matrix-js-sdk 41.1.0 → 41.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/lib/@types/requests.d.ts +3 -1
- package/lib/@types/requests.d.ts.map +1 -1
- package/lib/@types/requests.js.map +1 -1
- package/lib/client.d.ts.map +1 -1
- package/lib/client.js +12 -7
- package/lib/client.js.map +1 -1
- package/lib/common-crypto/CryptoBackend.d.ts +6 -1
- package/lib/common-crypto/CryptoBackend.d.ts.map +1 -1
- package/lib/common-crypto/CryptoBackend.js.map +1 -1
- package/lib/crypto-api/index.d.ts +0 -7
- package/lib/crypto-api/index.d.ts.map +1 -1
- package/lib/crypto-api/index.js.map +1 -1
- package/lib/matrix.d.ts +1 -0
- package/lib/matrix.d.ts.map +1 -1
- package/lib/matrix.js +1 -0
- package/lib/matrix.js.map +1 -1
- package/lib/rendezvous/MSC4108SignInWithQR.d.ts.map +1 -1
- package/lib/rendezvous/MSC4108SignInWithQR.js +5 -5
- package/lib/rendezvous/MSC4108SignInWithQR.js.map +1 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts +3 -3
- package/lib/rendezvous/channels/MSC4108SecureChannel.d.ts.map +1 -1
- package/lib/rendezvous/channels/MSC4108SecureChannel.js +2 -2
- package/lib/rendezvous/channels/MSC4108SecureChannel.js.map +1 -1
- package/lib/rust-crypto/index.d.ts.map +1 -1
- package/lib/rust-crypto/index.js +13 -1
- package/lib/rust-crypto/index.js.map +1 -1
- package/lib/rust-crypto/rust-crypto.d.ts +3 -3
- package/lib/rust-crypto/rust-crypto.d.ts.map +1 -1
- package/lib/rust-crypto/rust-crypto.js +306 -281
- package/lib/rust-crypto/rust-crypto.js.map +1 -1
- package/package.json +3 -3
- package/src/@types/requests.ts +3 -1
- package/src/client.ts +10 -6
- package/src/common-crypto/CryptoBackend.ts +13 -1
- package/src/crypto-api/index.ts +0 -14
- package/src/matrix.ts +1 -0
- package/src/rendezvous/MSC4108SignInWithQR.ts +6 -6
- package/src/rendezvous/channels/MSC4108SecureChannel.ts +5 -5
- package/src/rust-crypto/index.ts +17 -1
- package/src/rust-crypto/rust-crypto.ts +70 -46
|
@@ -49,6 +49,9 @@ import { VerificationMethod } from "../types.js";
|
|
|
49
49
|
import { keyFromAuthData } from "../common-crypto/key-passphrase.js";
|
|
50
50
|
import { getHttpUriForMxc } from "../content-repo.js";
|
|
51
51
|
var ALL_VERIFICATION_METHODS = [VerificationMethod.Sas, VerificationMethod.ScanQrCode, VerificationMethod.ShowQrCode, VerificationMethod.Reciprocate];
|
|
52
|
+
/** The maximum time, in milliseconds, since we accepted an invite, that we should accept a key bundle. */
|
|
53
|
+
export var MAX_INVITE_ACCEPTANCE_MS_FOR_KEY_BUNDLE = 24 * 60 * 60 * 1000; // 24 hours
|
|
54
|
+
|
|
52
55
|
/**
|
|
53
56
|
* An implementation of {@link CryptoBackend} using the Rust matrix-sdk-crypto.
|
|
54
57
|
*
|
|
@@ -86,8 +89,6 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
86
89
|
_defineProperty(this, "stopped", false);
|
|
87
90
|
/** mapping of roomId → encryptor class */
|
|
88
91
|
_defineProperty(this, "roomEncryptors", {});
|
|
89
|
-
/** mapping of room ID -> inviter ID for rooms pending MSC4268 key bundles */
|
|
90
|
-
_defineProperty(this, "roomsPendingKeyBundles", new Map());
|
|
91
92
|
_defineProperty(this, "eventDecryptor", void 0);
|
|
92
93
|
_defineProperty(this, "keyClaimManager", void 0);
|
|
93
94
|
_defineProperty(this, "outgoingRequestProcessor", void 0);
|
|
@@ -256,20 +257,26 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
256
257
|
var encryptedBundle;
|
|
257
258
|
try {
|
|
258
259
|
var bundleUrl = new URL(url);
|
|
259
|
-
|
|
260
|
+
var encryptedBundleBlob = yield _this5.http.authedRequest(Method.Get, bundleUrl.pathname + bundleUrl.search, {}, undefined, {
|
|
260
261
|
rawResponseBody: true,
|
|
261
262
|
prefix: ""
|
|
262
263
|
});
|
|
264
|
+
logger.info("Received blob of length ".concat(encryptedBundleBlob.size));
|
|
265
|
+
encryptedBundle = new Uint8Array(yield encryptedBundleBlob.arrayBuffer());
|
|
263
266
|
} catch (err) {
|
|
264
267
|
logger.warn("Error downloading encrypted bundle from ".concat(url, ":"), err);
|
|
265
268
|
throw err;
|
|
266
269
|
}
|
|
267
|
-
logger.info("Received blob of length ".concat(encryptedBundle.size));
|
|
268
270
|
try {
|
|
269
|
-
yield _this5.olmMachine.receiveRoomKeyBundle(bundleData,
|
|
271
|
+
yield _this5.olmMachine.receiveRoomKeyBundle(bundleData, encryptedBundle);
|
|
270
272
|
} catch (err) {
|
|
271
273
|
logger.warn("Error receiving encrypted bundle:", err);
|
|
272
274
|
throw err;
|
|
275
|
+
} finally {
|
|
276
|
+
// Even if we were unable to import the bundle, we still clear the flag that indicates that we
|
|
277
|
+
// are waiting for the bundle to be received. The only reason this can happen is that the bundle was
|
|
278
|
+
// malformed somehow, so we don't want to keep retrying it.
|
|
279
|
+
yield _this5.olmMachine.clearRoomPendingKeyBundle(new RustSdkCryptoJs.RoomId(roomId));
|
|
273
280
|
}
|
|
274
281
|
return true;
|
|
275
282
|
})();
|
|
@@ -279,7 +286,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
279
286
|
* Implementation of {@link CryptoBackend.markRoomAsPendingKeyBundle}.
|
|
280
287
|
*/
|
|
281
288
|
markRoomAsPendingKeyBundle(roomId, inviter) {
|
|
282
|
-
this
|
|
289
|
+
var _this6 = this;
|
|
290
|
+
return _asyncToGenerator(function* () {
|
|
291
|
+
yield _this6.olmMachine.storeRoomPendingKeyBundle(new RustSdkCryptoJs.RoomId(roomId), new RustSdkCryptoJs.UserId(inviter));
|
|
292
|
+
})();
|
|
283
293
|
}
|
|
284
294
|
/**
|
|
285
295
|
* Implementation of {@link CryptoApi#getVersion}.
|
|
@@ -300,9 +310,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
300
310
|
* Implementation of {@link CryptoApi#isEncryptionEnabledInRoom}.
|
|
301
311
|
*/
|
|
302
312
|
isEncryptionEnabledInRoom(roomId) {
|
|
303
|
-
var
|
|
313
|
+
var _this7 = this;
|
|
304
314
|
return _asyncToGenerator(function* () {
|
|
305
|
-
var roomSettings = yield
|
|
315
|
+
var roomSettings = yield _this7.olmMachine.getRoomSettings(new RustSdkCryptoJs.RoomId(roomId));
|
|
306
316
|
return Boolean(roomSettings === null || roomSettings === void 0 ? void 0 : roomSettings.algorithm);
|
|
307
317
|
})();
|
|
308
318
|
}
|
|
@@ -311,9 +321,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
311
321
|
* Implementation of {@link CryptoApi#isStateEncryptionEnabledInRoom}.
|
|
312
322
|
*/
|
|
313
323
|
isStateEncryptionEnabledInRoom(roomId) {
|
|
314
|
-
var
|
|
324
|
+
var _this8 = this;
|
|
315
325
|
return _asyncToGenerator(function* () {
|
|
316
|
-
var roomSettings = yield
|
|
326
|
+
var roomSettings = yield _this8.olmMachine.getRoomSettings(new RustSdkCryptoJs.RoomId(roomId));
|
|
317
327
|
return Boolean(roomSettings === null || roomSettings === void 0 ? void 0 : roomSettings.encryptStateEvents);
|
|
318
328
|
})();
|
|
319
329
|
}
|
|
@@ -322,9 +332,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
322
332
|
* Implementation of {@link CryptoApi#getOwnDeviceKeys}.
|
|
323
333
|
*/
|
|
324
334
|
getOwnDeviceKeys() {
|
|
325
|
-
var
|
|
335
|
+
var _this9 = this;
|
|
326
336
|
return _asyncToGenerator(function* () {
|
|
327
|
-
var keys =
|
|
337
|
+
var keys = _this9.olmMachine.identityKeys;
|
|
328
338
|
return {
|
|
329
339
|
ed25519: keys.ed25519.toBase64(),
|
|
330
340
|
curve25519: keys.curve25519.toBase64()
|
|
@@ -342,28 +352,28 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
342
352
|
return (_this$roomEncryptors$ = this.roomEncryptors[roomId]) === null || _this$roomEncryptors$ === void 0 ? void 0 : _this$roomEncryptors$.forceDiscardSession();
|
|
343
353
|
}
|
|
344
354
|
exportRoomKeys() {
|
|
345
|
-
var
|
|
355
|
+
var _this0 = this;
|
|
346
356
|
return _asyncToGenerator(function* () {
|
|
347
|
-
var raw = yield
|
|
357
|
+
var raw = yield _this0.olmMachine.exportRoomKeys(() => true);
|
|
348
358
|
return JSON.parse(raw);
|
|
349
359
|
})();
|
|
350
360
|
}
|
|
351
361
|
exportRoomKeysAsJson() {
|
|
352
|
-
var
|
|
362
|
+
var _this1 = this;
|
|
353
363
|
return _asyncToGenerator(function* () {
|
|
354
|
-
return yield
|
|
364
|
+
return yield _this1.olmMachine.exportRoomKeys(() => true);
|
|
355
365
|
})();
|
|
356
366
|
}
|
|
357
367
|
importRoomKeys(keys, opts) {
|
|
358
|
-
var
|
|
368
|
+
var _this10 = this;
|
|
359
369
|
return _asyncToGenerator(function* () {
|
|
360
|
-
return yield
|
|
370
|
+
return yield _this10.backupManager.importRoomKeys(keys, opts);
|
|
361
371
|
})();
|
|
362
372
|
}
|
|
363
373
|
importRoomKeysAsJson(keys, opts) {
|
|
364
|
-
var
|
|
374
|
+
var _this11 = this;
|
|
365
375
|
return _asyncToGenerator(function* () {
|
|
366
|
-
return yield
|
|
376
|
+
return yield _this11.backupManager.importRoomKeysAsJson(keys, opts);
|
|
367
377
|
})();
|
|
368
378
|
}
|
|
369
379
|
|
|
@@ -372,12 +382,12 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
372
382
|
*/
|
|
373
383
|
userHasCrossSigningKeys() {
|
|
374
384
|
var _arguments = arguments,
|
|
375
|
-
|
|
385
|
+
_this12 = this;
|
|
376
386
|
return _asyncToGenerator(function* () {
|
|
377
|
-
var userId = _arguments.length > 0 && _arguments[0] !== undefined ? _arguments[0] :
|
|
387
|
+
var userId = _arguments.length > 0 && _arguments[0] !== undefined ? _arguments[0] : _this12.userId;
|
|
378
388
|
var downloadUncached = _arguments.length > 1 && _arguments[1] !== undefined ? _arguments[1] : false;
|
|
379
389
|
// TODO: could probably do with a more efficient way of doing this than returning the whole set and searching
|
|
380
|
-
var rustTrackedUsers = yield
|
|
390
|
+
var rustTrackedUsers = yield _this12.olmMachine.trackedUsers();
|
|
381
391
|
var rustTrackedUser;
|
|
382
392
|
for (var u of rustTrackedUsers) {
|
|
383
393
|
if (userId === u.toString()) {
|
|
@@ -386,22 +396,22 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
386
396
|
}
|
|
387
397
|
}
|
|
388
398
|
if (rustTrackedUser !== undefined) {
|
|
389
|
-
if (userId ===
|
|
399
|
+
if (userId === _this12.userId) {
|
|
390
400
|
/* make sure we have an *up-to-date* idea of the user's cross-signing keys. This is important, because if we
|
|
391
401
|
* return "false" here, we will end up generating new cross-signing keys and replacing the existing ones.
