From 72649d2c3a41c8fb3f87b00c13b3e8143e31e80b Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 27 Sep 2024 01:01:02 +0100 Subject: [PATCH] Playwright test for messages from insecure devices --- .../e2e/crypto/invisible-crypto.spec.ts | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 playwright/e2e/crypto/invisible-crypto.spec.ts diff --git a/playwright/e2e/crypto/invisible-crypto.spec.ts b/playwright/e2e/crypto/invisible-crypto.spec.ts new file mode 100644 index 0000000000..c53bacd32c --- /dev/null +++ b/playwright/e2e/crypto/invisible-crypto.spec.ts @@ -0,0 +1,56 @@ +/* +Copyright 2024 New Vector Ltd. + +SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only +Please see LICENSE files in the repository root for full details. +*/ + +import { expect, test } from "../../element-web-test"; +import { autoJoin, createSecondBotDevice, createSharedRoomWithUser, verify } from "./utils"; +import { bootstrapCrossSigningForClient } from "../../pages/client.ts"; + +/** Tests for the "invisible crypto" behaviour -- i.e., when the "exclude insecure devices" setting is enabled */ +test.describe("Invisible cryptography", () => { + test.use({ + displayName: "Alice", + botCreateOpts: { displayName: "Bob" }, + labsFlags: ["feature_exclude_insecure_devices"], + }); + + test("Messages fail to decrypt when sender is previously verified", async ({ + page, + bot: bob, + user: aliceCredentials, + app, + homeserver, + }) => { + await app.client.bootstrapCrossSigning(aliceCredentials); + await autoJoin(bob); + + // create an encrypted room + const testRoomId = await createSharedRoomWithUser(app, bob.credentials.userId, { + name: "TestRoom", + initial_state: [ + { + type: "m.room.encryption", + state_key: "", + content: { + algorithm: "m.megolm.v1.aes-sha2", + }, + }, + ], + }); + + // Verify Bob + await verify(app, bob); + + // Bob logs in a new device and resets cross-signing + const bobSecondDevice = await createSecondBotDevice(page, homeserver, bob); + await bootstrapCrossSigningForClient(await bobSecondDevice.prepareClient(), bob.credentials, true); + + /* should show an error for a message from a previously verified device */ + await bobSecondDevice.sendMessage(testRoomId, "test encrypted from user that was previously verified"); + const lastTile = page.locator(".mx_EventTile_last"); + await expect(lastTile).toContainText("Verified identity has changed"); + }); +});