improve types

2025-11-26 17:03:12 +03:00 · 2021-07-08 18:10:37 -04:00
parent 2e27e247f3
commit ac02f30dc8
4 changed files with 54 additions and 30 deletions
--- a/src/@types/signed.ts
+++ b/src/@types/signed.ts
@@ -19,3 +19,7 @@ export interface ISignatures {
        [keyId: string]: string;
    };
 }
+
+export interface ISigned {
+    signatures?: ISignatures;
+}
--- a/src/crypto/backup.ts
+++ b/src/crypto/backup.ts
@@ -31,7 +31,8 @@ import { IndexedDBCryptoStore } from './store/indexeddb-crypto-store';
 import { encodeRecoveryKey } from './recoverykey';
 import { encryptAES, decryptAES, calculateKeyCheck } from './aes';
 import { getCrypto } from '../utils';
-import { IKeyBackupInfo } from "./keybackup";
+import { ICurve25519AuthData, IAes256AuthData, IKeyBackupInfo } from "./keybackup";
+import { UnstableValue } from "../NamespacedValue";

 const KEY_BACKUP_KEYS_PER_REQUEST = 200;

@@ -302,7 +303,7 @@ export class BackupManager {

        const trustedPubkey = this.baseApis.crypto.sessionStore.getLocalTrustedBackupPubKey();

-        if (backupInfo.auth_data.public_key === trustedPubkey) {
+        if ("public_key" in backupInfo.auth_data && backupInfo.auth_data.public_key === trustedPubkey) {
            logger.info("Backup public key " + trustedPubkey + " is trusted locally");
            ret.trusted_locally = true;
        }
@@ -572,23 +573,26 @@ export class BackupManager {

 export class Curve25519 implements BackupAlgorithm {
    public static algorithmName = "m.megolm_backup.v1.curve25519-aes-sha2";
+    public authData: ICurve25519AuthData;

    constructor(
-        public authData: AuthData,
+        authData: AuthData,
        private publicKey: any, // FIXME: PkEncryption
        private getKey: () => Promise<Uint8Array>,
-    ) {}
+    ) {
+        this.authData = authData as ICurve25519AuthData;
+    }

    public static async init(
        authData: AuthData,
        getKey: () => Promise<Uint8Array>,
    ): Promise<Curve25519> {
-        if (!authData || !authData.public_key) {
+        if (!authData || !("public_key" in authData)) {
            throw new Error("auth_data missing required information");
        }
        const publicKey = new global.Olm.PkEncryption();
        publicKey.set_recipient_key(authData.public_key);
-        return new Curve25519(authData, publicKey, getKey);
+        return new Curve25519(authData as ICurve25519AuthData, publicKey, getKey);
    }

    public static async prepare(
@@ -596,7 +600,7 @@ export class Curve25519 implements BackupAlgorithm {
    ): Promise<[Uint8Array, AuthData]> {
        const decryption = new global.Olm.PkDecryption();
        try {
-            const authData: Partial<AuthData> = {};
+            const authData: Partial<ICurve25519AuthData> = {};
            if (!key) {
                authData.public_key = decryption.generate_key();
            } else if (key instanceof Uint8Array) {
@@ -620,7 +624,7 @@ export class Curve25519 implements BackupAlgorithm {
    }

    public static checkBackupVersion(info: IKeyBackupInfo): void {
-        if (!info.auth_data.public_key) {
+        if (!("public_key" in info.auth_data)) {
            throw new Error("Invalid backup data returned");
        }
    }
@@ -685,12 +689,12 @@ export class Curve25519 implements BackupAlgorithm {
 }

 function randomBytes(size: number): Uint8Array {
-    const crypto: {randomBytes: (number) => Uint8Array} | undefined = getCrypto() as any;
+    const crypto: {randomBytes: (n: number) => Uint8Array} | undefined = getCrypto() as any;
    if (crypto) {
        // nodejs version
        return crypto.randomBytes(size);
    }
-    if (typeof window !== "undefined" && window.crypto) {
+    if (window?.crypto) {
        // browser version
        const buf = new Uint8Array(size);
        window.crypto.getRandomValues(buf);
@@ -699,16 +703,21 @@ function randomBytes(size: number): Uint8Array {
    throw new Error("No usable crypto implementation");
 }

