matrix-js-sdk 28.2.0 → 29.0.0-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -0
- package/README.md +1 -16
- package/git-revision.txt +1 -1
- package/lib/@types/auth.d.ts +2 -4
- package/lib/@types/auth.d.ts.map +1 -1
- package/lib/@types/auth.js +1 -3
- package/lib/@types/auth.js.map +1 -1
- package/lib/browser-index.d.ts +0 -1
- package/lib/browser-index.d.ts.map +1 -1
- package/lib/browser-index.js +4 -12
- package/lib/browser-index.js.map +1 -1
- package/lib/client.d.ts +45 -15
- package/lib/client.d.ts.map +1 -1
- package/lib/client.js +60 -33
- package/lib/client.js.map +1 -1
- package/lib/crypto/backup.d.ts.map +1 -1
- package/lib/crypto/backup.js +0 -1
- package/lib/crypto/backup.js.map +1 -1
- package/lib/crypto/crypto.d.ts.map +1 -1
- package/lib/crypto/crypto.js +4 -4
- package/lib/crypto/crypto.js.map +1 -1
- package/lib/crypto/index.d.ts.map +1 -1
- package/lib/crypto/index.js +11 -2
- package/lib/crypto/index.js.map +1 -1
- package/lib/matrixrtc/CallMembership.d.ts +2 -0
- package/lib/matrixrtc/CallMembership.d.ts.map +1 -1
- package/lib/matrixrtc/CallMembership.js +3 -0
- package/lib/matrixrtc/CallMembership.js.map +1 -1
- package/lib/matrixrtc/MatrixRTCSession.d.ts +1 -0
- package/lib/matrixrtc/MatrixRTCSession.d.ts.map +1 -1
- package/lib/matrixrtc/MatrixRTCSession.js +15 -2
- package/lib/matrixrtc/MatrixRTCSession.js.map +1 -1
- package/lib/pushprocessor.d.ts.map +1 -1
- package/lib/pushprocessor.js +0 -28
- package/lib/pushprocessor.js.map +1 -1
- package/lib/rendezvous/MSC3906Rendezvous.d.ts.map +1 -1
- package/lib/rendezvous/MSC3906Rendezvous.js +3 -3
- package/lib/rendezvous/MSC3906Rendezvous.js.map +1 -1
- package/lib/rust-crypto/CrossSigningIdentity.d.ts.map +1 -1
- package/lib/rust-crypto/CrossSigningIdentity.js +49 -16
- package/lib/rust-crypto/CrossSigningIdentity.js.map +1 -1
- package/lib/rust-crypto/index.d.ts +5 -2
- package/lib/rust-crypto/index.d.ts.map +1 -1
- package/lib/rust-crypto/index.js +6 -3
- package/lib/rust-crypto/index.js.map +1 -1
- package/lib/rust-crypto/rust-crypto.d.ts.map +1 -1
- package/lib/rust-crypto/rust-crypto.js +10 -1
- package/lib/rust-crypto/rust-crypto.js.map +1 -1
- package/lib/rust-crypto/secret-storage.d.ts +12 -1
- package/lib/rust-crypto/secret-storage.d.ts.map +1 -1
- package/lib/rust-crypto/secret-storage.js +24 -13
- package/lib/rust-crypto/secret-storage.js.map +1 -1
- package/lib/rust-crypto/verification.js +8 -7
- package/lib/rust-crypto/verification.js.map +1 -1
- package/lib/sync.d.ts.map +1 -1
- package/lib/sync.js +10 -0
- package/lib/sync.js.map +1 -1
- package/package.json +4 -30
- package/src/@types/auth.ts +2 -4
- package/src/browser-index.ts +4 -7
- package/src/client.ts +94 -44
- package/src/crypto/backup.ts +0 -1
- package/src/crypto/crypto.ts +3 -3
- package/src/crypto/index.ts +10 -2
- package/src/matrixrtc/CallMembership.ts +5 -0
- package/src/matrixrtc/MatrixRTCSession.ts +16 -1
- package/src/pushprocessor.ts +0 -30
- package/src/rendezvous/MSC3906Rendezvous.ts +4 -9
- package/src/rust-crypto/CrossSigningIdentity.ts +62 -30
- package/src/rust-crypto/index.ts +6 -2
- package/src/rust-crypto/rust-crypto.ts +16 -2
- package/src/rust-crypto/secret-storage.ts +33 -17
- package/src/sync.ts +11 -0
- package/dist/browser-matrix.js +0 -108318
- package/dist/browser-matrix.js.map +0 -917
- package/dist/browser-matrix.min.js +0 -18
- package/dist/browser-matrix.min.js.map +0 -1
- package/lib/rust-crypto/browserify-index.d.ts +0 -5
- package/lib/rust-crypto/browserify-index.d.ts.map +0 -1
- package/lib/rust-crypto/browserify-index.js +0 -32
- package/lib/rust-crypto/browserify-index.js.map +0 -1
- package/src/rust-crypto/browserify-index.ts +0 -31
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MSC3906Rendezvous.d.ts","sourceRoot":"","sources":["../../src/rendezvous/MSC3906Rendezvous.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,GAAG,CAAC;AAC5G,OAAO,
|
|
1
|
+
{"version":3,"file":"MSC3906Rendezvous.d.ts","sourceRoot":"","sources":["../../src/rendezvous/MSC3906Rendezvous.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,GAAG,CAAC;AAC5G,OAAO,EAAE,gBAAgB,EAA4B,YAAY,EAA8B,MAAM,WAAW,CAAC;AACjH,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAKlD,aAAK,WAAW;IACZ,KAAK,kBAAkB;IACvB,MAAM,mBAAmB;IACzB,QAAQ,qBAAqB;CAChC;AAED,aAAK,OAAO;IACR,OAAO,YAAY;IACnB,OAAO,YAAY;IACnB,QAAQ,aAAa;IACrB,QAAQ,aAAa;IACrB,WAAW,gBAAgB;CAC9B;AAED,MAAM,WAAW,wBAAwB;IACrC,IAAI,EAAE,WAAW,CAAC;IAClB,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB;AAID;;;;GAIG;AACH,qBAAa,iBAAiB;IAYtB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,MAAM;IACP,SAAS,CAAC;IAbrB,OAAO,CAAC,WAAW,CAAC,CAAS;IAC7B,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,SAAS,CAA2E;IAC5F,OAAO,CAAC,KAAK,CAAC,CAAS;IAEvB;;;;OAIG;gBAES,OAAO,EAAE,iBAAiB,CAAC,wBAAwB,CAAC,EACpD,MAAM,EAAE,YAAY,EACrB,SAAS,CAAC,uCAA2B;IAGhD;;OAEG;IACH,IAAW,IAAI,IAAI,MAAM,GAAG,SAAS,CAEpC;IAED;;OAEG;IACU,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ7B,qBAAqB,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;YAiDnD,OAAO;YAIP,IAAI;IAIL,4BAA4B,IAAI,OAAO,CAAC,IAAI,CAAC;IAK7C,4BAA4B,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;YAqB5E,wBAAwB;IAwCtC;;;;OAIG;IACU,+BAA+B,CACxC,OAAO,SAAY,GACpB,OAAO,CAAC,UAAU,GAAG,gBAAgB,GAAG,gBAAgB,GAAG,SAAS,CAAC;IAmC3D,MAAM,CAAC,MAAM,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC;IAKtD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAGtC"}
|
|
@@ -81,15 +81,15 @@ class MSC3906Rendezvous {
|
|
|
81
81
|
const checksum = await this.channel.connect();
|
|
82
82
|
_logger.logger.info(`Connected to secure channel with checksum: ${checksum} our intent is ${this.ourIntent}`);
|
|
83
83
|
|
|
84
|
-
// in
|
|
84
|
+
// in stable and unstable r1 the availability is exposed as a capability
|
|
85
85
|
const capabilities = await this.client.getCapabilities();
|
|
86
86
|
// in r0 of MSC3882 the availability is exposed as a feature flag
|
|
87
87
|
const features = await (0, _feature.buildFeatureSupportMap)(await this.client.getVersions());
|
|
88
|
-
const capability = _client.
|
|
88
|
+
const capability = _client.GET_LOGIN_TOKEN_CAPABILITY.findIn(capabilities);
|
|
89
89
|
|
|
90
90
|
// determine available protocols
|
|
91
91
|
if (!(capability !== null && capability !== void 0 && capability.enabled) && features.get(_feature.Feature.LoginTokenRequest) === _feature.ServerSupport.Unsupported) {
|
|
92
|
-
_logger.logger.info("Server doesn't support
|
|
92
|
+
_logger.logger.info("Server doesn't support get_login_token");
|
|
93
93
|
await this.send({
|
|
94
94
|
type: PayloadType.Finish,
|
|
95
95
|
outcome: Outcome.Unsupported
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MSC3906Rendezvous.js","names":["_matrixEventsSdk","require","_","_client","_feature","_logger","_utils","PayloadType","Outcome","LOGIN_TOKEN_PROTOCOL","UnstableValue","MSC3906Rendezvous","constructor","channel","client","onFailure","_defineProperty2","default","RendezvousIntent","RECIPROCATE_LOGIN_ON_EXISTING_DEVICE","code","_code","generateCode","JSON","stringify","ourIntent","startAfterShowingCode","checksum","connect","logger","info","capabilities","getCapabilities","features","buildFeatureSupportMap","getVersions","capability","UNSTABLE_MSC3882_CAPABILITY","findIn","enabled","get","Feature","LoginTokenRequest","ServerSupport","Unsupported","send","type","Finish","outcome","cancel","RendezvousFailureReason","HomeserverLacksSupport","undefined","Progress","protocols","name","protocol","receive","UnsupportedAlgorithm","Unknown","matches","payload","declineLoginOnExistingDevice","Declined","approveLoginOnExistingDevice","loginToken","login_token","homeserver","baseUrl","res","device_id","deviceId","device_key","deviceKey","Error","newDeviceId","newDeviceKey","verifyAndCrossSignDevice","deviceInfo","crypto","getFingerprint","userId","getUserId","setDeviceVerification","masterPublicKey","crossSigningInfo","getId","Verified","verifying_device_id","getDeviceId","verifying_device_key","getDeviceEd25519Key","master_key","verifyNewDeviceOnExistingDevice","timeout","getStoredDevice","sleep","reason","_this$onFailure","call","close","exports"],"sources":["../../src/rendezvous/MSC3906Rendezvous.ts"],"sourcesContent":["/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { UnstableValue } from \"matrix-events-sdk\";\n\nimport { RendezvousChannel, RendezvousFailureListener, RendezvousFailureReason, RendezvousIntent } from \".\";\nimport {\n ICrossSigningKey,\n IMSC3882GetLoginTokenCapability,\n MatrixClient,\n UNSTABLE_MSC3882_CAPABILITY,\n} from \"../client\";\nimport { CrossSigningInfo } from \"../crypto/CrossSigning\";\nimport { DeviceInfo } from \"../crypto/deviceinfo\";\nimport { buildFeatureSupportMap, Feature, ServerSupport } from \"../feature\";\nimport { logger } from \"../logger\";\nimport { sleep } from \"../utils\";\n\nenum PayloadType {\n Start = \"m.login.start\",\n Finish = \"m.login.finish\",\n Progress = \"m.login.progress\",\n}\n\nenum Outcome {\n Success = \"success\",\n Failure = \"failure\",\n Verified = \"verified\",\n Declined = \"declined\",\n Unsupported = \"unsupported\",\n}\n\nexport interface MSC3906RendezvousPayload {\n type: PayloadType;\n intent?: RendezvousIntent;\n outcome?: Outcome;\n device_id?: string;\n device_key?: string;\n verifying_device_id?: string;\n verifying_device_key?: string;\n master_key?: string;\n protocols?: string[];\n protocol?: string;\n login_token?: string;\n homeserver?: string;\n}\n\nconst LOGIN_TOKEN_PROTOCOL = new UnstableValue(\"login_token\", \"org.matrix.msc3906.login_token\");\n\n/**\n * Implements MSC3906 to allow a user to sign in on a new device using QR code.\n * This implementation only supports generating a QR code on a device that is already signed in.\n * Note that this is UNSTABLE and may have breaking changes without notice.\n */\nexport class MSC3906Rendezvous {\n private newDeviceId?: string;\n private newDeviceKey?: string;\n private ourIntent: RendezvousIntent = RendezvousIntent.RECIPROCATE_LOGIN_ON_EXISTING_DEVICE;\n private _code?: string;\n\n /**\n * @param channel - The secure channel used for communication\n * @param client - The Matrix client in used on the device already logged in\n * @param onFailure - Callback for when the rendezvous fails\n */\n public constructor(\n private channel: RendezvousChannel<MSC3906RendezvousPayload>,\n private client: MatrixClient,\n public onFailure?: RendezvousFailureListener,\n ) {}\n\n /**\n * Returns the code representing the rendezvous suitable for rendering in a QR code or undefined if not generated yet.