Bruno Windels
d7c25e3106
move MediaRepository out of HomeServerApi
...
so HomeServerApi becomes easier to wrap, only having methods
that return a RequestResult.
2020-09-22 13:40:38 +02:00
Bruno Windels
6cd227b82d
only prompt after waiting 10s for sync UTD
2020-09-22 09:30:25 +02:00
Bruno Windels
0a83bf1176
more notes for legacy css marker
2020-09-22 09:30:13 +02:00
Bruno Windels
3359d49161
off both passphrase and security key options
2020-09-21 19:19:55 +02:00
Bruno Windels
e6a46874c4
wrap olm error for creating session in DecryptionError
...
so we can relate it back to the event that caused it
2020-09-21 17:58:13 +02:00
Bruno Windels
c9ee5a5db2
stay in catchup mode as long as there are device messages
...
this implements https://github.com/vector-im/element-web/issues/2782
it also implements 0 timeout for catchup, getting rid of the
catching up with your convo banner for 30s upon reconnection.
2020-09-21 17:57:01 +02:00
Bruno Windels
015c6b1c70
interpret unreported signed_curve25519 as 0 OTKs
2020-09-21 17:56:23 +02:00
Bruno Windels
4dfbd3f3cd
don't run afterSyncCompleted and next sync request in parallel
...
as the otk count the next sync request reports will be outdated
if afterSyncCompleted uploaded OTKs, and the next afterSyncCompleted
, having the wrong server OTK count, will again upload OTKs.
This will overwrite existing OTK keys which will
throw BAD_MESSAGE_KEY_ID when creating new sessions with those OTKs
2020-09-21 17:53:29 +02:00
Bruno Windels
c7370d7b01
Use continue in for loop rather than return
...
this was running in a Promise.all(array.map)) closure before
2020-09-21 14:11:28 +02:00
Bruno Windels
2c6a3a7ce7
fix afterSyncCompleted not being run after a sync error occurs
...
the error was not cleared when calling start again.
Also we should better look at the sync status to decide whether to run
afterSyncCompleted.
This prevented the room keys from being applied once you
had a connection error or other error at some point
since you started the app.
2020-09-21 13:55:35 +02:00
Bruno Windels
8cf29e344b
don't send access token on /versions
...
as it's not a good idea, and some CORS configs might not be happy with
an Authorization header on that path
2020-09-18 18:13:20 +02:00
Bruno Windels
1d33ab20a5
fix decrypted tiles not corresponding to a tile
2020-09-18 13:36:16 +02:00
Bruno Windels
4d604f7357
log all sync errors
2020-09-18 13:11:18 +02:00
Bruno Windels
3704de1a26
more dispose
2020-09-18 13:11:10 +02:00
Bruno Windels
da780d0aa2
delay backup 10s if missing session event came from sync
2020-09-18 13:11:02 +02:00
Bruno Windels
3aead4eae2
createEnum does not take an array
2020-09-18 13:08:35 +02:00
Bruno Windels
ed913ca24b
add dispose to room encryption
2020-09-18 13:08:18 +02:00
Bruno Windels
6c46cc98de
be more specific in error message
2020-09-18 12:12:52 +02:00
Bruno Windels
2de406afa0
log secret storage error as well
2020-09-18 12:12:19 +02:00
Bruno Windels
cb32f4201e
note for future cleanup
2020-09-18 12:12:12 +02:00
Bruno Windels
9fd39ab57f
aes-js doesn't work with ArrayBuffers
2020-09-18 12:04:48 +02:00
Bruno Windels
36b56132b0
add TextEncoder/Decoder polyfill to legacy bundle
2020-09-18 12:04:22 +02:00
Bruno Windels
6375574a56
show error
2020-09-17 18:59:40 +02:00
Bruno Windels
f58a3ee975
use olm from param
2020-09-17 18:56:02 +02:00
Bruno Windels
7d6fcfafa8
pass olm, better naming, don't reuse var
2020-09-17 18:55:39 +02:00
Bruno Windels
5b45c00322
switch to security key
2020-09-17 18:55:28 +02:00
Bruno Windels
ceac6008bc
fix import
2020-09-17 18:55:09 +02:00
Bruno Windels
fe5b732c97
cleanup, better copy text
2020-09-17 18:54:55 +02:00
Bruno Windels
494c5cbcf0
notify UI when we need session backup
2020-09-17 18:00:00 +02:00
Bruno Windels
06ccd74680
this should be read-write, oops
2020-09-17 17:59:35 +02:00
Bruno Windels
1b8e481559
keys from backup need to be imported with import_session, not create
2020-09-17 17:59:02 +02:00
Bruno Windels
915925d6ee
don't throw when trying to restore session from backup, check sender key
2020-09-17 17:57:52 +02:00
Bruno Windels
a205ae8841
fixes
2020-09-17 17:57:12 +02:00
Bruno Windels
5752cca69c
go back to bs58 and use other base64 decoder
...