|
|
392
402
|
*/
|
|
393
|
-
var request =
|
|
403
|
+
var request = _this12.olmMachine.queryKeysForUsers(
|
|
394
404
|
// clone as rust layer will take ownership and it's reused later
|
|
395
405
|
[rustTrackedUser.clone()]);
|
|
396
|
-
yield
|
|
406
|
+
yield _this12.outgoingRequestProcessor.makeOutgoingRequest(request);
|
|
397
407
|
}
|
|
398
|
-
var userIdentity = yield
|
|
408
|
+
var userIdentity = yield _this12.olmMachine.getIdentity(rustTrackedUser);
|
|
399
409
|
userIdentity === null || userIdentity === void 0 || userIdentity.free();
|
|
400
410
|
return userIdentity !== undefined;
|
|
401
411
|
} else if (downloadUncached) {
|
|
402
412
|
var _keyResult$master_key;
|
|
403
413
|
// Download the cross signing keys and check if the master key is available
|
|
404
|
-
var keyResult = yield
|
|
414
|
+
var keyResult = yield _this12.downloadDeviceList(new Set([userId]));
|
|
405
415
|
var keys = (_keyResult$master_key = keyResult.master_keys) === null || _keyResult$master_key === void 0 ? void 0 : _keyResult$master_key[userId];
|
|
406
416
|
|
|
407
417
|
// No master key
|
|
@@ -428,11 +438,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
428
438
|
*/
|
|
429
439
|
getUserDeviceInfo(userIds) {
|
|
430
440
|
var _arguments2 = arguments,
|
|
431
|
-
|
|
441
|
+
_this13 = this;
|
|
432
442
|
return _asyncToGenerator(function* () {
|
|
433
443
|
var downloadUncached = _arguments2.length > 1 && _arguments2[1] !== undefined ? _arguments2[1] : false;
|
|
434
444
|
var deviceMapByUserId = new Map();
|
|
435
|
-
var rustTrackedUsers = yield
|
|
445
|
+
var rustTrackedUsers = yield _this13.getOlmMachineOrThrow().trackedUsers();
|
|
436
446
|
|
|
437
447
|
// Convert RustSdkCryptoJs.UserId to a `Set<string>`
|
|
438
448
|
var trackedUsers = new Set();
|
|
@@ -445,7 +455,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
445
455
|
// (NB: this is probably ok even if we race with a leave event such that we stop tracking the user's
|
|
446
456
|
// devices: the rust-sdk will return the last-known device list, which will be good enough.)
|
|
447
457
|
if (trackedUsers.has(_userId)) {
|
|
448
|
-
deviceMapByUserId.set(_userId, yield
|
|
458
|
+
deviceMapByUserId.set(_userId, yield _this13.getUserDevices(_userId));
|
|
449
459
|
} else {
|
|
450
460
|
untrackedUsers.add(_userId);
|
|
451
461
|
}
|
|
@@ -454,7 +464,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
454
464
|
// for any users whose device lists we are not tracking, fall back to downloading the device list
|
|
455
465
|
// over HTTP.
|
|
456
466
|
if (downloadUncached && untrackedUsers.size >= 1) {
|
|
457
|
-
var queryResult = yield
|
|
467
|
+
var queryResult = yield _this13.downloadDeviceList(untrackedUsers);
|
|
458
468
|
Object.entries(queryResult.device_keys).forEach(_ref => {
|
|
459
469
|
var [userId, deviceKeys] = _ref;
|
|
460
470
|
return deviceMapByUserId.set(userId, deviceKeysToDeviceMap(deviceKeys));
|
|
@@ -469,7 +479,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
469
479
|
* @param userId - Rust SDK UserId
|
|
470
480
|
*/
|
|
471
481
|
getUserDevices(userId) {
|
|
472
|
-
var
|
|
482
|
+
var _this14 = this;
|
|
473
483
|
return _asyncToGenerator(function* () {
|
|
474
484
|
var rustUserId = new RustSdkCryptoJs.UserId(userId);
|
|
475
485
|
|
|
@@ -487,7 +497,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
487
497
|
// Wait for up to a second for any in-flight device list requests to complete.
|
|
488
498
|
// The reason for this isn't so much to avoid races (some level of raciness is
|
|
489
499
|
// inevitable for this method) but to make testing easier.
|
|
490
|
-
var userDevices = yield
|
|
500
|
+
var userDevices = yield _this14.olmMachine.getUserDevices(rustUserId, 1);
|
|
491
501
|
try {
|
|
492
502
|
var deviceArray = userDevices.devices();
|
|
493
503
|
try {
|
|
@@ -506,13 +516,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
506
516
|
* @param untrackedUsers - download keys of these users
|
|
507
517
|
*/
|
|
508
518
|
downloadDeviceList(untrackedUsers) {
|
|
509
|
-
var
|
|
519
|
+
var _this15 = this;
|
|
510
520
|
return _asyncToGenerator(function* () {
|
|
511
521
|
var queryBody = {
|
|
512
522
|
device_keys: {}
|
|
513
523
|
};
|
|
514
524
|
untrackedUsers.forEach(user => queryBody.device_keys[user] = []);
|
|
515
|
-
return yield
|
|
525
|
+
return yield _this15.http.authedRequest(Method.Post, "/_matrix/client/v3/keys/query", undefined, queryBody, {
|
|
516
526
|
prefix: ""
|
|
517
527
|
});
|
|
518
528
|
})();
|
|
@@ -541,10 +551,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
541
551
|
*/
|
|
542
552
|
setDeviceVerified(userId, deviceId) {
|
|
543
553
|
var _arguments3 = arguments,
|
|
544
|
-
|
|
554
|
+
_this16 = this;
|
|
545
555
|
return _asyncToGenerator(function* () {
|
|
546
556
|
var verified = _arguments3.length > 2 && _arguments3[2] !== undefined ? _arguments3[2] : true;
|
|
547
|
-
var device = yield
|
|
557
|
+
var device = yield _this16.olmMachine.getDevice(new RustSdkCryptoJs.UserId(userId), new RustSdkCryptoJs.DeviceId(deviceId));
|
|
548
558
|
if (!device) {
|
|
549
559
|
throw new Error("Unknown device ".concat(userId, "|").concat(deviceId));
|
|
550
560
|
}
|
|
@@ -562,15 +572,15 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
562
572
|
* Implementation of {@link CryptoApi#crossSignDevice}.
|
|
563
573
|
*/
|
|
564
574
|
crossSignDevice(deviceId) {
|
|
565
|
-
var
|
|
575
|
+
var _this17 = this;
|
|
566
576
|
return _asyncToGenerator(function* () {
|
|
567
|
-
var device = yield
|
|
577
|
+
var device = yield _this17.olmMachine.getDevice(new RustSdkCryptoJs.UserId(_this17.userId), new RustSdkCryptoJs.DeviceId(deviceId));
|
|
568
578
|
if (!device) {
|
|
569
579
|
throw new Error("Unknown device ".concat(deviceId));
|
|
570
580
|
}
|
|
571
581
|
try {
|
|
572
582
|
var outgoingRequest = yield device.verify();
|
|
573
|
-
yield
|
|
583
|
+
yield _this17.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);
|
|
574
584
|
} finally {
|
|
575
585
|
device.free();
|
|
576
586
|
}
|
|
@@ -581,16 +591,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
581
591
|
* Implementation of {@link CryptoApi#getDeviceVerificationStatus}.
|
|
582
592
|
*/
|
|
583
593
|
getDeviceVerificationStatus(userId, deviceId) {
|
|
584
|
-
var
|
|
594
|
+
var _this18 = this;
|
|
585
595
|
return _asyncToGenerator(function* () {
|
|
586
|
-
var device = yield
|
|
596
|
+
var device = yield _this18.olmMachine.getDevice(new RustSdkCryptoJs.UserId(userId), new RustSdkCryptoJs.DeviceId(deviceId));
|
|
587
597
|
if (!device) return null;
|
|
588
598
|
try {
|
|
589
599
|
return new DeviceVerificationStatus({
|
|
590
600
|
signedByOwner: device.isCrossSignedByOwner(),
|
|
591
601
|
crossSigningVerified: device.isCrossSigningTrusted(),
|
|
592
602
|
localVerified: device.isLocallyTrusted(),
|
|
593
|
-
trustCrossSignedDevices:
|
|
603
|
+
trustCrossSignedDevices: _this18._trustCrossSignedDevices
|
|
594
604
|
});
|
|
595
605
|
} finally {
|
|
596
606
|
device.free();
|
|
@@ -602,9 +612,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
602
612
|
* Implementation of {@link CryptoApi#getUserVerificationStatus}.
|
|
603
613
|
*/
|
|
604
614
|
getUserVerificationStatus(userId) {
|
|
605
|
-
var
|
|
615
|
+
var _this19 = this;
|
|
606
616
|
return _asyncToGenerator(function* () {
|
|
607
|
-
var userIdentity = yield
|
|
617
|
+
var userIdentity = yield _this19.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));
|
|
608
618
|
if (userIdentity === undefined) {
|
|
609
619
|
return new UserVerificationStatus(false, false, false);
|
|
610
620
|
}
|
|
@@ -620,9 +630,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
620
630
|
* Implementation of {@link CryptoApi#pinCurrentUserIdentity}.
|
|
621
631
|
*/
|
|
622
632
|
pinCurrentUserIdentity(userId) {
|
|
623
|
-
var
|
|
633
|
+
var _this20 = this;
|
|
624
634
|
return _asyncToGenerator(function* () {
|
|
625
|
-
var userIdentity = yield
|
|
635
|
+
var userIdentity = yield _this20.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));
|
|
626
636
|
if (userIdentity === undefined) {
|
|
627
637
|
throw new Error("Cannot pin identity of unknown user");
|
|
628
638
|
}
|
|
@@ -637,9 +647,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
637
647
|
* Implementation of {@link CryptoApi#withdrawVerificationRequirement}.
|
|
638
648
|
*/
|
|
639
649
|
withdrawVerificationRequirement(userId) {
|
|
640
|
-
var
|
|
650
|
+
var _this21 = this;
|
|
641
651
|
return _asyncToGenerator(function* () {
|
|
642
|
-
var userIdentity = yield
|
|
652
|
+
var userIdentity = yield _this21.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));
|
|
643
653
|
if (userIdentity === undefined) {
|
|
644
654
|
throw new Error("Cannot withdraw verification of unknown user");
|
|
645
655
|
}
|
|
@@ -651,14 +661,14 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
651
661
|
* Implementation of {@link CryptoApi#isCrossSigningReady}
|
|
652
662
|
*/
|
|
653
663
|
isCrossSigningReady() {
|
|
654
|
-
var
|
|
664
|
+
var _this22 = this;
|
|
655
665
|
return _asyncToGenerator(function* () {
|
|
656
666
|
var {
|
|
657
667
|
privateKeysInSecretStorage,
|
|
658
668
|
privateKeysCachedLocally
|
|
659
|
-
} = yield
|
|
669
|
+
} = yield _this22.getCrossSigningStatus();
|
|
660
670
|
var hasKeysInCache = Boolean(privateKeysCachedLocally.masterKey) && Boolean(privateKeysCachedLocally.selfSigningKey) && Boolean(privateKeysCachedLocally.userSigningKey);
|
|
661
|
-
var identity = yield
|
|
671
|
+
var identity = yield _this22.getOwnIdentity();
|
|
662
672
|
|
|
663
673
|
// Cross-signing is ready if the public identity is trusted, and the private keys
|
|
664
674
|
// are either cached, or accessible via secret-storage.
