Support passphrase-based e2e key backups

2025-11-28 05:03:59 +03:00 · 2018-11-20 13:09:59 +00:00
parent d99a22d68d
commit 44d99277fe
2 changed files with 123 additions and 8 deletions
--- a/src/client.js
+++ b/src/client.js
@@ -49,6 +49,7 @@ import RoomList from './crypto/RoomList';
 import Crypto from './crypto';
 import { isCryptoAvailable } from './crypto';
 import { encodeRecoveryKey, decodeRecoveryKey } from './crypto/recoverykey';
+import { keyForNewBackup, keyForExistingBackup } from './crypto/backup_password';

 // Disable warnings for now: we use deprecated bluebird functions
 // and need to migrate, but they spam the console with warnings.
@@ -860,22 +861,37 @@ MatrixClient.prototype.disableKeyBackup = function() {
 * Set up the data required to create a new backup version.  The backup version
 * will not be created and enabled until createKeyBackupVersion is called.
 *
+ * @param {string} password Passphrase string that can be entered by the user
+ *     when restoring the backup as an alternative to entering the recovery key.
+ *     Optional.
+ *
 * @returns {object} Object that can be passed to createKeyBackupVersion and
 *     additionally has a 'recovery_key' member with the user-facing recovery key string.
 */
-MatrixClient.prototype.prepareKeyBackupVersion = function() {
+MatrixClient.prototype.prepareKeyBackupVersion = async function(password) {
    if (this._crypto === null) {
        throw new Error("End-to-end encryption disabled");
    }

    const decryption = new global.Olm.PkDecryption();
    try {
-        const publicKey = decryption.generate_key();
+        let privateKey;
+        let publicKey;
+        let authData = {};
+        if (password) {
+            const keyInfo = await keyForNewBackup(password);
+            publicKey = decryption.init_with_private_key(keyInfo.key);
+            authData.private_key_salt = keyInfo.salt;
+            authData.private_key_iterations = keyInfo.iterations;
+        } else {
+            publicKey = decryption.generate_key();
+        }
+
+        authData.public_key = publicKey;
+
        return {
            algorithm: olmlib.MEGOLM_BACKUP_ALGORITHM,
-            auth_data: {
-                public_key: publicKey,
-            },
+            auth_data: authData,
            recovery_key: encodeRecoveryKey(decryption.get_private_key()),
        };
    } finally {
@@ -992,8 +1008,28 @@ MatrixClient.prototype.isValidRecoveryKey = function(recoveryKey) {
    }
 };

-MatrixClient.prototype.restoreKeyBackups = function(
+MatrixClient.prototype.restoreKeyBackupWithPassword = async function(
+    password, targetRoomId, targetSessionId, version,
+) {
+    const backupInfo = await this.getKeyBackupVersion();
+
+    const privKey = keyForExistingBackup(backupInfo, password);
+    return this._restoreKeyBackup(
+        privKey, targetRoomId, targetSessionId, version,
+    );
+};
+
+MatrixClient.prototype.restoreKeyBackupWithRecoveryKey = function(
    recoveryKey, targetRoomId, targetSessionId, version,
+) {
+    const privKey = decodeRecoveryKey(recoveryKey);
+    return this._restoreKeyBackup(
+        privKey, targetRoomId, targetSessionId, version,
+    );
+};
+
+MatrixClient.prototype._restoreKeyBackup = function(
+    privKey, targetRoomId, targetSessionId, version,
 ) {
    if (this._crypto === null) {
        throw new Error("End-to-end encryption disabled");
@@ -1003,8 +1039,6 @@ MatrixClient.prototype.restoreKeyBackups = function(

    const path = this._makeKeyBackupPath(targetRoomId, targetSessionId, version);

-    // FIXME: see the FIXME in createKeyBackupVersion
-    const privkey = decodeRecoveryKey(recoveryKey);
    const decryption = new global.Olm.PkDecryption();
    try {
        decryption.init_with_private_key(privkey);