as base-x isn't meant for base64
2020-09-17 17:56:05 +02:00
Bruno Windels
9d622434fb
integrate session backup with session class
2020-09-17 15:58:46 +02:00
Bruno Windels
3cebd17cbe
adjust paths
2020-09-17 15:17:46 +02:00
Bruno Windels
c9d8d40242
move ssss out of e2ee dir as not really e2ee related
2020-09-17 15:17:00 +02:00
Bruno Windels
33aa475e18
add function to create key from either passphrase or recovery key
2020-09-17 15:16:01 +02:00
Bruno Windels
7f97c540fb
obsolete comment, this is already the case
2020-09-17 14:20:42 +02:00
Bruno Windels
092547bfc8
renaming
2020-09-17 14:20:36 +02:00
Bruno Windels
17fc249fa8
integrate session backup with room encryption and megolm decryption
2020-09-17 14:20:15 +02:00
Bruno Windels
3941af93d2
more impl of SessionBackup
2020-09-17 14:19:57 +02:00
Bruno Windels
fff8308259
first draft of SessionBackup
2020-09-17 12:34:39 +02:00
Bruno Windels
1a105d391b
cleanup: rename session name to hydrogen as well
...
as we'll need people to resync because of account data as well
2020-09-17 12:34:10 +02:00
Bruno Windels
b7401a148c
some ssss cleanup
2020-09-17 12:33:57 +02:00
Bruno Windels
8204e942d9
first draft of reading a ssss secret
2020-09-17 11:39:40 +02:00
Bruno Windels
c44ab3e55e
derive ssss key from recovery key
2020-09-17 11:39:25 +02:00
Bruno Windels
7c4c266fe0
derive ssss key from passphrase
2020-09-17 11:39:07 +02:00
Bruno Windels
45c62eb0e5
common types and storage for ssss
2020-09-17 11:38:53 +02:00
Bruno Windels
7412b3aae8
forgot to commit account data store
2020-09-17 11:38:44 +02:00
Bruno Windels
4ec0e67384
use base-x to support both base64 and base58
2020-09-17 11:36:54 +02:00
Bruno Windels
abfde76e24
store account data in storage
...
needs a resync, need to think how to handle this
2020-09-17 10:39:51 +02:00
Bruno Windels
00eade1c16
add crypto driver with primitives needed for 4S & session backup
2020-09-17 10:19:09 +02:00
Bruno Windels
ab01c903a6
turns out that rollup-plugin-cleanup doesn't like line 259 in aes-js
...
so don't remove comments for now in the legacy build
2020-09-17 09:36:37 +02:00
Bruno Windels
77a21c08eb
add legacy extras, so deps only needed for legacy are not in main bundle
2020-09-16 18:31:17 +02:00
Bruno Windels
b63aaa6dcb
add typed array polyfills to worker bundle
2020-09-16 14:42:13 +02:00
Bruno Windels
12262f2824
actually use correct method to get all device ids for a user
2020-09-14 18:31:54 +02:00
Bruno Windels
75bff228ec
fix data not being passed on, caused crash on initial sync
2020-09-14 17:45:13 +02:00
Bruno Windels
a11b612640
await this
2020-09-14 17:45:02 +02:00
Bruno Windels
b2e6e8687e
dispose tiles
...
