UNPKG

matrix-js-sdk

Version:

Matrix Client-Server SDK for Javascript

github.com/matrix-org/matrix-js-sdk

1,397 lines (1,173 loc) • 56 kB

JavaScript

/* Copyright 2016 OpenMarket Ltd Copyright 2017 Vector Creations Ltd Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ "use strict"; /** * @module crypto */ var _classCallCheck2 = require('babel-runtime/helpers/classCallCheck'); var _classCallCheck3 = _interopRequireDefault(_classCallCheck2); var _stringify = require('babel-runtime/core-js/json/stringify'); var _stringify2 = _interopRequireDefault(_stringify); var _bluebird = require('bluebird'); var _bluebird2 = _interopRequireDefault(_bluebird); var _regenerator = require('babel-runtime/regenerator'); var _regenerator2 = _interopRequireDefault(_regenerator); // returns a promise which resolves to the response var _uploadOneTimeKeys = function () { var _ref2 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee2(crypto) { var oneTimeKeys, oneTimeJson, promises, keyId, k, res; return _regenerator2.default.wrap(function _callee2$(_context2) { while (1) { switch (_context2.prev = _context2.next) { case 0: _context2.next = 2; return (0, _bluebird.resolve)(crypto._olmDevice.getOneTimeKeys()); case 2: oneTimeKeys = _context2.sent; oneTimeJson = {}; promises = []; for (keyId in oneTimeKeys.curve25519) { if (oneTimeKeys.curve25519.hasOwnProperty(keyId)) { k = { key: oneTimeKeys.curve25519[keyId] }; oneTimeJson["signed_curve25519:" + keyId] = k; promises.push(crypto._signObject(k)); } } _context2.next = 8; return (0, _bluebird.resolve)(_bluebird2.default.all(promises)); case 8: _context2.next = 10; return (0, _bluebird.resolve)(crypto._baseApis.uploadKeysRequest({ one_time_keys: oneTimeJson }, { // for now, we set the device id explicitly, as we may not be using the // same one as used in login. device_id: crypto._deviceId })); case 10: res = _context2.sent; _context2.next = 13; return (0, _bluebird.resolve)(crypto._olmDevice.markKeysAsPublished()); case 13: return _context2.abrupt('return', res); case 14: case 'end': return _context2.stop(); } } }, _callee2, this); })); return function _uploadOneTimeKeys(_x) { return _ref2.apply(this, arguments); }; }(); /** * Download the keys for a list of users and stores the keys in the session * store. * @param {Array} userIds The users to fetch. * @param {bool} forceDownload Always download the keys even if cached. * * @return {Promise} A promise which resolves to a map userId->deviceId->{@link * module:crypto/deviceinfo|DeviceInfo}. */ var _events = require('events'); var _OutgoingRoomKeyRequestManager = require('./OutgoingRoomKeyRequestManager'); var _OutgoingRoomKeyRequestManager2 = _interopRequireDefault(_OutgoingRoomKeyRequestManager); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } var anotherjson = require('another-json'); var utils = require("../utils"); var OlmDevice = require("./OlmDevice"); var olmlib = require("./olmlib"); var algorithms = require("./algorithms"); var DeviceInfo = require("./deviceinfo"); var DeviceVerification = DeviceInfo.DeviceVerification; var DeviceList = require('./DeviceList').default; /** * Cryptography bits * * This module is internal to the js-sdk; the public API is via MatrixClient. * * @constructor * @alias module:crypto * * @internal * * @param {module:base-apis~MatrixBaseApis} baseApis base matrix api interface * * @param {module:store/session/webstorage~WebStorageSessionStore} sessionStore * Store to be used for end-to-end crypto session data * * @param {string} userId The user ID for the local user * * @param {string} deviceId The identifier for this device. * * @param {Object} clientStore the MatrixClient data store. * * @param {module:crypto/store/base~CryptoStore} cryptoStore * storage for the crypto layer. */ function Crypto(baseApis, sessionStore, userId, deviceId, clientStore, cryptoStore) { this._baseApis = baseApis; this._sessionStore = sessionStore; this._userId = userId; this._deviceId = deviceId; this._clientStore = clientStore; this._cryptoStore = cryptoStore; this._olmDevice = new OlmDevice(sessionStore); this._deviceList = new DeviceList(baseApis, sessionStore, this._olmDevice); // the last time we did a check for the number of one-time-keys on the // server. this._lastOneTimeKeyCheck = null; this._oneTimeKeyCheckInProgress = false; // EncryptionAlgorithm instance for each room this._roomEncryptors = {}; // map from algorithm to DecryptionAlgorithm instance, for each room this._roomDecryptors = {}; this._supportedAlgorithms = utils.keys(algorithms.DECRYPTION_CLASSES); this._deviceKeys = {}; this._globalBlacklistUnverifiedDevices = false; this._outgoingRoomKeyRequestManager = new _OutgoingRoomKeyRequestManager2.default(baseApis, this._deviceId, this._cryptoStore); // list of IncomingRoomKeyRequests/IncomingRoomKeyRequestCancellations // we received in the current sync. this._receivedRoomKeyRequests = []; this._receivedRoomKeyRequestCancellations = []; // true if we are currently processing received room key requests this._processingRoomKeyRequests = false; } utils.inherits(Crypto, _events.EventEmitter); /** * Initialise the crypto module so that it is ready for use * * Returns a promise which resolves once the crypto module is ready for use. */ Crypto.prototype.init = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee() { var myDevices, deviceInfo; return _regenerator2.default.wrap(function _callee$(_context) { while (1) { switch (_context.prev = _context.next) { case 0: _context.next = 2; return (0, _bluebird.resolve)(this._olmDevice.init()); case 2: // build our device keys: these will later be uploaded this._deviceKeys["ed25519:" + this._deviceId] = this._olmDevice.deviceEd25519Key; this._deviceKeys["curve25519:" + this._deviceId] = this._olmDevice.deviceCurve25519Key; myDevices = this._sessionStore.getEndToEndDevicesForUser(this._userId); if (!myDevices) { myDevices = {}; } if (!myDevices[this._deviceId]) { // add our own deviceinfo to the sessionstore deviceInfo = { keys: this._deviceKeys, algorithms: this._supportedAlgorithms, verified: DeviceVerification.VERIFIED, known: true }; myDevices[this._deviceId] = deviceInfo; this._sessionStore.storeEndToEndDevicesForUser(this._userId, myDevices); } case 7: case 'end': return _context.stop(); } } }, _callee, this); })); /** * Tell the crypto module to register for MatrixClient events which it needs to * listen for * * @param {external:EventEmitter} eventEmitter event source where we can register * for event notifications */ Crypto.prototype.registerEventHandlers = function (eventEmitter) { var crypto = this; eventEmitter.on("RoomMember.membership", function (event, member, oldMembership) { try { crypto._onRoomMembership(event, member, oldMembership); } catch (e) { console.error("Error handling membership change:", e); } }); eventEmitter.on("toDeviceEvent", function (event) { crypto._onToDeviceEvent(event); }); }; /** Start background processes related to crypto */ Crypto.prototype.start = function () { this._outgoingRoomKeyRequestManager.start(); }; /** Stop background processes related to crypto */ Crypto.prototype.stop = function () { this._outgoingRoomKeyRequestManager.stop(); }; /** * @return {string} The version of Olm. */ Crypto.getOlmVersion = function () { return OlmDevice.getOlmVersion(); }; /** * Get the Ed25519 key for this device * * @return {string} base64-encoded ed25519 key. */ Crypto.prototype.getDeviceEd25519Key = function () { return this._olmDevice.deviceEd25519Key; }; /** * Set the global override for whether the client should ever send encrypted * messages to unverified devices. If false, it can still be overridden * per-room. If true, it overrides the per-room settings. * * @param {boolean} value whether to unilaterally blacklist all * unverified devices */ Crypto.prototype.setGlobalBlacklistUnverifiedDevices = function (value) { this._globalBlacklistUnverifiedDevices = value; }; /** * @return {boolean} whether to unilaterally blacklist all unverified devices */ Crypto.prototype.getGlobalBlacklistUnverifiedDevices = function () { return this._globalBlacklistUnverifiedDevices; }; /** * Upload the device keys to the homeserver. * @return {object} A promise that will resolve when the keys are uploaded. */ Crypto.prototype.uploadDeviceKeys = function () { var crypto = this; var userId = crypto._userId; var deviceId = crypto._deviceId; var deviceKeys = { algorithms: crypto._supportedAlgorithms, device_id: deviceId, keys: crypto._deviceKeys, user_id: userId }; return crypto._signObject(deviceKeys).then(function () { crypto._baseApis.uploadKeysRequest({ device_keys: deviceKeys }, { // for now, we set the device id explicitly, as we may not be using the // same one as used in login. device_id: deviceId }); }); }; /** * Stores the current one_time_key count which will be handled later (in a call of * onSyncCompleted). The count is e.g. coming from a /sync response. * * @param {Number} currentCount The current count of one_time_keys to be stored */ Crypto.prototype.updateOneTimeKeyCount = function (currentCount) { if (isFinite(currentCount)) { this._oneTimeKeyCount = currentCount; } else { throw new TypeError("Parameter for updateOneTimeKeyCount has to be a number"); } }; // check if it's time to upload one-time keys, and do so if so. function _maybeUploadOneTimeKeys(crypto) { // frequency with which to check & upload one-time keys var uploadPeriod = 1000 * 60; // one minute // max number of keys to upload at once // Creating keys can be an expensive operation so we limit the // number we generate in one go to avoid blocking the application // for too long. var maxKeysPerCycle = 5; if (crypto._oneTimeKeyCheckInProgress) { return; } var now = Date.now(); if (crypto._lastOneTimeKeyCheck !