"Verify session" via security key/recovery key does nothing if 4S lacks cross-signing keys

[richvdh]

STR:

1. Have an account whose 4S lacks cross-signing keys (eg via "Reset Backup" creates 4S without cross-signing keys #27806)
2. On the "Sessions" tab, attempt to verify the current session:
   
3. Click "Verify with Security Key or Phrase"
4. Enter security key

At this point, we go straight back the the "Verify this session" dialog.

In the console:

18:45:16.498 accessSecretStorage: error during operation Error: The public key of the imported private key doesn't match to the public key that was uploaded to the server
    __wbindgen_error_new http://localhost:8080/bundles/_dev_/default-matrix-rust-sdk-crypto-wasm_pkg_index_js.js:10980
18:45:16.500 SetupEncryptionStore.usePassphrase: error Error: The public key of the imported private key doesn't match to the public key that was uploaded to the server
    __wbindgen_error_new http://localhost:8080/bundles/_dev_/default-matrix-rust-sdk-crypto-wasm_pkg_index_js.js:10980

We should probably not offer the "Verify with Security Key or Phrase" unless the current 4S key has cross-signing keys. And also, we should propagate some sort of error to the user - even a "it didn't work" is better than just silently going back to the previous dialog.

[richvdh]

This is closely related to #27252: the difference is that in that case, 4S has the private keys, but the public keys have not been published.

[rossnet]

In our setup we are using the built-in OIDC support against a Keycloak to do SSO and we are also facing the issue described above. Without knowing too much details about all the cross-signing magic I would like to summarize my finding:

Success case

1. Auto-SSO into the Synapse/Element using direct OIDC as I am already logged into the IdP.
2. Dismiss the notifications (irrelevant though for the process;)
3. Go To > All settings > Sessions > Verify session
4. "It looks like you don't have a Security Key or any other devices you can verify against. This device will not be able to access old encrypted messages. In order to verify your identity on this device, you'll need to reset your verification keys." > Process reset
5. "Generate Security Key" > Copy > Continue
6. "Secure backup successful" > Done
7. "Use Single Sign On to continue" > Single Sign On
8. "Confirm it's you o continue" (https://HOSTNAME/_matrix/client/v3/auth/m.login.sso/fallback/web?session=SESSION_ID) > "Continue with OIDC"
9. "Confirm to continue" > Confirm
10. The session was successfully verified.

Fail case

1. Auto-SSO into the Synapse/Element using direct OIDC as I am already logged into the IdP.
2. Dismiss the notifications (irrelevant though for the process;)
3. Start a chat with somebody
4. "Set up Secure Backup" Popup > Continue
5. Steps 5+6 of success case (backup your security key)
6. Step 3 of success case (start session verification)
7. "Verify this session" > Verify with Security Key
8. "Security Key" > Paste security Key > Continue > Endless loop back to step 7

In this situation the only solution is to Reset the Cross-Signing which will lead me to the steps 7-8 of the success case.

My conclusion is that in the fail case's step 7 the route that verifies the user's identity using SSO is missing.

[richvdh]

For completeness: I worked with @rossnet to investigate their situation, which was not "4S lacks cross-signing keys", but rather "public cross-signing keys have not been published" -- ie, something more similar to #27252. The problem was solved by upgrading Synapse to a version including element-hq/synapse#17284.