@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-4

package/src/crypto/crypto.ts

@@ -1,18 +0,0 @@
-/*
-Copyright 2022 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/** @deprecated this is a no-op and should no longer be called. */
-export function setCrypto(_crypto: Crypto): void {}

package/src/crypto/dehydration.ts

@@ -1,272 +0,0 @@
-/*
-Copyright 2020-2021 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-import anotherjson from "another-json";
-
-import type { IDeviceKeys, IOneTimeKey } from "../@types/crypto.ts";
-import { decodeBase64, encodeBase64 } from "../base64.ts";
-import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { logger } from "../logger.ts";
-import { Crypto } from "./index.ts";
-import { Method } from "../http-api/index.ts";
-import { SecretStorageKeyDescription } from "../secret-storage.ts";
-import decryptAESSecretStorageItem from "../utils/decryptAESSecretStorageItem.ts";
-import encryptAESSecretStorageItem from "../utils/encryptAESSecretStorageItem.ts";
-
-export interface IDehydratedDevice {
-    device_id: string; // eslint-disable-line camelcase
-    device_data: SecretStorageKeyDescription & {
-        // eslint-disable-line camelcase
-        algorithm: string;
-        account: string; // pickle
-    };
-}
-
-export interface IDehydratedDeviceKeyInfo {
-    passphrase?: string;
-}
-
-export const DEHYDRATION_ALGORITHM = "org.matrix.msc2697.v1.olm.libolm_pickle";
-
-const oneweek = 7 * 24 * 60 * 60 * 1000;
-
-export class DehydrationManager {
-    private inProgress = false;
-    private timeoutId: any;
-    private key?: Uint8Array;
-    private keyInfo?: { [props: string]: any };
-    private deviceDisplayName?: string;
-
-    public constructor(private readonly crypto: Crypto) {
-        this.getDehydrationKeyFromCache();
-    }
-
-    public getDehydrationKeyFromCache(): Promise<void> {
-        return this.crypto.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
-            this.crypto.cryptoStore.getSecretStorePrivateKey(
-                txn,
-                async (result) => {
-                    if (result) {
-                        const { key, keyInfo, deviceDisplayName, time } = result;
-                        const pickleKey = Buffer.from(this.crypto.olmDevice.pickleKey);
-                        const decrypted = await decryptAESSecretStorageItem(key, pickleKey, DEHYDRATION_ALGORITHM);
-                        this.key = decodeBase64(decrypted);
-                        this.keyInfo = keyInfo;
-                        this.deviceDisplayName = deviceDisplayName;
-                        const now = Date.now();
-                        const delay = Math.max(1, time + oneweek - now);
-                        this.timeoutId = globalThis.setTimeout(this.dehydrateDevice.bind(this), delay);
-                    }
-                },
-                "dehydration",
-            );
-        });
-    }
-
-    /** set the key, and queue periodic dehydration to the server in the background */
-    public async setKeyAndQueueDehydration(
-        key: Uint8Array,
-        keyInfo: { [props: string]: any } = {},
-        deviceDisplayName?: string,
-    ): Promise<void> {
-        const matches = await this.setKey(key, keyInfo, deviceDisplayName);
-        if (!matches) {
-            // start dehydration in the background
-            this.dehydrateDevice();
-        }
-    }
-
-    public async setKey(
-        key: Uint8Array,
-        keyInfo: { [props: string]: any } = {},
-        deviceDisplayName?: string,
-    ): Promise<boolean | undefined> {
-        if (!key) {
-            // unsetting the key -- cancel any pending dehydration task
-            if (this.timeoutId) {
-                globalThis.clearTimeout(this.timeoutId);
-                this.timeoutId = undefined;
-            }
-            // clear storage
-            await this.crypto.cryptoStore.doTxn("readwrite", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
-                this.crypto.cryptoStore.storeSecretStorePrivateKey(txn, "dehydration", null);
-            });
-            this.key = undefined;
-            this.keyInfo = undefined;
-            return;
-        }
-
-        // Check to see if it's the same key as before.  If it's different,
-        // dehydrate a new device.  If it's the same, we can keep the same
-        // device.  (Assume that keyInfo and deviceDisplayName will be the
-        // same if the key is the same.)
-        let matches: boolean = !!this.key && key.length == this.key.length;
-        for (let i = 0; matches && i < key.length; i++) {
-            if (key[i] != this.key![i]) {
-                matches = false;
-            }
-        }
-        if (!matches) {
-            this.key = key;
-            this.keyInfo = keyInfo;
-            this.deviceDisplayName = deviceDisplayName;
-        }
-        return matches;
-    }
-
-    /** returns the device id of the newly created dehydrated device */
-    public async dehydrateDevice(): Promise<string | undefined> {
-        if (this.inProgress) {
-            logger.log("Dehydration already in progress -- not starting new dehydration");
-            return;
-        }
-        this.inProgress = true;
-        if (this.timeoutId) {
-            globalThis.clearTimeout(this.timeoutId);
-            this.timeoutId = undefined;
-        }
-        try {
-            const pickleKey = Buffer.from(this.crypto.olmDevice.pickleKey);
-
-            // update the crypto store with the timestamp