== null && now - crypto._lastOneTimeKeyCheck < uploadPeriod) { // we've done a key upload recently. return; } crypto._lastOneTimeKeyCheck = now; // We need to keep a pool of one time public keys on the server so that // other devices can start conversations with us. But we can only store // a finite number of private keys in the olm Account object. // To complicate things further then can be a delay between a device // claiming a public one time key from the server and it sending us a // message. We need to keep the corresponding private key locally until // we receive the message. // But that message might never arrive leaving us stuck with duff // private keys clogging up our local storage. // So we need some kind of enginering compromise to balance all of // these factors. // Check how many keys we can store in the Account object. var maxOneTimeKeys = crypto._olmDevice.maxNumberOfOneTimeKeys(); // Try to keep at most half that number on the server. This leaves the // rest of the slots free to hold keys that have been claimed from the // server but we haven't recevied a message for. // If we run out of slots when generating new keys then olm will // discard the oldest private keys first. This will eventually clean // out stale private keys that won't receive a message. var keyLimit = Math.floor(maxOneTimeKeys / 2); function uploadLoop(keyCount) { if (keyLimit <= keyCount) { // If we don't need to generate any more keys then we are done. return _bluebird2.default.resolve(); } var keysThisLoop = Math.min(keyLimit - keyCount, maxKeysPerCycle); // Ask olm to generate new one time keys, then upload them to synapse. return crypto._olmDevice.generateOneTimeKeys(keysThisLoop).then(function () { return _uploadOneTimeKeys(crypto); }).then(function (res) { if (res.one_time_key_counts && res.one_time_key_counts.signed_curve25519) { // if the response contains a more up to date value use this // for the next loop return uploadLoop(res.one_time_key_counts.signed_curve25519); } else { throw new Error("response for uploading keys does not contain " + "one_time_key_counts.signed_curve25519"); } }); } crypto._oneTimeKeyCheckInProgress = true; _bluebird2.default.resolve().then(function () { if (crypto._oneTimeKeyCount !== undefined) { // We already have the current one_time_key count from a /sync response. // Use this value instead of asking the server for the current key count. return _bluebird2.default.resolve(crypto._oneTimeKeyCount); } // ask the server how many keys we have return crypto._baseApis.uploadKeysRequest({}, { device_id: crypto._deviceId }).then(function (res) { return res.one_time_key_counts.signed_curve25519 || 0; }); }).then(function (keyCount) { // Start the uploadLoop with the current keyCount. The function checks if // we need to upload new keys or not. // If there are too many keys on the server then we don't need to // create any more keys. return uploadLoop(keyCount); }).catch(function (e) { console.error("Error uploading one-time keys", e.stack || e); }).finally(function () { // reset _oneTimeKeyCount to prevent start uploading based on old data. // it will be set again on the next /sync-response crypto._oneTimeKeyCount = undefined; crypto._oneTimeKeyCheckInProgress = false; }).done(); }Crypto.prototype.downloadKeys = function (userIds, forceDownload) { return this._deviceList.downloadKeys(userIds, forceDownload); }; /** * Get the stored device keys for a user id * * @param {string} userId the user to list keys for. * * @return {module:crypto/deviceinfo[]|null} list of devices, or null if we haven't * managed to get a list of devices for this user yet. */ Crypto.prototype.getStoredDevicesForUser = function (userId) { return this._deviceList.getStoredDevicesForUser(userId); }; /** * Get the stored keys for a single device * * @param {string} userId * @param {string} deviceId * * @return {module:crypto/deviceinfo?} device, or undefined * if we don't know about this device */ Crypto.prototype.getStoredDevice = function (userId, deviceId) { return this._deviceList.getStoredDevice(userId, deviceId); }; /** * Update the blocked/verified state of the given device * * @param {string} userId owner of the device * @param {string} deviceId unique identifier for the device * * @param {?boolean} verified whether to mark the device as verified. Null to * leave unchanged. * * @param {?boolean} blocked whether to mark the device as blocked. Null to * leave unchanged. * * @param {?boolean} known whether to mark that the user has been made aware of * the existence of this device. Null to leave unchanged * * @return {Promise<module:crypto/deviceinfo>} updated DeviceInfo */ Crypto.prototype.setDeviceVerification = function () { var _ref3 = (0, _bluebird.method)(function (userId, deviceId, verified, blocked, known) { var devices = this._sessionStore.getEndToEndDevicesForUser(userId); if (!devices || !devices[deviceId]) { throw new Error("Unknown device " + userId + ":" + deviceId); } var dev = devices[deviceId]; var verificationStatus = dev.verified; if (verified) { verificationStatus = DeviceVerification.VERIFIED; } else if (verified !