+const UNSTABLE_MSC3270_NAME = new UnstableValue(null, "org.matrix.msc3270.v1.aes-hmac-sha2");
+
 export class Aes256 implements BackupAlgorithm {
-    public static algorithmName = "org.matrix.msc3270.v1.aes-hmac-sha2";
+    public static algorithmName = UNSTABLE_MSC3270_NAME.name;
+    public readonly authData: IAes256AuthData;

    constructor(
-        public authData: AuthData,
-        private key: Uint8Array,
-    ) {}
+        authData: AuthData,
+        private readonly key: Uint8Array,
+    ) {
+        this.authData = authData as IAes256AuthData;
+    }

    public static async init(
-        authData: AuthData,
+        authData: IAes256AuthData,
        getKey: () => Promise<Uint8Array>,
    ): Promise<Aes256> {
        if (!authData) {
@@ -728,7 +737,7 @@ export class Aes256 implements BackupAlgorithm {
        key: string | Uint8Array | null,
    ): Promise<[Uint8Array, AuthData]> {
        let outKey: Uint8Array;
-        const authData: AuthData = {};
+        const authData: Partial<IAes256AuthData> = {};
        if (!key) {
            outKey = randomBytes(32);
        } else if (key instanceof Uint8Array) {
@@ -744,11 +753,11 @@ export class Aes256 implements BackupAlgorithm {
        authData.iv = iv;
        authData.mac = mac;

-        return [outKey, authData];
+        return [outKey, authData as AuthData];
    }

    public static checkBackupVersion(info: IKeyBackupInfo): void {
-        if (!info.auth_data.iv || !info.auth_data.mac) {
+        if (!("iv" in info.auth_data && "mac" in info.auth_data)) {
            throw new Error("Invalid backup data returned");
        }
    }
--- a/src/crypto/key_passphrase.ts
+++ b/src/crypto/key_passphrase.ts
@@ -15,13 +15,18 @@ limitations under the License.
 */

 import { randomString } from '../randomstring';
-import { IKeyBackupInfo } from "./keybackup";

 const DEFAULT_ITERATIONS = 500000;

 const DEFAULT_BITSIZE = 256;

-type IAuthData = IKeyBackupInfo["auth_data"];
+/* eslint-disable camelcase */
+interface IAuthData {
+    private_key_salt?: string;
+    private_key_iterations?: number;
+    private_key_bits?: number;
+}
+/* eslint-enable camelcase */

 interface IKey {
    key: Uint8Array;
--- a/src/crypto/keybackup.ts
+++ b/src/crypto/keybackup.ts
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import { ISignatures } from "../@types/signed";
+import { ISigned } from "../@types/signed";

 export interface IKeyBackupSession {
    first_message_index: number; // eslint-disable-line camelcase
@@ -32,17 +32,23 @@ export interface IKeyBackupRoomSessions {
 }

 /* eslint-disable camelcase */
-export interface IKeyBackupInfo {
-    algorithm: string;
-    auth_data: {
-        public_key?: string;
-        signatures?: ISignatures;
+export interface ICurve25519AuthData {
+    public_key: string;
    private_key_salt?: string;
    private_key_iterations?: number;
    private_key_bits?: number;
-        iv?: string;
-        mac?: string;
-    };
+}
+
+export interface IAes256AuthData {
+    iv: string;
+    mac: string;
+    private_key_salt?: string;
+    private_key_iterations?: number;
+}
+
+export interface IKeyBackupInfo {
+    algorithm: string;
+    auth_data: ISigned & (ICurve25519AuthData | IAes256AuthData);
    count?: number;
    etag?: string;
    version?: string; // number contained within