Add recovery key generation path

2025-12-05 17:02:07 +03:00 · 2019-12-04 15:32:22 +00:00
parent 96c8c2b9c3
commit 9fb559307b
2 changed files with 36 additions and 0 deletions
--- a/src/client.js
+++ b/src/client.js
@@ -1044,6 +1044,16 @@ MatrixClient.prototype.checkEventSenderTrust = async function(event) {
    return await this._crypto.checkDeviceTrust(event.getSender(), device.deviceId);
 };

+/**
+ * Create a recovery key from a user-supplied passphrase.
+ *
+ * @function module:client~MatrixClient#createRecoveryKeyFromPassphrase
+ * @param {string} password Passphrase string that can be entered by the user
+ *     when restoring the backup as an alternative to entering the recovery key.
+ *     Optional.
+ * @returns {Promise<String>} The user-facing recovery key string.
+ */
+
 /**
 * Bootstrap Secure Secret Storage if needed by creating a default key and signing it with
 * the cross-signing master key. If everything is already set up, then no
@@ -1145,6 +1155,7 @@ MatrixClient.prototype.checkEventSenderTrust = async function(event) {
 */

 wrapCryptoFuncs(MatrixClient, [
+    "createRecoveryKeyFromPassphrase",
    "bootstrapSecretStorage",
    "addSecretStorageKey",
    "hasSecretStorageKey",
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -55,6 +55,8 @@ import {
    newUnknownMethodError,
 } from './verification/Error';
 import {sleep} from '../utils';
+import { keyFromPassphrase } from './key_passphrase';
+import { encodeRecoveryKey } from './recoverykey';

 const defaultVerificationMethods = {
    [ScanQRCode.NAME]: ScanQRCode,
@@ -317,6 +319,29 @@ Crypto.prototype.init = async function() {
    this._checkAndStartKeyBackup();
 };

+/**
+ * Create a recovery key from a user-supplied passphrase.
+ *
+ * @param {string} password Passphrase string that can be entered by the user
+ *     when restoring the backup as an alternative to entering the recovery key.
+ *     Optional.
+ * @returns {Promise<String>} The user-facing recovery key string.
+ */
+Crypto.prototype.createRecoveryKeyFromPassphrase = async function(password) {
+    const decryption = new global.Olm.PkDecryption();
+    try {
+        if (password) {
+            const keyInfo = await keyFromPassphrase(password);
+            decryption.init_with_private_key(keyInfo.key);
+        } else {
+            decryption.generate_key();
+        }
+        return encodeRecoveryKey(decryption.get_private_key());
+    } finally {
+        decryption.free();
+    }
+};
+
 /**
 * Bootstrap Secure Secret Storage if needed by creating a default key and
 * signing it with the cross-signing master key. If everything is already set