== null && verificationStatus == DeviceVerification.VERIFIED) { verificationStatus = DeviceVerification.UNVERIFIED; } if (blocked) { verificationStatus = DeviceVerification.BLOCKED; } else if (blocked !== null && verificationStatus == DeviceVerification.BLOCKED) { verificationStatus = DeviceVerification.UNVERIFIED; } var knownStatus = dev.known; if (known !== null && known !== undefined) { knownStatus = known; } if (dev.verified !== verificationStatus || dev.known !== knownStatus) { dev.verified = verificationStatus; dev.known = knownStatus; this._sessionStore.storeEndToEndDevicesForUser(userId, devices); } return DeviceInfo.fromStorage(dev, deviceId); }); return function (_x2, _x3, _x4, _x5, _x6) { return _ref3.apply(this, arguments); }; }(); /** * Get information on the active olm sessions with a user * <p> * Returns a map from device id to an object with keys 'deviceIdKey' (the * device's curve25519 identity key) and 'sessions' (an array of objects in the * same format as that returned by * {@link module:crypto/OlmDevice#getSessionInfoForDevice}). * <p> * This method is provided for debugging purposes. * * @param {string} userId id of user to inspect * * @return {Promise<Object.<string, {deviceIdKey: string, sessions: object[]}>>} */ Crypto.prototype.getOlmSessionsForUser = function () { var _ref4 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee3(userId) { var devices, result, j, device, deviceKey, sessions; return _regenerator2.default.wrap(function _callee3$(_context3) { while (1) { switch (_context3.prev = _context3.next) { case 0: devices = this.getStoredDevicesForUser(userId) || []; result = {}; j = 0; case 3: if (!(j < devices.length)) { _context3.next = 13; break; } device = devices[j]; deviceKey = device.getIdentityKey(); _context3.next = 8; return (0, _bluebird.resolve)(this._olmDevice.getSessionInfoForDevice(deviceKey)); case 8: sessions = _context3.sent; result[device.deviceId] = { deviceIdKey: deviceKey, sessions: sessions }; case 10: ++j; _context3.next = 3; break; case 13: return _context3.abrupt('return', result); case 14: case 'end': return _context3.stop(); } } }, _callee3, this); })); return function (_x7) { return _ref4.apply(this, arguments); }; }(); /** * Get the device which sent an event * * @param {module:models/event.MatrixEvent} event event to be checked * * @return {module:crypto/deviceinfo?} */ Crypto.prototype.getEventSenderDeviceInfo = function (event) { var senderKey = event.getSenderKey(); var algorithm = event.getWireContent().algorithm; if (!senderKey || !algorithm) { return null; } var forwardingChain = event.getForwardingCurve25519KeyChain(); if (forwardingChain.length > 0) { // we got this event from somewhere else // TODO: check if we can trust the forwarders. return null; } // senderKey is the Curve25519 identity key of the device which the event // was sent from. In the case of Megolm, it's actually the Curve25519 // identity key of the device which set up the Megolm session. var device = this._deviceList.getDeviceByIdentityKey(event.getSender(), algorithm, senderKey); if (device === null) { // we haven't downloaded the details of this device yet. return null; } // so far so good, but now we need to check that the sender of this event // hadn't advertised someone else's Curve25519 key as their own. We do that // by checking the Ed25519 claimed by the event (or, in the case of megolm, // the event which set up the megolm session), to check that it matches the // fingerprint of the purported sending device. // // (see https://github.com/vector-im/vector-web/issues/2215) var claimedKey = event.getClaimedEd25519Key(); if (!claimedKey) { console.warn("Event " + event.getId() + " claims no ed25519 key: " + "cannot verify sending device"); return null; } if (claimedKey !== device.getFingerprint()) { console.warn("Event " + event.getId() + " claims ed25519 key " + claimedKey + "but sender device has key " + device.getFingerprint()); return null; } return device; }; /** * Configure a room to use encryption (ie, save a flag in the sessionstore). * * @param {string} roomId The room ID to enable encryption in. * * @param {object} config The encryption config for the room. * * @param {boolean=} inhibitDeviceQuery true to suppress device list query for * users in the room (for now) */ Crypto.prototype.setRoomEncryption = function () { var _ref5 = (0, _bluebird.method)(function (roomId, config, inhibitDeviceQuery) { var _this = this; // if we already have encryption in this room, we should ignore this event // (for now at least. maybe we should alert the user somehow?) var existingConfig = this._sessionStore.getEndToEndRoom(roomId); if (existingConfig) { if ((0, _stringify2.default)(existingConfig) != (0, _stringify2.default)(config)) { console.error("Ignoring m.room.encryption event which requests " + "a change of config in " + roomId); return; } } var AlgClass = algorithms.ENCRYPTION_CLASSES[config.algorithm]; if (!AlgClass) { throw new Error("Unable to encrypt with " + config.algorithm); } this._sessionStore.storeEndToEndRoom(roomId, config); var alg = new AlgClass({ userId: this._userId, deviceId: this._deviceId, crypto: this, olmDevice: this._olmDevice, baseApis: this._baseApis, roomId: roomId, config: config }); this._roomEncryptors[roomId] = alg; // make sure we are tracking the device lists for all users in this room. console.log("Enabling encryption in " + roomId + "; " + "starting to track device lists for all users therein"); var room = this._clientStore.getRoom(roomId); if (!room) { throw new Error('Unable to enable encryption in unknown room ' + roomId); } var members = room.getJoinedMembers(); members.forEach(function (m) { _this._deviceList.startTrackingDeviceList(m.userId); }); if (!inhibitDeviceQuery) { this._deviceList.refreshOutdatedDeviceLists(); } }); return function (_x8, _x9, _x10) { return _ref5.apply(this, arguments); }; }(); /** * @typedef {Object} module:crypto~OlmSessionResult * @property {module:crypto/deviceinfo} device device info * @property {string?} sessionId base64 olm session id; null if no session * could be established */ /** * Try to make sure we have established olm sessions for all known devices for * the given users. * * @param {string[]} users list of user ids * * @return {module:client.Promise} resolves once the sessions are complete, to * an Object mapping from userId to deviceId to * {@link module:crypto~OlmSessionResult} */ Crypto.prototype.ensureOlmSessionsForUsers = function (users) { var devicesByUser = {}; for (var i = 0; i < users.length; ++i) { var userId = users[i]; devicesByUser[userId] = []; var devices = this.getStoredDevicesForUser(userId) || []; for (var j = 0; j < devices.length; ++j) { var deviceInfo = devices[j]; var key = deviceInfo.getIdentityKey(); if (key == this._olmDevice.deviceCurve25519Key) { // don't bother setting up session to ourself continue; } if (deviceInfo.verified == DeviceVerification.BLOCKED) { // don't bother setting up sessions with blocked users continue; } devicesByUser[userId].push(deviceInfo); } } return olmlib.ensureOlmSessionsForDevices(this._olmDevice, this._baseApis, devicesByUser); }; /** * Whether encryption is enabled for a room. * @param {string} roomId the room id to query. * @return {bool} whether encryption is enabled. */ Crypto.prototype.isRoomEncrypted = function (roomId) { return Boolean(this._roomEncryptors[roomId]); }; /** * Get a list containing all of the room keys * * @return {module:client.Promise} a promise which resolves to a list of * session export objects */ Crypto.prototype.exportRoomKeys = function () { var _this2 = this; return _bluebird2.default.map(this._sessionStore.getAllEndToEndInboundGroupSessionKeys(), function (s) { return _this2._olmDevice.exportInboundGroupSession(s.senderKey, s.sessionId).then(function (sess) { sess.algorithm = olmlib.MEGOLM_ALGORITHM; return sess; }); }); }; /** * Import a list of room keys previously exported by exportRoomKeys * * @param {Object[]} keys a list of session export objects * @return {module:client.Promise} a promise which resolves once the keys have been imported */ Crypto.prototype.importRoomKeys = function (keys) { var _this3 = this; return _bluebird2.default.map(keys, function (key) { if (!key.room_id || !key.algorithm) { console.warn("ignoring room key entry with missing fields", key); return null; } var alg = _this3._getRoomDecryptor(key.room_id, key.algorithm); return alg.importRoomKey(key); }); }; /** * Encrypt an event according to the configuration of the room. * * @param {module:models/event.MatrixEvent} event event to be sent * * @param {module:models/room} room destination room. * * @return {module:client.Promise?} Promise which resolves when the event has been * encrypted, or null if nothing was needed */ Crypto.prototype.encryptEvent = function (event, room) { var _this4 = this; if (!room) { throw new Error("Cannot send encrypted messages in unknown rooms"); } var roomId = event.getRoomId(); var alg = this._roomEncryptors[roomId]; if (!alg) { // MatrixClient has already checked that this room should be encrypted, // so this is an unexpected situation. throw new Error("Room was previously configured to use encryption, but is " + "no longer. Perhaps the homeserver is hiding the " + "configuration event."); } return alg.encryptMessage(room, event.getType(), event.getContent()).then(function (encryptedContent) { event.makeEncrypted("m.room.encrypted", encryptedContent, _this4._olmDevice.deviceCurve25519Key, _this4._olmDevice.deviceEd25519Key); }); }; /** * Decrypt