-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Importing E2E encryption keys didn't decrypt chat history. #9450
Comments
Same here. Did the export of the encryption keys long before the current security incident back in 2017 with the same user and pwd I'm using now (not sure if this matters). Importing the keys in all of the three clients mainly used went technically fine as the passphrase was accepted and no errors showed up. However, chat history still shows the "Unable to decrypt" message in all clients. |
@n3niu Session keys are rotated every ~100 messages or 7 days (whichever comes first) for each room. This means that if you don't use the automated homeserver-based key backup, and instead use the key export feature, you need to be exporting your keys very often (otherwise you would only be able to decrypt very old messages). This should almost certainly be made more clear, but I would say most users should be using the homeserver-based key backups (which work using an ephemeral Curve25519 key -- if you don't enable password-based backups you can store the Curve25519 private key and not need to do anything extra). |
My keys are recent, recovered from a second system before it was logged out. I backed up the config dir and can still see the unencrypted messages if I restore that backup, but of course can't use the client for anything without logging out. I sent my debug log from an attempt to restore, to this issue. |
@cyphar would you be able to give enough information for somebody familiar with javascript to use the development console to save what is needed from an old functioning client, and restore this stuff to a new logged-out client? somebody with less on their hands than you guys likely do could flush the detailed steps out for others. |
Thanks @cyphar for clarifying this. Going back into chat history I see that messages between Dec 2016 and Feb 2017 are actually decrypted. And, yes - this should be made more clear as I did not read about this behaviour before somewhere. Maybe someone can point me to the related docs in case I've missed it. Afaik back in those days the server based key backup did not even exist (could be wrong). Looks like my chat hist is gone for good even though I thought I would be safe still having the keys in my hand. Wishing you more luck @xloem |
Yeah, it's unfortunately a very recent feature (only added a few months ago). I would suggest enabling it now if you haven't already. |
@xloem Unfortunately I'm not a Matrix developer, nor am I a JavaScript developer.
EDIT: I think I've figured it out. I was able to get the keys from a current session with:
And then you just need to generate the backup from this. Unfortunately I can't figure out how to call
And then you can import NOTE: Most terminals won't allow you to paste more than 4096 characters in a single line. You can fix this with
But obviously make sure you |
cyphar, that information sounds so helpful for people needing to export their keys from old client backups. Is there a centralized place to put it? I'm still trying to import my keys. Turns out they are successfully loading, but they aren't being used. This is the console log:
(EDIT: oops, this was xloem) |
I'm going to close this issue for now as we cannot reproduce it. Please comment with @kittykat if you are still experiencing it and I will reopen the issue |
After the recent mass logout, I logged in and my history was gone. I set up new keys and enabled backup for the first time.
Then after some hopeful realization, I disconnected another system from the internet, logged into my account before it was logged out, and exported the room keys.
I then connected the system to the internet, rebooted, and after logging in imported these keys ... but I still can't see my chat history.
The text was updated successfully, but these errors were encountered: