@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-3
Sign up to get free protection for your applications and to get access to all the features.
- package/git-revision.txt +1 -1
- package/lib/@types/global.d.js +0 -2
- package/lib/@types/global.d.js.map +1 -1
- package/lib/browser-index.d.ts.map +1 -1
- package/lib/browser-index.js +0 -11
- package/lib/browser-index.js.map +1 -1
- package/lib/client.d.ts +2 -1176
- package/lib/client.d.ts.map +1 -1
- package/lib/client.js +346 -2717
- package/lib/client.js.map +1 -1
- package/lib/embedded.d.ts +0 -22
- package/lib/embedded.d.ts.map +1 -1
- package/lib/embedded.js +24 -166
- package/lib/embedded.js.map +1 -1
- package/lib/event-mapper.d.ts.map +1 -1
- package/lib/event-mapper.js +0 -4
- package/lib/event-mapper.js.map +1 -1
- package/lib/matrix.d.ts +0 -19
- package/lib/matrix.d.ts.map +1 -1
- package/lib/matrix.js +1 -26
- package/lib/matrix.js.map +1 -1
- package/lib/models/MSC3089Branch.d.ts.map +1 -1
- package/lib/models/MSC3089Branch.js +0 -3
- package/lib/models/MSC3089Branch.js.map +1 -1
- package/lib/models/event.d.ts +0 -94
- package/lib/models/event.d.ts.map +1 -1
- package/lib/models/event.js +0 -274
- package/lib/models/event.js.map +1 -1
- package/lib/models/poll.d.ts.map +1 -1
- package/lib/models/poll.js +1 -5
- package/lib/models/poll.js.map +1 -1
- package/lib/models/relations-container.d.ts.map +1 -1
- package/lib/models/relations-container.js +1 -7
- package/lib/models/relations-container.js.map +1 -1
- package/lib/models/relations.d.ts +0 -1
- package/lib/models/relations.d.ts.map +1 -1
- package/lib/models/relations.js +0 -8
- package/lib/models/relations.js.map +1 -1
- package/lib/models/room-state.d.ts.map +1 -1
- package/lib/models/room-state.js +10 -26
- package/lib/models/room-state.js.map +1 -1
- package/lib/models/room.d.ts +0 -18
- package/lib/models/room.d.ts.map +1 -1
- package/lib/models/room.js +94 -148
- package/lib/models/room.js.map +1 -1
- package/lib/models/thread.d.ts.map +1 -1
- package/lib/models/thread.js +0 -1
- package/lib/models/thread.js.map +1 -1
- package/lib/sliding-sync-sdk.d.ts +2 -3
- package/lib/sliding-sync-sdk.d.ts.map +1 -1
- package/lib/sliding-sync-sdk.js +41 -90
- package/lib/sliding-sync-sdk.js.map +1 -1
- package/lib/sync.d.ts +0 -12
- package/lib/sync.d.ts.map +1 -1
- package/lib/sync.js +1 -73
- package/lib/sync.js.map +1 -1
- package/lib/testing.d.ts +0 -48
- package/lib/testing.d.ts.map +1 -1
- package/lib/testing.js +0 -105
- package/lib/testing.js.map +1 -1
- package/package.json +1 -3
- package/src/@types/global.d.ts +0 -3
- package/src/browser-index.ts +0 -11
- package/src/client.ts +57 -2732
- package/src/embedded.ts +3 -130
- package/src/event-mapper.ts +0 -4
- package/src/matrix.ts +0 -28
- package/src/models/MSC3089Branch.ts +0 -3
- package/src/models/event.ts +0 -289
- package/src/models/poll.ts +0 -6
- package/src/models/relations-container.ts +1 -8
- package/src/models/relations.ts +0 -8
- package/src/models/room-state.ts +2 -8
- package/src/models/room.ts +0 -62
- package/src/models/thread.ts +0 -1
- package/src/sliding-sync-sdk.ts +2 -72
- package/src/sync.ts +1 -98
- package/src/testing.ts +0 -108
- package/lib/@types/crypto.d.ts +0 -47
- package/lib/@types/crypto.d.ts.map +0 -1
- package/lib/@types/crypto.js +0 -1
- package/lib/@types/crypto.js.map +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js.map +0 -1
- package/lib/common-crypto/CryptoBackend.d.ts +0 -240
- package/lib/common-crypto/CryptoBackend.d.ts.map +0 -1
- package/lib/common-crypto/CryptoBackend.js +0 -73
- package/lib/common-crypto/CryptoBackend.js.map +0 -1
- package/lib/common-crypto/key-passphrase.d.ts +0 -14
- package/lib/common-crypto/key-passphrase.d.ts.map +0 -1
- package/lib/common-crypto/key-passphrase.js +0 -33
- package/lib/common-crypto/key-passphrase.js.map +0 -1
- package/lib/crypto/CrossSigning.d.ts +0 -184
- package/lib/crypto/CrossSigning.d.ts.map +0 -1
- package/lib/crypto/CrossSigning.js +0 -718
- package/lib/crypto/CrossSigning.js.map +0 -1
- package/lib/crypto/DeviceList.d.ts +0 -216
- package/lib/crypto/DeviceList.d.ts.map +0 -1
- package/lib/crypto/DeviceList.js +0 -892
- package/lib/crypto/DeviceList.js.map +0 -1
- package/lib/crypto/EncryptionSetup.d.ts +0 -152
- package/lib/crypto/EncryptionSetup.d.ts.map +0 -1
- package/lib/crypto/EncryptionSetup.js +0 -356
- package/lib/crypto/EncryptionSetup.js.map +0 -1
- package/lib/crypto/OlmDevice.d.ts +0 -457
- package/lib/crypto/OlmDevice.d.ts.map +0 -1
- package/lib/crypto/OlmDevice.js +0 -1241
- package/lib/crypto/OlmDevice.js.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts +0 -109
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.js +0 -415
- package/lib/crypto/OutgoingRoomKeyRequestManager.js.map +0 -1
- package/lib/crypto/RoomList.d.ts +0 -26
- package/lib/crypto/RoomList.d.ts.map +0 -1
- package/lib/crypto/RoomList.js +0 -71
- package/lib/crypto/RoomList.js.map +0 -1
- package/lib/crypto/SecretSharing.d.ts +0 -24
- package/lib/crypto/SecretSharing.d.ts.map +0 -1
- package/lib/crypto/SecretSharing.js +0 -194
- package/lib/crypto/SecretSharing.js.map +0 -1
- package/lib/crypto/SecretStorage.d.ts +0 -55
- package/lib/crypto/SecretStorage.d.ts.map +0 -1
- package/lib/crypto/SecretStorage.js +0 -118
- package/lib/crypto/SecretStorage.js.map +0 -1
- package/lib/crypto/aes.d.ts +0 -6
- package/lib/crypto/aes.d.ts.map +0 -1
- package/lib/crypto/aes.js +0 -24
- package/lib/crypto/aes.js.map +0 -1
- package/lib/crypto/algorithms/base.d.ts +0 -156
- package/lib/crypto/algorithms/base.d.ts.map +0 -1
- package/lib/crypto/algorithms/base.js +0 -187
- package/lib/crypto/algorithms/base.js.map +0 -1
- package/lib/crypto/algorithms/index.d.ts +0 -4
- package/lib/crypto/algorithms/index.d.ts.map +0 -1
- package/lib/crypto/algorithms/index.js +0 -20
- package/lib/crypto/algorithms/index.js.map +0 -1
- package/lib/crypto/algorithms/megolm.d.ts +0 -385
- package/lib/crypto/algorithms/megolm.d.ts.map +0 -1
- package/lib/crypto/algorithms/megolm.js +0 -1822
- package/lib/crypto/algorithms/megolm.js.map +0 -1
- package/lib/crypto/algorithms/olm.d.ts +0 -5
- package/lib/crypto/algorithms/olm.d.ts.map +0 -1
- package/lib/crypto/algorithms/olm.js +0 -299
- package/lib/crypto/algorithms/olm.js.map +0 -1
- package/lib/crypto/api.d.ts +0 -32
- package/lib/crypto/api.d.ts.map +0 -1
- package/lib/crypto/api.js +0 -22
- package/lib/crypto/api.js.map +0 -1
- package/lib/crypto/backup.d.ts +0 -227
- package/lib/crypto/backup.d.ts.map +0 -1
- package/lib/crypto/backup.js +0 -824
- package/lib/crypto/backup.js.map +0 -1
- package/lib/crypto/crypto.d.ts +0 -3
- package/lib/crypto/crypto.d.ts.map +0 -1
- package/lib/crypto/crypto.js +0 -19
- package/lib/crypto/crypto.js.map +0 -1
- package/lib/crypto/dehydration.d.ts +0 -34
- package/lib/crypto/dehydration.d.ts.map +0 -1
- package/lib/crypto/dehydration.js +0 -252
- package/lib/crypto/dehydration.js.map +0 -1
- package/lib/crypto/device-converter.d.ts +0 -9
- package/lib/crypto/device-converter.d.ts.map +0 -1
- package/lib/crypto/device-converter.js +0 -42
- package/lib/crypto/device-converter.js.map +0 -1
- package/lib/crypto/deviceinfo.d.ts +0 -99
- package/lib/crypto/deviceinfo.d.ts.map +0 -1
- package/lib/crypto/deviceinfo.js +0 -148
- package/lib/crypto/deviceinfo.js.map +0 -1
- package/lib/crypto/index.d.ts +0 -1209
- package/lib/crypto/index.d.ts.map +0 -1
- package/lib/crypto/index.js +0 -4097
- package/lib/crypto/index.js.map +0 -1
- package/lib/crypto/key_passphrase.d.ts +0 -14
- package/lib/crypto/key_passphrase.d.ts.map +0 -1
- package/lib/crypto/key_passphrase.js +0 -44
- package/lib/crypto/key_passphrase.js.map +0 -1
- package/lib/crypto/keybackup.d.ts +0 -18
- package/lib/crypto/keybackup.d.ts.map +0 -1
- package/lib/crypto/keybackup.js +0 -1
- package/lib/crypto/keybackup.js.map +0 -1
- package/lib/crypto/olmlib.d.ts +0 -129
- package/lib/crypto/olmlib.d.ts.map +0 -1
- package/lib/crypto/olmlib.js +0 -492
- package/lib/crypto/olmlib.js.map +0 -1
- package/lib/crypto/recoverykey.d.ts +0 -2
- package/lib/crypto/recoverykey.d.ts.map +0 -1
- package/lib/crypto/recoverykey.js +0 -19
- package/lib/crypto/recoverykey.js.map +0 -1
- package/lib/crypto/store/base.d.ts +0 -252
- package/lib/crypto/store/base.d.ts.map +0 -1
- package/lib/crypto/store/base.js +0 -64
- package/lib/crypto/store/base.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts +0 -187
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.js +0 -1145
- package/lib/crypto/store/indexeddb-crypto-store-backend.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.d.ts +0 -432
- package/lib/crypto/store/indexeddb-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.js +0 -728
- package/lib/crypto/store/indexeddb-crypto-store.js.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.d.ts +0 -119
- package/lib/crypto/store/localStorage-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.js +0 -531
- package/lib/crypto/store/localStorage-crypto-store.js.map +0 -1
- package/lib/crypto/store/memory-crypto-store.d.ts +0 -215
- package/lib/crypto/store/memory-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/memory-crypto-store.js +0 -622
- package/lib/crypto/store/memory-crypto-store.js.map +0 -1
- package/lib/crypto/verification/Base.d.ts +0 -105
- package/lib/crypto/verification/Base.d.ts.map +0 -1
- package/lib/crypto/verification/Base.js +0 -372
- package/lib/crypto/verification/Base.js.map +0 -1
- package/lib/crypto/verification/Error.d.ts +0 -35
- package/lib/crypto/verification/Error.d.ts.map +0 -1
- package/lib/crypto/verification/Error.js +0 -86
- package/lib/crypto/verification/Error.js.map +0 -1
- package/lib/crypto/verification/IllegalMethod.d.ts +0 -15
- package/lib/crypto/verification/IllegalMethod.d.ts.map +0 -1
- package/lib/crypto/verification/IllegalMethod.js +0 -43
- package/lib/crypto/verification/IllegalMethod.js.map +0 -1
- package/lib/crypto/verification/QRCode.d.ts +0 -51
- package/lib/crypto/verification/QRCode.d.ts.map +0 -1
- package/lib/crypto/verification/QRCode.js +0 -277
- package/lib/crypto/verification/QRCode.js.map +0 -1
- package/lib/crypto/verification/SAS.d.ts +0 -27
- package/lib/crypto/verification/SAS.d.ts.map +0 -1
- package/lib/crypto/verification/SAS.js +0 -485
- package/lib/crypto/verification/SAS.js.map +0 -1
- package/lib/crypto/verification/SASDecimal.d.ts +0 -8
- package/lib/crypto/verification/SASDecimal.d.ts.map +0 -1
- package/lib/crypto/verification/SASDecimal.js +0 -34
- package/lib/crypto/verification/SASDecimal.js.map +0 -1
- package/lib/crypto/verification/request/Channel.d.ts +0 -18
- package/lib/crypto/verification/request/Channel.d.ts.map +0 -1
- package/lib/crypto/verification/request/Channel.js +0 -1
- package/lib/crypto/verification/request/Channel.js.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.d.ts +0 -113
- package/lib/crypto/verification/request/InRoomChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.js +0 -351
- package/lib/crypto/verification/request/InRoomChannel.js.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts +0 -105
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.js +0 -328
- package/lib/crypto/verification/request/ToDeviceChannel.js.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.d.ts +0 -227
- package/lib/crypto/verification/request/VerificationRequest.d.ts.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.js +0 -937
- package/lib/crypto/verification/request/VerificationRequest.js.map +0 -1
- package/lib/crypto-api/CryptoEvent.d.ts +0 -69
- package/lib/crypto-api/CryptoEvent.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEvent.js +0 -33
- package/lib/crypto-api/CryptoEvent.js.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts +0 -16
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.js +0 -22
- package/lib/crypto-api/CryptoEventHandlerMap.js.map +0 -1
- package/lib/crypto-api/index.d.ts +0 -978
- package/lib/crypto-api/index.d.ts.map +0 -1
- package/lib/crypto-api/index.js +0 -304
- package/lib/crypto-api/index.js.map +0 -1
- package/lib/crypto-api/key-passphrase.d.ts +0 -11
- package/lib/crypto-api/key-passphrase.d.ts.map +0 -1
- package/lib/crypto-api/key-passphrase.js +0 -51
- package/lib/crypto-api/key-passphrase.js.map +0 -1
- package/lib/crypto-api/keybackup.d.ts +0 -88
- package/lib/crypto-api/keybackup.d.ts.map +0 -1
- package/lib/crypto-api/keybackup.js +0 -1
- package/lib/crypto-api/keybackup.js.map +0 -1
- package/lib/crypto-api/recovery-key.d.ts +0 -11
- package/lib/crypto-api/recovery-key.d.ts.map +0 -1
- package/lib/crypto-api/recovery-key.js +0 -65
- package/lib/crypto-api/recovery-key.js.map +0 -1
- package/lib/crypto-api/verification.d.ts +0 -344
- package/lib/crypto-api/verification.d.ts.map +0 -1
- package/lib/crypto-api/verification.js +0 -91
- package/lib/crypto-api/verification.js.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts +0 -112
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.js +0 -392
- package/lib/rendezvous/MSC4108SignInWithQR.js.map +0 -1
- package/lib/rendezvous/RendezvousChannel.d.ts +0 -27
- package/lib/rendezvous/RendezvousChannel.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousChannel.js +0 -1
- package/lib/rendezvous/RendezvousChannel.js.map +0 -1
- package/lib/rendezvous/RendezvousCode.d.ts +0 -9
- package/lib/rendezvous/RendezvousCode.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousCode.js +0 -1
- package/lib/rendezvous/RendezvousCode.js.map +0 -1
- package/lib/rendezvous/RendezvousError.d.ts +0 -6
- package/lib/rendezvous/RendezvousError.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousError.js +0 -23
- package/lib/rendezvous/RendezvousError.js.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.d.ts +0 -31
- package/lib/rendezvous/RendezvousFailureReason.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.js +0 -38
- package/lib/rendezvous/RendezvousFailureReason.js.map +0 -1
- package/lib/rendezvous/RendezvousIntent.d.ts +0 -5
- package/lib/rendezvous/RendezvousIntent.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousIntent.js +0 -22
- package/lib/rendezvous/RendezvousIntent.js.map +0 -1
- package/lib/rendezvous/RendezvousTransport.d.ts +0 -36
- package/lib/rendezvous/RendezvousTransport.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousTransport.js +0 -1
- package/lib/rendezvous/RendezvousTransport.js.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts +0 -58
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.js +0 -246
- package/lib/rendezvous/channels/MSC4108SecureChannel.js.map +0 -1
- package/lib/rendezvous/channels/index.d.ts +0 -2
- package/lib/rendezvous/channels/index.d.ts.map +0 -1
- package/lib/rendezvous/channels/index.js +0 -18
- package/lib/rendezvous/channels/index.js.map +0 -1
- package/lib/rendezvous/index.d.ts +0 -10
- package/lib/rendezvous/index.d.ts.map +0 -1
- package/lib/rendezvous/index.js +0 -23
- package/lib/rendezvous/index.js.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts +0 -61
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js +0 -253
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js.map +0 -1
- package/lib/rendezvous/transports/index.d.ts +0 -2
- package/lib/rendezvous/transports/index.d.ts.map +0 -1
- package/lib/rendezvous/transports/index.js +0 -18
- package/lib/rendezvous/transports/index.js.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.d.ts +0 -33
- package/lib/rust-crypto/CrossSigningIdentity.d.ts.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.js +0 -157
- package/lib/rust-crypto/CrossSigningIdentity.js.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts +0 -98
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.js +0 -285
- package/lib/rust-crypto/DehydratedDeviceManager.js.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.d.ts +0 -33
- package/lib/rust-crypto/KeyClaimManager.d.ts.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.js +0 -82
- package/lib/rust-crypto/KeyClaimManager.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts +0 -43
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.js +0 -195
- package/lib/rust-crypto/OutgoingRequestProcessor.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts +0 -47
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.js +0 -148
- package/lib/rust-crypto/OutgoingRequestsManager.js.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts +0 -120
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js +0 -467
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.d.ts +0 -98
- package/lib/rust-crypto/RoomEncryptor.d.ts.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.js +0 -299
- package/lib/rust-crypto/RoomEncryptor.js.map +0 -1
- package/lib/rust-crypto/backup.d.ts +0 -254
- package/lib/rust-crypto/backup.d.ts.map +0 -1
- package/lib/rust-crypto/backup.js +0 -837
- package/lib/rust-crypto/backup.js.map +0 -1
- package/lib/rust-crypto/constants.d.ts +0 -3
- package/lib/rust-crypto/constants.d.ts.map +0 -1
- package/lib/rust-crypto/constants.js +0 -19
- package/lib/rust-crypto/constants.js.map +0 -1
- package/lib/rust-crypto/device-converter.d.ts +0 -28
- package/lib/rust-crypto/device-converter.d.ts.map +0 -1
- package/lib/rust-crypto/device-converter.js +0 -123
- package/lib/rust-crypto/device-converter.js.map +0 -1
- package/lib/rust-crypto/index.d.ts +0 -61
- package/lib/rust-crypto/index.d.ts.map +0 -1
- package/lib/rust-crypto/index.js +0 -152
- package/lib/rust-crypto/index.js.map +0 -1
- package/lib/rust-crypto/libolm_migration.d.ts +0 -81
- package/lib/rust-crypto/libolm_migration.d.ts.map +0 -1
- package/lib/rust-crypto/libolm_migration.js +0 -459
- package/lib/rust-crypto/libolm_migration.js.map +0 -1
- package/lib/rust-crypto/rust-crypto.d.ts +0 -556
- package/lib/rust-crypto/rust-crypto.d.ts.map +0 -1
- package/lib/rust-crypto/rust-crypto.js +0 -2016
- package/lib/rust-crypto/rust-crypto.js.map +0 -1
- package/lib/rust-crypto/secret-storage.d.ts +0 -22
- package/lib/rust-crypto/secret-storage.d.ts.map +0 -1
- package/lib/rust-crypto/secret-storage.js +0 -63
- package/lib/rust-crypto/secret-storage.js.map +0 -1
- package/lib/rust-crypto/verification.d.ts +0 -319
- package/lib/rust-crypto/verification.d.ts.map +0 -1
- package/lib/rust-crypto/verification.js +0 -816
- package/lib/rust-crypto/verification.js.map +0 -1
- package/lib/secret-storage.d.ts +0 -370
- package/lib/secret-storage.d.ts.map +0 -1
- package/lib/secret-storage.js +0 -466
- package/lib/secret-storage.js.map +0 -1
- package/src/@types/crypto.ts +0 -73
- package/src/@types/matrix-sdk-crypto-wasm.d.ts +0 -44
- package/src/common-crypto/CryptoBackend.ts +0 -302
- package/src/common-crypto/README.md +0 -4
- package/src/common-crypto/key-passphrase.ts +0 -43
- package/src/crypto/CrossSigning.ts +0 -773
- package/src/crypto/DeviceList.ts +0 -989
- package/src/crypto/EncryptionSetup.ts +0 -351
- package/src/crypto/OlmDevice.ts +0 -1500
- package/src/crypto/OutgoingRoomKeyRequestManager.ts +0 -485
- package/src/crypto/RoomList.ts +0 -70
- package/src/crypto/SecretSharing.ts +0 -240
- package/src/crypto/SecretStorage.ts +0 -136
- package/src/crypto/aes.ts +0 -23
- package/src/crypto/algorithms/base.ts +0 -236
- package/src/crypto/algorithms/index.ts +0 -20
- package/src/crypto/algorithms/megolm.ts +0 -2216
- package/src/crypto/algorithms/olm.ts +0 -381
- package/src/crypto/api.ts +0 -70
- package/src/crypto/backup.ts +0 -922
- package/src/crypto/crypto.ts +0 -18
- package/src/crypto/dehydration.ts +0 -272
- package/src/crypto/device-converter.ts +0 -45
- package/src/crypto/deviceinfo.ts +0 -158
- package/src/crypto/index.ts +0 -4414
- package/src/crypto/key_passphrase.ts +0 -42
- package/src/crypto/keybackup.ts +0 -47
- package/src/crypto/olmlib.ts +0 -539
- package/src/crypto/recoverykey.ts +0 -18
- package/src/crypto/store/base.ts +0 -348
- package/src/crypto/store/indexeddb-crypto-store-backend.ts +0 -1250
- package/src/crypto/store/indexeddb-crypto-store.ts +0 -845
- package/src/crypto/store/localStorage-crypto-store.ts +0 -579
- package/src/crypto/store/memory-crypto-store.ts +0 -680
- package/src/crypto/verification/Base.ts +0 -409
- package/src/crypto/verification/Error.ts +0 -76
- package/src/crypto/verification/IllegalMethod.ts +0 -50
- package/src/crypto/verification/QRCode.ts +0 -310
- package/src/crypto/verification/SAS.ts +0 -494
- package/src/crypto/verification/SASDecimal.ts +0 -37
- package/src/crypto/verification/request/Channel.ts +0 -34
- package/src/crypto/verification/request/InRoomChannel.ts +0 -371
- package/src/crypto/verification/request/ToDeviceChannel.ts +0 -354
- package/src/crypto/verification/request/VerificationRequest.ts +0 -976
- package/src/crypto-api/CryptoEvent.ts +0 -93
- package/src/crypto-api/CryptoEventHandlerMap.ts +0 -32
- package/src/crypto-api/index.ts +0 -1175
- package/src/crypto-api/key-passphrase.ts +0 -58
- package/src/crypto-api/keybackup.ts +0 -115
- package/src/crypto-api/recovery-key.ts +0 -69
- package/src/crypto-api/verification.ts +0 -408
- package/src/rendezvous/MSC4108SignInWithQR.ts +0 -444
- package/src/rendezvous/RendezvousChannel.ts +0 -48
- package/src/rendezvous/RendezvousCode.ts +0 -25
- package/src/rendezvous/RendezvousError.ts +0 -26
- package/src/rendezvous/RendezvousFailureReason.ts +0 -49
- package/src/rendezvous/RendezvousIntent.ts +0 -20
- package/src/rendezvous/RendezvousTransport.ts +0 -58
- package/src/rendezvous/channels/MSC4108SecureChannel.ts +0 -270
- package/src/rendezvous/channels/index.ts +0 -17
- package/src/rendezvous/index.ts +0 -25
- package/src/rendezvous/transports/MSC4108RendezvousSession.ts +0 -270
- package/src/rendezvous/transports/index.ts +0 -17
- package/src/rust-crypto/CrossSigningIdentity.ts +0 -183
- package/src/rust-crypto/DehydratedDeviceManager.ts +0 -306
- package/src/rust-crypto/KeyClaimManager.ts +0 -86
- package/src/rust-crypto/OutgoingRequestProcessor.ts +0 -236
- package/src/rust-crypto/OutgoingRequestsManager.ts +0 -143
- package/src/rust-crypto/PerSessionKeyBackupDownloader.ts +0 -501
- package/src/rust-crypto/RoomEncryptor.ts +0 -352
- package/src/rust-crypto/backup.ts +0 -881
- package/src/rust-crypto/constants.ts +0 -18
- package/src/rust-crypto/device-converter.ts +0 -128
- package/src/rust-crypto/index.ts +0 -237
- package/src/rust-crypto/libolm_migration.ts +0 -530
- package/src/rust-crypto/rust-crypto.ts +0 -2205
- package/src/rust-crypto/secret-storage.ts +0 -60
- package/src/rust-crypto/verification.ts +0 -830
- package/src/secret-storage.ts +0 -693
package/src/crypto/backup.ts
DELETED
@@ -1,922 +0,0 @@
|
|
1
|
-
/*
|
2
|
-
Copyright 2021 The Matrix.org Foundation C.I.C.
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
*/
|
16
|
-
|
17
|
-
/**
|
18
|
-
* Classes for dealing with key backup.
|
19
|
-
*/
|
20
|
-
|
21
|
-
import type { IMegolmSessionData } from "../@types/crypto.ts";
|
22
|
-
import { MatrixClient } from "../client.ts";
|
23
|
-
import { logger } from "../logger.ts";
|
24
|
-
import { MEGOLM_ALGORITHM, verifySignature } from "./olmlib.ts";
|
25
|
-
import { DeviceInfo } from "./deviceinfo.ts";
|
26
|
-
import { DeviceTrustLevel } from "./CrossSigning.ts";
|
27
|
-
import { keyFromPassphrase } from "./key_passphrase.ts";
|
28
|
-
import { encodeUri, safeSet, sleep } from "../utils.ts";
|
29
|
-
import { IndexedDBCryptoStore } from "./store/indexeddb-crypto-store.ts";
|
30
|
-
import {
|
31
|
-
Curve25519SessionData,
|
32
|
-
IAes256AuthData,
|
33
|
-
ICurve25519AuthData,
|
34
|
-
IKeyBackupInfo,
|
35
|
-
IKeyBackupSession,
|
36
|
-
} from "./keybackup.ts";
|
37
|
-
import { UnstableValue } from "../NamespacedValue.ts";
|
38
|
-
import { CryptoEvent } from "./index.ts";
|
39
|
-
import { ClientPrefix, HTTPError, MatrixError, Method } from "../http-api/index.ts";
|
40
|
-
import { BackupTrustInfo } from "../crypto-api/keybackup.ts";
|
41
|
-
import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
|
42
|
-
import { encodeRecoveryKey } from "../crypto-api/index.ts";
|
43
|
-
import decryptAESSecretStorageItem from "../utils/decryptAESSecretStorageItem.ts";
|
44
|
-
import encryptAESSecretStorageItem from "../utils/encryptAESSecretStorageItem.ts";
|
45
|
-
import { AESEncryptedSecretStoragePayload } from "../@types/AESEncryptedSecretStoragePayload.ts";
|
46
|
-
import { calculateKeyCheck } from "../secret-storage.ts";
|
47
|
-
|
48
|
-
const KEY_BACKUP_KEYS_PER_REQUEST = 200;
|
49
|
-
const KEY_BACKUP_CHECK_RATE_LIMIT = 5000; // ms
|
50
|
-
|
51
|
-
type AuthData = IKeyBackupInfo["auth_data"];
|
52
|
-
|
53
|
-
type SigInfo = {
|
54
|
-
deviceId: string;
|
55
|
-
valid?: boolean | null; // true: valid, false: invalid, null: cannot attempt validation
|
56
|
-
device?: DeviceInfo | null;
|
57
|
-
crossSigningId?: boolean;
|
58
|
-
deviceTrust?: DeviceTrustLevel;
|
59
|
-
};
|
60
|
-
|
61
|
-
/** @deprecated Prefer {@link BackupTrustInfo} */
|
62
|
-
export type TrustInfo = {
|
63
|
-
usable: boolean; // is the backup trusted, true iff there is a sig that is valid & from a trusted device
|
64
|
-
sigs: SigInfo[];
|
65
|
-
// eslint-disable-next-line camelcase
|
66
|
-
trusted_locally?: boolean;
|
67
|
-
};
|
68
|
-
|
69
|
-
export interface IKeyBackupCheck {
|
70
|
-
backupInfo?: IKeyBackupInfo;
|
71
|
-
trustInfo: TrustInfo;
|
72
|
-
}
|
73
|
-
|
74
|
-
/* eslint-disable camelcase */
|
75
|
-
export interface IPreparedKeyBackupVersion {
|
76
|
-
algorithm: string;
|
77
|
-
auth_data: AuthData;
|
78
|
-
recovery_key: string;
|
79
|
-
privateKey: Uint8Array;
|
80
|
-
}
|
81
|
-
/* eslint-enable camelcase */
|
82
|
-
|
83
|
-
/** A function used to get the secret key for a backup.
|
84
|
-
*/
|
85
|
-
type GetKey = () => Promise<ArrayLike<number>>;
|
86
|
-
|
87
|
-
interface BackupAlgorithmClass {
|
88
|
-
algorithmName: string;
|
89
|
-
// initialize from an existing backup
|
90
|
-
init(authData: AuthData, getKey: GetKey): Promise<BackupAlgorithm>;
|
91
|
-
|
92
|
-
// prepare a brand new backup
|
93
|
-
prepare(key?: string | Uint8Array | null): Promise<[Uint8Array, AuthData]>;
|
94
|
-
|
95
|
-
checkBackupVersion(info: IKeyBackupInfo): void;
|
96
|
-
}
|
97
|
-
|
98
|
-
interface BackupAlgorithm {
|
99
|
-
untrusted: boolean;
|
100
|
-
encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | AESEncryptedSecretStoragePayload>;
|
101
|
-
decryptSessions(ciphertexts: Record<string, IKeyBackupSession>): Promise<IMegolmSessionData[]>;
|
102
|
-
authData: AuthData;
|
103
|
-
keyMatches(key: ArrayLike<number>): Promise<boolean>;
|
104
|
-
free(): void;
|
105
|
-
}
|
106
|
-
|
107
|
-
export interface IKeyBackup {
|
108
|
-
rooms: {
|
109
|
-
[roomId: string]: {
|
110
|
-
sessions: {
|
111
|
-
[sessionId: string]: IKeyBackupSession;
|
112
|
-
};
|
113
|
-
};
|
114
|
-
};
|
115
|
-
}
|
116
|
-
|
117
|
-
/**
|
118
|
-
* Manages the key backup.
|
119
|
-
*/
|
120
|
-
export class BackupManager {
|
121
|
-
private algorithm: BackupAlgorithm | undefined;
|
122
|
-
public backupInfo: IKeyBackupInfo | undefined; // The info dict from /room_keys/version
|
123
|
-
public checkedForBackup: boolean; // Have we checked the server for a backup we can use?
|
124
|
-
private sendingBackups: boolean; // Are we currently sending backups?
|
125
|
-
private sessionLastCheckAttemptedTime: Record<string, number> = {}; // When did we last try to check the server for a given session id?
|
126
|
-
// The backup manager will schedule backup of keys when active (`scheduleKeyBackupSend`), this allows cancel when client is stopped
|
127
|
-
private clientRunning = true;
|
128
|
-
|
129
|
-
public constructor(
|
130
|
-
private readonly baseApis: MatrixClient,
|
131
|
-
public readonly getKey: GetKey,
|
132
|
-
) {
|
133
|
-
this.checkedForBackup = false;
|
134
|
-
this.sendingBackups = false;
|
135
|
-
}
|
136
|
-
|
137
|
-
/**
|
138
|
-
* Stop the backup manager from backing up keys and allow a clean shutdown.
|
139
|
-
*/
|
140
|
-
public stop(): void {
|
141
|
-
this.clientRunning = false;
|
142
|
-
}
|
143
|
-
|
144
|
-
public get version(): string | undefined {
|
145
|
-
return this.backupInfo && this.backupInfo.version;
|
146
|
-
}
|
147
|
-
|
148
|
-
/**
|
149
|
-
* Performs a quick check to ensure that the backup info looks sane.
|
150
|
-
*
|
151
|
-
* Throws an error if a problem is detected.
|
152
|
-
*
|
153
|
-
* @param info - the key backup info
|
154
|
-
*/
|
155
|
-
public static checkBackupVersion(info: IKeyBackupInfo): void {
|
156
|
-
const Algorithm = algorithmsByName[info.algorithm];
|
157
|
-
if (!Algorithm) {
|
158
|
-
throw new Error("Unknown backup algorithm: " + info.algorithm);
|
159
|
-
}
|
160
|
-
if (typeof info.auth_data !== "object") {
|
161
|
-
throw new Error("Invalid backup data returned");
|
162
|
-
}
|
163
|
-
return Algorithm.checkBackupVersion(info);
|
164
|
-
}
|
165
|
-
|
166
|
-
public static makeAlgorithm(info: IKeyBackupInfo, getKey: GetKey): Promise<BackupAlgorithm> {
|
167
|
-
const Algorithm = algorithmsByName[info.algorithm];
|
168
|
-
if (!Algorithm) {
|
169
|
-
throw new Error("Unknown backup algorithm");
|
170
|
-
}
|
171
|
-
return Algorithm.init(info.auth_data, getKey);
|
172
|
-
}
|
173
|
-
|
174
|
-
public async enableKeyBackup(info: IKeyBackupInfo): Promise<void> {
|
175
|
-
this.backupInfo = info;
|
176
|
-
if (this.algorithm) {
|
177
|
-
this.algorithm.free();
|
178
|
-
}
|
179
|
-
|
180
|
-
this.algorithm = await BackupManager.makeAlgorithm(info, this.getKey);
|
181
|
-
|
182
|
-
this.baseApis.emit(CryptoEvent.KeyBackupStatus, true);
|
183
|
-
|
184
|
-
// There may be keys left over from a partially completed backup, so
|
185
|
-
// schedule a send to check.
|
186
|
-
this.scheduleKeyBackupSend();
|
187
|
-
}
|
188
|
-
|
189
|
-
/**
|
190
|
-
* Disable backing up of keys.
|
191
|
-
*/
|
192
|
-
public disableKeyBackup(): void {
|
193
|
-
if (this.algorithm) {
|
194
|
-
this.algorithm.free();
|
195
|
-
}
|
196
|
-
this.algorithm = undefined;
|
197
|
-
|
198
|
-
this.backupInfo = undefined;
|
199
|
-
|
200
|
-
this.baseApis.emit(CryptoEvent.KeyBackupStatus, false);
|
201
|
-
}
|
202
|
-
|
203
|
-
public getKeyBackupEnabled(): boolean | null {
|
204
|
-
if (!this.checkedForBackup) {
|
205
|
-
return null;
|
206
|
-
}
|
207
|
-
return Boolean(this.algorithm);
|
208
|
-
}
|
209
|
-
|
210
|
-
public async prepareKeyBackupVersion(
|
211
|
-
key?: string | Uint8Array | null,
|
212
|
-
algorithm?: string | undefined,
|
213
|
-
): Promise<IPreparedKeyBackupVersion> {
|
214
|
-
const Algorithm = algorithm ? algorithmsByName[algorithm] : DefaultAlgorithm;
|
215
|
-
if (!Algorithm) {
|
216
|
-
throw new Error("Unknown backup algorithm");
|
217
|
-
}
|
218
|
-
|
219
|
-
const [privateKey, authData] = await Algorithm.prepare(key);
|
220
|
-
const recoveryKey = encodeRecoveryKey(privateKey)!;
|
221
|
-
return {
|
222
|
-
algorithm: Algorithm.algorithmName,
|
223
|
-
auth_data: authData,
|
224
|
-
recovery_key: recoveryKey,
|
225
|
-
privateKey,
|
226
|
-
};
|
227
|
-
}
|
228
|
-
|
229
|
-
public async createKeyBackupVersion(info: IKeyBackupInfo): Promise<void> {
|
230
|
-
this.algorithm = await BackupManager.makeAlgorithm(info, this.getKey);
|
231
|
-
}
|
232
|
-
|
233
|
-
/**
|
234
|
-
* Deletes all key backups.
|
235
|
-
*
|
236
|
-
* Will call the API to delete active backup until there is no more present.
|
237
|
-
*/
|
238
|
-
public async deleteAllKeyBackupVersions(): Promise<void> {
|
239
|
-
// there could be several backup versions, delete all to be safe.
|
240
|
-
let current = (await this.baseApis.getKeyBackupVersion())?.version ?? null;
|
241
|
-
while (current != null) {
|
242
|
-
await this.deleteKeyBackupVersion(current);
|
243
|
-
this.disableKeyBackup();
|
244
|
-
current = (await this.baseApis.getKeyBackupVersion())?.version ?? null;
|
245
|
-
}
|
246
|
-
}
|
247
|
-
|
248
|
-
/**
|
249
|
-
* Deletes the given key backup.
|
250
|
-
*
|
251
|
-
* @param version - The backup version to delete.
|
252
|
-
*/
|
253
|
-
public async deleteKeyBackupVersion(version: string): Promise<void> {
|
254
|
-
const path = encodeUri("/room_keys/version/$version", { $version: version });
|
255
|
-
await this.baseApis.http.authedRequest<void>(Method.Delete, path, undefined, undefined, {
|
256
|
-
prefix: ClientPrefix.V3,
|
257
|
-
});
|
258
|
-
}
|
259
|
-
|
260
|
-
/**
|
261
|
-
* Check the server for an active key backup and
|
262
|
-
* if one is present and has a valid signature from
|
263
|
-
* one of the user's verified devices, start backing up
|
264
|
-
* to it.
|
265
|
-
*/
|
266
|
-
public async checkAndStart(): Promise<IKeyBackupCheck | null> {
|
267
|
-
logger.log("Checking key backup status...");
|
268
|
-
if (this.baseApis.isGuest()) {
|
269
|
-
logger.log("Skipping key backup check since user is guest");
|
270
|
-
this.checkedForBackup = true;
|
271
|
-
return null;
|
272
|
-
}
|
273
|
-
let backupInfo: IKeyBackupInfo | undefined;
|
274
|
-
try {
|
275
|
-
backupInfo = (await this.baseApis.getKeyBackupVersion()) ?? undefined;
|
276
|
-
} catch (e) {
|
277
|
-
logger.log("Error checking for active key backup", e);
|
278
|
-
if ((<HTTPError>e).httpStatus === 404) {
|
279
|
-
// 404 is returned when the key backup does not exist, so that
|
280
|
-
// counts as successfully checking.
|
281
|
-
this.checkedForBackup = true;
|
282
|
-
}
|
283
|
-
return null;
|
284
|
-
}
|
285
|
-
this.checkedForBackup = true;
|
286
|
-
|
287
|
-
const trustInfo = await this.isKeyBackupTrusted(backupInfo);
|
288
|
-
|
289
|
-
if (trustInfo.usable && !this.backupInfo) {
|
290
|
-
logger.log(`Found usable key backup v${backupInfo!.version}: enabling key backups`);
|
291
|
-
await this.enableKeyBackup(backupInfo!);
|
292
|
-
} else if (!trustInfo.usable && this.backupInfo) {
|
293
|
-
logger.log("No usable key backup: disabling key backup");
|
294
|
-
this.disableKeyBackup();
|
295
|
-
} else if (!trustInfo.usable && !this.backupInfo) {
|
296
|
-
logger.log("No usable key backup: not enabling key backup");
|
297
|
-
} else if (trustInfo.usable && this.backupInfo) {
|
298
|
-
// may not be the same version: if not, we should switch
|
299
|
-
if (backupInfo!.version !== this.backupInfo.version) {
|
300
|
-
logger.log(
|
301
|
-
`On backup version ${this.backupInfo.version} but ` +
|
302
|
-
`found version ${backupInfo!.version}: switching.`,
|
303
|
-
);
|
304
|
-
this.disableKeyBackup();
|
305
|
-
await this.enableKeyBackup(backupInfo!);
|
306
|
-
// We're now using a new backup, so schedule all the keys we have to be
|
307
|
-
// uploaded to the new backup. This is a bit of a workaround to upload
|
308
|
-
// keys to a new backup in *most* cases, but it won't cover all cases
|
309
|
-
// because we don't remember what backup version we uploaded keys to:
|
310
|
-
// see https://github.com/vector-im/element-web/issues/14833
|
311
|
-
await this.scheduleAllGroupSessionsForBackup();
|
312
|
-
} else {
|
313
|
-
logger.log(`Backup version ${backupInfo!.version} still current`);
|
314
|
-
}
|
315
|
-
}
|
316
|
-
|
317
|
-
return { backupInfo, trustInfo };
|
318
|
-
}
|
319
|
-
|
320
|
-
/**
|
321
|
-
* Forces a re-check of the key backup and enables/disables it
|
322
|
-
* as appropriate.
|
323
|
-
*
|
324
|
-
* @returns Object with backup info (as returned by
|
325
|
-
* getKeyBackupVersion) in backupInfo and
|
326
|
-
* trust information (as returned by isKeyBackupTrusted)
|
327
|
-
* in trustInfo.
|
328
|
-
*/
|
329
|
-
public async checkKeyBackup(): Promise<IKeyBackupCheck | null> {
|
330
|
-
this.checkedForBackup = false;
|
331
|
-
return this.checkAndStart();
|
332
|
-
}
|
333
|
-
|
334
|
-
/**
|
335
|
-
* Attempts to retrieve a session from a key backup, if enough time
|
336
|
-
* has elapsed since the last check for this session id.
|
337
|
-
*/
|
338
|
-
public async queryKeyBackupRateLimited(
|
339
|
-
targetRoomId: string | undefined,
|
340
|
-
targetSessionId: string | undefined,
|
341
|
-
): Promise<void> {
|
342
|
-
if (!this.backupInfo) {
|
343
|
-
return;
|
344
|
-
}
|
345
|
-
|
346
|
-
const now = new Date().getTime();
|
347
|
-
if (
|
348
|
-
!this.sessionLastCheckAttemptedTime[targetSessionId!] ||
|
349
|
-
now - this.sessionLastCheckAttemptedTime[targetSessionId!] > KEY_BACKUP_CHECK_RATE_LIMIT
|
350
|
-
) {
|
351
|
-
this.sessionLastCheckAttemptedTime[targetSessionId!] = now;
|
352
|
-
await this.baseApis.restoreKeyBackupWithCache(targetRoomId!, targetSessionId!, this.backupInfo, {});
|
353
|
-
}
|
354
|
-
}
|
355
|
-
|
356
|
-
/**
|
357
|
-
* Check if the given backup info is trusted.
|
358
|
-
*
|
359
|
-
* @param backupInfo - key backup info dict from /room_keys/version
|
360
|
-
*/
|
361
|
-
public async isKeyBackupTrusted(backupInfo?: IKeyBackupInfo): Promise<TrustInfo> {
|
362
|
-
const ret = {
|
363
|
-
usable: false,
|
364
|
-
trusted_locally: false,
|
365
|
-
sigs: [] as SigInfo[],
|
366
|
-
};
|
367
|
-
|
368
|
-
if (!backupInfo || !backupInfo.algorithm || !backupInfo.auth_data || !backupInfo.auth_data.signatures) {
|
369
|
-
logger.info(`Key backup is absent or missing required data: ${JSON.stringify(backupInfo)}`);
|
370
|
-
return ret;
|
371
|
-
}
|
372
|
-
|
373
|
-
const userId = this.baseApis.getUserId()!;
|
374
|
-
const privKey = await this.baseApis.crypto!.getSessionBackupPrivateKey();
|
375
|
-
if (privKey) {
|
376
|
-
let algorithm: BackupAlgorithm | null = null;
|
377
|
-
try {
|
378
|
-
algorithm = await BackupManager.makeAlgorithm(backupInfo, async () => privKey);
|
379
|
-
|
380
|
-
if (await algorithm.keyMatches(privKey)) {
|
381
|
-
logger.info("Backup is trusted locally");
|
382
|
-
ret.trusted_locally = true;
|
383
|
-
}
|
384
|
-
} catch {
|
385
|
-
// do nothing -- if we have an error, then we don't mark it as
|
386
|
-
// locally trusted
|
387
|
-
} finally {
|
388
|
-
algorithm?.free();
|
389
|
-
}
|
390
|
-
}
|
391
|
-
|
392
|
-
const mySigs = backupInfo.auth_data.signatures[userId] || {};
|
393
|
-
|
394
|
-
for (const keyId of Object.keys(mySigs)) {
|
395
|
-
const keyIdParts = keyId.split(":");
|
396
|
-
if (keyIdParts[0] !== "ed25519") {
|
397
|
-
logger.log("Ignoring unknown signature type: " + keyIdParts[0]);
|
398
|
-
continue;
|
399
|
-
}
|
400
|
-
// Could be a cross-signing master key, but just say this is the device
|
401
|
-
// ID for backwards compat
|
402
|
-
const sigInfo: SigInfo = { deviceId: keyIdParts[1] };
|
403
|
-
|
404
|
-
// first check to see if it's from our cross-signing key
|
405
|
-
const crossSigningId = this.baseApis.crypto!.crossSigningInfo.getId();
|
406
|
-
if (crossSigningId === sigInfo.deviceId) {
|
407
|
-
sigInfo.crossSigningId = true;
|
408
|
-
try {
|
409
|
-
await verifySignature(
|
410
|
-
this.baseApis.crypto!.olmDevice,
|
411
|
-
backupInfo.auth_data,
|
412
|
-
userId,
|
413
|
-
sigInfo.deviceId,
|
414
|
-
crossSigningId,
|
415
|
-
);
|
416
|
-
sigInfo.valid = true;
|
417
|
-
} catch (e) {
|
418
|
-
logger.warn("Bad signature from cross signing key " + crossSigningId, e);
|
419
|
-
sigInfo.valid = false;
|
420
|
-
}
|
421
|
-
ret.sigs.push(sigInfo);
|
422
|
-
continue;
|
423
|
-
}
|
424
|
-
|
425
|
-
// Now look for a sig from a device
|
426
|
-
// At some point this can probably go away and we'll just support
|
427
|
-
// it being signed by the cross-signing master key
|
428
|
-
const device = this.baseApis.crypto!.deviceList.getStoredDevice(userId, sigInfo.deviceId);
|
429
|
-
if (device) {
|
430
|
-
sigInfo.device = device;
|
431
|
-
sigInfo.deviceTrust = this.baseApis.checkDeviceTrust(userId, sigInfo.deviceId);
|
432
|
-
try {
|
433
|
-
await verifySignature(
|
434
|
-
this.baseApis.crypto!.olmDevice,
|
435
|
-
backupInfo.auth_data,
|
436
|
-
userId,
|
437
|
-
device.deviceId,
|
438
|
-
device.getFingerprint(),
|
439
|
-
);
|
440
|
-
sigInfo.valid = true;
|
441
|
-
} catch (e) {
|
442
|
-
logger.info(
|
443
|
-
"Bad signature from key ID " +
|
444
|
-
keyId +
|
445
|
-
" userID " +
|
446
|
-
this.baseApis.getUserId() +
|
447
|
-
" device ID " +
|
448
|
-
device.deviceId +
|
449
|
-
" fingerprint: " +
|
450
|
-
device.getFingerprint(),
|
451
|
-
backupInfo.auth_data,
|
452
|
-
e,
|
453
|
-
);
|
454
|
-
sigInfo.valid = false;
|
455
|
-
}
|
456
|
-
} else {
|
457
|
-
sigInfo.valid = null; // Can't determine validity because we don't have the signing device
|
458
|
-
logger.info("Ignoring signature from unknown key " + keyId);
|
459
|
-
}
|
460
|
-
ret.sigs.push(sigInfo);
|
461
|
-
}
|
462
|
-
|
463
|
-
ret.usable = ret.sigs.some((s) => {
|
464
|
-
return s.valid && ((s.device && s.deviceTrust?.isVerified()) || s.crossSigningId);
|
465
|
-
});
|
466
|
-
return ret;
|
467
|
-
}
|
468
|
-
|
469
|
-
/**
|
470
|
-
* Schedules sending all keys waiting to be sent to the backup, if not already
|
471
|
-
* scheduled. Retries if necessary.
|
472
|
-
*
|
473
|
-
* @param maxDelay - Maximum delay to wait in ms. 0 means no delay.
|
474
|
-
*/
|
475
|
-
public async scheduleKeyBackupSend(maxDelay = 10000): Promise<void> {
|
476
|
-
logger.debug(`Key backup: scheduleKeyBackupSend currentSending:${this.sendingBackups} delay:${maxDelay}`);
|
477
|
-
if (this.sendingBackups) return;
|
478
|
-
|
479
|
-
this.sendingBackups = true;
|
480
|
-
|
481
|
-
try {
|
482
|
-
// wait between 0 and `maxDelay` seconds, to avoid backup
|
483
|
-
// requests from different clients hitting the server all at
|
484
|
-
// the same time when a new key is sent
|
485
|
-
const delay = Math.random() * maxDelay;
|
486
|
-
await sleep(delay);
|
487
|
-
if (!this.clientRunning) {
|
488
|
-
this.sendingBackups = false;
|
489
|
-
return;
|
490
|
-
}
|
491
|
-
let numFailures = 0; // number of consecutive failures
|
492
|
-
for (;;) {
|
493
|
-
if (!this.algorithm) {
|
494
|
-
return;
|
495
|
-
}
|
496
|
-
try {
|
497
|
-
const numBackedUp = await this.backupPendingKeys(KEY_BACKUP_KEYS_PER_REQUEST);
|
498
|
-
if (numBackedUp === 0) {
|
499
|
-
// no sessions left needing backup: we're done
|
500
|
-
this.sendingBackups = false;
|
501
|
-
return;
|
502
|
-
}
|
503
|
-
numFailures = 0;
|
504
|
-
} catch (err) {
|
505
|
-
numFailures++;
|
506
|
-
logger.log("Key backup request failed", err);
|
507
|
-
if (err instanceof MatrixError) {
|
508
|
-
const errCode = err.data.errcode;
|
509
|
-
if (errCode == "M_NOT_FOUND" || errCode == "M_WRONG_ROOM_KEYS_VERSION") {
|
510
|
-
// Set to false now as `checkKeyBackup` might schedule a backupsend before this one ends.
|
511
|
-
this.sendingBackups = false;
|
512
|
-
// Backup version has changed or this backup version
|
513
|
-
// has been deleted
|
514
|
-
this.baseApis.crypto!.emit(CryptoEvent.KeyBackupFailed, errCode);
|
515
|
-
// Re-check key backup status on error, so we can be
|
516
|
-
// sure to present the current situation when asked.
|
517
|
-
// This call might restart the backup loop if new backup version is trusted
|
518
|
-
await this.checkKeyBackup();
|
519
|
-
return;
|
520
|
-
}
|
521
|
-
}
|
522
|
-
}
|
523
|
-
if (numFailures) {
|
524
|
-
// exponential backoff if we have failures
|
525
|
-
await sleep(1000 * Math.pow(2, Math.min(numFailures - 1, 4)));
|
526
|
-
}
|
527
|
-
|
528
|
-
if (!this.clientRunning) {
|
529
|
-
logger.debug("Key backup send loop aborted, client stopped");
|
530
|
-
this.sendingBackups = false;
|
531
|
-
return;
|
532
|
-
}
|
533
|
-
}
|
534
|
-
} catch (err) {
|
535
|
-
// No one actually checks errors on this promise, it's spawned internally.
|
536
|
-
// Just log, apps/client should use events to check status
|
537
|
-
logger.log(`Backup loop failed ${err}`);
|
538
|
-
this.sendingBackups = false;
|
539
|
-
}
|
540
|
-
}
|
541
|
-
|
542
|
-
/**
|
543
|
-
* Take some e2e keys waiting to be backed up and send them
|
544
|
-
* to the backup.
|
545
|
-
*
|
546
|
-
* @param limit - Maximum number of keys to back up
|
547
|
-
* @returns Number of sessions backed up
|
548
|
-
*/
|
549
|
-
public async backupPendingKeys(limit: number): Promise<number> {
|
550
|
-
const sessions = await this.baseApis.crypto!.cryptoStore.getSessionsNeedingBackup(limit);
|
551
|
-
if (!sessions.length) {
|
552
|
-
return 0;
|
553
|
-
}
|
554
|
-
|
555
|
-
let remaining = await this.baseApis.crypto!.cryptoStore.countSessionsNeedingBackup();
|
556
|
-
this.baseApis.crypto!.emit(CryptoEvent.KeyBackupSessionsRemaining, remaining);
|
557
|
-
|
558
|
-
const rooms: IKeyBackup["rooms"] = {};
|
559
|
-
for (const session of sessions) {
|
560
|
-
const roomId = session.sessionData!.room_id;
|
561
|
-
safeSet(rooms, roomId, rooms[roomId] || { sessions: {} });
|
562
|
-
|
563
|
-
const sessionData = this.baseApis.crypto!.olmDevice.exportInboundGroupSession(
|
564
|
-
session.senderKey,
|
565
|
-
session.sessionId,
|
566
|
-
session.sessionData!,
|
567
|
-
);
|
568
|
-
sessionData.algorithm = MEGOLM_ALGORITHM;
|
569
|
-
|
570
|
-
const forwardedCount = (sessionData.forwarding_curve25519_key_chain || []).length;
|
571
|
-
|
572
|
-
const userId = this.baseApis.crypto!.deviceList.getUserByIdentityKey(MEGOLM_ALGORITHM, session.senderKey);
|
573
|
-
const device =
|
574
|
-
this.baseApis.crypto!.deviceList.getDeviceByIdentityKey(MEGOLM_ALGORITHM, session.senderKey) ??
|
575
|
-
undefined;
|
576
|
-
const verified = this.baseApis.crypto!.checkDeviceInfoTrust(userId!, device).isVerified();
|
577
|
-
|
578
|
-
safeSet(rooms[roomId]["sessions"], session.sessionId, {
|
579
|
-
first_message_index: sessionData.first_known_index,
|
580
|
-
forwarded_count: forwardedCount,
|
581
|
-
is_verified: verified,
|
582
|
-
session_data: await this.algorithm!.encryptSession(sessionData),
|
583
|
-
});
|
584
|
-
}
|
585
|
-
|
586
|
-
await this.baseApis.sendKeyBackup(undefined, undefined, this.backupInfo!.version, { rooms });
|
587
|
-
|
588
|
-
await this.baseApis.crypto!.cryptoStore.unmarkSessionsNeedingBackup(sessions);
|
589
|
-
remaining = await this.baseApis.crypto!.cryptoStore.countSessionsNeedingBackup();
|
590
|
-
this.baseApis.crypto!.emit(CryptoEvent.KeyBackupSessionsRemaining, remaining);
|
591
|
-
|
592
|
-
return sessions.length;
|
593
|
-
}
|
594
|
-
|
595
|
-
public async backupGroupSession(senderKey: string, sessionId: string): Promise<void> {
|
596
|
-
await this.baseApis.crypto!.cryptoStore.markSessionsNeedingBackup([
|
597
|
-
{
|
598
|
-
senderKey: senderKey,
|
599
|
-
sessionId: sessionId,
|
600
|
-
},
|
601
|
-
]);
|
602
|
-
|
603
|
-
if (this.backupInfo) {
|
604
|
-
// don't wait for this to complete: it will delay so
|
605
|
-
// happens in the background
|
606
|
-
this.scheduleKeyBackupSend();
|
607
|
-
}
|
608
|
-
// if this.backupInfo is not set, then the keys will be backed up when
|
609
|
-
// this.enableKeyBackup is called
|
610
|
-
}
|
611
|
-
|
612
|
-
/**
|
613
|
-
* Marks all group sessions as needing to be backed up and schedules them to
|
614
|
-
* upload in the background as soon as possible.
|
615
|
-
*/
|
616
|
-
public async scheduleAllGroupSessionsForBackup(): Promise<void> {
|
617
|
-
await this.flagAllGroupSessionsForBackup();
|
618
|
-
|
619
|
-
// Schedule keys to upload in the background as soon as possible.
|
620
|
-
this.scheduleKeyBackupSend(0 /* maxDelay */);
|
621
|
-
}
|
622
|
-
|
623
|
-
/**
|
624
|
-
* Marks all group sessions as needing to be backed up without scheduling
|
625
|
-
* them to upload in the background.
|
626
|
-
* @returns Promise which resolves to the number of sessions now requiring a backup
|
627
|
-
* (which will be equal to the number of sessions in the store).
|
628
|
-
*/
|
629
|
-
public async flagAllGroupSessionsForBackup(): Promise<number> {
|
630
|
-
await this.baseApis.crypto!.cryptoStore.doTxn(
|
631
|
-
"readwrite",
|
632
|
-
[IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS, IndexedDBCryptoStore.STORE_BACKUP],
|
633
|
-
(txn) => {
|
634
|
-
this.baseApis.crypto!.cryptoStore.getAllEndToEndInboundGroupSessions(txn, (session) => {
|
635
|
-
if (session !== null) {
|
636
|
-
this.baseApis.crypto!.cryptoStore.markSessionsNeedingBackup([session], txn);
|
637
|
-
}
|
638
|
-
});
|
639
|
-
},
|
640
|
-
);
|
641
|
-
|
642
|
-
const remaining = await this.baseApis.crypto!.cryptoStore.countSessionsNeedingBackup();
|
643
|
-
this.baseApis.emit(CryptoEvent.KeyBackupSessionsRemaining, remaining);
|
644
|
-
return remaining;
|
645
|
-
}
|
646
|
-
|
647
|
-
/**
|
648
|
-
* Counts the number of end to end session keys that are waiting to be backed up
|
649
|
-
* @returns Promise which resolves to the number of sessions requiring backup
|
650
|
-
*/
|
651
|
-
public countSessionsNeedingBackup(): Promise<number> {
|
652
|
-
return this.baseApis.crypto!.cryptoStore.countSessionsNeedingBackup();
|
653
|
-
}
|
654
|
-
}
|
655
|
-
|
656
|
-
export class Curve25519 implements BackupAlgorithm {
|
657
|
-
public static algorithmName = "m.megolm_backup.v1.curve25519-aes-sha2";
|
658
|
-
|
659
|
-
public constructor(
|
660
|
-
public authData: ICurve25519AuthData,
|
661
|
-
private publicKey: any, // FIXME: PkEncryption
|
662
|
-
private getKey: () => Promise<Uint8Array>,
|
663
|
-
) {}
|
664
|
-
|
665
|
-
public static async init(authData: AuthData, getKey: () => Promise<Uint8Array>): Promise<Curve25519> {
|
666
|
-
if (!authData || !("public_key" in authData)) {
|
667
|
-
throw new Error("auth_data missing required information");
|
668
|
-
}
|
669
|
-
const publicKey = new globalThis.Olm.PkEncryption();
|
670
|
-
publicKey.set_recipient_key(authData.public_key);
|
671
|
-
return new Curve25519(authData as ICurve25519AuthData, publicKey, getKey);
|
672
|
-
}
|
673
|
-
|
674
|
-
public static async prepare(key?: string | Uint8Array | null): Promise<[Uint8Array, AuthData]> {
|
675
|
-
const decryption = new globalThis.Olm.PkDecryption();
|
676
|
-
try {
|
677
|
-
const authData: Partial<ICurve25519AuthData> = {};
|
678
|
-
if (!key) {
|
679
|
-
authData.public_key = decryption.generate_key();
|
680
|
-
} else if (key instanceof Uint8Array) {
|
681
|
-
authData.public_key = decryption.init_with_private_key(key);
|
682
|
-
} else {
|
683
|
-
const derivation = await keyFromPassphrase(key);
|
684
|
-
authData.private_key_salt = derivation.salt;
|
685
|
-
authData.private_key_iterations = derivation.iterations;
|
686
|
-
authData.public_key = decryption.init_with_private_key(derivation.key);
|
687
|
-
}
|
688
|
-
const publicKey = new globalThis.Olm.PkEncryption();
|
689
|
-
publicKey.set_recipient_key(authData.public_key);
|
690
|
-
|
691
|
-
return [decryption.get_private_key(), authData as AuthData];
|
692
|
-
} finally {
|
693
|
-
decryption.free();
|
694
|
-
}
|
695
|
-
}
|
696
|
-
|
697
|
-
public static checkBackupVersion(info: IKeyBackupInfo): void {
|
698
|
-
if (!("public_key" in info.auth_data)) {
|
699
|
-
throw new Error("Invalid backup data returned");
|
700
|
-
}
|
701
|
-
}
|
702
|
-
|
703
|
-
public get untrusted(): boolean {
|
704
|
-
return true;
|
705
|
-
}
|
706
|
-
|
707
|
-
public async encryptSession(data: Record<string, any>): Promise<Curve25519SessionData> {
|
708
|
-
const plainText: Record<string, any> = Object.assign({}, data);
|
709
|
-
delete plainText.session_id;
|
710
|
-
delete plainText.room_id;
|
711
|
-
delete plainText.first_known_index;
|
712
|
-
return this.publicKey.encrypt(JSON.stringify(plainText));
|
713
|
-
}
|
714
|
-
|
715
|
-
public async decryptSessions(
|
716
|
-
sessions: Record<string, IKeyBackupSession<Curve25519SessionData>>,
|
717
|
-
): Promise<IMegolmSessionData[]> {
|
718
|
-
const privKey = await this.getKey();
|
719
|
-
const decryption = new globalThis.Olm.PkDecryption();
|
720
|
-
try {
|
721
|
-
const backupPubKey = decryption.init_with_private_key(privKey);
|
722
|
-
|
723
|
-
if (backupPubKey !== this.authData.public_key) {
|
724
|
-
throw new MatrixError({ errcode: MatrixClient.RESTORE_BACKUP_ERROR_BAD_KEY });
|
725
|
-
}
|
726
|
-
|
727
|
-
const keys: IMegolmSessionData[] = [];
|
728
|
-
|
729
|
-
for (const [sessionId, sessionData] of Object.entries(sessions)) {
|
730
|
-
try {
|
731
|
-
const decrypted = JSON.parse(
|
732
|
-
decryption.decrypt(
|
733
|
-
sessionData.session_data.ephemeral,
|
734
|
-
sessionData.session_data.mac,
|
735
|
-
sessionData.session_data.ciphertext,
|
736
|
-
),
|
737
|
-
);
|
738
|
-
decrypted.session_id = sessionId;
|
739
|
-
keys.push(decrypted);
|
740
|
-
} catch (e) {
|
741
|
-
logger.log("Failed to decrypt megolm session from backup", e, sessionData);
|
742
|
-
}
|
743
|
-
}
|
744
|
-
return keys;
|
745
|
-
} finally {
|
746
|
-
decryption.free();
|
747
|
-
}
|
748
|
-
}
|
749
|
-
|
750
|
-
public async keyMatches(key: Uint8Array): Promise<boolean> {
|
751
|
-
const decryption = new globalThis.Olm.PkDecryption();
|
752
|
-
let pubKey: string;
|
753
|
-
try {
|
754
|
-
pubKey = decryption.init_with_private_key(key);
|
755
|
-
} finally {
|
756
|
-
decryption.free();
|
757
|
-
}
|
758
|
-
|
759
|
-
return pubKey === this.authData.public_key;
|
760
|
-
}
|
761
|
-
|
762
|
-
public free(): void {
|
763
|
-
this.publicKey.free();
|
764
|
-
}
|
765
|
-
}
|
766
|
-
|
767
|
-
function randomBytes(size: number): Uint8Array {
|
768
|
-
const buf = new Uint8Array(size);
|
769
|
-
globalThis.crypto.getRandomValues(buf);
|
770
|
-
return buf;
|
771
|
-
}
|
772
|
-
|
773
|
-
const UNSTABLE_MSC3270_NAME = new UnstableValue(
|
774
|
-
"m.megolm_backup.v1.aes-hmac-sha2",
|
775
|
-
"org.matrix.msc3270.v1.aes-hmac-sha2",
|
776
|
-
);
|
777
|
-
|
778
|
-
export class Aes256 implements BackupAlgorithm {
|
779
|
-
public static algorithmName = UNSTABLE_MSC3270_NAME.name;
|
780
|
-
|
781
|
-
public constructor(
|
782
|
-
public readonly authData: IAes256AuthData,
|
783
|
-
private readonly key: Uint8Array,
|
784
|
-
) {}
|
785
|
-
|
786
|
-
public static async init(authData: IAes256AuthData, getKey: () => Promise<Uint8Array>): Promise<Aes256> {
|
787
|
-
if (!authData) {
|
788
|
-
throw new Error("auth_data missing");
|
789
|
-
}
|
790
|
-
const key = await getKey();
|
791
|
-
if (authData.mac) {
|
792
|
-
const { mac } = await calculateKeyCheck(key, authData.iv);
|
793
|
-
if (authData.mac.replace(/=+$/g, "") !== mac.replace(/=+/g, "")) {
|
794
|
-
throw new Error("Key does not match");
|
795
|
-
}
|
796
|
-
}
|
797
|
-
return new Aes256(authData, key);
|
798
|
-
}
|
799
|
-
|
800
|
-
public static async prepare(key?: string | Uint8Array | null): Promise<[Uint8Array, AuthData]> {
|
801
|
-
let outKey: Uint8Array;
|
802
|
-
const authData: Partial<IAes256AuthData> = {};
|
803
|
-
if (!key) {
|
804
|
-
outKey = randomBytes(32);
|
805
|
-
} else if (key instanceof Uint8Array) {
|
806
|
-
outKey = new Uint8Array(key);
|
807
|
-
} else {
|
808
|
-
const derivation = await keyFromPassphrase(key);
|
809
|
-
authData.private_key_salt = derivation.salt;
|
810
|
-
authData.private_key_iterations = derivation.iterations;
|
811
|
-
outKey = derivation.key;
|
812
|
-
}
|
813
|
-
|
814
|
-
const { iv, mac } = await calculateKeyCheck(outKey);
|
815
|
-
authData.iv = iv;
|
816
|
-
authData.mac = mac;
|
817
|
-
|
818
|
-
return [outKey, authData as AuthData];
|
819
|
-
}
|
820
|
-
|
821
|
-
public static checkBackupVersion(info: IKeyBackupInfo): void {
|
822
|
-
if (!("iv" in info.auth_data && "mac" in info.auth_data)) {
|
823
|
-
throw new Error("Invalid backup data returned");
|
824
|
-
}
|
825
|
-
}
|
826
|
-
|
827
|
-
public get untrusted(): boolean {
|
828
|
-
return false;
|
829
|
-
}
|
830
|
-
|
831
|
-
public encryptSession(data: Record<string, any>): Promise<AESEncryptedSecretStoragePayload> {
|
832
|
-
const plainText: Record<string, any> = Object.assign({}, data);
|
833
|
-
delete plainText.session_id;
|
834
|
-
delete plainText.room_id;
|
835
|
-
delete plainText.first_known_index;
|
836
|
-
return encryptAESSecretStorageItem(JSON.stringify(plainText), this.key, data.session_id);
|
837
|
-
}
|
838
|
-
|
839
|
-
public async decryptSessions(
|
840
|
-
sessions: Record<string, IKeyBackupSession<AESEncryptedSecretStoragePayload>>,
|
841
|
-
): Promise<IMegolmSessionData[]> {
|
842
|
-
const keys: IMegolmSessionData[] = [];
|
843
|
-
|
844
|
-
for (const [sessionId, sessionData] of Object.entries(sessions)) {
|
845
|
-
try {
|
846
|
-
const decrypted = JSON.parse(
|
847
|
-
await decryptAESSecretStorageItem(sessionData.session_data, this.key, sessionId),
|
848
|
-
);
|
849
|
-
decrypted.session_id = sessionId;
|
850
|
-
keys.push(decrypted);
|
851
|
-
} catch (e) {
|
852
|
-
logger.log("Failed to decrypt megolm session from backup", e, sessionData);
|
853
|
-
}
|
854
|
-
}
|
855
|
-
return keys;
|
856
|
-
}
|
857
|
-
|
858
|
-
public async keyMatches(key: Uint8Array): Promise<boolean> {
|
859
|
-
if (this.authData.mac) {
|
860
|
-
const { mac } = await calculateKeyCheck(key, this.authData.iv);
|
861
|
-
return this.authData.mac.replace(/=+$/g, "") === mac.replace(/=+/g, "");
|
862
|
-
} else {
|
863
|
-
// if we have no information, we have to assume the key is right
|
864
|
-
return true;
|
865
|
-
}
|
866
|
-
}
|
867
|
-
|
868
|
-
public free(): void {
|
869
|
-
this.key.fill(0);
|
870
|
-
}
|
871
|
-
}
|
872
|
-
|
873
|
-
export const algorithmsByName: Record<string, BackupAlgorithmClass> = {
|
874
|
-
[Curve25519.algorithmName]: Curve25519,
|
875
|
-
[Aes256.algorithmName]: Aes256,
|
876
|
-
};
|
877
|
-
|
878
|
-
// the linter doesn't like this but knip does
|
879
|
-
// eslint-disable-next-line tsdoc/syntax
|
880
|
-
/** @alias */
|
881
|
-
export const DefaultAlgorithm: BackupAlgorithmClass = Curve25519;
|
882
|
-
|
883
|
-
/**
|
884
|
-
* Map a legacy {@link TrustInfo} into a new-style {@link BackupTrustInfo}.
|
885
|
-
*
|
886
|
-
* @param trustInfo - trustInfo to convert
|
887
|
-
*/
|
888
|
-
export function backupTrustInfoFromLegacyTrustInfo(trustInfo: TrustInfo): BackupTrustInfo {
|
889
|
-
return {
|
890
|
-
trusted: trustInfo.usable,
|
891
|
-
matchesDecryptionKey: trustInfo.trusted_locally ?? false,
|
892
|
-
};
|
893
|
-
}
|
894
|
-
|
895
|
-
/**
|
896
|
-
* Implementation of {@link BackupDecryptor} for the libolm crypto backend.
|
897
|
-
*/
|
898
|
-
export class LibOlmBackupDecryptor implements BackupDecryptor {
|
899
|
-
private algorithm: BackupAlgorithm;
|
900
|
-
public readonly sourceTrusted: boolean;
|
901
|
-
|
902
|
-
public constructor(algorithm: BackupAlgorithm) {
|
903
|
-
this.algorithm = algorithm;
|
904
|
-
this.sourceTrusted = !algorithm.untrusted;
|
905
|
-
}
|
906
|
-
|
907
|
-
/**
|
908
|
-
* Implements {@link BackupDecryptor#free}
|
909
|
-
*/
|
910
|
-
public free(): void {
|
911
|
-
this.algorithm.free();
|
912
|
-
}
|
913
|
-
|
914
|
-
/**
|
915
|
-
* Implements {@link BackupDecryptor#decryptSessions}
|
916
|
-
*/
|
917
|
-
public async decryptSessions(
|
918
|
-
sessions: Record<string, IKeyBackupSession<Curve25519SessionData>>,
|
919
|
-
): Promise<IMegolmSessionData[]> {
|
920
|
-
return await this.algorithm.decryptSessions(sessions);
|
921
|
-
}
|
922
|
-
}
|