Update import to use new functions

matrix-org · Sep 25, 2024 · ca95c3d · ca95c3d
1 parent 48ceb73
commit ca95c3d
Show file tree

Hide file tree

Showing 13 changed files with 40 additions and 28 deletions.
diff --git a/spec/integ/crypto/cross-signing.spec.ts b/spec/integ/crypto/cross-signing.spec.ts
@@ -21,7 +21,7 @@ import { IDBFactory } from "fake-indexeddb";
 import { CRYPTO_BACKENDS, InitCrypto, syncPromise } from "../../test-utils/test-utils";
 import { AuthDict, createClient, CryptoEvent, MatrixClient } from "../../../src";
 import { mockInitialApiRequests, mockSetupCrossSigningRequests } from "../../test-utils/mockEndpoints";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { CryptoCallbacks, CrossSigningKey } from "../../../src/crypto-api";
 import { SECRET_STORAGE_ALGORITHM_V1_AES } from "../../../src/secret-storage";
 import { ISyncResponder, SyncResponder } from "../../test-utils/SyncResponder";

diff --git a/spec/unit/crypto/secrets.spec.ts b/spec/unit/crypto/secrets.spec.ts
@@ -20,7 +20,7 @@ import { IObject } from "../../../src/crypto/olmlib";
 import { MatrixEvent } from "../../../src/models/event";
 import { TestClient } from "../../TestClient";
 import { makeTestClients } from "./verification/util";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { createSecretStorageKey, resetCrossSigningKeys } from "./crypto-utils";
 import { logger } from "../../../src/logger";
 import { ClientEvent, ICreateClientOpts, MatrixClient } from "../../../src/client";

diff --git a/spec/unit/rust-crypto/rust-crypto.spec.ts b/spec/unit/rust-crypto/rust-crypto.spec.ts
@@ -69,7 +69,7 @@ import { logger } from "../../../src/logger";
 import { OutgoingRequestsManager } from "../../../src/rust-crypto/OutgoingRequestsManager";
 import { ClientEvent, ClientEventHandlerMap } from "../../../src/client";
 import { Curve25519AuthData } from "../../../src/crypto-api/keybackup";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { CryptoStore, SecretStorePrivateKeys } from "../../../src/crypto/store/base";
 
 const TEST_USER = "@alice:example.com";

diff --git a/spec/unit/secret-storage.spec.ts b/spec/unit/secret-storage.spec.ts
@@ -25,7 +25,7 @@ import {
  ServerSideSecretStorageImpl,
  trimTrailingEquals,
 } from "../../src/secret-storage";
-import { calculateKeyCheck } from "../../src/crypto/aes";
+import { calculateKeyCheck } from "../../src/utils/calculateKeyCheck";
 import { randomString } from "../../src/randomstring";
 
 describe("ServerSideSecretStorageImpl", function () {

diff --git a/src/crypto-api/keybackup.ts b/src/crypto-api/keybackup.ts
@@ -15,7 +15,7 @@ limitations under the License.
 */
 
 import { ISigned } from "../@types/signed.ts";
-import { IEncryptedPayload } from "../crypto/aes.ts";
+import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";
 
 export interface Curve25519AuthData {
  public_key: string;
@@ -77,7 +77,7 @@ export interface Curve25519SessionData {
 }
 
 /* eslint-disable camelcase */
-export interface KeyBackupSession<T = Curve25519SessionData | IEncryptedPayload> {
+export interface KeyBackupSession<T = Curve25519SessionData | SecretEncryptedPayload> {
  first_message_index: number;
  forwarded_count: number;
  is_verified: boolean;

diff --git a/src/crypto/CrossSigning.ts b/src/crypto/CrossSigning.ts
@@ -22,7 +22,6 @@ import type { PkSigning } from "@matrix-org/olm";
 import { IObject, pkSign, pkVerify } from "./olmlib.ts";
 import { logger } from "../logger.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, encryptAES } from "./aes.ts";
 import { DeviceInfo } from "./deviceinfo.ts";
 import { ISignedKey, MatrixClient } from "../client.ts";
 import { OlmDevice } from "./OlmDevice.ts";
@@ -36,6 +35,8 @@ import {
  UserVerificationStatus as UserTrustLevel,
 } from "../crypto-api/index.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
 
