Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MXKeyBackup: trustForKeyBackupVersionFromCryptoQueue must consider MSK trust #4338

Closed
manuroe opened this issue May 18, 2021 · 2 comments · Fixed by matrix-org/matrix-ios-sdk#1141
Closed

MXKeyBackup: trustForKeyBackupVersionFromCryptoQueue must consider MSK trust #4338

manuroe opened this issue May 18, 2021 · 2 comments · Fixed by matrix-org/matrix-ios-sdk#1141
Assignees
@stefanceriu
Labels
A-E2EE A-E2EE-Key-Backup parity-with-web

Comments

@manuroe
Copy link
Member

manuroe commented May 18, 2021

While looking at the unexpected display of the secure banner (#4332), we discovered that we do not check for signature from the user MSK but only from devices: https:/matrix-org/matrix-ios-sdk/blob/v0.18.12/MatrixSDK/Crypto/KeyBackup/MXKeyBackup.m#L1067

This may be a problem. If we do not trust the key backup, we do not back up to it.
@manuroe
Copy link
Member Author

manuroe commented May 18, 2021

Web signs and trusts using the MSK: element-hq/element-web#11747

@gileluard gileluard mentioned this issue Jun 28, 2021
Merged
@stefanceriu stefanceriu self-assigned this Sep 3, 2021
@manuroe
Copy link
Member Author

manuroe commented Sep 3, 2021
edited
Loading

js-sdk signs the key backup here

stefanceriu added a commit to matrix-org/matrix-ios-sdk that referenced this issue Sep 3, 2021
@stefanceriu
element-hq/element-ios/issues/4338 - Fixed key backup signing and sig…
e412746 
…nature validation.
stefanceriu added a commit to matrix-org/matrix-ios-sdk that referenced this issue Sep 10, 2021
@stefanceriu
element-hq/element-ios/issues/4338 - Fixed key backup signing and sig…
67219d5 
…nature validation.
@manuroe manuroe mentioned this issue Sep 14, 2021
Closed
stefanceriu added a commit to matrix-org/matrix-ios-sdk that referenced this issue Sep 15, 2021
@stefanceriu
element-hq/element-ios/issues/4338 - Fixed key backup signing and sig…
0a38b51 
…nature validation.
stefanceriu added a commit to matrix-org/matrix-ios-sdk that referenced this issue Sep 17, 2021
@stefanceriu
element-hq/element-ios/issues/4338 - Create key backup without cross-…
07fc08d 
…signing when not available.
stefanceriu added a commit to matrix-org/matrix-ios-sdk that referenced this issue Sep 17, 2021
@stefanceriu
element-hq/element-ios/issues/4338 - Create key backup without cross-…
7a519b0 
…signing when not available.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stefanceriu stefanceriu

Labels
A-E2EE A-E2EE-Key-Backup parity-with-web
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

MXKeyBackup: trustForKeyBackupVersionFromCryptoQueue must consider MS… matrix-org/matrix-ios-sdk
2 participants
@stefanceriu @manuroe