Cypress: improve secure key backup test (matrix-org#11086)

florianduros · web-flow · commit 788c1c8f13c3 · 2023-06-14T08:12:01.000Z
* Check account data after secure key backup

* Add passphrase cypress test
diff --git a/cypress/e2e/crypto/crypto.spec.ts b/cypress/e2e/crypto/crypto.spec.ts
@@ -171,28 +171,91 @@ describe("Cryptography", function () {
         cy.stopHomeserver(this.homeserver);
     });
 
-    it("setting up secure key backup should work", () => {
-        skipIfRustCrypto();
-        cy.openUserSettings("Security & Privacy");
-        cy.findByRole("button", { name: "Set up Secure Backup" }).click();
-        cy.get(".mx_Dialog").within(() => {
-            cy.findByRole("button", { name: "Continue" }).click();
-            cy.get(".mx_CreateSecretStorageDialog_recoveryKey code").invoke("text").as("securityKey");
+    describe("setting up secure key backup should work", () => {
+        /**
+         * Verify that the `m.cross_signing.${keyType}` key is available on the account data on the server
+         * @param keyType
+         */
+        function verifyKey(keyType: string) {
+            return cy
+                .getClient()
+                .then((cli) => cy.wrap(cli.getAccountDataFromServer(`m.cross_signing.${keyType}`)))
+                .then((accountData: { encrypted: Record<string, Record<string, string>> }) => {
+                    expect(accountData.encrypted).to.exist;
+                    const keys = Object.keys(accountData.encrypted);
+                    const key = accountData.encrypted[keys[0]];
+                    expect(key.ciphertext).to.exist;
+                    expect(key.iv).to.exist;
+                    expect(key.mac).to.exist;
+                });
+        }
+
+        /**
+         * Click on download button and continue
+         */
+        function downloadKey() {
             // Clicking download instead of Copy because of https://github.com/cypress-io/cypress/issues/2851
             cy.findByRole("button", { name: "Download" }).click();
             cy.contains(".mx_Dialog_primary:not([disabled])", "Continue").click();
-            cy.get(".mx_InteractiveAuthDialog").within(() => {
-                cy.get(".mx_Dialog_title").within(() => {
-                    cy.findByText("Setting up keys").should("exist");
-                    cy.findByText("Setting up keys").should("not.exist");
+        }
+
+        it("by recovery code", () => {
+            skipIfRustCrypto();
+            cy.openUserSettings("Security & Privacy");
+            cy.findByRole("button", { name: "Set up Secure Backup" }).click();
+            cy.get(".mx_Dialog").within(() => {
+                // Recovery key is selected by default
+                cy.findByRole("button", { name: "Continue" }).click();
+                cy.get(".mx_CreateSecretStorageDialog_recoveryKey code").invoke("text").as("securityKey");
+
+                downloadKey();
+
+                cy.get(".mx_InteractiveAuthDialog").within(() => {
+                    cy.get(".mx_Dialog_title").within(() => {
+                        cy.findByText("Setting up keys").should("exist");
+                        cy.findByText("Setting up keys").should("not.exist");
+                    });
                 });
+
+                cy.findByText("Secure Backup successful").should("exist");
+                cy.findByRole("button", { name: "Done" }).click();
+                cy.findByText("Secure Backup successful").should("not.exist");
+            });
+
+            // Verify that the SSSS keys are in the account data stored in the server
+            verifyKey("master");
+            verifyKey("self_signing");
+            verifyKey("user_signing");
+        });
+
+        it("by passphrase", () => {
+            skipIfRustCrypto();
+            cy.openUserSettings("Security & Privacy");
+            cy.findByRole("button", { name: "Set up Secure Backup" }).click();
+            cy.get(".mx_Dialog").within(() => {
+                // Select passphrase option
+                cy.findByText("Enter a Security Phrase").click();
+                cy.findByRole("button", { name: "Continue" }).click();
+
+                // Fill passphrase input
+                cy.get("input").type("new passphrase for setting up a secure key backup");
+                cy.contains(".mx_Dialog_primary:not([disabled])", "Continue").click();
+                // Confirm passphrase
+                cy.get("input").type("new passphrase for setting up a secure key backup");
+                cy.contains(".mx_Dialog_primary:not([disabled])", "Continue").click();
+
+                downloadKey();
+
+                cy.findByText("Secure Backup successful").should("exist");
+                cy.findByRole("button", { name: "Done" }).click();
+                cy.findByText("Secure Backup successful").should("not.exist");
             });
 
-            cy.findByText("Secure Backup successful").should("exist");
-            cy.findByRole("button", { name: "Done" }).click();
-            cy.findByText("Secure Backup successful").should("not.exist");
+            // Verify that the SSSS keys are in the account data stored in the server
+            verifyKey("master");
+            verifyKey("self_signing");
+            verifyKey("user_signing");
         });
-        return;
     });
 
     it("creating a DM should work, being e2e-encrypted / user verification", function (this: CryptoTestContext) {