-            const key = await encryptAESSecretStorageItem(encodeBase64(this.key!), pickleKey, DEHYDRATION_ALGORITHM);
-            await this.crypto.cryptoStore.doTxn("readwrite", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
-                this.crypto.cryptoStore.storeSecretStorePrivateKey(txn, "dehydration", {
-                    keyInfo: this.keyInfo,
-                    key,
-                    deviceDisplayName: this.deviceDisplayName!,
-                    time: Date.now(),
-                });
-            });
-            logger.log("Attempting to dehydrate device");
-
-            logger.log("Creating account");
-            // create the account and all the necessary keys
-            const account = new globalThis.Olm.Account();
-            account.create();
-            const e2eKeys = JSON.parse(account.identity_keys());
-
-            const maxKeys = account.max_number_of_one_time_keys();
-            // FIXME: generate in small batches?
-            account.generate_one_time_keys(maxKeys / 2);
-            account.generate_fallback_key();
-            const otks: Record<string, string> = JSON.parse(account.one_time_keys());
-            const fallbacks: Record<string, string> = JSON.parse(account.fallback_key());
-            account.mark_keys_as_published();
-
-            // dehydrate the account and store it on the server
-            const pickledAccount = account.pickle(new Uint8Array(this.key!));
-
-            const deviceData: { [props: string]: any } = {
-                algorithm: DEHYDRATION_ALGORITHM,
-                account: pickledAccount,
-            };
-            if (this.keyInfo!.passphrase) {
-                deviceData.passphrase = this.keyInfo!.passphrase;
-            }
-
-            logger.log("Uploading account to server");
-            // eslint-disable-next-line camelcase
-            const dehydrateResult = await this.crypto.baseApis.http.authedRequest<{ device_id: string }>(
-                Method.Put,
-                "/dehydrated_device",
-                undefined,
-                {
-                    device_data: deviceData,
-                    initial_device_display_name: this.deviceDisplayName,
-                },
-                {
-                    prefix: "/_matrix/client/unstable/org.matrix.msc2697.v2",
-                },
-            );
-
-            // send the keys to the server
-            const deviceId = dehydrateResult.device_id;
-            logger.log("Preparing device keys", deviceId);
-            const deviceKeys: IDeviceKeys = {
-                algorithms: this.crypto.supportedAlgorithms,
-                device_id: deviceId,
-                user_id: this.crypto.userId,
-                keys: {
-                    [`ed25519:${deviceId}`]: e2eKeys.ed25519,
-                    [`curve25519:${deviceId}`]: e2eKeys.curve25519,
-                },
-            };
-            const deviceSignature = account.sign(anotherjson.stringify(deviceKeys));
-            deviceKeys.signatures = {
-                [this.crypto.userId]: {
-                    [`ed25519:${deviceId}`]: deviceSignature,
-                },
-            };
-            if (this.crypto.crossSigningInfo.getId("self_signing")) {
-                await this.crypto.crossSigningInfo.signObject(deviceKeys, "self_signing");
-            }
-
-            logger.log("Preparing one-time keys");
-            const oneTimeKeys: Record<string, IOneTimeKey> = {};
-            for (const [keyId, key] of Object.entries(otks.curve25519)) {
-                const k: IOneTimeKey = { key };
-                const signature = account.sign(anotherjson.stringify(k));
-                k.signatures = {
-                    [this.crypto.userId]: {
-                        [`ed25519:${deviceId}`]: signature,
-                    },
-                };
-                oneTimeKeys[`signed_curve25519:${keyId}`] = k;
-            }
-
-            logger.log("Preparing fallback keys");
-            const fallbackKeys: Record<string, IOneTimeKey> = {};
-            for (const [keyId, key] of Object.entries(fallbacks.curve25519)) {
-                const k: IOneTimeKey = { key, fallback: true };
-                const signature = account.sign(anotherjson.stringify(k));
-                k.signatures = {
-                    [this.crypto.userId]: {
-                        [`ed25519:${deviceId}`]: signature,
-                    },
-                };
-                fallbackKeys[`signed_curve25519:${keyId}`] = k;
-            }
-
-            logger.log("Uploading keys to server");
-            await this.crypto.baseApis.http.authedRequest(
-                Method.Post,
-                "/keys/upload/" + encodeURI(deviceId),
-                undefined,
-                {
-                    "device_keys": deviceKeys,
-                    "one_time_keys": oneTimeKeys,
-                    "org.matrix.msc2732.fallback_keys": fallbackKeys,
-                },
-            );
-            logger.log("Done dehydrating");
-
-            // dehydrate again in a week
-            this.timeoutId = globalThis.setTimeout(this.dehydrateDevice.bind(this), oneweek);
-
-            return deviceId;
-        } finally {
-            this.inProgress = false;
-        }
-    }
-
-    public stop(): void {
-        if (this.timeoutId) {
-            globalThis.clearTimeout(this.timeoutId);
-            this.timeoutId = undefined;
-        }
-    }
-}

