `SecretStorageError`. The
826 // following tests test different import failures.
827 #[async_test]
828 async fn test_recover_with_no_cross_signing_key() {
829 let server = MatrixMockServer::new().await;
830 let client = server.client_builder().build().await;
831
832 server
833 .mock_get_secret_storage_key()
834 .ok(
835 client.user_id().unwrap(),
836 &key::SecretStorageKeyEventContent::new(
837 "abc".into(),
838 key::SecretStorageEncryptionAlgorithm::V1AesHmacSha2(
839 key::SecretStorageV1AesHmacSha2Properties::new(
840 Some(Base64::parse("xv5b6/p3ExEw++wTyfSHEg==").unwrap()),
841 Some(
842 Base64::parse("ujBBbXahnTAMkmPUX2/0+VTfUh63pGyVRuBcDMgmJC8=")
843 .unwrap(),
844 ),
845 ),
846 ),
847 ),
848 )
849 .mount()
850 .await;
851 server
852 .mock_get_default_secret_storage_key()
853 .ok(client.user_id().unwrap(), "abc")
854 .mount()
855 .await;
856
857 let recovery = Recovery { client };
858
859 let ret =
860 recovery.recover("EsTj 3yST y93F SLpB jJsz eAXc 2XzA ygD3 w69H fGaN TKBj jXEd").await;
861
862 assert_matches!(
863 ret,
864 Err(RecoveryError::SecretStorage(SecretStorageError::ImportError {
865 name: SecretName::CrossSigningMasterKey,
866 error: _
867 }))
868 );
869 }
870
871 #[async_test]
872 async fn test_recover_with_invalid_cross_signing_key() {
873 let server = MatrixMockServer::new().await;
874 let client = server.client_builder().build().await;
875
876 server
877 .mock_get_secret_storage_key()
878 .ok(
879 client.user_id().unwrap(),
880 &key::SecretStorageKeyEventContent::new(
881 "abc".into(),
882 key::SecretStorageEncryptionAlgorithm::V1AesHmacSha2(
883 key::SecretStorageV1AesHmacSha2Properties::new(
884 Some(Base64::parse("xv5b6/p3ExEw++wTyfSHEg==").unwrap()),
885 Some(
886 Base64::parse("ujBBbXahnTAMkmPUX2/0+VTfUh63pGyVRuBcDMgmJC8=")
887 .unwrap(),
888 ),
889 ),
890 ),
891 ),
892 )
893 .mount()
894 .await;
895 server
896 .mock_get_default_secret_storage_key()
897 .ok(client.user_id().unwrap(), "abc")
898 .mount()
899 .await;
900 server.mock_get_master_signing_key().ok(client.user_id().unwrap(), json!({})).mount().await;
901
902 let recovery = Recovery { client };
903
904 let ret =
905 recovery.recover("EsTj 3yST y93F SLpB jJsz eAXc 2XzA ygD3 w69H fGaN TKBj jXEd").await;
906
907 assert_matches!(
908 ret,
909 Err(RecoveryError::SecretStorage(SecretStorageError::ImportError {
910 name: SecretName::CrossSigningMasterKey,
911 error: _
912 }))
913 );
914 }
915
916 #[async_test]
917 async fn test_recover_with_undecryptable_cross_signing_key() {
918 let server = MatrixMockServer::new().await;
919 let client = server.client_builder().build().await;
920
921 server
922 .mock_get_secret_storage_key()
923 .ok(
924 client.user_id().unwrap(),
925 &key::SecretStorageKeyEventContent::new(
926 "abc".into(),
927 key::SecretStorageEncryptionAlgorithm::V1AesHmacSha2(
928 key::SecretStorageV1AesHmacSha2Properties::new(
929 Some(Base64::parse("xv5b6/p3ExEw++wTyfSHEg==").unwrap()),
930 Some(
931 Base64::parse("ujBBbXahnTAMkmPUX2/0+VTfUh63pGyVRuBcDMgmJC8=")
932 .unwrap(),
933 ),
934 ),
935 ),
936 ),
937 )
938 .mount()
939 .await;
940 server
941 .mock_get_default_secret_storage_key()
942 .ok(client.user_id().unwrap(), "abc")
943 .mount()
944 .await;
945 server
946 .mock_get_master_signing_key()
947 .ok(
948 client.user_id().unwrap(),
949 json!({
950 "encrypted": {
951 "abc": {
952 "iv": "xv5b6/p3ExEw++wTyfSHEg==",
953 "mac": "ujBBbXahnTAMkmPUX2/0+VTfUh63pGyVRuBcDMgmJC8=",
954 "ciphertext": "abcd"
955 }
956 }
957 }),
958 )
959 .mount()
960 .await;
961
962 let recovery = Recovery { client };
963
964 let ret =
965 recovery.recover("EsTj 3yST y93F SLpB jJsz eAXc 2XzA ygD3 w69H fGaN TKBj jXEd").await;
966
967 assert_matches!(
968 ret,
969 Err(RecoveryError::SecretStorage(SecretStorageError::ImportError {
970 name: SecretName::CrossSigningMasterKey,
971 error: _
972 }))
973 );
974 }
975}