@protontech/drive-sdk 0.7.3 → 0.8.0

package/src/internal/nodes/apiService.ts

@@ -71,13 +71,20 @@ type PutRestoreNodesRequest = Extract<
 type PutRestoreNodesResponse =
     drivePaths['/drive/v2/volumes/{volumeID}/trash/restore_multiple']['put']['responses']['200']['content']['application/json'];
 
-type PostDeleteNodesRequest = Extract<
+type PostDeleteTrashedNodesRequest = Extract<
     drivePaths['/drive/v2/volumes/{volumeID}/trash/delete_multiple']['post']['requestBody'],
     { content: object }
 >['content']['application/json'];
-type PostDeleteNodesResponse =
+type PostDeleteTrashedNodesResponse =
     drivePaths['/drive/v2/volumes/{volumeID}/trash/delete_multiple']['post']['responses']['200']['content']['application/json'];
 
+type PostDeleteMyNodesRequest = Extract<
+    drivePaths['/drive/v2/volumes/{volumeID}/remove-mine']['post']['requestBody'],
+    { content: object }
+>['content']['application/json'];
+type PostDeleteMyNodesResponse =
+    drivePaths['/drive/v2/volumes/{volumeID}/remove-mine']['post']['responses']['200']['content']['application/json'];
+
 type PostCreateFolderRequest = Extract<
     drivePaths['/drive/v2/volumes/{volumeID}/folders']['post']['requestBody'],
     { content: object }
@@ -446,7 +453,7 @@ export abstract class NodeAPIServiceBase<
 
     async *deleteTrashedNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         for (const { volumeId, batchNodeIds, batchNodeUids } of groupNodeUidsByVolumeAndIteratePerBatch(nodeUids)) {
-            const response = await this.apiService.post<PostDeleteNodesRequest, PostDeleteNodesResponse>(
+            const response = await this.apiService.post<PostDeleteTrashedNodesRequest, PostDeleteTrashedNodesResponse>(
                 `drive/v2/volumes/${volumeId}/trash/delete_multiple`,
                 {
                     LinkIDs: batchNodeIds,
@@ -459,10 +466,10 @@ export abstract class NodeAPIServiceBase<
         }
     }
 
-    async *deleteExistingNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
+    async *deleteMyNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         for (const { volumeId, batchNodeIds, batchNodeUids } of groupNodeUidsByVolumeAndIteratePerBatch(nodeUids)) {
-            const response = await this.apiService.post<PostDeleteNodesRequest, PostDeleteNodesResponse>(
-                `drive/v2/volumes/${volumeId}/delete_multiple`,
+            const response = await this.apiService.post<PostDeleteMyNodesRequest, PostDeleteMyNodesResponse>(
+                `drive/v2/volumes/${volumeId}/remove-mine`,
                 {
                     LinkIDs: batchNodeIds,
                 },

package/src/internal/nodes/cryptoService.test.ts

@@ -20,6 +20,9 @@ describe('nodesCryptoService', () => {
 
     let cryptoService: NodesCryptoService;
 
+    const publicAddressKey = { _idx: 21312 };
+    const ownPrivateAddressKey = { id: 'id', key: 'key' as unknown as PrivateKey };
+
     beforeEach(() => {
         jest.clearAllMocks();
 
@@ -71,7 +74,15 @@ describe('nodesCryptoService', () => {
         };
         account = {
             // @ts-expect-error No need to implement all methods for mocking
-            getPublicKeys: jest.fn(async () => [{ _idx: 21312 }]),
+            getPublicKeys: jest.fn(async () => [publicAddressKey]),
+            getOwnAddresses: jest.fn(async () => [
+                {
+                    email: 'email',
+                    addressId: 'addressId',
+                    primaryKeyIndex: 0,
+                    keys: [ownPrivateAddressKey],
+                },
+            ]),
         };
         // @ts-expect-error No need to implement all methods for mocking
         sharesService = {
@@ -576,6 +587,7 @@ describe('nodesCryptoService', () => {
                 armoredNodePassphraseSignature: 'armoredNodePassphraseSignature',
                 file: {
                     base64ContentKeyPacket: 'base64ContentKeyPacket',
+                    armoredContentKeyPacketSignature: 'armoredContentKeyPacketSignature',
                 },
                 activeRevision: {
                     uid: 'revisionUid',
@@ -764,7 +776,7 @@ describe('nodesCryptoService', () => {
                 });
             });
 