 // backwards-compatibility re-exports
 export { UserTrustLevel };

diff --git a/src/crypto/backup.ts b/src/crypto/backup.ts
@@ -27,7 +27,6 @@ import { DeviceTrustLevel } from "./CrossSigning.ts";
 import { keyFromPassphrase } from "./key_passphrase.ts";
 import { encodeUri, safeSet, sleep } from "../utils.ts";
 import { IndexedDBCryptoStore } from "./store/indexeddb-crypto-store.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
 import {
  Curve25519SessionData,
  IAes256AuthData,
@@ -41,6 +40,10 @@ import { ClientPrefix, HTTPError, MatrixError, Method } from "../http-api/index.
 import { BackupTrustInfo } from "../crypto-api/keybackup.ts";
 import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
 import { encodeRecoveryKey } from "../crypto-api/index.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
+import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";
 
 const KEY_BACKUP_KEYS_PER_REQUEST = 200;
 const KEY_BACKUP_CHECK_RATE_LIMIT = 5000; // ms
@@ -94,7 +97,7 @@ interface BackupAlgorithmClass {
 
 interface BackupAlgorithm {
  untrusted: boolean;
- encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | IEncryptedPayload>;
+ encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | SecretEncryptedPayload>;
  decryptSessions(ciphertexts: Record<string, IKeyBackupSession>): Promise<IMegolmSessionData[]>;
  authData: AuthData;
  keyMatches(key: ArrayLike<number>): Promise<boolean>;
@@ -825,7 +828,7 @@ export class Aes256 implements BackupAlgorithm {
  return false;
  }
 
- public encryptSession(data: Record<string, any>): Promise<IEncryptedPayload> {
+ public encryptSession(data: Record<string, any>): Promise<SecretEncryptedPayload> {
  const plainText: Record<string, any> = Object.assign({}, data);
  delete plainText.session_id;
  delete plainText.room_id;
@@ -834,7 +837,7 @@ export class Aes256 implements BackupAlgorithm {
  }
 
  public async decryptSessions(
- sessions: Record<string, IKeyBackupSession<IEncryptedPayload>>,
+ sessions: Record<string, IKeyBackupSession<SecretEncryptedPayload>>,
  ): Promise<IMegolmSessionData[]> {
  const keys: IMegolmSessionData[] = [];
 

diff --git a/src/crypto/dehydration.ts b/src/crypto/dehydration.ts
@@ -19,11 +19,12 @@ import anotherjson from "another-json";
 import type { IDeviceKeys, IOneTimeKey } from "../@types/crypto.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, encryptAES } from "./aes.ts";
 import { logger } from "../logger.ts";
 import { Crypto } from "./index.ts";
 import { Method } from "../http-api/index.ts";
 import { SecretStorageKeyDescription } from "../secret-storage.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
 
 export interface IDehydratedDevice {
  device_id: string; // eslint-disable-line camelcase

diff --git a/src/crypto/index.ts b/src/crypto/index.ts
@@ -47,7 +47,6 @@ import { InRoomChannel, InRoomRequests } from "./verification/request/InRoomChan
 import { Request, ToDeviceChannel, ToDeviceRequests } from "./verification/request/ToDeviceChannel.ts";
 import { IllegalMethod } from "./verification/IllegalMethod.ts";
 import { KeySignatureUploadError } from "../errors.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
 import { DehydrationManager } from "./dehydration.ts";
 import { BackupManager, LibOlmBackupDecryptor, backupTrustInfoFromLegacyTrustInfo } from "./backup.ts";
 import { IStore } from "../store/index.ts";
@@ -107,6 +106,10 @@ import { deviceInfoToDevice } from "./device-converter.ts";
 import { ClientPrefix, MatrixError, Method } from "../http-api/index.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
 import { KnownMembership } from "../@types/membership.ts";
+import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
+import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";
 
 /* re-exports for backwards compatibility */
 export type {
@@ -1323,7 +1326,7 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
  * @returns the key, if any, or null
  */
  public async getSessionBackupPrivateKey(): Promise<Uint8Array | null> {
- const encodedKey = await new Promise<Uint8Array | IEncryptedPayload | string | null>((resolve) => {
+ const encodedKey = await new Promise<Uint8Array | SecretEncryptedPayload | string | null>((resolve) => {
  this.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
  this.cryptoStore.getSecretStorePrivateKey(txn, resolve, "m.megolm_backup.v1");
  });

diff --git a/src/crypto/store/base.ts b/src/crypto/store/base.ts
@@ -25,8 +25,8 @@ import { Logger } from "../../logger.ts";
 import { InboundGroupSessionData } from "../OlmDevice.ts";
 import { MatrixEvent } from "../../models/event.ts";
 import { DehydrationManager } from "../dehydration.ts";
-import { IEncryptedPayload } from "../aes.ts";
 import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
+import { SecretEncryptedPayload } from "../../utils/@types/SecretEncryptedPayload.ts";
 
 /**
  * Internal module. Definitions for storage for the crypto module
@@ -35,11 +35,11 @@ import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
 export interface SecretStorePrivateKeys {
  "dehydration": {
  keyInfo: DehydrationManager["keyInfo"];
- key: IEncryptedPayload;
+ key: SecretEncryptedPayload;
  deviceDisplayName: string;
  time: number;
  } | null;
- "m.megolm_backup.v1": IEncryptedPayload;
+ "m.megolm_backup.v1": SecretEncryptedPayload;
 }
 
