feat: Simplified bootstrap with crypto identity extension

krille-chan · krille-chan · commit 68529c441ab8 · 2025-12-31T10:46:38.000+01:00
diff --git a/doc/end-to-end-encryption.md b/doc/end-to-end-encryption.md
@@ -37,4 +37,47 @@ final client = Client('Matrix Client',
     ),
     // ...
 );
-```
+```
+
+### Setup your crypto identity
+
+To use **Secure Storage and Sharing**, **Cross Signing** and the **Online Key Backup**,
+you should set up your crypto identity. The crypto identity is defined as the
+combined feature of those three features. First you should check if it is already
+set up for this account:
+
+```dart
+final state = await client.getCryptoIdentityState();
+if (state.initialized) {
+    print('Your crypto identity is initialized. You can either restore or wipe it.');
+}
+if (state.connected) {
+    print('Your crypto identity is initialized and you are connected. You can now only wipe it to reset your passphrase or recovery key!');
+}
+```
+
+If `initialized` is `false` you need to initialize your crypto identity first:
+
+```dart
+final recoveryKey = await client.initCryptoIdentity();
+```
+
+You can also set a custom passphrase:
+
+```dart
+final passphrase = await client.initCryptoIdentity('SuperSecurePassphrase154%');
+```
+
+To then reconnect on a new device you can restore your crypto identity:
+
+```dart
+await client.restoreCryptoIdentity(passphraseOrRecoveryKey);
+```
+
+If you have lost your passphrase or recovery key, you can wipe your crypto
+identity and get a new key with `client.initCryptoIdentity()` at any time.
+
+> hint: An alternative to `client.restoreCryptoIdentity()` can be that you use
+> **key verification** to connect with another session which is already connected.
+> The Client would then request all necessary secrets of your crypto identity
+> automatically via **to-device-messaging**.
diff --git a/lib/encryption.dart b/lib/encryption.dart
@@ -24,3 +24,4 @@ export 'encryption/key_manager.dart';
 export 'encryption/ssss.dart';
 export 'encryption/utils/key_verification.dart';
 export 'encryption/utils/bootstrap.dart';
+export 'encryption/utils/crypto_setup_extension.dart';
diff --git a/lib/encryption/utils/crypto_setup_extension.dart b/lib/encryption/utils/crypto_setup_extension.dart
@@ -0,0 +1,167 @@
+import 'dart:async';
+
+import 'package:matrix/encryption/utils/bootstrap.dart';
+import 'package:matrix/matrix.dart';
+
+extension CryptoSetupExtension on Client {
+  /// Returns the current state of the crypto identity.
+  Future<({bool initialized, bool connected})> getCryptoIdentityState() async =>
+      (
+        initialized: (encryption?.keyManager.enabled ?? false) &&
+            (encryption?.crossSigning.enabled ?? false),
+        connected: ((await encryption?.keyManager.isCached()) ?? false) &&
+            ((await encryption?.crossSigning.isCached()) ?? false),
+      );
+
+  Future<void> restoreCryptoIdentity(String keyOrPassphrase) async {
+    final encryption = this.encryption;
+    if (encryption == null) {
+      throw Exception('End to end encryption not available!');
+    }
+    final cryptoIdentityState = await getCryptoIdentityState();
+    if (!cryptoIdentityState.initialized) {
+      throw Exception(
+        'Crypto identity is not initalized. Please check with `Client.getCryptoIdentityState()` first and run `Client.initCryptoIdentity()` once for this account.',
+      );
+    }
+    if (cryptoIdentityState.connected) {
+      throw Exception(
+        'Crypto identity is already connected. Please check with `Client.getCryptoIdentityState()`.',
+      );
+    }
+
+    final completer = Completer();
+    encryption.bootstrap(
+      onUpdate: (bootstrap) async {
+        try {
+          switch (bootstrap.state) {
+            case BootstrapState.loading:
+              break;
+            case BootstrapState.askWipeSsss:
+              bootstrap.wipeSsss(false);
+              break;
+            case BootstrapState.askUseExistingSsss:
+              bootstrap.useExistingSsss(true);
+              break;
+            case BootstrapState.askUnlockSsss:
+              bootstrap.unlockedSsss();
+              break;
+            case BootstrapState.askBadSsss:
+              bootstrap.ignoreBadSecrets(false);
+              break;
+            case BootstrapState.openExistingSsss:
+              await bootstrap.newSsssKey!