|
|
@@ -671,16 +681,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
671
681
|
*/
|
|
672
682
|
getCrossSigningKeyId() {
|
|
673
683
|
var _arguments4 = arguments,
|
|
674
|
-
|
|
684
|
+
_this23 = this;
|
|
675
685
|
return _asyncToGenerator(function* () {
|
|
676
686
|
var type = _arguments4.length > 0 && _arguments4[0] !== undefined ? _arguments4[0] : CrossSigningKey.Master;
|
|
677
|
-
var userIdentity = yield
|
|
687
|
+
var userIdentity = yield _this23.getOwnIdentity();
|
|
678
688
|
if (!userIdentity) {
|
|
679
689
|
// The public keys are not available on this device
|
|
680
690
|
return null;
|
|
681
691
|
}
|
|
682
692
|
try {
|
|
683
|
-
var crossSigningStatus = yield
|
|
693
|
+
var crossSigningStatus = yield _this23.olmMachine.crossSigningStatus();
|
|
684
694
|
var privateKeysOnDevice = crossSigningStatus.hasMaster && crossSigningStatus.hasUserSigning && crossSigningStatus.hasSelfSigning;
|
|
685
695
|
if (!privateKeysOnDevice) {
|
|
686
696
|
// The private keys are not available on this device
|
|
@@ -720,9 +730,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
720
730
|
* Implementation of {@link CryptoApi#bootstrapCrossSigning}
|
|
721
731
|
*/
|
|
722
732
|
bootstrapCrossSigning(opts) {
|
|
723
|
-
var
|
|
733
|
+
var _this24 = this;
|
|
724
734
|
return _asyncToGenerator(function* () {
|
|
725
|
-
yield
|
|
735
|
+
yield _this24.crossSigningIdentity.bootstrapCrossSigning(opts);
|
|
726
736
|
})();
|
|
727
737
|
}
|
|
728
738
|
|
|
@@ -730,9 +740,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
730
740
|
* Implementation of {@link CryptoApi#isSecretStorageReady}
|
|
731
741
|
*/
|
|
732
742
|
isSecretStorageReady() {
|
|
733
|
-
var
|
|
743
|
+
var _this25 = this;
|
|
734
744
|
return _asyncToGenerator(function* () {
|
|
735
|
-
return (yield
|
|
745
|
+
return (yield _this25.getSecretStorageStatus()).ready;
|
|
736
746
|
})();
|
|
737
747
|
}
|
|
738
748
|
|
|
@@ -740,17 +750,17 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
740
750
|
* Implementation of {@link CryptoApi#getSecretStorageStatus}
|
|
741
751
|
*/
|
|
742
752
|
getSecretStorageStatus() {
|
|
743
|
-
var
|
|
753
|
+
var _this26 = this;
|
|
744
754
|
return _asyncToGenerator(function* () {
|
|
745
755
|
// make sure that the cross-signing keys are stored
|
|
746
756
|
var secretsToCheck = ["m.cross_signing.master", "m.cross_signing.user_signing", "m.cross_signing.self_signing"];
|
|
747
757
|
|
|
748
758
|
// If key backup is active, we also need to check that the backup decryption key is stored
|
|
749
|
-
var keyBackupEnabled = (yield
|
|
759
|
+
var keyBackupEnabled = (yield _this26.backupManager.getActiveBackupVersion()) != null;
|
|
750
760
|
if (keyBackupEnabled) {
|
|
751
761
|
secretsToCheck.push("m.megolm_backup.v1");
|
|
752
762
|
}
|
|
753
|
-
var defaultKeyId = yield
|
|
763
|
+
var defaultKeyId = yield _this26.secretStorage.getDefaultKeyId();
|
|
754
764
|
var result = {
|
|
755
765
|
// Assume we have all secrets until proven otherwise
|
|
756
766
|
ready: true,
|
|
@@ -759,7 +769,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
759
769
|
};
|
|
760
770
|
for (var secretName of secretsToCheck) {
|
|
761
771
|
// Check which keys this particular secret is encrypted with
|
|
762
|
-
var record = (yield
|
|
772
|
+
var record = (yield _this26.secretStorage.isStored(secretName)) || {};
|
|
763
773
|
|
|
764
774
|
// If it's encrypted with the right key, it is valid
|
|
765
775
|
var secretStored = !!defaultKeyId && defaultKeyId in record;
|
|
@@ -775,7 +785,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
775
785
|
*/
|
|
776
786
|
bootstrapSecretStorage() {
|
|
777
787
|
var _arguments5 = arguments,
|
|
778
|
-
|
|
788
|
+
_this27 = this;
|
|
779
789
|
return _asyncToGenerator(function* () {
|
|
780
790
|
var {
|
|
781
791
|
createSecretStorageKey,
|
|
@@ -784,38 +794,38 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
784
794
|
} = _arguments5.length > 0 && _arguments5[0] !== undefined ? _arguments5[0] : {};
|
|
785
795
|
// If an AES Key is already stored in the secret storage and setupNewSecretStorage is not set
|
|
786
796
|
// we don't want to create a new key
|
|
787
|
-
var isNewSecretStorageKeyNeeded = setupNewSecretStorage || !(yield
|
|
797
|
+
var isNewSecretStorageKeyNeeded = setupNewSecretStorage || !(yield _this27.secretStorageHasAESKey());
|
|
788
798
|
if (isNewSecretStorageKeyNeeded) {
|
|
789
799
|
if (!createSecretStorageKey) {
|
|
790
800
|
throw new Error("unable to create a new secret storage key, createSecretStorageKey is not set");
|
|
791
801
|
}
|
|
792
802
|
|
|
793
803
|
// Create a new storage key and add it to secret storage
|
|
794
|
-
|
|
804
|
+
_this27.logger.info("bootstrapSecretStorage: creating new secret storage key");
|
|
795
805
|
var recoveryKey = yield createSecretStorageKey();
|
|
796
806
|
if (!recoveryKey) {
|
|
797
807
|
throw new Error("createSecretStorageKey() callback did not return a secret storage key");
|
|
798
808
|
}
|
|
799
|
-
yield
|
|
809
|
+
yield _this27.addSecretStorageKeyToSecretStorage(recoveryKey);
|
|
800
810
|
}
|
|
801
|
-
var crossSigningPrivateKeys = yield
|
|
811
|
+
var crossSigningPrivateKeys = yield _this27.olmMachine.exportCrossSigningKeys();
|
|
802
812
|
var hasPrivateKeys = crossSigningPrivateKeys && crossSigningPrivateKeys.masterKey !== undefined && crossSigningPrivateKeys.self_signing_key !== undefined && crossSigningPrivateKeys.userSigningKey !== undefined;
|
|
803
813
|
|
|
804
814
|
// If we have cross-signing private keys cached, store them in secret
|
|
805
815
|
// storage if they are not there already.
|
|
806
|
-
if (hasPrivateKeys && (isNewSecretStorageKeyNeeded || !(yield secretStorageContainsCrossSigningKeys(
|
|
807
|
-
|
|
808
|
-
yield
|
|
809
|
-
yield
|
|
810
|
-
yield
|
|
816
|
+
if (hasPrivateKeys && (isNewSecretStorageKeyNeeded || !(yield secretStorageContainsCrossSigningKeys(_this27.secretStorage)))) {
|
|
817
|
+
_this27.logger.info("bootstrapSecretStorage: cross-signing keys not yet exported; doing so now.");
|
|
818
|
+
yield _this27.secretStorage.store("m.cross_signing.master", crossSigningPrivateKeys.masterKey);
|
|
819
|
+
yield _this27.secretStorage.store("m.cross_signing.user_signing", crossSigningPrivateKeys.userSigningKey);
|
|
820
|
+
yield _this27.secretStorage.store("m.cross_signing.self_signing", crossSigningPrivateKeys.self_signing_key);
|
|
811
821
|
}
|
|
812
822
|
|
|
813
823
|
// likewise with the key backup key: if we have one, store it in secret storage (if it's not already there)
|
|
814
824
|
// also don't bother storing it if we're about to set up a new backup
|
|
815
825
|
if (!setupNewKeyBackup) {
|
|
816
|
-
yield
|
|
826
|
+
yield _this27.saveBackupKeyToStorage();
|
|
817
827
|
} else {
|
|
818
|
-
yield
|
|
828
|
+
yield _this27.resetKeyBackup();
|
|
819
829
|
}
|
|
820
830
|
})();
|
|
821
831
|
}
|
|
@@ -825,24 +835,24 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
825
835
|
* save it to secret storage.
|
|
826
836
|
*/
|
|
827
837
|
saveBackupKeyToStorage() {
|
|
828
|
-
var
|
|
838
|
+
var _this28 = this;
|
|
829
839
|
return _asyncToGenerator(function* () {
|
|
830
|
-
var keyBackupInfo = yield
|
|
840
|
+
var keyBackupInfo = yield _this28.backupManager.getServerBackupInfo();
|
|
831
841
|
if (!keyBackupInfo || !keyBackupInfo.version) {
|
|
832
|
-
|
|
842
|
+
_this28.logger.info("Not saving backup key to secret storage: no backup info");
|
|
833
843
|
return;
|
|
834
844
|
}
|
|
835
|
-
var backupKeys = yield
|
|
845
|
+
var backupKeys = yield _this28.olmMachine.getBackupKeys();
|
|
836
846
|
if (!backupKeys.decryptionKey) {
|
|
837
|
-
|
|
847
|
+
_this28.logger.info("Not saving backup key to secret storage: no backup key");
|
|
838
848
|
return;
|
|
839
849
|
}
|
|
840
850
|
if (!decryptionKeyMatchesKeyBackupInfo(backupKeys.decryptionKey, keyBackupInfo)) {
|
|
841
|
-
|
|
851
|
+
_this28.logger.info("Not saving backup key to secret storage: decryption key does not match backup info");
|
|
842
852
|
return;
|
|
843
853
|
}
|
|
844
854
|
var backupKeyBase64 = backupKeys.decryptionKey.toBase64();
|
|
845
|
-
yield
|
|
855
|
+
yield _this28.secretStorage.store("m.megolm_backup.v1", backupKeyBase64);
|
|
846
856
|
})();
|
|
847
857
|
}
|
|
848
858
|
|
|
@@ -855,16 +865,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
855
865
|
* @param secretStorageKey - The secret storage key to add in the secret storage.
|
|
856
866
|
*/
|
|
857
867
|
addSecretStorageKeyToSecretStorage(secretStorageKey) {
|
|
858
|
-
var
|
|
868
|
+
var _this29 = this;
|
|
859
869
|
return _asyncToGenerator(function* () {
|
|
860
|
-
var _secretStorageKey$key, _secretStorageKey$key2,
|
|
861
|
-
var secretStorageKeyObject = yield
|
|
870
|
+
var _secretStorageKey$key, _secretStorageKey$key2, _this29$cryptoCallbac, _this29$cryptoCallbac2;
|
|
871
|
+
var secretStorageKeyObject = yield _this29.secretStorage.addKey(SECRET_STORAGE_ALGORITHM_V1_AES, {
|
|
862
872
|
passphrase: (_secretStorageKey$key = secretStorageKey.keyInfo) === null || _secretStorageKey$key === void 0 ? void 0 : _secretStorageKey$key.passphrase,
|
|
863
873
|
name: (_secretStorageKey$key2 = secretStorageKey.keyInfo) === null || _secretStorageKey$key2 === void 0 ? void 0 : _secretStorageKey$key2.name,
|
|
864
874
|
key: secretStorageKey.privateKey
|
|
865
875
|
});
|
|
866
|
-
yield
|
|
867
|
-
(
|
|
876
|
+
yield _this29.secretStorage.setDefaultKeyId(secretStorageKeyObject.keyId);
|
|
877
|
+
(_this29$cryptoCallbac = (_this29$cryptoCallbac2 = _this29.cryptoCallbacks).cacheSecretStorageKey) === null || _this29$cryptoCallbac === void 0 || _this29$cryptoCallbac.call(_this29$cryptoCallbac2, secretStorageKeyObject.keyId, secretStorageKeyObject.keyInfo, secretStorageKey.privateKey);
|
|
868
878
|
})();
|
|
869
879
|
}
|
|
870
880
|
|
|
@@ -874,10 +884,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
874
884
|
* @returns True if an AES key is in the secret storage
|
|
875
885
|
*/
|
|
876
886
|
secretStorageHasAESKey() {
|
|
877
|
-
var
|
|
887
|
+
var _this30 = this;
|
|
878
888
|
return _asyncToGenerator(function* () {
|
|
879
889
|
// See if we already have an AES secret-storage key.
|
|
880
|
-
var secretStorageKeyTuple = yield
|
|
890
|
+
var secretStorageKeyTuple = yield _this30.secretStorage.getKey();
|
|
881
891
|
if (!secretStorageKeyTuple) return false;
|
|
882
892
|
var [, keyInfo] = secretStorageKeyTuple;
|
|
883
893
|
|
|
@@ -890,13 +900,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
890
900
|
* Implementation of {@link CryptoApi#getCrossSigningStatus}
|
|
891
901
|
*/
|
|
892
902
|
getCrossSigningStatus() {
|
|
893
|
-
var
|
|
903
|
+
var _this31 = this;
|
|
894
904
|
return _asyncToGenerator(function* () {
|
|
895
|
-
var userIdentity = yield
|
|
905
|
+
var userIdentity = yield _this31.getOwnIdentity();
|
|
896
906
|
var publicKeysOnDevice = Boolean(userIdentity === null || userIdentity === void 0 ? void 0 : userIdentity.masterKey) && Boolean(userIdentity === null || userIdentity === void 0 ? void 0 : userIdentity.selfSigningKey) && Boolean(userIdentity === null || userIdentity === void 0 ? void 0 : userIdentity.userSigningKey);
|
|
897
907
|
userIdentity === null || userIdentity === void 0 || userIdentity.free();
|
|
898
|
-
var privateKeysInSecretStorage = yield secretStorageContainsCrossSigningKeys(
|
|
899
|
-
var crossSigningStatus = yield
|
|
908
|
+
var privateKeysInSecretStorage = yield secretStorageContainsCrossSigningKeys(_this31.secretStorage);
|
|
909
|
+
var crossSigningStatus = yield _this31.getOlmMachineOrThrow().crossSigningStatus();
|
|
900
910
|
return {
|
|
901
911
|
publicKeysOnDevice,
|
|
902
912
|
privateKeysInSecretStorage,
|
|
@@ -913,19 +923,19 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
913
923
|
* Implementation of {@link CryptoApi#createRecoveryKeyFromPassphrase}
|
|
914
924
|
*/
|
|
915
925
|
createRecoveryKeyFromPassphrase(password) {
|
|
916
|
-
var
|
|
926
|
+
var _this32 = this;
|
|
917
927
|
return _asyncToGenerator(function* () {
|
|
918
928
|
if (password) {
|
|
919
929
|
// Generate the key from the passphrase
|
|
920
930
|
// first we generate a random salt
|
|
921
931
|
var salt = secureRandomString(32);
|
|
922
932
|
// then we derive the key from the passphrase
|
|
923
|
-
var recoveryKey = yield deriveRecoveryKeyFromPassphrase(password, salt,
|
|
933
|
+
var recoveryKey = yield deriveRecoveryKeyFromPassphrase(password, salt, _this32.RECOVERY_KEY_DERIVATION_ITERATIONS);
|
|
924
934
|
return {
|
|
925
935
|
keyInfo: {
|
|
926
936
|
passphrase: {
|
|
927
937
|
algorithm: "m.pbkdf2",
|
|
928
|
-
iterations:
|
|
938
|
+
iterations: _this32.RECOVERY_KEY_DERIVATION_ITERATIONS,
|
|
929
939
|
salt
|
|
930
940
|
}
|
|
931
941
|
},
|
|
@@ -948,9 +958,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
948
958
|
* Implementation of {@link CryptoApi#getEncryptionInfoForEvent}.
