Expose encrypted-history sharing

Author: richvdh

CHANGELOG.md

@@ -4,6 +4,8 @@
 
     -   Add support for received room key bundle data, as required by encrypted history sharing ((MSC4268)[https://github.com/matrix-org/matrix-spec-proposals/pull/4268)). ([#5276](https://github.com/matrix-org/matrix-rust-sdk/pull/5276))
 
+-   Expose experimental new functionality for sharing encrypted room history, per [MSC4268](https://github.com/matrix-org/matrix-spec-proposals/pull/4268). ([#250](https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm/pull/250))
+
 -   Add a new error code for `MegolmDecryptionError`, `DecryptionErrorCode::MismatchedSender`, indicating that the sender of the event does not match the owner of the device that established the Megolm session. ([#248](https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm/pull/248))
 
 # matrix-sdk-crypto-wasm v15.0.0

Cargo.toml

@@ -74,7 +74,7 @@ thiserror = "2.0.12"
 tracing = { version = "0.1.36", default-features = false, features = ["std"] }
 tracing-subscriber = { version = "0.3.14", default-features = false, features = ["registry", "std", "ansi"] }
 url = "2.5.0"
-wasm-bindgen = "0.2.89"
+wasm-bindgen = "0.2.100"
 wasm-bindgen-futures = "0.4.33"
 zeroize = "1.6.0"
 wasm-bindgen-test = "0.3.37"

src/machine.rs

@@ -23,11 +23,13 @@ use matrix_sdk_crypto::{
 };
 use serde::{ser::SerializeSeq, Serialize, Serializer};
 use serde_json::json;
-use tracing::warn;
+use tracing::{info, warn};
 use wasm_bindgen::{convert::TryFromJsValue, prelude::*};
 use wasm_bindgen_futures::{spawn_local, JsFuture};
+use zeroize::Zeroizing;
 
 use crate::{
+    attachment,
     backup::{BackupDecryptionKey, BackupKeys, RoomKeyCounts},
     dehydrated_devices::DehydratedDevices,
     device, encryption,
@@ -41,7 +43,7 @@ use crate::{
     sync_events,
     types::{
         self, processed_to_device_event_to_js_value, RoomKeyImportResult, RoomSettings,
-        SignatureVerification,
+        SignatureVerification, StoredRoomKeyBundleData,
     },
     verification, vodozemac,
 };
@@ -1584,6 +1586,146 @@ impl OlmMachine {
         self.inner.dehydrated_devices().into()
     }
 
