Bruno Windels
8e6bd6a7a1
add missing room ids to identities for tracked rooms & clear outbound session
2021-08-27 19:39:24 +02:00
Bruno Windels
f16c08f13e
remove room from all user identities when leaving
...
and delete identity as well as all device identities if no rooms left
2021-05-06 15:24:52 +02:00
Bruno Windels
a12f10dc3c
make type explicit
2021-05-06 15:23:33 +02:00
Bruno Windels
e17fb24bd8
also await sharing the key in encrypt
2021-04-09 10:37:55 +02:00
Bruno Windels
13f20cdd26
wait for running key share operation in encrypt
2021-04-09 10:37:43 +02:00
Bruno Windels
d88720a18f
don't start key backup operation if not enabled
2021-03-15 16:54:43 +01:00
Bruno Windels
8684d6b5e5
some fixes
2021-03-15 15:23:35 +01:00
Bruno Windels
fcc06b2754
WIP to add logging to decryption and fetching key backups
2021-03-15 14:39:42 +01:00
Bruno Windels
f2dc7728a5
notifyRoomKey was a better name
2021-03-15 14:36:38 +01:00
Bruno Windels
96f060c0a9
also retry decryption for backfilled entries
...
as their event ids won't be stored along the missing key (we only store
synced items so we don't fill up the missing event ids in the store
with undecryptable backfilled event ids)
2021-03-15 14:33:14 +01:00
Bruno Windels
4b62e0a2ce
extract retry event ids for key before overwriting key on key backup
2021-03-15 13:38:27 +01:00
Bruno Windels
8cd6a7988a
on fill server OTKs up to max/2
...
so we don't remove keys for yet to be received
olm messages that claimed a key
2021-03-09 12:33:31 +01:00
Bruno Windels
30b056af1c
let devices know we can't claim their OTKs
2021-03-08 16:19:46 +01:00
Bruno Windels
30525cf391
oops, missing await to store new olm sessions!
2021-03-08 16:19:28 +01:00
Bruno Windels
4e0bd16a4e
reuse LRU Cache for session cache
2021-03-05 17:01:38 +01:00
Bruno Windels
5682e715e6
prevent multiple checks if a new room key is better
2021-03-05 10:07:48 +01:00
Bruno Windels
e0d14207ac
make opening a txn async again
...
as we'll need to await a bogus request first thing after opening the txn
funny enough, we originally made it sync to accommodate the same bug
in safari, but that didn't prevent any microtask being awaited
before scheduling a request in the calling code closing the txn.
We'll await a bogus request within the transaction class now so it
doesn't depend on the calling code
2021-03-04 19:47:02 +01:00
Bruno Windels
4445b1ee01
store key share operations before tracking the room
2021-03-03 18:56:16 +01:00
Bruno Windels
e7598b9c76
only request key backup for events that are UTD
2021-03-03 14:03:50 +01:00
Bruno Windels
30481a5a9e
add logging to key sharing and discarding in reaction to member changes
2021-03-03 14:03:50 +01:00
Bruno Windels
f3c49e51f2
add, don't replace timeline retry entries
...
also, filter out any that have been decrypted already
2021-03-03 14:03:50 +01:00
Bruno Windels
56db210763
attempt at fixing https://github.com/vector-im/hydrogen-web/issues/245
2021-03-03 14:03:50 +01:00
Bruno Windels
e29bc6710a
bring back missing import
2021-03-03 14:03:50 +01:00
Bruno Windels
c6db23bcfb
WIP to store missing session event ids
2021-03-03 14:03:50 +01:00
Bruno Windels
3fa2d22015
remove isTimelineOpen flag and rather do the check to verify in Room
...
flags are ugly, let's avoid them where we can
2021-03-03 14:03:50 +01:00
Bruno Windels
8d080163b3
reattempt decryption for timeline items
2021-03-02 19:39:04 +01:00
Bruno Windels
8a39c16a38
fix name conflict with _sessionInfo in parent class
2021-03-02 19:39:04 +01:00
Bruno Windels
a536ea7742
comment to explain replay attack better
2021-03-02 19:39:04 +01:00
Bruno Windels
a33200d926
fix sender key lookup for room key coming from olm
2021-03-02 19:39:04 +01:00
Bruno Windels
fb446167f6
make new sync room keys available during decryption of same sync
2021-03-02 19:39:04 +01:00
Bruno Windels
dd38fc13d7
log sending messages
2021-02-23 19:22:59 +01:00
Bruno Windels
57bb75e864
log login & loading a session
2021-02-23 19:22:25 +01:00
Bruno Windels
c5c0a181ff
move check for devicelists up in Session.writeSync, and more logging
2021-02-18 19:56:10 +01:00
Bruno Windels
cd68bb7b3f
log when devices get marked as outdated
2021-02-18 14:00:06 +01:00
Bruno Windels
9f9de0988e
don't log here yet as the logger isn't passed from createIdentity yet
2021-02-18 12:44:19 +01:00
Bruno Windels
f321968ac3
add more sync logging
2021-02-18 12:44:19 +01:00
Bruno Windels
d39c3812b2
Merge pull request #231 from vector-im/bwindels/logs
...