|
|
949
959
|
*/
|
|
950
960
|
getEncryptionInfoForEvent(event) {
|
|
951
|
-
var
|
|
961
|
+
var _this33 = this;
|
|
952
962
|
return _asyncToGenerator(function* () {
|
|
953
|
-
return
|
|
963
|
+
return _this33.eventDecryptor.getEncryptionInfoForEvent(event);
|
|
954
964
|
})();
|
|
955
965
|
}
|
|
956
966
|
|
|
@@ -997,13 +1007,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
997
1007
|
* Implementation of {@link CryptoApi#requestVerificationDM}
|
|
998
1008
|
*/
|
|
999
1009
|
requestVerificationDM(userId, roomId) {
|
|
1000
|
-
var
|
|
1010
|
+
var _this34 = this;
|
|
1001
1011
|
return _asyncToGenerator(function* () {
|
|
1002
|
-
var userIdentity = yield
|
|
1012
|
+
var userIdentity = yield _this34.olmMachine.getIdentity(new RustSdkCryptoJs.UserId(userId));
|
|
1003
1013
|
if (!userIdentity) throw new Error("unknown userId ".concat(userId));
|
|
1004
1014
|
try {
|
|
1005
1015
|
// Transform the verification methods into rust objects
|
|
1006
|
-
var methods =
|
|
1016
|
+
var methods = _this34._supportedVerificationMethods.map(method => verificationMethodIdentifierToMethod(method));
|
|
1007
1017
|
// Get the request content to send to the DM room
|
|
1008
1018
|
var verCont = yield userIdentity.verificationRequestContent(methods);
|
|
1009
1019
|
|
|
@@ -1013,11 +1023,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1013
1023
|
var verificationEventContent = JSON.stringify(verContObj);
|
|
1014
1024
|
|
|
1015
1025
|
// Send the request content to send to the DM room
|
|
1016
|
-
var eventId = yield
|
|
1026
|
+
var eventId = yield _this34.sendVerificationRequestContent(roomId, verificationEventContent);
|
|
1017
1027
|
|
|
1018
1028
|
// Get a verification request
|
|
1019
1029
|
var request = yield userIdentity.requestVerification(new RustSdkCryptoJs.RoomId(roomId), new RustSdkCryptoJs.EventId(eventId), methods);
|
|
1020
|
-
return
|
|
1030
|
+
return _this34.makeVerificationRequest(request);
|
|
1021
1031
|
} finally {
|
|
1022
1032
|
userIdentity.free();
|
|
1023
1033
|
}
|
|
@@ -1036,13 +1046,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1036
1046
|
* @returns the event id
|
|
1037
1047
|
*/
|
|
1038
1048
|
sendVerificationRequestContent(roomId, verificationEventContent) {
|
|
1039
|
-
var
|
|
1049
|
+
var _this35 = this;
|
|
1040
1050
|
return _asyncToGenerator(function* () {
|
|
1041
1051
|
var txId = secureRandomString(32);
|
|
1042
1052
|
// Send the verification request content to the DM room
|
|
1043
1053
|
var {
|
|
1044
1054
|
event_id: eventId
|
|
1045
|
-
} = yield
|
|
1055
|
+
} = yield _this35.http.authedRequest(Method.Put, "/_matrix/client/v3/rooms/".concat(encodeURIComponent(roomId), "/send/m.room.message/").concat(encodeURIComponent(txId)), undefined, verificationEventContent, {
|
|
1046
1056
|
prefix: ""
|
|
1047
1057
|
});
|
|
1048
1058
|
return eventId;
|
|
@@ -1068,16 +1078,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1068
1078
|
* @returns a VerificationRequest when the request has been sent to the other party.
|
|
1069
1079
|
*/
|
|
1070
1080
|
requestOwnUserVerification() {
|
|
1071
|
-
var
|
|
1081
|
+
var _this36 = this;
|
|
1072
1082
|
return _asyncToGenerator(function* () {
|
|
1073
|
-
var userIdentity = yield
|
|
1083
|
+
var userIdentity = yield _this36.getOwnIdentity();
|
|
1074
1084
|
if (userIdentity === undefined) {
|
|
1075
1085
|
throw new Error("cannot request verification for this device when there is no existing cross-signing key");
|
|
1076
1086
|
}
|
|
1077
1087
|
try {
|
|
1078
|
-
var [request, outgoingRequest] = yield userIdentity.requestVerification(
|
|
1079
|
-
yield
|
|
1080
|
-
return
|
|
1088
|
+
var [request, outgoingRequest] = yield userIdentity.requestVerification(_this36._supportedVerificationMethods.map(verificationMethodIdentifierToMethod));
|
|
1089
|
+
yield _this36.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);
|
|
1090
|
+
return _this36.makeVerificationRequest(request);
|
|
1081
1091
|
} finally {
|
|
1082
1092
|
userIdentity.free();
|
|
1083
1093
|
}
|
|
@@ -1097,16 +1107,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1097
1107
|
* @returns a VerificationRequest when the request has been sent to the other party.
|
|
1098
1108
|
*/
|
|
1099
1109
|
requestDeviceVerification(userId, deviceId) {
|
|
1100
|
-
var
|
|
1110
|
+
var _this37 = this;
|
|
1101
1111
|
return _asyncToGenerator(function* () {
|
|
1102
|
-
var device = yield
|
|
1112
|
+
var device = yield _this37.olmMachine.getDevice(new RustSdkCryptoJs.UserId(userId), new RustSdkCryptoJs.DeviceId(deviceId));
|
|
1103
1113
|
if (!device) {
|
|
1104
1114
|
throw new Error("Not a known device");
|
|
1105
1115
|
}
|
|
1106
1116
|
try {
|
|
1107
|
-
var [request, outgoingRequest] = device.requestVerification(
|
|
1108
|
-
yield
|
|
1109
|
-
return
|
|
1117
|
+
var [request, outgoingRequest] = device.requestVerification(_this37._supportedVerificationMethods.map(verificationMethodIdentifierToMethod));
|
|
1118
|
+
yield _this37.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);
|
|
1119
|
+
return _this37.makeVerificationRequest(request);
|
|
1110
1120
|
} finally {
|
|
1111
1121
|
device.free();
|
|
1112
1122
|
}
|
|
@@ -1121,9 +1131,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1121
1131
|
* @returns the key, if any, or null
|
|
1122
1132
|
*/
|
|
1123
1133
|
getSessionBackupPrivateKey() {
|
|
1124
|
-
var
|
|
1134
|
+
var _this38 = this;
|
|
1125
1135
|
return _asyncToGenerator(function* () {
|
|
1126
|
-
var backupKeys = yield
|
|
1136
|
+
var backupKeys = yield _this38.olmMachine.getBackupKeys();
|
|
1127
1137
|
if (!backupKeys.decryptionKey) return null;
|
|
1128
1138
|
return decodeBase64(backupKeys.decryptionKey.toBase64());
|
|
1129
1139
|
})();
|
|
@@ -1138,13 +1148,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1138
1148
|
* @param version - the backup version for this key.
|
|
1139
1149
|
*/
|
|
1140
1150
|
storeSessionBackupPrivateKey(key, version) {
|
|
1141
|
-
var
|
|
1151
|
+
var _this39 = this;
|
|
1142
1152
|
return _asyncToGenerator(function* () {
|
|
1143
1153
|
var base64Key = encodeBase64(key);
|
|
1144
1154
|
if (!version) {
|
|
1145
1155
|
throw new Error("storeSessionBackupPrivateKey: version is required");
|
|
1146
1156
|
}
|
|
1147
|
-
yield
|
|
1157
|
+
yield _this39.backupManager.saveBackupDecryptionKey(RustSdkCryptoJs.BackupDecryptionKey.fromBase64(base64Key), version);
|
|
1148
1158
|
})();
|
|
1149
1159
|
}
|
|
1150
1160
|
|
|
@@ -1152,13 +1162,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1152
1162
|
* Implementation of {@link CryptoApi#loadSessionBackupPrivateKeyFromSecretStorage}.
|
|
1153
1163
|
*/
|
|
1154
1164
|
loadSessionBackupPrivateKeyFromSecretStorage() {
|
|
1155
|
-
var
|
|
1165
|
+
var _this40 = this;
|
|
1156
1166
|
return _asyncToGenerator(function* () {
|
|
1157
|
-
var backupKey = yield
|
|
1167
|
+
var backupKey = yield _this40.secretStorage.get("m.megolm_backup.v1");
|
|
1158
1168
|
if (!backupKey) {
|
|
1159
1169
|
throw new Error("loadSessionBackupPrivateKeyFromSecretStorage: missing decryption key in secret storage");
|
|
1160
1170
|
}
|
|
1161
|
-
var keyBackupInfo = yield
|
|
1171
|
+
var keyBackupInfo = yield _this40.backupManager.getServerBackupInfo();
|
|
1162
1172
|
if (!keyBackupInfo || !keyBackupInfo.version) {
|
|
1163
1173
|
throw new Error("loadSessionBackupPrivateKeyFromSecretStorage: unable to get backup version");
|
|
1164
1174
|
}
|
|
@@ -1166,7 +1176,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1166
1176
|
if (!decryptionKeyMatchesKeyBackupInfo(backupDecryptionKey, keyBackupInfo)) {
|
|
1167
1177
|
throw new DecryptionKeyDoesNotMatchError("loadSessionBackupPrivateKeyFromSecretStorage: decryption key does not match backup info");
|
|
1168
1178
|
}
|
|
1169
|
-
yield
|
|
1179
|
+
yield _this40.backupManager.saveBackupDecryptionKey(backupDecryptionKey, keyBackupInfo.version);
|
|
1170
1180
|
})();
|
|
1171
1181
|
}
|
|
1172
1182
|
|
|
@@ -1176,9 +1186,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1176
1186
|
* Implementation of {@link CryptoApi#getActiveSessionBackupVersion}.
|
|
1177
1187
|
*/
|
|
1178
1188
|
getActiveSessionBackupVersion() {
|
|
1179
|
-
var
|
|
1189
|
+
var _this41 = this;
|
|
1180
1190
|
return _asyncToGenerator(function* () {
|
|
1181
|
-
return yield
|
|
1191
|
+
return yield _this41.backupManager.getActiveBackupVersion();
|
|
1182
1192
|
})();
|
|
1183
1193
|
}
|
|
1184
1194
|
|
|
@@ -1186,9 +1196,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1186
1196
|
* Implementation of {@link CryptoApi#getKeyBackupInfo}.
|
|
1187
1197
|
*/
|
|
1188
1198
|
getKeyBackupInfo() {
|
|
1189
|
-
var
|
|
1199
|
+
var _this42 = this;
|
|
1190
1200
|
return _asyncToGenerator(function* () {
|
|
1191
|
-
return (yield
|
|
1201
|
+
return (yield _this42.backupManager.getServerBackupInfo()) || null;
|
|
1192
1202
|
})();
|
|
1193
1203
|
}
|
|
1194
1204
|
|
|
@@ -1198,9 +1208,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1198
1208
|
* Implementation of {@link CryptoApi#isKeyBackupTrusted}.
|
|
1199
1209
|
*/
|
|
1200
1210
|
isKeyBackupTrusted(info) {
|
|
1201
|
-
var
|
|
1211
|
+
var _this43 = this;
|
|
1202
1212
|
return _asyncToGenerator(function* () {
|
|
1203
|
-
return yield
|
|
1213
|
+
return yield _this43.backupManager.isKeyBackupTrusted(info);
|
|
1204
1214
|
})();
|
|
1205
1215
|
}
|
|
1206
1216
|
|
|
@@ -1210,9 +1220,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1210
1220
|
* Implementation of {@link CryptoApi#checkKeyBackupAndEnable}.
