@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-3
Sign up to get free protection for your applications and to get access to all the features.
- package/git-revision.txt +1 -1
- package/lib/@types/global.d.js +0 -2
- package/lib/@types/global.d.js.map +1 -1
- package/lib/browser-index.d.ts.map +1 -1
- package/lib/browser-index.js +0 -11
- package/lib/browser-index.js.map +1 -1
- package/lib/client.d.ts +2 -1176
- package/lib/client.d.ts.map +1 -1
- package/lib/client.js +346 -2717
- package/lib/client.js.map +1 -1
- package/lib/embedded.d.ts +0 -22
- package/lib/embedded.d.ts.map +1 -1
- package/lib/embedded.js +24 -166
- package/lib/embedded.js.map +1 -1
- package/lib/event-mapper.d.ts.map +1 -1
- package/lib/event-mapper.js +0 -4
- package/lib/event-mapper.js.map +1 -1
- package/lib/matrix.d.ts +0 -19
- package/lib/matrix.d.ts.map +1 -1
- package/lib/matrix.js +1 -26
- package/lib/matrix.js.map +1 -1
- package/lib/models/MSC3089Branch.d.ts.map +1 -1
- package/lib/models/MSC3089Branch.js +0 -3
- package/lib/models/MSC3089Branch.js.map +1 -1
- package/lib/models/event.d.ts +0 -94
- package/lib/models/event.d.ts.map +1 -1
- package/lib/models/event.js +0 -274
- package/lib/models/event.js.map +1 -1
- package/lib/models/poll.d.ts.map +1 -1
- package/lib/models/poll.js +1 -5
- package/lib/models/poll.js.map +1 -1
- package/lib/models/relations-container.d.ts.map +1 -1
- package/lib/models/relations-container.js +1 -7
- package/lib/models/relations-container.js.map +1 -1
- package/lib/models/relations.d.ts +0 -1
- package/lib/models/relations.d.ts.map +1 -1
- package/lib/models/relations.js +0 -8
- package/lib/models/relations.js.map +1 -1
- package/lib/models/room-state.d.ts.map +1 -1
- package/lib/models/room-state.js +10 -26
- package/lib/models/room-state.js.map +1 -1
- package/lib/models/room.d.ts +0 -18
- package/lib/models/room.d.ts.map +1 -1
- package/lib/models/room.js +94 -148
- package/lib/models/room.js.map +1 -1
- package/lib/models/thread.d.ts.map +1 -1
- package/lib/models/thread.js +0 -1
- package/lib/models/thread.js.map +1 -1
- package/lib/sliding-sync-sdk.d.ts +2 -3
- package/lib/sliding-sync-sdk.d.ts.map +1 -1
- package/lib/sliding-sync-sdk.js +41 -90
- package/lib/sliding-sync-sdk.js.map +1 -1
- package/lib/sync.d.ts +0 -12
- package/lib/sync.d.ts.map +1 -1
- package/lib/sync.js +1 -73
- package/lib/sync.js.map +1 -1
- package/lib/testing.d.ts +0 -48
- package/lib/testing.d.ts.map +1 -1
- package/lib/testing.js +0 -105
- package/lib/testing.js.map +1 -1
- package/package.json +1 -3
- package/src/@types/global.d.ts +0 -3
- package/src/browser-index.ts +0 -11
- package/src/client.ts +57 -2732
- package/src/embedded.ts +3 -130
- package/src/event-mapper.ts +0 -4
- package/src/matrix.ts +0 -28
- package/src/models/MSC3089Branch.ts +0 -3
- package/src/models/event.ts +0 -289
- package/src/models/poll.ts +0 -6
- package/src/models/relations-container.ts +1 -8
- package/src/models/relations.ts +0 -8
- package/src/models/room-state.ts +2 -8
- package/src/models/room.ts +0 -62
- package/src/models/thread.ts +0 -1
- package/src/sliding-sync-sdk.ts +2 -72
- package/src/sync.ts +1 -98
- package/src/testing.ts +0 -108
- package/lib/@types/crypto.d.ts +0 -47
- package/lib/@types/crypto.d.ts.map +0 -1
- package/lib/@types/crypto.js +0 -1
- package/lib/@types/crypto.js.map +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js.map +0 -1
- package/lib/common-crypto/CryptoBackend.d.ts +0 -240
- package/lib/common-crypto/CryptoBackend.d.ts.map +0 -1
- package/lib/common-crypto/CryptoBackend.js +0 -73
- package/lib/common-crypto/CryptoBackend.js.map +0 -1
- package/lib/common-crypto/key-passphrase.d.ts +0 -14
- package/lib/common-crypto/key-passphrase.d.ts.map +0 -1
- package/lib/common-crypto/key-passphrase.js +0 -33
- package/lib/common-crypto/key-passphrase.js.map +0 -1
- package/lib/crypto/CrossSigning.d.ts +0 -184
- package/lib/crypto/CrossSigning.d.ts.map +0 -1
- package/lib/crypto/CrossSigning.js +0 -718
- package/lib/crypto/CrossSigning.js.map +0 -1
- package/lib/crypto/DeviceList.d.ts +0 -216
- package/lib/crypto/DeviceList.d.ts.map +0 -1
- package/lib/crypto/DeviceList.js +0 -892
- package/lib/crypto/DeviceList.js.map +0 -1
- package/lib/crypto/EncryptionSetup.d.ts +0 -152
- package/lib/crypto/EncryptionSetup.d.ts.map +0 -1
- package/lib/crypto/EncryptionSetup.js +0 -356
- package/lib/crypto/EncryptionSetup.js.map +0 -1
- package/lib/crypto/OlmDevice.d.ts +0 -457
- package/lib/crypto/OlmDevice.d.ts.map +0 -1
- package/lib/crypto/OlmDevice.js +0 -1241
- package/lib/crypto/OlmDevice.js.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts +0 -109
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.js +0 -415
- package/lib/crypto/OutgoingRoomKeyRequestManager.js.map +0 -1
- package/lib/crypto/RoomList.d.ts +0 -26
- package/lib/crypto/RoomList.d.ts.map +0 -1
- package/lib/crypto/RoomList.js +0 -71
- package/lib/crypto/RoomList.js.map +0 -1
- package/lib/crypto/SecretSharing.d.ts +0 -24
- package/lib/crypto/SecretSharing.d.ts.map +0 -1
- package/lib/crypto/SecretSharing.js +0 -194
- package/lib/crypto/SecretSharing.js.map +0 -1
- package/lib/crypto/SecretStorage.d.ts +0 -55
- package/lib/crypto/SecretStorage.d.ts.map +0 -1
- package/lib/crypto/SecretStorage.js +0 -118
- package/lib/crypto/SecretStorage.js.map +0 -1
- package/lib/crypto/aes.d.ts +0 -6
- package/lib/crypto/aes.d.ts.map +0 -1
- package/lib/crypto/aes.js +0 -24
- package/lib/crypto/aes.js.map +0 -1
- package/lib/crypto/algorithms/base.d.ts +0 -156
- package/lib/crypto/algorithms/base.d.ts.map +0 -1
- package/lib/crypto/algorithms/base.js +0 -187
- package/lib/crypto/algorithms/base.js.map +0 -1
- package/lib/crypto/algorithms/index.d.ts +0 -4
- package/lib/crypto/algorithms/index.d.ts.map +0 -1
- package/lib/crypto/algorithms/index.js +0 -20
- package/lib/crypto/algorithms/index.js.map +0 -1
- package/lib/crypto/algorithms/megolm.d.ts +0 -385
- package/lib/crypto/algorithms/megolm.d.ts.map +0 -1
- package/lib/crypto/algorithms/megolm.js +0 -1822
- package/lib/crypto/algorithms/megolm.js.map +0 -1
- package/lib/crypto/algorithms/olm.d.ts +0 -5
- package/lib/crypto/algorithms/olm.d.ts.map +0 -1
- package/lib/crypto/algorithms/olm.js +0 -299
- package/lib/crypto/algorithms/olm.js.map +0 -1
- package/lib/crypto/api.d.ts +0 -32
- package/lib/crypto/api.d.ts.map +0 -1
- package/lib/crypto/api.js +0 -22
- package/lib/crypto/api.js.map +0 -1
