Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security settings: Improve the SECURE BACKUP section #4434

Merged
merged 21 commits into from
Jun 17, 2021

Conversation

manuroe
Copy link
Member

@manuroe manuroe commented Jun 16, 2021

by making it work like element-web.
Fix #4430.
Require matrix-org/matrix-ios-sdk#1129.

This section now represents a mix of the secure backup (4S) state and the key backup state. The different combination are listed in SettingsSecureBackupViewState.

In the nominal state, when secure backup and key backup and up, the 3 buttons do:

  • "Restore from Backup": restore the message keys (megolm) from the key backup. If the key backup key is in the local 4S, no passphrase will be asked.
  • "Delete Backup": delete the key backup
  • "Reset": Reset the secure backup and the key backup. A new security phrase will be asked. Then, it will delete existing backups and create new ones.

The "Set up" button can do 2 things:

  • if there is a secure backup but no key backup, it will create a key backup. The security phrase/key of the secure backup will be asked.
  • if there is no secure back, the 2 backups will be created. A new security phrase will be asked.

All other possibilities can be found in the state rendering at https://github.com/vector-im/element-ios/pull/4434/files#diff-26bb1cb392f51cc027e4f8d7fc4fde1388ddff100919f9fbd442972e6b9bfa55R126.

I updated the SecretsRecovery flow, the one where we asked for Security phrase or key. We can now execute a random closure once the 4S has been locked and we got the private key. This is done with a new SecretsRecoveryGoal enum case, which is pure swift. We should probably rename this flow to SecureBackupUnlock.

In term of implementation, SettingsSecureBackupTableViewSection is a copy and paste of the SettingsKeyBackupTableViewSection we used 2y ago.

Wording has been updated to match element-web one. Meanwhile, "Recovery Passphrase" and "Recovery Key" have been replace by "Security Phrase" and "Security Key" (Fix #4268).

manuroe added 18 commits June 15, 2021 16:07
but this code is not used in production
This is a copy from SettingsKeyBackupTableViewSection.
We need to get the current status of the key backup to be able to display right actions.
… unlocked

Only from swift.
We should change the name "SecretsRecovery" classes
It will overwrite the existing one if any
@manuroe
Copy link
Member Author

manuroe commented Jun 16, 2021

New sections: SECURE BACKUP and CROSS-SIGNING

image

New goal in the SecretsRecovery flow to unlock the secure backup

image

New success screen when creating key backup using the secure backup

image

@manuroe
Copy link
Member Author

manuroe commented Jun 16, 2021

The following build settings are no more managed:

  • settingsSecurityScreenShowRestoreBackup
  • settingsSecurityScreenShowDeleteBackup
  • settingsSecurityScreenShowSetupBackup

@gileluard I wonder how we should proceed. Do we need this granularity?
Can we simply hide the "SECURE BACKUP" or "CROSS-SIGNING" section?

Cells for the "SECURE BACKUP" section are built in https://github.com/vector-im/element-ios/pull/4434/files#diff-26bb1cb392f51cc027e4f8d7fc4fde1388ddff100919f9fbd442972e6b9bfa55R126.

@manuroe manuroe marked this pull request as ready for review June 16, 2021 14:20
@manuroe manuroe merged commit 1edeba2 into develop Jun 17, 2021
@manuroe manuroe deleted the manu/4430_security_settings_update branch June 17, 2021 12:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Security settings: Replace the "Synchronise" button Old name Recovery Key still used
2 participants