also add more defence against emitting event when disposed
2020-09-14 17:44:37 +02:00
Bruno Windels
9ea961ae53
don't crash when we don't have a subscription anymore
2020-09-14 17:43:06 +02:00
Bruno Windels
49f330279b
also pass timeline entries to summary after initial decryption failed
2020-09-14 16:34:07 +02:00
Bruno Windels
f3f07a0672
centralize update emitting in room
2020-09-14 16:33:43 +02:00
Bruno Windels
bce46daa9c
this is shorter
2020-09-14 16:33:30 +02:00
Bruno Windels
3325f12092
remove devices not present in /keys/query response
2020-09-14 15:47:00 +02:00
Bruno Windels
504371eaf3
this is outdated (and not really needed)
2020-09-14 15:47:00 +02:00
Bruno Windels
8555fd5f18
a little extra caution
2020-09-14 15:47:00 +02:00
Bruno Windels
aa5d55bbf2
show when e2ee is enabled in timeline
2020-09-14 15:47:00 +02:00
Bruno Windels
8c4d68def9
show decryption errors in timeline
2020-09-14 15:47:00 +02:00
Bruno Windels
a2f8731a23
Keep room key with earliest index
2020-09-14 15:47:00 +02:00
Bruno Windels
9fad5b3b29
only load olm once
2020-09-14 15:47:00 +02:00
Bruno Windels
0c3ea90ab4
also update room list when encrypted events come in
2020-09-14 15:46:58 +02:00
Bruno Windels
fb69688d47
also update room list when encrypted events come in
2020-09-14 14:01:47 +02:00
Bruno Windels
4875095ea3
fix event tiles not updating when event is decrypted when room keys come
2020-09-11 17:47:35 +02:00
Bruno Windels
2855166239
migrate encryption flag so old sessions dont send unencrypted events
2020-09-11 16:48:04 +02:00
Bruno Windels
e763771cc2
cleanup
2020-09-11 14:45:38 +02:00
Bruno Windels
96119b4e58
load all pending operations when starting the session, pass to room
2020-09-11 14:41:40 +02:00
Bruno Windels
ab1fe711ad
implement room key sharing with operations store
2020-09-11 14:41:12 +02:00
Bruno Windels
b00865510f
add operation store
2020-09-11 14:40:05 +02:00
Bruno Windels
9f6822f362
remove needsRoomKey flag on member
2020-09-11 14:38:36 +02:00
Bruno Windels
bba53b3477
dont store duplicated key values for replay detection
2020-09-11 12:08:06 +02:00
Bruno Windels
0dece5b04f
make continuation logic work well with pending events
...
- don't use display name to compare but user id
(pending doesn't have display name yet)
- use current time as timestamp
2020-09-11 11:43:40 +02:00
Bruno Windels
2c186554a1
this works better in ie11 for some reason
2020-09-11 11:36:08 +02:00
Bruno Windels
843e3e6b1c
show encrypted status of room
2020-09-11 11:35:53 +02:00
Bruno Windels
0e3084cce3
provide alternative spinner for ie11
2020-09-11 11:28:59 +02:00
Bruno Windels
95c6fd5a5b
reenable only using worker when wasm is not supported
2020-09-11 10:53:15 +02:00
Bruno Windels
e0d9d703b7
offload olm account creation in worker
2020-09-11 10:43:17 +02:00
Bruno Windels
0b26e6f53a
compress new e2ee stores into one new idb version
2020-09-11 08:40:43 +02:00
Bruno Windels
78fecd003a
cleanup
2020-09-10 18:57:29 +02:00
Bruno Windels
af36c71a59
load worker in main and pass paths so it works both on compiled and non-compiled
2020-09-10 18:41:23 +02:00
Bruno Windels
de1cc0d739
abort decrypt requests when changing room
2020-09-10 17:43:01 +02:00
Bruno Windels
0bf1723d99
Worker WIP
2020-09-10 15:40:30 +01:00
Bruno Windels
fdbc5f3c1d
WIP worker work
2020-09-10 13:00:11 +02:00
Bruno Windels
17412bbb2f
more validation
2020-09-10 12:12:39 +02:00
Bruno Windels
94b0cfbd72
add prepareSync and afterPrepareSync steps to sync, run decryption in it
2020-09-10 12:11:43 +02:00
Bruno Windels
1c77c3b876
expose multi-step decryption from RoomEncryption, adjust room timeline
...
sync code hasn't been adjusted yet
2020-09-10 12:11:25 +02:00
Bruno Windels
7c1f9dbed0
split up megolm decryption so it can happen in multiple steps,see README
2020-09-10 12:05:53 +02:00
Bruno Windels
a4c8e56ab0
fix getKey not working on IE11
2020-09-09 11:42:26 +01:00
Bruno Windels
f8e3a75471
fix typo
2020-09-09 10:22:29 +02:00
Bruno Windels
a18d2c0e78
update comment
2020-09-09 09:51:48 +02:00
Bruno Windels
212efe823c
fix memberlist not containing all members
...
we were using the prev_batch of the last sync to pass to
/members, but this points at the timeline *before* the last
sync, so wouldn't contain all members. Use the sync token instead.