\n */\n public get code(): string | undefined {\n return this._code;\n }\n\n /**\n * Generate the code including doing partial set up of the channel where required.\n */\n public async generateCode(): Promise<void> {\n if (this._code) {\n return;\n }\n\n this._code = JSON.stringify(await this.channel.generateCode(this.ourIntent));\n }\n\n public async startAfterShowingCode(): Promise<string | undefined> {\n const checksum = await this.channel.connect();\n\n logger.info(`Connected to secure channel with checksum: ${checksum} our intent is ${this.ourIntent}`);\n\n // in r1 of MSC3882 the availability is exposed as a capability\n const capabilities = await this.client.getCapabilities();\n // in r0 of MSC3882 the availability is exposed as a feature flag\n const features = await buildFeatureSupportMap(await this.client.getVersions());\n const capability = UNSTABLE_MSC3882_CAPABILITY.findIn<IMSC3882GetLoginTokenCapability>(capabilities);\n\n // determine available protocols\n if (!capability?.enabled && features.get(Feature.LoginTokenRequest) === ServerSupport.Unsupported) {\n logger.info(\"Server doesn't support MSC3882\");\n await this.send({ type: PayloadType.Finish, outcome: Outcome.Unsupported });\n await this.cancel(RendezvousFailureReason.HomeserverLacksSupport);\n return undefined;\n }\n\n await this.send({ type: PayloadType.Progress, protocols: [LOGIN_TOKEN_PROTOCOL.name] });\n\n logger.info(\"Waiting for other device to chose protocol\");\n const { type, protocol, outcome } = await this.receive();\n\n if (type === PayloadType.Finish) {\n // new device decided not to complete\n switch (outcome ?? \"\") {\n case \"unsupported\":\n await this.cancel(RendezvousFailureReason.UnsupportedAlgorithm);\n break;\n default:\n await this.cancel(RendezvousFailureReason.Unknown);\n }\n return undefined;\n }\n\n if (type !== PayloadType.Progress) {\n await this.cancel(RendezvousFailureReason.Unknown);\n return undefined;\n }\n\n if (!protocol || !LOGIN_TOKEN_PROTOCOL.matches(protocol)) {\n await this.cancel(RendezvousFailureReason.UnsupportedAlgorithm);\n return undefined;\n }\n\n return checksum;\n }\n\n private async receive(): Promise<MSC3906RendezvousPayload> {\n return (await this.channel.receive()) as MSC3906RendezvousPayload;\n }\n\n private async send(payload: MSC3906RendezvousPayload): Promise<void> {\n await this.channel.send(payload);\n }\n\n public async declineLoginOnExistingDevice(): Promise<void> {\n logger.info(\"User declined sign in\");\n await this.send({ type: PayloadType.Finish, outcome: Outcome.Declined });\n }\n\n public async approveLoginOnExistingDevice(loginToken: string): Promise<string | undefined> {\n // eslint-disable-next-line camelcase\n await this.send({ type: PayloadType.Progress, login_token: loginToken, homeserver: this.client.baseUrl });\n\n logger.info(\"Waiting for outcome\");\n const res = await this.receive();\n if (!res) {\n return undefined;\n }\n const { outcome, device_id: deviceId, device_key: deviceKey } = res;\n\n if (outcome !== \"success\") {\n throw new Error(\"Linking failed\");\n }\n\n this.newDeviceId = deviceId;\n this.newDeviceKey = deviceKey;\n\n return deviceId;\n }\n\n private async verifyAndCrossSignDevice(\n deviceInfo: DeviceInfo,\n ): Promise<CrossSigningInfo | DeviceInfo | ICrossSigningKey | undefined> {\n if (!this.client.crypto) {\n throw new Error(\"Crypto not available on client\");\n }\n\n if (!this.newDeviceId) {\n throw new Error(\"No new device ID set\");\n }\n\n // check that keys received from the server for the new device match those received from the device itself\n if (deviceInfo.getFingerprint() !== this.newDeviceKey) {\n throw new Error(\n `New device has different keys than expected: ${this.newDeviceKey} vs ${deviceInfo.getFingerprint()}`,\n );\n }\n\n const userId = this.client.getUserId();\n\n if (!userId) {\n throw new Error(\"No user ID set\");\n }\n // mark the device as verified locally + cross sign\n logger.info(`Marking device ${this.newDeviceId} as verified`);\n const info = await this.client.crypto.setDeviceVerification(userId, this.newDeviceId, true, false, true);\n\n const masterPublicKey = this.client.crypto.crossSigningInfo.getId(\"master\")!;\n\n await this.send({\n type: PayloadType.Finish,\n outcome: Outcome.Verified,\n verifying_device_id: this.client.getDeviceId()!,\n verifying_device_key: this.client.getDeviceEd25519Key()!,\n master_key: masterPublicKey,\n });\n\n return info;\n }\n\n /**\n * Verify the device and cross-sign it.\n * @param timeout - time in milliseconds to wait for device to come online\n * @returns the new device info if the device was verified\n */\n public async verifyNewDeviceOnExistingDevice(\n timeout = 10 * 1000,\n ): Promise<DeviceInfo | CrossSigningInfo | ICrossSigningKey | undefined> {\n if (!this.newDeviceId) {\n throw new Error(\"No new device to sign\");\n }\n\n if (!this.newDeviceKey) {\n logger.info(\"No new device key to sign\");\n return undefined;\n }\n\n if (!this.client.crypto) {\n throw new Error(\"Crypto not available on client\");\n }\n\n const userId = this.client.getUserId();\n\n if (!userId) {\n throw new Error(\"No user ID set\");\n }\n\n let deviceInfo = this.client.crypto.getStoredDevice(userId, this.newDeviceId);\n\n if (!deviceInfo) {\n logger.info(\"Going to wait for new device to be online\");\n await sleep(timeout);\n deviceInfo = this.client.crypto.getStoredDevice(userId, this.newDeviceId);\n }\n\n if (deviceInfo) {\n return await this.verifyAndCrossSignDevice(deviceInfo);\n }\n\n throw new Error(\"Device not online within timeout\");\n }\n\n public async cancel(reason: RendezvousFailureReason): Promise<void> {\n this.onFailure?.(reason);\n await this.channel.cancel(reason);\n }\n\n public async close(): Promise<void> {\n await this.channel.close();\n }\n}\n"],"mappings":";;;;;;;;AAgBA,IAAAA,gBAAA,GAAAC,OAAA;AAEA,IAAAC,CAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAQA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AA7BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdA,IA+BKM,WAAW,0BAAXA,WAAW;EAAXA,WAAW;EAAXA,WAAW;EAAXA,WAAW;EAAA,OAAXA,WAAW;AAAA,EAAXA,WAAW;AAAA,IAMXC,OAAO,0BAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAA,OAAPA,OAAO;AAAA,EAAPA,OAAO;AAuBZ,MAAMC,oBAAoB,GAAG,IAAIC,8BAAa,CAAC,aAAa,EAAE,gCAAgC,CAAC;;AAE/F;AACA;AACA;AACA;AACA;AACO,MAAMC,iBAAiB,CAAC;EAM3B;AACJ;AACA;AACA;AACA;EACWC,WAAWA,CACNC,OAAoD,EACpDC,MAAoB,EACrBC,SAAqC,EAC9C;IAAA,IAAAC,gBAAA,CAAAC,OAAA,qBAZoCC,kBAAgB,CAACC,oCAAoC;IAAA,KAS/EN,OAAoD,GAApDA,OAAoD;IAAA,KACpDC,MAAoB,GAApBA,MAAoB;IAAA,KACrBC,SAAqC,GAArCA,SAAqC;EAC7C;;EAEH;AACJ;AACA;EACI,IAAWK,IAAIA,CAAA,EAAuB;IAClC,OAAO,IAAI,CAACC,KAAK;EACrB;;EAEA;AACJ;AACA;EACI,MAAaC,YAAYA,CAAA,EAAkB;IACvC,IAAI,IAAI,CAACD,KAAK,EAAE;MACZ;IACJ;IAEA,IAAI,CAACA,KAAK,GAAGE,IAAI,CAACC,SAAS,CAAC,MAAM,IAAI,CAACX,OAAO,CAACS,YAAY,CAAC,IAAI,CAACG,SAAS,CAAC,CAAC;EAChF;EAEA,MAAaC,qBAAqBA,CAAA,EAAgC;IAC9D,MAAMC,QAAQ,GAAG,MAAM,IAAI,CAACd,OAAO,CAACe,OAAO,CAAC,CAAC;IAE7CC,cAAM,CAACC,IAAI,CAAE,8CAA6CH,QAAS,kBAAiB,IAAI,CAACF,SAAU,EAAC,CAAC;;IAErG;IACA,MAAMM,YAAY,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,eAAe,CAAC,CAAC;IACxD;IACA,MAAMC,QAAQ,GAAG,MAAM,IAAAC,+BAAsB,EAAC,MAAM,IAAI,CAACpB,MAAM,CAACqB,WAAW,CAAC,CAAC,CAAC;IAC9E,MAAMC,UAAU,GAAGC,mCAA2B,CAACC,MAAM,CAAkCP,YAAY,CAAC;;IAEpG;IACA,IAAI,EAACK,UAAU,aAAVA,UAAU,eAAVA,UAAU,CAAEG,OAAO,KAAIN,QAAQ,CAACO,GAAG,CAACC,gBAAO,CAACC,iBAAiB,CAAC,KAAKC,sBAAa,CAACC,WAAW,EAAE;MAC/Ff,cAAM,CAACC,IAAI,CAAC,gCAAgC,CAAC;MAC7C,MAAM,IAAI,CAACe,IAAI,CAAC;QAAEC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;QAAEC,OAAO,EAAExC,OAAO,CAACoC;MAAY,CAAC,CAAC;MAC3E,MAAM,IAAI,CAACK,MAAM,CAACC,yBAAuB,CAACC,sBAAsB,CAAC;MACjE,OAAOC,SAAS;IACpB;IAEA,MAAM,IAAI,CAACP,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAAC8C,QAAQ;MAAEC,SAAS,EAAE,CAAC7C,oBAAoB,CAAC8C,IAAI;IAAE,CAAC,CAAC;IAEvF1B,cAAM,CAACC,IAAI,CAAC,4CAA4C,CAAC;IACzD,MAAM;MAAEgB,IAAI;MAAEU,QAAQ;MAAER;IAAQ,CAAC,GAAG,MAAM,IAAI,CAACS,OAAO,CAAC,CAAC;IAExD,IAAIX,IAAI,KAAKvC,WAAW,CAACwC,MAAM,EAAE;MAC7B;MACA,QAAQC,OAAO,aAAPA,OAAO,cAAPA,OAAO,GAAI,EAAE;QACjB,KAAK,aAAa;UACd,MAAM,IAAI,CAACC,MAAM,CAACC,yBAAuB,CAACQ,oBAAoB,CAAC;UAC/D;QACJ;UACI,MAAM,IAAI,CAACT,MAAM,CAACC,yBAAuB,CAACS,OAAO,CAAC;MAC1D;MACA,OAAOP,SAAS;IACpB;IAEA,IAAIN,IAAI,KAAKvC,WAAW,CAAC8C,QAAQ,EAAE;MAC/B,MAAM,IAAI,CAACJ,MAAM,CAACC,yBAAuB,CAACS,OAAO,CAAC;MAClD,OAAOP,SAAS;IACpB;IAEA,IAAI,CAACI,QAAQ,IAAI,CAAC/C,oBAAoB,CAACmD,OAAO,CAACJ,QAAQ,CAAC,EAAE;MACtD,MAAM,IAAI,CAACP,MAAM,CAACC,yBAAuB,CAACQ,oBAAoB,CAAC;MAC/D,OAAON,SAAS;IACpB;IAEA,OAAOzB,QAAQ;EACnB;EAEA,MAAc8B,OAAOA,CAAA,EAAsC;IACvD,OAAQ,MAAM,IAAI,CAAC5C,OAAO,CAAC4C,OAAO,CAAC,CAAC;EACxC;EAEA,MAAcZ,IAAIA,CAACgB,OAAiC,EAAiB;IACjE,MAAM,IAAI,CAAChD,OAAO,CAACgC,IAAI,CAACgB,OAAO,CAAC;EACpC;EAEA,MAAaC,4BAA4BA,CAAA,EAAkB;IACvDjC,cAAM,CAACC,IAAI,CAAC,uBAAuB,CAAC;IACpC,MAAM,IAAI,CAACe,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;MAAEC,OAAO,EAAExC,OAAO,CAACuD;IAAS,CAAC,CAAC;EAC5E;EAEA,MAAaC,4BAA4BA,CAACC,UAAkB,EAA+B;IACvF;IACA,MAAM,IAAI,CAACpB,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAAC8C,QAAQ;MAAEa,WAAW,EAAED,UAAU;MAAEE,UAAU,EAAE,IAAI,CAACrD,MAAM,CAACsD;IAAQ,CAAC,CAAC;IAEzGvC,cAAM,CAACC,IAAI,CAAC,qBAAqB,CAAC;IAClC,MAAMuC,GAAG,GAAG,MAAM,IAAI,CAACZ,OAAO,CAAC,CAAC;IAChC,IAAI,CAACY,GAAG,EAAE;MACN,OAAOjB,SAAS;IACpB;IACA,MAAM;MAAEJ,OAAO;MAAEsB,SAAS,EAAEC,QAAQ;MAAEC,UAAU,EAAEC;IAAU,CAAC,GAAGJ,GAAG;IAEnE,IAAIrB,OAAO,KAAK,SAAS,EAAE;MACvB,MAAM,IAAI0B,KAAK,CAAC,gBAAgB,CAAC;IACrC;IAEA,IAAI,CAACC,WAAW,GAAGJ,QAAQ;IAC3B,IAAI,CAACK,YAAY,GAAGH,SAAS;IAE7B,OAAOF,QAAQ;EACnB;EAEA,MAAcM,wBAAwBA,CAClCC,UAAsB,EAC+C;IACrE,IAAI,CAAC,IAAI,CAAChE,MAAM,CAACiE,MAAM,EAAE;MACrB,MAAM,IAAIL,KAAK,CAAC,gCAAgC,CAAC;IACrD;IAEA,IAAI,CAAC,IAAI,CAACC,WAAW,EAAE;MACnB,MAAM,IAAID,KAAK,CAAC,sBAAsB,CAAC;IAC3C;;IAEA;IACA,IAAII,UAAU,CAACE,cAAc,CAAC,CAAC,KAAK,IAAI,CAACJ,YAAY,EAAE;MACnD,MAAM,IAAIF,KAAK,CACV,gDAA+C,IAAI,CAACE,YAAa,OAAME,UAAU,CAACE,cAAc,CAAC,CAAE,EACxG,CAAC;IACL;IAEA,MAAMC,MAAM,GAAG,IAAI,CAACnE,MAAM,CAACoE,SAAS,CAAC,CAAC;IAEtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIP,KAAK,CAAC,gBAAgB,CAAC;IACrC;IACA;IACA7C,cAAM,CAACC,IAAI,CAAE,kBAAiB,IAAI,CAAC6C,WAAY,cAAa,CAAC;IAC7D,MAAM7C,IAAI,GAAG,MAAM,IAAI,CAAChB,MAAM,CAACiE,MAAM,CAACI,qBAAqB,CAACF,MAAM,EAAE,IAAI,CAACN,WAAW,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;IAExG,MAAMS,eAAe,GAAG,IAAI,CAACtE,MAAM,CAACiE,MAAM,CAACM,gBAAgB,CAACC,KAAK,CAAC,QAAQ,CAAE;IAE5E,MAAM,IAAI,CAACzC,IAAI,CAAC;MACZC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;MACxBC,OAAO,EAAExC,OAAO,CAAC+E,QAAQ;MACzBC,mBAAmB,EAAE,IAAI,CAAC1E,MAAM,CAAC2E,WAAW,CAAC,CAAE;MAC/CC,oBAAoB,EAAE,IAAI,CAAC5E,MAAM,CAAC6E,mBAAmB,CAAC,CAAE;MACxDC,UAAU,EAAER;IAChB,CAAC,CAAC;IAEF,OAAOtD,IAAI;EACf;;EAEA;AACJ;AACA;AACA;AACA;EACI,MAAa+D,+BAA+BA,CACxCC,OAAO,GAAG,EAAE,GAAG,IAAI,EACkD;IACrE,IAAI,CAAC,IAAI,CAACnB,WAAW,EAAE;MACnB,MAAM,IAAID,KAAK,CAAC,uBAAuB,CAAC;IAC5C;IAEA,IAAI,CAAC,IAAI,CAACE,YAAY,EAAE;MACpB/C,cAAM,CAACC,IAAI,CAAC,2BAA2B,CAAC;MACxC,OAAOsB,SAAS;IACpB;IAEA,IAAI,CAAC,IAAI,CAACtC,MAAM,CAACiE,MAAM,EAAE;MACrB,MAAM,IAAIL,KAAK,CAAC,gCAAgC,CAAC;IACrD;IAEA,MAAMO,MAAM,GAAG,IAAI,CAACnE,MAAM,CAACoE,SAAS,CAAC,CAAC;IAEtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIP,KAAK,CAAC,gBAAgB,CAAC;IACrC;IAEA,IAAII,UAAU,GAAG,IAAI,CAAChE,MAAM,CAACiE,MAAM,CAACgB,eAAe,CAACd,MAAM,EAAE,IAAI,CAACN,WAAW,CAAC;IAE7E,IAAI,CAACG,UAAU,EAAE;MACbjD,cAAM,CAACC,IAAI,CAAC,2CAA2C,CAAC;MACxD,MAAM,IAAAkE,YAAK,EAACF,OAAO,CAAC;MACpBhB,UAAU,GAAG,IAAI,CAAChE,MAAM,CAACiE,MAAM,CAACgB,eAAe,CAACd,MAAM,EAAE,IAAI,CAACN,WAAW,CAAC;IAC7E;IAEA,IAAIG,UAAU,EAAE;MACZ,OAAO,MAAM,IAAI,CAACD,wBAAwB,CAACC,UAAU,CAAC;IAC1D;IAEA,MAAM,IAAIJ,KAAK,CAAC,kCAAkC,CAAC;EACvD;EAEA,MAAazB,MAAMA,CAACgD,MAA+B,EAAiB;IAAA,IAAAC,eAAA;IAChE,CAAAA,eAAA,OAAI,CAACnF,SAAS,cAAAmF,eAAA,eAAdA,eAAA,CAAAC,IAAA,KAAI,EAAaF,MAAM,CAAC;IACxB,MAAM,IAAI,CAACpF,OAAO,CAACoC,MAAM,CAACgD,MAAM,CAAC;EACrC;EAEA,MAAaG,KAAKA,CAAA,EAAkB;IAChC,MAAM,IAAI,CAACvF,OAAO,CAACuF,KAAK,CAAC,CAAC;EAC9B;AACJ;AAACC,OAAA,CAAA1F,iBAAA,GAAAA,iBAAA"}
