The bulk of this is just export/import changes, though there's a couple pieces to highlight:
* We no longer use default exports. This is because it's discouraged by the JS community, though not in any official capacity.
* We now use `polyfillSuper` for some prototype inheritance because the tests, and sometimes webpack, break on "cannot call EncryptionAlgorithm without 'new'". It's very much a workaround, and definitely not needed when we use real classes.
There is some import shuffling to help keep the imports clean - this was done by my IDE.
This changes `addKey` for secret storage to consume info about a pre-generated
key, rather than creating the key in middle of the method. This eases UI work
that want to have the public and private keys earlier on in the flow.
This adjusts the metadata from `createRecoveryKeyFromPassphrase` to include KDF
info formatted in the way secret storage expects. Since
`prepareKeyBackupVersion` did something similar, we adjust it to use the new
function and reshape the objects.
If we restore cross-signing keys from secret storage, we also need to run many
of the same follow-up steps from resetting the keys, such as saving to the
crypto store, upgrading device verifications, etc.
If you've already set up cross-signing elsewhere and start using a new device,
this loads the private keys from secret storage and regenerates the public keys
to match.
We may also want to download the public keys from the homeserver's key sharing
and verify that they match the private keys, but for now that's left as future
work.
Riot doesn't fully implement to_device verifications, e.g.
it doesn't send a `request` but immediately sends a `start` event.
Because of this, `crypto.verification.request` doesn't get fired,
as that code path doesn't get triggered. This is why MatrixChat
in the react-sdk was listening for `crypto.verification.start`.
Verification over DM *does* send a `request` event first, so
to have the same API for both methods, we fake the request and
wrap the verifier in it.
