* disable key backup when both trust via signatures and private key fail
* test for enabling backup with decryption key
* enable backup with decryption key in legacy crypto
* fix formmating
* fix typo
* add local variable for backup trust in legacy crypto
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix white space formatting
* remove redundant test
* fix trust check while receiving backup secret
* mock room key version request before storing backup key
* fix decryption key gossip test for untrusted backup info
* rename version to latestBackupVersion to match the doc comments
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove test to stop key gossip when signature mismatch
* remove misleading checkKeyBackupAndEnable doc return comment
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* use requestKeyBackupVersion to get latest version instead of checkKeyBackupAndEnable
* remove comment
* test for backup key gossip when no backup found
* test for backup key gossip when backup request error
* fix lint error
* fix test message typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* refactor repeated test logic into a single reusable function
* improve exceptBackup param and docs
* fix: expect private key inside test
* fix linting
* add return type for backup key retrieve function
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve doc for retrieveBackupPrivateKeyWithDelay
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve expectBackup param description
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix status code and formatting
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove deprecated calls in `webrtc/call.ts`
* Throw error when legacy call was used
* Remove `MatrixClient.initLegacyCrypto` (#4620)
* Remove `MatrixClient.initLegacyCrypto`
* Remove `MatrixClient.initLegacyCrypto` in README.md
* Remove tests using `MatrixClient.initLegacyCrypto`
* Remove legacy crypto support in `sync` api (#4622)
* Remove deprecated `DeviceInfo` in `webrtc/call.ts` (#4654)
* chore(legacy call): Remove `DeviceInfo` usage
* refactor(legacy call): throw `GroupCallUnknownDeviceError` at the end of `initOpponentCrypto`
* Remove deprecated methods and attributes of `MatrixClient` (#4659)
* feat(legacy crypto)!: remove deprecated methods of `MatrixClient`
* test(legacy crypto): update existing tests to not use legacy crypto
- `Embedded.spec.ts`: casting since `encryptAndSendToDevices` is removed from `MatrixClient`.
- `room.spec.ts`: remove deprecated usage of `MatrixClient.crypto`
- `matrix-client.spec.ts` & `matrix-client-methods.spec.ts`: remove calls of deprecated methods of `MatrixClient`
* test(legacy crypto): remove test files using `MatrixClient` deprecated methods
* test(legacy crypto): update existing integ tests to run successfully
* feat(legacy crypto!): remove `ICreateClientOpts.deviceToImport`.
`ICreateClientOpts.deviceToImport` was used in the legacy cryto. The rust crypto doesn't support to import devices in this way.
* feat(legacy crypto!): remove `{get,set}GlobalErrorOnUnknownDevices`
`globalErrorOnUnknownDevices` is not used in the rust-crypto. The API is marked as unstable, we can remove it.
* Remove usage of legacy crypto in `event.ts` (#4666)
* feat(legacy crypto!): remove legacy crypto usage in `event.ts`
* test(legacy crypto): update event.spec.ts to not use legacy crypto types
* Remove legacy crypto export in `matrix.ts` (#4667)
* feat(legacy crypto!): remove legacy crypto export in `matrix.ts`
* test(legacy crypto): update `megolm-backup.spec.ts` to import directly `CryptoApi`
* Remove usage of legacy crypto in integ tests (#4669)
* Clean up legacy stores (#4663)
* feat(legacy crypto!): keep legacy methods used in lib olm migration
The rust cryto needs these legacy stores in order to do the migration from the legacy crypto to the rust crypto. We keep the following methods of the stores:
- Used in `libolm_migration.ts`.
- Needed in the legacy store tests.
- Needed in the rust crypto test migration.
* feat(legacy crypto): extract legacy crypto types in legacy stores
In order to be able to delete the legacy crypto, these stores shouldn't rely on the legacy crypto. We need to extract the used types.
* feat(crypto store): remove `CryptoStore` functions used only by tests
* test(crypto store): use legacy `MemoryStore` type
* Remove deprecated methods of `CryptoBackend` (#4671)
* feat(CryptoBackend)!: remove deprecated methods
* feat(rust-crypto)!: remove deprecated methods of `CryptoBackend`
* test(rust-crypto): remove tests of deprecated methods of `CryptoBackend`
* Remove usage of legacy crypto in `embedded.ts` (#4668)
The interface of `encryptAndSendToDevices` changes because `DeviceInfo` is from the legacy crypto. In fact `encryptAndSendToDevices` only need pairs of userId and deviceId.