Structured logging
2021-02-17 10:19:46 +00:00
Bruno Windels
bbab1e9ecc
move base64/58 encoding into platform
...
fixes https://github.com/vector-im/hydrogen-web/issues/99
2021-02-12 16:01:54 +01:00
Bruno Windels
e515548037
add some comments while debugging a problem
2021-02-11 21:08:06 +01:00
Bruno Windels
262cc8936e
don't leak mimetype for encrypted attachments
2020-11-13 19:10:04 +01:00
Bruno Windels
366f3c0bba
iv and digest are sent in unpadded base64
2020-11-11 11:50:20 +01:00
Bruno Windels
e9324ad678
support jwk keys to encrypt
2020-11-11 11:47:39 +01:00
Bruno Windels
c289bcd097
return blob from encryptAttachment
2020-11-11 10:46:37 +01:00
Bruno Windels
2cfffa015d
WIP
2020-11-10 22:36:26 +01:00
Bruno Windels
f5480b7708
provide random value for IE11
2020-11-10 18:31:18 +01:00
Bruno Windels
ba323c65d6
fix typo in name
2020-11-10 18:30:48 +01:00
Bruno Windels
de143fdafc
update timestamp when creating a new megolm session
2020-11-10 16:17:56 +01:00
Bruno Windels
769feac73c
cleanup
2020-11-10 14:02:27 +01:00
Bruno Windels
5f6ad91ff2
offload creating an olm session to the olm worker
...
so IE11 doesn't lock up when you start typing
2020-11-10 11:04:09 +01:00
Bruno Windels
bd5771e449
remove obsolete comment
2020-11-09 17:22:37 +01:00
Bruno Windels
6572377832
move tracking the room to where we need the devices
2020-11-09 16:50:39 +01:00
Bruno Windels
9cfb3c8e95
only check to pre-share new megolm session every minute
2020-11-09 16:50:05 +01:00
Bruno Windels
44a2febce9
hook it up
2020-11-06 23:43:02 +01:00
Bruno Windels
c6ff4c2517
finish room encryption part
2020-11-06 18:56:32 +01:00
Bruno Windels
d0d1f68a9c
WIP
2020-11-06 16:56:12 +01:00
Bruno Windels
5d12aef6db
support pre-sharing room keys in room encryption
2020-11-06 10:32:37 +01:00
Bruno Windels
3ed5ea8b0b
Merge branch 'master' into bwindels/decrypt-images
2020-10-26 17:08:29 +01:00
Bruno Windels
6a468a0883
decrypt attachment code
2020-10-23 17:45:15 +02:00
Bruno Windels
6f82d81f39
better session backup ui
2020-10-19 18:29:13 +02:00
Bruno Windels
8122d76e73
Merge branch 'master' into bwindels/url-routing
2020-10-14 12:45:49 +02:00
Bruno Windels
b00db1af3e
only keep 20 outbound olm sessions in memory at once to prevent OOM
2020-10-14 12:44:27 +02:00
Bruno Windels
07701117cd
reduce megolm sync cache size to 1 session
...
as this is kept around for every e2ee room, and we only have
limited olm memory
2020-10-14 12:43:35 +02:00
Bruno Windels
b29b776e9f
fix olm session cache being leaked when closing session
2020-10-14 11:25:49 +02:00
Bruno Windels
c8e4dbc1b3
this should be a map
2020-10-05 17:06:29 +02:00
Bruno Windels
ee4c132fb4
add todo
2020-09-28 16:06:41 +02:00
Bruno Windels
76381fbca1
open storage transactions synchronously
...
this (almost) makes it work in some browsers that otherwise
have throw a TransactionInactiveError on the first operation
you try to do on a store.
2020-09-28 16:06:41 +02:00
Bruno Windels
134b04c782
make flushing room key shares reentrant
...
as it can be called from Room.start while still running.
