Fixes https://github.com/element-hq/element-web/issues/29882
When we ask for the in-progress verification requests, exclude requests
that have been cancelled. This means that we don't erroneously tell the
user that the new request they are about to create has been cancelled.
* Update matrix-sdk-crypto-wasm to 15.2.0
Most relevant changes:
- History sharing: improve efficiency of building key bundle
([matrix-rust-sdk#5513](https://github.com/matrix-org/matrix-rust-sdk/issues/5513))
* Work around matrix-rust-sdk#5643
Modify the message content coming from Rust API to include the missing
property `msgtype: m.key.verification.request`
* tests: Cross-signing keys support in `E2EKeyReceiver`
Have `E2EKeyReceiver` collect uploaded cross-signing keys, so that they can be
returned by `E2EKeyResponder`.
* tests: Signature upload support in `E2EKeyReceiver`
Have `E2EKeyReceiver` collect uploaded device signatures, so that they can be
returned by `E2EKeyResponder`.
* tests: Implement `E2EOTKClaimResponder` class
A new test helper, which intercepts `/keys/claim`, allowing clients under test
to claim OTKs uploaded by other devices.
* Expose experimental settings for encrypted history sharing
Add options to `MatrixClient.invite` and `MatrixClient.joinRoom` to share and
accept encrypted history on invite, per MSC4268.
* Clarify pre-join-membership logic
* Improve tests
* Update spec/integ/crypto/cross-signing.spec.ts
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* test: add a flushPromises
this seems to be needed because `initRustCrypto` now ends up doing slightly
less awaiting
* Support new `ShieldStateCode.MismatchedSender`
* Update to matrix-sdk-crypto-wasm 15.1.0
* Add `waitFor` and use it instead of `flushPromises`
* minor lints and fixes
* another lint fix
* Use client logger for `RustBackupManager`
* use client logger in `CrossSigningIdentity`
* use client logger in `OutgoingRequestProcessor`
* RoomEncryptor: use correct logger for logDuration
use the logger for this specific event, rather than the more general one for the room
* Use client logger in `RoomEncryptor`
* crypto: Add new ClientEvent.ReceivedToDeviceMessage
refactor rename ProcessedToDeviceEvent to ReceivedToDeviceEvent
* fix: Restore legacy isEncrypted() for to-device messages
* Update test for new preprocessToDeviceMessages API
* quick fix on doc
* quick update docs and renaming
* review: Better doc and names for OlmEncryptionInfo
* review: Remove IToDeviceMessage alias and only keep IToDeviceEvent
* review: improve comments of processToDeviceMessages
* review: pass up encrypted event when no crypto callbacks
* review: use single payload for ReceivedToDeviceMessage
* fix linter
* review: minor comment update
* Switch sliding sync support to simplified sliding sync
Experimental PR to test js-sdk with simlified sliding sync.
This does not maintain support for regulaer sliding sync.
* Remove txn_id handling, ensure we always resend when req params change
* Fix some tests
* Fix remaining tests
* Mark TODOs on tests which need to die
* Linting
* Make comments lie less
* void
* Always sent full extension request
* Fix test
* Remove usage of deprecated field
* Hopefully fix DM names
* Refactor how heroes are handled in Room
* Fix how heroes work
* Linting
* Ensure that when SSS omits heroes we don't forget we had heroes
Otherwise when the room next appears the name/avatar reset to
'Empty Room' with no avatar.
* Check the right flag when doing timeline trickling
* Also change when the backpagination token is set
* Remove list ops and server-provided sort positions
SSS doesn't have them.
* Linting
* Add Room.bumpStamp
* Update crypto wasm lib
For new functions
* Add performance logging
* Fix breaking change in crypto wasm v8
* Update crypto wasm for breaking changes
See https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm/releases/tag/v8.0.0
for how this was mapped from the previous API.
* Mark all tracked users as dirty on expired SSS connections
See https://github.com/matrix-org/matrix-rust-sdk/pull/3965 for
more information. Requires `Extension.onRequest` to be `async`.
* add ts extension
* Fix typedoc ref
* Add method to interface
* Don't force membership to invite
The membership was set correctly from the stripped state anyway so
this was redundant and was breaking rooms where we'd knocked.
* Missed merge
* Type import
* Make coverage happier
* More test coverage
* Grammar & formatting
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove markAllTrackedUsersAsDirty from crypto API
Not sure why this was in there, seems like it just needed to be in
crypto sync callbacks, which it already was.
