npm - @textrp/briij-js-sdk - Versions diffs - 41.0.1 → 42.0.0 - Mend

@textrp/briij-js-sdk 41.0.1 → 42.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (375) hide show

package/CHANGELOG.md +14 -1
package/LICENSE +177 -177
package/README.md +14 -3
package/lib/@types/AESEncryptedSecretStoragePayload.js.map +1 -1
package/lib/@types/IIdentityServerProvider.js.map +1 -1
package/lib/@types/PushRules.js +14 -14
package/lib/@types/PushRules.js.map +1 -1
package/lib/@types/another-json.d.js.map +1 -1
package/lib/@types/auth.d.ts +19 -1
package/lib/@types/auth.d.ts.map +1 -1
package/lib/@types/auth.js +55 -54
package/lib/@types/auth.js.map +1 -1
package/lib/@types/beacon.js +100 -100
package/lib/@types/beacon.js.map +1 -1
package/lib/@types/common.js.map +1 -1
package/lib/@types/crypto.js.map +1 -1
package/lib/@types/event.d.ts +27 -0
package/lib/@types/event.d.ts.map +1 -1
package/lib/@types/event.js +105 -102
package/lib/@types/event.js.map +1 -1
package/lib/@types/events.js.map +1 -1
package/lib/@types/extensible_events.js +53 -53
package/lib/@types/extensible_events.js.map +1 -1
package/lib/@types/local_notifications.js.map +1 -1
package/lib/@types/location.js +41 -41
package/lib/@types/location.js.map +1 -1
package/lib/@types/matrix-sdk-crypto-wasm.d.js.map +1 -1
package/lib/@types/media.js.map +1 -1
package/lib/@types/membership.js +39 -39
package/lib/@types/membership.js.map +1 -1
package/lib/@types/partials.js +25 -25
package/lib/@types/partials.js.map +1 -1
package/lib/@types/polls.js +46 -46
package/lib/@types/polls.js.map +1 -1
package/lib/@types/read_receipts.js +14 -14
package/lib/@types/read_receipts.js.map +1 -1
package/lib/@types/registration.js.map +1 -1
package/lib/@types/search.js +14 -14
package/lib/@types/search.js.map +1 -1
package/lib/@types/signed.js.map +1 -1
package/lib/@types/spaces.js.map +1 -1
package/lib/@types/state_events.js.map +1 -1
package/lib/@types/synapse.js.map +1 -1
package/lib/@types/sync.js +18 -18
package/lib/@types/sync.js.map +1 -1
package/lib/@types/threepids.js +14 -14
package/lib/@types/threepids.js.map +1 -1
package/lib/@types/topic.js +47 -47
package/lib/@types/topic.js.map +1 -1
package/lib/@types/uia.js.map +1 -1
package/lib/NamespacedValue.js +20 -20
package/lib/NamespacedValue.js.map +1 -1
package/lib/ReEmitter.js +16 -16
package/lib/ReEmitter.js.map +1 -1
package/lib/base64.js +32 -32
package/lib/base64.js.map +1 -1
package/lib/briij.d.ts +3 -0
package/lib/briij.d.ts.map +1 -1
package/lib/briij.js +3 -0
package/lib/briij.js.map +1 -1
package/lib/client.d.ts +18 -1
package/lib/client.d.ts.map +1 -1
package/lib/client.js +166 -103
package/lib/client.js.map +1 -1
package/lib/common-crypto/key-passphrase.js +19 -19
package/lib/common-crypto/key-passphrase.js.map +1 -1
package/lib/content-helpers.js +57 -57
package/lib/content-helpers.js.map +1 -1
package/lib/content-repo.js +36 -36
package/lib/content-repo.js.map +1 -1
package/lib/crypto/store/base.js +69 -69
package/lib/crypto/store/base.js.map +1 -1
package/lib/crypto/store/indexeddb-crypto-store-backend.js +58 -58
package/lib/crypto/store/indexeddb-crypto-store-backend.js.map +1 -1
package/lib/crypto/store/indexeddb-crypto-store.js +193 -193
package/lib/crypto/store/indexeddb-crypto-store.js.map +1 -1
package/lib/crypto/store/localStorage-crypto-store.js +72 -72
package/lib/crypto/store/localStorage-crypto-store.js.map +1 -1
package/lib/crypto/store/memory-crypto-store.js +74 -74
package/lib/crypto/store/memory-crypto-store.js.map +1 -1
package/lib/crypto-api/CryptoEventHandlerMap.js.map +1 -1
package/lib/crypto-api/key-passphrase.js +22 -22
package/lib/crypto-api/key-passphrase.js.map +1 -1