2020-09-09 09:50:03 +02:00
Bruno Windels
1f9d6191c2
this happens often when room is not tracked yet, so don't log
2020-09-08 18:32:51 +02:00
Bruno Windels
0ed2d14887
log OTK claim failures
2020-09-08 18:32:12 +02:00
Bruno Windels
da4b710e49
don't return promise here, not used
2020-09-08 18:30:45 +02:00
Bruno Windels
4ca5ff9b9f
only load 50 olm sessions at once
2020-09-08 18:30:06 +02:00
Bruno Windels
10b5614fd9
m.dummy events don't have content
2020-09-08 18:27:49 +02:00
Bruno Windels
9a7abb1899
make logic more explicit
2020-09-08 18:27:35 +02:00
Bruno Windels
4a2faed198
don't assume roomKeys is an array
2020-09-08 18:27:12 +02:00
Bruno Windels
4c1aaaf416
show "setting up encryption keys..." step during login
2020-09-08 17:16:34 +02:00
Bruno Windels
36a8ec0110
dont attempt to decrypt redacted events
...
this will show them as undecryptable for now though
2020-09-08 17:16:01 +02:00
Bruno Windels
773cb3420f
ignore duplicate curve25519 keys in /keys/query response
2020-09-08 17:14:23 +02:00
Bruno Windels
b653022a5a
do store our own device, otherwise need special case verifying own msgs
2020-09-08 15:25:36 +02:00
Bruno Windels
65660a1e3b
remove double jsdoc
2020-09-08 15:06:44 +02:00
Bruno Windels
650df6fea8
forgot await
2020-09-08 15:00:29 +02:00
Bruno Windels
5a8aac57ac
there might not be a member yet
2020-09-08 15:00:20 +02:00
Bruno Windels
7bba83aa9e
add outbound session store to sync txn
2020-09-08 15:00:00 +02:00
Bruno Windels
5e65eb10ef
docs
2020-09-08 14:39:33 +02:00
Bruno Windels
1aa044667c
try sending out pending room keys after first sync
2020-09-08 14:39:07 +02:00
Bruno Windels
31d4b6f75d
send room keys to newly joined members in afterSyncCompleted stage
2020-09-08 14:38:27 +02:00
Bruno Windels
c158e3da77
support running afterSyncCompleted step on rooms as well
...
and make it in parallel with next sync request
2020-09-08 14:37:24 +02:00
Bruno Windels
52c3c7c03d
support sending out room key in room encryption for newly joined members
2020-09-08 14:36:50 +02:00
Bruno Windels
7b35a3c46c
memberChanges is a map, not array
2020-09-08 14:23:38 +02:00
Bruno Windels
bbaf3a5605
write needsRoomKey flag when new members joins to tracked e2ee room
2020-09-08 14:22:11 +02:00
Bruno Windels
d184be2d22
rotate outbound megolm session when somebody leaves the room
2020-09-08 11:09:09 +02:00
Bruno Windels
cd172f6df2
log new room keys for debugging
2020-09-08 10:55:38 +02:00
Bruno Windels
dea9fd90b4
name devices at login "Hydrogen"
...
so you can somewhat identify them in a device list
2020-09-08 10:53:15 +02:00
Bruno Windels
2c5c3ac8e2
formatting
2020-09-08 10:53:02 +02:00
Bruno Windels
2b59c8bb7c
store ed25519 key from olm event rather than one in m.room_key payload
...
