Avoid using accessSecretStorage to create 4S (#30244)

* remove resetCrossSigning flag, which is no longer in use

* drop unnecessary check for cross-signing

The only place where verifyUser is called already checks that cross-signing is
set up.  (The function name is also incorrect, since it checks for the
cross-signing key, and not for 4S.)

* avoid calling accessSecretStorage to set up cross-signing or 4S

Send the user to the Encryption settings tab instead

* only create secret storage when specifically asked to

* deprecate using accessSecretStorage to create new 4S

* also remove the obsolete snapshot

* add tests

* Tweak comment

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

Author: uhoreg

res/css/_components.pcss

@@ -177,7 +177,6 @@
 @import "./views/dialogs/_WidgetCapabilitiesPromptDialog.pcss";
 @import "./views/dialogs/security/_AccessSecretStorageDialog.pcss";
 @import "./views/dialogs/security/_CreateCrossSigningDialog.pcss";
-@import "./views/dialogs/security/_CreateKeyBackupDialog.pcss";
 @import "./views/dialogs/security/_CreateSecretStorageDialog.pcss";
 @import "./views/dialogs/security/_KeyBackupFailedDialog.pcss";
 @import "./views/dialogs/security/_RestoreKeyBackupDialog.pcss";

res/css/views/dialogs/security/_CreateKeyBackupDialog.pcss

@@ -176,10 +176,11 @@ export async function withSecretStorageKeyCache<T>(func: () => Promise<T>): Prom
 }
 
 export interface AccessSecretStorageOpts {
-    /** Reset secret storage even if it's already set up. */
+    /**
+     * Reset secret storage even if it's already set up.
+     * @deprecated send the user to the Encryption settings tab to reset secret storage
+     */
     forceReset?: boolean;
-    /** Create new cross-signing keys. Only applicable if `forceReset` is `true`. */
-    resetCrossSigning?: boolean;
 }
 
 /**
@@ -189,8 +190,8 @@ export interface AccessSecretStorageOpts {
  * provided function.
  *
  * Bootstrapping secret storage may take one of these paths:
- * 1. Create secret storage from a passphrase and store cross-signing keys
- *    in secret storage.
+ * 1. (Only if `opts.forceReset` is set) create secret storage from a passphrase
+ *    and store cross-signing keys in secret storage.
  * 2. Access existing secret storage by requesting passphrase and accessing
  *    cross-signing keys as needed.
  * 3. All keys are loaded and there's nothing to do.
@@ -199,6 +200,8 @@ export interface AccessSecretStorageOpts {
  * to ensure the user is prompted only once for their secret storage
  * passphrase. The cache is then cleared once the provided function completes.
  *
+ * Throws an error if secret storage is not set up (and `opts.forceReset` is not set)
+ *
  * @param {Function} [func] An operation to perform once secret storage has been
  * bootstrapped. Optional.
  * @param [opts] The options to use when accessing secret storage.
@@ -219,16 +222,8 @@ async function doAccessSecretStorage(func: () => Promise<void>, opts: AccessSecr
             throw new Error("End-to-end encryption is disabled - unable to access secret storage.");
         }
 
-        let createNew = false;
         if (opts.forceReset) {
             logger.debug("accessSecretStorage: resetting 4S");
-            createNew = true;
-        } else if (!(await cli.secretStorage.hasKey())) {
-            logger.debug("accessSecretStorage: no 4S key configured, creating a new one");
-            createNew = true;
-        }
-
-        if (createNew) {
             // This dialog calls bootstrap itself after guiding the user through
             // passphrase creation.
             const { finished } = Modal.createDialog(
@@ -251,6 +246,9 @@ async function doAccessSecretStorage(func: () => Promise<void>, opts: AccessSecr
             if (!confirmed) {
                 throw new Error("Secret storage creation canceled");
             }
+        } else if (!(await cli.secretStorage.hasKey())) {
+            logger.debug("accessSecretStorage: no 4S key configured");
+            throw new Error("Secret storage has not been created yet.");
         } else {
             logger.debug("accessSecretStorage: bootstrapCrossSigning");
             await crypto.bootstrapCrossSigning({

src/SecurityManager.ts

@@ -56,7 +56,6 @@ const PASSWORD_MIN_SCORE = 4; // So secure, many characters, much complex, wow,
 
 interface IProps {
     forceReset?: boolean;
-    resetCrossSigning?: boolean;
     onFinished(ok?: boolean): void;
 }
 
@@ -80,11 +79,12 @@ interface IState {
  * If the user already has a key backup, follows a "migration" flow (aka "Upgrade your encryption") which
  * prompts the user to enter their backup decryption password (a Curve25519 private key, possibly derived
  * from a passphrase), and uses that as the (AES) 4S encryption key.
+ *
+ * @deprecated send the user to EncryptionUserSettingsTab instead
  */
 export default class CreateSecretStorageDialog extends React.PureComponent<IProps, IState> {
     public static defaultProps: Partial<IProps> = {
         forceReset: false,
-        resetCrossSigning: false,
     };
     private recoveryKey?: GeneratedSecretStorageKey;
     private recoveryKeyNode = createRef<HTMLElement>();
@@ -211,7 +211,7 @@ export default class CreateSecretStorageDialog extends React.PureComponent<IProp
     private bootstrapSecretStorage = async (): Promise<void> => {
         const cli = MatrixClientPeg.safeGet();
         const crypto = cli.getCrypto()!;
-        const { forceReset, resetCrossSigning } = this.props;
+        const { forceReset } = this.props;
 
         let backupInfo;
         // First, unless we know we want to do a reset, we see if there is an existing key backup
@@ -246,13 +246,6 @@ export default class CreateSecretStorageDialog extends React.PureComponent<IProp
                     createSecretStorageKey: async () => this.recoveryKey!,
                     setupNewSecretStorage: true,
                 });
-                if (resetCrossSigning) {
-                    logger.log("Resetting cross signing");
-                    await crypto.bootstrapCrossSigning({
-                        authUploadDeviceSigningKeys: this.doBootstrapUIAuth,
-                        setupNewCrossSigning: true,
-                    });
-                }
                 logger.log("Resetting key backup");
                 await crypto.resetKeyBackup();
             } else {