package/lib/crypto-api/keybackup.js.map +1 -1
package/lib/crypto-api/recovery-key.js +20 -20
package/lib/crypto-api/recovery-key.js.map +1 -1
package/lib/digest.js +21 -21
package/lib/digest.js.map +1 -1
package/lib/extensible_events_v1/ExtensibleEvent.js +39 -39
package/lib/extensible_events_v1/ExtensibleEvent.js.map +1 -1
package/lib/extensible_events_v1/InvalidEventError.js +16 -16
package/lib/extensible_events_v1/InvalidEventError.js.map +1 -1
package/lib/extensible_events_v1/MessageEvent.js +39 -39
package/lib/extensible_events_v1/MessageEvent.js.map +1 -1
package/lib/extensible_events_v1/PollEndEvent.js +29 -29
package/lib/extensible_events_v1/PollEndEvent.js.map +1 -1
package/lib/extensible_events_v1/PollResponseEvent.js +39 -39
package/lib/extensible_events_v1/PollResponseEvent.js.map +1 -1
package/lib/extensible_events_v1/PollStartEvent.js +52 -52
package/lib/extensible_events_v1/PollStartEvent.js.map +1 -1
package/lib/extensible_events_v1/utilities.js +22 -22
package/lib/extensible_events_v1/utilities.js.map +1 -1
package/lib/feature.js +16 -16
package/lib/feature.js.map +1 -1
package/lib/http-api/method.js +14 -14
package/lib/http-api/method.js.map +1 -1
package/lib/http-api/prefix.js +26 -26
package/lib/http-api/prefix.js.map +1 -1
package/lib/indexeddb-helpers.js +21 -21
package/lib/indexeddb-helpers.js.map +1 -1
package/lib/indexeddb-worker.js +18 -18
package/lib/indexeddb-worker.js.map +1 -1
package/lib/matrixrtc/IKeyTransport.js +17 -17
package/lib/matrixrtc/IKeyTransport.js.map +1 -1
package/lib/matrixrtc/IMembershipManager.js +27 -27
package/lib/matrixrtc/IMembershipManager.js.map +1 -1
package/lib/matrixrtc/LivekitTransport.js +19 -19
package/lib/matrixrtc/LivekitTransport.js.map +1 -1
package/lib/matrixrtc/index.js +14 -14
package/lib/matrixrtc/index.js.map +1 -1
package/lib/matrixrtc/utils.js +27 -27
package/lib/matrixrtc/utils.js.map +1 -1
package/lib/models/ToDeviceMessage.js.map +1 -1
package/lib/models/device.js +24 -24
package/lib/models/device.js.map +1 -1
package/lib/models/event-status.js +17 -17
package/lib/models/event-status.js.map +1 -1
package/lib/models/invites-ignorer-types.js +25 -25
package/lib/models/invites-ignorer-types.js.map +1 -1
package/lib/models/profile-keys.js +26 -26
package/lib/models/profile-keys.js.map +1 -1
package/lib/models/room-summary.js +26 -26
package/lib/models/room-summary.js.map +1 -1
package/lib/models/search-result.js +22 -22
package/lib/models/search-result.js.map +1 -1
package/lib/models/typed-event-emitter.js +122 -122
package/lib/models/typed-event-emitter.js.map +1 -1
package/lib/oidc/authorize.js +76 -76
package/lib/oidc/authorize.js.map +1 -1
package/lib/oidc/error.js +17 -17
package/lib/oidc/error.js.map +1 -1
package/lib/oidc/index.js +17 -17
package/lib/oidc/index.js.map +1 -1
package/lib/oidc/register.js +41 -41
package/lib/oidc/register.js.map +1 -1
package/lib/oidc/tokenRefresher.js +51 -51
package/lib/oidc/tokenRefresher.js.map +1 -1
package/lib/oidc/validate.js +59 -59
package/lib/oidc/validate.js.map +1 -1
package/lib/randomstring.js +35 -35
package/lib/randomstring.js.map +1 -1
package/lib/realtime-callbacks.js +39 -39
package/lib/realtime-callbacks.js.map +1 -1
package/lib/receipt-accumulator.js +44 -44
package/lib/receipt-accumulator.js.map +1 -1
package/lib/rendezvous/RendezvousChannel.js.map +1 -1
package/lib/rendezvous/RendezvousCode.js.map +1 -1
package/lib/rendezvous/RendezvousError.js +14 -14
package/lib/rendezvous/RendezvousError.js.map +1 -1
package/lib/rendezvous/RendezvousFailureReason.js +14 -14
package/lib/rendezvous/RendezvousFailureReason.js.map +1 -1
package/lib/rendezvous/RendezvousIntent.js +14 -14
package/lib/rendezvous/RendezvousIntent.js.map +1 -1