* Remove legacy crypto files (#4672)
* fix(legacy store): fix legacy store typing
In https://github.com/matrix-org/matrix-js-sdk/pull/4663, the storeXXX methods were removed of the CryptoStore interface but they are used internally by IndexedDBCryptoStore.
* feat(legacy crypto)!: remove content of `crypto/*` except legacy stores
* test(legacy crypto): remove `spec/unit/crypto/*` except legacy store tests
* refactor: remove unused types
* doc: fix broken link
* doc: remove link tag when typedoc is unable to find the CryptoApi
* Clean up integ test after legacy crypto removal (#4682)
* test(crypto): remove `newBackendOnly` test closure
* test(crypto): fix duplicate test name
* test(crypto): remove `oldBackendOnly` test closure
* test(crypto): remove `rust-sdk` comparison
* test(crypto): remove iteration on `CRYPTO_BACKEND`
* test(crypto): remove old legacy comments and tests
* test(crypto): fix documentations and removed unused expect
* Restore broken link to `CryptoApi` (#4692)
* chore: fix linting and formatting due to merge
* Remove unused crypto type and missing doc (#4696)
* chore(crypto): remove unused types
* doc(crypto): add missing link
* test(call): add test when crypto is enabled
* Update src with globalThis
* Update spec with globalThis
* Replace in more spec/ places
* More changes to src/
* Add a linter rule for global
* Prettify
* lint
* implement verification cancellation info in Rust crypto
* fix type info
* use string cancel code and add test
* simplify code
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Handle backup secret gossip
* use getSecretsFromInbox
* add gossip test
* use delete secret API
* fix logger
* better comment and cleaning
* free the pkSigning
* fix typo
* add missing mocks
* improve coverage
* better var name
* quick refactoring
* add more tests
* Review, format and comments
* refactor move more logic to backup.ts
* poll secret inbox
* missing mock
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* code review
* fix comment
* remove comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* quick factorise
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* very messy poc
* iterate
* more types and use tokenRefreshFunction
* working refresh without persistence
* tidy
* add claims to completeauhtorizationcodegrant response
* export tokenrefresher from matrix
* add idtokenclaims
* add claims to completeauhtorizationcodegrant response
* only one token refresh attempt at a time
* tests
* comments
* add tokenRefresher class
* export generateScope
* export oidc from matrix
* test refreshtoken
* mark experimental
* add getRefreshToken to client
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove some vars in test
* make TokenRefresher un-abstract, comments and improvements
* remove invalid jsdoc
* Update src/oidc/tokenRefresher.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Code review improvements
* fix verification integ tests
* remove unused type from props
* fix incomplete mock fn in fetch.spec
* document TokenRefreshFunction
* comments
* tidying
* update for injected logger
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Element-R: Don't mark QR code verification as done too soon
The rust crypto sdk doesn't actually finish QR code verification until the
`m.key.verification.done` is received, so make sure we don't tell the
application it is done before that happens.
Fixes https://github.com/vector-im/element-web/issues/26293
* ignore fallback line
* Revert unnecessary changes
Can't get the coverage high enough on this and it's not needed.
* Avoid `VerificationRequest.generateQRCode` to crash when QRCode is unavailable
* Add tests `can try to generate a QR code when QR code is not supported`
* Add `CryptoApi.requestVerificationDM`
* Fix RoomMessageRequest url
* Review changes
* Merge fixes
* Add BOB test data
* `requestVerificationDM` test works against old crypto (encrypted verification request)
* Update test data
* Add `CryptoApi.setDeviceVerified`
I need a way to mark devices as trusted for the backup tests.
* More tests
* Simplify E2EKeyResponder.addDeviceKeys
The user and device IDs are in the test data, so no need to pass them in
* Clean up key backup integration test
Make it use the CryptoApi rather than legacy `MatrixClient.crypto`, and use a
pre-signed backup instead of requiring a "blindlySignAnything" method.
* run megolm-backup tests on both crypto stacks
* avoid internal backupManager
* Support for showing QR codes
* Emit `VerificationRequestEvent.Change` events when the verifier changes
* Minor integ test tweaks
* Handle transitions from QR code display to SAS
* Fix naming
* Add a test for `ShowQrCodeCallbacks.cancel`
* Offer `m.qr_code.scan.v1` verification method by default
Normally, the application specifies the supported verification methods when
creating the MatrixClient (and matrix-react-sdk does so). If the application
leaves it unset, then the idea is that the js-sdk offers all known verification
methods.