a received event * * @param {MatrixEvent} event * * @return {Promise<module:crypto~EventDecryptionResult>} resolves once we have * finished decrypting. Rejects with an `algorithms.DecryptionError` if there * is a problem decrypting the event. */ Crypto.prototype.decryptEvent = function (event) { if (event.isRedacted()) { return _bluebird2.default.resolve({ clearEvent: { room_id: event.getRoomId(), type: "m.room.message", content: {} } }); } var content = event.getWireContent(); var alg = this._getRoomDecryptor(event.getRoomId(), content.algorithm); return alg.decryptEvent(event); }; /** * Handle the notification from /sync or /keys/changes that device lists have * been changed. * * @param {Object} deviceLists device_lists field from /sync, or response from * /keys/changes */ Crypto.prototype.handleDeviceListChanges = function () { var _ref6 = (0, _bluebird.method)(function (deviceLists) { var _this5 = this; if (deviceLists.changed && Array.isArray(deviceLists.changed)) { deviceLists.changed.forEach(function (u) { _this5._deviceList.invalidateUserDeviceList(u); }); } if (deviceLists.left && Array.isArray(deviceLists.left)) { deviceLists.left.forEach(function (u) { _this5._deviceList.stopTrackingDeviceList(u); }); } // don't flush the outdated device list yet - we do it once we finish // processing the sync. }); return function (_x11) { return _ref6.apply(this, arguments); }; }(); /** * Send a request for some room keys, if we have not already done so * * @param {module:crypto~RoomKeyRequestBody} requestBody * @param {Array<{userId: string, deviceId: string}>} recipients */ Crypto.prototype.requestRoomKey = function (requestBody, recipients) { this._outgoingRoomKeyRequestManager.sendRoomKeyRequest(requestBody, recipients).catch(function (e) { // this normally means we couldn't talk to the store console.error('Error requesting key for event', e); }).done(); }; /** * Cancel any earlier room key request * * @param {module:crypto~RoomKeyRequestBody} requestBody * parameters to match for cancellation */ Crypto.prototype.cancelRoomKeyRequest = function (requestBody) { this._outgoingRoomKeyRequestManager.cancelRoomKeyRequest(requestBody).catch(function (e) { console.warn("Error clearing pending room key requests", e); }).done(); }; /** * handle an m.room.encryption event * * @param {module:models/event.MatrixEvent} event encryption event */ Crypto.prototype.onCryptoEvent = function () { var _ref7 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee4(event) { var roomId, content; return _regenerator2.default.wrap(function _callee4$(_context4) { while (1) { switch (_context4.prev = _context4.next) { case 0: roomId = event.getRoomId(); content = event.getContent(); _context4.prev = 2; _context4.next = 5; return (0, _bluebird.resolve)(this.setRoomEncryption(roomId, content, true)); case 5: _context4.next = 10; break; case 7: _context4.prev = 7; _context4.t0 = _context4['catch'](2); console.error("Error configuring encryption in room " + roomId + ":", _context4.t0); case 10: case 'end': return _context4.stop(); } } }, _callee4, this, [[2, 7]]); })); return function (_x12) { return _ref7.apply(this, arguments); }; }(); /** * handle the completion of a /sync * * This is called after the processing of each successful /sync response. * It is an opportunity to do a batch process on the information received. * * @param {Object} syncData the data from the 'MatrixClient.sync' event */ Crypto.prototype.onSyncCompleted = function () { var _ref8 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee5(syncData) { var nextSyncToken, oldSyncToken; return _regenerator2.default.wrap(function _callee5$(_context5) { while (1) { switch (_context5.prev = _context5.next) { case 0: nextSyncToken = syncData.nextSyncToken; if (syncData.oldSyncToken) { _context5.next = 18; break; } console.log("Completed initial sync"); // if we have a deviceSyncToken, we can tell the deviceList to // invalidate devices which have changed since then. oldSyncToken = this._sessionStore.getEndToEndDeviceSyncToken(); if (!(oldSyncToken !== null)) { _context5.next = 16; break; } _context5.prev = 5; _context5.next = 8; return (0, _bluebird.resolve)(this._invalidateDeviceListsSince(oldSyncToken, nextSyncToken)); case 8: _context5.next = 14; break; case 10: _context5.prev = 10; _context5.t0 = _context5['catch'](5); // if that failed, we fall back to invalidating everyone. console.warn("Error fetching changed device list", _context5.t0); this._deviceList.invalidateAllDeviceLists(); case 14: _context5.next = 18; break; case 16: // otherwise, we have to invalidate all devices for all users we // are tracking. console.log("Completed first initialsync; invalidating all " + "device list caches"); this._deviceList.invalidateAllDeviceLists(); case 18: // we can now store our sync token so that we can get an update on // restart