package/lib/rendezvous/RendezvousTransport.js.map +1 -1
package/lib/rendezvous/channels/MSC4108SecureChannel.js +63 -63
package/lib/rendezvous/channels/MSC4108SecureChannel.js.map +1 -1
package/lib/rendezvous/channels/index.js +14 -14
package/lib/rendezvous/channels/index.js.map +1 -1
package/lib/rendezvous/index.js +14 -14
package/lib/rendezvous/index.js.map +1 -1
package/lib/rendezvous/transports/index.js +14 -14
package/lib/rendezvous/transports/index.js.map +1 -1
package/lib/rust-crypto/CrossSigningIdentity.js +29 -29
package/lib/rust-crypto/CrossSigningIdentity.js.map +1 -1
package/lib/rust-crypto/OutgoingRequestsManager.js +37 -37
package/lib/rust-crypto/OutgoingRequestsManager.js.map +1 -1
package/lib/rust-crypto/device-converter.js +30 -30
package/lib/rust-crypto/device-converter.js.map +1 -1
package/lib/rust-crypto/secret-storage.js +30 -30
package/lib/rust-crypto/secret-storage.js.map +1 -1
package/lib/service-types.js +14 -14
package/lib/service-types.js.map +1 -1
package/lib/store/local-storage-events-emitter.js +21 -21
package/lib/store/local-storage-events-emitter.js.map +1 -1
package/lib/sync-accumulator.js +50 -50
package/lib/sync-accumulator.js.map +1 -1
package/lib/thread-utils.js +20 -20
package/lib/thread-utils.js.map +1 -1
package/lib/types.js +34 -34
package/lib/types.js.map +1 -1
package/lib/utils/decryptAESSecretStorageItem.js +22 -22
package/lib/utils/decryptAESSecretStorageItem.js.map +1 -1
package/lib/utils/encryptAESSecretStorageItem.js +26 -26
package/lib/utils/encryptAESSecretStorageItem.js.map +1 -1
package/lib/utils/internal/deriveKeys.js +21 -21
package/lib/utils/internal/deriveKeys.js.map +1 -1
package/lib/utils/roomVersion.js +26 -26
package/lib/utils/roomVersion.js.map +1 -1
package/lib/version-support.js +26 -26
package/lib/version-support.js.map +1 -1
package/lib/webrtc/audioContext.js +24 -24
package/lib/webrtc/audioContext.js.map +1 -1
package/lib/webrtc/callEventTypes.js.map +1 -1
package/lib/webrtc/stats/callFeedStatsReporter.js +14 -14
package/lib/webrtc/stats/callFeedStatsReporter.js.map +1 -1
package/lib/webrtc/stats/callStatsReportGatherer.js +14 -14
package/lib/webrtc/stats/callStatsReportGatherer.js.map +1 -1
package/lib/webrtc/stats/callStatsReportSummary.js.map +1 -1
package/lib/webrtc/stats/connectionStats.js +14 -14
package/lib/webrtc/stats/connectionStats.js.map +1 -1
package/lib/webrtc/stats/connectionStatsBuilder.js +14 -14
package/lib/webrtc/stats/connectionStatsBuilder.js.map +1 -1
package/lib/webrtc/stats/connectionStatsReportBuilder.js +14 -14
package/lib/webrtc/stats/connectionStatsReportBuilder.js.map +1 -1
package/lib/webrtc/stats/groupCallStats.js +14 -14
package/lib/webrtc/stats/groupCallStats.js.map +1 -1
package/lib/webrtc/stats/media/mediaSsrcHandler.js +14 -14
package/lib/webrtc/stats/media/mediaSsrcHandler.js.map +1 -1
package/lib/webrtc/stats/media/mediaTrackHandler.js +14 -14
package/lib/webrtc/stats/media/mediaTrackHandler.js.map +1 -1
package/lib/webrtc/stats/media/mediaTrackStats.js +27 -27
package/lib/webrtc/stats/media/mediaTrackStats.js.map +1 -1
package/lib/webrtc/stats/media/mediaTrackStatsHandler.js +20 -20
package/lib/webrtc/stats/media/mediaTrackStatsHandler.js.map +1 -1
package/lib/webrtc/stats/statsReport.js +14 -14
package/lib/webrtc/stats/statsReport.js.map +1 -1
package/lib/webrtc/stats/statsReportEmitter.js +14 -14
package/lib/webrtc/stats/statsReportEmitter.js.map +1 -1
package/lib/webrtc/stats/trackStatsBuilder.js +4 -4
package/lib/webrtc/stats/trackStatsBuilder.js.map +1 -1
package/lib/webrtc/stats/transportStats.js.map +1 -1
package/lib/webrtc/stats/transportStatsBuilder.js.map +1 -1
