* Save the key backup key to secret storage
When setting up secret storage, if we have a key backup key in cache
(like we do for the cross signing secrets).
* Add test
* Get the key directly from the olmMachine
saves converting it needlessly into a buffer to turn it back into
a base64 string
* Overwrite backup keyin storage if different
* Fix test
* Add integ test
* Test failure case for sonar
* Unused import
* Missed return
* Also check active backup version
* Update src with globalThis
* Update spec with globalThis
* Replace in more spec/ places
* More changes to src/
* Add a linter rule for global
* Prettify
* lint
* Add CryptoApi. encryptToDeviceMessages
Deprecate Crypto. encryptAndSendToDevices and MatrixClient. encryptAndSendToDevices
* Overload MatrixClient. encryptAndSendToDevices instead of deprecating
* Revert "Overload MatrixClient. encryptAndSendToDevices instead of deprecating"
This reverts commit 6a0d8e2638.
* Feedback from code review
* Use temporary pre-release build of @matrix-org/matrix-sdk-crypto-wasm
* Deduplicate user IDs
* Test for RustCrypto implementation
* Use ensureSessionsForUsers()
* Encrypt to-device messages in parallel
* Use release version of matrix-sdk-crypto-wasm
* Upgrade matrix-sdk-crypto-wasm to v8
* Sync with develop
* Add test for olmlib CryptoApi
* Fix link
* Feedback from review
* Move libolm implementation to better place in file
* FIx doc
* Integration test
* Make sure test device is known to client
* Feedback from review
* Move used Crypto event into crypto api
* Use new crypto events in rust crypto
* Remove `WillUpdateDevices` event from CryptoApi
* Use new crypto events in old crypto events
* Compute type of CryptoEvent enum
* Rename CryptoEvent and CryptoEventHandlerMap as legacy
* - Rename `RustCryptoEvent` as `CryptoEvent`
- Declare `CryptoEventHandlerMap` into the crypto api
* Add `WillUpdateDevices` back to new crypto events to avoid circular imports between old crypto and the cryto api
* Extends old crypto handler map with the new crypto map
* Review fixes
* Add more explicit documentations
* Move `SecretEncryptedPayload` in `src/utils/@types`
* Move `encryptAES` to a dedicated file. Moved in a utils folder.
* Move `deriveKeys` to a dedicated file in order to share it
* Move `decryptAES` to a dedicated file. Moved in a utils folder.
* Move `calculateKeyCheck` to a dedicated file. Moved in a utils folder.
* Remove AES functions in `aes.ts` and export new ones for backward compatibility
* Update import to use new functions
* Add `src/utils` entrypoint in `README.md`
* - Rename `SecretEncryptedPayload` to `AESEncryptedSecretStoragePayload`.
- Move into `src/@types`
* Move `calculateKeyCheck` into `secret-storage.ts`.
* Move `deriveKeys` into `src/utils/internal` folder.
* - Rename `encryptAES` on `encryptAESSecretStorageItem`
- Change named export by default export
* - Rename `decryptAES` on `decryptAESSecretStorageItem`
- Change named export by default export
* Update documentation
* Update `decryptAESSecretStorageItem` doc
* Add lnk to spec for `calculateKeyCheck`
* Fix downstream tests
* crypto: configure key sharing strategy based on deviceIsolationMode
fix eslint import error
cryptoMode was renamed to deviceIsolationMode
post rebase fix: Device Isolation mode name changes
* Fix outdated docs referring to old cryptomode
* code review: better comment for globalBlacklistUnverifiedDevices option
* RoomEncryptor: Use appropriate default for getBlacklistUnverifiedDevices
* do not provide a default value for DeviceIsolationMode for encryption
* Update src/rust-crypto/RoomEncryptor.ts
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Implement `UserVerificationStatus.needsUserApproval`
Expose the `identityNeedsUserApproval` flag from the rust crypto crate.
* Add CryptoApi.pinCurrentUserIdentity
Expose `pinCurrentMasterKey` from the rust crypto api.
* Test data: add second cross-signing key for Bob
* Add tests for verification status
* Restructure eventsPendingKey to remove sender key
For withheld notices, we don't necessarily receive the sender key, so we'll
jhave to do without it.
* Re-decrypt events when we receive a withheld notice
* Extend test to cover late-arriving withheld notices
* update unit tests
* Add crypto methods for OIDC QR code login
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert test due to hang inside Rust.
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Slightly more involved than normal because it requires us to pass a backup version into OlmMachine.importBackedUpRoomKeys.
On the other hand we can now re-enable the test that was disabled in #4214 due to matrix-org/matrix-rust-sdk#3447Fixes: element-hq/element-web#27165
* `initRustCrypto`: allow app to pass in the store key directly
... instead of using the pickleKey. This allows us to avoid a slow PBKDF
operation.
* Fix link in doc-comment
* Add `PerSessionKeyBackupDownloader.isKeyBackupDownloadConfigured()`
* Add new `RustBackupManager.getServerBackupInfo`
... and a convenience method in PerSessionKeyBackupDownloader to access it.
* Crypto.spec: move `useRealTimers` to global `afterEach`
... so that we don't need to remember to do it everywhere.
