2020-08-28 18:05:47 +05:30
|
|
|
/*
|
|
|
|
Copyright 2020 The Matrix.org Foundation C.I.C.
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2020-09-02 21:07:48 +05:30
|
|
|
import anotherjson from "../../../lib/another-json/index.js";
|
2020-09-10 15:39:17 +05:30
|
|
|
import {createEnum} from "../../utils/enum.js";
|
|
|
|
|
2020-09-18 16:38:35 +05:30
|
|
|
export const DecryptionSource = createEnum("Sync", "Timeline", "Retry");
|
2020-09-02 21:07:48 +05:30
|
|
|
|
2020-08-28 18:05:47 +05:30
|
|
|
// use common prefix so it's easy to clear properties that are not e2ee related during session clear
|
|
|
|
export const SESSION_KEY_PREFIX = "e2ee:";
|
|
|
|
export const OLM_ALGORITHM = "m.olm.v1.curve25519-aes-sha2";
|
|
|
|
export const MEGOLM_ALGORITHM = "m.megolm.v1.aes-sha2";
|
2020-09-01 21:29:39 +05:30
|
|
|
|
|
|
|
export class DecryptionError extends Error {
|
2020-09-02 17:03:27 +05:30
|
|
|
constructor(code, event, detailsObj = null) {
|
2020-09-01 21:29:39 +05:30
|
|
|
super(`Decryption error ${code}${detailsObj ? ": "+JSON.stringify(detailsObj) : ""}`);
|
|
|
|
this.code = code;
|
2020-09-02 17:03:27 +05:30
|
|
|
this.event = event;
|
2020-09-01 21:29:39 +05:30
|
|
|
this.details = detailsObj;
|
|
|
|
}
|
|
|
|
}
|
2020-09-02 21:07:48 +05:30
|
|
|
|
|
|
|
export const SIGNATURE_ALGORITHM = "ed25519";
|
|
|
|
|
|
|
|
export function verifyEd25519Signature(olmUtil, userId, deviceOrKeyId, ed25519Key, value) {
|
|
|
|
const clone = Object.assign({}, value);
|
|
|
|
delete clone.unsigned;
|
|
|
|
delete clone.signatures;
|
|
|
|
const canonicalJson = anotherjson.stringify(clone);
|
|
|
|
const signature = value?.signatures?.[userId]?.[`${SIGNATURE_ALGORITHM}:${deviceOrKeyId}`];
|
|
|
|
try {
|
|
|
|
if (!signature) {
|
|
|
|
throw new Error("no signature");
|
|
|
|
}
|
|
|
|
// throws when signature is invalid
|
2020-09-03 18:57:40 +05:30
|
|
|
olmUtil.ed25519_verify(ed25519Key, canonicalJson, signature);
|
2020-09-02 21:07:48 +05:30
|
|
|
return true;
|
|
|
|
} catch (err) {
|
|
|
|
console.warn("Invalid signature, ignoring.", ed25519Key, canonicalJson, signature, err);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|