Backup: refactor to extract everything related to specific algorithm

Author: ganfra

matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt

@@ -25,8 +25,8 @@ import org.matrix.android.sdk.api.auth.UIABaseAuth
 import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
 import org.matrix.android.sdk.api.auth.UserPasswordAuth
 import org.matrix.android.sdk.api.auth.registration.RegistrationFlowResponse
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_CURVE_25519_BACKUP
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.extensions.orFalse
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
@@ -35,8 +35,8 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NA
 import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
-import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupAuthData
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
+import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCurve25519AuthData
 import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
 import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
@@ -179,8 +179,35 @@ class CryptoTestHelper(val testHelper: CommonTestHelper) {
         }
     }
 
-    private fun createFakeMegolmBackupAuthData(): MegolmBackupAuthData {
-        return MegolmBackupAuthData(
+    fun checkEncryptedEvent(event: Event, roomId: String, clearMessage: String, senderSession: Session) {
+        assertEquals(EventType.ENCRYPTED, event.type)
+        assertNotNull(event.content)
+
+        val eventWireContent = event.content.toContent()
+        assertNotNull(eventWireContent)
+
+        assertNull(eventWireContent["body"])
+        assertEquals(MXCRYPTO_ALGORITHM_MEGOLM, eventWireContent["algorithm"])
+
+        assertNotNull(eventWireContent["ciphertext"])
+        assertNotNull(eventWireContent["session_id"])
+        assertNotNull(eventWireContent["sender_key"])
+
+        assertEquals(senderSession.sessionParams.deviceId, eventWireContent["device_id"])
+
+        assertNotNull(event.eventId)
+        assertEquals(roomId, event.roomId)
+        assertEquals(EventType.MESSAGE, event.getClearType())
+        // TODO assertTrue(event.getAge() < 10000)
+
+        val eventContent = event.toContent()
+        assertNotNull(eventContent)
+        assertEquals(clearMessage, eventContent["body"])
+        assertEquals(senderSession.myUserId, event.senderId)
+    }
+
+    fun createFakeMegolmBackupAuthData(): MegolmBackupCurve25519AuthData {
+        return MegolmBackupCurve25519AuthData(
                 publicKey = "abcdefg",
                 signatures = mapOf("something" to mapOf("ed25519:something" to "hijklmnop"))
         )
@@ -288,6 +315,24 @@ class CryptoTestHelper(val testHelper: CommonTestHelper) {
                     secret,
                     listOf(KeyRef(keyInfo.keyId, keyInfo.keySpec))
             )
+
+            // set up megolm backup
+            val creationInfo = awaitCallback<MegolmBackupCreationInfo> {
+                session.cryptoService().keysBackupService().prepareKeysBackupVersion(null, null, null,  it)
+            }
+            val version = awaitCallback<KeysVersion> {
+                session.cryptoService().keysBackupService().createKeysBackupVersion(creationInfo, it)
+            }
+            // Save it for gossiping
+            session.cryptoService().keysBackupService().saveBackupRecoveryKey(creationInfo.recoveryKey, version = version.version)
+
+            extractCurveKeyFromRecoveryKey(creationInfo.recoveryKey)?.toBase64NoPadding()?.let { secret ->
+                ssssService.storeSecret(
+                        KEYBACKUP_SECRET_SSSS_NAME,
+                        secret,
+                        listOf(KeyRef(keyInfo.keyId, keyInfo.keySpec))
+                )
+            }
         }
     }
 

matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2EShareKeysConfigTest.kt

@@ -218,7 +218,7 @@ class E2EShareKeysConfigTest : InstrumentedTest {
         val keysBackupService = aliceSession.cryptoService().keysBackupService()
         val keyBackupPassword = "FooBarBaz"
         val megolmBackupCreationInfo = commonTestHelper.waitForCallback<MegolmBackupCreationInfo> {
-            keysBackupService.prepareKeysBackupVersion(keyBackupPassword, null, it)
+            keysBackupService.prepareKeysBackupVersion(keyBackupPassword, null, null, it)
         }
         val version = commonTestHelper.waitForCallback<KeysVersion> {
             keysBackupService.createKeysBackupVersion(megolmBackupCreationInfo, it)

matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt

@@ -224,7 +224,7 @@ class E2eeSanityTests : InstrumentedTest {
         val bobKeysBackupService = bobSession.cryptoService().keysBackupService()
         val keyBackupPassword = "FooBarBaz"
         val megolmBackupCreationInfo = testHelper.waitForCallback<MegolmBackupCreationInfo> {
-            bobKeysBackupService.prepareKeysBackupVersion(keyBackupPassword, null, it)
+            bobKeysBackupService.prepareKeysBackupVersion(keyBackupPassword, null, null, it)
         }
         val version = testHelper.waitForCallback<KeysVersion> {
             bobKeysBackupService.createKeysBackupVersion(megolmBackupCreationInfo, it)

matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/keysbackup/KeysBackupTest.kt

@@ -41,6 +41,7 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysBackupVersionTru
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
+import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCurve25519AuthData
 import org.matrix.android.sdk.api.session.crypto.keysbackup.toKeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.session.getRoom
@@ -49,6 +50,10 @@ import org.matrix.android.sdk.common.CommonTestHelper.Companion.runSessionTest
 import org.matrix.android.sdk.common.RetryTestRule
 import org.matrix.android.sdk.common.TestConstants
 import org.matrix.android.sdk.common.waitFor
+import org.matrix.android.sdk.internal.crypto.keysbackup.algorithm.KeysBackupAlgorithmFactory
+import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeyBackupData
+import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysBackupData
+import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.RoomKeysBackupData
 import java.security.InvalidParameterException
 import java.util.Collections
 import java.util.concurrent.CountDownLatch
@@ -119,11 +124,12 @@ class KeysBackupTest : InstrumentedTest {
         assertFalse(keysBackup.isEnabled())
 
         val megolmBackupCreationInfo = testHelper.waitForCallback<MegolmBackupCreationInfo> {
-            keysBackup.prepareKeysBackupVersion(null, null, it)
+            keysBackup.prepareKeysBackupVersion(null, null, null, it)
         }
 
         assertEquals(MXCRYPTO_ALGORITHM_CURVE_25519_BACKUP, megolmBackupCreationInfo.algorithm)
-        assertNotNull(megolmBackupCreationInfo.authData.publicKey)
+        val authData = megolmBackupCreationInfo.authData as MegolmBackupCurve25519AuthData
+        assertNotNull(authData.publicKey)
         assertNotNull(megolmBackupCreationInfo.authData.signatures)
         assertNotNull(megolmBackupCreationInfo.recoveryKey)
 
@@ -145,7 +151,7 @@ class KeysBackupTest : InstrumentedTest {
         assertFalse(keysBackup.isEnabled())
 
         val megolmBackupCreationInfo = testHelper.waitForCallback<MegolmBackupCreationInfo> {
-            keysBackup.prepareKeysBackupVersion(null, null, it)
+            keysBackup.prepareKeysBackupVersion(null, null, null, it)
         }
 
         assertFalse(keysBackup.isEnabled())
@@ -298,23 +304,25 @@ class KeysBackupTest : InstrumentedTest {
         val session = keysBackup.store.inboundGroupSessionsToBackup(1)[0]
 