* Remove I from interface
* API doc
* Move Hero definition to room-summary
* make comment more specific
* Move internal details into room.ts
and make the comment a proper tsdoc comment
* Use terser arrow function syntax
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Move comment to where we do the lookup
* Clarify comment
also prettier says hi
* Add comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add tsdoc
explaining that the summary event will be modified
* more comment
* Remove unrelated changes
* Add docs & make fields optional
* Type import
* Clarify sync versions
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Make tsdoc comment & add info on when it's used.
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Rephrase comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Prettier
* Only fetch member for hero in legacy sync mode
* Split out a separate method to set SSS room summary
Rather than trying to fudge up an object that looked enough like the
old one that we could pass it in.
* Type import
* Make link work
* Nope, linter treats it as an unused import
* Add link the other way
* Add more detail to doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove unnecessary cast
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove length > 0 check
as it wasn't really necessary and may cause heroes not to be cleared?
* Doc params
* Remove unnecessary undefined comparison
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Put the comparison back
as it's necessary to stop typescript complaining
* Fix comment
* Fix comment
---------
Co-authored-by: Kegan Dougal <7190048+kegsay@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add disableKeyStorage() to crypto API
As an all-in-one method for deleting all server side key storage on
the user's account (as the doc hopefully explains).
* Add test
* const
* Can't be disabled here
* Simplify bootstrapSecretStorage logic
might as well just export the keys immediately, rather than having multiple
tests.
* Clean up typescript types related to rust crypto
A forthcoming release of matrix-rust-sdk-crypto-wasm tightens up a number of
typescript types. In preparation, we need to get our house in order too.
* Remove deprecated calls in `webrtc/call.ts`
* Throw error when legacy call was used
* Remove `MatrixClient.initLegacyCrypto` (#4620)
* Remove `MatrixClient.initLegacyCrypto`
* Remove `MatrixClient.initLegacyCrypto` in README.md
* Remove tests using `MatrixClient.initLegacyCrypto`
* Remove legacy crypto support in `sync` api (#4622)
* Remove deprecated `DeviceInfo` in `webrtc/call.ts` (#4654)
* chore(legacy call): Remove `DeviceInfo` usage
* refactor(legacy call): throw `GroupCallUnknownDeviceError` at the end of `initOpponentCrypto`
* Remove deprecated methods and attributes of `MatrixClient` (#4659)
* feat(legacy crypto)!: remove deprecated methods of `MatrixClient`
* test(legacy crypto): update existing tests to not use legacy crypto
- `Embedded.spec.ts`: casting since `encryptAndSendToDevices` is removed from `MatrixClient`.
- `room.spec.ts`: remove deprecated usage of `MatrixClient.crypto`
- `matrix-client.spec.ts` & `matrix-client-methods.spec.ts`: remove calls of deprecated methods of `MatrixClient`
* test(legacy crypto): remove test files using `MatrixClient` deprecated methods
* test(legacy crypto): update existing integ tests to run successfully
* feat(legacy crypto!): remove `ICreateClientOpts.deviceToImport`.
`ICreateClientOpts.deviceToImport` was used in the legacy cryto. The rust crypto doesn't support to import devices in this way.
* feat(legacy crypto!): remove `{get,set}GlobalErrorOnUnknownDevices`
`globalErrorOnUnknownDevices` is not used in the rust-crypto. The API is marked as unstable, we can remove it.
* Remove usage of legacy crypto in `event.ts` (#4666)
* feat(legacy crypto!): remove legacy crypto usage in `event.ts`
* test(legacy crypto): update event.spec.ts to not use legacy crypto types
* Remove legacy crypto export in `matrix.ts` (#4667)
* feat(legacy crypto!): remove legacy crypto export in `matrix.ts`
* test(legacy crypto): update `megolm-backup.spec.ts` to import directly `CryptoApi`
* Remove usage of legacy crypto in integ tests (#4669)
* Clean up legacy stores (#4663)
* feat(legacy crypto!): keep legacy methods used in lib olm migration
The rust cryto needs these legacy stores in order to do the migration from the legacy crypto to the rust crypto. We keep the following methods of the stores:
- Used in `libolm_migration.ts`.
- Needed in the legacy store tests.
- Needed in the rust crypto test migration.
* feat(legacy crypto): extract legacy crypto types in legacy stores
In order to be able to delete the legacy crypto, these stores shouldn't rely on the legacy crypto. We need to extract the used types.