-            it('on content key packet', async () => {
+            it('on content key packet without fallback verification', async () => {
                 driveCrypto.decryptAndVerifySessionKey = jest.fn(
                     async () =>
                         Promise.resolve({
@@ -789,6 +801,105 @@ describe('nodesCryptoService', () => {
                     error: 'verification error',
                 });
             });
+
+            it('on content key packet with successful fallback verification', async () => {
+                driveCrypto.decryptAndVerifySessionKey = jest
+                    .fn()
+                    .mockImplementationOnce(
+                        async () =>
+                            Promise.resolve({
+                                sessionKey: 'contentKeyPacketSessionKey',
+                                verified: VERIFICATION_STATUS.SIGNED_AND_INVALID,
+                                verificationErrors: [new Error('verification error')],
+                            }) as any,
+                    )
+                    .mockImplementationOnce(
+                        async () =>
+                            Promise.resolve({
+                                sessionKey: 'contentKeyPacketSessionKey',
+                                verified: VERIFICATION_STATUS.SIGNED_AND_VALID,
+                            }) as any,
+                    );
+
+                const result = await cryptoService.decryptNode(
+                    {
+                        ...encryptedNode,
+                        creationTime: new Date('2022-01-01'),
+                    },
+                    parentKey,
+                );
+                verifyResult(result);
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledTimes(2);
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledWith(
+                    'base64ContentKeyPacket',
+                    'armoredContentKeyPacketSignature',
+                    'decryptedKey',
+                    ['decryptedKey', publicAddressKey],
+                );
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledWith(
+                    'base64ContentKeyPacket',
+                    'armoredContentKeyPacketSignature',
+                    'decryptedKey',
+                    [ownPrivateAddressKey.key],
+                );
+                expect(telemetry.recordMetric).not.toHaveBeenCalled();
+            });
+
+            it('on content key packet with failed fallback verification', async () => {
+                driveCrypto.decryptAndVerifySessionKey = jest
+                    .fn()
+                    .mockImplementationOnce(
+                        async () =>
+                            Promise.resolve({
+                                sessionKey: 'contentKeyPacketSessionKey',
+                                verified: VERIFICATION_STATUS.SIGNED_AND_INVALID,
+                                verificationErrors: [new Error('verification error')],
+                            }) as any,
+                    )
+                    .mockImplementationOnce(
+                        async () =>
+                            Promise.resolve({
+                                sessionKey: 'contentKeyPacketSessionKey',
+                                verified: VERIFICATION_STATUS.SIGNED_AND_INVALID,
+                                verificationErrors: [new Error('fallback verification error')],
+                            }) as any,
+                    );
+
+                const result = await cryptoService.decryptNode(
+                    {
+                        ...encryptedNode,
+                        creationTime: new Date('2022-01-01'),
+                    },
+                    parentKey,
+                );
+                verifyResult(result, {
+                    keyAuthor: {
+                        ok: false,
+                        error: {
+                            claimedAuthor: 'signatureEmail',
+                            error: 'Signature verification for content key failed: verification error',
+                        },
+                    },
+                });
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledTimes(2);
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledWith(
+                    'base64ContentKeyPacket',
+                    'armoredContentKeyPacketSignature',
+                    'decryptedKey',
+                    ['decryptedKey', publicAddressKey],
+                );
+                expect(driveCrypto.decryptAndVerifySessionKey).toHaveBeenCalledWith(
+                    'base64ContentKeyPacket',
+                    'armoredContentKeyPacketSignature',
+                    'decryptedKey',
+                    [ownPrivateAddressKey.key],
+                );
+                verifyLogEventVerificationError({
+                    field: 'nodeContentKey',
+                    error: 'verification error',
+                    fromBefore2024: true,
+                });
+            });
         });
 
         describe('should decrypt with decryption issues', () => {

package/src/internal/nodes/cryptoService.ts

@@ -25,6 +25,7 @@ import {
     EncryptedRevision,
     DecryptedUnparsedRevision,
     NodeSigningKeys,
+    EncryptedNodeFileCrypto,
 } from './interface';
 
 export interface NodesCryptoReporter {
@@ -200,14 +201,7 @@ export class NodesCryptoService {
         if ('file' in node.encryptedCrypto) {
             const [activeRevisionPromise, contentKeyPacketSessionKeyPromise] = [
                 this.decryptRevision(node.uid, node.encryptedCrypto.activeRevision, key),
-                this.driveCrypto.decryptAndVerifySessionKey(
-                    node.encryptedCrypto.file.base64ContentKeyPacket,
-                    node.encryptedCrypto.file.armoredContentKeyPacketSignature,
-                    key,
-                    // Content key packet is signed with the node key, but
-                    // in the past some clients signed with the address key.
-                    [key, ...keyVerificationKeys],
-                ),
+                this.decryptContentKeyPacket(node, node.encryptedCrypto, key, keyVerificationKeys),
             ];
 
             try {
@@ -502,6 +496,57 @@ export class NodesCryptoService {
         };
     }
 
+    private async decryptContentKeyPacket(
+        node: EncryptedNode,
+        encryptedCrypto: EncryptedNodeFileCrypto,
+        key: PrivateKey,
+        keyVerificationKeys: PublicKey[],
+    ): Promise<{
+        sessionKey: SessionKey;
+        verified?: VERIFICATION_STATUS;
+        verificationErrors?: Error[];
+    }> {
+        const result = await this.driveCrypto.decryptAndVerifySessionKey(
+            encryptedCrypto.file.base64ContentKeyPacket,
+            encryptedCrypto.file.armoredContentKeyPacketSignature,
+            key,
+            // Content key packet is signed with the node key, but
+            // in the past some clients signed with the address key.
+            [key, ...keyVerificationKeys],
+        );
+
+        // Return right away if the verification is signed or not signed.
+        // If the verification is failing and the file is before 2023, try
+        // to decrypt with all owners keys. Because of the old nodes signed
+        // with address key instead of node key, when the node was renamed
+        // or moved, it could change the address but without updating the
+        // content key packet, which is now failing.
+        if (result.verified !== VERIFICATION_STATUS.SIGNED_AND_INVALID || node.creationTime > new Date(2023, 0, 1)) {
+            return result;
+        }
+
+        const allAddresses = await this.account.getOwnAddresses();
+        const allKeys = allAddresses.flatMap((address) => address.keys.map(({ key }) => key));
+
+        const resultWithAllKeys = await this.driveCrypto.decryptAndVerifySessionKey(
+            encryptedCrypto.file.base64ContentKeyPacket,
+            encryptedCrypto.file.armoredContentKeyPacketSignature,
+            key,
+            // Content key packet is signed with the node key, but
+            // in the past some clients signed with the address key.
+            allKeys,
+        );
+
+        // Return original result with original error if the fallback verification also fails.
+        if (resultWithAllKeys.verified === VERIFICATION_STATUS.SIGNED_AND_VALID) {
+            this.logger.warn(
+                'Content key packet signature verification failed, but fallback to all addresses succeeded',
+            );
+            return resultWithAllKeys;
+        }
+        return result;
+    }
+
     private async decryptExtendedAttributes(
         node: { uid: string; creationTime: Date },
         encryptedExtendedAttributes: string | undefined,

package/src/internal/nodes/nodesManagement.ts

@@ -293,7 +293,7 @@ export abstract class NodesManagementBase<
         }
     }
 
-    async *deleteNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
+    async *deleteTrashedNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         for await (const result of this.apiService.deleteTrashedNodes(nodeUids, signal)) {
             if (result.ok) {
                 await this.nodesAccess.notifyNodeDeleted(result.uid);

package/src/internal/shares/apiService.ts

@@ -173,7 +173,7 @@ function convertSharePayload(response: GetShareResponse): EncryptedShare {
     };
 }
 
