Skip to content

Commit

Permalink
Update import to use new functions
Browse files Browse the repository at this point in the history
  • Loading branch information
florianduros committed Sep 25, 2024
1 parent 48ceb73 commit ca95c3d
Show file tree
Hide file tree
Showing 13 changed files with 40 additions and 28 deletions.
2 changes: 1 addition & 1 deletion spec/integ/crypto/cross-signing.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import { IDBFactory } from "fake-indexeddb";
import { CRYPTO_BACKENDS, InitCrypto, syncPromise } from "../../test-utils/test-utils";
import { AuthDict, createClient, CryptoEvent, MatrixClient } from "../../../src";
import { mockInitialApiRequests, mockSetupCrossSigningRequests } from "../../test-utils/mockEndpoints";
import { encryptAES } from "../../../src/crypto/aes";
import { encryptAES } from "../../../src/utils/encryptAES";
import { CryptoCallbacks, CrossSigningKey } from "../../../src/crypto-api";
import { SECRET_STORAGE_ALGORITHM_V1_AES } from "../../../src/secret-storage";
import { ISyncResponder, SyncResponder } from "../../test-utils/SyncResponder";
Expand Down
2 changes: 1 addition & 1 deletion spec/unit/crypto/secrets.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import { IObject } from "../../../src/crypto/olmlib";
import { MatrixEvent } from "../../../src/models/event";
import { TestClient } from "../../TestClient";
import { makeTestClients } from "./verification/util";
import { encryptAES } from "../../../src/crypto/aes";
import { encryptAES } from "../../../src/utils/encryptAES";
import { createSecretStorageKey, resetCrossSigningKeys } from "./crypto-utils";
import { logger } from "../../../src/logger";
import { ClientEvent, ICreateClientOpts, MatrixClient } from "../../../src/client";
Expand Down
2 changes: 1 addition & 1 deletion spec/unit/rust-crypto/rust-crypto.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ import { logger } from "../../../src/logger";
import { OutgoingRequestsManager } from "../../../src/rust-crypto/OutgoingRequestsManager";
import { ClientEvent, ClientEventHandlerMap } from "../../../src/client";
import { Curve25519AuthData } from "../../../src/crypto-api/keybackup";
import { encryptAES } from "../../../src/crypto/aes";
import { encryptAES } from "../../../src/utils/encryptAES";
import { CryptoStore, SecretStorePrivateKeys } from "../../../src/crypto/store/base";

const TEST_USER = "@alice:example.com";
Expand Down
2 changes: 1 addition & 1 deletion spec/unit/secret-storage.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ import {
ServerSideSecretStorageImpl,
trimTrailingEquals,
} from "../../src/secret-storage";
import { calculateKeyCheck } from "../../src/crypto/aes";
import { calculateKeyCheck } from "../../src/utils/calculateKeyCheck";
import { randomString } from "../../src/randomstring";

describe("ServerSideSecretStorageImpl", function () {
Expand Down
4 changes: 2 additions & 2 deletions src/crypto-api/keybackup.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ limitations under the License.
*/

import { ISigned } from "../@types/signed.ts";
import { IEncryptedPayload } from "../crypto/aes.ts";
import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";

export interface Curve25519AuthData {
public_key: string;
Expand Down Expand Up @@ -77,7 +77,7 @@ export interface Curve25519SessionData {
}

/* eslint-disable camelcase */
export interface KeyBackupSession<T = Curve25519SessionData | IEncryptedPayload> {
export interface KeyBackupSession<T = Curve25519SessionData | SecretEncryptedPayload> {
first_message_index: number;
forwarded_count: number;
is_verified: boolean;
Expand Down
3 changes: 2 additions & 1 deletion src/crypto/CrossSigning.ts
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ import type { PkSigning } from "@matrix-org/olm";
import { IObject, pkSign, pkVerify } from "./olmlib.ts";
import { logger } from "../logger.ts";
import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
import { decryptAES, encryptAES } from "./aes.ts";
import { DeviceInfo } from "./deviceinfo.ts";
import { ISignedKey, MatrixClient } from "../client.ts";
import { OlmDevice } from "./OlmDevice.ts";
Expand All @@ -36,6 +35,8 @@ import {
UserVerificationStatus as UserTrustLevel,
} from "../crypto-api/index.ts";
import { decodeBase64, encodeBase64 } from "../base64.ts";
import { encryptAES } from "../utils/encryptAES.ts";
import { decryptAES } from "../utils/decryptAES.ts";

// backwards-compatibility re-exports
export { UserTrustLevel };
Expand Down
11 changes: 7 additions & 4 deletions src/crypto/backup.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ import { DeviceTrustLevel } from "./CrossSigning.ts";
import { keyFromPassphrase } from "./key_passphrase.ts";
import { encodeUri, safeSet, sleep } from "../utils.ts";
import { IndexedDBCryptoStore } from "./store/indexeddb-crypto-store.ts";
import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
import {
Curve25519SessionData,
IAes256AuthData,
Expand All @@ -41,6 +40,10 @@ import { ClientPrefix, HTTPError, MatrixError, Method } from "../http-api/index.
import { BackupTrustInfo } from "../crypto-api/keybackup.ts";
import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
import { encodeRecoveryKey } from "../crypto-api/index.ts";
import { decryptAES } from "../utils/decryptAES.ts";
import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
import { encryptAES } from "../utils/encryptAES.ts";
import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";

const KEY_BACKUP_KEYS_PER_REQUEST = 200;
const KEY_BACKUP_CHECK_RATE_LIMIT = 5000; // ms
Expand Down Expand Up @@ -94,7 +97,7 @@ interface BackupAlgorithmClass {

interface BackupAlgorithm {
untrusted: boolean;
encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | IEncryptedPayload>;
encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | SecretEncryptedPayload>;
decryptSessions(ciphertexts: Record<string, IKeyBackupSession>): Promise<IMegolmSessionData[]>;
authData: AuthData;
keyMatches(key: ArrayLike<number>): Promise<boolean>;
Expand Down Expand Up @@ -825,7 +828,7 @@ export class Aes256 implements BackupAlgorithm {
return false;
}

public encryptSession(data: Record<string, any>): Promise<IEncryptedPayload> {
public encryptSession(data: Record<string, any>): Promise<SecretEncryptedPayload> {
const plainText: Record<string, any> = Object.assign({}, data);
delete plainText.session_id;
delete plainText.room_id;
Expand All @@ -834,7 +837,7 @@ export class Aes256 implements BackupAlgorithm {
}

public async decryptSessions(
sessions: Record<string, IKeyBackupSession<IEncryptedPayload>>,
sessions: Record<string, IKeyBackupSession<SecretEncryptedPayload>>,
): Promise<IMegolmSessionData[]> {
const keys: IMegolmSessionData[] = [];

Expand Down
3 changes: 2 additions & 1 deletion src/crypto/dehydration.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,12 @@ import anotherjson from "another-json";
import type { IDeviceKeys, IOneTimeKey } from "../@types/crypto.ts";
import { decodeBase64, encodeBase64 } from "../base64.ts";
import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
import { decryptAES, encryptAES } from "./aes.ts";
import { logger } from "../logger.ts";
import { Crypto } from "./index.ts";
import { Method } from "../http-api/index.ts";
import { SecretStorageKeyDescription } from "../secret-storage.ts";
import { decryptAES } from "../utils/decryptAES.ts";
import { encryptAES } from "../utils/encryptAES.ts";

export interface IDehydratedDevice {
device_id: string; // eslint-disable-line camelcase
Expand Down
7 changes: 5 additions & 2 deletions src/crypto/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ import { InRoomChannel, InRoomRequests } from "./verification/request/InRoomChan
import { Request, ToDeviceChannel, ToDeviceRequests } from "./verification/request/ToDeviceChannel.ts";
import { IllegalMethod } from "./verification/IllegalMethod.ts";
import { KeySignatureUploadError } from "../errors.ts";
import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
import { DehydrationManager } from "./dehydration.ts";
import { BackupManager, LibOlmBackupDecryptor, backupTrustInfoFromLegacyTrustInfo } from "./backup.ts";
import { IStore } from "../store/index.ts";
Expand Down Expand Up @@ -107,6 +106,10 @@ import { deviceInfoToDevice } from "./device-converter.ts";
import { ClientPrefix, MatrixError, Method } from "../http-api/index.ts";
import { decodeBase64, encodeBase64 } from "../base64.ts";
import { KnownMembership } from "../@types/membership.ts";
import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
import { decryptAES } from "../utils/decryptAES.ts";
import { encryptAES } from "../utils/encryptAES.ts";
import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";

/* re-exports for backwards compatibility */
export type {
Expand Down Expand Up @@ -1323,7 +1326,7 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
* @returns the key, if any, or null
*/
public async getSessionBackupPrivateKey(): Promise<Uint8Array | null> {
const encodedKey = await new Promise<Uint8Array | IEncryptedPayload | string | null>((resolve) => {
const encodedKey = await new Promise<Uint8Array | SecretEncryptedPayload | string | null>((resolve) => {
this.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
this.cryptoStore.getSecretStorePrivateKey(txn, resolve, "m.megolm_backup.v1");
});
Expand Down
6 changes: 3 additions & 3 deletions src/crypto/store/base.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@ import { Logger } from "../../logger.ts";
import { InboundGroupSessionData } from "../OlmDevice.ts";
import { MatrixEvent } from "../../models/event.ts";
import { DehydrationManager } from "../dehydration.ts";
import { IEncryptedPayload } from "../aes.ts";
import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
import { SecretEncryptedPayload } from "../../utils/@types/SecretEncryptedPayload.ts";

/**
* Internal module. Definitions for storage for the crypto module
Expand All @@ -35,11 +35,11 @@ import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
export interface SecretStorePrivateKeys {
"dehydration": {
keyInfo: DehydrationManager["keyInfo"];
key: IEncryptedPayload;
key: SecretEncryptedPayload;
deviceDisplayName: string;
time: number;
} | null;
"m.megolm_backup.v1": IEncryptedPayload;
"m.megolm_backup.v1": SecretEncryptedPayload;
}