+    /// Assemble, and encrypt, a room key bundle for sharing encrypted history,
+    /// as per {@link MSC4268 | https://github.com/matrix-org/matrix-spec-proposals/pull/4268}.
+    ///
+    /// Returns `undefined` if there are no keys to share in the given room,
+    /// otherwise an {@link EncryptedAttachment}.
+    ///
+    /// The data should be uploaded to the media server, and the details then
+    /// passed to {@link shareRoomKeyBundleData}.
+    ///
+    /// @experimental
+    #[wasm_bindgen(
+        js_name = "buildRoomKeyBundle",
+        unchecked_return_type = "Promise<EncryptedAttachment | undefined>"
+    )]
+    pub fn build_room_key_bundle(&self, room_id: &identifiers::RoomId) -> Promise {
+        let me = self.inner.clone();
+        let room_id = room_id.inner.clone();
+
+        future_to_promise(async move {
+            let bundle = me.store().build_room_key_bundle(&room_id).await?;
+
+            if bundle.is_empty() {
+                info!("No keys to share");
+                return Ok(None);
+            }
+
+            // Remember to zeroize the json as soon as we're done with it
+            let json = Zeroizing::new(serde_json::to_vec(&bundle)?);
+
+            Ok(Some(attachment::Attachment::encrypt(json.as_slice())?))
+        })
+    }
+
+    /// Collect the devices belonging to the given user, and send the details
+    /// of a room key bundle to those devices.
+    ///
+    /// Returns a list of to-device requests which must be sent.
+    ///
+    /// @experimental
+    #[wasm_bindgen(
+        js_name = "shareRoomKeyBundleData",
+        unchecked_return_type = "Promise<ToDeviceRequest[]>"
+    )]
+    pub fn share_room_key_bundle_data(
+        &self,
+        user: &identifiers::UserId,
+        sharing_strategy: encryption::CollectStrategy,
+        content: JsValue,
+    ) -> Result<Promise, JsError> {
+        let me = self.inner.clone();
+        let user_id = user.inner.clone();
+        let bundle_data = serde_wasm_bindgen::from_value(content).map_err(|e| {
+            JsError::new(&format!("Unable to validate room key bundle content: {e}"))
+        })?;
+
+        Ok(future_to_promise(async move {
+            let to_device_requests = me
+                .share_room_key_bundle_data(&user_id, &sharing_strategy.into(), bundle_data)
+                .await?;
+
+            // convert each request to our own ToDeviceRequest struct, and then wrap it in a
+            // JsValue.
+            //
+            // Then collect the results into a javascript Array, throwing any errors into
+            // the promise.
+            let result = to_device_requests
+                .into_iter()
+                .map(|td| ToDeviceRequest::try_from(&td).map(JsValue::from))
+                .collect::<Result<Array, _>>()?;
+
+            Ok(result)
+        }))
+    }
+
+    /// See if we have received an {@link MSC4268 | https://github.com/matrix-org/matrix-spec-proposals/pull/4268}
+    /// room key bundle for the given room from the given user.
+    ///
+    /// Returns either `undefined` if no suitable bundle has been received,
+    /// or an {@link StoredRoomKeyBundleData}, in which case, the bundle
+    /// should be downloaded, and then passed to {@link
+    /// receiveRoomKeyBundle}.
+    ///
+    /// @experimental
+    #[wasm_bindgen(
+        js_name = "getReceivedRoomKeyBundleData",
+        unchecked_return_type = "Promise<StoredRoomKeyBundleData | undefined>"
+    )]
+    pub fn get_received_room_key_bundle_data(
+        &self,
+        room_id: &identifiers::RoomId,
+        inviter: &identifiers::UserId,
+    ) -> Promise {
+        let me = self.inner.clone();
+        let room_id = room_id.inner.clone();
+        let inviter = inviter.inner.clone();
+
+        future_to_promise(async move {
+            let result = me
+                .store()
+                .get_received_room_key_bundle_data(&room_id, &inviter)
+                .await?
+                .map(types::StoredRoomKeyBundleData::from);
+            Ok(result)
+        })
+    }
+
+    /// Import the message keys from a downloaded room key bundle.
+    ///
+    /// After {@link getReceivedRoomKeyBundleData} returns a truthy result, the
+    /// media file should be downloaded and then passed into this method to
+    /// actually do the import.
+    ///
+    /// @experimental
+    #[wasm_bindgen(js_name = "receiveRoomKeyBundle", unchecked_return_type = "Promise<undefined>")]
+    pub fn receive_room_key_bundle(
+        &self,
+        bundle_data: &StoredRoomKeyBundleData,
+        mut bundle: attachment::EncryptedAttachment,
+    ) -> Result<Promise, JsError> {
+        let me = self.inner.clone();
+        let bundle_data = bundle_data.clone();
+
+        let decrypted_bundle = attachment::Attachment::decrypt(&mut bundle)?;
+        let deserialized_bundle = serde_json::from_slice(&decrypted_bundle)?;
+
+        Ok(future_to_promise(async move {
+            me.store()
+                .receive_room_key_bundle(
+                    &bundle_data.room_id.inner,
+                    &bundle_data.sender_user.inner,
+                    &bundle_data.sender_data,
+                    deserialized_bundle,
+                    /* TODO: Use the progress listener and expose an argument for it. */
+                    |_, _| {},
+                )
+                .await?;
+            Ok(JsValue::UNDEFINED)
+        }))
+    }
+
     /// Shut down the `OlmMachine`.
     ///
     /// The `OlmMachine` cannot be used after this method has been called.

src/types.rs

@@ -7,15 +7,19 @@ use std::{
 
 use js_sys::{Array, JsString, Map, Set};
 use matrix_sdk_common::ruma::OwnedRoomId;
-use matrix_sdk_crypto::backups::{
-    SignatureState as InnerSignatureState, SignatureVerification as InnerSignatureVerification,
+use matrix_sdk_crypto::{
+    backups::{
+        SignatureState as InnerSignatureState, SignatureVerification as InnerSignatureVerification,
+    },
+    olm::SenderData,
+    MediaEncryptionInfo,
 };
 use tracing::warn;
 use wasm_bindgen::prelude::*;
 
 use crate::{
     encryption::EncryptionAlgorithm,
-    identifiers::{DeviceKeyId, UserId},
+    identifiers::{DeviceKeyId, RoomId, UserId},
     impl_from_to_inner,
     responses::ToDeviceEncryptionInfo,
     vodozemac::Ed25519Signature,
@@ -528,3 +532,47 @@ pub fn processed_to_device_event_to_js_value(
     };
     Some(result)
 }
+
+/// Information on a stored room key bundle data event.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct StoredRoomKeyBundleData {
+    /// The user that sent us this data.
+    #[wasm_bindgen(readonly, getter_with_clone, js_name = "senderUser")]
+    pub sender_user: UserId,
+
+    /// Information about the sender of this data and how much we trust that
+    /// information.
+    ///
+    /// This is held here because we need the `SenderData` back again in
+    /// [`OlmMachine::receive_room_key_bundle`]. It's not exposed over the wasm
+    /// boundary because `SenderData` doesn't implement `Into<JsValue>`.
+    pub(crate) sender_data: SenderData,
+
+    /// The room that these keys are for.
+    #[wasm_bindgen(readonly, getter_with_clone, js_name = "roomId")]
+    pub room_id: RoomId,
+
+    /// The location of the bundle.
+    #[wasm_bindgen(readonly, getter_with_clone)]
+    pub url: String,
+
+    /// The JSON-encoded encryption info for the key bundle.
+    #[wasm_bindgen(readonly, getter_with_clone, js_name = "encryptionInfo")]
+    pub encryption_info: String,
+}
+
+impl From<matrix_sdk_crypto::store::types::StoredRoomKeyBundleData> for StoredRoomKeyBundleData {
+    fn from(value: matrix_sdk_crypto::store::types::StoredRoomKeyBundleData) -> Self {
+        let url = value.bundle_data.file.url.to_string();
+        let encryption_info =
+            serde_json::to_string(&MediaEncryptionInfo::from(value.bundle_data.file)).unwrap();
+        Self {
+            sender_user: value.sender_user.into(),
+            sender_data: value.sender_data,
+            room_id: value.bundle_data.room_id.into(),
+            url,
+            encryption_info,
+        }
+    }
+}

