Prepare for repo merge

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2024-10-15 11:35:21 +01:00
parent 0f670b8dc0
commit b084ff2313
807 changed files with 0 additions and 0 deletions
--- a/test/unit-tests/stores/SetupEncryptionStore-test.ts
+++ b/test/unit-tests/stores/SetupEncryptionStore-test.ts
@@ -0,0 +1,208 @@
+/*
+Copyright 2024 New Vector Ltd.
+Copyright 2023 The Matrix.org Foundation C.I.C.
+
+SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only
+Please see LICENSE files in the repository root for full details.
+*/
+
+import { mocked, Mocked } from "jest-mock";
+import { IBootstrapCrossSigningOpts } from "matrix-js-sdk/src/crypto";
+import { MatrixClient, Device } from "matrix-js-sdk/src/matrix";
+import { SecretStorageKeyDescriptionAesV1, ServerSideSecretStorage } from "matrix-js-sdk/src/secret-storage";
+import { IDehydratedDevice } from "matrix-js-sdk/src/crypto/dehydration";
+import { CryptoApi, DeviceVerificationStatus } from "matrix-js-sdk/src/crypto-api";
+
+import { SdkContextClass } from "../../src/contexts/SDKContext";
+import { accessSecretStorage } from "../../src/SecurityManager";
+import { SetupEncryptionStore } from "../../src/stores/SetupEncryptionStore";
+import { emitPromise, stubClient } from "../test-utils";
+
+jest.mock("../../src/SecurityManager", () => ({
+    accessSecretStorage: jest.fn(),
+}));
+
+describe("SetupEncryptionStore", () => {
+    const cachedPassword = "p4assword";
+    let client: Mocked<MatrixClient>;
+    let mockCrypto: Mocked<CryptoApi>;
+    let mockSecretStorage: Mocked<ServerSideSecretStorage>;
+    let setupEncryptionStore: SetupEncryptionStore;
+
+    beforeEach(() => {
+        client = mocked(stubClient());
+        mockCrypto = {
+            bootstrapCrossSigning: jest.fn(),
+            getCrossSigningKeyId: jest.fn(),
+            getVerificationRequestsToDeviceInProgress: jest.fn().mockReturnValue([]),
+            getUserDeviceInfo: jest.fn(),
+            getDeviceVerificationStatus: jest.fn(),
+            isDehydrationSupported: jest.fn().mockResolvedValue(false),
+            startDehydration: jest.fn(),
+        } as unknown as Mocked<CryptoApi>;
+        client.getCrypto.mockReturnValue(mockCrypto);
+
+        mockSecretStorage = {
+            isStored: jest.fn(),
+        } as unknown as Mocked<ServerSideSecretStorage>;
+        Object.defineProperty(client, "secretStorage", { value: mockSecretStorage });
+
+        setupEncryptionStore = new SetupEncryptionStore();
+        SdkContextClass.instance.accountPasswordStore.setPassword(cachedPassword);
+    });
+
+    afterEach(() => {
+        SdkContextClass.instance.accountPasswordStore.clearPassword();
+    });
+
+    describe("start", () => {
+        it("should fetch cross-signing and device info", async () => {
+            const fakeKey = {} as SecretStorageKeyDescriptionAesV1;
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: fakeKey });
+
+            const fakeDevice = new Device({ deviceId: "deviceId", userId: "", algorithms: [], keys: new Map() });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(
+                new Map([[client.getSafeUserId(), new Map([[fakeDevice.deviceId, fakeDevice]])]]),
+            );
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+
+            // our fake device is not signed, so we can't verify against it
+            expect(setupEncryptionStore.hasDevicesToVerifyAgainst).toBe(false);
+
+            expect(setupEncryptionStore.keyId).toEqual("sskeyid");
+            expect(setupEncryptionStore.keyInfo).toBe(fakeKey);
+        });
+
+        it("should spot a signed device", async () => {
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: {} as SecretStorageKeyDescriptionAesV1 });
+
+            const fakeDevice = new Device({
+                deviceId: "deviceId",
+                userId: "",
+                algorithms: [],
+                keys: new Map([["curve25519:deviceId", "identityKey"]]),
+            });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(
+                new Map([[client.getSafeUserId(), new Map([[fakeDevice.deviceId, fakeDevice]])]]),
+            );
+            mockCrypto.getDeviceVerificationStatus.mockResolvedValue(
+                new DeviceVerificationStatus({ signedByOwner: true }),
+            );
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+
+            expect(setupEncryptionStore.hasDevicesToVerifyAgainst).toBe(true);
+        });
+
+        it("should ignore the MSC2697 dehydrated device", async () => {