-function convertShareTypeNumberToEnum(type: 1 | 2 | 3 | 4): ShareType {
+function convertShareTypeNumberToEnum(type: 1 | 2 | 3 | 4 | 5): ShareType {
     switch (type) {
         case 1:
             return ShareType.Main;
@@ -183,5 +183,7 @@ function convertShareTypeNumberToEnum(type: 1 | 2 | 3 | 4): ShareType {
             return ShareType.Device;
         case 4:
             return ShareType.Photo;
+        case 5:
+            throw new Error('Organization shares are not supported yet');
     }
 }

package/src/internal/sharingPublic/nodes.ts

@@ -87,10 +87,10 @@ export class SharingPublicNodesManagement extends NodesManagement {
         super(apiService, cryptoCache, cryptoService, nodesAccess);
     }
 
-    async *deleteNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
+    async *deleteMyNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         // Public link does not support trashing and deleting trashed nodes.
         // Instead, if user is owner, API allows directly deleting existing nodes.
-        for await (const result of this.apiService.deleteExistingNodes(nodeUids, signal)) {
+        for await (const result of this.apiService.deleteMyNodes(nodeUids, signal)) {
             if (result.ok) {
                 await this.nodesAccess.notifyNodeDeleted(result.uid);
             }

package/src/protonDriveClient.ts

@@ -495,7 +495,7 @@ export class ProtonDriveClient {
     }
 
     /**
-     * Delete the nodes permanently.
+     * Delete the trashed nodes permanently. Only the owner can do that.
      *
      * The operation is performed in batches and the results are yielded
      * as they are available. Order of the results is not guaranteed.
@@ -509,7 +509,7 @@ export class ProtonDriveClient {
      */
     async *deleteNodes(nodeUids: NodeOrUid[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         this.logger.info(`Deleting ${nodeUids.length} nodes`);
-        yield* this.nodes.management.deleteNodes(getUids(nodeUids), signal);
+        yield* this.nodes.management.deleteTrashedNodes(getUids(nodeUids), signal);
     }
 
     async emptyTrash(): Promise<void> {

package/src/protonDrivePhotosClient.ts

@@ -295,7 +295,7 @@ export class ProtonDrivePhotosClient {
      */
     async *deleteNodes(nodeUids: NodeOrUid[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         this.logger.info(`Deleting ${nodeUids.length} nodes`);
-        yield* this.nodes.management.deleteNodes(getUids(nodeUids), signal);
+        yield * this.nodes.management.deleteTrashedNodes(getUids(nodeUids), signal);
     }
 
     /**

package/src/protonDrivePublicLinkClient.ts

@@ -233,13 +233,15 @@ export class ProtonDrivePublicLinkClient {
     }
 
     /**
-     * Delete the nodes permanently.
+     * Delete own nodes permanently. It skips the trash and allows to delete
+     * only nodes that are owned by the user. For anonymous files, this method
+     * allows to delete them only in the same session.
      *
      * See `ProtonDriveClient.deleteNodes` for more information.
      */
     async *deleteNodes(nodeUids: NodeOrUid[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
         this.logger.info(`Deleting ${nodeUids.length} nodes`);
-        yield* this.sharingPublic.nodes.management.deleteNodes(getUids(nodeUids), signal);
+        yield* this.sharingPublic.nodes.management.deleteMyNodes(getUids(nodeUids), signal);
     }
 
     /**