|
|
1211
1221
|
*/
|
|
1212
1222
|
checkKeyBackupAndEnable() {
|
|
1213
|
-
var
|
|
1223
|
+
var _this44 = this;
|
|
1214
1224
|
return _asyncToGenerator(function* () {
|
|
1215
|
-
return yield
|
|
1225
|
+
return yield _this44.backupManager.checkKeyBackupAndEnable(true);
|
|
1216
1226
|
})();
|
|
1217
1227
|
}
|
|
1218
1228
|
|
|
@@ -1220,9 +1230,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1220
1230
|
* Implementation of {@link CryptoApi#deleteKeyBackupVersion}.
|
|
1221
1231
|
*/
|
|
1222
1232
|
deleteKeyBackupVersion(version) {
|
|
1223
|
-
var
|
|
1233
|
+
var _this45 = this;
|
|
1224
1234
|
return _asyncToGenerator(function* () {
|
|
1225
|
-
yield
|
|
1235
|
+
yield _this45.backupManager.deleteKeyBackupVersion(version);
|
|
1226
1236
|
})();
|
|
1227
1237
|
}
|
|
1228
1238
|
|
|
@@ -1230,18 +1240,18 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1230
1240
|
* Implementation of {@link CryptoApi#resetKeyBackup}.
|
|
1231
1241
|
*/
|
|
1232
1242
|
resetKeyBackup() {
|
|
1233
|
-
var
|
|
1243
|
+
var _this46 = this;
|
|
1234
1244
|
return _asyncToGenerator(function* () {
|
|
1235
|
-
var backupInfo = yield
|
|
1245
|
+
var backupInfo = yield _this46.backupManager.setupKeyBackup(o => _this46.signObject(o));
|
|
1236
1246
|
|
|
1237
1247
|
// we want to store the private key in 4S
|
|
1238
1248
|
// need to check if 4S is set up?
|
|
1239
|
-
if (yield
|
|
1240
|
-
yield
|
|
1249
|
+
if (yield _this46.secretStorageHasAESKey()) {
|
|
1250
|
+
yield _this46.secretStorage.store("m.megolm_backup.v1", backupInfo.decryptionKey.toBase64());
|
|
1241
1251
|
}
|
|
1242
1252
|
|
|
1243
1253
|
// we can check and start async
|
|
1244
|
-
|
|
1254
|
+
_this46.checkKeyBackupAndEnable();
|
|
1245
1255
|
})();
|
|
1246
1256
|
}
|
|
1247
1257
|
|
|
@@ -1249,19 +1259,19 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1249
1259
|
* Implementation of {@link CryptoApi#disableKeyStorage}.
|
|
1250
1260
|
*/
|
|
1251
1261
|
disableKeyStorage() {
|
|
1252
|
-
var
|
|
1262
|
+
var _this47 = this;
|
|
1253
1263
|
return _asyncToGenerator(function* () {
|
|
1254
1264
|
// Get the key backup version we're using
|
|
1255
|
-
var info = yield
|
|
1265
|
+
var info = yield _this47.getKeyBackupInfo();
|
|
1256
1266
|
if (info !== null && info !== void 0 && info.version) {
|
|
1257
|
-
yield
|
|
1267
|
+
yield _this47.deleteKeyBackupVersion(info.version);
|
|
1258
1268
|
} else {
|
|
1259
|
-
|
|
1269
|
+
_this47.logger.error("Can't delete key backup version: no version available");
|
|
1260
1270
|
}
|
|
1261
1271
|
|
|
1262
1272
|
// also turn off 4S, since this is also storing keys on the server.
|
|
1263
|
-
yield
|
|
1264
|
-
yield
|
|
1273
|
+
yield _this47.deleteSecretStorage();
|
|
1274
|
+
yield _this47.dehydratedDeviceManager.delete();
|
|
1265
1275
|
})();
|
|
1266
1276
|
}
|
|
1267
1277
|
|
|
@@ -1274,17 +1284,17 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1274
1284
|
* @param obj - The object to sign
|
|
1275
1285
|
*/
|
|
1276
1286
|
signObject(obj) {
|
|
1277
|
-
var
|
|
1287
|
+
var _this48 = this;
|
|
1278
1288
|
return _asyncToGenerator(function* () {
|
|
1279
1289
|
var sigs = new Map(Object.entries(obj.signatures || {}));
|
|
1280
1290
|
var unsigned = obj.unsigned;
|
|
1281
1291
|
delete obj.signatures;
|
|
1282
1292
|
delete obj.unsigned;
|
|
1283
|
-
var userSignatures = sigs.get(
|
|
1293
|
+
var userSignatures = sigs.get(_this48.userId) || {};
|
|
1284
1294
|
var canonalizedJson = anotherjson.stringify(obj);
|
|
1285
|
-
var signatures = yield
|
|
1295
|
+
var signatures = yield _this48.olmMachine.sign(canonalizedJson);
|
|
1286
1296
|
var map = JSON.parse(signatures.asJSON());
|
|
1287
|
-
sigs.set(
|
|
1297
|
+
sigs.set(_this48.userId, _objectSpread(_objectSpread({}, userSignatures), map[_this48.userId]));
|
|
1288
1298
|
if (unsigned !== undefined) obj.unsigned = unsigned;
|
|
1289
1299
|
obj.signatures = Object.fromEntries(sigs.entries());
|
|
1290
1300
|
})();
|
|
@@ -1294,17 +1304,17 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1294
1304
|
* Implementation of {@link CryptoApi#restoreKeyBackupWithPassphrase}.
|
|
1295
1305
|
*/
|
|
1296
1306
|
restoreKeyBackupWithPassphrase(passphrase, opts) {
|
|
1297
|
-
var
|
|
1307
|
+
var _this49 = this;
|
|
1298
1308
|
return _asyncToGenerator(function* () {
|
|
1299
|
-
var backupInfo = yield
|
|
1309
|
+
var backupInfo = yield _this49.backupManager.getServerBackupInfo();
|
|
1300
1310
|
if (!(backupInfo !== null && backupInfo !== void 0 && backupInfo.version)) {
|
|
1301
1311
|
throw new Error("No backup info available");
|
|
1302
1312
|
}
|
|
1303
1313
|
var privateKey = yield keyFromAuthData(backupInfo.auth_data, passphrase);
|
|
1304
1314
|
|
|
1305
1315
|
// Cache the key
|
|
1306
|
-
yield
|
|
1307
|
-
return
|
|
1316
|
+
yield _this49.storeSessionBackupPrivateKey(privateKey, backupInfo.version);
|
|
1317
|
+
return _this49.restoreKeyBackup(opts);
|
|
1308
1318
|
})();
|
|
1309
1319
|
}
|
|
1310
1320
|
|
|
@@ -1312,25 +1322,25 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1312
1322
|
* Implementation of {@link CryptoApi#restoreKeyBackup}.
|
|
1313
1323
|
*/
|
|
1314
1324
|
restoreKeyBackup(opts) {
|
|
1315
|
-
var
|
|
1325
|
+
var _this50 = this;
|
|
1316
1326
|
return _asyncToGenerator(function* () {
|
|
1317
1327
|
// Get the decryption key from the crypto store
|
|
1318
|
-
var backupKeys = yield
|
|
1328
|
+
var backupKeys = yield _this50.olmMachine.getBackupKeys();
|
|
1319
1329
|
var {
|
|
1320
1330
|
decryptionKey,
|
|
1321
1331
|
backupVersion
|
|
1322
1332
|
} = backupKeys;
|
|
1323
1333
|
if (!decryptionKey || !backupVersion) throw new Error("No decryption key found in crypto store");
|
|
1324
1334
|
var decodedDecryptionKey = decodeBase64(decryptionKey.toBase64());
|
|
1325
|
-
var backupInfo = yield
|
|
1335
|
+
var backupInfo = yield _this50.backupManager.requestKeyBackupVersion(backupVersion);
|
|
1326
1336
|
if (!backupInfo) throw new Error("Backup version to restore ".concat(backupVersion, " not found on server"));
|
|
1327
|
-
var backupDecryptor = yield
|
|
1337
|
+
var backupDecryptor = yield _this50.getBackupDecryptor(backupInfo, decodedDecryptionKey);
|
|
1328
1338
|
try {
|
|
1329
1339
|
var _opts$progressCallbac;
|
|
1330
1340
|
opts === null || opts === void 0 || (_opts$progressCallbac = opts.progressCallback) === null || _opts$progressCallbac === void 0 || _opts$progressCallbac.call(opts, {
|
|
1331
1341
|
stage: ImportRoomKeyStage.Fetch
|
|
1332
1342
|
});
|
|
1333
|
-
return yield
|
|
1343
|
+
return yield _this50.backupManager.restoreKeyBackup(backupVersion, backupDecryptor, opts);
|
|
1334
1344
|
} finally {
|
|
1335
1345
|
// Free to avoid to keep in memory the decryption key stored in it. To avoid to exposing it to an attacker.
|
|
1336
1346
|
backupDecryptor.free();
|
|
@@ -1342,9 +1352,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1342
1352
|
* Implementation of {@link CryptoApi#isDehydrationSupported}.
|
|
1343
1353
|
*/
|
|
1344
1354
|
isDehydrationSupported() {
|
|
1345
|
-
var
|
|
1355
|
+
var _this51 = this;
|
|
1346
1356
|
return _asyncToGenerator(function* () {
|
|
1347
|
-
return yield
|
|
1357
|
+
return yield _this51.dehydratedDeviceManager.isSupported();
|
|
1348
1358
|
})();
|
|
1349
1359
|
}
|
|
1350
1360
|
|
|
@@ -1353,13 +1363,13 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1353
1363
|
*/
|
|
1354
1364
|
startDehydration() {
|
|
1355
1365
|
var _arguments6 = arguments,
|
|
1356
|
-
|
|
1366
|
+
_this52 = this;
|
|
1357
1367
|
return _asyncToGenerator(function* () {
|
|
1358
1368
|
var opts = _arguments6.length > 0 && _arguments6[0] !== undefined ? _arguments6[0] : {};
|
|
1359
|
-
if (!(yield
|
|
1369
|
+
if (!(yield _this52.isCrossSigningReady()) || !(yield _this52.isSecretStorageReady())) {
|
|
1360
1370
|
throw new Error("Device dehydration requires cross-signing and secret storage to be set up");
|
|
1361
1371
|
}
|
|
1362
|
-
return yield
|
|
1372
|
+
return yield _this52.dehydratedDeviceManager.start(opts || {});
|
|
1363
1373
|
})();
|
|
1364
1374
|
}
|
|
1365
1375
|
|
|
@@ -1367,10 +1377,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1367
1377
|
* Implementation of {@link CryptoApi#importSecretsBundle}.
|
|
1368
1378
|
*/
|
|
1369
1379
|
importSecretsBundle(secrets) {
|
|
1370
|
-
var
|
|
1380
|
+
var _this53 = this;
|
|
1371
1381
|
return _asyncToGenerator(function* () {
|
|
1372
1382
|
var secretsBundle = RustSdkCryptoJs.SecretsBundle.from_json(secrets);
|
|
1373
|
-
yield
|
|
1383
|
+
yield _this53.getOlmMachineOrThrow().importSecretsBundle(secretsBundle); // this method frees the SecretsBundle
|
|
1374
1384
|
})();
|
|
1375
1385
|
}
|
|
1376
1386
|
|
|
@@ -1378,9 +1388,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1378
1388
|
* Implementation of {@link CryptoApi#exportSecretsBundle}.
|
|
1379
1389
|
*/
|
|
1380
1390
|
exportSecretsBundle() {
|
|
1381
|
-
var
|
|
1391
|
+
var _this54 = this;
|
|
1382
1392
|
return _asyncToGenerator(function* () {
|
|
1383
|
-
var secretsBundle = yield
|
|
1393
|
+
var secretsBundle = yield _this54.getOlmMachineOrThrow().exportSecretsBundle();
|
|
1384
1394
|
var secrets = secretsBundle.to_json();
|
|
1385
1395
|
secretsBundle.free();
|
|
1386
1396
|
return secrets;
|
|
@@ -1391,9 +1401,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1391
1401
|
* Implementation of {@link CryptoApi#encryptToDeviceMessages}.
|
|
1392
1402
|
*/
|
|
1393
1403
|
encryptToDeviceMessages(eventType, devices, payload) {
|
|
1394
|
-
var
|
|
1404
|
+
var _this55 = this;
|
|
1395
1405
|
return _asyncToGenerator(function* () {
|
|
1396
|
-
var logger = new LogSpan(
|
|
1406
|
+
var logger = new LogSpan(_this55.logger, "encryptToDeviceMessages");
|
|
1397
1407
|
var uniqueUsers = new Set(devices.map(_ref2 => {
|
|
1398
1408
|
var {
|
|
1399
1409
|
userId
|
|
@@ -1404,7 +1414,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1404
1414
|
// This will ensure we have Olm sessions for all of the users' devices.
