* Add disableKeyStorage() to crypto API
As an all-in-one method for deleting all server side key storage on
the user's account (as the doc hopefully explains).
* Add test
* const
* Can't be disabled here
* Bump rust sdk to 14.0.0
* Remove duplicate type declarations
These now match the types in the underlying library, so can be removed.
* bump to 14.0.1
* Use new `OutgoingRequest` type from wasm library
* fix types
* update lockfile
* report key import progress on start and improve types
* fix lint
* add documentation for exported types
* link `ImportRoomKeyProgressData` type in `ImportRoomKeyStage`
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* link `ImportRoomKeyFetchProgress` in fetch stage doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* link `ImportRoomKeyLoadProgress` in load_keys stage
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* link `ImportRoomKeyProgressData` in `ImportRoomKeyFetchProgress` type doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* link `ImportRoomKeyProgressData` in `ImportRoomKeyLoadProgress` type doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* link `ImportRoomKeyStage.Fetch`
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* convert `ImportRoomKeyStage.LoadKeys` to link in `ImportRoomKeyLoadProgress` stage doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove whitespace
* improve `ImportRoomKeyStage.Fetch` stage doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve `ImportRoomKeyStage.LoadKeys ` stage doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Simplify bootstrapSecretStorage logic
might as well just export the keys immediately, rather than having multiple
tests.
* Clean up typescript types related to rust crypto
A forthcoming release of matrix-rust-sdk-crypto-wasm tightens up a number of
typescript types. In preparation, we need to get our house in order too.
* Remove deprecated calls in `webrtc/call.ts`
* Throw error when legacy call was used
* Remove `MatrixClient.initLegacyCrypto` (#4620)
* Remove `MatrixClient.initLegacyCrypto`
* Remove `MatrixClient.initLegacyCrypto` in README.md
* Remove tests using `MatrixClient.initLegacyCrypto`
* Remove legacy crypto support in `sync` api (#4622)
* Remove deprecated `DeviceInfo` in `webrtc/call.ts` (#4654)
* chore(legacy call): Remove `DeviceInfo` usage
* refactor(legacy call): throw `GroupCallUnknownDeviceError` at the end of `initOpponentCrypto`
* Remove deprecated methods and attributes of `MatrixClient` (#4659)
* feat(legacy crypto)!: remove deprecated methods of `MatrixClient`
* test(legacy crypto): update existing tests to not use legacy crypto
- `Embedded.spec.ts`: casting since `encryptAndSendToDevices` is removed from `MatrixClient`.
- `room.spec.ts`: remove deprecated usage of `MatrixClient.crypto`
- `matrix-client.spec.ts` & `matrix-client-methods.spec.ts`: remove calls of deprecated methods of `MatrixClient`
* test(legacy crypto): remove test files using `MatrixClient` deprecated methods
* test(legacy crypto): update existing integ tests to run successfully
* feat(legacy crypto!): remove `ICreateClientOpts.deviceToImport`.
`ICreateClientOpts.deviceToImport` was used in the legacy cryto. The rust crypto doesn't support to import devices in this way.
* feat(legacy crypto!): remove `{get,set}GlobalErrorOnUnknownDevices`
`globalErrorOnUnknownDevices` is not used in the rust-crypto. The API is marked as unstable, we can remove it.
* Remove usage of legacy crypto in `event.ts` (#4666)
* feat(legacy crypto!): remove legacy crypto usage in `event.ts`
* test(legacy crypto): update event.spec.ts to not use legacy crypto types
* Remove legacy crypto export in `matrix.ts` (#4667)
* feat(legacy crypto!): remove legacy crypto export in `matrix.ts`
* test(legacy crypto): update `megolm-backup.spec.ts` to import directly `CryptoApi`
* Remove usage of legacy crypto in integ tests (#4669)
* Clean up legacy stores (#4663)
* feat(legacy crypto!): keep legacy methods used in lib olm migration
The rust cryto needs these legacy stores in order to do the migration from the legacy crypto to the rust crypto. We keep the following methods of the stores:
- Used in `libolm_migration.ts`.