+                  .unlock(keyOrPassphrase: keyOrPassphrase);
+              await bootstrap.openExistingSsss();
+              await bootstrap.client.encryption!.crossSigning
+                  .selfSign(recoveryKey: keyOrPassphrase);
+              break;
+            case BootstrapState.askWipeCrossSigning:
+              await bootstrap.wipeCrossSigning(false);
+              break;
+            case BootstrapState.askWipeOnlineKeyBackup:
+              bootstrap.wipeOnlineKeyBackup(false);
+              break;
+            // These states should not appear at all:
+            case BootstrapState.askSetupOnlineKeyBackup:
+            case BootstrapState.askSetupCrossSigning:
+            case BootstrapState.askNewSsss:
+              throw Exception(
+                'Bootstrap state ${bootstrap.state} should not happen!',
+              );
+            case BootstrapState.error:
+              throw Exception('Bootstrap error!');
+            case BootstrapState.done:
+              completer.complete();
+              break;
+          }
+        } catch (e, s) {
+          if (completer.isCompleted) {
+            return Logs().e('Bootstrap error after completed', e, s);
+          }
+          return completer.completeError(e, s);
+        }
+      },
+    );
+
+    await completer.future;
+  }
+
+  Future<String> initCryptoIdentity({
+    String? passphrase,
+    bool wipeSecureStorage = true,
+    bool wipeKeyBackup = true,
+    bool wipeCrossSigning = true,
+    bool setupMasterKey = true,
+    bool setupSelfSigningKey = true,
+    bool setupUserSigningKey = true,
+    bool setupOnlineKeyBackup = true,
+  }) async {
+    final encryption = this.encryption;
+    if (encryption == null) {
+      throw Exception('End to end encryption not available!');
+    }
+
+    String? newSsssKey;
+    final completer = Completer();
+    encryption.bootstrap(
+      onUpdate: (bootstrap) async {
+        try {
+          newSsssKey ??= bootstrap.newSsssKey?.recoveryKey;
+          switch (bootstrap.state) {
+            case BootstrapState.loading:
+              break;
+            case BootstrapState.askWipeSsss:
+              bootstrap.wipeSsss(wipeSecureStorage);
+              break;
+            case BootstrapState.askUseExistingSsss:
+              bootstrap.useExistingSsss(false);
+              break;
+            case BootstrapState.askUnlockSsss:
+              bootstrap.unlockedSsss();
+              break;
+            case BootstrapState.askBadSsss:
+              bootstrap.ignoreBadSecrets(true);
+              break;
+            case BootstrapState.askWipeCrossSigning:
+              await bootstrap.wipeCrossSigning(wipeCrossSigning);
+              break;
+            case BootstrapState.askWipeOnlineKeyBackup:
+              bootstrap.wipeOnlineKeyBackup(wipeKeyBackup);
+              break;
+            case BootstrapState.askSetupOnlineKeyBackup:
+              await bootstrap.askSetupOnlineKeyBackup(setupOnlineKeyBackup);
+              break;
+            case BootstrapState.askSetupCrossSigning:
+              await bootstrap.askSetupCrossSigning(
+                setupMasterKey: setupMasterKey,
+                setupSelfSigningKey: setupSelfSigningKey,
+                setupUserSigningKey: setupUserSigningKey,
+              );
+              break;
+            case BootstrapState.askNewSsss:
+              await bootstrap.newSsss(passphrase);
+              break;
+            case BootstrapState.openExistingSsss:
+              throw Exception(
+                'Bootstrap state ${bootstrap.state} should not happen!',
+              );
+            case BootstrapState.error:
+              throw Exception('Bootstrap error!');
+            case BootstrapState.done:
+              completer.complete();
+              break;
+          }
+        } catch (e, s) {
+          if (completer.isCompleted) {
+            return Logs().e('Bootstrap error after completed', e, s);
+          }
+          return completer.completeError(e, s);
+        }
+      },
+    );
+
+    await completer.future;
+    return newSsssKey!;
+  }
+}
diff --git a/test/encryption/crypto_setup_test.dart b/test/encryption/crypto_setup_test.dart
@@ -0,0 +1,73 @@
+/*
+ *   Famedly Matrix SDK
+ *   Copyright (C) 2020 Famedly GmbH
+ *
+ *   This program is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU Affero General Public License as
+ *   published by the Free Software Foundation, either version 3 of the
+ *   License, or (at your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU Affero General Public License for more details.