- package/lib/crypto/backup.d.ts +0 -227
- package/lib/crypto/backup.d.ts.map +0 -1
- package/lib/crypto/backup.js +0 -824
- package/lib/crypto/backup.js.map +0 -1
- package/lib/crypto/crypto.d.ts +0 -3
- package/lib/crypto/crypto.d.ts.map +0 -1
- package/lib/crypto/crypto.js +0 -19
- package/lib/crypto/crypto.js.map +0 -1
- package/lib/crypto/dehydration.d.ts +0 -34
- package/lib/crypto/dehydration.d.ts.map +0 -1
- package/lib/crypto/dehydration.js +0 -252
- package/lib/crypto/dehydration.js.map +0 -1
- package/lib/crypto/device-converter.d.ts +0 -9
- package/lib/crypto/device-converter.d.ts.map +0 -1
- package/lib/crypto/device-converter.js +0 -42
- package/lib/crypto/device-converter.js.map +0 -1
- package/lib/crypto/deviceinfo.d.ts +0 -99
- package/lib/crypto/deviceinfo.d.ts.map +0 -1
- package/lib/crypto/deviceinfo.js +0 -148
- package/lib/crypto/deviceinfo.js.map +0 -1
- package/lib/crypto/index.d.ts +0 -1209
- package/lib/crypto/index.d.ts.map +0 -1
- package/lib/crypto/index.js +0 -4097
- package/lib/crypto/index.js.map +0 -1
- package/lib/crypto/key_passphrase.d.ts +0 -14
- package/lib/crypto/key_passphrase.d.ts.map +0 -1
- package/lib/crypto/key_passphrase.js +0 -44
- package/lib/crypto/key_passphrase.js.map +0 -1
- package/lib/crypto/keybackup.d.ts +0 -18
- package/lib/crypto/keybackup.d.ts.map +0 -1
- package/lib/crypto/keybackup.js +0 -1
- package/lib/crypto/keybackup.js.map +0 -1
- package/lib/crypto/olmlib.d.ts +0 -129
- package/lib/crypto/olmlib.d.ts.map +0 -1
- package/lib/crypto/olmlib.js +0 -492
- package/lib/crypto/olmlib.js.map +0 -1
- package/lib/crypto/recoverykey.d.ts +0 -2
- package/lib/crypto/recoverykey.d.ts.map +0 -1
- package/lib/crypto/recoverykey.js +0 -19
- package/lib/crypto/recoverykey.js.map +0 -1
- package/lib/crypto/store/base.d.ts +0 -252
- package/lib/crypto/store/base.d.ts.map +0 -1
- package/lib/crypto/store/base.js +0 -64
- package/lib/crypto/store/base.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts +0 -187
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.js +0 -1145
- package/lib/crypto/store/indexeddb-crypto-store-backend.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.d.ts +0 -432
- package/lib/crypto/store/indexeddb-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.js +0 -728
- package/lib/crypto/store/indexeddb-crypto-store.js.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.d.ts +0 -119
- package/lib/crypto/store/localStorage-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.js +0 -531
- package/lib/crypto/store/localStorage-crypto-store.js.map +0 -1
- package/lib/crypto/store/memory-crypto-store.d.ts +0 -215
- package/lib/crypto/store/memory-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/memory-crypto-store.js +0 -622
- package/lib/crypto/store/memory-crypto-store.js.map +0 -1
- package/lib/crypto/verification/Base.d.ts +0 -105
- package/lib/crypto/verification/Base.d.ts.map +0 -1
- package/lib/crypto/verification/Base.js +0 -372
- package/lib/crypto/verification/Base.js.map +0 -1
- package/lib/crypto/verification/Error.d.ts +0 -35
- package/lib/crypto/verification/Error.d.ts.map +0 -1
- package/lib/crypto/verification/Error.js +0 -86
- package/lib/crypto/verification/Error.js.map +0 -1
- package/lib/crypto/verification/IllegalMethod.d.ts +0 -15
- package/lib/crypto/verification/IllegalMethod.d.ts.map +0 -1
- package/lib/crypto/verification/IllegalMethod.js +0 -43
- package/lib/crypto/verification/IllegalMethod.js.map +0 -1
- package/lib/crypto/verification/QRCode.d.ts +0 -51
- package/lib/crypto/verification/QRCode.d.ts.map +0 -1
- package/lib/crypto/verification/QRCode.js +0 -277
- package/lib/crypto/verification/QRCode.js.map +0 -1
- package/lib/crypto/verification/SAS.d.ts +0 -27
- package/lib/crypto/verification/SAS.d.ts.map +0 -1
- package/lib/crypto/verification/SAS.js +0 -485
- package/lib/crypto/verification/SAS.js.map +0 -1
- package/lib/crypto/verification/SASDecimal.d.ts +0 -8
- package/lib/crypto/verification/SASDecimal.d.ts.map +0 -1
- package/lib/crypto/verification/SASDecimal.js +0 -34
- package/lib/crypto/verification/SASDecimal.js.map +0 -1
- package/lib/crypto/verification/request/Channel.d.ts +0 -18
- package/lib/crypto/verification/request/Channel.d.ts.map +0 -1
- package/lib/crypto/verification/request/Channel.js +0 -1
- package/lib/crypto/verification/request/Channel.js.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.d.ts +0 -113
- package/lib/crypto/verification/request/InRoomChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.js +0 -351
- package/lib/crypto/verification/request/InRoomChannel.js.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts +0 -105
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.js +0 -328
- package/lib/crypto/verification/request/ToDeviceChannel.js.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.d.ts +0 -227
- package/lib/crypto/verification/request/VerificationRequest.d.ts.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.js +0 -937
- package/lib/crypto/verification/request/VerificationRequest.js.map +0 -1
- package/lib/crypto-api/CryptoEvent.d.ts +0 -69
- package/lib/crypto-api/CryptoEvent.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEvent.js +0 -33
- package/lib/crypto-api/CryptoEvent.js.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts +0 -16
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.js +0 -22
- package/lib/crypto-api/CryptoEventHandlerMap.js.map +0 -1
- package/lib/crypto-api/index.d.ts +0 -978
- package/lib/crypto-api/index.d.ts.map +0 -1
- package/lib/crypto-api/index.js +0 -304
- package/lib/crypto-api/index.js.map +0 -1
- package/lib/crypto-api/key-passphrase.d.ts +0 -11
- package/lib/crypto-api/key-passphrase.d.ts.map +0 -1
- package/lib/crypto-api/key-passphrase.js +0 -51
- package/lib/crypto-api/key-passphrase.js.map +0 -1
- package/lib/crypto-api/keybackup.d.ts +0 -88
- package/lib/crypto-api/keybackup.d.ts.map +0 -1
- package/lib/crypto-api/keybackup.js +0 -1
- package/lib/crypto-api/keybackup.js.map +0 -1
- package/lib/crypto-api/recovery-key.d.ts +0 -11
- package/lib/crypto-api/recovery-key.d.ts.map +0 -1
- package/lib/crypto-api/recovery-key.js +0 -65
- package/lib/crypto-api/recovery-key.js.map +0 -1
- package/lib/crypto-api/verification.d.ts +0 -344
- package/lib/crypto-api/verification.d.ts.map +0 -1
- package/lib/crypto-api/verification.js +0 -91
- package/lib/crypto-api/verification.js.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts +0 -112
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.js +0 -392
- package/lib/rendezvous/MSC4108SignInWithQR.js.map +0 -1
- package/lib/rendezvous/RendezvousChannel.d.ts +0 -27
- package/lib/rendezvous/RendezvousChannel.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousChannel.js +0 -1
- package/lib/rendezvous/RendezvousChannel.js.map +0 -1
- package/lib/rendezvous/RendezvousCode.d.ts +0 -9
- package/lib/rendezvous/RendezvousCode.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousCode.js +0 -1
- package/lib/rendezvous/RendezvousCode.js.map +0 -1
- package/lib/rendezvous/RendezvousError.d.ts +0 -6
- package/lib/rendezvous/RendezvousError.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousError.js +0 -23
- package/lib/rendezvous/RendezvousError.js.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.d.ts +0 -31
- package/lib/rendezvous/RendezvousFailureReason.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.js +0 -38
- package/lib/rendezvous/RendezvousFailureReason.js.map +0 -1
- package/lib/rendezvous/RendezvousIntent.d.ts +0 -5
- package/lib/rendezvous/RendezvousIntent.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousIntent.js +0 -22
- package/lib/rendezvous/RendezvousIntent.js.map +0 -1
- package/lib/rendezvous/RendezvousTransport.d.ts +0 -36
- package/lib/rendezvous/RendezvousTransport.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousTransport.js +0 -1
- package/lib/rendezvous/RendezvousTransport.js.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts +0 -58
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.js +0 -246
- package/lib/rendezvous/channels/MSC4108SecureChannel.js.map +0 -1
- package/lib/rendezvous/channels/index.d.ts +0 -2
- package/lib/rendezvous/channels/index.d.ts.map +0 -1
- package/lib/rendezvous/channels/index.js +0 -18
- package/lib/rendezvous/channels/index.js.map +0 -1
- package/lib/rendezvous/index.d.ts +0 -10
- package/lib/rendezvous/index.d.ts.map +0 -1
- package/lib/rendezvous/index.js +0 -23
- package/lib/rendezvous/index.js.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts +0 -61
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js +0 -253
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js.map +0 -1
- package/lib/rendezvous/transports/index.d.ts +0 -2
- package/lib/rendezvous/transports/index.d.ts.map +0 -1
- package/lib/rendezvous/transports/index.js +0 -18
- package/lib/rendezvous/transports/index.js.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.d.ts +0 -33
- package/lib/rust-crypto/CrossSigningIdentity.d.ts.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.js +0 -157
- package/lib/rust-crypto/CrossSigningIdentity.js.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts +0 -98
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.js +0 -285
- package/lib/rust-crypto/DehydratedDeviceManager.js.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.d.ts +0 -33
- package/lib/rust-crypto/KeyClaimManager.d.ts.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.js +0 -82
- package/lib/rust-crypto/KeyClaimManager.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts +0 -43
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.js +0 -195
- package/lib/rust-crypto/OutgoingRequestProcessor.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts +0 -47
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.js +0 -148
- package/lib/rust-crypto/OutgoingRequestsManager.js.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts +0 -120
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js +0 -467
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.d.ts +0 -98
- package/lib/rust-crypto/RoomEncryptor.d.ts.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.js +0 -299
- package/lib/rust-crypto/RoomEncryptor.js.map +0 -1
- package/lib/rust-crypto/backup.d.ts +0 -254
- package/lib/rust-crypto/backup.d.ts.map +0 -1
- package/lib/rust-crypto/backup.js +0 -837
- package/lib/rust-crypto/backup.js.map +0 -1
- package/lib/rust-crypto/constants.d.ts +0 -3
- package/lib/rust-crypto/constants.d.ts.map +0 -1
- package/lib/rust-crypto/constants.js +0 -19
- package/lib/rust-crypto/constants.js.map +0 -1
- package/lib/rust-crypto/device-converter.d.ts +0 -28
- package/lib/rust-crypto/device-converter.d.ts.map +0 -1
- package/lib/rust-crypto/device-converter.js +0 -123
- package/lib/rust-crypto/device-converter.js.map +0 -1
- package/lib/rust-crypto/index.d.ts +0 -61
- package/lib/rust-crypto/index.d.ts.map +0 -1
- package/lib/rust-crypto/index.js +0 -152
- package/lib/rust-crypto/index.js.map +0 -1
- package/lib/rust-crypto/libolm_migration.d.ts +0 -81
- package/lib/rust-crypto/libolm_migration.d.ts.map +0 -1
- package/lib/rust-crypto/libolm_migration.js +0 -459
- package/lib/rust-crypto/libolm_migration.js.map +0 -1
- package/lib/rust-crypto/rust-crypto.d.ts +0 -556
- package/lib/rust-crypto/rust-crypto.d.ts.map +0 -1
- package/lib/rust-crypto/rust-crypto.js +0 -2016
- package/lib/rust-crypto/rust-crypto.js.map +0 -1
- package/lib/rust-crypto/secret-storage.d.ts +0 -22
- package/lib/rust-crypto/secret-storage.d.ts.map +0 -1
- package/lib/rust-crypto/secret-storage.js +0 -63
- package/lib/rust-crypto/secret-storage.js.map +0 -1
- package/lib/rust-crypto/verification.d.ts +0 -319
- package/lib/rust-crypto/verification.d.ts.map +0 -1
- package/lib/rust-crypto/verification.js +0 -816
- package/lib/rust-crypto/verification.js.map +0 -1
- package/lib/secret-storage.d.ts +0 -370
- package/lib/secret-storage.d.ts.map +0 -1
- package/lib/secret-storage.js +0 -466
- package/lib/secret-storage.js.map +0 -1
- package/src/@types/crypto.ts +0 -73
- package/src/@types/matrix-sdk-crypto-wasm.d.ts +0 -44
- package/src/common-crypto/CryptoBackend.ts +0 -302
- package/src/common-crypto/README.md +0 -4
- package/src/common-crypto/key-passphrase.ts +0 -43
- package/src/crypto/CrossSigning.ts +0 -773
- package/src/crypto/DeviceList.ts +0 -989
- package/src/crypto/EncryptionSetup.ts +0 -351
- package/src/crypto/OlmDevice.ts +0 -1500
- package/src/crypto/OutgoingRoomKeyRequestManager.ts +0 -485
- package/src/crypto/RoomList.ts +0 -70
- package/src/crypto/SecretSharing.ts +0 -240
- package/src/crypto/SecretStorage.ts +0 -136
- package/src/crypto/aes.ts +0 -23
- package/src/crypto/algorithms/base.ts +0 -236
- package/src/crypto/algorithms/index.ts +0 -20
- package/src/crypto/algorithms/megolm.ts +0 -2216
- package/src/crypto/algorithms/olm.ts +0 -381
- package/src/crypto/api.ts +0 -70
- package/src/crypto/backup.ts +0 -922
- package/src/crypto/crypto.ts +0 -18
- package/src/crypto/dehydration.ts +0 -272
- package/src/crypto/device-converter.ts +0 -45
- package/src/crypto/deviceinfo.ts +0 -158
- package/src/crypto/index.ts +0 -4414
- package/src/crypto/key_passphrase.ts +0 -42
- package/src/crypto/keybackup.ts +0 -47
- package/src/crypto/olmlib.ts +0 -539
- package/src/crypto/recoverykey.ts +0 -18
- package/src/crypto/store/base.ts +0 -348
- package/src/crypto/store/indexeddb-crypto-store-backend.ts +0 -1250
- package/src/crypto/store/indexeddb-crypto-store.ts +0 -845
- package/src/crypto/store/localStorage-crypto-store.ts +0 -579
- package/src/crypto/store/memory-crypto-store.ts +0 -680
- package/src/crypto/verification/Base.ts +0 -409
- package/src/crypto/verification/Error.ts +0 -76
- package/src/crypto/verification/IllegalMethod.ts +0 -50
- package/src/crypto/verification/QRCode.ts +0 -310
- package/src/crypto/verification/SAS.ts +0 -494
- package/src/crypto/verification/SASDecimal.ts +0 -37
- package/src/crypto/verification/request/Channel.ts +0 -34
- package/src/crypto/verification/request/InRoomChannel.ts +0 -371
- package/src/crypto/verification/request/ToDeviceChannel.ts +0 -354
- package/src/crypto/verification/request/VerificationRequest.ts +0 -976
- package/src/crypto-api/CryptoEvent.ts +0 -93
- package/src/crypto-api/CryptoEventHandlerMap.ts +0 -32
- package/src/crypto-api/index.ts +0 -1175
- package/src/crypto-api/key-passphrase.ts +0 -58
- package/src/crypto-api/keybackup.ts +0 -115
- package/src/crypto-api/recovery-key.ts +0 -69
- package/src/crypto-api/verification.ts +0 -408
- package/src/rendezvous/MSC4108SignInWithQR.ts +0 -444
- package/src/rendezvous/RendezvousChannel.ts +0 -48
- package/src/rendezvous/RendezvousCode.ts +0 -25
- package/src/rendezvous/RendezvousError.ts +0 -26
- package/src/rendezvous/RendezvousFailureReason.ts +0 -49
- package/src/rendezvous/RendezvousIntent.ts +0 -20
- package/src/rendezvous/RendezvousTransport.ts +0 -58
- package/src/rendezvous/channels/MSC4108SecureChannel.ts +0 -270
- package/src/rendezvous/channels/index.ts +0 -17
- package/src/rendezvous/index.ts +0 -25
- package/src/rendezvous/transports/MSC4108RendezvousSession.ts +0 -270
- package/src/rendezvous/transports/index.ts +0 -17
- package/src/rust-crypto/CrossSigningIdentity.ts +0 -183
- package/src/rust-crypto/DehydratedDeviceManager.ts +0 -306
- package/src/rust-crypto/KeyClaimManager.ts +0 -86
- package/src/rust-crypto/OutgoingRequestProcessor.ts +0 -236
- package/src/rust-crypto/OutgoingRequestsManager.ts +0 -143
- package/src/rust-crypto/PerSessionKeyBackupDownloader.ts +0 -501
- package/src/rust-crypto/RoomEncryptor.ts +0 -352
- package/src/rust-crypto/backup.ts +0 -881
- package/src/rust-crypto/constants.ts +0 -18
- package/src/rust-crypto/device-converter.ts +0 -128
- package/src/rust-crypto/index.ts +0 -237
- package/src/rust-crypto/libolm_migration.ts +0 -530
- package/src/rust-crypto/rust-crypto.ts +0 -2205
- package/src/rust-crypto/secret-storage.ts +0 -60
- package/src/rust-crypto/verification.ts +0 -830
- package/src/secret-storage.ts +0 -693
package/src/secret-storage.ts
DELETED
@@ -1,693 +0,0 @@
|
|
1
|
-
/*
|
2
|
-
Copyright 2021-2023 The Matrix.org Foundation C.I.C.
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
*/
|
16
|
-
|
17
|
-
/**
|
18
|
-
* Implementation of server-side secret storage
|
19
|
-
*
|
20
|
-
* @see https://spec.matrix.org/v1.6/client-server-api/#storage
|
21
|
-
*/
|
22
|
-
|
23
|
-
import { TypedEventEmitter } from "./models/typed-event-emitter.ts";
|
24
|
-
import { ClientEvent, ClientEventHandlerMap } from "./client.ts";
|
25
|
-
import { MatrixEvent } from "./models/event.ts";
|
26
|
-
import { randomString } from "./randomstring.ts";
|
27
|
-
import { logger } from "./logger.ts";
|
28
|
-
import encryptAESSecretStorageItem from "./utils/encryptAESSecretStorageItem.ts";
|
29
|
-
import decryptAESSecretStorageItem from "./utils/decryptAESSecretStorageItem.ts";
|
30
|
-
import { AESEncryptedSecretStoragePayload } from "./@types/AESEncryptedSecretStoragePayload.ts";
|
31
|
-
|
32
|
-
export const SECRET_STORAGE_ALGORITHM_V1_AES = "m.secret_storage.v1.aes-hmac-sha2";
|
33
|
-
|
34
|
-
/**
|
35
|
-
* Common base interface for Secret Storage Keys.
|
36
|
-
*
|
37
|
-
* The common properties for all encryption keys used in server-side secret storage.
|
38
|
-
*
|
39
|
-
* @see https://spec.matrix.org/v1.6/client-server-api/#key-storage
|
40
|
-
*/
|
41
|
-
export interface SecretStorageKeyDescriptionCommon {
|
42
|
-
/** A human-readable name for this key. */
|
43
|
-
// XXX: according to the spec, this is optional
|
44
|
-
name: string;
|
45
|
-
|
46
|
-
/** The encryption algorithm used with this key. */
|
47
|
-
algorithm: string;
|
48
|
-
|
49
|
-
/** Information for deriving this key from a passphrase. */
|
50
|
-
// XXX: according to the spec, this is optional
|
51
|
-
passphrase: PassphraseInfo;
|
52
|
-
}
|
53
|
-
|
54
|
-
/**
|
55
|
-
* Properties for a SSSS key using the `m.secret_storage.v1.aes-hmac-sha2` algorithm.
|
56
|
-
*
|
57
|
-
* Corresponds to `AesHmacSha2KeyDescription` in the specification.
|
58
|
-
*
|
59
|
-
* @see https://spec.matrix.org/v1.6/client-server-api/#msecret_storagev1aes-hmac-sha2
|
60
|
-
*/
|
61
|
-
export interface SecretStorageKeyDescriptionAesV1 extends SecretStorageKeyDescriptionCommon {
|
62
|
-
// XXX: strictly speaking, we should be able to enforce the algorithm here. But
|
63
|
-
// this interface ends up being incorrectly used where other algorithms are in use (notably
|
64
|
-
// in device-dehydration support), and unpicking that is too much like hard work
|
65
|
-
// at the moment.
|
66
|
-
// algorithm: "m.secret_storage.v1.aes-hmac-sha2";
|
67
|
-
|
68
|
-
/** The 16-byte AES initialization vector, encoded as base64. */
|
69
|
-
iv: string;
|
70
|
-
|
71
|
-
/** The MAC of the result of encrypting 32 bytes of 0, encoded as base64. */
|
72
|
-
mac: string;
|
73
|
-
}
|
74
|
-
|
75
|
-
/**
|
76
|
-
* Union type for secret storage keys.
|
77
|
-
*
|
78
|
-
* For now, this is only {@link SecretStorageKeyDescriptionAesV1}, but other interfaces may be added in future.
|
79
|
-
*/
|
80
|
-
export type SecretStorageKeyDescription = SecretStorageKeyDescriptionAesV1;
|
81
|
-
|
82
|
-
/**
|
83
|
-
* Information on how to generate the key from a passphrase.
|
84
|
-
*
|
85
|
-
* @see https://spec.matrix.org/v1.6/client-server-api/#deriving-keys-from-passphrases
|
86
|
-
*/
|
87
|
-
export interface PassphraseInfo {
|
88
|
-
/** The algorithm to be used to derive the key. */
|
89
|
-
algorithm: "m.pbkdf2";
|
90
|
-
|
91
|
-
/** The number of PBKDF2 iterations to use. */
|
92
|
-
iterations: number;
|
93
|
-
|
94
|
-
/** The salt to be used for PBKDF2. */
|
95
|
-
salt: string;
|
96
|
-
|
97
|
-
/** The number of bits to generate. Defaults to 256. */
|
98
|
-
bits?: number;
|
99
|
-
}
|
100
|
-
|
101
|
-
/**
|
102
|
-
* Options for {@link ServerSideSecretStorageImpl#addKey}.
|
103
|
-
*/
|
104
|
-
export interface AddSecretStorageKeyOpts {
|
105
|
-
/** Information for deriving the key from a passphrase if any. */
|
106
|
-
passphrase?: PassphraseInfo;
|
107
|
-
/** Optional name of the key. */
|
108
|
-
name?: string;
|
109
|
-
/** The private key. Will be used to generate the key check values in the key info; it will not be stored on the server */
|
110
|
-
key: Uint8Array;
|
111
|
-
}
|
112
|
-
|
113
|
-
/**
|
114
|
-
* Return type for {@link ServerSideSecretStorageImpl#getKey}.
|
115
|
-
*/
|
116
|
-
export type SecretStorageKeyTuple = [keyId: string, keyInfo: SecretStorageKeyDescription];
|
117
|
-
|
118
|
-
/**
|
119
|
-
* Return type for {@link ServerSideSecretStorageImpl#addKey}.
|
120
|
-
*/
|
121
|
-
export type SecretStorageKeyObject = {
|
122
|
-
/** The ID of the key */
|
123
|
-
keyId: string;
|
124
|
-
/** details about the key */
|
125
|
-
keyInfo: SecretStorageKeyDescription;
|
126
|
-
};
|
127
|
-
|
128
|
-
/** Interface for managing account data on the server.
|
129
|
-
*
|
130
|
-
* A subset of {@link MatrixClient}.
|
131
|
-
*/
|
132
|
-
export interface AccountDataClient extends TypedEventEmitter<ClientEvent.AccountData, ClientEventHandlerMap> {
|
133
|
-
/**
|
134
|
-
* Get account data event of given type for the current user. This variant
|
135
|
-
* gets account data directly from the homeserver if the local store is not
|
136
|
-
* ready, which can be useful very early in startup before the initial sync.
|
137
|
-
*
|
138
|
-
* @param eventType - The type of account data
|
139
|
-
* @returns The contents of the given account data event, or `null` if the event is not found
|
140
|
-
*/
|
141
|
-
getAccountDataFromServer: <T extends Record<string, any>>(eventType: string) => Promise<T | null>;
|
142
|
-
|
143
|
-
/**
|
144
|
-
* Set account data event for the current user, with retries
|
145
|
-
*
|
146
|
-
* @param eventType - The type of account data
|
147
|
-
* @param content - the content object to be set
|
148
|
-
* @returns an empty object
|
149
|
-
*/
|
150
|
-
setAccountData: (eventType: string, content: any) => Promise<{}>;
|
151
|
-
}
|
152
|
-
|
153
|
-
/**
|
154
|
-
* Application callbacks for use with {@link SecretStorage.ServerSideSecretStorageImpl}
|
155
|
-
*/
|
156
|
-
export interface SecretStorageCallbacks {
|
157
|
-
/**
|
158
|
-
* Called to retrieve a secret storage encryption key
|
159
|
-
*
|
160
|
-
* Before a secret can be stored in server-side storage, it must be encrypted with one or more
|
161
|
-
* keys. Similarly, after it has been retrieved from storage, it must be decrypted with one of
|
162
|
-
* the keys it was encrypted with. These encryption keys are known as "secret storage keys".
|
163
|
-
*
|
164
|
-
* Descriptions of the secret storage keys are also stored in server-side storage, per the
|
165
|
-
* [matrix specification](https://spec.matrix.org/v1.6/client-server-api/#key-storage), so
|
166
|
-
* before a key can be used in this way, it must have been stored on the server. This is
|
167
|
-
* done via {@link ServerSideSecretStorage#addKey}.
|
168
|
-
*
|
169
|
-
* Obviously the keys themselves are not stored server-side, so the js-sdk calls this callback
|
170
|
-
* in order to retrieve a secret storage key from the application.
|
171
|
-
*
|
172
|
-
* @param keys - An options object, containing only the property `keys`.
|
173
|
-
*
|
174
|
-
* @param name - the name of the *secret* (NB: not the encryption key) being stored or retrieved.
|
175
|
-
* This is the "event type" stored in account data.
|
176
|
-
*
|
177
|
-
* @returns a pair [`keyId`, `privateKey`], where `keyId` is one of the keys from the `keys` parameter,
|
178
|
-
* and `privateKey` is the raw private encryption key, as appropriate for the encryption algorithm.
|
179
|
-
* (For `m.secret_storage.v1.aes-hmac-sha2`, it is the input to an HKDF as defined in the
|
180
|
-
* [specification](https://spec.matrix.org/v1.6/client-server-api/#msecret_storagev1aes-hmac-sha2).)
|
181
|
-
*
|
182
|
-
* Alternatively, if none of the keys are known, may return `null` — in which case the original
|
183
|
-
* storage/retrieval operation will fail with an exception.
|
184
|
-
*/
|
185
|
-
getSecretStorageKey?: (
|
186
|
-
keys: {
|
187
|
-
/**
|
188
|
-
* details of the secret storage keys required: a map from the key ID
|
189
|
-
* (excluding the `m.secret_storage.key.` prefix) to details of the key.
|
190
|
-
*
|
191
|
-
* When storing a secret, `keys` will contain exactly one entry; this method will be called
|
192
|
-
* once for each secret storage key to be used for encryption.
|
193
|
-
*
|
194
|
-
* For secret retrieval, `keys` may contain several entries, and the application can return
|
195
|
-
* any one of the requested keys.
|
196
|
-
*/
|
197
|
-
keys: Record<string, SecretStorageKeyDescription>;
|
198
|
-
},
|
199
|
-
name: string,
|
200
|
-
) => Promise<[string, Uint8Array] | null>;
|
201
|
-
}
|
202
|
-
|
203
|
-
interface SecretInfo {
|
204
|
-
encrypted: {
|
205
|
-
[keyId: string]: AESEncryptedSecretStoragePayload;
|
206
|
-
};
|
207
|
-
}
|
208
|
-
|
209
|
-
interface Decryptors {
|
210
|
-
encrypt: (plaintext: string) => Promise<AESEncryptedSecretStoragePayload>;
|
211
|
-
decrypt: (ciphertext: AESEncryptedSecretStoragePayload) => Promise<string>;
|
212
|
-
}
|
213
|
-
|
214
|
-
/**
|
215
|
-
* Interface provided by SecretStorage implementations
|
216
|
-
*
|
217
|
-
* Normally this will just be an {@link ServerSideSecretStorageImpl}, but for backwards
|
218
|
-
* compatibility some methods allow other implementations.
|
219
|
-
*/
|
220
|
-
export interface ServerSideSecretStorage {
|
221
|
-
/**
|
222
|
-
* Add a key for encrypting secrets.
|
223
|
-
*
|
224
|
-
* @param algorithm - the algorithm used by the key.
|
225
|
-
* @param opts - the options for the algorithm. The properties used
|
226
|
-
* depend on the algorithm given.
|
227
|
-
* @param keyId - the ID of the key. If not given, a random
|
228
|
-
* ID will be generated.
|
229
|
-
*
|
230
|
-
* @returns details about the key.
|
231
|
-
*/
|
232
|
-
addKey(algorithm: string, opts: AddSecretStorageKeyOpts, keyId?: string): Promise<SecretStorageKeyObject>;
|
233
|
-
|
234
|
-
/**
|
235
|
-
* Get the key information for a given ID.
|
236
|
-
*
|
237
|
-
* @param keyId - The ID of the key to check
|
238
|
-
* for. Defaults to the default key ID if not provided.
|
239
|
-
* @returns If the key was found, the return value is an array of
|
240
|
-
* the form [keyId, keyInfo]. Otherwise, null is returned.
|
241
|
-
* XXX: why is this an array when addKey returns an object?
|
242
|
-
*/
|
243
|
-
getKey(keyId?: string | null): Promise<SecretStorageKeyTuple | null>;
|
244
|
-
|
245
|
-
/**
|
246
|
-
* Check whether we have a key with a given ID.
|
247
|
-
*
|
248
|
-
* @param keyId - The ID of the key to check
|
249
|
-
* for. Defaults to the default key ID if not provided.
|
250
|
-
* @returns Whether we have the key.
|
251
|
-
*/
|
252
|
-
hasKey(keyId?: string): Promise<boolean>;
|
253
|
-
|
254
|
-
/**
|
255
|
-
* Check whether a key matches what we expect based on the key info
|
256
|
-
*
|
257
|
-
* @param key - the key to check
|
258
|
-
* @param info - the key info
|
259
|
-
*
|
260
|
-
* @returns whether or not the key matches
|
261
|
-
*/
|
262
|
-
checkKey(key: Uint8Array, info: SecretStorageKeyDescriptionAesV1): Promise<boolean>;
|
263
|
-
|
264
|
-
/**
|
265
|
-
* Store an encrypted secret on the server.
|
266
|
-
*
|
267
|
-
* Details of the encryption keys to be used must previously have been stored in account data
|
268
|
-
* (for example, via {@link ServerSideSecretStorage#addKey}.
|
269
|
-
*
|
270
|
-
* @param name - The name of the secret - i.e., the "event type" to be stored in the account data
|
271
|
-
* @param secret - The secret contents.
|
272
|
-
* @param keys - The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key
|
273
|
-
* (will throw if no default key is set).
|
274
|
-
*/
|
275
|
-
store(name: string, secret: string, keys?: string[] | null): Promise<void>;
|
276
|
-
|
277
|
-
/**
|
278
|
-
* Get a secret from storage, and decrypt it.
|
279
|
-
*
|
280
|
-
* @param name - the name of the secret - i.e., the "event type" stored in the account data
|
281
|
-
*
|
282
|
-
* @returns the decrypted contents of the secret, or "undefined" if `name` is not found in
|
283
|
-
* the user's account data.
|
284
|
-
*/
|
285
|
-
get(name: string): Promise<string | undefined>;
|
286
|
-
|
287
|
-
/**
|
288
|
-
* Check if a secret is stored on the server.
|
289
|
-
*
|
290
|
-
* @param name - the name of the secret
|
291
|
-
*
|
292
|
-
* @returns map of key name to key info the secret is encrypted
|
293
|
-
* with, or null if it is not present or not encrypted with a trusted
|
294
|
-
* key
|
295
|
-
*/
|
296
|
-
isStored(name: string): Promise<Record<string, SecretStorageKeyDescriptionAesV1> | null>;
|
297
|
-
|
298
|
-
/**
|
299
|
-
* Get the current default key ID for encrypting secrets.
|
300
|
-
*
|
301
|
-
* @returns The default key ID or null if no default key ID is set
|
302
|
-
*/
|
303
|
-
getDefaultKeyId(): Promise<string | null>;
|
304
|
-
|
305
|
-
/**
|
306
|
-
* Set the default key ID for encrypting secrets.
|
307
|
-
*
|
308
|
-
* @param keyId - The new default key ID
|
309
|
-
*/
|
310
|
-
setDefaultKeyId(keyId: string): Promise<void>;
|
311
|
-
}
|
312
|
-
|
313
|
-
/**
|
314
|
-
* Implementation of Server-side secret storage.
|
315
|
-
*
|
316
|
-
* Secret *sharing* is *not* implemented here: this class is strictly about the storage component of
|
317
|
-
* SSSS.
|
318
|
-
*
|
319
|
-
* @see https://spec.matrix.org/v1.6/client-server-api/#storage
|
320
|
-
*/
|
321
|
-
export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
|
322
|
-
/**
|
323
|
-
* Construct a new `SecretStorage`.
|
324
|
-
*
|
325
|
-
* Normally, it is unnecessary to call this directly, since MatrixClient automatically constructs one.
|
326
|
-
* However, it may be useful to construct a new `SecretStorage`, if custom `callbacks` are required, for example.
|
327
|
-
*
|
328
|
-
* @param accountDataAdapter - interface for fetching and setting account data on the server. Normally an instance
|
329
|
-
* of {@link MatrixClient}.
|
330
|
-
* @param callbacks - application level callbacks for retrieving secret keys
|
331
|
-
*/
|
332
|
-
public constructor(
|
333
|
-
private readonly accountDataAdapter: AccountDataClient,
|
334
|
-
private readonly callbacks: SecretStorageCallbacks,
|
335
|
-
) {}
|
336
|
-
|
337
|
-
/**
|
338
|
-
* Get the current default key ID for encrypting secrets.
|
339
|
-
*
|
340
|
-
* @returns The default key ID or null if no default key ID is set
|
341
|
-
*/
|
342
|
-
public async getDefaultKeyId(): Promise<string | null> {
|
343
|
-
const defaultKey = await this.accountDataAdapter.getAccountDataFromServer<{ key: string }>(
|
344
|
-
"m.secret_storage.default_key",
|
345
|
-
);
|
346
|
-
if (!defaultKey) return null;
|
347
|
-
return defaultKey.key;
|
348
|
-
}
|
349
|
-
|
350
|
-
/**
|
351
|
-
* Set the default key ID for encrypting secrets.
|
352
|
-
*
|
353
|
-
* @param keyId - The new default key ID
|
354
|
-
*/
|
355
|
-
public setDefaultKeyId(keyId: string): Promise<void> {
|
356
|
-
return new Promise<void>((resolve, reject) => {
|
357
|
-
const listener = (ev: MatrixEvent): void => {
|
358
|
-
if (ev.getType() === "m.secret_storage.default_key" && ev.getContent().key === keyId) {
|
359
|
-
this.accountDataAdapter.removeListener(ClientEvent.AccountData, listener);
|
360
|
-
resolve();
|
361
|
-
}
|
362
|
-
};
|
363
|
-
this.accountDataAdapter.on(ClientEvent.AccountData, listener);
|
364
|
-
|
365
|
-
this.accountDataAdapter.setAccountData("m.secret_storage.default_key", { key: keyId }).catch((e) => {
|
366
|
-
this.accountDataAdapter.removeListener(ClientEvent.AccountData, listener);
|
367
|
-
reject(e);
|
368
|
-
});
|
369
|
-
});
|
370
|
-
}
|
371
|
-
|
372
|
-
/**
|
373
|
-
* Add a key for encrypting secrets.
|
374
|
-
*
|
375
|
-
* @param algorithm - the algorithm used by the key.
|
376
|
-
* @param opts - the options for the algorithm. The properties used
|
377
|
-
* depend on the algorithm given.
|
378
|
-
* @param keyId - the ID of the key. If not given, a random
|
379
|
-
* ID will be generated.
|
380
|
-
*
|
381
|
-
* @returns An object with:
|
382
|
-
* keyId: the ID of the key
|
383
|
-
* keyInfo: details about the key (iv, mac, passphrase)
|
384
|
-
*/
|
385
|
-
public async addKey(
|
386
|
-
algorithm: string,
|
387
|
-
opts: AddSecretStorageKeyOpts,
|
388
|
-
keyId?: string,
|
389
|
-
): Promise<SecretStorageKeyObject> {
|
390
|
-
if (algorithm !== SECRET_STORAGE_ALGORITHM_V1_AES) {
|
391
|
-
throw new Error(`Unknown key algorithm ${algorithm}`);
|
392
|
-
}
|
393
|
-
|
394
|
-
const keyInfo = { algorithm } as SecretStorageKeyDescriptionAesV1;
|
395
|
-
|
396
|
-
if (opts.name) {
|
397
|
-
keyInfo.name = opts.name;
|
398
|
-
}
|
399
|
-
|
400
|
-
if (opts.passphrase) {
|
401
|
-
keyInfo.passphrase = opts.passphrase;
|
402
|
-
}
|
403
|
-
|
404
|
-
const { iv, mac } = await calculateKeyCheck(opts.key);
|
405
|
-
keyInfo.iv = iv;
|
406
|
-
keyInfo.mac = mac;
|
407
|
-
|
408
|
-
// Create a unique key id. XXX: this is racey.
|
409
|
-
if (!keyId) {
|
410
|
-
do {
|
411
|
-
keyId = randomString(32);
|
412
|
-
} while (
|
413
|
-
await this.accountDataAdapter.getAccountDataFromServer<SecretStorageKeyDescription>(
|
414
|
-
`m.secret_storage.key.${keyId}`,
|
415
|
-
)
|
416
|
-
);
|
417
|
-
}
|
418
|
-
|
419
|
-
await this.accountDataAdapter.setAccountData(`m.secret_storage.key.${keyId}`, keyInfo);
|
420
|
-
|
421
|
-
return {
|
422
|
-
keyId,
|
423
|
-
keyInfo,
|
424
|
-
};
|
425
|
-
}
|
426
|
-
|
427
|
-
/**
|
428
|
-
* Get the key information for a given ID.
|
429
|
-
*
|
430
|
-
* @param keyId - The ID of the key to check
|
431
|
-
* for. Defaults to the default key ID if not provided.
|
432
|
-
* @returns If the key was found, the return value is an array of
|
433
|
-
* the form [keyId, keyInfo]. Otherwise, null is returned.
|
434
|
-
* XXX: why is this an array when addKey returns an object?
|
435
|
-
*/
|
436
|
-
public async getKey(keyId?: string | null): Promise<SecretStorageKeyTuple | null> {
|
437
|
-
if (!keyId) {
|
438
|
-
keyId = await this.getDefaultKeyId();
|
439
|
-
}
|
440
|
-
if (!keyId) {
|
441
|
-
return null;
|
442
|
-
}
|
443
|
-
|
444
|
-
const keyInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretStorageKeyDescriptionAesV1>(
|
445
|
-
"m.secret_storage.key." + keyId,
|
446
|
-
);
|
447
|
-
return keyInfo ? [keyId, keyInfo] : null;
|
448
|
-
}
|
449
|
-
|
450
|
-
/**
|
451
|
-
* Check whether we have a key with a given ID.
|
452
|
-
*
|
453
|
-
* @param keyId - The ID of the key to check
|
454
|
-
* for. Defaults to the default key ID if not provided.
|
455
|
-
* @returns Whether we have the key.
|
456
|
-
*/
|
457
|
-
public async hasKey(keyId?: string): Promise<boolean> {
|
458
|
-
const key = await this.getKey(keyId);
|
459
|
-
return Boolean(key);
|
460
|
-
}
|
461
|
-
|
462
|
-
/**
|
463
|
-
* Check whether a key matches what we expect based on the key info
|
464
|
-
*
|
465
|
-
* @param key - the key to check
|
466
|
-
* @param info - the key info
|
467
|
-
*
|
468
|
-
* @returns whether or not the key matches
|
469
|
-
*/
|
470
|
-
public async checkKey(key: Uint8Array, info: SecretStorageKeyDescriptionAesV1): Promise<boolean> {
|
471
|
-
if (info.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
|
472
|
-
if (info.mac) {
|
473
|
-
const { mac } = await calculateKeyCheck(key, info.iv);
|
474
|
-
return trimTrailingEquals(info.mac) === trimTrailingEquals(mac);
|
475
|
-
} else {
|
476
|
-
// if we have no information, we have to assume the key is right
|
477
|
-
return true;
|
478
|
-
}
|
479
|
-
} else {
|
480
|
-
throw new Error("Unknown algorithm");
|
481
|
-
}
|
482
|
-
}
|
483
|
-
|
484
|
-
/**
|
485
|
-
* Store an encrypted secret on the server.
|
486
|
-
*
|
487
|
-
* Details of the encryption keys to be used must previously have been stored in account data
|
488
|
-
* (for example, via {@link ServerSideSecretStorageImpl#addKey}. {@link SecretStorageCallbacks#getSecretStorageKey} will be called to obtain a secret storage
|
489
|
-
* key to decrypt the secret.
|
490
|
-
*
|
491
|
-
* @param name - The name of the secret - i.e., the "event type" to be stored in the account data
|
492
|
-
* @param secret - The secret contents.
|
493
|
-
* @param keys - The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key.
|
494
|
-
*/
|
495
|
-
public async store(name: string, secret: string, keys?: string[] | null): Promise<void> {
|
496
|
-
const encrypted: Record<string, AESEncryptedSecretStoragePayload> = {};
|
497
|
-
|
498
|
-
if (!keys) {
|
499
|
-
const defaultKeyId = await this.getDefaultKeyId();
|
500
|
-
if (!defaultKeyId) {
|
501
|
-
throw new Error("No keys specified and no default key present");
|
502
|
-
}
|
503
|
-
keys = [defaultKeyId];
|
504
|
-
}
|
505
|
-
|
506
|
-
if (keys.length === 0) {
|
507
|
-
throw new Error("Zero keys given to encrypt with!");
|
508
|
-
}
|
509
|
-
|
510
|
-
for (const keyId of keys) {
|
511
|
-
// get key information from key storage
|
512
|
-
const keyInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretStorageKeyDescriptionAesV1>(
|
513
|
-
"m.secret_storage.key." + keyId,
|
514
|
-
);
|
515
|
-
if (!keyInfo) {
|
516
|
-
throw new Error("Unknown key: " + keyId);
|
517
|
-
}
|
518
|
-
|
519
|
-
// encrypt secret, based on the algorithm
|
520
|
-
if (keyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
|
521
|
-
const keys = { [keyId]: keyInfo };
|
522
|
-
const [, encryption] = await this.getSecretStorageKey(keys, name);
|
523
|
-
encrypted[keyId] = await encryption.encrypt(secret);
|
524
|
-
} else {
|
525
|
-
logger.warn("unknown algorithm for secret storage key " + keyId + ": " + keyInfo.algorithm);
|
526
|
-
// do nothing if we don't understand the encryption algorithm
|
527
|
-
}
|
528
|
-
}
|
529
|
-
|
530
|
-
// save encrypted secret
|
531
|
-
await this.accountDataAdapter.setAccountData(name, { encrypted });
|
532
|
-
}
|
533
|
-
|
534
|
-
/**
|
535
|
-
* Get a secret from storage, and decrypt it.
|
536
|
-
*
|
537
|
-
* {@link SecretStorageCallbacks#getSecretStorageKey} will be called to obtain a secret storage
|
538
|
-
* key to decrypt the secret.
|
539
|
-
*
|
540
|
-
* @param name - the name of the secret - i.e., the "event type" stored in the account data
|
541
|
-
*
|
542
|
-
* @returns the decrypted contents of the secret, or "undefined" if `name` is not found in
|
543
|
-
* the user's account data.