rather than having to invalidate everyone. // // (we don't really need to do this on every sync - we could just // do it periodically) this._sessionStore.storeEndToEndDeviceSyncToken(nextSyncToken); // catch up on any new devices we got told about during the sync. this._deviceList.lastKnownSyncToken = nextSyncToken; this._deviceList.refreshOutdatedDeviceLists(); // we don't start uploading one-time keys until we've caught up with // to-device messages, to help us avoid throwing away one-time-keys that we // are about to receive messages for // (https://github.com/vector-im/riot-web/issues/2782). if (!syncData.catchingUp) { _maybeUploadOneTimeKeys(this); this._processReceivedRoomKeyRequests(); } case 22: case 'end': return _context5.stop(); } } }, _callee5, this, [[5, 10]]); })); return function (_x13) { return _ref8.apply(this, arguments); }; }(); /** * Ask the server which users have new devices since a given token, * and invalidate them * * @param {String} oldSyncToken * @param {String} lastKnownSyncToken * * Returns a Promise which resolves once the query is complete. Rejects if the * keyChange query fails. */ Crypto.prototype._invalidateDeviceListsSince = function () { var _ref9 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee6(oldSyncToken, lastKnownSyncToken) { var r; return _regenerator2.default.wrap(function _callee6$(_context6) { while (1) { switch (_context6.prev = _context6.next) { case 0: _context6.next = 2; return (0, _bluebird.resolve)(this._baseApis.getKeyChanges(oldSyncToken, lastKnownSyncToken)); case 2: r = _context6.sent; console.log("got key changes since", oldSyncToken, ":", r); _context6.next = 6; return (0, _bluebird.resolve)(this.handleDeviceListChanges(r)); case 6: case 'end': return _context6.stop(); } } }, _callee6, this); })); return function (_x14, _x15) { return _ref9.apply(this, arguments); }; }(); /** * Get a list of the e2e-enabled rooms we are members of * * @returns {module:models.Room[]} */ Crypto.prototype._getE2eRooms = function () { var _this6 = this; return this._clientStore.getRooms().filter(function (room) { // check for rooms with encryption enabled var alg = _this6._roomEncryptors[room.roomId]; if (!alg) { return false; } // ignore any rooms which we have left var me = room.getMember(_this6._userId); if (!me || me.membership !== "join" && me.membership !== "invite") { return false; } return true; }); }; Crypto.prototype._onToDeviceEvent = function (event) { var _this7 = this; try { if (event.getType() == "m.room_key" || event.getType() == "m.forwarded_room_key") { this._onRoomKeyEvent(event); } else if (event.getType() == "m.room_key_request") { this._onRoomKeyRequestEvent(event); } else if (event.isBeingDecrypted()) { // once the event has been decrypted, try again event.once('Event.decrypted', function (ev) { _this7._onToDeviceEvent(ev); }); } } catch (e) { console.error("Error handling toDeviceEvent:", e); } }; /** * Handle a key event * * @private * @param {module:models/event.MatrixEvent} event key event */ Crypto.prototype._onRoomKeyEvent = function (event) { var content = event.getContent(); if (!content.room_id || !content.algorithm) { console.error("key event is missing fields"); return; } var alg = this._getRoomDecryptor(content.room_id, content.algorithm); alg.onRoomKeyEvent(event); }; /** * Handle a change in the membership state of a member of a room * * @private * @param {module:models/event.MatrixEvent} event event causing the change * @param {module:models/room-member} member user whose membership changed * @param {string=} oldMembership previous membership */ Crypto.prototype._onRoomMembership = function (event, member, oldMembership) { // this event handler is registered on the *client* (as opposed to the room // member itself), which means it is only called on changes to the *live* // membership state (ie, it is not called when we back-paginate, nor when // we load the state in the initialsync). // // Further, it is automatically registered and called when new members // arrive in the room. var roomId = member.roomId; var alg = this._roomEncryptors[roomId]; if (!alg) { // not encrypting in this room return; } if (member.membership == 'join') { console.log('Join event for ' + member.userId + ' in ' + roomId); // make sure we are tracking the deviceList for this user this._deviceList.startTrackingDeviceList(member.userId); } alg.onRoomMembership(event, member, oldMembership); }; /** * Called when we get an m.room_key_request event. * * @private * @param {module:models/event.MatrixEvent} event key request event */ Crypto.prototype._onRoomKeyRequestEvent = function (event) { var content = event.getContent(); if (content.action === "request") { // Queue it up for now, because they tend to arrive before the room state // events at initial sync, and we want to see if we know anything about the // room before passing them