         val keyBackupCreationInfo = keysBackupTestHelper.prepareAndCreateKeysBackupData(keysBackup).megolmBackupCreationInfo
-
+        val keysBackupVersion = keysBackup.keysBackupVersion
+        assertNotNull(keysBackupVersion)
+        val algorithm = KeysBackupAlgorithmFactory().create(keysBackupVersion!!)
         // - Check encryptGroupSession() returns stg
         val keyBackupData = keysBackup.encryptGroupSession(session)
         assertNotNull(keyBackupData)
         assertNotNull(keyBackupData!!.sessionData)
-
-        // - Check pkDecryptionFromRecoveryKey() is able to create a OlmPkDecryption
-        val decryption = keysBackup.pkDecryptionFromRecoveryKey(keyBackupCreationInfo.recoveryKey)
-        assertNotNull(decryption)
-        // - Check decryptKeyBackupData() returns stg
-        val sessionData = keysBackup
-                .decryptKeyBackupData(
-                        keyBackupData,
-                        session.safeSessionId!!,
-                        cryptoTestData.roomId,
-                        decryption!!
-                )
+        val roomKeysBackupData = RoomKeysBackupData(
+                HashMap<String, KeyBackupData>().apply {
+                    put(session.safeSessionId!!, keyBackupData)
+                }
+        )
+        val keysBackupData = KeysBackupData(
+                HashMap<String, RoomKeysBackupData>().apply {
+                    put(cryptoTestData.roomId, roomKeysBackupData)
+                }
+        )
+        val sessionsData = algorithm.decryptSessions(keyBackupCreationInfo.recoveryKey, keysBackupData)
+        val sessionData = sessionsData.firstOrNull()
         assertNotNull(sessionData)
         // - Compare the decrypted megolm key with the original one
         keysBackupTestHelper.assertKeysEquals(session.exportKeys(), sessionData)

matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/keysbackup/KeysBackupTestHelper.kt

@@ -105,7 +105,7 @@ internal class KeysBackupTestHelper(
         val stateObserver = StateObserver(keysBackup)
 
         val megolmBackupCreationInfo = testHelper.waitForCallback<MegolmBackupCreationInfo> {
-            keysBackup.prepareKeysBackupVersion(password, null, it)
+            keysBackup.prepareKeysBackupVersion(password, null, null, it)
         }
 
         Assert.assertNotNull(megolmBackupCreationInfo)

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keysbackup/KeysBackupService.kt

@@ -124,6 +124,7 @@ interface KeysBackupService {
      */
     fun prepareKeysBackupVersion(
             password: String?,
+            algorithm: String? = null,
             progressListener: ProgressListener?,
             callback: MatrixCallback<MegolmBackupCreationInfo>
     )

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keysbackup/KeysVersionResult.kt

@@ -24,14 +24,16 @@ import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysAlgorith
 @JsonClass(generateAdapter = true)
 data class KeysVersionResult(
         /**
-         * The algorithm used for storing backups. Currently, only "m.megolm_backup.v1.curve25519-aes-sha2" is defined
+         * The algorithm used for storing backups.
+         * Currently, "m.megolm_backup.v1.curve25519-aes-sha2" and
+         * org.matrix.msc3270.v1.aes-hmac-sha2 are defined.
          */
         @Json(name = "algorithm")
         override val algorithm: String,
 
         /**
          * algorithm-dependent data, for "m.megolm_backup.v1.curve25519-aes-sha2".
-         * @see [org.matrix.android.sdk.internal.crypto.keysbackup.MegolmBackupAuthData]
+         * @see [org.matrix.android.sdk.internal.crypto.keysbackup.MegolmBackupCurve25519AuthData]
          */
         @Json(name = "auth_data")
         override val authData: JsonDict,

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keysbackup/MegolmBackupAes256AuthData.kt