|
|
1405
1415
|
// However, we only care about some of the devices.
|
|
1406
1416
|
// So, perhaps we can optimise this later on.
|
|
1407
|
-
yield
|
|
1417
|
+
yield _this55.keyClaimManager.ensureSessionsForUsers(logger, Array.from(uniqueUsers).map(userId => new RustSdkCryptoJs.UserId(userId)));
|
|
1408
1418
|
var batch = {
|
|
1409
1419
|
batch: [],
|
|
1410
1420
|
eventType: EventType.RoomMessageEncrypted
|
|
@@ -1415,7 +1425,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1415
1425
|
userId,
|
|
1416
1426
|
deviceId
|
|
1417
1427
|
} = _ref3;
|
|
1418
|
-
var device = yield
|
|
1428
|
+
var device = yield _this55.olmMachine.getDevice(new RustSdkCryptoJs.UserId(userId), new RustSdkCryptoJs.DeviceId(deviceId));
|
|
1419
1429
|
if (device) {
|
|
1420
1430
|
var encryptedPayload = JSON.parse(yield device.encryptToDeviceEvent(eventType, payload));
|
|
1421
1431
|
batch.batch.push({
|
|
@@ -1424,7 +1434,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1424
1434
|
payload: encryptedPayload
|
|
1425
1435
|
});
|
|
1426
1436
|
} else {
|
|
1427
|
-
|
|
1437
|
+
_this55.logger.warn("encryptToDeviceMessages: unknown device ".concat(userId, ":").concat(deviceId));
|
|
1428
1438
|
}
|
|
1429
1439
|
});
|
|
1430
1440
|
return function (_x) {
|
|
@@ -1439,27 +1449,27 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1439
1449
|
* Implementation of {@link CryptoApi#resetEncryption}.
|
|
1440
1450
|
*/
|
|
1441
1451
|
resetEncryption(authUploadDeviceSigningKeys) {
|
|
1442
|
-
var
|
|
1452
|
+
var _this56 = this;
|
|
1443
1453
|
return _asyncToGenerator(function* () {
|
|
1444
|
-
|
|
1454
|
+
_this56.logger.debug("resetEncryption: resetting encryption");
|
|
1445
1455
|
|
|
1446
1456
|
// Delete the dehydrated device, since any existing one will be signed
|
|
1447
1457
|
// by the wrong cross-signing key
|
|
1448
|
-
|
|
1458
|
+
_this56.dehydratedDeviceManager.delete();
|
|
1449
1459
|
|
|
1450
1460
|
// Disable backup, and delete all the backups from the server
|
|
1451
|
-
yield
|
|
1452
|
-
yield
|
|
1461
|
+
yield _this56.backupManager.deleteAllKeyBackupVersions();
|
|
1462
|
+
yield _this56.deleteSecretStorage();
|
|
1453
1463
|
|
|
1454
1464
|
// Reset the cross-signing keys
|
|
1455
|
-
yield
|
|
1465
|
+
yield _this56.crossSigningIdentity.bootstrapCrossSigning({
|
|
1456
1466
|
setupNewCrossSigning: true,
|
|
1457
1467
|
authUploadDeviceSigningKeys
|
|
1458
1468
|
});
|
|
1459
1469
|
|
|
1460
1470
|
// Create a new key backup
|
|
1461
|
-
yield
|
|
1462
|
-
|
|
1471
|
+
yield _this56.resetKeyBackup();
|
|
1472
|
+
_this56.logger.debug("resetEncryption: ended");
|
|
1463
1473
|
})();
|
|
1464
1474
|
}
|
|
1465
1475
|
|
|
@@ -1468,19 +1478,19 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1468
1478
|
* from the user's account data
|
|
1469
1479
|
*/
|
|
1470
1480
|
deleteSecretStorage() {
|
|
1471
|
-
var
|
|
1481
|
+
var _this57 = this;
|
|
1472
1482
|
return _asyncToGenerator(function* () {
|
|
1473
1483
|
// Remove the stored secrets in the secret storage
|
|
1474
|
-
yield
|
|
1475
|
-
yield
|
|
1476
|
-
yield
|
|
1477
|
-
yield
|
|
1484
|
+
yield _this57.secretStorage.store("m.cross_signing.master", null);
|
|
1485
|
+
yield _this57.secretStorage.store("m.cross_signing.self_signing", null);
|
|
1486
|
+
yield _this57.secretStorage.store("m.cross_signing.user_signing", null);
|
|
1487
|
+
yield _this57.secretStorage.store("m.megolm_backup.v1", null);
|
|
1478
1488
|
|
|
1479
1489
|
// Remove the recovery key
|
|
1480
|
-
var defaultKeyId = yield
|
|
1481
|
-
if (defaultKeyId) yield
|
|
1490
|
+
var defaultKeyId = yield _this57.secretStorage.getDefaultKeyId();
|
|
1491
|
+
if (defaultKeyId) yield _this57.secretStorage.store("m.secret_storage.key.".concat(defaultKeyId), null);
|
|
1482
1492
|
// Disable the recovery key and the secret storage
|
|
1483
|
-
yield
|
|
1493
|
+
yield _this57.secretStorage.setDefaultKeyId(null);
|
|
1484
1494
|
})();
|
|
1485
1495
|
}
|
|
1486
1496
|
|
|
@@ -1488,12 +1498,12 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1488
1498
|
* Implementation of {@link CryptoApi#shareRoomHistoryWithUser}.
|
|
1489
1499
|
*/
|
|
1490
1500
|
shareRoomHistoryWithUser(roomId, userId) {
|
|
1491
|
-
var
|
|
1501
|
+
var _this58 = this;
|
|
1492
1502
|
return _asyncToGenerator(function* () {
|
|
1493
|
-
var logger = new LogSpan(
|
|
1503
|
+
var logger = new LogSpan(_this58.logger, "shareRoomHistoryWithUser(".concat(roomId, ", ").concat(userId, ")"));
|
|
1494
1504
|
|
|
1495
1505
|
// 0. We can only share room history if our user has set up cross-signing.
|
|
1496
|
-
var identity = yield
|
|
1506
|
+
var identity = yield _this58.getOwnIdentity();
|
|
1497
1507
|
if (!(identity !== null && identity !== void 0 && identity.isVerified())) {
|
|
1498
1508
|
logger.warn("Not sharing message history as the current device is not verified by our cross-signing identity");
|
|
1499
1509
|
return;
|
|
@@ -1501,33 +1511,33 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1501
1511
|
logger.info("Sharing message history");
|
|
1502
1512
|
|
|
1503
1513
|
// 1. Download keys from backup.
|
|
1504
|
-
if (!(yield
|
|
1505
|
-
yield
|
|
1506
|
-
yield
|
|
1514
|
+
if (!(yield _this58.getOlmMachineOrThrow().hasDownloadedAllRoomKeys(new RustSdkCryptoJs.RoomId(roomId)))) {
|
|
1515
|
+
yield _this58.backupManager.downloadLatestRoomKeyBackup(roomId);
|
|
1516
|
+
yield _this58.getOlmMachineOrThrow().setHasDownloadedAllRoomKeys(new RustSdkCryptoJs.RoomId(roomId));
|
|
1507
1517
|
}
|
|
1508
1518
|
|
|
1509
1519
|
// 2. Construct the key bundle
|
|
1510
|
-
var bundle = yield
|
|
1520
|
+
var bundle = yield _this58.getOlmMachineOrThrow().buildRoomKeyBundle(new RustSdkCryptoJs.RoomId(roomId));
|
|
1511
1521
|
if (!bundle) {
|
|
1512
1522
|
logger.info("No keys to share");
|
|
1513
1523
|
return;
|
|
1514
1524
|
}
|
|
1515
1525
|
|
|
1516
1526
|
// 3. Upload the encrypted bundle to the server
|
|
1517
|
-
var uploadResponse = yield
|
|
1527
|
+
var uploadResponse = yield _this58.http.uploadContent(bundle.encryptedData);
|
|
1518
1528
|
logger.info("Uploaded encrypted key blob: ".concat(JSON.stringify(uploadResponse)));
|
|
1519
1529
|
|
|
1520
1530
|
// 4. We may not share a room with the user, so get a fresh list of devices for the invited user.
|
|
1521
|
-
var req =
|
|
1522
|
-
yield
|
|
1531
|
+
var req = _this58.getOlmMachineOrThrow().queryKeysForUsers([new RustSdkCryptoJs.UserId(userId)]);
|
|
1532
|
+
yield _this58.outgoingRequestProcessor.makeOutgoingRequest(req);
|
|
1523
1533
|
|
|
1524
1534
|
// 5. Establish Olm sessions with all of the recipient's devices.
|
|
1525
|
-
yield
|
|
1535
|
+
yield _this58.keyClaimManager.ensureSessionsForUsers(logger, [new RustSdkCryptoJs.UserId(userId)]);
|
|
1526
1536
|
|
|
1527
1537
|
// 6. Send to-device messages to the recipient to share the keys.
|
|
1528
|
-
var requests = yield
|
|
1538
|
+
var requests = yield _this58.getOlmMachineOrThrow().shareRoomKeyBundleData(new RustSdkCryptoJs.UserId(userId), new RustSdkCryptoJs.RoomId(roomId), uploadResponse.content_uri, bundle.mediaEncryptionInfo, RustSdkCryptoJs.CollectStrategy.identityBasedStrategy());
|
|
1529
1539
|
for (var _req of requests) {
|
|
1530
|
-
yield
|
|
1540
|
+
yield _this58.outgoingRequestProcessor.makeOutgoingRequest(_req);
|
|
1531
1541
|
}
|
|
1532
1542
|
})();
|
|
1533
1543
|
}
|
|
@@ -1547,7 +1557,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1547
1557
|
* @returns A list of processed to-device messages.
|
|
1548
1558
|
*/
|
|
1549
1559
|
receiveSyncChanges(_ref5) {
|
|
1550
|
-
var
|
|
1560
|
+
var _this59 = this;
|
|
1551
1561
|
return _asyncToGenerator(function* () {
|
|
1552
1562
|
var {
|
|
1553
1563
|
events,
|
|
@@ -1555,7 +1565,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1555
1565
|
unusedFallbackKeys,
|
|
1556
1566
|
devices = new RustSdkCryptoJs.DeviceLists()
|
|
1557
1567
|
} = _ref5;
|
|
1558
|
-
return yield
|
|
1568
|
+
return yield _this59.olmMachine.receiveSyncChanges(events ? JSON.stringify(events) : "[]", devices, oneTimeKeysCounts, unusedFallbackKeys);
|
|
1559
1569
|
})();
|
|
1560
1570
|
}
|
|
1561
1571
|
|
|
@@ -1565,11 +1575,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1565
1575
|
* @returns A list of preprocessed to-device messages.
|
|
1566
1576
|
*/
|
|
1567
1577
|
preprocessToDeviceMessages(events) {
|
|
1568
|
-
var
|
|
1578
|
+
var _this60 = this;
|
|
1569
1579
|
return _asyncToGenerator(function* () {
|
|
1570
1580
|
// send the received to-device messages into receiveSyncChanges. We have no info on device-list changes,
|
|
1571
1581
|
// one-time-keys, or fallback keys, so just pass empty data.
|
|
1572
|
-
var processed = yield
|
|
1582
|
+
var processed = yield _this60.receiveSyncChanges({
|
|
1573
1583
|
events
|
|
1574
1584
|
});
|
|
1575
1585
|
var received = [];
|
|
@@ -1581,7 +1591,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1581
1591
|
var sender = parsedMessage.sender;
|
|
1582
1592
|
var transactionId = parsedMessage.content.transaction_id;
|
|
1583
1593
|
if (transactionId && sender) {
|
|
1584
|
-
|
|
1594
|
+
_this60.onIncomingKeyVerificationRequest(sender, transactionId);
|
|
1585
1595
|
}
|
|
1586
1596
|
}
|
|
1587
1597
|
switch (message.type) {
|
|
@@ -1599,23 +1609,28 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1599
1609
|
}
|
|
1600
1610
|
});
|
|
1601
1611
|
|
|
1602
|
-
// If we have received a room key bundle message, and have
|
|
1603
|
-
//
|
|
1604
|
-
// just in case it was received after invite.
|
|
1612
|
+
// If we have received a room key bundle message, and have recently joined the room in question,
|
|
1613
|
+
// tell the Rust SDK to try and accept the key bundle.
|
|
1605
1614
|
//
|
|
1606
1615
|
// We don't actually need to validate the contents of the bundle message, or do
|
|
1607
1616
|
// anything with its contents at all. We simply want to inform the Rust SDK we have
|
|
1608
1617
|
// received a new room key bundle that we might be able to download.