+ *
+ *   You should have received a copy of the GNU Affero General Public License
+ *   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import 'package:test/test.dart';
+import 'package:vodozemac/vodozemac.dart' as vod;
+
+import 'package:matrix/encryption/utils/crypto_setup_extension.dart';
+import 'package:matrix/matrix.dart';
+import '../fake_client.dart';
+
+void main() {
+  group('Bootstrap', tags: 'olm', () {
+    Logs().level = Level.error;
+
+    late Client client;
+
+    setUpAll(() async {
+      await vod.init(
+        wasmPath: './pkg/',
+        libraryPath: './rust/target/debug/',
+      );
+
+      client = await getClient();
+    });
+
+    test('getCryptoIdentityState', () async {
+      final state = await client.getCryptoIdentityState();
+      expect(state.initialized, true);
+      expect(state.connected, false);
+    });
+
+    test('initCryptoIdentity & restoreCryptoIdentity', () async {
+      var state = await client.getCryptoIdentityState();
+      expect(state.initialized, true);
+      expect(state.connected, false);
+
+      final recoveryKey = await client.initCryptoIdentity();
+      expect(recoveryKey.length, 59);
+      expect(recoveryKey.substring(0, 2), 'Es');
+
+      state = await client.getCryptoIdentityState();
+      expect(state.initialized, true);
+      expect(state.connected, true);
+
+      await client.encryption!.ssss.clearCache();
+
+      state = await client.getCryptoIdentityState();
+      expect(state.initialized, true);
+      expect(state.connected, false);
+
+      await client.restoreCryptoIdentity(recoveryKey);
+
+      state = await client.getCryptoIdentityState();
+      expect(state.initialized, true);
+      expect(state.connected, true);
+    });
+  });
+}
diff --git a/test_driver/dendrite/data/dendrite.yaml b/test_driver/dendrite/data/dendrite.yaml
@@ -185,7 +185,7 @@ client_api:
   # will be released after the cooloff time in milliseconds. Server administrators
   # and appservice users are exempt from rate limiting by default.
   rate_limiting:
-    enabled: true
+    enabled: false
     threshold: 5
     cooloff_ms: 500
     exempt_user_ids:
diff --git a/test_driver/matrixsdk_test.dart b/test_driver/matrixsdk_test.dart
@@ -21,6 +21,7 @@ import 'dart:io';
 import 'package:test/test.dart';
 import 'package:vodozemac/vodozemac.dart' as vod;
 
+import 'package:matrix/encryption/utils/crypto_setup_extension.dart';
 import 'package:matrix/matrix.dart';
 import '../test/fake_database.dart';
 import 'test_config.dart';
@@ -458,8 +459,31 @@ void main() => group(
               "++++ (Bob) Received decrypted message: '${inviteRoom.lastEvent!.body}' ++++",
             );
 
-            await room.leave();
-            await room.forget();
+            Logs().i('++++ (Alice) Init crypto identity ++++');
+            if (Platform.environment['HOMESERVER_IMPLEMENTATION'] !=
+                'conduit') {
+              const passphrase = 'aliceSecurePassphrase100%';
+              await testClientA.initCryptoIdentity(passphrase: passphrase);
+              await testClientA.logout();
+              await testClientA.checkHomeserver(homeserverUri);
+              await testClientA.login(
+                LoginType.mLoginPassword,
+                identifier:
+                    AuthenticationUserIdentifier(user: Users.user1.name),
+                password: Users.user1.password,
+              );
+              await testClientA.oneShotSync();
+              await testClientA.restoreCryptoIdentity(passphrase);
+              final newSessionRoomA = testClientA.getRoomById(roomId)!;
+              await newSessionRoomA.lastEvent?.requestKey();
+              expect(newSessionRoomA.lastEvent!.body, testMessage6);
+              await newSessionRoomA.leave();
+              await newSessionRoomA.forget();
+            } else {
+              await room.leave();
+              await room.forget();
+            }
+
             await inviteRoom.leave();
             await inviteRoom.forget();
             await Future.delayed(Duration(seconds: 1));
diff --git a/test_driver/synapse/data/homeserver.yaml b/test_driver/synapse/data/homeserver.yaml
@@ -865,10 +865,10 @@ log_config: "/data/localhost.log.config"
 #  per_second: 0.1
 #  burst_count: 5
 #
-#rc_login:
-#  address:
-#    per_second: 0.17
-#    burst_count: 3
+rc_login:
+  address:
+    per_second: 1
+    burst_count: 100
 #  account:
 #    per_second: 0.17
 #    burst_count: 3
