Throw a specific error when the backup decryption key does not match the public backup#5202
Merged
andybalaam merged 1 commit intodevelopfrom Mar 2, 2026
Conversation
…the public backup
andybalaam
added a commit
to element-hq/element-web
that referenced
this pull request
Feb 27, 2026
…ryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
andybalaam
requested review from
MidhunSureshR,
florianduros,
kaylendog and
uhoreg
MidhunSureshR
approved these changes
Mar 2, 2026
kaylendog
approved these changes
Mar 2, 2026
Contributor
kaylendog
left a comment
kaylendog
left a comment
There was a problem hiding this comment.
LGTM, although something like DecryptionKeyMismatchError would tickle my brain more than DecryptionKeyDoesNotMatchError.
uhoreg
approved these changes
Mar 2, 2026
andybalaam
added a commit
to element-hq/element-web
that referenced
this pull request
Mar 2, 2026
…ryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
andybalaam
deleted the
andybalaam/fix-backup-when-decryption-key-is-wrong-31793
branch
andybalaam
added a commit
to element-hq/element-web
that referenced
this pull request
Mar 2, 2026
…ryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
andybalaam
added a commit
to element-hq/element-web
that referenced
this pull request
Mar 2, 2026
…ryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
andybalaam
added a commit
to element-hq/element-web
that referenced
this pull request
Mar 5, 2026
…ryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
github-merge-queue bot
pushed a commit
to element-hq/element-web
that referenced
this pull request
Mar 5, 2026
…ryption key (#32668) * Set up the MatrixClient before each RecoveryPanelOutOfSync test Without this, we can't override MatrixClient methods until we've called `renderComponent`, which is awkward. * Actually test that we load the decryption key in RecoveryPanelOutOfSync It turns out the existing test didn't actually go down the expected code path and call loadSessionBackupPrivateKeyFromSecretStorage. * Reset key storage if restoring from Recovery encounters the wrong decryption key Fixes #31793 Depends on matrix-org/matrix-js-sdk#5202 When we try to load the key storage decryption key from Recovery, but we find that it does not match the public key of the current key storage backup, create a new key storage backup.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of element-hq/element-web#31793
We need to be able to detect when the private and public keys for key backup (key storage) are mismatched, so this change throws a specific error type when that happens.
element-hq/element-web#32668 detects this condition in Element Web and handles it by creating a new key backup, extracting the user from this nasty predicament.