fixing the check secret part

Author: Velin92

MatrixSDK/Crypto/CryptoMachine/MXCryptoMachine.swift

@@ -611,11 +611,12 @@ extension MXCryptoMachine: MXCryptoCrossSigning {
         }
     }
 
-    func importCrossSigningKeys(export: CrossSigningKeyExport) {
+    func importCrossSigningKeys(export: CrossSigningKeyExport) throws {
         do {
             try machine.importCrossSigningKeys(export: export)
         } catch {
             log.error("Failed importing cross signing keys", context: error)
+            throw error
         }
     }
 

MatrixSDK/Crypto/CryptoMachine/MXCryptoProtocols.swift

@@ -89,7 +89,7 @@ protocol MXCryptoCrossSigning: MXCryptoUserIdentitySource, MXCryptoDevicesSource
     func crossSigningStatus() -> CrossSigningStatus
     func bootstrapCrossSigning(authParams: [AnyHashable: Any]) async throws
     func exportCrossSigningKeys() -> CrossSigningKeyExport?
-    func importCrossSigningKeys(export: CrossSigningKeyExport)
+    func importCrossSigningKeys(export: CrossSigningKeyExport) throws
 
     func queryMissingSecretsFromOtherSessions() async throws
 }

MatrixSDK/Crypto/Data/Store/MXCryptoSecretStore.h

@@ -31,7 +31,7 @@ NS_ASSUME_NONNULL_BEGIN
  @param secret the secret.
  @param secretId the id of the secret.
  */
-- (void)storeSecret:(NSString *)secret withSecretId:(NSString *)secretId;
+- (void)storeSecret:(NSString *)secret withSecretId:(NSString *)secretId errorHandler:(void (^)(NSError *error))errorHandler;
 
 /**
  Check if a given secret is stored

MatrixSDK/Crypto/Recovery/MXRecoveryService.m

@@ -554,9 +554,17 @@ - (void)recoverSecrets:(nullable NSArray<NSString*>*)secrets
         [self.dependencies.secretStorage secretWithSecretId:secretId withSecretStorageKeyId:secretStorageKeyId privateKey:privateKey success:^(NSString * _Nonnull unpaddedBase64Secret) {
 
             NSString *secret = unpaddedBase64Secret;
-            
-            MXLogDebug(@"[MXRecoveryService] recoverSecrets: Secret %@ is invalid", secretId);
-            [invalidSecrets addObject:secretId];
+            // Validate the secret before storing it
+            if (![secret isEqualToString:[self.dependencies.secretStore secretWithSecretId:secretId]])
+            {
+                MXLogDebug(@"[MXRecoveryService] recoverSecrets: Recovered secret %@", secretId);
+                
+                [updatedSecrets addObject:secretId];
+                [self.dependencies.secretStore storeSecret:secret withSecretId:secretId errorHandler:^(NSError * _Nonnull anError) {
+                    MXLogDebug(@"[MXRecoveryService] recoverSecrets: Secret %@ is invalid", secretId);
+                    [invalidSecrets addObject:secretId];
+                }];
+            }
 
             dispatch_group_leave(dispatchGroup);
 

MatrixSDK/Crypto/SecretStorage/MXCryptoSecretStoreV2.swift

@@ -15,11 +15,17 @@
 //
 
 import Foundation
+import MatrixSDKCrypto
+
+enum MXCryptoError: Error {
+    case secretDoesNotMatch
+}
 
 /// Secret store compatible with Rust-based Crypto V2, where
 /// backup secrets are stored internally in the Crypto machine
 /// and others have to be managed manually.
 class MXCryptoSecretStoreV2: NSObject, MXCryptoSecretStore {
+
     private let backup: MXKeyBackup?
     private let backupEngine: MXKeyBackupEngine?
     private let crossSigning: MXCryptoCrossSigning
@@ -31,44 +37,55 @@ class MXCryptoSecretStoreV2: NSObject, MXCryptoSecretStore {
         self.crossSigning = crossSigning
     }
 
-    func storeSecret(_ secret: String, withSecretId secretId: String) {
+    func storeSecret(_ secret: String, withSecretId secretId: String, errorHandler: @escaping (Error) -> Void) {
         log.debug("Storing new secret \(secretId)")
-        
-        switch secretId as NSString {
-        case MXSecretId.crossSigningMaster.takeUnretainedValue():
-            crossSigning.importCrossSigningKeys(
-                export: .init(
-                    masterKey: secret,
-                    selfSigningKey: nil,
-                    userSigningKey: nil
+        do {
+            switch secretId as NSString {
+            case MXSecretId.crossSigningMaster.takeUnretainedValue():
+                try crossSigning.importCrossSigningKeys(
+                    export: .init(
+                        masterKey: secret,
+                        selfSigningKey: nil,
+                        userSigningKey: nil
+                    )
                 )
-            )
-        case MXSecretId.crossSigningSelfSigning.takeUnretainedValue():
-            crossSigning.importCrossSigningKeys(
-                export: .init(
-                    masterKey: nil,
-                    selfSigningKey: secret,
-                    userSigningKey: nil
+            case MXSecretId.crossSigningSelfSigning.takeUnretainedValue():
+                try crossSigning.importCrossSigningKeys(
+                    export: .init(
+                        masterKey: nil,
+                        selfSigningKey: secret,
+                        userSigningKey: nil
+                    )
                 )
-            )
-        case MXSecretId.crossSigningUserSigning.takeUnretainedValue():
-            crossSigning.importCrossSigningKeys(
-                export: .init(
-                    masterKey: nil,
-                    selfSigningKey: nil,
-                    userSigningKey: secret
+            case MXSecretId.crossSigningUserSigning.takeUnretainedValue():
+                try crossSigning.importCrossSigningKeys(
+                    export: .init(
+                        masterKey: nil,
+                        selfSigningKey: nil,
+                        userSigningKey: secret
+                    )
                 )
-            )
-        case MXSecretId.keyBackup.takeUnretainedValue():
-            guard let version = backup?.keyBackupVersion?.version else {
-                log.error("No key backup version available")
-                return
+            case MXSecretId.keyBackup.takeUnretainedValue():
+                guard let version = backup?.keyBackupVersion?.version else {
+                    log.error("No key backup version available")
+                    return
+                }
+                
+                let expectedPublicKey = try BackupRecoveryKey.fromBase64(key: secret).megolmV1PublicKey().publicKey
+                
+                guard let authData = backup?.keyBackupVersion?.authData,
+                      MXCurve25519BackupAuthData(fromJSON: authData).publicKey == expectedPublicKey else {
+                    errorHandler(MXCryptoError.secretDoesNotMatch)
+                    return
+                }
+                
+                let privateKey = MXBase64Tools.data(fromBase64: secret)
+                backupEngine?.savePrivateKey(privateKey, version: version)
+            default:
+                log.error("Unsupported type of secret", context: secretId)
             }
-            
-            let privateKey = MXBase64Tools.data(fromBase64: secret)
-            backupEngine?.savePrivateKey(privateKey, version: version)
-        default:
-            log.error("Unsupported type of secret", context: secretId)
+        } catch {
+            errorHandler(error)
         }
     }