- Needed in the legacy store tests.
- Needed in the rust crypto test migration.
* feat(legacy crypto): extract legacy crypto types in legacy stores
In order to be able to delete the legacy crypto, these stores shouldn't rely on the legacy crypto. We need to extract the used types.
* feat(crypto store): remove `CryptoStore` functions used only by tests
* test(crypto store): use legacy `MemoryStore` type
* Remove deprecated methods of `CryptoBackend` (#4671)
* feat(CryptoBackend)!: remove deprecated methods
* feat(rust-crypto)!: remove deprecated methods of `CryptoBackend`
* test(rust-crypto): remove tests of deprecated methods of `CryptoBackend`
* Remove usage of legacy crypto in `embedded.ts` (#4668)
The interface of `encryptAndSendToDevices` changes because `DeviceInfo` is from the legacy crypto. In fact `encryptAndSendToDevices` only need pairs of userId and deviceId.
* Remove legacy crypto files (#4672)
* fix(legacy store): fix legacy store typing
In https://github.com/matrix-org/matrix-js-sdk/pull/4663, the storeXXX methods were removed of the CryptoStore interface but they are used internally by IndexedDBCryptoStore.
* feat(legacy crypto)!: remove content of `crypto/*` except legacy stores
* test(legacy crypto): remove `spec/unit/crypto/*` except legacy store tests
* refactor: remove unused types
* doc: fix broken link
* doc: remove link tag when typedoc is unable to find the CryptoApi
* Clean up integ test after legacy crypto removal (#4682)
* test(crypto): remove `newBackendOnly` test closure
* test(crypto): fix duplicate test name
* test(crypto): remove `oldBackendOnly` test closure
* test(crypto): remove `rust-sdk` comparison
* test(crypto): remove iteration on `CRYPTO_BACKEND`
* test(crypto): remove old legacy comments and tests
* test(crypto): fix documentations and removed unused expect
* Restore broken link to `CryptoApi` (#4692)
* chore: fix linting and formatting due to merge
* Remove unused crypto type and missing doc (#4696)
* chore(crypto): remove unused types
* doc(crypto): add missing link
* test(call): add test when crypto is enabled
* fix(crypto): `resetEncryption` remove secrets in 4S
Remove the cross signing keys and the backup decryption key of the 4S when calling `resetEncryption`
* test(crypto): expect secrets to be deleted in 4S when `resetEncryption` is called
* test(secret storage): add test case when the secret is set at null
* fix(crypto): remove default key in 4S
* test(crypto): default key should be removed from 4S
* feat(dehydrated): Use the dehydrated key cache API
* feat(dehydrated): Add signalling to device dehydration manager
* feat(dehydrated): fix unneeded call getCachedKey
* Upgrade to `matrix-sdk-crypto-wasm` v13.0.0
* review: quick fix and doc
* apply changes from review
* apply changes from review
* fix comment
* add some tests and emit an event on rehydration failure
* factor out event counter into a test util, since it may be useful elsewhere
* adjust test to cover a few more lines
* fix documentation
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix missing bracket
* add test for getting the dehydration key from SSSS
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Use mapped types around account data events
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Harden types for reading account data too
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Correct empty object type
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update src/secret-storage.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Save the key backup key to secret storage
When setting up secret storage, if we have a key backup key in cache
(like we do for the cross signing secrets).