tests/helper.ts

@@ -16,11 +16,12 @@ limitations under the License.
 
 import {
     DeviceLists,
-    RequestType,
-    KeysUploadRequest,
     KeysQueryRequest,
-    ToDeviceRequest,
+    KeysUploadRequest,
     OlmMachine,
+    RequestType,
+    RoomId,
+    ToDeviceRequest,
     UserId,
 } from "@matrix-org/matrix-sdk-crypto-wasm";
 
@@ -88,6 +89,7 @@ export async function addMachineToMachine(machineToAdd: OlmMachine, machine: Olm
 
         let bootstrapCrossSigningResult = await machineToAdd.bootstrapCrossSigning(true);
         let signingKeysUploadRequest = bootstrapCrossSigningResult.uploadSigningKeysRequest;
+        const uploadSignaturesRequestBody = JSON.parse(bootstrapCrossSigningResult.uploadSignaturesRequest.body);
 
         // Let's forge a `KeysQuery`'s response.
         let keyQueryResponse = {
@@ -101,6 +103,13 @@ export async function addMachineToMachine(machineToAdd: OlmMachine, machine: Olm
         keyQueryResponse.device_keys[userId] = {};
         keyQueryResponse.device_keys[userId][deviceId] = JSON.parse(keysUploadRequest.body).device_keys;
 
+        // Hack in the cross-signing signature on the device from `bootstrapCrossSigning`
+        expect(uploadSignaturesRequestBody[userId][deviceId]).toBeDefined();
+        Object.assign(
+            keyQueryResponse.device_keys[userId][deviceId].signatures[userId],
+            uploadSignaturesRequestBody[userId][deviceId].signatures[userId],
+        );
+
         const keys = JSON.parse(signingKeysUploadRequest.body);
         keyQueryResponse.master_keys[userId] = keys.master_key;
         keyQueryResponse.self_signing_keys[userId] = keys.self_signing_key;
@@ -156,3 +165,55 @@ export async function sendToDeviceMessageIntoMachine(
         undefined,
     );
 }
+
+/**
+ * Have `senderMachine` claim one of `receiverMachine`'s OTKs, to establish an olm session.
+ *
+ * Requires that `senderMachine` already know about `receiverMachine`, normally via
+ * `addMachineToMachine(receiverMachine, senderMachine)`.
+ */
+export async function establishOlmSession(senderMachine: OlmMachine, receiverMachine: OlmMachine) {
+    const keysClaimRequest = await senderMachine.getMissingSessions([receiverMachine.userId]);
+    const keysClaimRequestBody = JSON.parse(keysClaimRequest!.body);
+    expect(keysClaimRequestBody.one_time_keys).toEqual({
+        [receiverMachine.userId.toString()]: { [receiverMachine.deviceId.toString()]: "signed_curve25519" },
+    });
+
+    const outgoing = await receiverMachine.outgoingRequests();
+    const keysUploadRequest = outgoing.find((req) => req instanceof KeysUploadRequest);
+    expect(keysUploadRequest).toBeDefined();
+    const keysUploadRequestBody = JSON.parse(keysUploadRequest!.body);
+    const [otk_id, otk] = Object.entries(keysUploadRequestBody.one_time_keys)[0];
+
+    const keysClaimResponse = {
+        one_time_keys: {
+            [receiverMachine.userId.toString()]: { [receiverMachine.deviceId.toString()]: { [otk_id]: otk } },
+        },
+    };
+
+    await senderMachine.markRequestAsSent(
+        keysClaimRequest!.id,
+        RequestType.KeysClaim,
+        JSON.stringify(keysClaimResponse),
+    );
+}
+
+/**
+ * Encrypt an event using the given OlmMachine. Returns the JSON for the encrypted event.
+ *
+ * Assumes that a megolm session has already been established.
+ */
+export async function encryptEvent(
+    senderMachine: OlmMachine,
+    room: RoomId,
+    eventType: string,
+    eventContent: string,
+): Promise<string> {
+    return JSON.stringify({
+        sender: senderMachine.userId.toString(),
+        event_id: `\$${Date.now()}:example.com`,
+        type: "m.room.encrypted",
+        origin_server_ts: Date.now(),
+        content: JSON.parse(await senderMachine.encryptRoomEvent(room, eventType, eventContent)),
+    });
+}