that's the docs/js-sdk do it, even though it probably
doesn't matter much as we verify the key anyway
2020-09-08 10:52:02 +02:00
Bruno Windels
40ed66dc5e
document return type
2020-09-08 10:51:45 +02:00
Bruno Windels
4cf3b3569d
storage method takes EventKey actually
2020-09-08 10:51:28 +02:00
Bruno Windels
3e100ff5ec
ensure /keys/query devices have the keys we need
2020-09-08 10:51:01 +02:00
Bruno Windels
c32ac2c764
use decryption result to show message verification status in timeline
2020-09-08 10:50:39 +02:00
Bruno Windels
9137d5dcbb
make decryption algorithms return DecryptionResult
...
which contains curve25519 key and claimed ed25519 key as well as payload
2020-09-08 10:48:11 +02:00
Bruno Windels
fbb534fa16
add todo
2020-09-04 16:46:13 +02:00
Bruno Windels
a817a9aaf9
return decrypted type and content
2020-09-04 16:41:03 +02:00
Bruno Windels
7bfcfc9eed
correct store name
2020-09-04 16:40:51 +02:00
Bruno Windels
f31efe3e87
encode key with proper names
2020-09-04 16:40:39 +02:00
Bruno Windels
8e5d5db32b
add event prop on entry
2020-09-04 16:40:15 +02:00
Bruno Windels
e06cb1eb5f
fix param order
2020-09-04 16:29:20 +02:00
Bruno Windels
1af118a443
don't assume we have a timeline
2020-09-04 16:27:39 +02:00
Bruno Windels
9b771120e4
actually accept megolm decryption dep
2020-09-04 16:27:14 +02:00
Bruno Windels
dc0576f2db
cleanup
2020-09-04 15:31:45 +02:00
Bruno Windels
baad4bd37f
hookup megolm decryption in session
2020-09-04 15:31:27 +02:00
Bruno Windels
32a399afec
implement storage changes for megolm decryption
2020-09-04 15:31:00 +02:00
Bruno Windels
5a731903da
implement decrypting when loading timeline
2020-09-04 15:30:06 +02:00
Bruno Windels
62bcb27784
implement decryption retrying and decrypting of gap/load entries
...
turns out we do have to always check for replay attacks because
failing to decrypt doesn't prevent an item from being stored,
so if you reload and then load you might be decrypting it
for the first time
2020-09-04 15:29:58 +02:00
Bruno Windels
565fdb0f8c
use proper error codes
2020-09-04 12:10:36 +02:00
Bruno Windels
28b46a1e5b
add some comments
2020-09-04 12:10:28 +02:00
Bruno Windels
fe9245dd04
first draft of retrying decryption when receiving room keys
2020-09-04 12:10:12 +02:00
Bruno Windels
502ba5deea
first draft of decryption in Room and RoomEncryption
2020-09-04 12:09:19 +02:00
Bruno Windels
fab58e8724
first draft of megolm decryption
2020-09-04 12:06:26 +02:00
Bruno Windels
80ede4f411
session will always be true here, we want to check sessionEntry
2020-09-04 12:05:58 +02:00
Bruno Windels
8ac80314c2
cleanup
2020-09-03 17:51:20 +02:00
Bruno Windels
c5efa582b1
check algorithm
2020-09-03 17:51:00 +02:00
Bruno Windels
c5c9505ce2
hookup megolm encryption in session
2020-09-03 17:50:28 +02:00
Bruno Windels
be4d887178
add outbound group session storage
2020-09-03 17:49:20 +02:00
Bruno Windels
6bc30bb824
implement megolm encryption
2020-09-03 17:48:59 +02:00
Bruno Windels
b1226d9220
add infrastructure to encrypt while sending
2020-09-03 15:36:48 +02:00
Bruno Windels
5cafef96f5
add RoomEncryption to room
2020-09-03 15:36:17 +02:00
Bruno Windels
2a40c89a24
implement hsapi /keys/claim endpoint
2020-09-03 15:33:23 +02:00
Bruno Windels
dde8c66196
implement store changes for olm encryption
2020-09-03 15:33:03 +02:00
Bruno Windels
792f0cf9a0
log our identity keys after load
2020-09-03 15:32:33 +02:00
Bruno Windels
1d4a5cd6d4
instantiate olm encryption in session
2020-09-03 15:32:08 +02:00
Bruno Windels
4401012312
no need to call decrypt when there are no events
2020-09-03 15:30:54 +02:00
Bruno Windels
408ff3322d
content already exists here
2020-09-03 15:30:42 +02:00
Bruno Windels
620fc0d210
JSON stringify payload, olm_encrypt does not do objects
2020-09-03 15:30:18 +02:00
Bruno Windels
8676909a26
don't swallow errors!
