WebR Expose matrix-sdk-crypto-js bindings for KeyBackup #2196
Conversation
BillCarsonFr
force-pushed
the
valere/js_backup_bindings
branch
from
0f9faf7
to
00d73db
Compare
BillCarsonFr
force-pushed
the
valere/js_backup_bindings
branch
from
00d73db
to
d6b30ae
Compare
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #2196 +/- ##
==========================================
- Coverage 76.71% 76.67% -0.05%
==========================================
Files 164 164
Lines 17646 17658 +12
==========================================
+ Hits 13538 13540 +2
- Misses 4108 4118 +10
☔ View full report in Codecov by Sentry. |
| .map(|(k, v)| (k.to_string(), v.into_iter().map(|(k, v)| (k.to_string(), v)).collect())) | ||
| .collect(); | ||
|
|
||
| serde_wasm_bindgen::to_value(&signatures).unwrap() |
There was a problem hiding this comment.
I'm far from convinced that we need this method anyway. What is the application supposed to do with a list of signatures once it has one? It should be up to the rust side to validate the signatures.
Will remove this for now.
| self.inner | ||
| .decrypt_v1(&ephemeral_key, &mac, &ciphertext) | ||
| .map_err(|e| e.into()) | ||
| .map(|r| JSON::parse(&r).unwrap()) |
There was a problem hiding this comment.
Another one. Hmm, this now assumes that whatever you are decrypting is JSON, I guess that's currently true but worries me slightly.
There was a problem hiding this comment.
let's just return the JSON. The javascript side can deserialise it more easily anyway.
| recovery_key: inner.recovery_key.map(|k| k.to_base58()), | ||
| backup_version: inner.backup_version, | ||
| }; | ||
| Ok(serde_wasm_bindgen::to_value(&backup_keys).unwrap()) |
| pub fn as_json(&self) -> JsValue { | ||
| trace!(?self.inner, "The signature"); | ||
| // can't use directly serde_wasm_bindgen as there is an issue with BTreeMap | ||
| // It's always returning an empty {} if I do: |
There was a problem hiding this comment.
Hmm, but you collect into a BTreeMap a couple of lines bellow as well, in fact the collect is almost the same thing the Serialize implementation does for the Signatures struct.
If serde_wasm_bindgen didn't work, did serde_json::to_string() work correctly? I don't see how that would be different to what you're doing here.
| // can't clone or copy it, so.. | ||
| let key = export.recovery_key.as_ref().map(|e| serde_json::to_string(e).unwrap()); | ||
| BackupKeys { | ||
| recovery_key: key.map(|s| serde_json::from_str(&s).unwrap()), |
There was a problem hiding this comment.
Heh, I had to add this in #2227 as well. Though I added just a clone to the backup key.
So let's do that instead.
|
|
||
| /// Create a new [`BackupRecoveryKey`] from the given passphrase. | ||
| #[wasm_bindgen(js_name = "newFromPassphrase")] | ||
| pub fn new_from_passphrase(passphrase: String) -> BackupRecoveryKey { |
There was a problem hiding this comment.
Are we certain that EW needs this? If so perhaps we should give in and put it into the crypto crate instead of having it twice in the bindings.
There was a problem hiding this comment.
I didn't see it in web code, we can probably reove
|
The bindings have moved to a separate repo, you'll have to re-open the PR there: https://github.com/matrix-org/matrix-rust-sdk-crypto-web. Sorry for the inconvenience. |
richvdh
changed the title
| @@ -763,6 +767,155 @@ impl OlmMachine { | |||
| })) | |||
| } | |||
|
|
|||
| /// Store the recovery key in the crypto store. | |||
There was a problem hiding this comment.
IMHO we should not use the term "recovery key" here: matrix-org/matrix-spec#1571
|
|
||
| let raw_string = serde_json::to_string(&map).unwrap(); | ||
|
|
||
| JSON::parse(&raw_string).unwrap() |
There was a problem hiding this comment.
why is it called asJSON if it's not returning JSON?
| /// Get the json with all signatures | ||
| #[wasm_bindgen(js_name = "asJSON")] | ||
| pub fn as_json(&self) -> JsValue { | ||
| trace!(?self.inner, "The signature"); | ||
| // can't use directly serde_wasm_bindgen as there is an issue with BTreeMap | ||
| // It's always returning an empty {} if I do: | ||
| // serde_wasm_bindgen::to_value(&self.inner).unwrap() | ||
|
|
||
| // Keep it like that for now as it's working | ||
| let map: BTreeMap<String, BTreeMap<String, String>> = self | ||
| .inner | ||
| .clone() | ||
| .into_iter() | ||
| .map(|(u, sign)| { | ||
| ( | ||
| u.as_str().to_owned(), | ||
| sign.iter() | ||
| .map(|(device, maybe_sign)| { | ||
| ( | ||
| device.as_str().to_owned(), | ||
| match maybe_sign { | ||
| Ok(s) => s.to_base64(), | ||
| Err(e) => e.source.to_owned(), | ||
| }, | ||
| ) | ||
| }) | ||
| .collect(), | ||
| ) | ||
| }) | ||
| .collect(); | ||
|
|
||
| let raw_string = serde_json::to_string(&map).unwrap(); | ||
|
|
||
| JSON::parse(&raw_string).unwrap() | ||
| } |
There was a problem hiding this comment.
Again, I'm not really sure why we need this. What is the JS side supposed to do with it?
There was a problem hiding this comment.
Answer: we have to assemble the POST /_matrix/client/v3/room_keys/version request on the application side, and we need the signature data for that.
Import Valere's changes from matrix-org/matrix-rust-sdk#2196, excluding the fixes to MemoryStore.
Expose
matrix-sdk-crypto-jsbindings for:BackupMachine, includingBackupMachine::backup_key::version, which is not currently exposed in the underlying crateRoomKeyBackupInfo(? actually perhaps just pass the raw json intoverify_backup).MegolmV1BackupKey(this is the public part of the key)RecoveryKey(this is the private part of the key)SignatureVerificationSignatures::serialize(for signing the backup)Fixes: https://github.com/vector-im/crypto-internal/issues/100
Signed-off-by: