@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-4
Sign up to get free protection for your applications and to get access to all the features.
- package/git-revision.txt +1 -1
- package/lib/@types/global.d.js +0 -2
- package/lib/@types/global.d.js.map +1 -1
- package/lib/browser-index.d.ts.map +1 -1
- package/lib/browser-index.js +0 -11
- package/lib/browser-index.js.map +1 -1
- package/lib/client.d.ts +2 -1221
- package/lib/client.d.ts.map +1 -1
- package/lib/client.js +331 -2821
- package/lib/client.js.map +1 -1
- package/lib/embedded.d.ts +0 -22
- package/lib/embedded.d.ts.map +1 -1
- package/lib/embedded.js +24 -166
- package/lib/embedded.js.map +1 -1
- package/lib/event-mapper.d.ts.map +1 -1
- package/lib/event-mapper.js +0 -4
- package/lib/event-mapper.js.map +1 -1
- package/lib/matrix.d.ts +0 -19
- package/lib/matrix.d.ts.map +1 -1
- package/lib/matrix.js +1 -26
- package/lib/matrix.js.map +1 -1
- package/lib/models/MSC3089Branch.d.ts.map +1 -1
- package/lib/models/MSC3089Branch.js +0 -3
- package/lib/models/MSC3089Branch.js.map +1 -1
- package/lib/models/event.d.ts +0 -94
- package/lib/models/event.d.ts.map +1 -1
- package/lib/models/event.js +0 -274
- package/lib/models/event.js.map +1 -1
- package/lib/models/poll.d.ts.map +1 -1
- package/lib/models/poll.js +1 -5
- package/lib/models/poll.js.map +1 -1
- package/lib/models/relations-container.d.ts.map +1 -1
- package/lib/models/relations-container.js +1 -7
- package/lib/models/relations-container.js.map +1 -1
- package/lib/models/relations.d.ts +0 -1
- package/lib/models/relations.d.ts.map +1 -1
- package/lib/models/relations.js +0 -8
- package/lib/models/relations.js.map +1 -1
- package/lib/models/room-state.d.ts.map +1 -1
- package/lib/models/room-state.js +10 -26
- package/lib/models/room-state.js.map +1 -1
- package/lib/models/room.d.ts +0 -18
- package/lib/models/room.d.ts.map +1 -1
- package/lib/models/room.js +94 -148
- package/lib/models/room.js.map +1 -1
- package/lib/models/thread.d.ts.map +1 -1
- package/lib/models/thread.js +0 -1
- package/lib/models/thread.js.map +1 -1
- package/lib/sliding-sync-sdk.d.ts +2 -3
- package/lib/sliding-sync-sdk.d.ts.map +1 -1
- package/lib/sliding-sync-sdk.js +41 -90
- package/lib/sliding-sync-sdk.js.map +1 -1
- package/lib/sync.d.ts +0 -12
- package/lib/sync.d.ts.map +1 -1
- package/lib/sync.js +1 -73
- package/lib/sync.js.map +1 -1
- package/lib/testing.d.ts +0 -48
- package/lib/testing.d.ts.map +1 -1
- package/lib/testing.js +0 -105
- package/lib/testing.js.map +1 -1
- package/lib/types.d.ts +0 -1
- package/lib/types.d.ts.map +1 -1
- package/lib/types.js.map +1 -1
- package/package.json +1 -3
- package/src/@types/global.d.ts +0 -3
- package/src/browser-index.ts +0 -11
- package/src/client.ts +60 -2882
- package/src/embedded.ts +3 -130
- package/src/event-mapper.ts +0 -4
- package/src/matrix.ts +0 -28
- package/src/models/MSC3089Branch.ts +0 -3
- package/src/models/event.ts +0 -289
- package/src/models/poll.ts +0 -6
- package/src/models/relations-container.ts +1 -8
- package/src/models/relations.ts +0 -8
- package/src/models/room-state.ts +2 -8
- package/src/models/room.ts +0 -62
- package/src/models/thread.ts +0 -1
- package/src/sliding-sync-sdk.ts +2 -72
- package/src/sync.ts +1 -98
- package/src/testing.ts +0 -108
- package/src/types.ts +0 -1
- package/CHANGELOG.md +0 -5910
- package/lib/@types/AESEncryptedSecretStoragePayload.d.ts +0 -14
- package/lib/@types/AESEncryptedSecretStoragePayload.d.ts.map +0 -1
- package/lib/@types/AESEncryptedSecretStoragePayload.js +0 -1
- package/lib/@types/AESEncryptedSecretStoragePayload.js.map +0 -1
- package/lib/@types/crypto.d.ts +0 -47
- package/lib/@types/crypto.d.ts.map +0 -1
- package/lib/@types/crypto.js +0 -1
- package/lib/@types/crypto.js.map +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js +0 -1
- package/lib/@types/matrix-sdk-crypto-wasm.d.js.map +0 -1
- package/lib/common-crypto/CryptoBackend.d.ts +0 -240
- package/lib/common-crypto/CryptoBackend.d.ts.map +0 -1
- package/lib/common-crypto/CryptoBackend.js +0 -73
- package/lib/common-crypto/CryptoBackend.js.map +0 -1
- package/lib/common-crypto/key-passphrase.d.ts +0 -14
- package/lib/common-crypto/key-passphrase.d.ts.map +0 -1
- package/lib/common-crypto/key-passphrase.js +0 -33
- package/lib/common-crypto/key-passphrase.js.map +0 -1
- package/lib/crypto/CrossSigning.d.ts +0 -184
- package/lib/crypto/CrossSigning.d.ts.map +0 -1
- package/lib/crypto/CrossSigning.js +0 -718
- package/lib/crypto/CrossSigning.js.map +0 -1
- package/lib/crypto/DeviceList.d.ts +0 -216
- package/lib/crypto/DeviceList.d.ts.map +0 -1
- package/lib/crypto/DeviceList.js +0 -892
- package/lib/crypto/DeviceList.js.map +0 -1
- package/lib/crypto/EncryptionSetup.d.ts +0 -152
- package/lib/crypto/EncryptionSetup.d.ts.map +0 -1
- package/lib/crypto/EncryptionSetup.js +0 -356
- package/lib/crypto/EncryptionSetup.js.map +0 -1
- package/lib/crypto/OlmDevice.d.ts +0 -457
- package/lib/crypto/OlmDevice.d.ts.map +0 -1
- package/lib/crypto/OlmDevice.js +0 -1241
- package/lib/crypto/OlmDevice.js.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts +0 -109
- package/lib/crypto/OutgoingRoomKeyRequestManager.d.ts.map +0 -1
- package/lib/crypto/OutgoingRoomKeyRequestManager.js +0 -415
- package/lib/crypto/OutgoingRoomKeyRequestManager.js.map +0 -1
- package/lib/crypto/RoomList.d.ts +0 -26
- package/lib/crypto/RoomList.d.ts.map +0 -1
- package/lib/crypto/RoomList.js +0 -71
- package/lib/crypto/RoomList.js.map +0 -1
- package/lib/crypto/SecretSharing.d.ts +0 -24
- package/lib/crypto/SecretSharing.d.ts.map +0 -1
- package/lib/crypto/SecretSharing.js +0 -194
- package/lib/crypto/SecretSharing.js.map +0 -1
- package/lib/crypto/SecretStorage.d.ts +0 -55
- package/lib/crypto/SecretStorage.d.ts.map +0 -1
- package/lib/crypto/SecretStorage.js +0 -118
- package/lib/crypto/SecretStorage.js.map +0 -1
- package/lib/crypto/aes.d.ts +0 -6
- package/lib/crypto/aes.d.ts.map +0 -1
- package/lib/crypto/aes.js +0 -24
- package/lib/crypto/aes.js.map +0 -1
- package/lib/crypto/algorithms/base.d.ts +0 -156
- package/lib/crypto/algorithms/base.d.ts.map +0 -1
- package/lib/crypto/algorithms/base.js +0 -187
- package/lib/crypto/algorithms/base.js.map +0 -1
- package/lib/crypto/algorithms/index.d.ts +0 -4
- package/lib/crypto/algorithms/index.d.ts.map +0 -1
- package/lib/crypto/algorithms/index.js +0 -20
- package/lib/crypto/algorithms/index.js.map +0 -1
- package/lib/crypto/algorithms/megolm.d.ts +0 -385
- package/lib/crypto/algorithms/megolm.d.ts.map +0 -1
- package/lib/crypto/algorithms/megolm.js +0 -1822
- package/lib/crypto/algorithms/megolm.js.map +0 -1
- package/lib/crypto/algorithms/olm.d.ts +0 -5
- package/lib/crypto/algorithms/olm.d.ts.map +0 -1
- package/lib/crypto/algorithms/olm.js +0 -299
- package/lib/crypto/algorithms/olm.js.map +0 -1
- package/lib/crypto/api.d.ts +0 -32
- package/lib/crypto/api.d.ts.map +0 -1
- package/lib/crypto/api.js +0 -22
- package/lib/crypto/api.js.map +0 -1
- package/lib/crypto/backup.d.ts +0 -227
- package/lib/crypto/backup.d.ts.map +0 -1
- package/lib/crypto/backup.js +0 -824
- package/lib/crypto/backup.js.map +0 -1
- package/lib/crypto/crypto.d.ts +0 -3
- package/lib/crypto/crypto.d.ts.map +0 -1
- package/lib/crypto/crypto.js +0 -19
- package/lib/crypto/crypto.js.map +0 -1
- package/lib/crypto/dehydration.d.ts +0 -34
- package/lib/crypto/dehydration.d.ts.map +0 -1
- package/lib/crypto/dehydration.js +0 -252
- package/lib/crypto/dehydration.js.map +0 -1
- package/lib/crypto/device-converter.d.ts +0 -9
- package/lib/crypto/device-converter.d.ts.map +0 -1
- package/lib/crypto/device-converter.js +0 -42
- package/lib/crypto/device-converter.js.map +0 -1
- package/lib/crypto/deviceinfo.d.ts +0 -99
- package/lib/crypto/deviceinfo.d.ts.map +0 -1
- package/lib/crypto/deviceinfo.js +0 -148
- package/lib/crypto/deviceinfo.js.map +0 -1
- package/lib/crypto/index.d.ts +0 -1209
- package/lib/crypto/index.d.ts.map +0 -1
- package/lib/crypto/index.js +0 -4097
- package/lib/crypto/index.js.map +0 -1
- package/lib/crypto/key_passphrase.d.ts +0 -14
- package/lib/crypto/key_passphrase.d.ts.map +0 -1
- package/lib/crypto/key_passphrase.js +0 -44
- package/lib/crypto/key_passphrase.js.map +0 -1
- package/lib/crypto/keybackup.d.ts +0 -18
- package/lib/crypto/keybackup.d.ts.map +0 -1
- package/lib/crypto/keybackup.js +0 -1
- package/lib/crypto/keybackup.js.map +0 -1
- package/lib/crypto/olmlib.d.ts +0 -129
- package/lib/crypto/olmlib.d.ts.map +0 -1
- package/lib/crypto/olmlib.js +0 -492
- package/lib/crypto/olmlib.js.map +0 -1
- package/lib/crypto/recoverykey.d.ts +0 -2
- package/lib/crypto/recoverykey.d.ts.map +0 -1
- package/lib/crypto/recoverykey.js +0 -19
- package/lib/crypto/recoverykey.js.map +0 -1
- package/lib/crypto/store/base.d.ts +0 -252
- package/lib/crypto/store/base.d.ts.map +0 -1
- package/lib/crypto/store/base.js +0 -64
- package/lib/crypto/store/base.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts +0 -187
- package/lib/crypto/store/indexeddb-crypto-store-backend.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store-backend.js +0 -1145
- package/lib/crypto/store/indexeddb-crypto-store-backend.js.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.d.ts +0 -432
- package/lib/crypto/store/indexeddb-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/indexeddb-crypto-store.js +0 -728
- package/lib/crypto/store/indexeddb-crypto-store.js.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.d.ts +0 -119
- package/lib/crypto/store/localStorage-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/localStorage-crypto-store.js +0 -531
- package/lib/crypto/store/localStorage-crypto-store.js.map +0 -1
- package/lib/crypto/store/memory-crypto-store.d.ts +0 -215
- package/lib/crypto/store/memory-crypto-store.d.ts.map +0 -1
- package/lib/crypto/store/memory-crypto-store.js +0 -622
- package/lib/crypto/store/memory-crypto-store.js.map +0 -1
- package/lib/crypto/verification/Base.d.ts +0 -105
- package/lib/crypto/verification/Base.d.ts.map +0 -1
- package/lib/crypto/verification/Base.js +0 -372
- package/lib/crypto/verification/Base.js.map +0 -1
- package/lib/crypto/verification/Error.d.ts +0 -35
- package/lib/crypto/verification/Error.d.ts.map +0 -1
- package/lib/crypto/verification/Error.js +0 -86
- package/lib/crypto/verification/Error.js.map +0 -1
- package/lib/crypto/verification/IllegalMethod.d.ts +0 -15
- package/lib/crypto/verification/IllegalMethod.d.ts.map +0 -1
- package/lib/crypto/verification/IllegalMethod.js +0 -43
- package/lib/crypto/verification/IllegalMethod.js.map +0 -1
- package/lib/crypto/verification/QRCode.d.ts +0 -51
- package/lib/crypto/verification/QRCode.d.ts.map +0 -1
- package/lib/crypto/verification/QRCode.js +0 -277
- package/lib/crypto/verification/QRCode.js.map +0 -1
- package/lib/crypto/verification/SAS.d.ts +0 -27
- package/lib/crypto/verification/SAS.d.ts.map +0 -1
- package/lib/crypto/verification/SAS.js +0 -485
- package/lib/crypto/verification/SAS.js.map +0 -1
- package/lib/crypto/verification/SASDecimal.d.ts +0 -8
- package/lib/crypto/verification/SASDecimal.d.ts.map +0 -1
- package/lib/crypto/verification/SASDecimal.js +0 -34
- package/lib/crypto/verification/SASDecimal.js.map +0 -1
- package/lib/crypto/verification/request/Channel.d.ts +0 -18
- package/lib/crypto/verification/request/Channel.d.ts.map +0 -1
- package/lib/crypto/verification/request/Channel.js +0 -1
- package/lib/crypto/verification/request/Channel.js.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.d.ts +0 -113
- package/lib/crypto/verification/request/InRoomChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/InRoomChannel.js +0 -351
- package/lib/crypto/verification/request/InRoomChannel.js.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts +0 -105
- package/lib/crypto/verification/request/ToDeviceChannel.d.ts.map +0 -1
- package/lib/crypto/verification/request/ToDeviceChannel.js +0 -328
- package/lib/crypto/verification/request/ToDeviceChannel.js.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.d.ts +0 -227
- package/lib/crypto/verification/request/VerificationRequest.d.ts.map +0 -1
- package/lib/crypto/verification/request/VerificationRequest.js +0 -937
- package/lib/crypto/verification/request/VerificationRequest.js.map +0 -1
- package/lib/crypto-api/CryptoEvent.d.ts +0 -69
- package/lib/crypto-api/CryptoEvent.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEvent.js +0 -33
- package/lib/crypto-api/CryptoEvent.js.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts +0 -16
- package/lib/crypto-api/CryptoEventHandlerMap.d.ts.map +0 -1
- package/lib/crypto-api/CryptoEventHandlerMap.js +0 -22
- package/lib/crypto-api/CryptoEventHandlerMap.js.map +0 -1
- package/lib/crypto-api/index.d.ts +0 -978
- package/lib/crypto-api/index.d.ts.map +0 -1
- package/lib/crypto-api/index.js +0 -304
- package/lib/crypto-api/index.js.map +0 -1
- package/lib/crypto-api/key-passphrase.d.ts +0 -11
- package/lib/crypto-api/key-passphrase.d.ts.map +0 -1
- package/lib/crypto-api/key-passphrase.js +0 -51
- package/lib/crypto-api/key-passphrase.js.map +0 -1
- package/lib/crypto-api/keybackup.d.ts +0 -88
- package/lib/crypto-api/keybackup.d.ts.map +0 -1
- package/lib/crypto-api/keybackup.js +0 -1
- package/lib/crypto-api/keybackup.js.map +0 -1
- package/lib/crypto-api/recovery-key.d.ts +0 -11
- package/lib/crypto-api/recovery-key.d.ts.map +0 -1
- package/lib/crypto-api/recovery-key.js +0 -65
- package/lib/crypto-api/recovery-key.js.map +0 -1
- package/lib/crypto-api/verification.d.ts +0 -344
- package/lib/crypto-api/verification.d.ts.map +0 -1
- package/lib/crypto-api/verification.js +0 -91
- package/lib/crypto-api/verification.js.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts +0 -112
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts.map +0 -1
- package/lib/rendezvous/MSC4108SignInWithQR.js +0 -392
- package/lib/rendezvous/MSC4108SignInWithQR.js.map +0 -1
- package/lib/rendezvous/RendezvousChannel.d.ts +0 -27
- package/lib/rendezvous/RendezvousChannel.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousChannel.js +0 -1
- package/lib/rendezvous/RendezvousChannel.js.map +0 -1
- package/lib/rendezvous/RendezvousCode.d.ts +0 -9
- package/lib/rendezvous/RendezvousCode.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousCode.js +0 -1
- package/lib/rendezvous/RendezvousCode.js.map +0 -1
- package/lib/rendezvous/RendezvousError.d.ts +0 -6
- package/lib/rendezvous/RendezvousError.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousError.js +0 -23
- package/lib/rendezvous/RendezvousError.js.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.d.ts +0 -31
- package/lib/rendezvous/RendezvousFailureReason.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousFailureReason.js +0 -38
- package/lib/rendezvous/RendezvousFailureReason.js.map +0 -1
- package/lib/rendezvous/RendezvousIntent.d.ts +0 -5
- package/lib/rendezvous/RendezvousIntent.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousIntent.js +0 -22
- package/lib/rendezvous/RendezvousIntent.js.map +0 -1
- package/lib/rendezvous/RendezvousTransport.d.ts +0 -36
- package/lib/rendezvous/RendezvousTransport.d.ts.map +0 -1
- package/lib/rendezvous/RendezvousTransport.js +0 -1
- package/lib/rendezvous/RendezvousTransport.js.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts +0 -58
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts.map +0 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.js +0 -246
- package/lib/rendezvous/channels/MSC4108SecureChannel.js.map +0 -1
- package/lib/rendezvous/channels/index.d.ts +0 -2
- package/lib/rendezvous/channels/index.d.ts.map +0 -1
- package/lib/rendezvous/channels/index.js +0 -18
- package/lib/rendezvous/channels/index.js.map +0 -1
- package/lib/rendezvous/index.d.ts +0 -10
- package/lib/rendezvous/index.d.ts.map +0 -1
- package/lib/rendezvous/index.js +0 -23
- package/lib/rendezvous/index.js.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts +0 -61
- package/lib/rendezvous/transports/MSC4108RendezvousSession.d.ts.map +0 -1
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js +0 -253
- package/lib/rendezvous/transports/MSC4108RendezvousSession.js.map +0 -1
- package/lib/rendezvous/transports/index.d.ts +0 -2
- package/lib/rendezvous/transports/index.d.ts.map +0 -1
- package/lib/rendezvous/transports/index.js +0 -18
- package/lib/rendezvous/transports/index.js.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.d.ts +0 -33
- package/lib/rust-crypto/CrossSigningIdentity.d.ts.map +0 -1
- package/lib/rust-crypto/CrossSigningIdentity.js +0 -157
- package/lib/rust-crypto/CrossSigningIdentity.js.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts +0 -98
- package/lib/rust-crypto/DehydratedDeviceManager.d.ts.map +0 -1
- package/lib/rust-crypto/DehydratedDeviceManager.js +0 -285
- package/lib/rust-crypto/DehydratedDeviceManager.js.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.d.ts +0 -33
- package/lib/rust-crypto/KeyClaimManager.d.ts.map +0 -1
- package/lib/rust-crypto/KeyClaimManager.js +0 -82
- package/lib/rust-crypto/KeyClaimManager.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts +0 -43
- package/lib/rust-crypto/OutgoingRequestProcessor.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestProcessor.js +0 -195
- package/lib/rust-crypto/OutgoingRequestProcessor.js.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts +0 -47
- package/lib/rust-crypto/OutgoingRequestsManager.d.ts.map +0 -1
- package/lib/rust-crypto/OutgoingRequestsManager.js +0 -148
- package/lib/rust-crypto/OutgoingRequestsManager.js.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts +0 -120
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.d.ts.map +0 -1
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js +0 -467
- package/lib/rust-crypto/PerSessionKeyBackupDownloader.js.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.d.ts +0 -98
- package/lib/rust-crypto/RoomEncryptor.d.ts.map +0 -1
- package/lib/rust-crypto/RoomEncryptor.js +0 -299
- package/lib/rust-crypto/RoomEncryptor.js.map +0 -1
- package/lib/rust-crypto/backup.d.ts +0 -254
- package/lib/rust-crypto/backup.d.ts.map +0 -1
- package/lib/rust-crypto/backup.js +0 -837
- package/lib/rust-crypto/backup.js.map +0 -1
- package/lib/rust-crypto/constants.d.ts +0 -3
- package/lib/rust-crypto/constants.d.ts.map +0 -1
- package/lib/rust-crypto/constants.js +0 -19
- package/lib/rust-crypto/constants.js.map +0 -1
- package/lib/rust-crypto/device-converter.d.ts +0 -28
- package/lib/rust-crypto/device-converter.d.ts.map +0 -1
- package/lib/rust-crypto/device-converter.js +0 -123
- package/lib/rust-crypto/device-converter.js.map +0 -1
- package/lib/rust-crypto/index.d.ts +0 -61
- package/lib/rust-crypto/index.d.ts.map +0 -1
- package/lib/rust-crypto/index.js +0 -152
- package/lib/rust-crypto/index.js.map +0 -1
- package/lib/rust-crypto/libolm_migration.d.ts +0 -81
- package/lib/rust-crypto/libolm_migration.d.ts.map +0 -1
- package/lib/rust-crypto/libolm_migration.js +0 -459
- package/lib/rust-crypto/libolm_migration.js.map +0 -1
- package/lib/rust-crypto/rust-crypto.d.ts +0 -556
- package/lib/rust-crypto/rust-crypto.d.ts.map +0 -1
- package/lib/rust-crypto/rust-crypto.js +0 -2016
- package/lib/rust-crypto/rust-crypto.js.map +0 -1
- package/lib/rust-crypto/secret-storage.d.ts +0 -22
- package/lib/rust-crypto/secret-storage.d.ts.map +0 -1
- package/lib/rust-crypto/secret-storage.js +0 -63
- package/lib/rust-crypto/secret-storage.js.map +0 -1
- package/lib/rust-crypto/verification.d.ts +0 -319
- package/lib/rust-crypto/verification.d.ts.map +0 -1
- package/lib/rust-crypto/verification.js +0 -816
- package/lib/rust-crypto/verification.js.map +0 -1
- package/lib/secret-storage.d.ts +0 -370
- package/lib/secret-storage.d.ts.map +0 -1
- package/lib/secret-storage.js +0 -466
- package/lib/secret-storage.js.map +0 -1
- package/lib/utils/decryptAESSecretStorageItem.d.ts +0 -12
- package/lib/utils/decryptAESSecretStorageItem.d.ts.map +0 -1
- package/lib/utils/decryptAESSecretStorageItem.js +0 -50
- package/lib/utils/decryptAESSecretStorageItem.js.map +0 -1
- package/lib/utils/encryptAESSecretStorageItem.d.ts +0 -16
- package/lib/utils/encryptAESSecretStorageItem.d.ts.map +0 -1
- package/lib/utils/encryptAESSecretStorageItem.js +0 -68
- package/lib/utils/encryptAESSecretStorageItem.js.map +0 -1
- package/lib/utils/internal/deriveKeys.d.ts +0 -10
- package/lib/utils/internal/deriveKeys.d.ts.map +0 -1
- package/lib/utils/internal/deriveKeys.js +0 -60
- package/lib/utils/internal/deriveKeys.js.map +0 -1
- package/src/@types/AESEncryptedSecretStoragePayload.ts +0 -29
- package/src/@types/crypto.ts +0 -73
- package/src/@types/matrix-sdk-crypto-wasm.d.ts +0 -44
- package/src/common-crypto/CryptoBackend.ts +0 -302
- package/src/common-crypto/README.md +0 -4
- package/src/common-crypto/key-passphrase.ts +0 -43
- package/src/crypto/CrossSigning.ts +0 -773
- package/src/crypto/DeviceList.ts +0 -989
- package/src/crypto/EncryptionSetup.ts +0 -351
- package/src/crypto/OlmDevice.ts +0 -1500
- package/src/crypto/OutgoingRoomKeyRequestManager.ts +0 -485
- package/src/crypto/RoomList.ts +0 -70
- package/src/crypto/SecretSharing.ts +0 -240
- package/src/crypto/SecretStorage.ts +0 -136
- package/src/crypto/aes.ts +0 -23
- package/src/crypto/algorithms/base.ts +0 -236
- package/src/crypto/algorithms/index.ts +0 -20
- package/src/crypto/algorithms/megolm.ts +0 -2216
- package/src/crypto/algorithms/olm.ts +0 -381
- package/src/crypto/api.ts +0 -70
- package/src/crypto/backup.ts +0 -922
- package/src/crypto/crypto.ts +0 -18
- package/src/crypto/dehydration.ts +0 -272
- package/src/crypto/device-converter.ts +0 -45
- package/src/crypto/deviceinfo.ts +0 -158
- package/src/crypto/index.ts +0 -4414
- package/src/crypto/key_passphrase.ts +0 -42
- package/src/crypto/keybackup.ts +0 -47
- package/src/crypto/olmlib.ts +0 -539
- package/src/crypto/recoverykey.ts +0 -18
- package/src/crypto/store/base.ts +0 -348
- package/src/crypto/store/indexeddb-crypto-store-backend.ts +0 -1250
- package/src/crypto/store/indexeddb-crypto-store.ts +0 -845
- package/src/crypto/store/localStorage-crypto-store.ts +0 -579
- package/src/crypto/store/memory-crypto-store.ts +0 -680
- package/src/crypto/verification/Base.ts +0 -409
- package/src/crypto/verification/Error.ts +0 -76
- package/src/crypto/verification/IllegalMethod.ts +0 -50
- package/src/crypto/verification/QRCode.ts +0 -310
- package/src/crypto/verification/SAS.ts +0 -494
- package/src/crypto/verification/SASDecimal.ts +0 -37
- package/src/crypto/verification/request/Channel.ts +0 -34
- package/src/crypto/verification/request/InRoomChannel.ts +0 -371
- package/src/crypto/verification/request/ToDeviceChannel.ts +0 -354
- package/src/crypto/verification/request/VerificationRequest.ts +0 -976
- package/src/crypto-api/CryptoEvent.ts +0 -93
- package/src/crypto-api/CryptoEventHandlerMap.ts +0 -32
- package/src/crypto-api/index.ts +0 -1175
- package/src/crypto-api/key-passphrase.ts +0 -58
- package/src/crypto-api/keybackup.ts +0 -115
- package/src/crypto-api/recovery-key.ts +0 -69
- package/src/crypto-api/verification.ts +0 -408
- package/src/rendezvous/MSC4108SignInWithQR.ts +0 -444
- package/src/rendezvous/RendezvousChannel.ts +0 -48
- package/src/rendezvous/RendezvousCode.ts +0 -25
- package/src/rendezvous/RendezvousError.ts +0 -26
- package/src/rendezvous/RendezvousFailureReason.ts +0 -49
- package/src/rendezvous/RendezvousIntent.ts +0 -20
- package/src/rendezvous/RendezvousTransport.ts +0 -58
- package/src/rendezvous/channels/MSC4108SecureChannel.ts +0 -270
- package/src/rendezvous/channels/index.ts +0 -17
- package/src/rendezvous/index.ts +0 -25
- package/src/rendezvous/transports/MSC4108RendezvousSession.ts +0 -270
- package/src/rendezvous/transports/index.ts +0 -17
- package/src/rust-crypto/CrossSigningIdentity.ts +0 -183
- package/src/rust-crypto/DehydratedDeviceManager.ts +0 -306
- package/src/rust-crypto/KeyClaimManager.ts +0 -86
- package/src/rust-crypto/OutgoingRequestProcessor.ts +0 -236
- package/src/rust-crypto/OutgoingRequestsManager.ts +0 -143
- package/src/rust-crypto/PerSessionKeyBackupDownloader.ts +0 -501
- package/src/rust-crypto/RoomEncryptor.ts +0 -352
- package/src/rust-crypto/backup.ts +0 -881
- package/src/rust-crypto/constants.ts +0 -18
- package/src/rust-crypto/device-converter.ts +0 -128
- package/src/rust-crypto/index.ts +0 -237
- package/src/rust-crypto/libolm_migration.ts +0 -530
- package/src/rust-crypto/rust-crypto.ts +0 -2205
- package/src/rust-crypto/secret-storage.ts +0 -60
- package/src/rust-crypto/verification.ts +0 -830
- package/src/secret-storage.ts +0 -693
- package/src/utils/decryptAESSecretStorageItem.ts +0 -54
- package/src/utils/encryptAESSecretStorageItem.ts +0 -73
- package/src/utils/internal/deriveKeys.ts +0 -63
@@ -1,773 +0,0 @@
|
|
1
|
-
/*
|
2
|
-
Copyright 2019 - 2021 The Matrix.org Foundation C.I.C.
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
*/
|
16
|
-
|
17
|
-
/**
|
18
|
-
* Cross signing methods
|
19
|
-
*/
|
20
|
-
|
21
|
-
import type { PkSigning } from "@matrix-org/olm";
|
22
|
-
import { IObject, pkSign, pkVerify } from "./olmlib.ts";
|
23
|
-
import { logger } from "../logger.ts";
|
24
|
-
import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
|
25
|
-
import { DeviceInfo } from "./deviceinfo.ts";
|
26
|
-
import { ISignedKey, MatrixClient } from "../client.ts";
|
27
|
-
import { OlmDevice } from "./OlmDevice.ts";
|
28
|
-
import { ICryptoCallbacks } from "./index.ts";
|
29
|
-
import { ISignatures } from "../@types/signed.ts";
|
30
|
-
import { CryptoStore, SecretStorePrivateKeys } from "./store/base.ts";
|
31
|
-
import { ServerSideSecretStorage, SecretStorageKeyDescription } from "../secret-storage.ts";
|
32
|
-
import {
|
33
|
-
CrossSigningKeyInfo,
|
34
|
-
DeviceVerificationStatus,
|
35
|
-
UserVerificationStatus as UserTrustLevel,
|
36
|
-
} from "../crypto-api/index.ts";
|
37
|
-
import { decodeBase64, encodeBase64 } from "../base64.ts";
|
38
|
-
import encryptAESSecretStorageItem from "../utils/encryptAESSecretStorageItem.ts";
|
39
|
-
import decryptAESSecretStorageItem from "../utils/decryptAESSecretStorageItem.ts";
|
40
|
-
|
41
|
-
// backwards-compatibility re-exports
|
42
|
-
export { UserTrustLevel };
|
43
|
-
|
44
|
-
const KEY_REQUEST_TIMEOUT_MS = 1000 * 60;
|
45
|
-
|
46
|
-
function publicKeyFromKeyInfo(keyInfo: CrossSigningKeyInfo): string {
|
47
|
-
// `keys` is an object with { [`ed25519:${pubKey}`]: pubKey }
|
48
|
-
// We assume only a single key, and we want the bare form without type
|
49
|
-
// prefix, so we select the values.
|
50
|
-
return Object.values(keyInfo.keys)[0];
|
51
|
-
}
|
52
|
-
|
53
|
-
export interface ICacheCallbacks {
|
54
|
-
getCrossSigningKeyCache?(type: string, expectedPublicKey?: string): Promise<Uint8Array | null>;
|
55
|
-
storeCrossSigningKeyCache?(type: string, key?: Uint8Array): Promise<void>;
|
56
|
-
}
|
57
|
-
|
58
|
-
export interface ICrossSigningInfo {
|
59
|
-
keys: Record<string, CrossSigningKeyInfo>;
|
60
|
-
firstUse: boolean;
|
61
|
-
crossSigningVerifiedBefore: boolean;
|
62
|
-
}
|
63
|
-
|
64
|
-
export class CrossSigningInfo {
|
65
|
-
public keys: Record<string, CrossSigningKeyInfo> = {};
|
66
|
-
public firstUse = true;
|
67
|
-
// This tracks whether we've ever verified this user with any identity.
|
68
|
-
// When you verify a user, any devices online at the time that receive
|
69
|
-
// the verifying signature via the homeserver will latch this to true
|
70
|
-
// and can use it in the future to detect cases where the user has
|
71
|
-
// become unverified later for any reason.
|
72
|
-
private crossSigningVerifiedBefore = false;
|
73
|
-
|
74
|
-
/**
|
75
|
-
* Information about a user's cross-signing keys
|
76
|
-
*
|
77
|
-
* @param userId - the user that the information is about
|
78
|
-
* @param callbacks - Callbacks used to interact with the app
|
79
|
-
* Requires getCrossSigningKey and saveCrossSigningKeys
|
80
|
-
* @param cacheCallbacks - Callbacks used to interact with the cache
|
81
|
-
*/
|
82
|
-
public constructor(
|
83
|
-
public readonly userId: string,
|
84
|
-
private callbacks: ICryptoCallbacks = {},
|
85
|
-
private cacheCallbacks: ICacheCallbacks = {},
|
86
|
-
) {}
|
87
|
-
|
88
|
-
public static fromStorage(obj: ICrossSigningInfo, userId: string): CrossSigningInfo {
|
89
|
-
const res = new CrossSigningInfo(userId);
|
90
|
-
for (const prop in obj) {
|
91
|
-
if (obj.hasOwnProperty(prop)) {
|
92
|
-
// @ts-ignore - ts doesn't like this and nor should we
|
93
|
-
res[prop] = obj[prop];
|
94
|
-
}
|
95
|
-
}
|
96
|
-
return res;
|
97
|
-
}
|
98
|
-
|
99
|
-
public toStorage(): ICrossSigningInfo {
|
100
|
-
return {
|
101
|
-
keys: this.keys,
|
102
|
-
firstUse: this.firstUse,
|
103
|
-
crossSigningVerifiedBefore: this.crossSigningVerifiedBefore,
|
104
|
-
};
|
105
|
-
}
|
106
|
-
|
107
|
-
/**
|
108
|
-
* Calls the app callback to ask for a private key
|
109
|
-
*
|
110
|
-
* @param type - The key type ("master", "self_signing", or "user_signing")
|
111
|
-
* @param expectedPubkey - The matching public key or undefined to use
|
112
|
-
* the stored public key for the given key type.
|
113
|
-
* @returns An array with [ public key, Olm.PkSigning ]
|
114
|
-
*/
|
115
|
-
public async getCrossSigningKey(type: string, expectedPubkey?: string): Promise<[string, PkSigning]> {
|
116
|
-
const shouldCache = ["master", "self_signing", "user_signing"].indexOf(type) >= 0;
|
117
|
-
|
118
|
-
if (!this.callbacks.getCrossSigningKey) {
|
119
|
-
throw new Error("No getCrossSigningKey callback supplied");
|
120
|
-
}
|
121
|
-
|
122
|
-
if (expectedPubkey === undefined) {
|
123
|
-
expectedPubkey = this.getId(type)!;
|
124
|
-
}
|
125
|
-
|
126
|
-
function validateKey(key: Uint8Array | null): [string, PkSigning] | undefined {
|
127
|
-
if (!key) return;
|
128
|
-
const signing = new globalThis.Olm.PkSigning();
|
129
|
-
const gotPubkey = signing.init_with_seed(key);
|
130
|
-
if (gotPubkey === expectedPubkey) {
|
131
|
-
return [gotPubkey, signing];
|
132
|
-
}
|
133
|
-
signing.free();
|
134
|
-
}
|
135
|
-
|
136
|
-
let privkey: Uint8Array | null = null;
|
137
|
-
if (this.cacheCallbacks.getCrossSigningKeyCache && shouldCache) {
|
138
|
-
privkey = await this.cacheCallbacks.getCrossSigningKeyCache(type, expectedPubkey);
|
139
|
-
}
|
140
|
-
|
141
|
-
const cacheresult = validateKey(privkey);
|
142
|
-
if (cacheresult) {
|
143
|
-
return cacheresult;
|
144
|
-
}
|
145
|
-
|
146
|
-
privkey = await this.callbacks.getCrossSigningKey(type, expectedPubkey);
|
147
|
-
const result = validateKey(privkey);
|
148
|
-
if (result) {
|
149
|
-
if (this.cacheCallbacks.storeCrossSigningKeyCache && shouldCache) {
|
150
|
-
await this.cacheCallbacks.storeCrossSigningKeyCache(type, privkey!);
|
151
|
-
}
|
152
|
-
return result;
|
153
|
-
}
|
154
|
-
|
155
|
-
/* No keysource even returned a key */
|
156
|
-
if (!privkey) {
|
157
|
-
throw new Error("getCrossSigningKey callback for " + type + " returned falsey");
|
158
|
-
}
|
159
|
-
|
160
|
-
/* We got some keys from the keysource, but none of them were valid */
|
161
|
-
throw new Error("Key type " + type + " from getCrossSigningKey callback did not match");
|
162
|
-
}
|
163
|
-
|
164
|
-
/**
|
165
|
-
* Check whether the private keys exist in secret storage.
|
166
|
-
* XXX: This could be static, be we often seem to have an instance when we
|
167
|
-
* want to know this anyway...
|
168
|
-
*
|
169
|
-
* @param secretStorage - The secret store using account data
|
170
|
-
* @returns map of key name to key info the secret is encrypted
|
171
|
-
* with, or null if it is not present or not encrypted with a trusted
|
172
|
-
* key
|
173
|
-
*/
|
174
|
-
public async isStoredInSecretStorage(
|
175
|
-
secretStorage: ServerSideSecretStorage,
|
176
|
-
): Promise<Record<string, object> | null> {
|
177
|
-
// check what SSSS keys have encrypted the master key (if any)
|
178
|
-
const stored = (await secretStorage.isStored("m.cross_signing.master")) || {};
|
179
|
-
// then check which of those SSSS keys have also encrypted the SSK and USK
|
180
|
-
function intersect(s: Record<string, SecretStorageKeyDescription>): void {
|
181
|
-
for (const k of Object.keys(stored)) {
|
182
|
-
if (!s[k]) {
|
183
|
-
delete stored[k];
|
184
|
-
}
|
185
|
-
}
|
186
|
-
}
|
187
|
-
for (const type of ["self_signing", "user_signing"]) {
|
188
|
-
intersect((await secretStorage.isStored(`m.cross_signing.${type}`)) || {});
|
189
|
-
}
|
190
|
-
return Object.keys(stored).length ? stored : null;
|
191
|
-
}
|
192
|
-
|
193
|
-
/**
|
194
|
-
* Store private keys in secret storage for use by other devices. This is
|
195
|
-
* typically called in conjunction with the creation of new cross-signing
|
196
|
-
* keys.
|
197
|
-
*
|
198
|
-
* @param keys - The keys to store
|
199
|
-
* @param secretStorage - The secret store using account data
|
200
|
-
*/
|
201
|
-
public static async storeInSecretStorage(
|
202
|
-
keys: Map<string, Uint8Array>,
|
203
|
-
secretStorage: ServerSideSecretStorage,
|
204
|
-
): Promise<void> {
|
205
|
-
for (const [type, privateKey] of keys) {
|
206
|
-
const encodedKey = encodeBase64(privateKey);
|
207
|
-
await secretStorage.store(`m.cross_signing.${type}`, encodedKey);
|
208
|
-
}
|
209
|
-
}
|
210
|
-
|
211
|
-
/**
|
212
|
-
* Get private keys from secret storage created by some other device. This
|
213
|
-
* also passes the private keys to the app-specific callback.
|
214
|
-
*
|
215
|
-
* @param type - The type of key to get. One of "master",
|
216
|
-
* "self_signing", or "user_signing".
|
217
|
-
* @param secretStorage - The secret store using account data
|
218
|
-
* @returns The private key
|
219
|
-
*/
|
220
|
-
public static async getFromSecretStorage(
|
221
|
-
type: string,
|
222
|
-
secretStorage: ServerSideSecretStorage,
|
223
|
-
): Promise<Uint8Array | null> {
|
224
|
-
const encodedKey = await secretStorage.get(`m.cross_signing.${type}`);
|
225
|
-
if (!encodedKey) {
|
226
|
-
return null;
|
227
|
-
}
|
228
|
-
return decodeBase64(encodedKey);
|
229
|
-
}
|
230
|
-
|
231
|
-
/**
|
232
|
-
* Check whether the private keys exist in the local key cache.
|
233
|
-
*
|
234
|
-
* @param type - The type of key to get. One of "master",
|
235
|
-
* "self_signing", or "user_signing". Optional, will check all by default.
|
236
|
-
* @returns True if all keys are stored in the local cache.
|
237
|
-
*/
|
238
|
-
public async isStoredInKeyCache(type?: string): Promise<boolean> {
|
239
|
-
const cacheCallbacks = this.cacheCallbacks;
|
240
|
-
if (!cacheCallbacks) return false;
|
241
|
-
const types = type ? [type] : ["master", "self_signing", "user_signing"];
|
242
|
-
for (const t of types) {
|
243
|
-
if (!(await cacheCallbacks.getCrossSigningKeyCache?.(t))) {
|
244
|
-
return false;
|
245
|
-
}
|
246
|
-
}
|
247
|
-
return true;
|
248
|
-
}
|
249
|
-
|
250
|
-
/**
|
251
|
-
* Get cross-signing private keys from the local cache.
|
252
|
-
*
|
253
|
-
* @returns A map from key type (string) to private key (Uint8Array)
|
254
|
-
*/
|
255
|
-
public async getCrossSigningKeysFromCache(): Promise<Map<string, Uint8Array>> {
|
256
|
-
const keys = new Map<string, Uint8Array>();
|
257
|
-
const cacheCallbacks = this.cacheCallbacks;
|
258
|
-
if (!cacheCallbacks) return keys;
|
259
|
-
for (const type of ["master", "self_signing", "user_signing"]) {
|
260
|
-
const privKey = await cacheCallbacks.getCrossSigningKeyCache?.(type);
|
261
|
-
if (!privKey) {
|
262
|
-
continue;
|
263
|
-
}
|
264
|
-
keys.set(type, privKey);
|
265
|
-
}
|
266
|
-
return keys;
|
267
|
-
}
|
268
|
-
|
269
|
-
/**
|
270
|
-
* Get the ID used to identify the user. This can also be used to test for
|
271
|
-
* the existence of a given key type.
|
272
|
-
*
|
273
|
-
* @param type - The type of key to get the ID of. One of "master",
|
274
|
-
* "self_signing", or "user_signing". Defaults to "master".
|
275
|
-
*
|
276
|
-
* @returns the ID
|
277
|
-
*/
|
278
|
-
public getId(type = "master"): string | null {
|
279
|
-
if (!this.keys[type]) return null;
|
280
|
-
const keyInfo = this.keys[type];
|
281
|
-
return publicKeyFromKeyInfo(keyInfo);
|
282
|
-
}
|
283
|
-
|
284
|
-
/**
|
285
|
-
* Create new cross-signing keys for the given key types. The public keys
|
286
|
-
* will be held in this class, while the private keys are passed off to the
|
287
|
-
* `saveCrossSigningKeys` application callback.
|
288
|
-
*
|
289
|
-
* @param level - The key types to reset
|
290
|
-
*/
|
291
|
-
public async resetKeys(level?: CrossSigningLevel): Promise<void> {
|
292
|
-
if (!this.callbacks.saveCrossSigningKeys) {
|
293
|
-
throw new Error("No saveCrossSigningKeys callback supplied");
|
294
|
-
}
|
295
|
-
|
296
|
-
// If we're resetting the master key, we reset all keys
|
297
|
-
if (level === undefined || level & CrossSigningLevel.MASTER || !this.keys.master) {
|
298
|
-
level = CrossSigningLevel.MASTER | CrossSigningLevel.USER_SIGNING | CrossSigningLevel.SELF_SIGNING;
|
299
|
-
} else if (level === (0 as CrossSigningLevel)) {
|
300
|
-
return;
|
301
|
-
}
|
302
|
-
|
303
|
-
const privateKeys: Record<string, Uint8Array> = {};
|
304
|
-
const keys: Record<string, CrossSigningKeyInfo> = {};
|
305
|
-
let masterSigning: PkSigning | undefined;
|
306
|
-
let masterPub: string | undefined;
|
307
|
-
|
308
|
-
try {
|
309
|
-
if (level & CrossSigningLevel.MASTER) {
|
310
|
-
masterSigning = new globalThis.Olm.PkSigning();
|
311
|
-
privateKeys.master = masterSigning.generate_seed();
|
312
|
-
masterPub = masterSigning.init_with_seed(privateKeys.master);
|
313
|
-
keys.master = {
|
314
|
-
user_id: this.userId,
|
315
|
-
usage: ["master"],
|
316
|
-
keys: {
|
317
|
-
["ed25519:" + masterPub]: masterPub,
|
318
|
-
},
|
319
|
-
};
|
320
|
-
} else {
|
321
|
-
[masterPub, masterSigning] = await this.getCrossSigningKey("master");
|
322
|
-
}
|
323
|
-
|
324
|
-
if (level & CrossSigningLevel.SELF_SIGNING) {
|
325
|
-
const sskSigning = new globalThis.Olm.PkSigning();
|
326
|
-
try {
|
327
|
-
privateKeys.self_signing = sskSigning.generate_seed();
|
328
|
-
const sskPub = sskSigning.init_with_seed(privateKeys.self_signing);
|
329
|
-
keys.self_signing = {
|
330
|
-
user_id: this.userId,
|
331
|
-
usage: ["self_signing"],
|
332
|
-
keys: {
|
333
|
-
["ed25519:" + sskPub]: sskPub,
|
334
|
-
},
|
335
|
-
};
|
336
|
-
pkSign(keys.self_signing, masterSigning, this.userId, masterPub);
|
337
|
-
} finally {
|
338
|
-
sskSigning.free();
|
339
|
-
}
|
340
|
-
}
|
341
|
-
|
342
|
-
if (level & CrossSigningLevel.USER_SIGNING) {
|
343
|
-
const uskSigning = new globalThis.Olm.PkSigning();
|
344
|
-
try {
|
345
|
-
privateKeys.user_signing = uskSigning.generate_seed();
|
346
|
-
const uskPub = uskSigning.init_with_seed(privateKeys.user_signing);
|
347
|
-
keys.user_signing = {
|
348
|
-
user_id: this.userId,
|
349
|
-
usage: ["user_signing"],
|
350
|
-
keys: {
|
351
|
-
["ed25519:" + uskPub]: uskPub,
|
352
|
-
},
|
353
|
-
};
|
354
|
-
pkSign(keys.user_signing, masterSigning, this.userId, masterPub);
|
355
|
-
} finally {
|
356
|
-
uskSigning.free();
|
357
|
-
}
|
358
|
-
}
|
359
|
-
|
360
|
-
Object.assign(this.keys, keys);
|
361
|
-
this.callbacks.saveCrossSigningKeys(privateKeys);
|
362
|
-
} finally {
|
363
|
-
if (masterSigning) {
|
364
|
-
masterSigning.free();
|
365
|
-
}
|
366
|
-
}
|
367
|
-
}
|
368
|
-
|
369
|
-
/**
|
370
|
-
* unsets the keys, used when another session has reset the keys, to disable cross-signing
|
371
|
-
*/
|
372
|
-
public clearKeys(): void {
|
373
|
-
this.keys = {};
|
374
|
-
}
|
375
|
-
|
376
|
-
public setKeys(keys: Record<string, CrossSigningKeyInfo>): void {
|
377
|
-
const signingKeys: Record<string, CrossSigningKeyInfo> = {};
|
378
|
-
if (keys.master) {
|
379
|
-
if (keys.master.user_id !== this.userId) {
|
380
|
-
const error = "Mismatched user ID " + keys.master.user_id + " in master key from " + this.userId;
|
381
|
-
logger.error(error);
|
382
|
-
throw new Error(error);
|
383
|
-
}
|
384
|
-
if (!this.keys.master) {
|
385
|
-
// this is the first key we've seen, so first-use is true
|
386
|
-
this.firstUse = true;
|
387
|
-
} else if (publicKeyFromKeyInfo(keys.master) !== this.getId()) {
|
388
|
-
// this is a different key, so first-use is false
|
389
|
-
this.firstUse = false;
|
390
|
-
} // otherwise, same key, so no change
|
391
|
-
signingKeys.master = keys.master;
|
392
|
-
} else if (this.keys.master) {
|
393
|
-
signingKeys.master = this.keys.master;
|
394
|
-
} else {
|
395
|
-
throw new Error("Tried to set cross-signing keys without a master key");
|
396
|
-
}
|
397
|
-
const masterKey = publicKeyFromKeyInfo(signingKeys.master);
|
398
|
-
|
399
|
-
// verify signatures
|
400
|
-
if (keys.user_signing) {
|
401
|
-
if (keys.user_signing.user_id !== this.userId) {
|
402
|
-
const error = "Mismatched user ID " + keys.master.user_id + " in user_signing key from " + this.userId;
|
403
|
-
logger.error(error);
|
404
|
-
throw new Error(error);
|
405
|
-
}
|
406
|
-
try {
|
407
|
-
pkVerify(keys.user_signing, masterKey, this.userId);
|
408
|
-
} catch (e) {
|
409
|
-
logger.error("invalid signature on user-signing key");
|
410
|
-
// FIXME: what do we want to do here?
|
411
|
-
throw e;
|
412
|
-
}
|
413
|
-
}
|
414
|
-
if (keys.self_signing) {
|
415
|
-
if (keys.self_signing.user_id !== this.userId) {
|
416
|
-
const error = "Mismatched user ID " + keys.master.user_id + " in self_signing key from " + this.userId;
|
417
|
-
logger.error(error);
|
418
|
-
throw new Error(error);
|
419
|
-
}
|
420
|
-
try {
|
421
|
-
pkVerify(keys.self_signing, masterKey, this.userId);
|
422
|
-
} catch (e) {
|
423
|
-
logger.error("invalid signature on self-signing key");
|
424
|
-
// FIXME: what do we want to do here?
|
425
|
-
throw e;
|
426
|
-
}
|
427
|
-
}
|
428
|
-
|
429
|
-
// if everything checks out, then save the keys
|
430
|
-
if (keys.master) {
|
431
|
-
this.keys.master = keys.master;
|
432
|
-
// if the master key is set, then the old self-signing and user-signing keys are obsolete
|
433
|
-
delete this.keys["self_signing"];
|
434
|
-
delete this.keys["user_signing"];
|
435
|
-
}
|
436
|
-
if (keys.self_signing) {
|
437
|
-
this.keys.self_signing = keys.self_signing;
|
438
|
-
}
|
439
|
-
if (keys.user_signing) {
|
440
|
-
this.keys.user_signing = keys.user_signing;
|
441
|
-
}
|
442
|
-
}
|
443
|
-
|
444
|
-
public updateCrossSigningVerifiedBefore(isCrossSigningVerified: boolean): void {
|
445
|
-
// It is critical that this value latches forward from false to true but
|
446
|
-
// never back to false to avoid a downgrade attack.
|
447
|
-
if (!this.crossSigningVerifiedBefore && isCrossSigningVerified) {
|
448
|
-
this.crossSigningVerifiedBefore = true;
|
449
|
-
}
|
450
|
-
}
|
451
|
-
|
452
|
-
public async signObject<T extends object>(data: T, type: string): Promise<T & { signatures: ISignatures }> {
|
453
|
-
if (!this.keys[type]) {
|
454
|
-
throw new Error("Attempted to sign with " + type + " key but no such key present");
|
455
|
-
}
|
456
|
-
const [pubkey, signing] = await this.getCrossSigningKey(type);
|
457
|
-
try {
|
458
|
-
pkSign(data, signing, this.userId, pubkey);
|
459
|
-
return data as T & { signatures: ISignatures };
|
460
|
-
} finally {
|
461
|
-
signing.free();
|
462
|
-
}
|
463
|
-
}
|
464
|
-
|
465
|
-
public async signUser(key: CrossSigningInfo): Promise<CrossSigningKeyInfo | undefined> {
|
466
|
-
if (!this.keys.user_signing) {
|
467
|
-
logger.info("No user signing key: not signing user");
|
468
|
-
return;
|
469
|
-
}
|
470
|
-
return this.signObject(key.keys.master, "user_signing");
|
471
|
-
}
|
472
|
-
|
473
|
-
public async signDevice(userId: string, device: DeviceInfo): Promise<ISignedKey | undefined> {
|
474
|
-
if (userId !== this.userId) {
|
475
|
-
throw new Error(`Trying to sign ${userId}'s device; can only sign our own device`);
|
476
|
-
}
|
477
|
-
if (!this.keys.self_signing) {
|
478
|
-
logger.info("No self signing key: not signing device");
|
479
|
-
return;
|
480
|
-
}
|
481
|
-
return this.signObject<Omit<ISignedKey, "signatures">>(
|
482
|
-
{
|
483
|
-
algorithms: device.algorithms,
|
484
|
-
keys: device.keys,
|
485
|
-
device_id: device.deviceId,
|
486
|
-
user_id: userId,
|
487
|
-
},
|
488
|
-
"self_signing",
|
489
|
-
);
|
490
|
-
}
|
491
|
-
|
492
|
-
/**
|
493
|
-
* Check whether a given user is trusted.
|
494
|
-
*
|
495
|
-
* @param userCrossSigning - Cross signing info for user
|
496
|
-
*
|
497
|
-
* @returns
|
498
|
-
*/
|
499
|
-
public checkUserTrust(userCrossSigning: CrossSigningInfo): UserTrustLevel {
|
500
|
-
// if we're checking our own key, then it's trusted if the master key
|
501
|
-
// and self-signing key match
|
502
|
-
if (
|
503
|
-
this.userId === userCrossSigning.userId &&
|
504
|
-
this.getId() &&
|
505
|
-
this.getId() === userCrossSigning.getId() &&
|
506
|
-
this.getId("self_signing") &&
|
507
|
-
this.getId("self_signing") === userCrossSigning.getId("self_signing")
|
508
|
-
) {
|
509
|
-
return new UserTrustLevel(true, true, this.firstUse);
|
510
|
-
}
|
511
|
-
|
512
|
-
if (!this.keys.user_signing) {
|
513
|
-
// If there's no user signing key, they can't possibly be verified.
|
514
|
-
// They may be TOFU trusted though.
|
515
|
-
return new UserTrustLevel(false, false, userCrossSigning.firstUse);
|
516
|
-
}
|
517
|
-
|
518
|
-
let userTrusted: boolean;
|
519
|
-
const userMaster = userCrossSigning.keys.master;
|
520
|
-
const uskId = this.getId("user_signing")!;
|
521
|
-
try {
|
522
|
-
pkVerify(userMaster, uskId, this.userId);
|
523
|
-
userTrusted = true;
|
524
|
-
} catch {
|
525
|
-
userTrusted = false;
|
526
|
-
}
|
527
|
-
return new UserTrustLevel(userTrusted, userCrossSigning.crossSigningVerifiedBefore, userCrossSigning.firstUse);
|
528
|
-
}
|
529
|
-
|
530
|
-
/**
|
531
|
-
* Check whether a given device is trusted.
|
532
|
-
*
|
533
|
-
* @param userCrossSigning - Cross signing info for user
|
534
|
-
* @param device - The device to check
|
535
|
-
* @param localTrust - Whether the device is trusted locally
|
536
|
-
* @param trustCrossSignedDevices - Whether we trust cross signed devices
|
537
|
-
*
|
538
|
-
* @returns
|
539
|
-
*/
|
540
|
-
public checkDeviceTrust(
|
541
|
-
userCrossSigning: CrossSigningInfo,
|
542
|
-
device: DeviceInfo,
|
543
|
-
localTrust: boolean,
|
544
|
-
trustCrossSignedDevices: boolean,
|
545
|
-
): DeviceTrustLevel {
|
546
|
-
const userTrust = this.checkUserTrust(userCrossSigning);
|
547
|
-
|
548
|
-
const userSSK = userCrossSigning.keys.self_signing;
|
549
|
-
if (!userSSK) {
|
550
|
-
// if the user has no self-signing key then we cannot make any
|
551
|
-
// trust assertions about this device from cross-signing
|
552
|
-
return new DeviceTrustLevel(false, false, localTrust, trustCrossSignedDevices);
|
553
|
-
}
|
554
|
-
|
555
|
-
const deviceObj = deviceToObject(device, userCrossSigning.userId);
|
556
|
-
try {
|
557
|
-
// if we can verify the user's SSK from their master key...
|
558
|
-
pkVerify(userSSK, userCrossSigning.getId()!, userCrossSigning.userId);
|
559
|
-
// ...and this device's key from their SSK...
|
560
|
-
pkVerify(deviceObj, publicKeyFromKeyInfo(userSSK), userCrossSigning.userId);
|
561
|
-
// ...then we trust this device as much as far as we trust the user
|
562
|
-
return DeviceTrustLevel.fromUserTrustLevel(userTrust, localTrust, trustCrossSignedDevices);
|
563
|
-
} catch {
|
564
|
-
return new DeviceTrustLevel(false, false, localTrust, trustCrossSignedDevices);
|
565
|
-
}
|
566
|
-
}
|
567
|
-
|
568
|
-
/**
|
569
|
-
* @returns Cache callbacks
|
570
|
-
*/
|
571
|
-
public getCacheCallbacks(): ICacheCallbacks {
|
572
|
-
return this.cacheCallbacks;
|
573
|
-
}
|
574
|
-
}
|
575
|
-
|
576
|
-
interface DeviceObject extends IObject {
|
577
|
-
algorithms: string[];
|
578
|
-
keys: Record<string, string>;
|
579
|
-
device_id: string;
|
580
|
-
user_id: string;
|
581
|
-
}
|
582
|
-
|
583
|
-
function deviceToObject(device: DeviceInfo, userId: string): DeviceObject {
|
584
|
-
return {
|
585
|
-
algorithms: device.algorithms,
|
586
|
-
keys: device.keys,
|
587
|
-
device_id: device.deviceId,
|
588
|
-
user_id: userId,
|
589
|
-
signatures: device.signatures,
|
590
|
-
};
|
591
|
-
}
|
592
|
-
|
593
|
-
export enum CrossSigningLevel {
|
594
|
-
MASTER = 4,
|
595
|
-
USER_SIGNING = 2,
|
596
|
-
SELF_SIGNING = 1,
|
597
|
-
}
|
598
|
-
|
599
|
-
/**
|
600
|
-
* Represents the ways in which we trust a device.
|
601
|
-
*
|
602
|
-
* @deprecated Use {@link DeviceVerificationStatus}.
|
603
|
-
*/
|
604
|
-
export class DeviceTrustLevel extends DeviceVerificationStatus {
|
605
|
-
public constructor(
|
606
|
-
crossSigningVerified: boolean,
|
607
|
-
tofu: boolean,
|
608
|
-
localVerified: boolean,
|
609
|
-
trustCrossSignedDevices: boolean,
|
610
|
-
signedByOwner = false,
|
611
|
-
) {
|
612
|
-
super({ crossSigningVerified, tofu, localVerified, trustCrossSignedDevices, signedByOwner });
|
613
|
-
}
|
614
|
-
|
615
|
-
public static fromUserTrustLevel(
|
616
|
-
userTrustLevel: UserTrustLevel,
|
617
|
-
localVerified: boolean,
|
618
|
-
trustCrossSignedDevices: boolean,
|
619
|
-
): DeviceTrustLevel {
|
620
|
-
return new DeviceTrustLevel(
|
621
|
-
userTrustLevel.isCrossSigningVerified(),
|
622
|
-
userTrustLevel.isTofu(),
|
623
|
-
localVerified,
|
624
|
-
trustCrossSignedDevices,
|
625
|
-
true,
|
626
|
-
);
|
627
|
-
}
|
628
|
-
|
629
|
-
/**
|
630
|
-
* @returns true if this device is verified via cross signing
|
631
|
-
*/
|
632
|
-
public isCrossSigningVerified(): boolean {
|
633
|
-
return this.crossSigningVerified;
|
634
|
-
}
|
635
|
-
|
636
|
-
/**
|
637
|
-
* @returns true if this device is verified locally
|
638
|
-
*/
|
639
|
-
public isLocallyVerified(): boolean {
|
640
|
-
return this.localVerified;
|
641
|
-
}
|
642
|
-
|
643
|
-
/**
|
644
|
-
* @returns true if this device is trusted from a user's key
|
645
|
-
* that is trusted on first use
|
646
|
-
*/
|
647
|
-
public isTofu(): boolean {
|
648
|
-
return this.tofu;
|
649
|
-
}
|
650
|
-
}
|
651
|
-
|
652
|
-
export function createCryptoStoreCacheCallbacks(store: CryptoStore, olmDevice: OlmDevice): ICacheCallbacks {
|
653
|
-
return {
|
654
|
-
getCrossSigningKeyCache: async function (
|
655
|
-
type: keyof SecretStorePrivateKeys,
|
656
|
-
_expectedPublicKey: string,
|
657
|
-
): Promise<Uint8Array> {
|
658
|
-
const key = await new Promise<any>((resolve) => {
|
659
|
-
store.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
|
660
|
-
store.getSecretStorePrivateKey(txn, resolve, type);
|
661
|
-
});
|
662
|
-
});
|
663
|
-
|
664
|
-
if (key && key.ciphertext) {
|
665
|
-
const pickleKey = Buffer.from(olmDevice.pickleKey);
|
666
|
-
const decrypted = await decryptAESSecretStorageItem(key, pickleKey, type);
|
667
|
-
return decodeBase64(decrypted);
|
668
|
-
} else {
|
669
|
-
return key;
|
670
|
-
}
|
671
|
-
},
|
672
|
-
storeCrossSigningKeyCache: async function (
|
673
|
-
type: keyof SecretStorePrivateKeys,
|
674
|
-
key?: Uint8Array,
|
675
|
-
): Promise<void> {
|
676
|
-
if (!(key instanceof Uint8Array)) {
|
677
|
-
throw new Error(`storeCrossSigningKeyCache expects Uint8Array, got ${key}`);
|
678
|
-
}
|
679
|
-
const pickleKey = Buffer.from(olmDevice.pickleKey);
|
680
|
-
const encryptedKey = await encryptAESSecretStorageItem(encodeBase64(key), pickleKey, type);
|
681
|
-
return store.doTxn("readwrite", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
|
682
|
-
store.storeSecretStorePrivateKey(txn, type, encryptedKey);
|
683
|
-
});
|
684
|
-
},
|
685
|
-
};
|
686
|
-
}
|
687
|
-
|
688
|
-
export type KeysDuringVerification = [[string, PkSigning], [string, PkSigning], [string, PkSigning], void];
|
689
|
-
|
690
|
-
/**
|
691
|
-
* Request cross-signing keys from another device during verification.
|
692
|
-
*
|
693
|
-
* @param baseApis - base Matrix API interface
|
694
|
-
* @param userId - The user ID being verified
|
695
|
-
* @param deviceId - The device ID being verified
|
696
|
-
*/
|
697
|
-
export async function requestKeysDuringVerification(
|
698
|
-
baseApis: MatrixClient,
|
699
|
-
userId: string,
|
700
|
-
deviceId: string,
|
701
|
-
): Promise<KeysDuringVerification | void> {
|
702
|
-
// If this is a self-verification, ask the other party for keys
|
703
|
-
if (baseApis.getUserId() !== userId) {
|
704
|
-
return;
|
705
|
-
}
|
706
|
-
logger.log("Cross-signing: Self-verification done; requesting keys");
|
707
|
-
// This happens asynchronously, and we're not concerned about waiting for
|
708
|
-
// it. We return here in order to test.
|
709
|
-
return new Promise<KeysDuringVerification | void>((resolve, reject) => {
|
710
|
-
const client = baseApis;
|
711
|
-
const original = client.crypto!.crossSigningInfo;
|
712
|
-
|
713
|
-
// We already have all of the infrastructure we need to validate and
|
714
|
-
// cache cross-signing keys, so instead of replicating that, here we set
|
715
|
-
// up callbacks that request them from the other device and call
|
716
|
-
// CrossSigningInfo.getCrossSigningKey() to validate/cache
|
717
|
-
const crossSigning = new CrossSigningInfo(
|
718
|
-
original.userId,
|
719
|
-
{
|
720
|
-
getCrossSigningKey: async (type): Promise<Uint8Array> => {
|
721
|
-
logger.debug("Cross-signing: requesting secret", type, deviceId);
|
722
|
-
const { promise } = client.requestSecret(`m.cross_signing.${type}`, [deviceId]);
|
723
|
-
const result = await promise;
|
724
|
-
const decoded = decodeBase64(result);
|
725
|
-
return Uint8Array.from(decoded);
|
726
|
-
},
|
727
|
-
},
|
728
|
-
original.getCacheCallbacks(),
|
729
|
-
);
|
730
|
-
crossSigning.keys = original.keys;
|
731
|
-
|
732
|
-
// XXX: get all keys out if we get one key out
|
733
|
-
// https://github.com/vector-im/element-web/issues/12604
|
734
|
-
// then change here to reject on the timeout
|
735
|
-
// Requests can be ignored, so don't wait around forever
|
736
|
-
const timeout = new Promise<void>((resolve) => {
|
737
|
-
setTimeout(resolve, KEY_REQUEST_TIMEOUT_MS, new Error("Timeout"));
|
738
|
-
});
|
739
|
-
|
740
|
-
// also request and cache the key backup key
|
741
|
-
const backupKeyPromise = (async (): Promise<void> => {
|
742
|
-
const cachedKey = await client.crypto!.getSessionBackupPrivateKey();
|
743
|
-
if (!cachedKey) {
|
744
|
-
logger.info("No cached backup key found. Requesting...");
|
745
|
-
const secretReq = client.requestSecret("m.megolm_backup.v1", [deviceId]);
|
746
|
-
const base64Key = await secretReq.promise;
|
747
|
-
logger.info("Got key backup key, decoding...");
|
748
|
-
const decodedKey = decodeBase64(base64Key);
|
749
|
-
logger.info("Decoded backup key, storing...");
|
750
|
-
await client.crypto!.storeSessionBackupPrivateKey(Uint8Array.from(decodedKey));
|
751
|
-
logger.info("Backup key stored. Starting backup restore...");
|
752
|
-
const backupInfo = await client.getKeyBackupVersion();
|
753
|
-
// no need to await for this - just let it go in the bg
|
754
|
-
client.restoreKeyBackupWithCache(undefined, undefined, backupInfo!).then(() => {
|
755
|
-
logger.info("Backup restored.");
|
756
|
-
});
|
757
|
-
}
|
758
|
-
})();
|
759
|
-
|
760
|
-
// We call getCrossSigningKey() for its side-effects
|
761
|
-
Promise.race<KeysDuringVerification | void>([
|
762
|
-
Promise.all([
|
763
|
-
crossSigning.getCrossSigningKey("master"),
|
764
|
-
crossSigning.getCrossSigningKey("self_signing"),
|
765
|
-
crossSigning.getCrossSigningKey("user_signing"),
|
766
|
-
backupKeyPromise,
|
767
|
-
]) as Promise<KeysDuringVerification>,
|
768
|
-
timeout,
|
769
|
-
]).then(resolve, reject);
|
770
|
-
}).catch((e) => {
|
771
|
-
logger.warn("Cross-signing: failure while requesting keys:", e);
|
772
|
-
});
|
773
|
-
}
|