|
|
1
|
+
{"version":3,"file":"MSC3906Rendezvous.js","names":["_matrixEventsSdk","require","_","_client","_feature","_logger","_utils","PayloadType","Outcome","LOGIN_TOKEN_PROTOCOL","UnstableValue","MSC3906Rendezvous","constructor","channel","client","onFailure","_defineProperty2","default","RendezvousIntent","RECIPROCATE_LOGIN_ON_EXISTING_DEVICE","code","_code","generateCode","JSON","stringify","ourIntent","startAfterShowingCode","checksum","connect","logger","info","capabilities","getCapabilities","features","buildFeatureSupportMap","getVersions","capability","GET_LOGIN_TOKEN_CAPABILITY","findIn","enabled","get","Feature","LoginTokenRequest","ServerSupport","Unsupported","send","type","Finish","outcome","cancel","RendezvousFailureReason","HomeserverLacksSupport","undefined","Progress","protocols","name","protocol","receive","UnsupportedAlgorithm","Unknown","matches","payload","declineLoginOnExistingDevice","Declined","approveLoginOnExistingDevice","loginToken","login_token","homeserver","baseUrl","res","device_id","deviceId","device_key","deviceKey","Error","newDeviceId","newDeviceKey","verifyAndCrossSignDevice","deviceInfo","crypto","getFingerprint","userId","getUserId","setDeviceVerification","masterPublicKey","crossSigningInfo","getId","Verified","verifying_device_id","getDeviceId","verifying_device_key","getDeviceEd25519Key","master_key","verifyNewDeviceOnExistingDevice","timeout","getStoredDevice","sleep","reason","_this$onFailure","call","close","exports"],"sources":["../../src/rendezvous/MSC3906Rendezvous.ts"],"sourcesContent":["/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { UnstableValue } from \"matrix-events-sdk\";\n\nimport { RendezvousChannel, RendezvousFailureListener, RendezvousFailureReason, RendezvousIntent } from \".\";\nimport { ICrossSigningKey, IGetLoginTokenCapability, MatrixClient, GET_LOGIN_TOKEN_CAPABILITY } from \"../client\";\nimport { CrossSigningInfo } from \"../crypto/CrossSigning\";\nimport { DeviceInfo } from \"../crypto/deviceinfo\";\nimport { buildFeatureSupportMap, Feature, ServerSupport } from \"../feature\";\nimport { logger } from \"../logger\";\nimport { sleep } from \"../utils\";\n\nenum PayloadType {\n Start = \"m.login.start\",\n Finish = \"m.login.finish\",\n Progress = \"m.login.progress\",\n}\n\nenum Outcome {\n Success = \"success\",\n Failure = \"failure\",\n Verified = \"verified\",\n Declined = \"declined\",\n Unsupported = \"unsupported\",\n}\n\nexport interface MSC3906RendezvousPayload {\n type: PayloadType;\n intent?: RendezvousIntent;\n outcome?: Outcome;\n device_id?: string;\n device_key?: string;\n verifying_device_id?: string;\n verifying_device_key?: string;\n master_key?: string;\n protocols?: string[];\n protocol?: string;\n login_token?: string;\n homeserver?: string;\n}\n\nconst LOGIN_TOKEN_PROTOCOL = new UnstableValue(\"login_token\", \"org.matrix.msc3906.login_token\");\n\n/**\n * Implements MSC3906 to allow a user to sign in on a new device using QR code.\n * This implementation only supports generating a QR code on a device that is already signed in.\n * Note that this is UNSTABLE and may have breaking changes without notice.\n */\nexport class MSC3906Rendezvous {\n private newDeviceId?: string;\n private newDeviceKey?: string;\n private ourIntent: RendezvousIntent = RendezvousIntent.RECIPROCATE_LOGIN_ON_EXISTING_DEVICE;\n private _code?: string;\n\n /**\n * @param channel - The secure channel used for communication\n * @param client - The Matrix client in used on the device already logged in\n * @param onFailure - Callback for when the rendezvous fails\n */\n public constructor(\n private channel: RendezvousChannel<MSC3906RendezvousPayload>,\n private client: MatrixClient,\n public onFailure?: RendezvousFailureListener,\n ) {}\n\n /**\n * Returns the code representing the rendezvous suitable for rendering in a QR code or undefined if not generated yet.\n */\n public get code(): string | undefined {\n return this._code;\n }\n\n /**\n * Generate the code including doing partial set up of the channel where required.\n */\n public async generateCode(): Promise<void> {\n if (this._code) {\n return;\n }\n\n this._code = JSON.stringify(await this.channel.generateCode(this.ourIntent));\n }\n\n public async startAfterShowingCode(): Promise<string | undefined> {\n const checksum = await this.channel.connect();\n\n logger.info(`Connected to secure channel with checksum: ${checksum} our intent is ${this.ourIntent}`);\n\n // in stable and unstable r1 the availability is exposed as a capability\n const capabilities = await this.client.getCapabilities();\n // in r0 of MSC3882 the availability is exposed as a feature flag\n const features = await buildFeatureSupportMap(await this.client.getVersions());\n const capability = GET_LOGIN_TOKEN_CAPABILITY.findIn<IGetLoginTokenCapability>(capabilities);\n\n // determine available protocols\n if (!capability?.enabled && features.get(Feature.LoginTokenRequest) === ServerSupport.Unsupported) {\n logger.info(\"Server doesn't support get_login_token\");\n await this.send({ type: PayloadType.Finish, outcome: Outcome.Unsupported });\n await this.cancel(RendezvousFailureReason.HomeserverLacksSupport);\n return undefined;\n }\n\n await this.send({ type: PayloadType.Progress, protocols: [LOGIN_TOKEN_PROTOCOL.name] });\n\n logger.info(\"Waiting for other device to chose protocol\");\n const { type, protocol, outcome } = await this.receive();\n\n if (type === PayloadType.Finish) {\n // new device decided not to complete\n switch (outcome ?? \"\") {\n case \"unsupported\":\n await this.cancel(RendezvousFailureReason.UnsupportedAlgorithm);\n break;\n default:\n await this.cancel(RendezvousFailureReason.Unknown);\n }\n return undefined;\n }\n\n if (type !== PayloadType.Progress) {\n await this.cancel(RendezvousFailureReason.Unknown);\n return undefined;\n }\n\n if (!protocol || !LOGIN_TOKEN_PROTOCOL.matches(protocol)) {\n await this.cancel(RendezvousFailureReason.UnsupportedAlgorithm);\n return undefined;\n }\n\n return checksum;\n }\n\n private async receive(): Promise<MSC3906RendezvousPayload> {\n return (await this.channel.receive()) as MSC3906RendezvousPayload;\n }\n\n private async send(payload: MSC3906RendezvousPayload): Promise<void> {\n await this.channel.send(payload);\n }\n\n public async declineLoginOnExistingDevice(): Promise<void> {\n logger.info(\"User declined sign in\");\n await this.send({ type: PayloadType.Finish, outcome: Outcome.Declined });\n }\n\n public async approveLoginOnExistingDevice(loginToken: string): Promise<string | undefined> {\n // eslint-disable-next-line camelcase\n await this.send({ type: PayloadType.Progress, login_token: loginToken, homeserver: this.client.baseUrl });\n\n logger.info(\"Waiting for outcome\");\n const res = await this.receive();\n if (!res) {\n return undefined;\n }\n const { outcome, device_id: deviceId, device_key: deviceKey } = res;\n\n if (outcome !== \"success\") {\n throw new Error(\"Linking failed\");\n }\n\n this.newDeviceId = deviceId;\n this.newDeviceKey = deviceKey;\n\n return deviceId;\n }\n\n private async verifyAndCrossSignDevice(\n deviceInfo: DeviceInfo,\n ): Promise<CrossSigningInfo | DeviceInfo | ICrossSigningKey | undefined> {\n if (!this.client.crypto) {\n throw new Error(\"Crypto not available on client\");\n }\n\n if (!this.newDeviceId) {\n throw new Error(\"No new device ID set\");\n }\n\n // check that keys received from the server for the new device match those received from the device itself\n if (deviceInfo.getFingerprint() !== this.newDeviceKey) {\n throw new Error(\n `New device has different keys than expected: ${this.newDeviceKey} vs ${deviceInfo.getFingerprint()}`,\n );\n }\n\n const userId = this.client.getUserId();\n\n if (!userId) {\n throw new Error(\"No user ID set\");\n }\n // mark the device as verified locally + cross sign\n logger.info(`Marking device ${this.newDeviceId} as verified`);\n const info = await this.client.crypto.setDeviceVerification(userId, this.newDeviceId, true, false, true);\n\n const masterPublicKey = this.client.crypto.crossSigningInfo.getId(\"master\")!;\n\n await this.send({\n type: PayloadType.Finish,\n outcome: Outcome.Verified,\n verifying_device_id: this.client.getDeviceId()!,\n verifying_device_key: this.client.getDeviceEd25519Key()!,\n master_key: masterPublicKey,\n });\n\n return info;\n }\n\n /**\n * Verify the device and cross-sign it.\n * @param timeout - time in milliseconds to wait for device to come online\n * @returns the new device info if the device was verified\n */\n public async verifyNewDeviceOnExistingDevice(\n timeout = 10 * 1000,\n ): Promise<DeviceInfo | CrossSigningInfo | ICrossSigningKey | undefined> {\n if (!this.newDeviceId) {\n throw new Error(\"No new device to sign\");\n }\n\n if (!this.newDeviceKey) {\n logger.info(\"No new device key to sign\");\n return undefined;\n }\n\n if (!this.client.crypto) {\n throw new Error(\"Crypto not available on client\");\n }\n\n const userId = this.client.getUserId();\n\n if (!userId) {\n throw new Error(\"No user ID set\");\n }\n\n let deviceInfo = this.client.crypto.getStoredDevice(userId, this.newDeviceId);\n\n if (!deviceInfo) {\n logger.info(\"Going to wait for new device to be online\");\n await sleep(timeout);\n deviceInfo = this.client.crypto.getStoredDevice(userId, this.newDeviceId);\n }\n\n if (deviceInfo) {\n return await this.verifyAndCrossSignDevice(deviceInfo);\n }\n\n throw new Error(\"Device not online within timeout\");\n }\n\n public async cancel(reason: RendezvousFailureReason): Promise<void> {\n this.onFailure?.