* Use fake timers for UTD error code tests
This doesn't have any effect on the tests, but *does* stop jest from hanging
when you run the tests in in-band mode. It shouldn't *really* be needed, but
using fake timers gives more reproducible tests, and I don't have the
time/patience to debug why it is needed.
* Use new error codes for UTDs from historical events
* Migrate own identity trust to rust crypto
* Fix gendoc not happy if msk of IDownloadKeyResult has a signature
* add missing mock
* code review
* Code review
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review move function down in file
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Cleaning tests, renaming
* Review: better comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Comment paragraphs
* retry until initial key query is successfull
* Validate backup private key before migrating it
* post merge fix
* Fix test, missing mock
* Use crypto wasm instead of lib olm to check backup key
* typo
* code review
* quick lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* initial implementation of device dehydration
* add dehydrated flag for devices
* add missing dehydration.ts file, add test, add function to schedule dehydration
* add more dehydration utility functions
* stop scheduled dehydration when crypto stops
* bump matrix-crypto-sdk-wasm version, and fix tests
* adding dehydratedDevices member to mock OlmDevice isn't necessary any more
* fix yarn lock file
* more tests
* fix test
* more tests
* fix typo
* fix logic for checking if dehydration supported
* make changes from review
* add missing file
* move setup into another function
* apply changes from review
* implement simpler API
* fix type and move the code to the right spot
* apply suggestions from review
* make sure that cross-signing and secret storage are set up
* Introduce Membership TS type
* Adapt the Membership TS type to be an enum
* Add docstrings for KnownMembership and Membership
* Move Membership types into a separate file, exported from types.ts
---------
Co-authored-by: Stanislav Demydiuk <s.demydiuk@gmail.com>
* Add basic retry for outgoing requests
* Update doc
* Remove 504 from retryable
* Retry all 5xx and clarify client timeouts
* code review cleaning
* do not retry rust request if M_TOO_LARGE
* refactor use common retry alg between scheduler and rust requests
* Code review, cleaning and doc
* Rust crypto: handle the SAS verifier being replaced
* lint
* make changes from review
* apply changes from code review
* remove useless assertions
* wrap acceptance inside a try-catch, and factor out acceptance into a function
* fix bugs
* we don't actually need the .accept variable
* move setInner to inside SAS class, and rename to replaceInner
* use defer to avoid using a closure
* lint
* prettier
* use the right name
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* combine onChangeCallback with onChange
* apply changes from review
* add test for QR code verification, and try changing order in onChange
* lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* rust-crypto: allow reporting failures when restoring keys
* add test and catch more invalid keys
* remove checks for room_id and session_id as they are guaranteed to be set
* remove obsolete comment
* ElementR | backup: call expensive `roomKeyCounts` less often
* review: Improve doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review: Improve loop
* review: Add comment regarding slightly outdated remaining count
* Review: doc fix typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review: refactor code order, count after doing the request
* review: Missing await on sleep for limit exceeded
* review: Comment | add a note for when performance drops
* Backup: add upload loop test for rust
* test: quick fix backup loop tests
* test: quick fix imports backup loop tests
* review: improve comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review improve comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Clean and improve tests
* fix: wrong test name
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Decrypt and Import full backups in chunk with progress
* backup chunk decryption jsdoc
* Review: fix capitalization
* review: better var name
* review: fix better iterate on object
* review: extract utility function
* review: Improve test, ensure mock calls
* review: Add more test for decryption or import failures
* Review: fix typo
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
---------
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
* Fix `CryptoStore.countEndToEndSessions`
This was apparently never tested, and was implemented incorrectly.
* Add `CryptoStore.countEndToEndInboundGroupSessions`
* Emit events to indicate migration progress
* Use a `StoreHandle` to init OlmMachine
This will be faster if we need to prepare the store.
* Include "needsBackup" flag in inbound group session batches
* On startup, import data from libolm cryptostore
* ISessionExtended -> SessionExtended
* `getOwnDeviceKeys`: use `olmMachine.identityKeys`
This is simpler, and doesn't rely on us having done a device query to work.
* Factor out `requestKeyBackupVersion` utility
* Factor out `makeMatrixHttpApi` function
* Convert `initRustCrypto` to take a params object
* Improve logging in startup
... to help figure out what is taking so long.
* initial commit
* new interation test
* more comments
* fix test, quick refactor on request version
* cleaning and logs
* fix type
* cleaning
* remove delegate stuff
* remove events and use timer mocks
* fix import
* ts ignore in tests
* Quick cleaning
* code review
* Use Errors instead of Results
* cleaning
* review
* remove forceCheck as not useful
* bad naming
* inline pauseLoop
* mark as paused in finally
* code review
* post merge fix
* rename KeyDownloadRateLimit
* use same config in loop and pass along
* don't back up keys that we got from backup
* lint
* lint again
* remove key source struct and add function for importing from backup
* apply changes from review
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Bump matrix-sdk-crypto-wasm to 3.0.0
... which changes the API of `bootstrapCrossSigning` a bit.
* Fix class names in test
* fix brokenness in bootstrapCrossSigning
* Bump to `matrix-sdk-crypto-wasm` 3.0.1
