rust backup restore support (#3709)

* Refactor key backup recovery to prepare for rust * rust backup restore support * Move export out of old crypto to api with re-export * extract base64 utility * add tests for base64 util * more efficient regex * fix typo
2025-11-23 17:02:25 +03:00 · 2023-09-13 11:08:26 +02:00
parent 1b8507c060
commit 1503acb30a
12 changed files with 318 additions and 46 deletions
--- a/src/rust-crypto/backup.ts
+++ b/src/rust-crypto/backup.ts
@@ -17,14 +17,23 @@ limitations under the License.
 import { OlmMachine, SignatureVerification } from "@matrix-org/matrix-sdk-crypto-wasm";
 import * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";

-import { BackupTrustInfo, Curve25519AuthData, KeyBackupCheck, KeyBackupInfo } from "../crypto-api/keybackup";
+import {
+    BackupTrustInfo,
+    Curve25519AuthData,
+    KeyBackupCheck,
+    KeyBackupInfo,
+    KeyBackupSession,
+    Curve25519SessionData,
+} from "../crypto-api/keybackup";
 import { logger } from "../logger";
 import { ClientPrefix, IHttpOpts, MatrixError, MatrixHttpApi, Method } from "../http-api";
-import { CryptoEvent } from "../crypto";
+import { CryptoEvent, IMegolmSessionData } from "../crypto";
 import { TypedEventEmitter } from "../models/typed-event-emitter";
 import { encodeUri } from "../utils";
 import { OutgoingRequestProcessor } from "./OutgoingRequestProcessor";
 import { sleep } from "../utils";
+import { BackupDecryptor } from "../common-crypto/CryptoBackend";
+import { IEncryptedPayload } from "../crypto/aes";

 /** Authentification of the backup info, depends on algorithm */
 type AuthData = KeyBackupInfo["auth_data"];
@@ -370,6 +379,51 @@ export class RustBackupManager extends TypedEventEmitter<RustBackupCryptoEvents,
    }
 }

+/**
+ * Implementation of {@link BackupDecryptor} for the rust crypto backend.
+ */
+export class RustBackupDecryptor implements BackupDecryptor {
+    private decryptionKey: RustSdkCryptoJs.BackupDecryptionKey;
+    public sourceTrusted: boolean;
+
+    public constructor(decryptionKey: RustSdkCryptoJs.BackupDecryptionKey) {
+        this.decryptionKey = decryptionKey;
+        this.sourceTrusted = false;
+    }
+
+    /**
+     * Implements {@link BackupDecryptor#decryptSessions}
+     */
+    public async decryptSessions(
+        ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | IEncryptedPayload>>,
+    ): Promise<IMegolmSessionData[]> {
+        const keys: IMegolmSessionData[] = [];
+        for (const [sessionId, sessionData] of Object.entries(ciphertexts)) {
+            try {
+                const decrypted = JSON.parse(
+                    await this.decryptionKey.decryptV1(
+                        sessionData.session_data.ephemeral,
+                        sessionData.session_data.mac,
+                        sessionData.session_data.ciphertext,
+                    ),
+                );
+                decrypted.session_id = sessionId;
+                keys.push(decrypted);
+            } catch (e) {
+                logger.log("Failed to decrypt megolm session from backup", e, sessionData);
+            }
+        }
+        return keys;
+    }
+
+    /**
+     * Implements {@link BackupDecryptor#free}
+     */
+    public free(): void {
+        this.decryptionKey.free();
+    }
+}
+
 export type RustBackupCryptoEvents =
    | CryptoEvent.KeyBackupStatus
    | CryptoEvent.KeyBackupSessionsRemaining