2020-09-25 10:45:00 +02:00
Bruno Windels
4d616ce281
add todo for future optimisation
2020-09-24 10:35:09 +02:00
Bruno Windels
d53b5eefb3
fill in the blanks
2020-09-23 17:59:42 +02:00
Bruno Windels
9d41e122a0
draft of falling back to reading entries since last decrypted event key
...
this change notifyRoomKey(s) to only take one room key at a time
to simplify things
2020-09-23 17:34:25 +02:00
Bruno Windels
6cd227b82d
only prompt after waiting 10s for sync UTD
2020-09-22 09:30:25 +02:00
Bruno Windels
e6a46874c4
wrap olm error for creating session in DecryptionError
...
so we can relate it back to the event that caused it
2020-09-21 17:58:13 +02:00
Bruno Windels
015c6b1c70
interpret unreported signed_curve25519 as 0 OTKs
2020-09-21 17:56:23 +02:00
Bruno Windels
da780d0aa2
delay backup 10s if missing session event came from sync
2020-09-18 13:11:02 +02:00
Bruno Windels
3aead4eae2
createEnum does not take an array
2020-09-18 13:08:35 +02:00
Bruno Windels
ed913ca24b
add dispose to room encryption
2020-09-18 13:08:18 +02:00
Bruno Windels
494c5cbcf0
notify UI when we need session backup
2020-09-17 18:00:00 +02:00
Bruno Windels
1b8e481559
keys from backup need to be imported with import_session, not create
2020-09-17 17:59:02 +02:00
Bruno Windels
915925d6ee
don't throw when trying to restore session from backup, check sender key
2020-09-17 17:57:52 +02:00
Bruno Windels
5752cca69c
go back to bs58 and use other base64 decoder
...
as base-x isn't meant for base64
2020-09-17 17:56:05 +02:00
Bruno Windels
9d622434fb
integrate session backup with session class
2020-09-17 15:58:46 +02:00
Bruno Windels
c9d8d40242
move ssss out of e2ee dir as not really e2ee related
2020-09-17 15:17:00 +02:00
Bruno Windels
33aa475e18
add function to create key from either passphrase or recovery key
2020-09-17 15:16:01 +02:00
Bruno Windels
092547bfc8
renaming
2020-09-17 14:20:36 +02:00
Bruno Windels
17fc249fa8
integrate session backup with room encryption and megolm decryption
2020-09-17 14:20:15 +02:00
Bruno Windels
3941af93d2
more impl of SessionBackup
2020-09-17 14:19:57 +02:00
Bruno Windels
fff8308259
first draft of SessionBackup
2020-09-17 12:34:39 +02:00
Bruno Windels
b7401a148c
some ssss cleanup
2020-09-17 12:33:57 +02:00
Bruno Windels
8204e942d9
first draft of reading a ssss secret
2020-09-17 11:39:40 +02:00
Bruno Windels
c44ab3e55e
derive ssss key from recovery key
2020-09-17 11:39:25 +02:00
Bruno Windels
7c4c266fe0
derive ssss key from passphrase
2020-09-17 11:39:07 +02:00
Bruno Windels
45c62eb0e5
common types and storage for ssss
2020-09-17 11:38:53 +02:00
Bruno Windels
12262f2824
actually use correct method to get all device ids for a user
2020-09-14 18:31:54 +02:00
Bruno Windels
3325f12092
remove devices not present in /keys/query response
2020-09-14 15:47:00 +02:00
Bruno Windels
a2f8731a23
Keep room key with earliest index
2020-09-14 15:47:00 +02:00
Bruno Windels
ab1fe711ad
implement room key sharing with operations store
2020-09-11 14:41:12 +02:00
Bruno Windels
bba53b3477
dont store duplicated key values for replay detection
2020-09-11 12:08:06 +02:00
Bruno Windels
e0d9d703b7
offload olm account creation in worker
2020-09-11 10:43:17 +02:00
Bruno Windels
78fecd003a
cleanup
2020-09-10 18:57:29 +02:00
Bruno Windels
af36c71a59
load worker in main and pass paths so it works both on compiled and non-compiled
2020-09-10 18:41:23 +02:00
Bruno Windels
de1cc0d739
abort decrypt requests when changing room
2020-09-10 17:43:01 +02:00
Bruno Windels
0bf1723d99
Worker WIP
2020-09-10 15:40:30 +01:00
Bruno Windels
fdbc5f3c1d
WIP worker work
2020-09-10 13:00:11 +02:00
Bruno Windels
94b0cfbd72
add prepareSync and afterPrepareSync steps to sync, run decryption in it
2020-09-10 12:11:43 +02:00
Bruno Windels
1c77c3b876
expose multi-step decryption from RoomEncryption, adjust room timeline
...