 /**

diff --git a/src/rust-crypto/backup.ts b/src/rust-crypto/backup.ts
@@ -33,10 +33,10 @@ import { encodeUri, logDuration } from "../utils.ts";
 import { OutgoingRequestProcessor } from "./OutgoingRequestProcessor.ts";
 import { sleep } from "../utils.ts";
 import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
-import { IEncryptedPayload } from "../crypto/aes.ts";
 import { ImportRoomKeyProgressData, ImportRoomKeysOpts } from "../crypto-api/index.ts";
 import { IKeyBackupInfo } from "../crypto/keybackup.ts";
 import { IKeyBackup } from "../crypto/backup.ts";
+import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";
 
 /** Authentification of the backup info, depends on algorithm */
 type AuthData = KeyBackupInfo["auth_data"];
@@ -622,7 +622,7 @@ export class RustBackupDecryptor implements BackupDecryptor {
  * Implements {@link BackupDecryptor#decryptSessions}
  */
  public async decryptSessions(
- ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | IEncryptedPayload>>,
+ ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | SecretEncryptedPayload>>,
  ): Promise<IMegolmSessionData[]> {
  const keys: IMegolmSessionData[] = [];
  for (const [sessionId, sessionData] of Object.entries(ciphertexts)) {

diff --git a/src/rust-crypto/libolm_migration.ts b/src/rust-crypto/libolm_migration.ts
@@ -19,7 +19,6 @@ import * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";
 import { Logger } from "../logger.ts";
 import { CryptoStore, MigrationState, SecretStorePrivateKeys } from "../crypto/store/base.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, IEncryptedPayload } from "../crypto/aes.ts";
 import { IHttpOpts, MatrixHttpApi } from "../http-api/index.ts";
 import { requestKeyBackupVersion } from "./backup.ts";
 import { IRoomEncryption } from "../crypto/RoomList.ts";
@@ -28,6 +27,8 @@ import { RustCrypto } from "./rust-crypto.ts";
 import { KeyBackupInfo } from "../crypto-api/keybackup.ts";
 import { sleep } from "../utils.ts";
 import { encodeBase64 } from "../base64.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { SecretEncryptedPayload } from "../utils/@types/SecretEncryptedPayload.ts";
 
 /**
  * Determine if any data needs migrating from the legacy store, and do so.
@@ -421,7 +422,7 @@ async function getAndDecryptCachedSecretKey(
  });
 
  if (key && key.ciphertext && key.iv && key.mac) {
- return await decryptAES(key as IEncryptedPayload, legacyPickleKey, name);
+ return await decryptAES(key as SecretEncryptedPayload, legacyPickleKey, name);
  } else if (key instanceof Uint8Array) {
  // This is a legacy backward compatibility case where the key was stored in clear.
  return encodeBase64(key);

diff --git a/src/secret-storage.ts b/src/secret-storage.ts
@@ -23,9 +23,12 @@ limitations under the License.
 import { TypedEventEmitter } from "./models/typed-event-emitter.ts";
 import { ClientEvent, ClientEventHandlerMap } from "./client.ts";
 import { MatrixEvent } from "./models/event.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./crypto/aes.ts";
 import { randomString } from "./randomstring.ts";
 import { logger } from "./logger.ts";
+import { calculateKeyCheck } from "./utils/calculateKeyCheck.ts";
+import { encryptAES } from "./utils/encryptAES.ts";
+import { decryptAES } from "./utils/decryptAES.ts";
+import { SecretEncryptedPayload } from "./utils/@types/SecretEncryptedPayload.ts";
 
 export const SECRET_STORAGE_ALGORITHM_V1_AES = "m.secret_storage.v1.aes-hmac-sha2";
 
@@ -200,13 +203,13 @@ export interface SecretStorageCallbacks {
 
 interface SecretInfo {
  encrypted: {
- [keyId: string]: IEncryptedPayload;
+ [keyId: string]: SecretEncryptedPayload;
  };
 }
 
 interface Decryptors {
- encrypt: (plaintext: string) => Promise<IEncryptedPayload>;
- decrypt: (ciphertext: IEncryptedPayload) => Promise<string>;
+ encrypt: (plaintext: string) => Promise<SecretEncryptedPayload>;
+ decrypt: (ciphertext: SecretEncryptedPayload) => Promise<string>;
 }
 
 /**
@@ -491,7 +494,7 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
  * @param keys - The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key.
  */
  public async store(name: string, secret: string, keys?: string[] | null): Promise<void> {
- const encrypted: Record<string, IEncryptedPayload> = {};
+ const encrypted: Record<string, SecretEncryptedPayload> = {};
 
  if (!keys) {
  const defaultKeyId = await this.getDefaultKeyId();
@@ -638,10 +641,10 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
 
  if (keys[keyId].algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
  const decryption = {
- encrypt: function (secret: string): Promise<IEncryptedPayload> {
+ encrypt: function (secret: string): Promise<SecretEncryptedPayload> {
  return encryptAES(secret, privateKey, name);
  },
- decrypt: function (encInfo: IEncryptedPayload): Promise<string> {
+ decrypt: function (encInfo: SecretEncryptedPayload): Promise<string> {
  return decryptAES(encInfo, privateKey, name);
  },
  };