Cleanup tasks in SecurityManager/SetupEncryptionStore (#12764)

* Remove call to no-op `checkOwnCrossSigningTrust`

this is a no-op on rust crypto

* inline `SecurityManager.isCachingAllowed`

Since https://github.com/matrix-org/matrix-react-sdk/pull/4789, this has just
been an obscure way to write a test of a local variable.

* Remove unused `CreateSecretStorageOpts.getKeyBackupPassphrase` parameter

This is unused on rust crypto (cf https://github.com/matrix-org/matrix-js-sdk/pull/4313)

src/SecurityManager.ts

@@ -25,7 +25,6 @@ import { MatrixClientPeg } from "./MatrixClientPeg";
 import { _t } from "./languageHandler";
 import { isSecureBackupRequired } from "./utils/WellKnownUtils";
 import AccessSecretStorageDialog, { KeyParams } from "./components/views/dialogs/security/AccessSecretStorageDialog";
-import RestoreKeyBackupDialog from "./components/views/dialogs/security/RestoreKeyBackupDialog";
 import SettingsStore from "./settings/SettingsStore";
 import { ModuleRunner } from "./modules/ModuleRunner";
 import QuestionDialog from "./components/views/dialogs/QuestionDialog";
@@ -45,10 +44,6 @@ let dehydrationCache: {
     keyInfo?: SecretStorage.SecretStorageKeyDescription;
 } = {};
 
-function isCachingAllowed(): boolean {
-    return secretStorageBeingAccessed;
-}
-
 /**
  * This can be used by other components to check if secret storage access is in
  * progress, so that we can e.g. avoid intermittently showing toasts during
@@ -118,7 +113,7 @@ async function getSecretStorageKey({
     }
 
     // Check the in-memory cache
-    if (isCachingAllowed() && secretStorageKeys[keyId]) {
+    if (secretStorageBeingAccessed && secretStorageKeys[keyId]) {
         return [keyId, secretStorageKeys[keyId]];
     }
 
@@ -226,7 +221,7 @@ function cacheSecretStorageKey(
     keyInfo: SecretStorage.SecretStorageKeyDescription,
     key: Uint8Array,
 ): void {
-    if (isCachingAllowed()) {
+    if (secretStorageBeingAccessed) {
         secretStorageKeys[keyId] = key;
         secretStorageKeyInfo[keyId] = keyInfo;
     }
@@ -278,26 +273,6 @@ export const crossSigningCallbacks: ICryptoCallbacks = {
     getDehydrationKey,
 };
 
-export async function promptForBackupPassphrase(): Promise<Uint8Array> {
-    let key!: Uint8Array;
-
-    const { finished } = Modal.createDialog(
-        RestoreKeyBackupDialog,
-        {
-            showSummary: false,
-            keyCallback: (k: Uint8Array) => (key = k),
-        },
-        undefined,
-        /* priority = */ false,
-        /* static = */ true,
-    );
-
-    const success = await finished;
-    if (!success) throw new Error("Key backup prompt cancelled");
-
-    return key;
-}
-
 /**
  * Carry out an operation that may require multiple accesses to secret storage, caching the key.
  *
@@ -313,10 +288,8 @@ export async function withSecretStorageKeyCache<T>(func: () => Promise<T>): Prom
     } finally {
         // Clear secret storage key cache now that work is complete
         secretStorageBeingAccessed = false;
-        if (!isCachingAllowed()) {
+        secretStorageKeys = {};
-            secretStorageKeys = {};
+        secretStorageKeyInfo = {};
-            secretStorageKeyInfo = {};
-        }
     }
 }
 
@@ -395,9 +368,7 @@ async function doAccessSecretStorage(func: () => Promise<void>, forceReset: bool
                     }
                 },
             });
-            await crypto.bootstrapSecretStorage({
+            await crypto.bootstrapSecretStorage({});
-                getKeyBackupPassphrase: promptForBackupPassphrase,
-            });
 
             const keyId = Object.keys(secretStorageKeys)[0];
             if (keyId && SettingsStore.getValue("feature_dehydration")) {

src/async-components/views/dialogs/security/CreateSecretStorageDialog.tsx

@@ -26,7 +26,6 @@ import { BackupTrustInfo, GeneratedSecretStorageKey, KeyBackupInfo } from "matri
 import { MatrixClientPeg } from "../../../../MatrixClientPeg";
 import { _t, _td } from "../../../../languageHandler";
 import Modal from "../../../../Modal";
-import { promptForBackupPassphrase } from "../../../../SecurityManager";
 import { copyNode } from "../../../../utils/strings";
 import { SSOAuthEntry } from "../../../../components/views/auth/InteractiveAuthEntryComponents";
 import PassphraseField from "../../../../components/views/auth/PassphraseField";
@@ -123,7 +122,6 @@ export default class CreateSecretStorageDialog extends React.PureComponent<IProp
         forceReset: false,
     };
     private recoveryKey?: GeneratedSecretStorageKey;
-    private backupKey?: Uint8Array;
     private recoveryKeyNode = createRef<HTMLElement>();
     private passphraseField = createRef<Field>();
 
@@ -384,15 +382,6 @@ export default class CreateSecretStorageDialog extends React.PureComponent<IProp
                     createSecretStorageKey: async () => this.recoveryKey!,
                     keyBackupInfo: this.state.backupInfo!,
                     setupNewKeyBackup: !this.state.backupInfo,
-                    getKeyBackupPassphrase: async (): Promise<Uint8Array> => {
-                        // We may already have the backup key if we earlier went
-                        // through the restore backup path, so pass it along
-                        // rather than prompting again.
-                        if (this.backupKey) {
-                            return this.backupKey;
-                        }
-                        return promptForBackupPassphrase();
-                    },
                 });
             }
             await initialiseDehydration(true);
@@ -424,11 +413,7 @@ export default class CreateSecretStorageDialog extends React.PureComponent<IProp
     };
 
     private restoreBackup = async (): Promise<void> => {
-        // It's possible we'll need the backup key later on for bootstrapping,
+        const keyCallback = (k: Uint8Array): void => {};
-        // so let's stash it here, rather than prompting for it twice.
-        const keyCallback = (k: Uint8Array): void => {
-            this.backupKey = k;
-        };
 
         const { finished } = Modal.createDialog(
             RestoreKeyBackupDialog,

src/stores/SetupEncryptionStore.ts

@@ -152,8 +152,6 @@ export class SetupEncryptionStore extends EventEmitter {
             // in the background.
             await new Promise((resolve: (value?: unknown) => void, reject: (reason?: any) => void) => {
                 accessSecretStorage(async (): Promise<void> => {
-                    await cli.checkOwnCrossSigningTrust();
-
                     // The remaining tasks (device dehydration and restoring
                     // key backup) may take some time due to processing many
                     // to-device messages in the case of device dehydration, or

test/test-utils/test-utils.ts

@@ -116,7 +116,6 @@ export function createTestClient(): MatrixClient {
         bootstrapCrossSigning: jest.fn(),
         hasSecretStorageKey: jest.fn(),
         getKeyBackupVersion: jest.fn(),
-        checkOwnCrossSigningTrust: jest.fn(),
 
         secretStorage: {
             get: jest.fn(),