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: {} as SecretStorageKeyDescriptionAesV1 });
+
+            client.getDehydratedDevice.mockResolvedValue({ device_id: "dehydrated" } as IDehydratedDevice);
+
+            const fakeDevice = new Device({
+                deviceId: "dehydrated",
+                userId: "",
+                algorithms: [],
+                keys: new Map([["curve25519:dehydrated", "identityKey"]]),
+            });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(
+                new Map([[client.getSafeUserId(), new Map([[fakeDevice.deviceId, fakeDevice]])]]),
+            );
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+
+            expect(setupEncryptionStore.hasDevicesToVerifyAgainst).toBe(false);
+            expect(mockCrypto.getDeviceVerificationStatus).not.toHaveBeenCalled();
+        });
+
+        it("should ignore the MSC3812 dehydrated device", async () => {
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: {} as SecretStorageKeyDescriptionAesV1 });
+
+            const fakeDevice = new Device({
+                deviceId: "dehydrated",
+                userId: "",
+                algorithms: [],
+                keys: new Map([["curve25519:dehydrated", "identityKey"]]),
+                dehydrated: true,
+            });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(
+                new Map([[client.getSafeUserId(), new Map([[fakeDevice.deviceId, fakeDevice]])]]),
+            );
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+
+            expect(setupEncryptionStore.hasDevicesToVerifyAgainst).toBe(false);
+            expect(mockCrypto.getDeviceVerificationStatus).not.toHaveBeenCalled();
+        });
+
+        it("should correctly handle getUserDeviceInfo() returning an empty map", async () => {
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: {} as SecretStorageKeyDescriptionAesV1 });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(new Map());
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+            expect(setupEncryptionStore.hasDevicesToVerifyAgainst).toBe(false);
+        });
+    });
+
+    describe("usePassPhrase", () => {
+        it("should use dehydration when enabled", async () => {
+            // mocks for cross-signing and secret storage
+            mockSecretStorage.isStored.mockResolvedValue({ sskeyid: {} as SecretStorageKeyDescriptionAesV1 });
+            mockCrypto.getUserDeviceInfo.mockResolvedValue(new Map());
+            mockCrypto.getDeviceVerificationStatus.mockResolvedValue(
+                new DeviceVerificationStatus({ signedByOwner: true }),
+            );
+            mocked(accessSecretStorage).mockImplementation(async (func?: () => Promise<void>) => {
+                await func!();
+            });
+
+            // mocks for dehydration
+            mockCrypto.isDehydrationSupported.mockResolvedValue(true);
+            const dehydrationPromise = new Promise<void>((resolve) => {
+                // Dehydration gets processed in the background, after
+                // `usePassPhrase` returns, so we need to use a promise to make
+                // sure that it is called.
+                mockCrypto.startDehydration.mockImplementation(async () => {
+                    resolve();
+                });
+            });
+            client.waitForClientWellKnown.mockResolvedValue({ "org.matrix.msc3814": true });
+
+            setupEncryptionStore.start();
+            await emitPromise(setupEncryptionStore, "update");
+
+            await setupEncryptionStore.usePassPhrase();
+
+            await dehydrationPromise;
+        });
+    });
+
+    it("resetConfirm should work with a cached account password", async () => {
+        const makeRequest = jest.fn();
+        mockCrypto.bootstrapCrossSigning.mockImplementation(async (opts: IBootstrapCrossSigningOpts) => {
+            await opts?.authUploadDeviceSigningKeys?.(makeRequest);
+        });
+        mocked(accessSecretStorage).mockImplementation(async (func?: () => Promise<void>) => {
+            await func!();
+        });
+
+        await setupEncryptionStore.resetConfirm();
+
+        expect(mocked(accessSecretStorage)).toHaveBeenCalledWith(expect.any(Function), true);
+        expect(makeRequest).toHaveBeenCalledWith({
+            identifier: {
+                type: "m.id.user",
+                user: "@userId:matrix.org",
+            },
+            password: cachedPassword,
+            type: "m.login.password",
+            user: "@userId:matrix.org",
+        });
+    });
+});