@@ -0,0 +1,83 @@
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.api.session.crypto.keysbackup
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+import org.matrix.android.sdk.api.util.JsonDict
+import org.matrix.android.sdk.internal.di.MoshiProvider
+
+/**
+ * Data model for [org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysAlgorithmAndData.authData] in case
+ * of [org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_AES_256_BACKUP].
+ */
+@JsonClass(generateAdapter = true)
+data class MegolmBackupAes256AuthData(
+
+        /**
+         * The identity vector used to encrypt the backups.
+         */
+        @Json(name = "iv")
+        val iv: String? = null,
+
+        /**
+         * The mac used to encrypt the backups.
+         */
+        @Json(name = "mac")
+        val mac: String? = null,
+
+        /**
+         * In case of a backup created from a password, the salt associated with the backup
+         * private key.
+         */
+        @Json(name = "private_key_salt")
+        override val privateKeySalt: String? = null,
+
+        /**
+         * In case of a backup created from a password, the number of key derivations.
+         */
+        @Json(name = "private_key_iterations")
+        override val privateKeyIterations: Int? = null,
+
+        /**
+         * Signatures of the public key.
+         * userId -> (deviceSignKeyId -> signature)
+         */
+        @Json(name = "signatures")
+        override val signatures: Map<String, Map<String, String>>? = null
+
+) : MegolmBackupAuthData {
+
+    override fun isValid(): Boolean = !(iv.isNullOrEmpty() || mac.isNullOrEmpty())
+
+    override fun copy(newSignatures: Map<String, Map<String, String>>?): MegolmBackupAuthData {
+        return copy(signatures = newSignatures)
+    }
+
+    override fun toJsonDict(): JsonDict {
+        val moshi = MoshiProvider.providesMoshi()
+        val adapter = moshi.adapter(Map::class.java)
+
+        return moshi
+                .adapter(MegolmBackupAes256AuthData::class.java)
+                .toJson(this)
+                .let {
+                    @Suppress("UNCHECKED_CAST")
+                    adapter.fromJson(it) as JsonDict
+                }
+    }
+}

matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keysbackup/MegolmBackupAuthData.kt

@@ -16,64 +16,15 @@
 
 package org.matrix.android.sdk.api.session.crypto.keysbackup
 
-import com.squareup.moshi.Json
-import com.squareup.moshi.JsonClass
 import org.matrix.android.sdk.api.util.JsonDict
-import org.matrix.android.sdk.internal.crypto.keysbackup.model.SignalableMegolmBackupAuthData
-import org.matrix.android.sdk.internal.di.MoshiProvider
 
-/**
- * Data model for [org.matrix.androidsdk.rest.model.keys.KeysAlgorithmAndData.authData] in case
- * of [org.matrix.androidsdk.crypto.MXCRYPTO_ALGORITHM_MEGOLM_BACKUP].
- */
-@JsonClass(generateAdapter = true)
-data class MegolmBackupAuthData(
-        /**
-         * The curve25519 public key used to encrypt the backups.
-         */
-        @Json(name = "public_key")
-        val publicKey: String,
-
-        /**
-         * In case of a backup created from a password, the salt associated with the backup
-         * private key.
-         */
-        @Json(name = "private_key_salt")
-        val privateKeySalt: String? = null,
-
-        /**
-         * In case of a backup created from a password, the number of key derivations.
-         */
-        @Json(name = "private_key_iterations")
-        val privateKeyIterations: Int? = null,
-
-        /**
-         * Signatures of the public key.
-         * userId -> (deviceSignKeyId -> signature)
-         */
-        @Json(name = "signatures")
-        val signatures: Map<String, Map<String, String>>? = null
-) {
-
-    internal fun toJsonDict(): JsonDict {
-        val moshi = MoshiProvider.providesMoshi()
-        val adapter = moshi.adapter(Map::class.java)
+sealed interface MegolmBackupAuthData {
+    val privateKeySalt: String?
+    val privateKeyIterations: Int?
+    val signatures: Map<String, Map<String, String>>?
 
-        return moshi
-                .adapter(MegolmBackupAuthData::class.java)
-                .toJson(this)
-                .let {
-                    @Suppress("UNCHECKED_CAST")
-                    adapter.fromJson(it) as JsonDict
-                }
-    }
+    fun isValid(): Boolean
 
-    internal fun signalableJSONDictionary(): JsonDict {
-        return SignalableMegolmBackupAuthData(
-                publicKey = publicKey,
-                privateKeySalt = privateKeySalt,
-                privateKeyIterations = privateKeyIterations
-        )
-                .signalableJSONDictionary()
-    }
+    fun toJsonDict(): JsonDict
+    fun copy(newSignatures: Map<String, Map<String, String>>?): MegolmBackupAuthData
 }