(reason);\n await this.channel.cancel(reason);\n }\n\n public async close(): Promise<void> {\n await this.channel.close();\n }\n}\n"],"mappings":";;;;;;;;AAgBA,IAAAA,gBAAA,GAAAC,OAAA;AAEA,IAAAC,CAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAGA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,MAAA,GAAAL,OAAA;AAxBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdA,IA0BKM,WAAW,0BAAXA,WAAW;EAAXA,WAAW;EAAXA,WAAW;EAAXA,WAAW;EAAA,OAAXA,WAAW;AAAA,EAAXA,WAAW;AAAA,IAMXC,OAAO,0BAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAPA,OAAO;EAAA,OAAPA,OAAO;AAAA,EAAPA,OAAO;AAuBZ,MAAMC,oBAAoB,GAAG,IAAIC,8BAAa,CAAC,aAAa,EAAE,gCAAgC,CAAC;;AAE/F;AACA;AACA;AACA;AACA;AACO,MAAMC,iBAAiB,CAAC;EAM3B;AACJ;AACA;AACA;AACA;EACWC,WAAWA,CACNC,OAAoD,EACpDC,MAAoB,EACrBC,SAAqC,EAC9C;IAAA,IAAAC,gBAAA,CAAAC,OAAA,qBAZoCC,kBAAgB,CAACC,oCAAoC;IAAA,KAS/EN,OAAoD,GAApDA,OAAoD;IAAA,KACpDC,MAAoB,GAApBA,MAAoB;IAAA,KACrBC,SAAqC,GAArCA,SAAqC;EAC7C;;EAEH;AACJ;AACA;EACI,IAAWK,IAAIA,CAAA,EAAuB;IAClC,OAAO,IAAI,CAACC,KAAK;EACrB;;EAEA;AACJ;AACA;EACI,MAAaC,YAAYA,CAAA,EAAkB;IACvC,IAAI,IAAI,CAACD,KAAK,EAAE;MACZ;IACJ;IAEA,IAAI,CAACA,KAAK,GAAGE,IAAI,CAACC,SAAS,CAAC,MAAM,IAAI,CAACX,OAAO,CAACS,YAAY,CAAC,IAAI,CAACG,SAAS,CAAC,CAAC;EAChF;EAEA,MAAaC,qBAAqBA,CAAA,EAAgC;IAC9D,MAAMC,QAAQ,GAAG,MAAM,IAAI,CAACd,OAAO,CAACe,OAAO,CAAC,CAAC;IAE7CC,cAAM,CAACC,IAAI,CAAE,8CAA6CH,QAAS,kBAAiB,IAAI,CAACF,SAAU,EAAC,CAAC;;IAErG;IACA,MAAMM,YAAY,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,eAAe,CAAC,CAAC;IACxD;IACA,MAAMC,QAAQ,GAAG,MAAM,IAAAC,+BAAsB,EAAC,MAAM,IAAI,CAACpB,MAAM,CAACqB,WAAW,CAAC,CAAC,CAAC;IAC9E,MAAMC,UAAU,GAAGC,kCAA0B,CAACC,MAAM,CAA2BP,YAAY,CAAC;;IAE5F;IACA,IAAI,EAACK,UAAU,aAAVA,UAAU,eAAVA,UAAU,CAAEG,OAAO,KAAIN,QAAQ,CAACO,GAAG,CAACC,gBAAO,CAACC,iBAAiB,CAAC,KAAKC,sBAAa,CAACC,WAAW,EAAE;MAC/Ff,cAAM,CAACC,IAAI,CAAC,wCAAwC,CAAC;MACrD,MAAM,IAAI,CAACe,IAAI,CAAC;QAAEC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;QAAEC,OAAO,EAAExC,OAAO,CAACoC;MAAY,CAAC,CAAC;MAC3E,MAAM,IAAI,CAACK,MAAM,CAACC,yBAAuB,CAACC,sBAAsB,CAAC;MACjE,OAAOC,SAAS;IACpB;IAEA,MAAM,IAAI,CAACP,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAAC8C,QAAQ;MAAEC,SAAS,EAAE,CAAC7C,oBAAoB,CAAC8C,IAAI;IAAE,CAAC,CAAC;IAEvF1B,cAAM,CAACC,IAAI,CAAC,4CAA4C,CAAC;IACzD,MAAM;MAAEgB,IAAI;MAAEU,QAAQ;MAAER;IAAQ,CAAC,GAAG,MAAM,IAAI,CAACS,OAAO,CAAC,CAAC;IAExD,IAAIX,IAAI,KAAKvC,WAAW,CAACwC,MAAM,EAAE;MAC7B;MACA,QAAQC,OAAO,aAAPA,OAAO,cAAPA,OAAO,GAAI,EAAE;QACjB,KAAK,aAAa;UACd,MAAM,IAAI,CAACC,MAAM,CAACC,yBAAuB,CAACQ,oBAAoB,CAAC;UAC/D;QACJ;UACI,MAAM,IAAI,CAACT,MAAM,CAACC,yBAAuB,CAACS,OAAO,CAAC;MAC1D;MACA,OAAOP,SAAS;IACpB;IAEA,IAAIN,IAAI,KAAKvC,WAAW,CAAC8C,QAAQ,EAAE;MAC/B,MAAM,IAAI,CAACJ,MAAM,CAACC,yBAAuB,CAACS,OAAO,CAAC;MAClD,OAAOP,SAAS;IACpB;IAEA,IAAI,CAACI,QAAQ,IAAI,CAAC/C,oBAAoB,CAACmD,OAAO,CAACJ,QAAQ,CAAC,EAAE;MACtD,MAAM,IAAI,CAACP,MAAM,CAACC,yBAAuB,CAACQ,oBAAoB,CAAC;MAC/D,OAAON,SAAS;IACpB;IAEA,OAAOzB,QAAQ;EACnB;EAEA,MAAc8B,OAAOA,CAAA,EAAsC;IACvD,OAAQ,MAAM,IAAI,CAAC5C,OAAO,CAAC4C,OAAO,CAAC,CAAC;EACxC;EAEA,MAAcZ,IAAIA,CAACgB,OAAiC,EAAiB;IACjE,MAAM,IAAI,CAAChD,OAAO,CAACgC,IAAI,CAACgB,OAAO,CAAC;EACpC;EAEA,MAAaC,4BAA4BA,CAAA,EAAkB;IACvDjC,cAAM,CAACC,IAAI,CAAC,uBAAuB,CAAC;IACpC,MAAM,IAAI,CAACe,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;MAAEC,OAAO,EAAExC,OAAO,CAACuD;IAAS,CAAC,CAAC;EAC5E;EAEA,MAAaC,4BAA4BA,CAACC,UAAkB,EAA+B;IACvF;IACA,MAAM,IAAI,CAACpB,IAAI,CAAC;MAAEC,IAAI,EAAEvC,WAAW,CAAC8C,QAAQ;MAAEa,WAAW,EAAED,UAAU;MAAEE,UAAU,EAAE,IAAI,CAACrD,MAAM,CAACsD;IAAQ,CAAC,CAAC;IAEzGvC,cAAM,CAACC,IAAI,CAAC,qBAAqB,CAAC;IAClC,MAAMuC,GAAG,GAAG,MAAM,IAAI,CAACZ,OAAO,CAAC,CAAC;IAChC,IAAI,CAACY,GAAG,EAAE;MACN,OAAOjB,SAAS;IACpB;IACA,MAAM;MAAEJ,OAAO;MAAEsB,SAAS,EAAEC,QAAQ;MAAEC,UAAU,EAAEC;IAAU,CAAC,GAAGJ,GAAG;IAEnE,IAAIrB,OAAO,KAAK,SAAS,EAAE;MACvB,MAAM,IAAI0B,KAAK,CAAC,gBAAgB,CAAC;IACrC;IAEA,IAAI,CAACC,WAAW,GAAGJ,QAAQ;IAC3B,IAAI,CAACK,YAAY,GAAGH,SAAS;IAE7B,OAAOF,QAAQ;EACnB;EAEA,MAAcM,wBAAwBA,CAClCC,UAAsB,EAC+C;IACrE,IAAI,CAAC,IAAI,CAAChE,MAAM,CAACiE,MAAM,EAAE;MACrB,MAAM,IAAIL,KAAK,CAAC,gCAAgC,CAAC;IACrD;IAEA,IAAI,CAAC,IAAI,CAACC,WAAW,EAAE;MACnB,MAAM,IAAID,KAAK,CAAC,sBAAsB,CAAC;IAC3C;;IAEA;IACA,IAAII,UAAU,CAACE,cAAc,CAAC,CAAC,KAAK,IAAI,CAACJ,YAAY,EAAE;MACnD,MAAM,IAAIF,KAAK,CACV,gDAA+C,IAAI,CAACE,YAAa,OAAME,UAAU,CAACE,cAAc,CAAC,CAAE,EACxG,CAAC;IACL;IAEA,MAAMC,MAAM,GAAG,IAAI,CAACnE,MAAM,CAACoE,SAAS,CAAC,CAAC;IAEtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIP,KAAK,CAAC,gBAAgB,CAAC;IACrC;IACA;IACA7C,cAAM,CAACC,IAAI,CAAE,kBAAiB,IAAI,CAAC6C,WAAY,cAAa,CAAC;IAC7D,MAAM7C,IAAI,GAAG,MAAM,IAAI,CAAChB,MAAM,CAACiE,MAAM,CAACI,qBAAqB,CAACF,MAAM,EAAE,IAAI,CAACN,WAAW,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;IAExG,MAAMS,eAAe,GAAG,IAAI,CAACtE,MAAM,CAACiE,MAAM,CAACM,gBAAgB,CAACC,KAAK,CAAC,QAAQ,CAAE;IAE5E,MAAM,IAAI,CAACzC,IAAI,CAAC;MACZC,IAAI,EAAEvC,WAAW,CAACwC,MAAM;MACxBC,OAAO,EAAExC,OAAO,CAAC+E,QAAQ;MACzBC,mBAAmB,EAAE,IAAI,CAAC1E,MAAM,CAAC2E,WAAW,CAAC,CAAE;MAC/CC,oBAAoB,EAAE,IAAI,CAAC5E,MAAM,CAAC6E,mBAAmB,CAAC,CAAE;MACxDC,UAAU,EAAER;IAChB,CAAC,CAAC;IAEF,OAAOtD,IAAI;EACf;;EAEA;AACJ;AACA;AACA;AACA;EACI,MAAa+D,+BAA+BA,CACxCC,OAAO,GAAG,EAAE,GAAG,IAAI,EACkD;IACrE,IAAI,CAAC,IAAI,CAACnB,WAAW,EAAE;MACnB,MAAM,IAAID,KAAK,CAAC,uBAAuB,CAAC;IAC5C;IAEA,IAAI,CAAC,IAAI,CAACE,YAAY,EAAE;MACpB/C,cAAM,CAACC,IAAI,CAAC,2BAA2B,CAAC;MACxC,OAAOsB,SAAS;IACpB;IAEA,IAAI,CAAC,IAAI,CAACtC,MAAM,CAACiE,MAAM,EAAE;MACrB,MAAM,IAAIL,KAAK,CAAC,gCAAgC,CAAC;IACrD;IAEA,MAAMO,MAAM,GAAG,IAAI,CAACnE,MAAM,CAACoE,SAAS,CAAC,CAAC;IAEtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIP,KAAK,CAAC,gBAAgB,CAAC;IACrC;IAEA,IAAII,UAAU,GAAG,IAAI,CAAChE,MAAM,CAACiE,MAAM,CAACgB,eAAe,CAACd,MAAM,EAAE,IAAI,CAACN,WAAW,CAAC;IAE7E,IAAI,CAACG,UAAU,EAAE;MACbjD,cAAM,CAACC,IAAI,CAAC,2CAA2C,CAAC;MACxD,MAAM,IAAAkE,YAAK,EAACF,OAAO,CAAC;MACpBhB,UAAU,GAAG,IAAI,CAAChE,MAAM,CAACiE,MAAM,CAACgB,eAAe,CAACd,MAAM,EAAE,IAAI,CAACN,WAAW,CAAC;IAC7E;IAEA,IAAIG,UAAU,EAAE;MACZ,OAAO,MAAM,IAAI,CAACD,wBAAwB,CAACC,UAAU,CAAC;IAC1D;IAEA,MAAM,IAAIJ,KAAK,CAAC,kCAAkC,CAAC;EACvD;EAEA,MAAazB,MAAMA,CAACgD,MAA+B,EAAiB;IAAA,IAAAC,eAAA;IAChE,CAAAA,eAAA,OAAI,CAACnF,SAAS,cAAAmF,eAAA,eAAdA,eAAA,CAAAC,IAAA,KAAI,EAAaF,MAAM,CAAC;IACxB,MAAM,IAAI,CAACpF,OAAO,CAACoC,MAAM,CAACgD,MAAM,CAAC;EACrC;EAEA,MAAaG,KAAKA,CAAA,EAAkB;IAChC,MAAM,IAAI,CAACvF,OAAO,CAACuF,KAAK,CAAC,CAAC;EAC9B;AACJ;AAACC,OAAA,CAAA1F,iBAAA,GAAAA,iBAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CrossSigningIdentity.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/CrossSigningIdentity.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,UAAU,EAAsB,MAAM,oCAAoC,CAAC;AAGpF,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,EAAmB,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAEvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAE5D;;;GAGG;AACH,qBAAa,oBAAoB;IAEzB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa;gBAFb,UAAU,EAAE,UAAU,EACtB,wBAAwB,EAAE,wBAAwB,EAClD,aAAa,EAAE,uBAAuB;IAG3D;;OAEG;IACU,qBAAqB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"CrossSigningIdentity.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/CrossSigningIdentity.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,UAAU,EAAsB,MAAM,oCAAoC,CAAC;AAGpF,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,EAAmB,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAEvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAE5D;;;GAGG;AACH,qBAAa,oBAAoB;IAEzB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,wBAAwB;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa;gBAFb,UAAU,EAAE,UAAU,EACtB,wBAAwB,EAAE,wBAAwB,EAClD,aAAa,EAAE,uBAAuB;IAG3D;;OAEG;IACU,qBAAqB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;IAuElF;;;;;;OAMG;YACW,iBAAiB;IAkB/B;;;;OAIG;YACW,+BAA+B;CAmBhD"}
|
|
@@ -57,22 +57,30 @@ class CrossSigningIdentity {
|
|
|
57
57
|
olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,
|
|
58
58
|
privateKeysInSecretStorage
|
|
59
59
|
});
|
|
60
|
-
if (
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
60
|
+
if (olmDeviceHasKeys) {
|
|
61
|
+
if (!privateKeysInSecretStorage) {
|
|
62
|
+
// the device has the keys but they are not in 4S, so update it
|
|
63
|
+
_logger.logger.log("bootStrapCrossSigning: Olm device has private keys: exporting to secret storage");
|
|
64
|
+
await this.exportCrossSigningKeysToStorage();
|
|
65
|
+
} else {
|
|
66
|
+
_logger.logger.log("bootStrapCrossSigning: Olm device has private keys and they are saved in 4S, do nothing");
|
|
67
|
+
}
|
|
68
|
+
} /* (!olmDeviceHasKeys) */else {
|
|
69
|
+
if (privateKeysInSecretStorage) {
|
|
70
|
+
// they are in 4S, so import from there
|
|
71
|
+
_logger.logger.log("bootStrapCrossSigning: Cross-signing private keys not found locally, but they are available " + "in secret storage, reading storage and caching locally");
|
|
72
|
+
await this.olmMachine.importCrossSigningKeys(masterKeyFromSecretStorage, selfSigningKeyFromSecretStorage, userSigningKeyFromSecretStorage);
|
|
69
73
|
|
|
70
|
-
|
|
71
|
-
|
|
74
|
+
// Get the current device
|
|
75
|
+
const device = await this.olmMachine.getDevice(this.olmMachine.userId, this.olmMachine.deviceId);
|
|
72
76
|
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
77
|
+
// Sign the device with our cross-signing key and upload the signature
|
|
78
|
+
const request = await device.verify();
|
|
79
|
+
await this.outgoingRequestProcessor.makeOutgoingRequest(request);
|
|
80
|
+
} else {
|
|
81
|
+
_logger.logger.log("bootStrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys");
|
|
82
|
+
await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);
|
|
83
|
+
}
|
|
76
84
|
}
|
|
77
85
|
|
|
78
86
|
// TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the
|
|
@@ -88,12 +96,21 @@ class CrossSigningIdentity {
|
|
|
88
96
|
* * Upload the private keys to SSSS, if it is set up
|
|
89
97
|
*/
|
|
90
98
|
async resetCrossSigning(authUploadDeviceSigningKeys) {
|
|
99
|
+
// XXX: We must find a way to make this atomic, currently if the user does not remember his account password
|
|
100
|
+
// or 4S passphrase/key the process will fail in a bad state, with keys rotated but not uploaded or saved in 4S.