package/lib/webrtc/stats/valueFormatter.js +11 -11
package/lib/webrtc/stats/valueFormatter.js.map +1 -1
package/lib/xrpl/identity.d.ts +28 -0
package/lib/xrpl/identity.d.ts.map +1 -0
package/lib/xrpl/identity.js +213 -0
package/lib/xrpl/identity.js.map +1 -0
package/lib/xrpl/trust.d.ts +8 -0
package/lib/xrpl/trust.d.ts.map +1 -0
package/lib/xrpl/trust.js +61 -0
package/lib/xrpl/trust.js.map +1 -0
package/lib/xrpl/verification.d.ts +26 -0
package/lib/xrpl/verification.d.ts.map +1 -0
package/lib/xrpl/verification.js +295 -0
package/lib/xrpl/verification.js.map +1 -0
package/package.json +128 -129
package/src/@types/AESEncryptedSecretStoragePayload.ts +29 -29
package/src/@types/IIdentityServerProvider.ts +24 -24
package/src/@types/PushRules.ts +208 -208
package/src/@types/another-json.d.ts +19 -19
package/src/@types/auth.ts +280 -258
package/src/@types/beacon.ts +140 -140
package/src/@types/common.ts +24 -24
package/src/@types/crypto.ts +71 -71
package/src/@types/event.ts +476 -449
package/src/@types/events.ts +119 -119
package/src/@types/extensible_events.ts +147 -147
package/src/@types/local_notifications.ts +19 -19
package/src/@types/location.ts +92 -92
package/src/@types/matrix-sdk-crypto-wasm.d.ts +39 -39
package/src/@types/media.ts +245 -245
package/src/@types/membership.ts +57 -57
package/src/@types/partials.ts +103 -103
package/src/@types/polls.ts +120 -120
package/src/@types/read_receipts.ts +61 -61
package/src/@types/registration.ts +102 -102
package/src/@types/search.ts +119 -119
package/src/@types/signed.ts +25 -25
package/src/@types/spaces.ts +37 -37
package/src/@types/state_events.ts +153 -153
package/src/@types/synapse.ts +40 -40
package/src/@types/sync.ts +27 -27
package/src/@types/threepids.ts +29 -29
package/src/@types/topic.ts +69 -69
package/src/@types/uia.ts +24 -24
package/src/NamespacedValue.ts +121 -121
package/src/ReEmitter.ts +93 -93
package/src/base64.ts +86 -86
package/src/briij.ts +3 -0
package/src/client.ts +90 -10
package/src/common-crypto/README.md +4 -4
package/src/common-crypto/key-passphrase.ts +43 -43
package/src/content-helpers.ts +298 -298
package/src/content-repo.ts +122 -122
package/src/crypto/store/base.ts +388 -388
package/src/crypto/store/indexeddb-crypto-store-backend.ts +655 -655
package/src/crypto/store/indexeddb-crypto-store.ts +555 -555
package/src/crypto/store/localStorage-crypto-store.ts +409 -409
package/src/crypto/store/memory-crypto-store.ts +326 -326
package/src/crypto-api/CryptoEventHandlerMap.ts +42 -42
package/src/crypto-api/key-passphrase.ts +58 -58
package/src/crypto-api/keybackup.ts +114 -114
package/src/crypto-api/recovery-key.ts +69 -69
package/src/digest.ts +34 -34
package/src/extensible_events_v1/ExtensibleEvent.ts +58 -58
package/src/extensible_events_v1/InvalidEventError.ts +24 -24
package/src/extensible_events_v1/MessageEvent.ts +143 -143
package/src/extensible_events_v1/PollEndEvent.ts +97 -97
package/src/extensible_events_v1/PollResponseEvent.ts +148 -148
package/src/extensible_events_v1/PollStartEvent.ts +207 -207
package/src/extensible_events_v1/utilities.ts +35 -35
package/src/feature.ts +88 -88
package/src/http-api/method.ts +25 -25
package/src/http-api/prefix.ts +48 -48
package/src/indexeddb-helpers.ts +50 -50
package/src/indexeddb-worker.ts +24 -24
package/src/matrixrtc/IKeyTransport.ts +63 -63
package/src/matrixrtc/IMembershipManager.ts +120 -120
package/src/matrixrtc/LivekitTransport.ts +46 -46
package/src/matrixrtc/index.ts +24 -24
package/src/matrixrtc/utils.ts +71 -71
package/src/models/ToDeviceMessage.ts +38 -38
package/src/models/device.ts +85 -85
package/src/models/event-status.ts +39 -39
package/src/models/invites-ignorer-types.ts +58 -58