on to the app. var req = new IncomingRoomKeyRequest(event); this._receivedRoomKeyRequests.push(req); } else if (content.action === "request_cancellation") { var _req = new IncomingRoomKeyRequestCancellation(event); this._receivedRoomKeyRequestCancellations.push(_req); } }; /** * Process any m.room_key_request events which were queued up during the * current sync. * * @private */ Crypto.prototype._processReceivedRoomKeyRequests = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee7() { var _this8 = this; var requests, cancellations; return _regenerator2.default.wrap(function _callee7$(_context7) { while (1) { switch (_context7.prev = _context7.next) { case 0: if (!this._processingRoomKeyRequests) { _context7.next = 2; break; } return _context7.abrupt('return'); case 2: this._processingRoomKeyRequests = true; _context7.prev = 3; // we need to grab and clear the queues in the synchronous bit of this method, // so that we don't end up racing with the next /sync. requests = this._receivedRoomKeyRequests; this._receivedRoomKeyRequests = []; cancellations = this._receivedRoomKeyRequestCancellations; this._receivedRoomKeyRequestCancellations = []; // Process all of the requests, *then* all of the cancellations. // // This makes sure that if we get a request and its cancellation in the // same /sync result, then we process the request before the // cancellation (and end up with a cancelled request), rather than the // cancellation before the request (and end up with an outstanding // request which should have been cancelled.) _context7.next = 10; return (0, _bluebird.resolve)(_bluebird2.default.map(requests, function (req) { return _this8._processReceivedRoomKeyRequest(req); })); case 10: _context7.next = 12; return (0, _bluebird.resolve)(_bluebird2.default.map(cancellations, function (cancellation) { return _this8._processReceivedRoomKeyRequestCancellation(cancellation); })); case 12: _context7.next = 17; break; case 14: _context7.prev = 14; _context7.t0 = _context7['catch'](3); console.error('Error processing room key requsts: ' + _context7.t0); case 17: _context7.prev = 17; this._processingRoomKeyRequests = false; return _context7.finish(17); case 20: case 'end': return _context7.stop(); } } }, _callee7, this, [[3, 14, 17, 20]]); })); /** * Helper for processReceivedRoomKeyRequests * * @param {IncomingRoomKeyRequest} req */ Crypto.prototype._processReceivedRoomKeyRequest = function () { var _ref11 = (0, _bluebird.coroutine)(_regenerator2.default.mark(function _callee8(req) { var userId, deviceId, body, roomId, alg, decryptor, device; return _regenerator2.default.wrap(function _callee8$(_context8) { while (1) { switch (_context8.prev = _context8.next) { case 0: userId = req.userId; deviceId = req.deviceId; body = req.requestBody; roomId = body.room_id; alg = body.algorithm; console.log('m.room_key_request from ' + userId + ':' + deviceId + (' for ' + roomId + ' / ' + body.session_id + ' (id ' + req.requestId + ')')); if (!(userId !== this._userId)) { _context8.next = 9; break; } // TODO: determine if we sent this device the keys already: in // which case we can do so again. console.log("Ignoring room key request from other user for now"); return _context8.abrupt('return'); case 9: if (this._roomDecryptors[roomId]) { _context8.next = 12; break; } console.log('room key request for unencrypted room ' + roomId); return _context8.abrupt('return'); case 12: decryptor = this._roomDecryptors[roomId][alg]; if (decryptor) { _context8.next = 16; break; } console.log('room key request for unknown alg ' + alg + ' in room ' + roomId); return _context8.abrupt('return'); case 16: _context8.next = 18; return (0, _bluebird.resolve)(decryptor.hasKeysForKeyRequest(req)); case 18: if (_context8.sent) { _context8.next = 21; break; } console.log('room key request for unknown session ' + roomId + ' / ' + body.session_id); return _context8.abrupt('return'); case 21: req.share = function () { decryptor.shareKeysWithDevice(req); }; // if the device is is verified already, share the keys device = this._deviceList.getStoredDevice(userId, deviceId); if (!(device && device.isVerified())) { _context8.next = 27; break; } console.log('device is already verified: sharing keys'); req.share(); return _context8.abrupt('return'); case 27: this.emit("crypto.roomKeyRequest", req); case 28: case 'end': return _context8.stop(); } } }, _callee8, this); })); return function (_x16) { return _ref11.apply(this, arguments); }; }(); /** * Helper for processReceivedRoomKeyRequests * * @param {IncomingRoomKeyRequestCancellation} cancellation */ Crypto.prototype._processReceivedRoomKeyRequestCancellation = function () { var _ref12 = (0, _bluebird.method)(function (cancellation) { console.log('m.room_key_request cancellation for ' + cancellation.userId + ':' + (cancellation.deviceId + ' (id ' + cancellation.requestId + ')')); // we should pr