* Add test
* Get the key directly from the olmMachine
saves converting it needlessly into a buffer to turn it back into
a base64 string
* Overwrite backup keyin storage if different
* Fix test
* Add integ test
* Test failure case for sonar
* Unused import
* Missed return
* Also check active backup version
* Update src with globalThis
* Update spec with globalThis
* Replace in more spec/ places
* More changes to src/
* Add a linter rule for global
* Prettify
* lint
* Add CryptoApi. encryptToDeviceMessages
Deprecate Crypto. encryptAndSendToDevices and MatrixClient. encryptAndSendToDevices
* Overload MatrixClient. encryptAndSendToDevices instead of deprecating
* Revert "Overload MatrixClient. encryptAndSendToDevices instead of deprecating"
This reverts commit 6a0d8e26385c34d40e8c2ed1e34cb5119c12456c.
* Feedback from code review
* Use temporary pre-release build of @matrix-org/matrix-sdk-crypto-wasm
* Deduplicate user IDs
* Test for RustCrypto implementation
* Use ensureSessionsForUsers()
* Encrypt to-device messages in parallel
* Use release version of matrix-sdk-crypto-wasm
* Upgrade matrix-sdk-crypto-wasm to v8
* Sync with develop
* Add test for olmlib CryptoApi
* Fix link
* Feedback from review
* Move libolm implementation to better place in file
* FIx doc
* Integration test
* Make sure test device is known to client
* Feedback from review
* Move used Crypto event into crypto api
* Use new crypto events in rust crypto
* Remove `WillUpdateDevices` event from CryptoApi
* Use new crypto events in old crypto events
* Compute type of CryptoEvent enum
* Rename CryptoEvent and CryptoEventHandlerMap as legacy
* - Rename `RustCryptoEvent` as `CryptoEvent`
- Declare `CryptoEventHandlerMap` into the crypto api
* Add `WillUpdateDevices` back to new crypto events to avoid circular imports between old crypto and the cryto api
* Extends old crypto handler map with the new crypto map
* Review fixes
* Add more explicit documentations
* Move `SecretEncryptedPayload` in `src/utils/@types`
* Move `encryptAES` to a dedicated file. Moved in a utils folder.
* Move `deriveKeys` to a dedicated file in order to share it
* Move `decryptAES` to a dedicated file. Moved in a utils folder.
* Move `calculateKeyCheck` to a dedicated file. Moved in a utils folder.
* Remove AES functions in `aes.ts` and export new ones for backward compatibility
* Update import to use new functions
* Add `src/utils` entrypoint in `README.md`
* - Rename `SecretEncryptedPayload` to `AESEncryptedSecretStoragePayload`.
- Move into `src/@types`
* Move `calculateKeyCheck` into `secret-storage.ts`.
* Move `deriveKeys` into `src/utils/internal` folder.
* - Rename `encryptAES` on `encryptAESSecretStorageItem`
- Change named export by default export
* - Rename `decryptAES` on `decryptAESSecretStorageItem`
- Change named export by default export
* Update documentation
* Update `decryptAESSecretStorageItem` doc
* Add lnk to spec for `calculateKeyCheck`
* Fix downstream tests
* crypto: configure key sharing strategy based on deviceIsolationMode
fix eslint import error
cryptoMode was renamed to deviceIsolationMode
post rebase fix: Device Isolation mode name changes
* Fix outdated docs referring to old cryptomode
* code review: better comment for globalBlacklistUnverifiedDevices option
* RoomEncryptor: Use appropriate default for getBlacklistUnverifiedDevices
* do not provide a default value for DeviceIsolationMode for encryption
* Update src/rust-crypto/RoomEncryptor.ts
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Implement `UserVerificationStatus.needsUserApproval`
Expose the `identityNeedsUserApproval` flag from the rust crypto crate.
* Add CryptoApi.pinCurrentUserIdentity
Expose `pinCurrentMasterKey` from the rust crypto api.
* Test data: add second cross-signing key for Bob
* Add tests for verification status
* Restructure eventsPendingKey to remove sender key
For withheld notices, we don't necessarily receive the sender key, so we'll
jhave to do without it.