package/src/models/profile-keys.ts +33 -33
package/src/models/room-summary.ts +78 -78
package/src/models/search-result.ts +57 -57
package/src/models/typed-event-emitter.ts +246 -246
package/src/oidc/authorize.ts +279 -279
package/src/oidc/error.ts +33 -33
package/src/oidc/index.ts +33 -33
package/src/oidc/register.ts +163 -163
package/src/oidc/tokenRefresher.ts +184 -184
package/src/oidc/validate.ts +265 -265
package/src/randomstring.ts +103 -103
package/src/realtime-callbacks.ts +191 -191
package/src/receipt-accumulator.ts +189 -189
package/src/rendezvous/RendezvousChannel.ts +48 -48
package/src/rendezvous/RendezvousCode.ts +25 -25
package/src/rendezvous/RendezvousError.ts +26 -26
package/src/rendezvous/RendezvousFailureReason.ts +49 -49
package/src/rendezvous/RendezvousIntent.ts +20 -20
package/src/rendezvous/RendezvousTransport.ts +58 -58
package/src/rendezvous/channels/MSC4108SecureChannel.ts +270 -270
package/src/rendezvous/channels/index.ts +17 -17
package/src/rendezvous/index.ts +25 -25
package/src/rendezvous/transports/index.ts +17 -17
package/src/rust-crypto/CrossSigningIdentity.ts +195 -195
package/src/rust-crypto/OutgoingRequestsManager.ts +170 -170
package/src/rust-crypto/device-converter.ts +128 -128
package/src/rust-crypto/secret-storage.ts +60 -60
package/src/service-types.ts +20 -20
package/src/store/local-storage-events-emitter.ts +46 -46
package/src/sync-accumulator.ts +779 -779
package/src/thread-utils.ts +31 -31
package/src/types.ts +59 -59
package/src/utils/decryptAESSecretStorageItem.ts +54 -54
package/src/utils/encryptAESSecretStorageItem.ts +73 -73
package/src/utils/internal/deriveKeys.ts +63 -63
package/src/utils/roomVersion.ts +35 -35
package/src/version-support.ts +50 -50
package/src/webrtc/audioContext.ts +44 -44
package/src/webrtc/callEventTypes.ts +101 -101
package/src/webrtc/stats/callFeedStatsReporter.ts +91 -91
package/src/webrtc/stats/callStatsReportGatherer.ts +219 -219
package/src/webrtc/stats/callStatsReportSummary.ts +30 -30
package/src/webrtc/stats/connectionStats.ts +47 -47
package/src/webrtc/stats/connectionStatsBuilder.ts +28 -28
package/src/webrtc/stats/connectionStatsReportBuilder.ts +140 -140
package/src/webrtc/stats/groupCallStats.ts +93 -93
package/src/webrtc/stats/media/mediaSsrcHandler.ts +57 -57
package/src/webrtc/stats/media/mediaTrackHandler.ts +70 -70
package/src/webrtc/stats/media/mediaTrackStats.ts +176 -176
package/src/webrtc/stats/media/mediaTrackStatsHandler.ts +90 -90
package/src/webrtc/stats/statsReport.ts +133 -133
package/src/webrtc/stats/statsReportEmitter.ts +49 -49
package/src/webrtc/stats/trackStatsBuilder.ts +207 -207
package/src/webrtc/stats/transportStats.ts +26 -26
package/src/webrtc/stats/transportStatsBuilder.ts +48 -48
package/src/webrtc/stats/valueFormatter.ts +27 -27
package/src/xrpl/identity.ts +245 -0
package/src/xrpl/trust.ts +64 -0
package/src/xrpl/verification.ts +284 -0

package/src/rust-crypto/CrossSigningIdentity.ts CHANGED Viewed

@@ -1,195 +1,195 @@
-/*
-Copyright 2023 The Matrix.org Foundation C.I.C.
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-import {
-    type OlmMachine,
-    type CrossSigningStatus,
-    type CrossSigningBootstrapRequests,
-} from "@matrix-org/matrix-sdk-crypto-wasm";
-import type * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";
-import { type BootstrapCrossSigningOpts } from "../crypto-api/index.ts";
-import { type Logger } from "../logger.ts";
-import { type OutgoingRequestProcessor } from "./OutgoingRequestProcessor.ts";
-import { type UIAuthCallback } from "../interactive-auth.ts";
-import { type ServerSideSecretStorage } from "../secret-storage.ts";
-/** Manages the cross-signing keys for our own user.