|
|
91
101
|
const outgoingRequests = await this.olmMachine.bootstrapCrossSigning(true);
|
|
102
|
+
|
|
103
|
+
// If 4S is configured we need to udpate it.
|
|
104
|
+
if (await this.secretStorage.hasKey()) {
|
|
105
|
+
// Update 4S before uploading cross-signing keys, to stay consistent with legacy that asks
|
|
106
|
+
// 4S passphrase before asking for account password.
|
|
107
|
+
// Ultimately should be made atomic and resistent to forgotten password/passphrase.
|
|
108
|
+
await this.exportCrossSigningKeysToStorage();
|
|
109
|
+
}
|
|
92
110
|
_logger.logger.log("bootStrapCrossSigning: publishing keys to server");
|
|
93
111
|
for (const req of outgoingRequests) {
|
|
94
112
|
await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);
|
|
95
113
|
}
|
|
96
|
-
await this.exportCrossSigningKeysToStorage();
|
|
97
114
|
}
|
|
98
115
|
|
|
99
116
|
/**
|
|
@@ -102,7 +119,23 @@ class CrossSigningIdentity {
|
|
|
102
119
|
* (If secret storage is *not* configured, we assume that the export will happen when it is set up)
|
|
103
120
|
*/
|
|
104
121
|
async exportCrossSigningKeysToStorage() {
|
|
105
|
-
|
|
122
|
+
const exported = await this.olmMachine.exportCrossSigningKeys();
|
|
123
|
+
/* istanbul ignore else (this function is only called when we know the olm machine has keys) */
|
|
124
|
+
if (exported !== null && exported !== void 0 && exported.masterKey) {
|
|
125
|
+
this.secretStorage.store("m.cross_signing.master", exported.masterKey);
|
|
126
|
+
} else {
|
|
127
|
+
_logger.logger.error(`Cannot export MSK to secret storage, private key unknown`);
|
|
128
|
+
}
|
|
129
|
+
if (exported !== null && exported !== void 0 && exported.self_signing_key) {
|
|
130
|
+
this.secretStorage.store("m.cross_signing.self_signing", exported.self_signing_key);
|
|
131
|
+
} else {
|
|
132
|
+
_logger.logger.error(`Cannot export SSK to secret storage, private key unknown`);
|
|
133
|
+
}
|
|
134
|
+
if (exported !== null && exported !== void 0 && exported.userSigningKey) {
|
|
135
|
+
this.secretStorage.store("m.cross_signing.user_signing", exported.userSigningKey);
|
|
136
|
+
} else {
|
|
137
|
+
_logger.logger.error(`Cannot export USK to secret storage, private key unknown`);
|
|
138
|
+
}
|
|
106
139
|
}
|
|
107
140
|
}
|
|
108
141
|
exports.CrossSigningIdentity = CrossSigningIdentity;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CrossSigningIdentity.js","names":["_logger","require","CrossSigningIdentity","constructor","olmMachine","outgoingRequestProcessor","secretStorage","bootstrapCrossSigning","opts","setupNewCrossSigning","resetCrossSigning","authUploadDeviceSigningKeys","olmDeviceStatus","crossSigningStatus","masterKeyFromSecretStorage","get","selfSigningKeyFromSecretStorage","userSigningKeyFromSecretStorage","privateKeysInSecretStorage","Boolean","olmDeviceHasKeys","hasMaster","hasUserSigning","hasSelfSigning","logger","log","olmDeviceHasMaster","olmDeviceHasUserSigning","olmDeviceHasSelfSigning","exportCrossSigningKeysToStorage","importCrossSigningKeys","device","getDevice","userId","deviceId","request","verify","makeOutgoingRequest","outgoingRequests","req","exports"],"sources":["../../src/rust-crypto/CrossSigningIdentity.ts"],"sourcesContent":["/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { OlmMachine, CrossSigningStatus } from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { BootstrapCrossSigningOpts } from \"../crypto-api\";\nimport { logger } from \"../logger\";\nimport { OutgoingRequest, OutgoingRequestProcessor } from \"./OutgoingRequestProcessor\";\nimport { UIAuthCallback } from \"../interactive-auth\";\nimport { ServerSideSecretStorage } from \"../secret-storage\";\n\n/** Manages the cross-signing keys for our own user.\n *\n * @internal\n */\nexport class CrossSigningIdentity {\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n private readonly secretStorage: ServerSideSecretStorage,\n ) {}\n\n /**\n * Initialise our cross-signing keys by creating new keys if they do not exist, and uploading to the server\n */\n public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {\n if (opts.setupNewCrossSigning) {\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n return;\n }\n\n const olmDeviceStatus: CrossSigningStatus = await this.olmMachine.crossSigningStatus();\n\n // Try to fetch cross signing keys from the secret storage\n const masterKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.master\");\n const selfSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.self_signing\");\n const userSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.user_signing\");\n const privateKeysInSecretStorage = Boolean(\n masterKeyFromSecretStorage && selfSigningKeyFromSecretStorage && userSigningKeyFromSecretStorage,\n );\n\n const olmDeviceHasKeys =\n olmDeviceStatus.hasMaster && olmDeviceStatus.hasUserSigning && olmDeviceStatus.hasSelfSigning;\n\n // Log all relevant state for easier parsing of debug logs.\n logger.log(\"bootStrapCrossSigning: starting\", {\n setupNewCrossSigning: opts.setupNewCrossSigning,\n olmDeviceHasMaster: olmDeviceStatus.hasMaster,\n olmDeviceHasUserSigning: olmDeviceStatus.hasUserSigning,\n olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,\n privateKeysInSecretStorage,\n });\n\n if (!olmDeviceHasKeys && !privateKeysInSecretStorage) {\n logger.log(\n \"bootStrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys\",\n );\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n } else if (olmDeviceHasKeys) {\n logger.log(\"bootStrapCrossSigning: Olm device has private keys: exporting to secret storage\");\n await this.exportCrossSigningKeysToStorage();\n } else if (privateKeysInSecretStorage) {\n logger.log(\n \"bootStrapCrossSigning: Cross-signing private keys not found locally, but they are available \" +\n \"in secret storage, reading storage and caching locally\",\n );\n await this.olmMachine.importCrossSigningKeys(\n masterKeyFromSecretStorage,\n selfSigningKeyFromSecretStorage,\n userSigningKeyFromSecretStorage,\n );\n\n // Get the current device\n const device: RustSdkCryptoJs.Device = await this.olmMachine.getDevice(\n this.olmMachine.userId,\n this.olmMachine.deviceId,\n );\n\n // Sign the device with our cross-signing key and upload the signature\n const request: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n }\n\n // TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the\n // server -- in which case we should call OlmDevice.bootstrap_cross_signing. How do we know?\n logger.log(\"bootStrapCrossSigning: complete\");\n }\n\n /** Reset our cross-signing keys\n *\n * This method will:\n * * Tell the OlmMachine to create new keys\n * * Upload the new public keys and the device signature to the server\n * * Upload the private keys to SSSS, if it is set up\n */\n private async resetCrossSigning(authUploadDeviceSigningKeys?: UIAuthCallback<void>): Promise<void> {\n const outgoingRequests: Array<OutgoingRequest> = await this.olmMachine.bootstrapCrossSigning(true);\n\n logger.log(\"bootStrapCrossSigning: publishing keys to server\");\n for (const req of outgoingRequests) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);\n }\n await this.exportCrossSigningKeysToStorage();\n }\n\n /**\n * Extract the cross-signing keys from the olm machine and save them to secret storage, if it is configured\n *\n * (If secret storage is *not* configured, we assume that the export will happen when it is set up)\n */\n private async exportCrossSigningKeysToStorage(): Promise<void> {\n // TODO\n }\n}\n"],"mappings":";;;;;;AAoBA,IAAAA,OAAA,GAAAC,OAAA;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAWA;AACA;AACA;AACA;AACO,MAAMC,oBAAoB,CAAC;EACvBC,WAAWA,CACGC,UAAsB,EACtBC,wBAAkD,EAClDC,aAAsC,EACzD;IAAA,KAHmBF,UAAsB,GAAtBA,UAAsB;IAAA,KACtBC,wBAAkD,GAAlDA,wBAAkD;IAAA,KAClDC,aAAsC,GAAtCA,aAAsC;EACxD;;EAEH;AACJ;AACA;EACI,MAAaC,qBAAqBA,CAACC,IAA+B,EAAiB;IAC/E,IAAIA,IAAI,CAACC,oBAAoB,EAAE;MAC3B,MAAM,IAAI,CAACC,iBAAiB,CAACF,IAAI,CAACG,2BAA2B,CAAC;MAC9D;IACJ;IAEA,MAAMC,eAAmC,GAAG,MAAM,IAAI,CAACR,UAAU,CAACS,kBAAkB,CAAC,CAAC;;IAEtF;IACA,MAAMC,0BAA0B,GAAG,MAAM,IAAI,CAACR,aAAa,CAACS,GAAG,CAAC,wBAAwB,CAAC;IACzF,MAAMC,+BAA+B,GAAG,MAAM,IAAI,CAACV,aAAa,CAACS,GAAG,CAAC,8BAA8B,CAAC;IACpG,MAAME,+BAA+B,GAAG,MAAM,IAAI,CAACX,aAAa,CAACS,GAAG,CAAC,8BAA8B,CAAC;IACpG,MAAMG,0BAA0B,GAAGC,OAAO,CACtCL,0BAA0B,IAAIE,+BAA+B,IAAIC,+BACrE,CAAC;IAED,MAAMG,gBAAgB,GAClBR,eAAe,CAACS,SAAS,IAAIT,eAAe,CAACU,cAAc,IAAIV,eAAe,CAACW,cAAc;;IAEjG;IACAC,cAAM,CAACC,GAAG,CAAC,iCAAiC,EAAE;MAC1ChB,oBAAoB,EAAED,IAAI,CAACC,oBAAoB;MAC/CiB,kBAAkB,EAAEd,eAAe,CAACS,SAAS;MAC7CM,uBAAuB,EAAEf,eAAe,CAACU,cAAc;MACvDM,uBAAuB,EAAEhB,eAAe,CAACW,cAAc;MACvDL;IACJ,CAAC,CAAC;IAEF,IAAI,CAACE,gBAAgB,IAAI,CAACF,0BAA0B,EAAE;MAClDM,cAAM,CAACC,GAAG,CACN,6GACJ,CAAC;MACD,MAAM,IAAI,CAACf,iBAAiB,CAACF,IAAI,CAACG,2BAA2B,CAAC;IAClE,CAAC,MAAM,IAAIS,gBAAgB,EAAE;MACzBI,cAAM,CAACC,GAAG,CAAC,iFAAiF,CAAC;MAC7F,MAAM,IAAI,CAACI,+BAA+B,CAAC,CAAC;IAChD,CAAC,MAAM,IAAIX,0BAA0B,EAAE;MACnCM,cAAM,CAACC,GAAG,CACN,8FAA8F,GAC1F,wDACR,CAAC;MACD,MAAM,IAAI,CAACrB,UAAU,CAAC0B,sBAAsB,CACxChB,0BAA0B,EAC1BE,+BAA+B,EAC/BC,+BACJ,CAAC;;MAED;MACA,MAAMc,MAA8B,GAAG,MAAM,IAAI,CAAC3B,UAAU,CAAC4B,SAAS,CAClE,IAAI,CAAC5B,UAAU,CAAC6B,MAAM,EACtB,IAAI,CAAC7B,UAAU,CAAC8B,QACpB,CAAC;;MAED;MACA,MAAMC,OAA+C,GAAG,MAAMJ,MAAM,CAACK,MAAM,CAAC,CAAC;MAC7E,MAAM,IAAI,CAAC/B,wBAAwB,CAACgC,mBAAmB,CAACF,OAAO,CAAC;IACpE;;IAEA;IACA;IACAX,cAAM,CAACC,GAAG,CAAC,iCAAiC,CAAC;EACjD;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAcf,iBAAiBA,CAACC,2BAAkD,EAAiB;IAC/F,MAAM2B,gBAAwC,GAAG,MAAM,IAAI,CAAClC,UAAU,CAACG,qBAAqB,CAAC,IAAI,CAAC;IAElGiB,cAAM,CAACC,GAAG,CAAC,kDAAkD,CAAC;IAC9D,KAAK,MAAMc,GAAG,IAAID,gBAAgB,EAAE;MAChC,MAAM,IAAI,CAACjC,wBAAwB,CAACgC,mBAAmB,CAACE,GAAG,EAAE5B,2BAA2B,CAAC;IAC7F;IACA,MAAM,IAAI,CAACkB,+BAA+B,CAAC,CAAC;EAChD;;EAEA;AACJ;AACA;AACA;AACA;EACI,MAAcA,+BAA+BA,CAAA,EAAkB;IAC3D;EAAA;AAER;AAACW,OAAA,CAAAtC,oBAAA,GAAAA,oBAAA"}
|
|
1
|
+
{"version":3,"file":"CrossSigningIdentity.js","names":["_logger","require","CrossSigningIdentity","constructor","olmMachine","outgoingRequestProcessor","secretStorage","bootstrapCrossSigning","opts","setupNewCrossSigning","resetCrossSigning","authUploadDeviceSigningKeys","olmDeviceStatus","crossSigningStatus","masterKeyFromSecretStorage","get","selfSigningKeyFromSecretStorage","userSigningKeyFromSecretStorage","privateKeysInSecretStorage","Boolean","olmDeviceHasKeys","hasMaster","hasUserSigning","hasSelfSigning","logger","log","olmDeviceHasMaster","olmDeviceHasUserSigning","olmDeviceHasSelfSigning","exportCrossSigningKeysToStorage","importCrossSigningKeys","device","getDevice","userId","deviceId","request","verify","makeOutgoingRequest","outgoingRequests","hasKey","req","exported","exportCrossSigningKeys","masterKey","store","error","self_signing_key","userSigningKey","exports"],"sources":["../../src/rust-crypto/CrossSigningIdentity.ts"],"sourcesContent":["/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { OlmMachine, CrossSigningStatus } from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { BootstrapCrossSigningOpts } from \"../crypto-api\";\nimport { logger } from \"../logger\";\nimport { OutgoingRequest, OutgoingRequestProcessor } from \"./OutgoingRequestProcessor\";\nimport { UIAuthCallback } from \"../interactive-auth\";\nimport { ServerSideSecretStorage } from \"../secret-storage\";\n\n/** Manages the cross-signing keys for our own user.\n *\n * @internal\n */\nexport class CrossSigningIdentity {\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n private readonly secretStorage: ServerSideSecretStorage,\n ) {}\n\n /**\n * Initialise our cross-signing keys by creating new keys if they do not exist, and uploading to the server\n */\n public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {\n if (opts.setupNewCrossSigning) {\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n return;\n }\n\n const olmDeviceStatus: CrossSigningStatus = await this.olmMachine.crossSigningStatus();\n\n // Try to fetch cross signing keys from the secret storage\n const masterKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.master\");\n const selfSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.self_signing\");\n const userSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.user_signing\");\n const privateKeysInSecretStorage = Boolean(\n masterKeyFromSecretStorage && selfSigningKeyFromSecretStorage && userSigningKeyFromSecretStorage,\n );\n\n const olmDeviceHasKeys =\n olmDeviceStatus.hasMaster && olmDeviceStatus.hasUserSigning && olmDeviceStatus.hasSelfSigning;\n\n // Log all relevant state for easier parsing of debug logs.\n logger.log(\"bootStrapCrossSigning: starting\", {\n setupNewCrossSigning: opts.setupNewCrossSigning,\n olmDeviceHasMaster: olmDeviceStatus.hasMaster,\n olmDeviceHasUserSigning: olmDeviceStatus.hasUserSigning,\n olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,\n privateKeysInSecretStorage,\n });\n\n if (olmDeviceHasKeys) {\n if (!privateKeysInSecretStorage) {\n // the device has the keys but they are not in 4S, so update it\n logger.log(\"bootStrapCrossSigning: Olm device has private keys: exporting to secret storage\");\n await this.exportCrossSigningKeysToStorage();\n } else {\n logger.log(\"bootStrapCrossSigning: Olm device has private keys and they are saved in 4S, do nothing\");\n }\n } /* (!olmDeviceHasKeys) */ else {\n if (privateKeysInSecretStorage) {\n // they are in 4S, so import from there\n logger.log(\n \"bootStrapCrossSigning: Cross-signing private keys not found locally, but they are available \" +\n \"in secret storage, reading storage and caching locally\",\n );\n await this.olmMachine.importCrossSigningKeys(\n masterKeyFromSecretStorage,\n selfSigningKeyFromSecretStorage,\n userSigningKeyFromSecretStorage,\n );\n\n // Get the current device\n const device: RustSdkCryptoJs.Device = await this.olmMachine.getDevice(\n this.olmMachine.userId,\n this.olmMachine.deviceId,\n );\n\n // Sign the device with our cross-signing key and upload the signature\n const request: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n } else {\n logger.log(\n \"bootStrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys\",\n );\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n }\n }\n\n // TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the\n // server -- in which case we should call OlmDevice.bootstrap_cross_signing. How do we know?\n logger.log(\"bootStrapCrossSigning: complete\");\n }\n\n /** Reset our cross-signing keys\n *\n * This method will:\n * * Tell the OlmMachine to create new keys\n * * Upload the new public keys and the device signature to the server\n * * Upload the private keys to SSSS, if it is set up\n */\n private async resetCrossSigning(authUploadDeviceSigningKeys?: UIAuthCallback<void>): Promise<void> {\n // XXX: We must find a way to make this atomic, currently if the user does not remember his account password\n // or 4S passphrase/key the process will fail in a bad state, with keys rotated but not uploaded or saved in 4S.\n const outgoingRequests: Array<OutgoingRequest> = await this.olmMachine.bootstrapCrossSigning(true);\n\n // If 4S is configured we need to udpate it.\n if (await this.secretStorage.hasKey()) {\n // Update 4S before uploading cross-signing keys, to stay consistent with legacy that asks\n // 4S passphrase before asking for account password.\n // Ultimately should be made atomic and resistent to forgotten password/passphrase.\n await this.exportCrossSigningKeysToStorage();\n }\n logger.log(\"bootStrapCrossSigning: publishing keys to server\");\n for (const req of outgoingRequests) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);\n }\n }\n\n /**\n * Extract the cross-signing keys from the olm machine and save them to secret storage, if it is configured\n *\n * (If secret storage is *not* configured, we assume that the export will happen when it is set up)\n */\n private async exportCrossSigningKeysToStorage(): Promise<void> {\n const exported: RustSdkCryptoJs.CrossSigningKeyExport | null = await this.olmMachine.exportCrossSigningKeys();\n /* istanbul ignore else (this function is only called when we know the olm machine has keys) */\n if (exported?.masterKey) {\n this.secretStorage.store(\"m.cross_signing.master\", exported.masterKey);\n } else {\n logger.error(`Cannot export MSK to secret storage, private key unknown`);\n }\n if (exported?.self_signing_key) {\n this.secretStorage.store(\"m.cross_signing.self_signing\", exported.self_signing_key);\n } else {\n logger.error(`Cannot export SSK to secret storage, private key unknown`);\n }\n if (exported?.userSigningKey) {\n this.secretStorage.store(\"m.cross_signing.user_signing\", exported.userSigningKey);\n } else {\n logger.error(`Cannot export USK to secret storage, private key unknown`);\n }\n }\n}\n"],"mappings":";;;;;;AAoBA,IAAAA,OAAA,GAAAC,OAAA;AApBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAWA;AACA;AACA;AACA;AACO,MAAMC,oBAAoB,CAAC;EACvBC,WAAWA,CACGC,UAAsB,EACtBC,wBAAkD,EAClDC,aAAsC,EACzD;IAAA,KAHmBF,UAAsB,GAAtBA,UAAsB;IAAA,KACtBC,wBAAkD,GAAlDA,wBAAkD;IAAA,KAClDC,aAAsC,GAAtCA,aAAsC;EACxD;;EAEH;AACJ;AACA;EACI,MAAaC,qBAAqBA,CAACC,IAA+B,EAAiB;IAC/E,IAAIA,IAAI,CAACC,oBAAoB,EAAE;MAC3B,MAAM,IAAI,CAACC,iBAAiB,CAACF,IAAI,CAACG,2BAA2B,CAAC;MAC9D;IACJ;IAEA,MAAMC,eAAmC,GAAG,MAAM,IAAI,CAACR,UAAU,CAACS,kBAAkB,CAAC,CAAC;;IAEtF;IACA,MAAMC,0BAA0B,GAAG,MAAM,IAAI,CAACR,aAAa,CAACS,GAAG,CAAC,wBAAwB,CAAC;IACzF,MAAMC,+BAA+B,GAAG,MAAM,IAAI,CAACV,aAAa,CAACS,GAAG,CAAC,8BAA8B,CAAC;IACpG,MAAME,+BAA+B,GAAG,MAAM,IAAI,CAACX,aAAa,CAACS,GAAG,CAAC,8BAA8B,CAAC;IACpG,MAAMG,0BAA0B,GAAGC,OAAO,CACtCL,0BAA0B,IAAIE,+BAA+B,IAAIC,+BACrE,CAAC;IAED,MAAMG,gBAAgB,GAClBR,eAAe,CAACS,SAAS,IAAIT,eAAe,CAACU,cAAc,IAAIV,eAAe,CAACW,cAAc;;IAEjG;IACAC,cAAM,CAACC,GAAG,CAAC,iCAAiC,EAAE;MAC1ChB,oBAAoB,EAAED,IAAI,CAACC,oBAAoB;MAC/CiB,kBAAkB,EAAEd,eAAe,CAACS,SAAS;MAC7CM,uBAAuB,EAAEf,eAAe,CAACU,cAAc;MACvDM,uBAAuB,EAAEhB,eAAe,CAACW,cAAc;MACvDL;IACJ,CAAC,CAAC;IAEF,IAAIE,gBAAgB,EAAE;MAClB,IAAI,CAACF,0BAA0B,EAAE;QAC7B;QACAM,cAAM,CAACC,GAAG,CAAC,iFAAiF,CAAC;QAC7F,MAAM,IAAI,CAACI,+BAA+B,CAAC,CAAC;MAChD,CAAC,MAAM;QACHL,cAAM,CAACC,GAAG,CAAC,yFAAyF,CAAC;MACzG;IACJ,CAAC,CAAC,8BAA+B;MAC7B,IAAIP,0BAA0B,EAAE;QAC5B;QACAM,cAAM,CAACC,GAAG,CACN,8FAA8F,GAC1F,wDACR,CAAC;QACD,MAAM,IAAI,CAACrB,UAAU,CAAC0B,sBAAsB,CACxChB,0BAA0B,EAC1BE,+BAA+B,EAC/BC,+BACJ,CAAC;;QAED;QACA,MAAMc,MAA8B,GAAG,MAAM,IAAI,CAAC3B,UAAU,CAAC4B,SAAS,CAClE,IAAI,CAAC5B,UAAU,CAAC6B,MAAM,EACtB,IAAI,CAAC7B,UAAU,CAAC8B,QACpB,CAAC;;QAED;QACA,MAAMC,OAA+C,GAAG,MAAMJ,MAAM,CAACK,MAAM,CAAC,CAAC;QAC7E,MAAM,IAAI,CAAC/B,wBAAwB,CAACgC,mBAAmB,CAACF,OAAO,CAAC;MACpE,CAAC,MAAM;QACHX,cAAM,CAACC,GAAG,CACN,6GACJ,CAAC;QACD,MAAM,IAAI,CAACf,iBAAiB,CAACF,IAAI,CAACG,2BAA2B,CAAC;MAClE;IACJ;;IAEA;IACA;IACAa,cAAM,CAACC,GAAG,CAAC,iCAAiC,CAAC;EACjD;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;EACI,MAAcf,iBAAiBA,CAACC,2BAAkD,EAAiB;IAC/F;IACA;IACA,MAAM2B,gBAAwC,GAAG,MAAM,IAAI,CAAClC,UAAU,CAACG,qBAAqB,CAAC,IAAI,CAAC;;IAElG;IACA,IAAI,MAAM,IAAI,CAACD,aAAa,CAACiC,MAAM,CAAC,CAAC,EAAE;MACnC;MACA;MACA;MACA,MAAM,IAAI,CAACV,+BAA+B,CAAC,CAAC;IAChD;IACAL,cAAM,CAACC,GAAG,CAAC,kDAAkD,CAAC;IAC9D,KAAK,MAAMe,GAAG,IAAIF,gBAAgB,EAAE;MAChC,MAAM,IAAI,CAACjC,wBAAwB,CAACgC,mBAAmB,CAACG,GAAG,EAAE7B,2BAA2B,CAAC;IAC7F;EACJ;;EAEA;AACJ;AACA;AACA;AACA;EACI,MAAckB,+BAA+BA,CAAA,EAAkB;IAC3D,MAAMY,QAAsD,GAAG,MAAM,IAAI,CAACrC,UAAU,CAACsC,sBAAsB,CAAC,CAAC;IAC7G;IACA,IAAID,QAAQ,aAARA,QAAQ,eAARA,QAAQ,CAAEE,SAAS,EAAE;MACrB,IAAI,CAACrC,aAAa,CAACsC,KAAK,CAAC,wBAAwB,EAAEH,QAAQ,CAACE,SAAS,CAAC;IAC1E,CAAC,MAAM;MACHnB,cAAM,CAACqB,KAAK,CAAE,0DAAyD,CAAC;IAC5E;IACA,IAAIJ,QAAQ,aAARA,QAAQ,eAARA,QAAQ,CAAEK,gBAAgB,EAAE;MAC5B,IAAI,CAACxC,aAAa,CAACsC,KAAK,CAAC,8BAA8B,EAAEH,QAAQ,CAACK,gBAAgB,CAAC;IACvF,CAAC,MAAM;MACHtB,cAAM,CAACqB,KAAK,CAAE,0DAAyD,CAAC;IAC5E;IACA,IAAIJ,QAAQ,aAARA,QAAQ,eAARA,QAAQ,CAAEM,cAAc,EAAE;MAC1B,IAAI,CAACzC,aAAa,CAACsC,KAAK,CAAC,8BAA8B,EAAEH,QAAQ,CAACM,cAAc,CAAC;IACrF,CAAC,MAAM;MACHvB,cAAM,CAACqB,KAAK,CAAE,0DAAyD,CAAC;IAC5E;EACJ;AACJ;AAACG,OAAA,CAAA9C,oBAAA,GAAAA,oBAAA"}
|
|
@@ -12,11 +12,14 @@ import { ICryptoCallbacks } from "../crypto";
|
|
|
12
12
|
* @param secretStorage - Interface to server-side secret storage.