* feat(crypto store): remove `CryptoStore` functions used only by tests
* test(crypto store): use legacy `MemoryStore` type
* Remove deprecated methods of `CryptoBackend` (#4671)
* feat(CryptoBackend)!: remove deprecated methods
* feat(rust-crypto)!: remove deprecated methods of `CryptoBackend`
* test(rust-crypto): remove tests of deprecated methods of `CryptoBackend`
* Remove usage of legacy crypto in `embedded.ts` (#4668)
The interface of `encryptAndSendToDevices` changes because `DeviceInfo` is from the legacy crypto. In fact `encryptAndSendToDevices` only need pairs of userId and deviceId.
* Remove legacy crypto files (#4672)
* fix(legacy store): fix legacy store typing
In https://github.com/matrix-org/matrix-js-sdk/pull/4663, the storeXXX methods were removed of the CryptoStore interface but they are used internally by IndexedDBCryptoStore.
* feat(legacy crypto)!: remove content of `crypto/*` except legacy stores
* test(legacy crypto): remove `spec/unit/crypto/*` except legacy store tests
* refactor: remove unused types
* doc: fix broken link
* doc: remove link tag when typedoc is unable to find the CryptoApi
* Clean up integ test after legacy crypto removal (#4682)
* test(crypto): remove `newBackendOnly` test closure
* test(crypto): fix duplicate test name
* test(crypto): remove `oldBackendOnly` test closure
* test(crypto): remove `rust-sdk` comparison
* test(crypto): remove iteration on `CRYPTO_BACKEND`
* test(crypto): remove old legacy comments and tests
* test(crypto): fix documentations and removed unused expect
* Restore broken link to `CryptoApi` (#4692)
* chore: fix linting and formatting due to merge
* Remove unused crypto type and missing doc (#4696)
* chore(crypto): remove unused types
* doc(crypto): add missing link
* test(call): add test when crypto is enabled
* fix(crypto): `resetEncryption` remove secrets in 4S
Remove the cross signing keys and the backup decryption key of the 4S when calling `resetEncryption`
* test(crypto): expect secrets to be deleted in 4S when `resetEncryption` is called
* test(secret storage): add test case when the secret is set at null
* fix(crypto): remove default key in 4S
* test(crypto): default key should be removed from 4S
* feat(dehydrated): Use the dehydrated key cache API
* feat(dehydrated): Add signalling to device dehydration manager
* feat(dehydrated): fix unneeded call getCachedKey
* Upgrade to `matrix-sdk-crypto-wasm` v13.0.0
* review: quick fix and doc
* apply changes from review
* apply changes from review
* fix comment
* add some tests and emit an event on rehydration failure
* factor out event counter into a test util, since it may be useful elsewhere
* adjust test to cover a few more lines
* fix documentation
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix missing bracket
* add test for getting the dehydration key from SSSS
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
...and renames them, removing the special lowercase and uppercase
versions and exporting the underlying function instead.
Any apps that use these will either need to take the speed hit from
secure random functions and use the new ones, or write their own
insecure versions.
The lowercase and uppercasde verisons were used exactly once each
in element-web and never in js-sdk itself. The underlying function
is very simple and exporting just this gives more flexibility with
fewer exports.
* Avoid key prompts when resetting crypto
Attempting to get the backup key out of secret storage can cause
the user to be prompted for their key, which is not helpful if this
is being done as part of a reset. This check was redundant anyway
and we can just overwrite the key with the same value.
Also fix docs and remove check for active backup.
* Fix doc
* Save the key backup key to secret storage
When setting up secret storage, if we have a key backup key in cache
(like we do for the cross signing secrets).
* Add test
* Get the key directly from the olmMachine
saves converting it needlessly into a buffer to turn it back into
a base64 string
* Overwrite backup keyin storage if different
* Fix test
* Add integ test
* Test failure case for sonar
* Unused import
* Missed return
* Also check active backup version
* First draft of moving out restoreKeyBackup out of MatrixClient
* Deprecate `restoreKeyBackup*` in `MatrixClient`
* Move types
* Handle only the room keys response
* Renaming and refactor `keysCountInBatch` & `getTotalKeyCount`
* Fix `importRoomKeysAsJson` tsdoc
* Fix typo
* Move `backupDecryptor.free()``
* Comment and simplify a bit `handleDecryptionOfAFullBackup`
* Fix decryption crash by moving`backupDecryptor.free`
* Use new api in `megolm-backup.spec.ts`
* Add tests to get recovery key from secret storage
* Add doc to `KeyBackupRestoreOpts` & `KeyBackupRestoreResult`
* Add doc to `restoreKeyBackupWithKey`
* Add doc to `backup.ts`
* Apply comment suggestions
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* - Decryption key is recovered from the cache in `RustCrypto.restoreKeyBackup`
- Add `CryptoApi.getSecretStorageBackupPrivateKey` to get the decryption key from the secret storage.