|
|
1609
|
-
if (isRoomKeyBundleMessage(parsedMessage)
|
|
1610
|
-
|
|
1611
|
-
|
|
1612
|
-
|
|
1613
|
-
|
|
1614
|
-
|
|
1615
|
-
}
|
|
1616
|
-
|
|
1617
|
-
|
|
1618
|
-
|
|
1618
|
+
if (isRoomKeyBundleMessage(parsedMessage)) {
|
|
1619
|
+
var roomId = parsedMessage.content.room_id;
|
|
1620
|
+
var pendingDetails = yield _this60.olmMachine.getPendingKeyBundleDetailsForRoom(new RustSdkCryptoJs.RoomId(roomId));
|
|
1621
|
+
// Only accept the key bundle if we joined the room less than 24 hours ago.
|
|
1622
|
+
if (!pendingDetails) {
|
|
1623
|
+
_this60.logger.debug("Not yet accepting key bundle for room where we are not awaiting a bundle: ".concat(roomId));
|
|
1624
|
+
} else if (Date.now() - pendingDetails.inviteAcceptedAtMillis > MAX_INVITE_ACCEPTANCE_MS_FOR_KEY_BUNDLE) {
|
|
1625
|
+
_this60.logger.info("Ignoring key bundle for room we joined too long ago: ".concat(roomId, ", joining time: ").concat(new Date(pendingDetails.inviteAcceptedAtMillis).toISOString()));
|
|
1626
|
+
} else {
|
|
1627
|
+
_this60.logger.info("Considering key bundle for recently-joined room ".concat(roomId));
|
|
1628
|
+
// Don't block for the import to happen, here, as this is called from inside the `/sync` loop.
|
|
1629
|
+
_this60.maybeAcceptKeyBundle(roomId, pendingDetails.inviterId.toString()).catch(err => {
|
|
1630
|
+
_this60.logger.error("Error attempting to download key bundle for room ".concat(roomId));
|
|
1631
|
+
_this60.logger.error(err);
|
|
1632
|
+
});
|
|
1633
|
+
}
|
|
1619
1634
|
}
|
|
1620
1635
|
break;
|
|
1621
1636
|
}
|
|
@@ -1648,12 +1663,12 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1648
1663
|
* @param unusedFallbackKeys - the received unused fallback keys
|
|
1649
1664
|
*/
|
|
1650
1665
|
processKeyCounts(oneTimeKeysCounts, unusedFallbackKeys) {
|
|
1651
|
-
var
|
|
1666
|
+
var _this61 = this;
|
|
1652
1667
|
return _asyncToGenerator(function* () {
|
|
1653
1668
|
var mapOneTimeKeysCount = oneTimeKeysCounts && new Map(Object.entries(oneTimeKeysCounts));
|
|
1654
1669
|
var setUnusedFallbackKeys = unusedFallbackKeys && new Set(unusedFallbackKeys);
|
|
1655
1670
|
if (mapOneTimeKeysCount !== undefined || setUnusedFallbackKeys !== undefined) {
|
|
1656
|
-
yield
|
|
1671
|
+
yield _this61.receiveSyncChanges({
|
|
1657
1672
|
oneTimeKeysCounts: mapOneTimeKeysCount,
|
|
1658
1673
|
unusedFallbackKeys: setUnusedFallbackKeys
|
|
1659
1674
|
});
|
|
@@ -1667,11 +1682,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1667
1682
|
* @param deviceLists - device_lists field from /sync
|
|
1668
1683
|
*/
|
|
1669
1684
|
processDeviceLists(deviceLists) {
|
|
1670
|
-
var
|
|
1685
|
+
var _this62 = this;
|
|
1671
1686
|
return _asyncToGenerator(function* () {
|
|
1672
1687
|
var _deviceLists$changed, _deviceLists$left;
|
|
1673
1688
|
var devices = new RustSdkCryptoJs.DeviceLists((_deviceLists$changed = deviceLists.changed) === null || _deviceLists$changed === void 0 ? void 0 : _deviceLists$changed.map(userId => new RustSdkCryptoJs.UserId(userId)), (_deviceLists$left = deviceLists.left) === null || _deviceLists$left === void 0 ? void 0 : _deviceLists$left.map(userId => new RustSdkCryptoJs.UserId(userId)));
|
|
1674
|
-
yield
|
|
1689
|
+
yield _this62.receiveSyncChanges({
|
|
1675
1690
|
devices
|
|
1676
1691
|
});
|
|
1677
1692
|
})();
|
|
@@ -1683,7 +1698,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1683
1698
|
* @param event - encryption event to be processed
|
|
1684
1699
|
*/
|
|
1685
1700
|
onCryptoEvent(room, event) {
|
|
1686
|
-
var
|
|
1701
|
+
var _this63 = this;
|
|
1687
1702
|
return _asyncToGenerator(function* () {
|
|
1688
1703
|
var config = event.getContent();
|
|
1689
1704
|
var settings = new RustSdkCryptoJs.RoomSettings();
|
|
@@ -1691,29 +1706,29 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1691
1706
|
settings.algorithm = RustSdkCryptoJs.EncryptionAlgorithm.MegolmV1AesSha2;
|
|
1692
1707
|
} else {
|
|
1693
1708
|
// Among other situations, this happens if the crypto state event is redacted.
|
|
1694
|
-
|
|
1709
|
+
_this63.logger.warn("Room ".concat(room.roomId, ": ignoring crypto event with invalid algorithm ").concat(config.algorithm));
|
|
1695
1710
|
return;
|
|
1696
1711
|
}
|
|
1697
|
-
if (config["io.element.msc4362.encrypt_state_events"] &&
|
|
1698
|
-
|
|
1712
|
+
if (config["io.element.msc4362.encrypt_state_events"] && _this63.enableEncryptedStateEvents) {
|
|
1713
|
+
_this63.logger.info("crypto Enabling state event encryption...");
|
|
1699
1714
|
settings.encryptStateEvents = true;
|
|
1700
1715
|
}
|
|
1701
1716
|
try {
|
|
1702
1717
|
settings.sessionRotationPeriodMs = config.rotation_period_ms;
|
|
1703
1718
|
settings.sessionRotationPeriodMessages = config.rotation_period_msgs;
|
|
1704
|
-
yield
|
|
1719
|
+
yield _this63.olmMachine.setRoomSettings(new RustSdkCryptoJs.RoomId(room.roomId), settings);
|
|
1705
1720
|
} catch (e) {
|
|
1706
|
-
|
|
1721
|
+
_this63.logger.warn("Room ".concat(room.roomId, ": ignoring crypto event which caused error: ").concat(e));
|
|
1707
1722
|
return;
|
|
1708
1723
|
}
|
|
1709
1724
|
|
|
1710
1725
|
// If we got this far, the SDK found the event acceptable.
|
|
1711
1726
|
// We need to either create or update the active RoomEncryptor.
|
|
1712
|
-
var existingEncryptor =
|
|
1727
|
+
var existingEncryptor = _this63.roomEncryptors[room.roomId];
|
|
1713
1728
|
if (existingEncryptor) {
|
|
1714
1729
|
existingEncryptor.onCryptoEvent(config);
|
|
1715
1730
|
} else {
|
|
1716
|
-
|
|
1731
|
+
_this63.roomEncryptors[room.roomId] = new RoomEncryptor(_this63.logger.getChild("[".concat(room.roomId, " encryption]")), _this63.olmMachine, _this63.keyClaimManager, _this63.outgoingRequestsManager, room, config);
|
|
1717
1732
|
}
|
|
1718
1733
|
})();
|
|
1719
1734
|
}
|
|
@@ -1735,9 +1750,9 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1735
1750
|
* Implementation of {@link CryptoApi#markAllTrackedUsersAsDirty}.
|
|
1736
1751
|
*/
|
|
1737
1752
|
markAllTrackedUsersAsDirty() {
|
|
1738
|
-
var
|
|
1753
|
+
var _this64 = this;
|
|
1739
1754
|
return _asyncToGenerator(function* () {
|
|
1740
|
-
yield
|
|
1755
|
+
yield _this64.olmMachine.markAllTrackedUsersAsDirty();
|
|
1741
1756
|
})();
|
|
1742
1757
|
}
|
|
1743
1758
|
|
|
@@ -1777,7 +1792,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1777
1792
|
* @param oldMembership - The previous membership state. Null if it's a new member.
|
|
1778
1793
|
*/
|
|
1779
1794
|
onRoomMembership(event, member, oldMembership) {
|
|
1780
|
-
var
|
|
1795
|
+
var roomId = event.getRoomId();
|
|
1796
|
+
|
|
1797
|
+
// If it's our own membership, and we are no longer joined, clear any indication that we are waiting for a key
|
|
1798
|
+
// bundle.
|
|
1799
|
+
if (oldMembership === KnownMembership.Join && member.membership !== KnownMembership.Join && member.userId === this.olmMachine.userId.toString()) {
|
|
1800
|
+
this.olmMachine.clearRoomPendingKeyBundle(new RustSdkCryptoJs.RoomId(roomId)).catch(e => {
|
|
1801
|
+
this.logger.error("Error clearing room pending key bundle indicator for ".concat(roomId, ": ").concat(e));
|
|
1802
|
+
});
|
|
1803
|
+
}
|
|
1804
|
+
var enc = this.roomEncryptors[roomId];
|
|
1781
1805
|
if (!enc) {
|
|
1782
1806
|
// not encrypting in this room
|
|
1783
1807
|
return;
|
|
@@ -1794,16 +1818,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1794
1818
|
* @param keys - details of the updated keys
|
|
1795
1819
|
*/
|
|
1796
1820
|
onRoomKeysUpdated(keys) {
|
|
1797
|
-
var
|
|
1821
|
+
var _this65 = this;
|
|
1798
1822
|
return _asyncToGenerator(function* () {
|
|
1799
1823
|
for (var key of keys) {
|
|
1800
|
-
|
|
1824
|
+
_this65.onRoomKeyUpdated(key);
|
|
1801
1825
|
}
|
|
1802
|
-
|
|
1826
|
+
_this65.backupManager.maybeUploadKey();
|
|
1803
1827
|
})();
|
|
1804
1828
|
}
|
|
1805
1829
|
onRoomKeyUpdated(key) {
|
|
1806
|
-
var
|
|
1830
|
+
var _this66 = this;
|
|
1807
1831
|
if (this.stopped) return;
|
|
1808
1832
|
this.logger.debug("Got update for session ".concat(key.sessionId, " from sender ").concat(key.senderKey.toBase64(), " in ").concat(key.roomId.toString()));
|
|
1809
1833
|
var pendingList = this.eventDecryptor.getEventsPendingRoomKey(key.roomId.toString(), key.sessionId);
|
|
@@ -1817,10 +1841,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1817
1841
|
// MatrixEvent.attemptDecryption ensures that there is only one decryption attempt happening at once,
|
|
1818
1842
|
// and deduplicates repeated attempts for the same event.
|
|
1819
1843
|
var _loop2 = function _loop2(ev) {
|
|
1820
|
-
ev.attemptDecryption(
|
|
1844
|
+
ev.attemptDecryption(_this66, {
|
|
1821
1845
|
isRetry: true
|
|
1822
1846
|
}).catch(_e => {
|
|
1823
|
-
|
|
1847
|
+
_this66.logger.info("Still unable to decrypt event ".concat(ev.getId(), " after receiving key"));
|
|
1824
1848
|
});
|
|
1825
1849
|
};
|
|
1826
1850
|
for (var ev of pendingList) {
|
|
@@ -1837,17 +1861,17 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1837
1861
|
* @param withheld - Details of the withheld sessions.
|
|
1838
1862
|
*/
|
|
1839
1863
|
onRoomKeysWithheld(withheld) {
|
|
1840
|
-
var
|
|
1864
|
+
var _this67 = this;
|
|
1841
1865
|
return _asyncToGenerator(function* () {
|
|
1842
1866
|
for (var session of withheld) {
|
|
1843
|
-
|
|
1844
|
-
var pendingList =
|
|
1867
|
+
_this67.logger.debug("Got withheld message for session ".concat(session.sessionId, " in ").concat(session.roomId.toString()));
|
|
1868
|
+
var pendingList = _this67.eventDecryptor.getEventsPendingRoomKey(session.roomId.toString(), session.sessionId);
|
|
1845
1869
|
if (pendingList.length === 0) return;
|
|
1846
1870
|
|
|
1847
1871
|
// The easiest way to update the status of the event is to have another go at decrypting it.
|
|
1848
|
-
|
|
1872
|
+
_this67.logger.debug("Retrying decryption on events:", pendingList.map(e => "".concat(e.getId())));
|
|
1849
1873
|
for (var ev of pendingList) {
|
|
1850
|
-
ev.attemptDecryption(
|
|
1874
|
+
ev.attemptDecryption(_this67, {
|
|
1851
1875
|
isRetry: true
|
|
1852
1876
|
}).catch(_e => {
|
|
1853
1877
|
// It's somewhat expected that we still can't decrypt here.
