Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Reset room key #6030

Merged
merged 23 commits into from
Dec 11, 2024
Merged

feat: Reset room key #6030

merged 23 commits into from
Dec 11, 2024

Conversation

diegolmello
Copy link
Member

@diegolmello diegolmello commented Nov 29, 2024
edited
Loading

Proposed changes

Allows authorized users to reset the encryption key of E2EE rooms.

The idea is to prevent situations where all users of a room have lost the keys, and with that, have lost the access to use the room. Now Rocket.Chat will allow them to define a new set of keys for the room via UI.

If a user happens to have a key to the room, after the reset this will be moved to a list of oldRoomKeys, which the UI will use to decode older messages.

Issue(s)

Implements RocketChat/Rocket.Chat#33328

How to test or reproduce

  • User A (owner) and User B on the same E2EE room
    • Suggestion: do it with both users on mobile app on different simulators. This way you'll be able to follow along testing all features involved
  • Send a few messages with both users
  • User B is offline
  • User A resets its own E2EE key on Settings > Security and privacy > E2EE > Reset
  • User A logs in and app creates a new E2EE key automatically
  • User A can't read the room, since they don't have keys
  • User A resets room key
    • Can be done by tapping key icon on header or Room Actions > E2EE > Reset
  • User A won't be able to read the messages still
  • User A sends a few messages with the new key
  • User A goes offline
  • User B logs in again, receives the new key and provides old room keys to User A
  • User B can read the messages User A just sent with the new key and all the old ones, since they had the keys all this time
  • User A goes online and can read all messages again

Screenshots

Types of changes

  • Bugfix (non-breaking change which fixes an issue)
  • Improvement (non-breaking change which improves a current function)
  • New feature (non-breaking change which adds functionality)
  • Documentation update (if none of the other choices apply)

Checklist

  • I have read the CONTRIBUTING doc
  • I have signed the CLA
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works (if applicable)
  • I have added necessary documentation (if applicable)
  • Any dependent changes have been merged and published in downstream modules

Further comments

CORE-802

@diegolmello diegolmello changed the base branch from develop to feat.e2ee-key-async November 29, 2024 20:25
@diegolmello diegolmello marked this pull request as ready for review December 5, 2024 19:55
diegolmello
diegolmello commented Dec 5, 2024
View reviewed changes
patches/@rocket.chat+sdk+1.3.3-mobile.patch
if (Array.isArray(value)) {
value.forEach(val => {
- params.push(`${encodeURIComponent(key)}=${encodeURIComponent(val)}`);
+ params.push(`${encodeURIComponent(key)}[]=${encodeURIComponent(val)}`);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll add to the SDK after merge

OtavioStasiak
OtavioStasiak approved these changes Dec 5, 2024
View reviewed changes
Copy link
Contributor

@OtavioStasiak OtavioStasiak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me, great job!

@diegolmello diegolmello merged commit fdc4b7e into feat.e2ee-key-async Dec 11, 2024
3 of 8 checks passed
@diegolmello diegolmello deleted the feat.reset-room-key branch December 11, 2024 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OtavioStasiak OtavioStasiak OtavioStasiak approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@diegolmello @OtavioStasiak