* Save the key backup key to secret storage
When setting up secret storage, if we have a key backup key in cache
(like we do for the cross signing secrets).
* Add test
* Get the key directly from the olmMachine
saves converting it needlessly into a buffer to turn it back into
a base64 string
* Overwrite backup keyin storage if different
* Fix test
* Add integ test
* Test failure case for sonar
* Unused import
* Missed return
* Also check active backup version
* Add CryptoApi. encryptToDeviceMessages
Deprecate Crypto. encryptAndSendToDevices and MatrixClient. encryptAndSendToDevices
* Overload MatrixClient. encryptAndSendToDevices instead of deprecating
* Revert "Overload MatrixClient. encryptAndSendToDevices instead of deprecating"
This reverts commit 6a0d8e2638.
* Feedback from code review
* Use temporary pre-release build of @matrix-org/matrix-sdk-crypto-wasm
* Deduplicate user IDs
* Test for RustCrypto implementation
* Use ensureSessionsForUsers()
* Encrypt to-device messages in parallel
* Use release version of matrix-sdk-crypto-wasm
* Upgrade matrix-sdk-crypto-wasm to v8
* Sync with develop
* Add test for olmlib CryptoApi
* Fix link
* Feedback from review
* Move libolm implementation to better place in file
* FIx doc
* Integration test
* Make sure test device is known to client
* Feedback from review
* Move used Crypto event into crypto api
* Use new crypto events in rust crypto
* Remove `WillUpdateDevices` event from CryptoApi
* Use new crypto events in old crypto events
* Compute type of CryptoEvent enum
* Rename CryptoEvent and CryptoEventHandlerMap as legacy
* - Rename `RustCryptoEvent` as `CryptoEvent`
- Declare `CryptoEventHandlerMap` into the crypto api
* Add `WillUpdateDevices` back to new crypto events to avoid circular imports between old crypto and the cryto api
* Extends old crypto handler map with the new crypto map
* Review fixes
* Add more explicit documentations
* Move `SecretEncryptedPayload` in `src/utils/@types`
* Move `encryptAES` to a dedicated file. Moved in a utils folder.
* Move `deriveKeys` to a dedicated file in order to share it
* Move `decryptAES` to a dedicated file. Moved in a utils folder.
* Move `calculateKeyCheck` to a dedicated file. Moved in a utils folder.
* Remove AES functions in `aes.ts` and export new ones for backward compatibility
* Update import to use new functions
* Add `src/utils` entrypoint in `README.md`
* - Rename `SecretEncryptedPayload` to `AESEncryptedSecretStoragePayload`.
- Move into `src/@types`
* Move `calculateKeyCheck` into `secret-storage.ts`.
* Move `deriveKeys` into `src/utils/internal` folder.
* - Rename `encryptAES` on `encryptAESSecretStorageItem`
- Change named export by default export
* - Rename `decryptAES` on `decryptAESSecretStorageItem`
- Change named export by default export
* Update documentation
* Update `decryptAESSecretStorageItem` doc
* Add lnk to spec for `calculateKeyCheck`
* Fix downstream tests
* Implement `UserVerificationStatus.needsUserApproval`
Expose the `identityNeedsUserApproval` flag from the rust crypto crate.
* Add CryptoApi.pinCurrentUserIdentity
Expose `pinCurrentMasterKey` from the rust crypto api.
* Test data: add second cross-signing key for Bob
* Add tests for verification status
* Restructure eventsPendingKey to remove sender key
For withheld notices, we don't necessarily receive the sender key, so we'll
jhave to do without it.
* Re-decrypt events when we receive a withheld notice
* Extend test to cover late-arriving withheld notices
* update unit tests
* Add crypto methods for OIDC QR code login
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert test due to hang inside Rust.
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Slightly more involved than normal because it requires us to pass a backup version into OlmMachine.importBackedUpRoomKeys.
On the other hand we can now re-enable the test that was disabled in #4214 due to matrix-org/matrix-rust-sdk#3447Fixes: element-hq/element-web#27165
* `initRustCrypto`: allow app to pass in the store key directly
... instead of using the pickleKey. This allows us to avoid a slow PBKDF
operation.