|
|
13
13
|
* @param cryptoCallbacks - Crypto callbacks provided by the application
|
|
14
14
|
* @param storePrefix - the prefix to use on the indexeddbs created by rust-crypto.
|
|
15
|
-
* If
|
|
15
|
+
* If `null`, a memory store will be used.
|
|
16
|
+
* @param storePassphrase - a passphrase to use to encrypt the indexeddbs created by rust-crypto.
|
|
17
|
+
* Ignored if `storePrefix` is null. If this is `undefined` (and `storePrefix` is not null), the indexeddbs
|
|
18
|
+
* will be unencrypted.
|
|
16
19
|
*
|
|
17
20
|
* @internal
|
|
18
21
|
*/
|
|
19
22
|
export declare function initRustCrypto(http: MatrixHttpApi<IHttpOpts & {
|
|
20
23
|
onlyData: true;
|
|
21
|
-
}>, userId: string, deviceId: string, secretStorage: ServerSideSecretStorage, cryptoCallbacks: ICryptoCallbacks, storePrefix: string | null): Promise<RustCrypto>;
|
|
24
|
+
}>, userId: string, deviceId: string, secretStorage: ServerSideSecretStorage, cryptoCallbacks: ICryptoCallbacks, storePrefix: string | null, storePassphrase: string | undefined): Promise<RustCrypto>;
|
|
22
25
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/index.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE3C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/index.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE3C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,cAAc,CAChC,IAAI,EAAE,aAAa,CAAC,SAAS,GAAG;IAAE,QAAQ,EAAE,IAAI,CAAA;CAAE,CAAC,EACnD,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,uBAAuB,EACtC,eAAe,EAAE,gBAAgB,EACjC,WAAW,EAAE,MAAM,GAAG,IAAI,EAC1B,eAAe,EAAE,MAAM,GAAG,SAAS,GACpC,OAAO,CAAC,UAAU,CAAC,CAuCrB"}
|
package/lib/rust-crypto/index.js
CHANGED
|
@@ -35,11 +35,14 @@ limitations under the License.
|
|
|
35
35
|
* @param secretStorage - Interface to server-side secret storage.
|
|
36
36
|
* @param cryptoCallbacks - Crypto callbacks provided by the application
|
|
37
37
|
* @param storePrefix - the prefix to use on the indexeddbs created by rust-crypto.
|
|
38
|
-
* If
|
|
38
|
+
* If `null`, a memory store will be used.
|
|
39
|
+
* @param storePassphrase - a passphrase to use to encrypt the indexeddbs created by rust-crypto.
|
|
40
|
+
* Ignored if `storePrefix` is null. If this is `undefined` (and `storePrefix` is not null), the indexeddbs
|
|
41
|
+
* will be unencrypted.
|
|
39
42
|
*
|
|
40
43
|
* @internal
|
|
41
44
|
*/
|
|
42
|
-
async function initRustCrypto(http, userId, deviceId, secretStorage, cryptoCallbacks, storePrefix) {
|
|
45
|
+
async function initRustCrypto(http, userId, deviceId, secretStorage, cryptoCallbacks, storePrefix, storePassphrase) {
|
|
43
46
|
var _ref;
|
|
44
47
|
// initialise the rust matrix-sdk-crypto-wasm, if it hasn't already been done
|
|
45
48
|
await RustSdkCryptoJs.initAsync();
|
|
@@ -51,7 +54,7 @@ async function initRustCrypto(http, userId, deviceId, secretStorage, cryptoCallb
|
|
|
51
54
|
_logger.logger.info("Init OlmMachine");
|
|
52
55
|
|
|
53
56
|
// TODO: use the pickle key for the passphrase
|
|
54
|
-
const olmMachine = await RustSdkCryptoJs.OlmMachine.initialize(u, d, storePrefix !== null && storePrefix !== void 0 ? storePrefix : undefined, (_ref = storePrefix &&
|
|
57
|
+
const olmMachine = await RustSdkCryptoJs.OlmMachine.initialize(u, d, storePrefix !== null && storePrefix !== void 0 ? storePrefix : undefined, (_ref = storePrefix && storePassphrase) !== null && _ref !== void 0 ? _ref : undefined);
|
|
55
58
|
const rustCrypto = new _rustCrypto.RustCrypto(olmMachine, http, userId, deviceId, secretStorage, cryptoCallbacks);
|
|
56
59
|
await olmMachine.registerRoomKeyUpdatedCallback(sessions => rustCrypto.onRoomKeysUpdated(sessions));
|
|
57
60
|
await olmMachine.registerUserIdentityUpdatedCallback(userId => rustCrypto.onUserIdentityUpdated(userId));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["RustSdkCryptoJs","_interopRequireWildcard","require","_rustCrypto","_logger","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initRustCrypto","http","userId","deviceId","secretStorage","cryptoCallbacks","storePrefix","_ref","initAsync","Tracing","LoggerLevel","Trace","turnOn","u","UserId","d","DeviceId","logger","info","olmMachine","OlmMachine","initialize","undefined","rustCrypto","RustCrypto","registerRoomKeyUpdatedCallback","sessions","onRoomKeysUpdated","registerUserIdentityUpdatedCallback","onUserIdentityUpdated","outgoingRequests"],"sources":["../../src/rust-crypto/index.ts"],"sourcesContent":["/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { RustCrypto } from \"./rust-crypto\";\nimport { logger } from \"../logger\";\nimport { IHttpOpts, MatrixHttpApi } from \"../http-api\";\nimport { ServerSideSecretStorage } from \"../secret-storage\";\nimport { ICryptoCallbacks } from \"../crypto\";\n\n/**\n * Create a new `RustCrypto` implementation\n *\n * @param http - Low-level HTTP interface: used to make outgoing requests required by the rust SDK.\n * We expect it to set the access token, etc.\n * @param userId - The local user's User ID.\n * @param deviceId - The local user's Device ID.\n * @param secretStorage - Interface to server-side secret storage.\n * @param cryptoCallbacks - Crypto callbacks provided by the application\n * @param storePrefix - the prefix to use on the indexeddbs created by rust-crypto.\n * If
|
|
1
|
+
{"version":3,"file":"index.js","names":["RustSdkCryptoJs","_interopRequireWildcard","require","_rustCrypto","_logger","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","initRustCrypto","http","userId","deviceId","secretStorage","cryptoCallbacks","storePrefix","storePassphrase","_ref","initAsync","Tracing","LoggerLevel","Trace","turnOn","u","UserId","d","DeviceId","logger","info","olmMachine","OlmMachine","initialize","undefined","rustCrypto","RustCrypto","registerRoomKeyUpdatedCallback","sessions","onRoomKeysUpdated","registerUserIdentityUpdatedCallback","onUserIdentityUpdated","outgoingRequests"],"sources":["../../src/rust-crypto/index.ts"],"sourcesContent":["/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { RustCrypto } from \"./rust-crypto\";\nimport { logger } from \"../logger\";\nimport { IHttpOpts, MatrixHttpApi } from \"../http-api\";\nimport { ServerSideSecretStorage } from \"../secret-storage\";\nimport { ICryptoCallbacks } from \"../crypto\";\n\n/**\n * Create a new `RustCrypto` implementation\n *\n * @param http - Low-level HTTP interface: used to make outgoing requests required by the rust SDK.\n * We expect it to set the access token, etc.\n * @param userId - The local user's User ID.\n * @param deviceId - The local user's Device ID.\n * @param secretStorage - Interface to server-side secret storage.\n * @param cryptoCallbacks - Crypto callbacks provided by the application\n * @param storePrefix - the prefix to use on the indexeddbs created by rust-crypto.\n * If `null`, a memory store will be used.\n * @param storePassphrase - a passphrase to use to encrypt the indexeddbs created by rust-crypto.\n * Ignored if `storePrefix` is null. If this is `undefined` (and `storePrefix` is not null), the indexeddbs\n * will be unencrypted.\n *\n * @internal\n */\nexport async function initRustCrypto(\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n userId: string,\n deviceId: string,\n secretStorage: ServerSideSecretStorage,\n cryptoCallbacks: ICryptoCallbacks,\n storePrefix: string | null,\n storePassphrase: string | undefined,\n): Promise<RustCrypto> {\n // initialise the rust matrix-sdk-crypto-wasm, if it hasn't already been done\n await RustSdkCryptoJs.initAsync();\n\n // enable tracing in the rust-sdk\n new RustSdkCryptoJs.Tracing(RustSdkCryptoJs.LoggerLevel.Trace).turnOn();\n\n const u = new RustSdkCryptoJs.UserId(userId);\n const d = new RustSdkCryptoJs.DeviceId(deviceId);\n logger.info(\"Init OlmMachine\");\n\n // TODO: use the pickle key for the passphrase\n const olmMachine = await RustSdkCryptoJs.OlmMachine.initialize(\n u,\n d,\n storePrefix ?? undefined,\n (storePrefix && storePassphrase) ?? undefined,\n );\n const rustCrypto = new RustCrypto(olmMachine, http, userId, deviceId, secretStorage, cryptoCallbacks);\n await olmMachine.registerRoomKeyUpdatedCallback((sessions: RustSdkCryptoJs.RoomKeyInfo[]) =>\n rustCrypto.onRoomKeysUpdated(sessions),\n );\n await olmMachine.registerUserIdentityUpdatedCallback((userId: RustSdkCryptoJs.UserId) =>\n rustCrypto.onUserIdentityUpdated(userId),\n );\n\n // Tell the OlmMachine to think about its outgoing requests before we hand control back to the application.\n //\n // This is primarily a fudge to get it to correctly populate the `users_for_key_query` list, so that future\n // calls to getIdentity (etc) block until the key queries are performed.\n //\n // Note that we don't actually need to *make* any requests here; it is sufficient to tell the Rust side to think\n // about them.\n //\n // XXX: find a less hacky way to do this.\n await olmMachine.outgoingRequests();\n\n logger.info(\"Completed rust crypto-sdk setup\");\n return rustCrypto;\n}\n"],"mappings":";;;;;;AAgBA,IAAAA,eAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,WAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAAmC,SAAAG,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAL,wBAAAS,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAnBnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeW,cAAcA,CAChCC,IAAmD,EACnDC,MAAc,EACdC,QAAgB,EAChBC,aAAsC,EACtCC,eAAiC,EACjCC,WAA0B,EAC1BC,eAAmC,EAChB;EAAA,IAAAC,IAAA;EACnB;EACA,MAAMnC,eAAe,CAACoC,SAAS,CAAC,CAAC;;EAEjC;EACA,IAAIpC,eAAe,CAACqC,OAAO,CAACrC,eAAe,CAACsC,WAAW,CAACC,KAAK,CAAC,CAACC,MAAM,CAAC,CAAC;EAEvE,MAAMC,CAAC,GAAG,IAAIzC,eAAe,CAAC0C,MAAM,CAACb,MAAM,CAAC;EAC5C,MAAMc,CAAC,GAAG,IAAI3C,eAAe,CAAC4C,QAAQ,CAACd,QAAQ,CAAC;EAChDe,cAAM,CAACC,IAAI,CAAC,iBAAiB,CAAC;;EAE9B;EACA,MAAMC,UAAU,GAAG,MAAM/C,eAAe,CAACgD,UAAU,CAACC,UAAU,CAC1DR,CAAC,EACDE,CAAC,EACDV,WAAW,aAAXA,WAAW,cAAXA,WAAW,GAAIiB,SAAS,GAAAf,IAAA,GACvBF,WAAW,IAAIC,eAAe,cAAAC,IAAA,cAAAA,IAAA,GAAKe,SACxC,CAAC;EACD,MAAMC,UAAU,GAAG,IAAIC,sBAAU,CAACL,UAAU,EAAEnB,IAAI,EAAEC,MAAM,EAAEC,QAAQ,EAAEC,aAAa,EAAEC,eAAe,CAAC;EACrG,MAAMe,UAAU,CAACM,8BAA8B,CAAEC,QAAuC,IACpFH,UAAU,CAACI,iBAAiB,CAACD,QAAQ,CACzC,CAAC;EACD,MAAMP,UAAU,CAACS,mCAAmC,CAAE3B,MAA8B,IAChFsB,UAAU,CAACM,qBAAqB,CAAC5B,MAAM,CAC3C,CAAC;;EAED;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA,MAAMkB,UAAU,CAACW,gBAAgB,CAAC,CAAC;EAEnCb,cAAM,CAACC,IAAI,CAAC,iCAAiC,CAAC;EAC9C,OAAOK,UAAU;AACrB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rust-crypto.