* Add `CryptoApi.restoreKeyBackup` to `ImportRoomKeyProgressData` doc.
* Add deprecated symbol to all the `restoreKeyBackup*` overrides.
* Update tests
* Move `RustBackupManager.getTotalKeyCount` to `backup#calculateKeyCountInKeyBackup`
* Fix `RustBackupManager.restoreKeyBackup` tsdoc
* Move `backupDecryptor.free` in rust crypto.
* Move `handleDecryptionOfAFullBackup` in `importKeyBackup`
* Rename `calculateKeyCountInKeyBackup` to `countKeystInBackup`
* Fix `passphrase` typo
* Rename `backupInfoVersion` to `backupVersion`
* Complete restoreKeyBackup* methods documentation
* Add `loadSessionBackupPrivateKeyFromSecretStorage`
* Remove useless intermediary result variable.
* Check that decryption key matchs key backup info in `loadSessionBackupPrivateKeyFromSecretStorage`
* Get backup info from a specific version
* Fix typo in `countKeysInBackup`
* Improve documentation and naming
* Use `RustSdkCryptoJs.BackupDecryptionKey` as `decryptionKeyMatchesKeyBackupInfo` parameter.
* Call directly `olmMachine.getBackupKeys` in `restoreKeyBackup`
* Last review changes
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add CryptoApi. encryptToDeviceMessages
Deprecate Crypto. encryptAndSendToDevices and MatrixClient. encryptAndSendToDevices
* Overload MatrixClient. encryptAndSendToDevices instead of deprecating
* Revert "Overload MatrixClient. encryptAndSendToDevices instead of deprecating"
This reverts commit 6a0d8e2638.
* Feedback from code review
* Use temporary pre-release build of @matrix-org/matrix-sdk-crypto-wasm
* Deduplicate user IDs
* Test for RustCrypto implementation
* Use ensureSessionsForUsers()
* Encrypt to-device messages in parallel
* Use release version of matrix-sdk-crypto-wasm
* Upgrade matrix-sdk-crypto-wasm to v8
* Sync with develop
* Add test for olmlib CryptoApi
* Fix link
* Feedback from review
* Move libolm implementation to better place in file
* FIx doc
* Integration test
* Make sure test device is known to client
* Feedback from review
We used to use the notation `<sender key>|<megolm session id>` fairly widely in
log messages, but since the transition to rust crypto, it's unusual and now
somewhat confusing. Make the log messages more explicit.
* Move used Crypto event into crypto api
* Use new crypto events in rust crypto
* Remove `WillUpdateDevices` event from CryptoApi
* Use new crypto events in old crypto events
* Compute type of CryptoEvent enum
* Rename CryptoEvent and CryptoEventHandlerMap as legacy
* - Rename `RustCryptoEvent` as `CryptoEvent`
- Declare `CryptoEventHandlerMap` into the crypto api
* Add `WillUpdateDevices` back to new crypto events to avoid circular imports between old crypto and the cryto api
* Extends old crypto handler map with the new crypto map
* Review fixes
* Add more explicit documentations
* crypto: configure key sharing strategy based on deviceIsolationMode
fix eslint import error
cryptoMode was renamed to deviceIsolationMode
post rebase fix: Device Isolation mode name changes
* Fix outdated docs referring to old cryptomode
* code review: better comment for globalBlacklistUnverifiedDevices option
* RoomEncryptor: Use appropriate default for getBlacklistUnverifiedDevices
* do not provide a default value for DeviceIsolationMode for encryption
* Update src/rust-crypto/RoomEncryptor.ts
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Implement `UserVerificationStatus.needsUserApproval`
Expose the `identityNeedsUserApproval` flag from the rust crypto crate.
* Add CryptoApi.pinCurrentUserIdentity
Expose `pinCurrentMasterKey` from the rust crypto api.
* Test data: add second cross-signing key for Bob
* Add tests for verification status
* Restructure eventsPendingKey to remove sender key
For withheld notices, we don't necessarily receive the sender key, so we'll
jhave to do without it.
* Re-decrypt events when we receive a withheld notice
* Extend test to cover late-arriving withheld notices
* update unit tests