sync code hasn't been adjusted yet
2020-09-10 12:11:25 +02:00
Bruno Windels
7c1f9dbed0
split up megolm decryption so it can happen in multiple steps,see README
2020-09-10 12:05:53 +02:00
Bruno Windels
1f9d6191c2
this happens often when room is not tracked yet, so don't log
2020-09-08 18:32:51 +02:00
Bruno Windels
0ed2d14887
log OTK claim failures
2020-09-08 18:32:12 +02:00
Bruno Windels
4ca5ff9b9f
only load 50 olm sessions at once
2020-09-08 18:30:06 +02:00
Bruno Windels
10b5614fd9
m.dummy events don't have content
2020-09-08 18:27:49 +02:00
Bruno Windels
9a7abb1899
make logic more explicit
2020-09-08 18:27:35 +02:00
Bruno Windels
36a8ec0110
dont attempt to decrypt redacted events
...
this will show them as undecryptable for now though
2020-09-08 17:16:01 +02:00
Bruno Windels
773cb3420f
ignore duplicate curve25519 keys in /keys/query response
2020-09-08 17:14:23 +02:00
Bruno Windels
b653022a5a
do store our own device, otherwise need special case verifying own msgs
2020-09-08 15:25:36 +02:00
Bruno Windels
31d4b6f75d
send room keys to newly joined members in afterSyncCompleted stage
2020-09-08 14:38:27 +02:00
Bruno Windels
52c3c7c03d
support sending out room key in room encryption for newly joined members
2020-09-08 14:36:50 +02:00
Bruno Windels
7b35a3c46c
memberChanges is a map, not array
2020-09-08 14:23:38 +02:00
Bruno Windels
d184be2d22
rotate outbound megolm session when somebody leaves the room
2020-09-08 11:09:09 +02:00
Bruno Windels
2c5c3ac8e2
formatting
2020-09-08 10:53:02 +02:00
Bruno Windels
2b59c8bb7c
store ed25519 key from olm event rather than one in m.room_key payload
...
that's the docs/js-sdk do it, even though it probably
doesn't matter much as we verify the key anyway
2020-09-08 10:52:02 +02:00
Bruno Windels
40ed66dc5e
document return type
2020-09-08 10:51:45 +02:00
Bruno Windels
3e100ff5ec
ensure /keys/query devices have the keys we need
2020-09-08 10:51:01 +02:00
Bruno Windels
c32ac2c764
use decryption result to show message verification status in timeline
2020-09-08 10:50:39 +02:00
Bruno Windels
9137d5dcbb
make decryption algorithms return DecryptionResult
...
which contains curve25519 key and claimed ed25519 key as well as payload
2020-09-08 10:48:11 +02:00
Bruno Windels
fbb534fa16
add todo
2020-09-04 16:46:13 +02:00
Bruno Windels
9b771120e4
actually accept megolm decryption dep
2020-09-04 16:27:14 +02:00
Bruno Windels
dc0576f2db
cleanup
2020-09-04 15:31:45 +02:00
Bruno Windels
62bcb27784
implement decryption retrying and decrypting of gap/load entries
...
turns out we do have to always check for replay attacks because
failing to decrypt doesn't prevent an item from being stored,
so if you reload and then load you might be decrypting it
for the first time
2020-09-04 15:29:58 +02:00
Bruno Windels
565fdb0f8c
use proper error codes
2020-09-04 12:10:36 +02:00
Bruno Windels
28b46a1e5b
add some comments
2020-09-04 12:10:28 +02:00
Bruno Windels
fe9245dd04
first draft of retrying decryption when receiving room keys
2020-09-04 12:10:12 +02:00
Bruno Windels
502ba5deea
first draft of decryption in Room and RoomEncryption
2020-09-04 12:09:19 +02:00
Bruno Windels
fab58e8724
first draft of megolm decryption
2020-09-04 12:06:26 +02:00
Bruno Windels
80ede4f411
session will always be true here, we want to check sessionEntry
2020-09-04 12:05:58 +02:00
Bruno Windels
8ac80314c2
cleanup
2020-09-03 17:51:20 +02:00
Bruno Windels
c5c9505ce2
hookup megolm encryption in session
2020-09-03 17:50:28 +02:00
Bruno Windels
6bc30bb824
implement megolm encryption
2020-09-03 17:48:59 +02:00
Bruno Windels
5cafef96f5
add RoomEncryption to room
2020-09-03 15:36:17 +02:00
Bruno Windels
408ff3322d
content already exists here
2020-09-03 15:30:42 +02:00
Bruno Windels
620fc0d210
JSON stringify payload, olm_encrypt does not do objects
2020-09-03 15:30:18 +02:00
Bruno Windels
8676909a26
don't swallow errors!