- *
- * @internal
- */
-export class CrossSigningIdentity {
-    public constructor(
-        private readonly logger: Logger,
-        private readonly olmMachine: OlmMachine,
-        private readonly outgoingRequestProcessor: OutgoingRequestProcessor,
-        private readonly secretStorage: ServerSideSecretStorage,
-    ) {}
-    /**
-     * Initialise our cross-signing keys by creating new keys if they do not exist, and uploading to the server
-     */
-    public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {
-        if (opts.setupNewCrossSigning) {
-            await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);
-            return;
-        }
-        const olmDeviceStatus: CrossSigningStatus = await this.olmMachine.crossSigningStatus();
-        // Try to fetch cross signing keys from the secret storage
-        const masterKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.master");
-        const selfSigningKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.self_signing");
-        const userSigningKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.user_signing");
-        const privateKeysInSecretStorage = Boolean(
-            masterKeyFromSecretStorage && selfSigningKeyFromSecretStorage && userSigningKeyFromSecretStorage,
-        );
-        const olmDeviceHasKeys =
-            olmDeviceStatus.hasMaster && olmDeviceStatus.hasUserSigning && olmDeviceStatus.hasSelfSigning;
-        // Log all relevant state for easier parsing of debug logs.
-        this.logger.debug("bootstrapCrossSigning: starting", {
-            setupNewCrossSigning: opts.setupNewCrossSigning,
-            olmDeviceHasMaster: olmDeviceStatus.hasMaster,
-            olmDeviceHasUserSigning: olmDeviceStatus.hasUserSigning,
-            olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,
-            privateKeysInSecretStorage,
-        });
-        if (olmDeviceHasKeys) {
-            if (!(await this.secretStorage.hasKey())) {
-                this.logger.warn(
-                    "bootstrapCrossSigning: Olm device has private keys, but secret storage is not yet set up; doing nothing for now.",
-                );
-                // the keys should get uploaded to 4S once that is set up.
-            } else if (!privateKeysInSecretStorage) {
-                // the device has the keys but they are not in 4S, so update it
-                this.logger.debug("bootstrapCrossSigning: Olm device has private keys: exporting to secret storage");
-                await this.exportCrossSigningKeysToStorage();
-            } else {
-                this.logger.debug(
-                    "bootstrapCrossSigning: Olm device has private keys and they are saved in secret storage; doing nothing",
-                );
-            }
-        } /* (!olmDeviceHasKeys) */ else {
-            if (privateKeysInSecretStorage) {
-                // they are in 4S, so import from there
-                this.logger.debug(
-                    "bootstrapCrossSigning: Cross-signing private keys not found locally, but they are available " +
-                        "in secret storage, reading storage and caching locally",
-                );
-                const status = await this.olmMachine.importCrossSigningKeys(
-                    masterKeyFromSecretStorage,
-                    selfSigningKeyFromSecretStorage,
-                    userSigningKeyFromSecretStorage,
-                );
-                // Check that `importCrossSigningKeys` worked correctly (for example, it will fail silently if the
-                // public keys are not available).
-                if (!status.hasMaster || !status.hasSelfSigning || !status.hasUserSigning) {
-                    throw new Error("importCrossSigningKeys failed to import the keys");
-                }
-                // Get the current device
-                const device: RustSdkCryptoJs.Device = (await this.olmMachine.getDevice(
-                    this.olmMachine.userId,
-                    this.olmMachine.deviceId,
-                ))!;
-                try {
-                    // Sign the device with our cross-signing key and upload the signature
-                    const request: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();
-                    await this.outgoingRequestProcessor.makeOutgoingRequest(request);
-                } finally {
-                    device.free();
-                }
-            } else {
-                this.logger.debug(
-                    "bootstrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys",
-                );
-                await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);
-            }
-        }
-        // TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the
-        //   server -- in which case we should call OlmDevice.bootstrap_cross_signing. How do we know?
-        this.logger.debug("bootstrapCrossSigning: complete");
-    }
-    /** Reset our cross-signing keys
-     *
-     * This method will:
-     *   * Tell the OlmMachine to create new keys
-     *   * Upload the new public keys and the device signature to the server
-     *   * Upload the private keys to SSSS, if it is set up
-     */
-    private async resetCrossSigning(authUploadDeviceSigningKeys?: UIAuthCallback<void>): Promise<void> {
-        // XXX: We must find a way to make this atomic, currently if the user does not remember his account password
-        // or 4S passphrase/key the process will fail in a bad state, with keys rotated but not uploaded or saved in 4S.
-        const outgoingRequests: CrossSigningBootstrapRequests = await this.olmMachine.bootstrapCrossSigning(true);
-        // If 4S is configured we need to update it.
-        if (!(await this.secretStorage.hasKey())) {
-            this.logger.warn(
-                "resetCrossSigning: Secret storage is not yet set up; not exporting keys to secret storage yet.",
-            );
-            // the keys should get uploaded to 4S once that is set up.
-        } else {
-            // Update 4S before uploading cross-signing keys, to stay consistent with legacy that asks
-            // 4S passphrase before asking for account password.