2020-09-03 15:30:09 +02:00
Bruno Windels
a943467e71
await txns
2020-09-03 15:30:01 +02:00
Bruno Windels
71ba2dd714
name userId -> ownUserId as elsewhere
2020-09-03 15:29:35 +02:00
Bruno Windels
8d0d4570dd
fix import path
2020-09-03 15:29:09 +02:00
Bruno Windels
b2fffee037
give better error when olm plaintext is not json
2020-09-03 15:28:49 +02:00
Bruno Windels
1f8005cdfd
forgot to pass account
2020-09-03 15:28:38 +02:00
Bruno Windels
e22131bf57
don't store or return our own device
2020-09-03 15:28:20 +02:00
Bruno Windels
eda15e1141
forgot to remove this after extracting function
2020-09-03 15:27:40 +02:00
Bruno Windels
8d64fa54fe
using wrong method here
2020-09-03 15:27:00 +02:00
Bruno Windels
af423b1c7f
ensure second promise has run in test
2020-09-03 12:17:01 +02:00
Bruno Windels
4f4808b94c
lock on senderKey while enc/decrypting olm sessions
2020-09-03 12:12:33 +02:00
Bruno Windels
4ecd853348
Merge branch 'bwindels/e2ee' into bwindels/olm-encrypt
2020-09-03 11:44:36 +02:00
Bruno Windels
279b55e8e6
fix test
2020-09-03 11:31:00 +02:00
Bruno Windels
1492b6b6f8
cleanup of olm encryption
2020-09-03 09:53:16 +02:00
Bruno Windels
e3daef5ca9
first draft of olm encryption
2020-09-02 17:58:01 +02:00
Bruno Windels
3cb46b38ff
extract olm/Session into own file
2020-09-02 17:38:46 +02:00
Bruno Windels
f1b78a5778
extract groupBy function from olm decryption into util
2020-09-02 17:38:25 +02:00
Bruno Windels
0545c1f0c5
extract verifying a signed object from the device tracker
2020-09-02 17:37:48 +02:00
Bruno Windels
bd64aaf029
create outbound olm session from account
...
also better error handling
2020-09-02 17:37:13 +02:00
Bruno Windels
6c60381d54
Merge pull request #79 from vector-im/bwindels/hookuk-olm-to-device
...
Hookup to_device message handling and store megolm sessions when receiving m.room_key
2020-09-02 13:01:52 +00:00
Bruno Windels
1dbabf6240
cleanup ctor
2020-09-02 14:59:17 +02:00
Bruno Windels
b4d2be6b12
Merge branch 'master' into bwindels/e2ee
2020-09-02 14:55:38 +02:00
Bruno Windels
5a12904cc3
log errors during session load
2020-09-02 14:54:57 +02:00
Bruno Windels
1ab356cd9c
wrong store name
2020-09-02 14:53:50 +02:00
Bruno Windels
95fcbe1598
typo
2020-09-02 14:52:33 +02:00
Bruno Windels
14cba7ec6e
need to pass in olm
2020-09-02 14:52:19 +02:00
Bruno Windels
1f66868566
forgot to await
2020-09-02 14:52:02 +02:00
Bruno Windels
e09fbf566d
TODO
2020-09-02 14:30:49 +02:00
Bruno Windels
7d517eb700
wire up the olm decryption,megolm room key handler and to_device handler
2020-09-02 14:30:18 +02:00
Bruno Windels
0219932f50
typo
2020-09-02 14:29:18 +02:00
Bruno Windels
6d3aa219fa
implement storing room keys
2020-09-02 14:24:38 +02:00
Bruno Windels
f5c7b1b3ec
remove obsolete comment
2020-09-02 13:35:25 +02:00
Bruno Windels
6aad751611
fix wrong idb method used in session store
2020-09-02 13:35:08 +02:00
Bruno Windels
44e9f91d4c
to_device handler for encrypted messages
...
changes the api of the olm decryption to decrypt in batch
so we can isolate side-effects until we have a write-txn open
and we can parallelize the decryption of different sender keys.
2020-09-02 13:33:27 +02:00