/**
Expand Down
4 changes: 2 additions & 2 deletions src/rust-crypto/backup.ts
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,10 @@ import { encodeUri, logDuration } from "../utils.ts";
import { OutgoingRequestProcessor } from "./OutgoingRequestProcessor.ts";
import { sleep } from "../utils.ts";
import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
import { IEncryptedPayload } from "../crypto/aes.ts";
import { ImportRoomKeyProgressData, ImportRoomKeysOpts } from "../crypto-api/index.ts";
import { IKeyBackupInfo } from "../crypto/keybackup.ts";
import { IKeyBackup } from "../crypto/backup.ts";
import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";

/** Authentification of the backup info, depends on algorithm */
type AuthData = KeyBackupInfo["auth_data"];
Expand Down Expand Up @@ -622,7 +622,7 @@ export class RustBackupDecryptor implements BackupDecryptor {
* Implements {@link BackupDecryptor#decryptSessions}
*/
public async decryptSessions(
ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | IEncryptedPayload>>,
ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | SecretEncryptedPayload>>,
): Promise<IMegolmSessionData[]> {
const keys: IMegolmSessionData[] = [];
for (const [sessionId, sessionData] of Object.entries(ciphertexts)) {
Expand Down
5 changes: 3 additions & 2 deletions src/rust-crypto/libolm_migration.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";
import { Logger } from "../logger.ts";
import { CryptoStore, MigrationState, SecretStorePrivateKeys } from "../crypto/store/base.ts";
import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
import { decryptAES, IEncryptedPayload } from "../crypto/aes.ts";
import { IHttpOpts, MatrixHttpApi } from "../http-api/index.ts";
import { requestKeyBackupVersion } from "./backup.ts";
import { IRoomEncryption } from "../crypto/RoomList.ts";
Expand All @@ -28,6 +27,8 @@ import { RustCrypto } from "./rust-crypto.ts";
import { KeyBackupInfo } from "../crypto-api/keybackup.ts";
import { sleep } from "../utils.ts";
import { encodeBase64 } from "../base64.ts";
import { decryptAES } from "../utils/decryptAES.ts";
import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";

/**
* Determine if any data needs migrating from the legacy store, and do so.
Expand Down Expand Up @@ -421,7 +422,7 @@ async function getAndDecryptCachedSecretKey(
});

if (key && key.ciphertext && key.iv && key.mac) {
return await decryptAES(key as IEncryptedPayload, legacyPickleKey, name);
return await decryptAES(key as SecretEncryptedPayload, legacyPickleKey, name);
} else if (key instanceof Uint8Array) {
// This is a legacy backward compatibility case where the key was stored in clear.
return encodeBase64(key);
Expand Down
17 changes: 10 additions & 7 deletions src/secret-storage.ts
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,12 @@ limitations under the License.
import { TypedEventEmitter } from "./models/typed-event-emitter.ts";
import { ClientEvent, ClientEventHandlerMap } from "./client.ts";
import { MatrixEvent } from "./models/event.ts";
import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./crypto/aes.ts";
import { randomString } from "./randomstring.ts";
import { logger } from "./logger.ts";
import { calculateKeyCheck } from "./utils/calculateKeyCheck.ts";
import { encryptAES } from "./utils/encryptAES.ts";
import { decryptAES } from "./utils/decryptAES.ts";
import { SecretEncryptedPayload } from "./utils/@types/SecretEncryptedPayload.ts";

export const SECRET_STORAGE_ALGORITHM_V1_AES = "m.secret_storage.v1.aes-hmac-sha2";

Expand Down Expand Up @@ -200,13 +203,13 @@ export interface SecretStorageCallbacks {

interface SecretInfo {
encrypted: {
[keyId: string]: IEncryptedPayload;
[keyId: string]: SecretEncryptedPayload;
};
}

interface Decryptors {
encrypt: (plaintext: string) => Promise<IEncryptedPayload>;
decrypt: (ciphertext: IEncryptedPayload) => Promise<string>;
encrypt: (plaintext: string) => Promise<SecretEncryptedPayload>;
decrypt: (ciphertext: SecretEncryptedPayload) => Promise<string>;
}

/**
Expand Down Expand Up @@ -491,7 +494,7 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
* @param keys - The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key.
*/
public async store(name: string, secret: string, keys?: string[] | null): Promise<void> {
const encrypted: Record<string, IEncryptedPayload> = {};
const encrypted: Record<string, SecretEncryptedPayload> = {};

if (!keys) {
const defaultKeyId = await this.getDefaultKeyId();
Expand Down Expand Up @@ -638,10 +641,10 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {

if (keys[keyId].algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
const decryption = {
encrypt: function (secret: string): Promise<IEncryptedPayload> {
encrypt: function (secret: string): Promise<SecretEncryptedPayload> {
return encryptAES(secret, privateKey, name);
},
decrypt: function (encInfo: IEncryptedPayload): Promise<string> {
decrypt: function (encInfo: SecretEncryptedPayload): Promise<string> {
return decryptAES(encInfo, privateKey, name);
},
};
Expand Down

0 comments on commit ca95c3d

Please sign in to comment.