-            // Ultimately should be made atomic and resistant to forgotten password/passphrase.
-            this.logger.debug("resetCrossSigning: exporting private keys to secret storage");
-            await this.exportCrossSigningKeysToStorage();
-        }
-        this.logger.debug("resetCrossSigning: publishing public keys to server");
-        for (const req of [
-            outgoingRequests.uploadKeysRequest,
-            outgoingRequests.uploadSigningKeysRequest,
-            outgoingRequests.uploadSignaturesRequest,
-        ]) {
-            if (req) {
-                await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);
-            }
-        }
-    }
-    /**
-     * Extract the cross-signing keys from the olm machine and save them to secret storage, if it is configured
-     *
-     * (If secret storage is *not* configured, we assume that the export will happen when it is set up)
-     */
-    private async exportCrossSigningKeysToStorage(): Promise<void> {
-        const exported: RustSdkCryptoJs.CrossSigningKeyExport | undefined =
-            await this.olmMachine.exportCrossSigningKeys();
-        /* istanbul ignore else (this function is only called when we know the olm machine has keys) */
-        if (exported?.masterKey) {
-            await this.secretStorage.store("m.cross_signing.master", exported.masterKey);
-        } else {
-            this.logger.error(`Cannot export MSK to secret storage, private key unknown`);
-        }
-        if (exported?.self_signing_key) {
-            await this.secretStorage.store("m.cross_signing.self_signing", exported.self_signing_key);
-        } else {
-            this.logger.error(`Cannot export SSK to secret storage, private key unknown`);
-        }
-        if (exported?.userSigningKey) {
-            await this.secretStorage.store("m.cross_signing.user_signing", exported.userSigningKey);
-        } else {
-            this.logger.error(`Cannot export USK to secret storage, private key unknown`);
-        }
-    }
-}
+/*
+Copyright 2023 The Matrix.org Foundation C.I.C.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+import {
+    type OlmMachine,
+    type CrossSigningStatus,
+    type CrossSigningBootstrapRequests,
+} from "@matrix-org/matrix-sdk-crypto-wasm";
+import type * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";
+import { type BootstrapCrossSigningOpts } from "../crypto-api/index.ts";
+import { type Logger } from "../logger.ts";
+import { type OutgoingRequestProcessor } from "./OutgoingRequestProcessor.ts";
+import { type UIAuthCallback } from "../interactive-auth.ts";
+import { type ServerSideSecretStorage } from "../secret-storage.ts";
+/** Manages the cross-signing keys for our own user.
+ *
+ * @internal
+ */
+export class CrossSigningIdentity {
+    public constructor(
+        private readonly logger: Logger,
+        private readonly olmMachine: OlmMachine,
+        private readonly outgoingRequestProcessor: OutgoingRequestProcessor,
+        private readonly secretStorage: ServerSideSecretStorage,
+    ) {}
+    /**
+     * Initialise our cross-signing keys by creating new keys if they do not exist, and uploading to the server
+     */
+    public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {
+        if (opts.setupNewCrossSigning) {
+            await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);
+            return;
+        }
+        const olmDeviceStatus: CrossSigningStatus = await this.olmMachine.crossSigningStatus();
+        // Try to fetch cross signing keys from the secret storage
+        const masterKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.master");
+        const selfSigningKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.self_signing");
+        const userSigningKeyFromSecretStorage = await this.secretStorage.get("m.cross_signing.user_signing");
+        const privateKeysInSecretStorage = Boolean(
+            masterKeyFromSecretStorage && selfSigningKeyFromSecretStorage && userSigningKeyFromSecretStorage,
+        );
+        const olmDeviceHasKeys =
+            olmDeviceStatus.hasMaster && olmDeviceStatus.hasUserSigning && olmDeviceStatus.hasSelfSigning;
+        // Log all relevant state for easier parsing of debug logs.
+        this.logger.debug("bootstrapCrossSigning: starting", {
+            setupNewCrossSigning: opts.setupNewCrossSigning,
+            olmDeviceHasMaster: olmDeviceStatus.hasMaster,
+            olmDeviceHasUserSigning: olmDeviceStatus.hasUserSigning,
+            olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,
+            privateKeysInSecretStorage,
+        });
+        if (olmDeviceHasKeys) {
+            if (!(await this.secretStorage.hasKey())) {
+                this.logger.warn(
+                    "bootstrapCrossSigning: Olm device has private keys, but secret storage is not yet set up; doing nothing for now.",
+                );
+                // the keys should get uploaded to 4S once that is set up.