* Fix link in doc-comment
* Migrate own identity trust to rust crypto
* Fix gendoc not happy if msk of IDownloadKeyResult has a signature
* add missing mock
* code review
* Code review
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review move function down in file
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Cleaning tests, renaming
* Review: better comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Comment paragraphs
* retry until initial key query is successfull
* Validate backup private key before migrating it
* post merge fix
* Fix test, missing mock
* Use crypto wasm instead of lib olm to check backup key
* typo
* code review
* quick lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* initial implementation of device dehydration
* add dehydrated flag for devices
* add missing dehydration.ts file, add test, add function to schedule dehydration
* add more dehydration utility functions
* stop scheduled dehydration when crypto stops
* bump matrix-crypto-sdk-wasm version, and fix tests
* adding dehydratedDevices member to mock OlmDevice isn't necessary any more
* fix yarn lock file
* more tests
* fix test
* more tests
* fix typo
* fix logic for checking if dehydration supported
* make changes from review
* add missing file
* move setup into another function
* apply changes from review
* implement simpler API
* fix type and move the code to the right spot
* apply suggestions from review
* make sure that cross-signing and secret storage are set up
* rust-crypto: allow reporting failures when restoring keys
* add test and catch more invalid keys
* remove checks for room_id and session_id as they are guaranteed to be set
* remove obsolete comment
* Decrypt and Import full backups in chunk with progress
* backup chunk decryption jsdoc
* Review: fix capitalization
* review: better var name
* review: fix better iterate on object
* review: extract utility function
* review: Improve test, ensure mock calls
* review: Add more test for decryption or import failures
* Review: fix typo
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
---------
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
* Fix `CryptoStore.countEndToEndSessions`
This was apparently never tested, and was implemented incorrectly.
* Add `CryptoStore.countEndToEndInboundGroupSessions`
* Emit events to indicate migration progress
* Use a `StoreHandle` to init OlmMachine
This will be faster if we need to prepare the store.
* Include "needsBackup" flag in inbound group session batches
* On startup, import data from libolm cryptostore
* ISessionExtended -> SessionExtended
* `getOwnDeviceKeys`: use `olmMachine.identityKeys`
This is simpler, and doesn't rely on us having done a device query to work.
* Factor out `requestKeyBackupVersion` utility
* Factor out `makeMatrixHttpApi` function
* Convert `initRustCrypto` to take a params object
* Improve logging in startup
... to help figure out what is taking so long.
* don't back up keys that we got from backup
* lint
* lint again
* remove key source struct and add function for importing from backup
* apply changes from review
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix members loaded on intitial sync
* Update test to use KeyResponder
* Use E2EKeyResponder
* code review
* better comment
* fix test
* post merge fix
* fix imports
* refactoring, better names
* code review
* clean tests
* Cleanups per review comments
* fix test
* Apply suggestions from code review
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add current version of the rust-sdk and vodozemac
* Return OlmVersion in `CryptoApi#getVersion` for old crypto
* Add `Olm` prefix
* Fix documentation
* Review changes
* Handle backup secret gossip
* use getSecretsFromInbox
* add gossip test
* use delete secret API
* fix logger
* better comment and cleaning
* free the pkSigning
* fix typo
* add missing mocks
* improve coverage
* better var name
* quick refactoring
* add more tests
* Review, format and comments
* refactor move more logic to backup.ts
* poll secret inbox
* missing mock
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* code review
* fix comment
* remove comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* quick factorise
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Support MatrixClient-specific loggers.
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* Use client-specific logger in client.ts.
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* Log `fetch` requests to the per-client logger
* Use client-specific logger in rust-crypto
* `RustBackupManager.getActiveBackupVersion`: check that backup is enabled
The previous check on `isBackupEnabled` was a no-op
* Fix log spam on shieldless events
* Reduce log spam about tracking users
* Reduce log spam about decrypting events
Logging the entire event is excessive
* Element-R: use the pickleKey to encrypt the crypto store
`pickleKey` is a passphrase set by the application for this express purpose.
* update tests
* fix tests, again
* Emit a `UserTrustStatusChanged` when user identity is updated
* Remove redundant `onCrossSigningKeysImport` callback
This now happens as a side-effect of importing the keys.
* bump to alpha release of matrix-rust-sdk-crypto-wasm
* fixup! Remove redundant `onCrossSigningKeysImport` callback
* Fix potential delay in sending out requests from the rust SDK
There was a potential race which could cause us to be very slow to send out
pending HTTP requests, particularly when handling a user verification. Add some
resiliece to make sure we handle it correctly.
* add comments
* Add a unit test
---------
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