|
|
@@ -1866,16 +1890,16 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1866
1890
|
* @param userId - the user with the updated identity
|
|
1867
1891
|
*/
|
|
1868
1892
|
onUserIdentityUpdated(userId) {
|
|
1869
|
-
var
|
|
1893
|
+
var _this68 = this;
|
|
1870
1894
|
return _asyncToGenerator(function* () {
|
|
1871
|
-
var newVerification = yield
|
|
1872
|
-
|
|
1895
|
+
var newVerification = yield _this68.getUserVerificationStatus(userId.toString());
|
|
1896
|
+
_this68.emit(CryptoEvent.UserTrustStatusChanged, userId.toString(), newVerification);
|
|
1873
1897
|
|
|
1874
1898
|
// If our own user identity has changed, we may now trust the key backup where we did not before.
|
|
1875
1899
|
// So, re-check the key backup status and enable it if available.
|
|
1876
|
-
if (userId.toString() ===
|
|
1877
|
-
|
|
1878
|
-
yield
|
|
1900
|
+
if (userId.toString() === _this68.userId) {
|
|
1901
|
+
_this68.emit(CryptoEvent.KeysChanged, {});
|
|
1902
|
+
yield _this68.checkKeyBackupAndEnable();
|
|
1879
1903
|
}
|
|
1880
1904
|
})();
|
|
1881
1905
|
}
|
|
@@ -1891,10 +1915,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1891
1915
|
* @param userIds - an array of user IDs of users whose devices have updated.
|
|
1892
1916
|
*/
|
|
1893
1917
|
onDevicesUpdated(userIds) {
|
|
1894
|
-
var
|
|
1918
|
+
var _this69 = this;
|
|
1895
1919
|
return _asyncToGenerator(function* () {
|
|
1896
|
-
|
|
1897
|
-
|
|
1920
|
+
_this69.emit(CryptoEvent.WillUpdateDevices, userIds, false);
|
|
1921
|
+
_this69.emit(CryptoEvent.DevicesUpdated, userIds, false);
|
|
1898
1922
|
})();
|
|
1899
1923
|
}
|
|
1900
1924
|
|
|
@@ -1911,11 +1935,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1911
1935
|
* @param value - the secret value
|
|
1912
1936
|
*/
|
|
1913
1937
|
handleSecretReceived(name, value) {
|
|
1914
|
-
var
|
|
1938
|
+
var _this70 = this;
|
|
1915
1939
|
return _asyncToGenerator(function* () {
|
|
1916
|
-
|
|
1940
|
+
_this70.logger.debug("onReceiveSecret: Received secret ".concat(name));
|
|
1917
1941
|
if (name === "m.megolm_backup.v1") {
|
|
1918
|
-
return yield
|
|
1942
|
+
return yield _this70.backupManager.handleBackupSecretReceived(value);
|
|
1919
1943
|
// XXX at this point we should probably try to download the backup and import the keys,
|
|
1920
1944
|
// or at least retry for the current decryption failures?
|
|
1921
1945
|
// Maybe add some signaling when a new secret is received, and let clients handle it?
|
|
@@ -1933,11 +1957,11 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1933
1957
|
* @param name - The name of the secret received.
|
|
1934
1958
|
*/
|
|
1935
1959
|
checkSecrets(name) {
|
|
1936
|
-
var
|
|
1960
|
+
var _this71 = this;
|
|
1937
1961
|
return _asyncToGenerator(function* () {
|
|
1938
|
-
var pendingValues = yield
|
|
1962
|
+
var pendingValues = yield _this71.olmMachine.getSecretsFromInbox(name);
|
|
1939
1963
|
for (var value of pendingValues) {
|
|
1940
|
-
if (yield
|
|
1964
|
+
if (yield _this71.handleSecretReceived(name, value)) {
|
|
1941
1965
|
// If we have a valid secret for that name there is no point of processing the other secrets values.
|
|
1942
1966
|
// It's probably the same secret shared by another device.
|
|
1943
1967
|
break;
|
|
@@ -1945,7 +1969,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1945
1969
|
}
|
|
1946
1970
|
|
|
1947
1971
|
// Important to call this after handling the secrets as good hygiene.
|
|
1948
|
-
yield
|
|
1972
|
+
yield _this71.olmMachine.deleteSecretsFromInbox(name);
|
|
1949
1973
|
})();
|
|
1950
1974
|
}
|
|
1951
1975
|
|
|
@@ -1956,7 +1980,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1956
1980
|
* @param event - live event
|
|
1957
1981
|
*/
|
|
1958
1982
|
onLiveEventFromSync(event) {
|
|
1959
|
-
var
|
|
1983
|
+
var _this72 = this;
|
|
1960
1984
|
return _asyncToGenerator(function* () {
|
|
1961
1985
|
// Ignore state event or remote echo
|
|
1962
1986
|
// transaction_id is provided in case of remote echo {@link https://spec.matrix.org/v1.7/client-server-api/#local-echo}
|
|
@@ -1965,7 +1989,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1965
1989
|
var _ref6 = _asyncToGenerator(function* (evt) {
|
|
1966
1990
|
// Process only verification event
|
|
1967
1991
|
if (isVerificationEvent(event)) {
|
|
1968
|
-
yield
|
|
1992
|
+
yield _this72.onKeyVerificationEvent(evt);
|
|
1969
1993
|
}
|
|
1970
1994
|
});
|
|
1971
1995
|
return function processEvent(_x2) {
|
|
@@ -1999,7 +2023,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
1999
2023
|
* @param event - a key validation request event.
|
|
2000
2024
|
*/
|
|
2001
2025
|
onKeyVerificationEvent(event) {
|
|
2002
|
-
var
|
|
2026
|
+
var _this73 = this;
|
|
2003
2027
|
return _asyncToGenerator(function* () {
|
|
2004
2028
|
var roomId = event.getRoomId();
|
|
2005
2029
|
var senderId = event.getSender();
|
|
@@ -2009,7 +2033,7 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
2009
2033
|
if (!senderId) {
|
|
2010
2034
|
throw new Error("missing sender in the event");
|
|
2011
2035
|
}
|
|
2012
|
-
|
|
2036
|
+
_this73.logger.debug("Incoming verification event ".concat(event.getId(), " type ").concat(event.getType(), " from ").concat(event.getSender()));
|
|
2013
2037
|
var isRoomVerificationRequest = event.getType() === EventType.RoomMessage && event.getContent().msgtype === MsgType.KeyVerificationRequest;
|
|
2014
2038
|
if (isRoomVerificationRequest) {
|
|
2015
2039
|
// Before processing an in-room verification request, we need to
|
|
@@ -2017,10 +2041,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
2017
2041
|
// will immediately abort verification. So we explicitly fetch it
|
|
2018
2042
|
// from /keys/query and wait for that request to complete before we
|
|
2019
2043
|
// call receiveVerificationEvent.
|
|
2020
|
-
var req =
|
|
2021
|
-
yield
|
|
2044
|
+
var req = _this73.getOlmMachineOrThrow().queryKeysForUsers([new RustSdkCryptoJs.UserId(senderId)]);
|
|
2045
|
+
yield _this73.outgoingRequestProcessor.makeOutgoingRequest(req);
|
|
2022
2046
|
}
|
|
2023
|
-
yield
|
|
2047
|
+
yield _this73.getOlmMachineOrThrow().receiveVerificationEvent(JSON.stringify({
|
|
2024
2048
|
event_id: event.getId(),
|
|
2025
2049
|
type: event.getType(),
|
|
2026
2050
|
sender: senderId,
|
|
@@ -2029,12 +2053,12 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
2029
2053
|
origin_server_ts: event.getTs()
|
|
2030
2054
|
}), new RustSdkCryptoJs.RoomId(roomId));
|
|
2031
2055
|
if (isRoomVerificationRequest) {
|
|
2032
|
-
|
|
2056
|
+
_this73.onIncomingKeyVerificationRequest(senderId, event.getId());
|
|
2033
2057
|
}
|
|
2034
2058
|
|
|
2035
2059
|
// that may have caused us to queue up outgoing requests, so make sure we send them.
|
|
2036
|
-
|
|
2037
|
-
|
|
2060
|
+
_this73.outgoingRequestsManager.doProcessOutgoingRequests().catch(e => {
|
|
2061
|
+
_this73.logger.warn("onKeyVerificationRequest: Error processing outgoing requests", e);
|
|
2038
2062
|
});
|
|
2039
2063
|
})();
|
|
2040
2064
|
}
|
|
@@ -2046,9 +2070,10 @@ export class RustCrypto extends TypedEventEmitter {
|
|
|
2046
2070
|
* Used during migration from legacy js-crypto to update local trust if needed.
|
|
2047
2071
|
*/
|
|
2048
2072
|
getOwnIdentity() {
|
|
2049
|
-
var
|
|
2073
|
+
var _this74 = this;
|
|
2050
2074
|
return _asyncToGenerator(function* () {
|
|
2051
|
-
|
|
2075
|
+
var identity = yield _this74.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(_this74.userId));
|
|
2076
|
+
return identity;
|
|
2052
2077
|
})();
|
|
2053
2078
|
}
|
|
2054
2079
|
}
|
|
@@ -2065,13 +2090,13 @@ class EventDecryptor {
|
|
|
2065
2090
|
_defineProperty(this, "eventsPendingKey", new MapWithDefault(() => new MapWithDefault(() => new Set())));
|
|
2066
2091
|
}
|
|
2067
2092
|
attemptEventDecryption(event, isolationMode) {
|
|
2068
|
-
var
|
|
2093
|
+
var _this75 = this;
|
|
2069
2094
|
return _asyncToGenerator(function* () {
|
|
2070
2095
|
// add the event to the pending list *before* attempting to decrypt.
|
|
2071
2096
|
// then, if the key turns up while decryption is in progress (and
|
|
2072
2097
|
// decryption fails), we will schedule a retry.
|
|
2073
2098
|
// (fixes https://github.com/vector-im/element-web/issues/5001)
|
|
2074
|
-
|
|
2099
|
+
_this75.addEventToPendingList(event);
|
|
2075
2100
|
var trustRequirement;
|
|
2076
2101
|
switch (isolationMode.kind) {
|
|
2077
2102
|
case DeviceIsolationModeKind.AllDevicesIsolationMode:
|
|
@@ -2083,11 +2108,11 @@ class EventDecryptor {
|
|
|
2083
2108
|
}
|
|
2084
2109
|
try {
|
|
2085
2110
|
var _res$forwarder;
|
|
2086
|
-
var res = yield
|
|
2111
|
+
var res = yield _this75.olmMachine.decryptRoomEvent(stringifyEvent(event), new RustSdkCryptoJs.RoomId(event.getRoomId()), new RustSdkCryptoJs.DecryptionSettings(trustRequirement));
|
|
2087
2112
|
|
|
2088
2113
|
// Success. We can remove the event from the pending list, if
|
|
2089
2114
|
// that hasn't already happened.
|
|
2090
|
-
|
|
2115
|
+
_this75.removeEventFromPendingList(event);
|
|
2091
2116
|
return {
|
|
2092
2117
|
clearEvent: JSON.parse(res.event),
|
|
2093
2118
|
claimedEd25519Key: res.senderClaimedEd25519Key,
|
|
@@ -2096,7 +2121,7 @@ class EventDecryptor {
|
|
|
2096
2121
|
};
|
|
2097
2122
|
} catch (err) {
|
|
2098
2123
|
if (err instanceof RustSdkCryptoJs.MegolmDecryptionError) {
|
|
2099
|
-
|
|
2124
|
+
_this75.onMegolmDecryptionError(event, err, yield _this75.perSessionBackupDownloader.getServerBackupInfo());
|
|
2100
2125
|
} else {
|
|
2101
2126
|
throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, "Unknown error");
|
|
2102
2127
|
}
|
|
@@ -2182,7 +2207,7 @@ class EventDecryptor {
|
|
|
2182
2207
|
}
|
|
2183
2208
|
}
|
|
2184
2209
|
getEncryptionInfoForEvent(event) {
|
|
2185
|
-
var
|
|
2210
|
+
var _this76 = this;
|
|
2186
2211
|
return _asyncToGenerator(function* () {
|
|
2187
2212
|
if (!event.getClearContent() || event.isDecryptionFailure()) {
|
|
2188
2213
|
// not successfully decrypted
|
|
@@ -2196,8 +2221,8 @@ class EventDecryptor {
|
|
|
2196
2221
|
shieldReason: null
|
|
2197
2222
|
};
|
|
2198
2223
|
}
|
|
2199
|
-
var encryptionInfo = yield
|
|
2200
|
-
return rustEncryptionInfoToJsEncryptionInfo(
|
|
2224
|
+
var encryptionInfo = yield _this76.olmMachine.getRoomEventEncryptionInfo(stringifyEvent(event), new RustSdkCryptoJs.RoomId(event.getRoomId()));
|
|
2225
|
+
return rustEncryptionInfoToJsEncryptionInfo(_this76.logger, encryptionInfo);
|
|
2201
2226
|
})();
|
|
2202
2227
|
}
|
|
2203
2228
|
|