+            } else if (!privateKeysInSecretStorage) {
+                // the device has the keys but they are not in 4S, so update it
+                this.logger.debug("bootstrapCrossSigning: Olm device has private keys: exporting to secret storage");
+                await this.exportCrossSigningKeysToStorage();
+            } else {
+                this.logger.debug(
+                    "bootstrapCrossSigning: Olm device has private keys and they are saved in secret storage; doing nothing",
+                );
+            }
+        } /* (!olmDeviceHasKeys) */ else {
+            if (privateKeysInSecretStorage) {
+                // they are in 4S, so import from there
+                this.logger.debug(
+                    "bootstrapCrossSigning: Cross-signing private keys not found locally, but they are available " +
+                        "in secret storage, reading storage and caching locally",
+                );
+                const status = await this.olmMachine.importCrossSigningKeys(
+                    masterKeyFromSecretStorage,
+                    selfSigningKeyFromSecretStorage,
+                    userSigningKeyFromSecretStorage,
+                );
+                // Check that `importCrossSigningKeys` worked correctly (for example, it will fail silently if the
+                // public keys are not available).
+                if (!status.hasMaster || !status.hasSelfSigning || !status.hasUserSigning) {
+                    throw new Error("importCrossSigningKeys failed to import the keys");
+                }
+                // Get the current device
+                const device: RustSdkCryptoJs.Device = (await this.olmMachine.getDevice(
+                    this.olmMachine.userId,
+                    this.olmMachine.deviceId,
+                ))!;
+                try {
+                    // Sign the device with our cross-signing key and upload the signature
+                    const request: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();
+                    await this.outgoingRequestProcessor.makeOutgoingRequest(request);
+                } finally {
+                    device.free();
+                }
+            } else {
+                this.logger.debug(
+                    "bootstrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys",
+                );
+                await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);
+            }
+        }
+        // TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the
+        //   server -- in which case we should call OlmDevice.bootstrap_cross_signing. How do we know?
+        this.logger.debug("bootstrapCrossSigning: complete");
+    }
+    /** Reset our cross-signing keys
+     *
+     * This method will:
+     *   * Tell the OlmMachine to create new keys
+     *   * Upload the new public keys and the device signature to the server
+     *   * Upload the private keys to SSSS, if it is set up
+     */
+    private async resetCrossSigning(authUploadDeviceSigningKeys?: UIAuthCallback<void>): Promise<void> {
+        // XXX: We must find a way to make this atomic, currently if the user does not remember his account password
+        // or 4S passphrase/key the process will fail in a bad state, with keys rotated but not uploaded or saved in 4S.
+        const outgoingRequests: CrossSigningBootstrapRequests = await this.olmMachine.bootstrapCrossSigning(true);
+        // If 4S is configured we need to update it.
+        if (!(await this.secretStorage.hasKey())) {
+            this.logger.warn(
+                "resetCrossSigning: Secret storage is not yet set up; not exporting keys to secret storage yet.",
+            );
+            // the keys should get uploaded to 4S once that is set up.
+        } else {
+            // Update 4S before uploading cross-signing keys, to stay consistent with legacy that asks
+            // 4S passphrase before asking for account password.
+            // Ultimately should be made atomic and resistant to forgotten password/passphrase.
+            this.logger.debug("resetCrossSigning: exporting private keys to secret storage");
+            await this.exportCrossSigningKeysToStorage();
+        }
+        this.logger.debug("resetCrossSigning: publishing public keys to server");
+        for (const req of [
+            outgoingRequests.uploadKeysRequest,
+            outgoingRequests.uploadSigningKeysRequest,
+            outgoingRequests.uploadSignaturesRequest,
+        ]) {
+            if (req) {
+                await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);
+            }
+        }
+    }
+    /**
+     * Extract the cross-signing keys from the olm machine and save them to secret storage, if it is configured
+     *
+     * (If secret storage is *not* configured, we assume that the export will happen when it is set up)
+     */
+    private async exportCrossSigningKeysToStorage(): Promise<void> {
+        const exported: RustSdkCryptoJs.CrossSigningKeyExport | undefined =
+            await this.olmMachine.exportCrossSigningKeys();
+        /* istanbul ignore else (this function is only called when we know the olm machine has keys) */
+        if (exported?.masterKey) {
+            await this.secretStorage.store("m.cross_signing.master", exported.masterKey);
+        } else {
+            this.logger.error(`Cannot export MSK to secret storage, private key unknown`);
+        }
+        if (exported?.self_signing_key) {
+            await this.secretStorage.store("m.cross_signing.self_signing", exported.self_signing_key);
+        } else {
+            this.logger.error(`Cannot export SSK to secret storage, private key unknown`);
+        }
+        if (exported?.userSigningKey) {
+            await this.secretStorage.store("m.cross_signing.user_signing", exported.userSigningKey);
+        } else {
+            this.logger.error(`Cannot export USK to secret storage, private key unknown`);
+        }
+    }
+}