2020-09-03 15:30:09 +02:00
Bruno Windels
a943467e71
await txns
2020-09-03 15:30:01 +02:00
Bruno Windels
71ba2dd714
name userId -> ownUserId as elsewhere
2020-09-03 15:29:35 +02:00
Bruno Windels
8d0d4570dd
fix import path
2020-09-03 15:29:09 +02:00
Bruno Windels
b2fffee037
give better error when olm plaintext is not json
2020-09-03 15:28:49 +02:00
Bruno Windels
1f8005cdfd
forgot to pass account
2020-09-03 15:28:38 +02:00
Bruno Windels
e22131bf57
don't store or return our own device
2020-09-03 15:28:20 +02:00
Bruno Windels
eda15e1141
forgot to remove this after extracting function
2020-09-03 15:27:40 +02:00
Bruno Windels
8d64fa54fe
using wrong method here
2020-09-03 15:27:00 +02:00
Bruno Windels
4f4808b94c
lock on senderKey while enc/decrypting olm sessions
2020-09-03 12:12:33 +02:00
Bruno Windels
1492b6b6f8
cleanup of olm encryption
2020-09-03 09:53:16 +02:00
Bruno Windels
e3daef5ca9
first draft of olm encryption
2020-09-02 17:58:01 +02:00
Bruno Windels
3cb46b38ff
extract olm/Session into own file
2020-09-02 17:38:46 +02:00
Bruno Windels
f1b78a5778
extract groupBy function from olm decryption into util
2020-09-02 17:38:25 +02:00
Bruno Windels
0545c1f0c5
extract verifying a signed object from the device tracker
2020-09-02 17:37:48 +02:00
Bruno Windels
bd64aaf029
create outbound olm session from account
...
also better error handling
2020-09-02 17:37:13 +02:00
Bruno Windels
1ab356cd9c
wrong store name
2020-09-02 14:53:50 +02:00
Bruno Windels
14cba7ec6e
need to pass in olm
2020-09-02 14:52:19 +02:00
Bruno Windels
6d3aa219fa
implement storing room keys
2020-09-02 14:24:38 +02:00
Bruno Windels
44e9f91d4c
to_device handler for encrypted messages
...
changes the api of the olm decryption to decrypt in batch
so we can isolate side-effects until we have a write-txn open
and we can parallelize the decryption of different sender keys.
2020-09-02 13:33:27 +02:00
Bruno Windels
5fee7fedc3
implement olm decryption algorithm
2020-09-01 17:59:39 +02:00
Bruno Windels
81a1573e3b
make a shared olm util for the whole session
2020-09-01 17:57:59 +02:00
Bruno Windels
d43cdfd889
don't crash when tracked user is not there
2020-08-31 16:06:40 +02:00
Bruno Windels
fef6586e5b
actually pass the room id
2020-08-31 16:06:31 +02:00
Bruno Windels
78c3157a5f
fix not taking into account Object.entries yields arrays for the pairs
2020-08-31 16:05:57 +02:00
Bruno Windels
561df45641
olm.Utility should be instanciated
2020-08-31 16:05:21 +02:00
Bruno Windels
0399562340
fix typo
2020-08-31 16:05:04 +02:00
Bruno Windels
4ef5d4b3b8
implement hsapi /keys/query method
2020-08-31 14:24:09 +02:00
Bruno Windels
8b358379e8
first draft of device tracker
...
mainly missing race protection with /sync and actually running the code
2020-08-31 14:12:12 +02:00
Bruno Windels
693682f360
move e2ee constants to common file
2020-08-28 14:35:47 +02:00
Bruno Windels
a1ba5d7dba
between syncs, generate more otks if needed, and upload them
2020-08-28 13:58:17 +02:00
Bruno Windels
681dfdf62b
sync otk count to e2ee account
2020-08-28 13:56:44 +02:00
Bruno Windels
d64db185bd
await callback in case we need to read, then write from it
2020-08-28 13:54:42 +02:00
Bruno Windels
3ab5a72221
give e2ee account values a prefix so we can prevent from clearing them
2020-08-28 13:52:27 +02:00
Bruno Windels
d24be7ee55
extract constants out
2020-08-28 13:51:58 +02:00
Bruno Windels
4c290f0394
upload identity and one-time keys
2020-08-27 19:13:24 +02:00
Bruno Windels
f98b3dd5fa
create/load olm account before first sync
2020-08-27 19:13:09 +02:00