However, by default, the rust-sdk doesn't specify `m.qr_code.scan.v1`. So
basically, we need to set our own list of supported methods, rather than
relying on the rust-sdk's defaults.
* Factor out base class from `RustSASVerifier`
* Implement QR code scanning
* Update src/rust-crypto/verification.ts
* implement `VerificationRequest.pending`
* Implement `VerificationRequest.timeout`
* Rust crypto: allow using a memory store (#3536)
* Rust crypto: allow using a memory store
It turns out that, for some usecases (in particular, "bot users" for cypress
tests), we don't need persistent storage and an in-memory store will be fine.
* Rust crypto: use a memory store for the unit tests
* Pass `supportedVerificationMethods` into `VerificationRequest`
... so that the application can later call `accept()` and we know what to send.
* Implement `VerificationRequest.accept`
* Implement `VerificationRequest.declining`
* Update src/rust-crypto/verification.ts
* integ tests: factor out some utility methods
* Add `VerificationRequest.startVerification` to replace `beginKeyVerification`
The rust SDK ties together creating the verifier and sending the
`m.key.verification.start` message, so we need to combine
`.beginKeyVerification` and `.verify`.
* add some unit tests
* More slow test fixes
* Create a new event type for verification requests
Previous PRs (https://github.com/matrix-org/matrix-js-sdk/pull/3449, etc) have
pulled out an interface from the `VerificationRequest` class, but applications
registering for the `CryptoEvent.VerificationRequest` event could still be
expecting a fully-fledged class rather than the interface.
To handle this without breaking backwards compat, add a new event type that
carries the interface, not the class.
* Element-R: Implement `CryptoApi.getVerificationRequestsToDeviceInProgress`
* Element-R: Implement `requestOwnUserVerification`
* init aliceClient *after* the fetch interceptors
* Initialise the test client separately for each test
* Avoid running all the tests twice
Currently all of these tests are running twice, with different client
configurations. That's not really adding much value; we just need to run
specific tests that way.
* Factor out functions for building responses
* Return uploaded keys from `/keys/query`
* Basic implementation of SAS verification in Rust
* Update the `verifier` *before* emitting `erificationRequestEvent.Change`
* remove dead code
* Tweaks to the integ test to conform to the spec
Rust is a bit more insistent than legacy crypto...
* Improve documentation on request*Verification
* Check more things in the integration test
* Create an E2EKeyResponder
* Test verification with custom method list
* Add a test for SAS cancellation
* Update spec/integ/crypto/verification.spec.ts
* add a test for incoming verification requests
* Move `VerificationRequestEvent` to crypto-api
* Move `VerificationPhase` to `crypto-api`
* Define `VerificationRequest` interface
* Implement `canAcceptVerificationRequest`
* Add new method `VerificationRequest.getQRCodeBytes`
... which requires fewer complicated classes than the existing `qrCodeData`
* Add new property `VerificationRequest.otherDeviceId`
... to save going via `.channel`
* Add more methods to `VerificationRequest`
... to avoid the need for `channel`
* Use new methods in integration tests
* Add `getShowSasCallbacks`, `getShowQrCodeCallbacks` to VerifierBase
... to avoid some type-casting
* Integration test for QR code verification
Followup to https://github.com/matrix-org/matrix-js-sdk/pull/3436: another
integration test, this time using the QR code flow
* Rename method
... it turns out not to be used quite as I thought.
* tests for new methods
* Use Object.defineProperty, and restore afterwards
Apparently global.crypto exists in some environments
* apply ts-ignore
* More test coverage
* fix bad merge
* Integration test for QR code verification
Followup to https://github.com/matrix-org/matrix-js-sdk/pull/3436: another
integration test, this time using the QR code flow
* Use Object.defineProperty, and restore afterwards
Apparently global.crypto exists in some environments
* apply ts-ignore
* remove stray comment
* Update spec/integ/crypto/verification.spec.ts
* Move existing crypto integ tests into a subdirectory
* Factor out some common bits from `crypto.spec.ts`
* Integration test for device verification
* Ignore generated file in prettier