From 02548cf743267a77785a7cdf93e4dbab71631c07 Mon Sep 17 00:00:00 2001
From: "J. Ryan Stinnett" <jryans@gmail.com>
Date: Fri, 26 Mar 2021 13:01:30 +0000
Subject: [PATCH] Tweak security key error handling

This reworks error handling of "use security key" so we stop the overall
operation when cancelling access (instead of just the immediate prompt). In
addition, flowing the error to outer catch block also handles resetting state to
re-display the initial verification choices.

Fixes https://github.com/vector-im/element-web/issues/15584
---
 src/SecurityManager.ts             |  2 ++
 src/stores/SetupEncryptionStore.js | 25 ++++++++++---------------
 2 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/src/SecurityManager.ts b/src/SecurityManager.ts
index 03cbe88c22..203830d232 100644
--- a/src/SecurityManager.ts
+++ b/src/SecurityManager.ts
@@ -395,6 +395,8 @@ export async function accessSecretStorage(func = async () => { }, forceReset = f
     } catch (e) {
         SecurityCustomisations.catchAccessSecretStorageError?.(e);
         console.error(e);
+        // Re-throw so that higher level logic can abort as needed
+        throw e;
     } finally {
         // Clear secret storage key cache now that work is complete
         secretStorageBeingAccessed = false;
diff --git a/src/stores/SetupEncryptionStore.js b/src/stores/SetupEncryptionStore.js
index 3839f27a77..5f0054ff24 100644
--- a/src/stores/SetupEncryptionStore.js
+++ b/src/stores/SetupEncryptionStore.js
@@ -121,21 +121,16 @@ export class SetupEncryptionStore extends EventEmitter {
             // on the first trust check, and the key backup restore will happen
             // in the background.
             await new Promise((resolve, reject) => {
-                try {
-                    accessSecretStorage(async () => {
-                        await cli.checkOwnCrossSigningTrust();
-                        resolve();
-                        if (backupInfo) {
-                            // A complete restore can take many minutes for large
-                            // accounts / slow servers, so we allow the dialog
-                            // to advance before this.
-                            await cli.restoreKeyBackupWithSecretStorage(backupInfo);
-                        }
-                    }).catch(reject);
-                } catch (e) {
-                    console.error(e);
-                    reject(e);
-                }
+                accessSecretStorage(async () => {
+                    await cli.checkOwnCrossSigningTrust();
+                    resolve();
+                    if (backupInfo) {
+                        // A complete restore can take many minutes for large
+                        // accounts / slow servers, so we allow the dialog
+                        // to advance before this.
+                        await cli.restoreKeyBackupWithSecretStorage(backupInfo);
+                    }
+                }).catch(reject);
             });
 
             if (cli.getCrossSigningId()) {