* Re-decrypt events when we receive a withheld notice
* Extend test to cover late-arriving withheld notices
* update unit tests
* Add crypto methods for OIDC QR code login
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert test due to hang inside Rust.
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Slightly more involved than normal because it requires us to pass a backup version into OlmMachine.importBackedUpRoomKeys.
On the other hand we can now re-enable the test that was disabled in #4214 due to matrix-org/matrix-rust-sdk#3447Fixes: element-hq/element-web#27165
* `initRustCrypto`: allow app to pass in the store key directly
... instead of using the pickleKey. This allows us to avoid a slow PBKDF
operation.
* Fix link in doc-comment
* Add `PerSessionKeyBackupDownloader.isKeyBackupDownloadConfigured()`
* Add new `RustBackupManager.getServerBackupInfo`
... and a convenience method in PerSessionKeyBackupDownloader to access it.
* Crypto.spec: move `useRealTimers` to global `afterEach`
... so that we don't need to remember to do it everywhere.
* Use fake timers for UTD error code tests
This doesn't have any effect on the tests, but *does* stop jest from hanging
when you run the tests in in-band mode. It shouldn't *really* be needed, but
using fake timers gives more reproducible tests, and I don't have the
time/patience to debug why it is needed.
* Use new error codes for UTDs from historical events
* Migrate own identity trust to rust crypto
* Fix gendoc not happy if msk of IDownloadKeyResult has a signature
* add missing mock
* code review
* Code review
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review move function down in file
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Cleaning tests, renaming
* Review: better comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Comment paragraphs
* retry until initial key query is successfull
* Validate backup private key before migrating it
* post merge fix
* Fix test, missing mock
* Use crypto wasm instead of lib olm to check backup key
* typo
* code review
* quick lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* initial implementation of device dehydration
* add dehydrated flag for devices
* add missing dehydration.ts file, add test, add function to schedule dehydration
* add more dehydration utility functions
* stop scheduled dehydration when crypto stops
* bump matrix-crypto-sdk-wasm version, and fix tests
* adding dehydratedDevices member to mock OlmDevice isn't necessary any more
* fix yarn lock file
* more tests
* fix test
* more tests
* fix typo
* fix logic for checking if dehydration supported
* make changes from review
* add missing file
* move setup into another function
* apply changes from review
* implement simpler API
* fix type and move the code to the right spot
* apply suggestions from review
* make sure that cross-signing and secret storage are set up
* Introduce Membership TS type
* Adapt the Membership TS type to be an enum
* Add docstrings for KnownMembership and Membership
* Move Membership types into a separate file, exported from types.ts
---------
Co-authored-by: Stanislav Demydiuk <s.demydiuk@gmail.com>
* Migrate own identity trust to rust crypto
* Fix gendoc not happy if msk of IDownloadKeyResult has a signature
* add missing mock
* code review
* Code review
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review move function down in file
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Cleaning tests, renaming
* Review: better comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Comment paragraphs
* retry until initial key query is successfull
* review quick nits
* missing mock in test
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add basic retry for outgoing requests
* Update doc
* Remove 504 from retryable
* Retry all 5xx and clarify client timeouts
* code review cleaning
* do not retry rust request if M_TOO_LARGE
* refactor use common retry alg between scheduler and rust requests
* Code review, cleaning and doc
* Rust crypto: handle the SAS verifier being replaced
* lint
* make changes from review
* apply changes from code review
* remove useless assertions
* wrap acceptance inside a try-catch, and factor out acceptance into a function
* fix bugs
* we don't actually need the .accept variable
* move setInner to inside SAS class, and rename to replaceInner
* use defer to avoid using a closure
* lint
* prettier
* use the right name
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* combine onChangeCallback with onChange
* apply changes from review
* add test for QR code verification, and try changing order in onChange
* lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* rust-crypto: allow reporting failures when restoring keys
* add test and catch more invalid keys
* remove checks for room_id and session_id as they are guaranteed to be set
* remove obsolete comment