|
544
|
-
*/
|
545
|
-
public async get(name: string): Promise<string | undefined> {
|
546
|
-
const secretInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretInfo>(name);
|
547
|
-
if (!secretInfo) {
|
548
|
-
return;
|
549
|
-
}
|
550
|
-
if (!secretInfo.encrypted) {
|
551
|
-
throw new Error("Content is not encrypted!");
|
552
|
-
}
|
553
|
-
|
554
|
-
// get possible keys to decrypt
|
555
|
-
const keys: Record<string, SecretStorageKeyDescriptionAesV1> = {};
|
556
|
-
for (const keyId of Object.keys(secretInfo.encrypted)) {
|
557
|
-
// get key information from key storage
|
558
|
-
const keyInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretStorageKeyDescriptionAesV1>(
|
559
|
-
"m.secret_storage.key." + keyId,
|
560
|
-
);
|
561
|
-
const encInfo = secretInfo.encrypted[keyId];
|
562
|
-
// only use keys we understand the encryption algorithm of
|
563
|
-
if (keyInfo?.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
|
564
|
-
if (encInfo.iv && encInfo.ciphertext && encInfo.mac) {
|
565
|
-
keys[keyId] = keyInfo;
|
566
|
-
}
|
567
|
-
}
|
568
|
-
}
|
569
|
-
|
570
|
-
if (Object.keys(keys).length === 0) {
|
571
|
-
throw new Error(
|
572
|
-
`Could not decrypt ${name} because none of ` +
|
573
|
-
`the keys it is encrypted with are for a supported algorithm`,
|
574
|
-
);
|
575
|
-
}
|
576
|
-
|
577
|
-
// fetch private key from app
|
578
|
-
const [keyId, decryption] = await this.getSecretStorageKey(keys, name);
|
579
|
-
const encInfo = secretInfo.encrypted[keyId];
|
580
|
-
|
581
|
-
return decryption.decrypt(encInfo);
|
582
|
-
}
|
583
|
-
|
584
|
-
/**
|
585
|
-
* Check if a secret is stored on the server.
|
586
|
-
*
|
587
|
-
* @param name - the name of the secret
|
588
|
-
*
|
589
|
-
* @returns map of key name to key info the secret is encrypted
|
590
|
-
* with, or null if it is not present or not encrypted with a trusted
|
591
|
-
* key
|
592
|
-
*/
|
593
|
-
public async isStored(name: string): Promise<Record<string, SecretStorageKeyDescriptionAesV1> | null> {
|
594
|
-
// check if secret exists
|
595
|
-
const secretInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretInfo>(name);
|
596
|
-
if (!secretInfo?.encrypted) return null;
|
597
|
-
|
598
|
-
const ret: Record<string, SecretStorageKeyDescriptionAesV1> = {};
|
599
|
-
|
600
|
-
// filter secret encryption keys with supported algorithm
|
601
|
-
for (const keyId of Object.keys(secretInfo.encrypted)) {
|
602
|
-
// get key information from key storage
|
603
|
-
const keyInfo = await this.accountDataAdapter.getAccountDataFromServer<SecretStorageKeyDescriptionAesV1>(
|
604
|
-
"m.secret_storage.key." + keyId,
|
605
|
-
);
|
606
|
-
if (!keyInfo) continue;
|
607
|
-
const encInfo = secretInfo.encrypted[keyId];
|
608
|
-
|
609
|
-
// only use keys we understand the encryption algorithm of
|
610
|
-
if (keyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
|
611
|
-
if (encInfo.iv && encInfo.ciphertext && encInfo.mac) {
|
612
|
-
ret[keyId] = keyInfo;
|
613
|
-
}
|
614
|
-
}
|
615
|
-
}
|
616
|
-
return Object.keys(ret).length ? ret : null;
|
617
|
-
}
|
618
|
-
|
619
|
-
private async getSecretStorageKey(
|
620
|
-
keys: Record<string, SecretStorageKeyDescriptionAesV1>,
|
621
|
-
name: string,
|
622
|
-
): Promise<[string, Decryptors]> {
|
623
|
-
if (!this.callbacks.getSecretStorageKey) {
|
624
|
-
throw new Error("No getSecretStorageKey callback supplied");
|
625
|
-
}
|
626
|
-
|
627
|
-
const returned = await this.callbacks.getSecretStorageKey({ keys }, name);
|
628
|
-
|
629
|
-
if (!returned) {
|
630
|
-
throw new Error("getSecretStorageKey callback returned falsey");
|
631
|
-
}
|
632
|
-
if (returned.length < 2) {
|
633
|
-
throw new Error("getSecretStorageKey callback returned invalid data");
|
634
|
-
}
|
635
|
-
|
636
|
-
const [keyId, privateKey] = returned;
|
637
|
-
if (!keys[keyId]) {
|
638
|
-
throw new Error("App returned unknown key from getSecretStorageKey!");
|
639
|
-
}
|
640
|
-
|
641
|
-
if (keys[keyId].algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
|
642
|
-
const decryption = {
|
643
|
-
encrypt: function (secret: string): Promise<AESEncryptedSecretStoragePayload> {
|
644
|
-
return encryptAESSecretStorageItem(secret, privateKey, name);
|
645
|
-
},
|
646
|
-
decrypt: function (encInfo: AESEncryptedSecretStoragePayload): Promise<string> {
|
647
|
-
return decryptAESSecretStorageItem(encInfo, privateKey, name);
|
648
|
-
},
|
649
|
-
};
|
650
|
-
return [keyId, decryption];
|
651
|
-
} else {
|
652
|
-
throw new Error("Unknown key type: " + keys[keyId].algorithm);
|
653
|
-
}
|
654
|
-
}
|
655
|
-
}
|
656
|
-
|
657
|
-
/** trim trailing instances of '=' from a string
|
658
|
-
*
|
659
|
-
* @internal
|
660
|
-
*
|
661
|
-
* @param input - input string
|
662
|
-
*/
|
663
|
-
export function trimTrailingEquals(input: string): string {
|
664
|
-
// according to Sonar and CodeQL, a regex such as /=+$/ is superlinear.
|
665
|
-
// Not sure I believe it, but it's easy enough to work around.
|
666
|
-
|
667
|
-
// find the number of characters before the trailing =
|
668
|
-
let i = input.length;
|
669
|
-
while (i >= 1 && input.charCodeAt(i - 1) == 0x3d) i--;
|
670
|
-
|
671
|
-
// trim to the calculated length
|
672
|
-
if (i < input.length) {
|
673
|
-
return input.substring(0, i);
|
674
|
-
} else {
|
675
|
-
return input;
|
676
|
-
}
|
677
|
-
}
|
678
|
-
|
679
|
-
// string of zeroes, for calculating the key check
|
680
|
-
const ZERO_STR = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
681
|
-
|
682
|
-
/**
|
683
|
-
* Calculate the MAC for checking the key.
|
684
|
-
* See https://spec.matrix.org/v1.11/client-server-api/#msecret_storagev1aes-hmac-sha2, steps 3 and 4.
|
685
|
-
*
|
686
|
-
* @param key - the key to use
|
687
|
-
* @param iv - The initialization vector as a base64-encoded string.
|
688
|
-
* If omitted, a random initialization vector will be created.
|
689
|
-
* @returns An object that contains, `mac` and `iv` properties.
|
690
|
-
*/
|
691
|
-
export function calculateKeyCheck(key: Uint8Array, iv?: string): Promise<AESEncryptedSecretStoragePayload> {
|
692
|
-
return encryptAESSecretStorageItem(ZERO_STR, key, "", iv);
|
693
|
-
}
|