package/src/crypto/device-converter.ts

@@ -1,45 +0,0 @@
-/*
-Copyright 2023 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-import { Device } from "../models/device.ts";
-import { DeviceInfo } from "./deviceinfo.ts";
-
-/**
- * Convert a {@link DeviceInfo} to a {@link Device}.
- * @param deviceInfo - deviceInfo to convert
- * @param userId - id of the user that owns the device.
- */
-export function deviceInfoToDevice(deviceInfo: DeviceInfo, userId: string): Device {
-    const keys = new Map<string, string>(Object.entries(deviceInfo.keys));
-    const displayName = deviceInfo.getDisplayName() || undefined;
-
-    const signatures = new Map<string, Map<string, string>>();
-    if (deviceInfo.signatures) {
-        for (const userId in deviceInfo.signatures) {
-            signatures.set(userId, new Map(Object.entries(deviceInfo.signatures[userId])));
-        }
-    }
-
-    return new Device({
-        deviceId: deviceInfo.deviceId,
-        userId: userId,
-        keys,
-        algorithms: deviceInfo.algorithms,
-        verified: deviceInfo.verified,
-        signatures,
-        displayName,
-    });
-}

package/src/crypto/deviceinfo.ts

@@ -1,158 +0,0 @@
-/*
-Copyright 2016 - 2021 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-import { ISignatures } from "../@types/signed.ts";
-import { DeviceVerification } from "../models/device.ts";
-
-export interface IDevice {
-    keys: Record<string, string>;
-    algorithms: string[];
-    verified: DeviceVerification;
-    known: boolean;
-    unsigned?: Record<string, any>;
-    signatures?: ISignatures;
-}
-
-/**
- * Information about a user's device
- *
- * Superceded by {@link Device}.
- */
-export class DeviceInfo {
-    /**
-     * rehydrate a DeviceInfo from the session store
-     *
-     * @param obj -  raw object from session store
-     * @param deviceId - id of the device
-     *
-     * @returns new DeviceInfo
-     */
-    public static fromStorage(obj: Partial<IDevice>, deviceId: string): DeviceInfo {
-        const res = new DeviceInfo(deviceId);
-        for (const prop in obj) {
-            if (obj.hasOwnProperty(prop)) {
-                // @ts-ignore - this is messy and typescript doesn't like it
-                res[prop as keyof IDevice] = obj[prop as keyof IDevice];
-            }
-        }
-        return res;
-    }
-
-    public static DeviceVerification = {
-        VERIFIED: DeviceVerification.Verified,
-        UNVERIFIED: DeviceVerification.Unverified,
-        BLOCKED: DeviceVerification.Blocked,
-    };
-
-    /** list of algorithms supported by this device */
-    public algorithms: string[] = [];
-    /** a map from `<key type>:<id> -> <base64-encoded key>` */
-    public keys: Record<string, string> = {};
-    /** whether the device has been verified/blocked by the user */
-    public verified = DeviceVerification.Unverified;
-    /**
-     * whether the user knows of this device's existence
-     * (useful when warning the user that a user has added new devices)
-     */
-    public known = false;
-    /** additional data from the homeserver */
-    public unsigned: Record<string, any> = {};
-    public signatures: ISignatures = {};
-
-    /**
-     * @param deviceId - id of the device
-     */
-    public constructor(public readonly deviceId: string) {}
-
-    /**
-     * Prepare a DeviceInfo for JSON serialisation in the session store
-     *
-     * @returns deviceinfo with non-serialised members removed
-     */
-    public toStorage(): IDevice {
-        return {
-            algorithms: this.algorithms,
-            keys: this.keys,
-            verified: this.verified,
-            known: this.known,
-            unsigned: this.unsigned,
-            signatures: this.signatures,
-        };
-    }
-
-    /**
-     * Get the fingerprint for this device (ie, the Ed25519 key)
-     *
-     * @returns base64-encoded fingerprint of this device
-     */
-    public getFingerprint(): string {
-        return this.keys["ed25519:" + this.deviceId];
-    }
-
-    /**
-     * Get the identity key for this device (ie, the Curve25519 key)
-     *
-     * @returns base64-encoded identity key of this device
-     */
-    public getIdentityKey(): string {
-        return this.keys["curve25519:" + this.deviceId];
-    }
-
-    /**
-     * Get the configured display name for this device, if any
-     *
-     * @returns displayname
-     */
-    public getDisplayName(): string | null {
-        return this.unsigned.device_display_name || null;
-    }
-
-    /**
-     * Returns true if this device is blocked
-     *
-     * @returns true if blocked
-     */
-    public isBlocked(): boolean {
-        return this.verified == DeviceVerification.Blocked;
-    }
-
-    /**
-     * Returns true if this device is verified
-     *
-     * @returns true if verified
-     */
-    public isVerified(): boolean {
-        return this.verified == DeviceVerification.Verified;
-    }
-
-    /**
-     * Returns true if this device is unverified
-     *
-     * @returns true if unverified
-     */
-    public isUnverified(): boolean {
-        return this.verified == DeviceVerification.Unverified;
-    }
-
-    /**
-     * Returns true if the user knows about this device's existence
-     *
-     * @returns true if known
-     */
-    public isKnown(): boolean {
-        return this.known === true;
-    }
-}