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/rust-crypto.ts"],"names":[],"mappings":"AAiBA,OAAO,KAAK,eAAe,MAAM,oCAAoC,CAAC;AAEtE,OAAO,KAAK,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,EAAY,WAAW,EAAoB,MAAM,iBAAiB,CAAC;AAC1E,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAErG,OAAO,EAAgB,SAAS,EAAE,aAAa,EAAU,MAAM,aAAa,CAAC;AAK7E,OAAO,EACH,eAAe,EACf,yBAAyB,EACzB,uBAAuB,EACvB,eAAe,EAEf,kBAAkB,EAClB,eAAe,EAEf,wBAAwB,EACxB,mBAAmB,EAGnB,yBAAyB,EAEzB,kBAAkB,EAClB,cAAc,EACd,aAAa,EAEb,sBAAsB,EACtB,mBAAmB,EACtB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAU,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAA4D,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAQtH,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,sBAAsB,EAA0C,MAAM,UAAU,CAAC;AAiBpH;;;;GAIG;AACH,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,gBAAgB,EAAE,kBAAkB,CAAE,YAAW,aAAa;IA+BxG,4DAA4D;IAC5D,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,gCAAgC;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM;IAKvB,8CAA8C;IAC9C,OAAO,CAAC,QAAQ,CAAC,aAAa;IAE9B,mDAAmD;IACnD,OAAO,CAAC,QAAQ,CAAC,eAAe;IAlD7B,2BAA2B,UAAS;IAC3C,OAAO,CAAC,wBAAwB,CAAQ;IAExC,2CAA2C;IAC3C,OAAO,CAAC,OAAO,CAAS;IAExB,+DAA+D;IAC/D,OAAO,CAAC,0BAA0B,CAAS;IAE3C;;;;OAIG;IACH,OAAO,CAAC,8BAA8B,CAAS;IAE/C,0CAA0C;IAC1C,OAAO,CAAC,cAAc,CAAqC;IAE3D,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,wBAAwB,CAA2B;IAC3D,OAAO,CAAC,oBAAoB,CAAuB;IACnD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAoB;IAElD,OAAO,CAAC,6BAA6B,CAA8B;IAEnE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAkE;;IAGxF,4DAA4D;IAC3C,UAAU,EAAE,eAAe,CAAC,UAAU;IAEvD;;;;OAIG;IACc,IAAI,EAAE,aAAa,CAAC,SAAS,GAAG;QAAE,QAAQ,EAAE,IAAI,CAAA;KAAE,CAAC;IAEpE,gCAAgC;IACf,MAAM,EAAE,MAAM;IAE/B,kCAAkC;IAClC,SAAS,EAAE,MAAM;IAEjB,8CAA8C;IAC7B,aAAa,EAAE,uBAAuB;IAEvD,mDAAmD;IAClC,eAAe,EAAE,eAAe;IAiBrD;;;OAGG;IACU,yBAAyB,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoCpG;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IAarB,IAAI,IAAI,IAAI;IAiBN,YAAY,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAW5D,YAAY,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAa9E;;;;OAIG;IACI,sBAAsB,CAAC,KAAK,EAAE,WAAW,GAAG,mBAAmB;IAkBtE;;;;;OAKG;IACI,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,sBAAsB;IAI7D;;;;;;;;OAQG;IACI,4BAA4B,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAKzD;;;;;;;;OAQG;IACU,yBAAyB,IAAI,OAAO,CAAC,IAAI,CAAC;IAUhD,gCAAgC,UAAS;IAEzC,gBAAgB,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI;IAQlC,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5C,cAAc,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IAK/C,cAAc,CAAC,IAAI,EAAE,kBAAkB,EAAE,EAAE,IAAI,CAAC,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcjG;;OAEG;IACU,uBAAuB,CAAC,MAAM,SAAc,EAAE,gBAAgB,UAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAsCtG;;;;;;;;OAQG;IACU,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,gBAAgB,UAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IAkC/F;;;OAGG;YACW,cAAc;IA6B5B;;;OAGG;YACW,kBAAkB;IAShC;;OAEG;IACI,0BAA0B,IAAI,OAAO;IAI5C;;OAEG;IACI,0BAA0B,CAAC,GAAG,EAAE,OAAO,GAAG,IAAI;IAMrD;;;;OAIG;IACU,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,UAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAYhG;;OAEG;IACU,2BAA2B,CACpC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC;IAgB3C;;OAEG;IACU,yBAAyB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC;IASvF;;OAEG;IACU,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC;IAYpD;;OAEG;IACU,oBAAoB,CAAC,IAAI,GAAE,eAAwC,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0CzG;;OAEG;IACU,qBAAqB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlF;;OAEG;IACU,oBAAoB,IAAI,OAAO,CAAC,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"rust-crypto.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/rust-crypto.ts"],"names":[],"mappings":"AAiBA,OAAO,KAAK,eAAe,MAAM,oCAAoC,CAAC;AAEtE,OAAO,KAAK,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,EAAY,WAAW,EAAoB,MAAM,iBAAiB,CAAC;AAC1E,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAErG,OAAO,EAAgB,SAAS,EAAE,aAAa,EAAU,MAAM,aAAa,CAAC;AAK7E,OAAO,EACH,eAAe,EACf,yBAAyB,EACzB,uBAAuB,EACvB,eAAe,EAEf,kBAAkB,EAClB,eAAe,EAEf,wBAAwB,EACxB,mBAAmB,EAGnB,yBAAyB,EAEzB,kBAAkB,EAClB,cAAc,EACd,aAAa,EAEb,sBAAsB,EACtB,mBAAmB,EACtB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAU,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAA4D,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAQtH,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,sBAAsB,EAA0C,MAAM,UAAU,CAAC;AAiBpH;;;;GAIG;AACH,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,gBAAgB,EAAE,kBAAkB,CAAE,YAAW,aAAa;IA+BxG,4DAA4D;IAC5D,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,gCAAgC;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM;IAKvB,8CAA8C;IAC9C,OAAO,CAAC,QAAQ,CAAC,aAAa;IAE9B,mDAAmD;IACnD,OAAO,CAAC,QAAQ,CAAC,eAAe;IAlD7B,2BAA2B,UAAS;IAC3C,OAAO,CAAC,wBAAwB,CAAQ;IAExC,2CAA2C;IAC3C,OAAO,CAAC,OAAO,CAAS;IAExB,+DAA+D;IAC/D,OAAO,CAAC,0BAA0B,CAAS;IAE3C;;;;OAIG;IACH,OAAO,CAAC,8BAA8B,CAAS;IAE/C,0CAA0C;IAC1C,OAAO,CAAC,cAAc,CAAqC;IAE3D,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,wBAAwB,CAA2B;IAC3D,OAAO,CAAC,oBAAoB,CAAuB;IACnD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAoB;IAElD,OAAO,CAAC,6BAA6B,CAA8B;IAEnE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAkE;;IAGxF,4DAA4D;IAC3C,UAAU,EAAE,eAAe,CAAC,UAAU;IAEvD;;;;OAIG;IACc,IAAI,EAAE,aAAa,CAAC,SAAS,GAAG;QAAE,QAAQ,EAAE,IAAI,CAAA;KAAE,CAAC;IAEpE,gCAAgC;IACf,MAAM,EAAE,MAAM;IAE/B,kCAAkC;IAClC,SAAS,EAAE,MAAM;IAEjB,8CAA8C;IAC7B,aAAa,EAAE,uBAAuB;IAEvD,mDAAmD;IAClC,eAAe,EAAE,eAAe;IAiBrD;;;OAGG;IACU,yBAAyB,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoCpG;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IAarB,IAAI,IAAI,IAAI;IAiBN,YAAY,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAW5D,YAAY,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAa9E;;;;OAIG;IACI,sBAAsB,CAAC,KAAK,EAAE,WAAW,GAAG,mBAAmB;IAkBtE;;;;;OAKG;IACI,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,sBAAsB;IAI7D;;;;;;;;OAQG;IACI,4BAA4B,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAKzD;;;;;;;;OAQG;IACU,yBAAyB,IAAI,OAAO,CAAC,IAAI,CAAC;IAUhD,gCAAgC,UAAS;IAEzC,gBAAgB,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI;IAQlC,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5C,cAAc,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IAK/C,cAAc,CAAC,IAAI,EAAE,kBAAkB,EAAE,EAAE,IAAI,CAAC,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAcjG;;OAEG;IACU,uBAAuB,CAAC,MAAM,SAAc,EAAE,gBAAgB,UAAQ,GAAG,OAAO,CAAC,OAAO,CAAC;IAsCtG;;;;;;;;OAQG;IACU,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,gBAAgB,UAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IAkC/F;;;OAGG;YACW,cAAc;IA6B5B;;;OAGG;YACW,kBAAkB;IAShC;;OAEG;IACI,0BAA0B,IAAI,OAAO;IAI5C;;OAEG;IACI,0BAA0B,CAAC,GAAG,EAAE,OAAO,GAAG,IAAI;IAMrD;;;;OAIG;IACU,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,UAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAYhG;;OAEG;IACU,2BAA2B,CACpC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC;IAgB3C;;OAEG;IACU,yBAAyB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC;IASvF;;OAEG;IACU,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC;IAYpD;;OAEG;IACU,oBAAoB,CAAC,IAAI,GAAE,eAAwC,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0CzG;;OAEG;IACU,qBAAqB,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlF;;OAEG;IACU,oBAAoB,IAAI,OAAO,CAAC,OAAO,CAAC;IAiBrD;;OAEG;IACU,sBAAsB,CAAC,EAChC,sBAAsB,EACtB,qBAAqB,EACrB,iBAAiB,GACpB,GAAE,uBAA4B,GAAG,OAAO,CAAC,IAAI,CAAC;IAkD/C;;;;;;;OAOG;YACW,kCAAkC;IAoBhD;;;;OAIG;YACW,sBAAsB;IAYpC;;OAEG;IACU,qBAAqB,IAAI,OAAO,CAAC,kBAAkB,CAAC;IAwBjE;;OAEG;IACU,+BAA+B,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,CAAC;IA2BnG;;OAEG;IACU,yBAAyB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAI/F;;;;;;;;OAQG;IACI,yCAAyC,CAAC,MAAM,EAAE,MAAM,GAAG,mBAAmB,EAAE;IAgBvF;;;;;;;;;;OAUG;IACI,mCAAmC,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAmB5G;;OAEG;IACU,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA0BhG;;;;;;;;;;OAUG;YACW,8BAA8B;IAgB5C;;OAEG;IACH,OAAO,CAAC,6BAA6B,CAAsC;IAE3E;;;;OAIG;IACI,+BAA+B,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,SAAS,GAAG,IAAI;IAK3E;;;;;;;;OAQG;IACU,0BAA0B,IAAI,OAAO,CAAC,mBAAmB,CAAC;IAgBvE;;;;;;;;;;;OAWG;IACU,yBAAyB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAkBtG;;;;;;OAMG;IACU,0BAA0B,IAAI,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAMrE;;;;;;OAMG;IACU,4BAA4B,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAOzE;;;;OAIG;IACU,6BAA6B,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAIpE;;;;OAIG;IACU,kBAAkB,CAAC,IAAI,EAAE,aAAa,GAAG,OAAO,CAAC,eAAe,CAAC;IAI9E;;;;OAIG;IACU,uBAAuB,IAAI,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAItE;;OAEG;IACU,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInE;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5C;;;;;OAKG;YACW,UAAU;IAoBxB;;OAEG;IACU,kBAAkB,CAAC,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,eAAe,CAAC;IA0BhH;;;;;;;OAOG;YACW,kBAAkB;IAsBhC;;;;OAIG;IACU,0BAA0B,CAAC,MAAM,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAc5F;;;;OAIG;IACU,gBAAgB,CACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC1C,kBAAkB,CAAC,EAAE,MAAM,EAAE,GAC9B,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;OAIG;IACU,kBAAkB,CAAC,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAQzE;;;;OAIG;IACU,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBzE;;;;;OAKG;IACI,eAAe,CAAC,SAAS,EAAE,mBAAmB,GAAG,IAAI;IAM5D;;;;;OAKG;IACH,OAAO,CAAC,gCAAgC;IA0BxC;;;;;OAKG;IACI,gBAAgB,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI;IAS7F;;;;;;;OAOG;IACU,iBAAiB,CAAC,IAAI,EAAE,eAAe,CAAC,WAAW,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAOlF,OAAO,CAAC,gBAAgB;IAwBxB;;;;;;;OAOG;IACU,qBAAqB,CAAC,MAAM,EAAE,eAAe,CAAC,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjF;;;;;OAKG;IACU,mBAAmB,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCnE;;;;OAIG;YACW,wBAAwB;IA+BtC,mEAAmE;IACnE,OAAO,CAAC,mBAAmB;YAkBb,wBAAwB;CAmCzC;AAiND,KAAK,gBAAgB,GACf,WAAW,CAAC,2BAA2B,GACvC,WAAW,CAAC,sBAAsB,GAClC,sBAAsB,CAAC;AAE7B,KAAK,kBAAkB,GAAG;IACtB;;OAEG;IACH,CAAC,WAAW,CAAC,2BAA2B,CAAC,EAAE,CAAC,OAAO,EAAE,mBAAmB,KAAK,IAAI,CAAC;IAElF;;OAEG;IACH,CAAC,WAAW,CAAC,sBAAsB,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,sBAAsB,KAAK,IAAI,CAAC;CAC1G,GAAG,wBAAwB,CAAC"}
|
|
@@ -532,7 +532,15 @@ class RustCrypto extends _typedEventEmitter.TypedEventEmitter {
|
|
|
532
532
|
* Implementation of {@link CryptoApi#isSecretStorageReady}
|
|
533
533
|
*/
|
|
534
534
|
async isSecretStorageReady() {
|
|
535
|
-
|
|
535
|
+
// make sure that the cross-signing keys are stored
|
|
536
|
+
const secretsToCheck = ["m.cross_signing.master", "m.cross_signing.user_signing", "m.cross_signing.self_signing"];
|
|
537
|
+
|
|
538
|
+
// if key backup is active, we also need to check that the backup decryption key is stored
|
|
539
|
+
const keyBackupEnabled = (await this.backupManager.getActiveBackupVersion()) != null;
|
|
540
|
+
if (keyBackupEnabled) {
|
|
541
|
+
secretsToCheck.push("m.megolm_backup.v1");
|
|
542
|
+
}
|
|
543
|
+
return (0, _secretStorage2.secretStorageCanAccessSecrets)(this.secretStorage, secretsToCheck);
|
|
536
544
|
}
|
|
537
545
|
|
|
538
546
|
/**
|
|
@@ -1387,6 +1395,7 @@ function rustEncryptionInfoToJsEncryptionInfo(encryptionInfo) {
|
|
|
1387
1395
|
if (shieldState.message === null) {
|
|
1388
1396
|
shieldReason = null;
|
|
1389
1397
|
} else if (shieldState.message === "Encrypted by an unverified user.") {
|
|
1398
|
+
// this case isn't actually used with lax shield semantics.
|
|
1390
1399
|
shieldReason = _cryptoApi.EventShieldReason.UNVERIFIED_IDENTITY;
|
|
1391
1400
|
} else if (shieldState.message === "Encrypted by a device not verified by its owner.") {
|
|
1392
1401
|
shieldReason = _cryptoApi.EventShieldReason.UNSIGNED_DEVICE;
|