Update crypto rust

tchapgouv · Sep 4, 2024 · 704e3d5 · 704e3d5
1 parent 4247dea
commit 704e3d5
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 60 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,4 +30,4 @@ Cargo.lock
 **/out/failures
 
 # For manual dependency to rust crypto sdk
-library/rustCrypto/matrix-rust-sdk-crypto.aar
+#library/rustCrypto/matrix-rust-sdk-crypto.aar
diff --git a/library/rustCrypto/matrix-rust-sdk-crypto.aar b/library/rustCrypto/matrix-rust-sdk-crypto.aar
diff --git a/matrix-sdk-android/build.gradle b/matrix-sdk-android/build.gradle
@@ -225,8 +225,8 @@ dependencies {
 
  implementation libs.google.phonenumber
 
- implementation("org.matrix.rustcomponents:crypto-android:0.4.1")
-// api project(":library:rustCrypto")
+// implementation("org.matrix.rustcomponents:crypto-android:0.4.1")
+ api project(":library:rustCrypto")
 
  testImplementation libs.tests.junit
  // Note: version sticks to 1.9.2 due to https://github.com/mockk/mockk/issues/281

diff --git a/...k-android/src/main/java/org/matrix/android/sdk/internal/crypto/PrepareToEncryptUseCase.kt b/...k-android/src/main/java/org/matrix/android/sdk/internal/crypto/PrepareToEncryptUseCase.kt
@@ -121,7 +121,8 @@ internal class PrepareToEncryptUseCase @Inject constructor(
  HistoryVisibility.INVITED
  } else {
  HistoryVisibility.JOINED
- }
+ },
+ errorOnVerifiedUserProblem = false
  )
  measureTimeMillis {
  keyShareLock.withLock {

diff --git a/.../java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt b/.../java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt
@@ -44,9 +44,9 @@ import org.matrix.android.sdk.api.util.toBase64NoPadding
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.keysbackup.generatePrivateKeyWithPassword
 import org.matrix.android.sdk.internal.crypto.tools.HkdfSha256
-import org.matrix.android.sdk.internal.crypto.tools.withOlmDecryption
 import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.olm.OlmPkMessage
+import org.matrix.rustcomponents.sdk.crypto.Message
+import org.matrix.rustcomponents.sdk.crypto.PkDecryption
 import java.security.SecureRandom
 import javax.crypto.Cipher
 import javax.crypto.Mac
@@ -325,16 +325,15 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
  val keySpec = secretKey as? RawBytesKeySpec ?: throw SharedSecretStorageError.BadKeyFormat
  return withContext(cryptoCoroutineScope.coroutineContext + coroutineDispatchers.computation) {
  // decrypt from recovery key
- withOlmDecryption { olmPkDecryption ->
- olmPkDecryption.setPrivateKey(keySpec.privateKey)
- olmPkDecryption.decrypt(OlmPkMessage()
- .apply {
- mCipherText = secretContent.ciphertext
- mEphemeralKey = secretContent.ephemeral
- mMac = secretContent.mac
- }
- )
- }
+ if (secretContent.ciphertext != null && secretContent.mac != null && secretContent.ephemeral != null) {
+ val pkDecryption = PkDecryption.fromKey(keySpec.privateKey)
+ pkDecryption.decrypt(
+ Message(
+ secretContent.ciphertext.fromBase64(),
+ secretContent.mac.fromBase64(),
+ secretContent.ephemeral.fromBase64())
+ ).contentToString()
+ } else throw SharedSecretStorageError.UnknownSecret("none")
  }
  } else if (SSSS_ALGORITHM_AES_HMAC_SHA2 == algorithm.algorithm) {
  val keySpec = secretKey as? RawBytesKeySpec ?: throw SharedSecretStorageError.BadKeyFormat

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tools/Tools.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tools/Tools.kt
@@ -16,38 +16,8 @@
 
 package org.matrix.android.sdk.internal.crypto.tools
 
-import org.matrix.olm.OlmPkDecryption
-import org.matrix.olm.OlmPkEncryption
-import org.matrix.olm.OlmPkSigning
 import org.matrix.olm.OlmUtility
 
-internal fun <T> withOlmEncryption(block: (OlmPkEncryption) -> T): T {
- val olmPkEncryption = OlmPkEncryption()
- try {
- return block(olmPkEncryption)
- } finally {
- olmPkEncryption.releaseEncryption()
- }
-}
-
-internal fun <T> withOlmDecryption(block: (OlmPkDecryption) -> T): T {
- val olmPkDecryption = OlmPkDecryption()
- try {
- return block(olmPkDecryption)
- } finally {
- olmPkDecryption.releaseDecryption()
- }
-}
-
-internal fun <T> withOlmSigning(block: (OlmPkSigning) -> T): T {
- val olmPkSigning = OlmPkSigning()
- try {
- return block(olmPkSigning)
- } finally {
- olmPkSigning.releaseSigning()
- }
-}
-
 internal fun <T> withOlmUtility(block: (OlmUtility) -> T): T {
  val olmUtility = OlmUtility()
  try {

diff --git a/...roid/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SasVerification.kt b/...roid/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SasVerification.kt
@@ -82,6 +82,7 @@ internal class SasVerification @AssistedInject constructor(
  SasState.Confirmed -> SasTransactionState.SasMacSent
  SasState.Done -> SasTransactionState.Done(true)
  is SasState.Cancelled -> SasTransactionState.Cancelled(safeValueOf(state.cancelInfo.cancelCode), state.cancelInfo.cancelledByUs)
+ SasState.Created -> TODO()
  }
  }
 

diff --git a/...rc/main/java/org/matrix/android/sdk/internal/session/contentscanner/ScanEncryptorUtils.kt b/...rc/main/java/org/matrix/android/sdk/internal/session/contentscanner/ScanEncryptorUtils.kt
@@ -19,10 +19,12 @@ package org.matrix.android.sdk.internal.session.contentscanner
 import org.matrix.android.sdk.api.session.crypto.attachments.ElementToDecrypt
 import org.matrix.android.sdk.api.session.crypto.model.EncryptedFileInfo
 import org.matrix.android.sdk.api.session.crypto.model.EncryptedFileKey
-import org.matrix.android.sdk.internal.crypto.tools.withOlmEncryption
+import org.matrix.android.sdk.api.util.fromBase64
+import org.matrix.android.sdk.api.util.toBase64NoPadding
 import org.matrix.android.sdk.internal.session.contentscanner.model.DownloadBody
 import org.matrix.android.sdk.internal.session.contentscanner.model.EncryptedBody
 import org.matrix.android.sdk.internal.session.contentscanner.model.toCanonicalJson
+import org.matrix.rustcomponents.sdk.crypto.PkEncryption
 
 internal object ScanEncryptorUtils {
 
@@ -43,19 +45,15 @@ internal object ScanEncryptorUtils {
  v = "v2"
  )
  return if (publicServerKey != null) {
- // We should encrypt
- withOlmEncryption { olm ->
- olm.setRecipientKey(publicServerKey)
-
- val olmResult = olm.encrypt(DownloadBody(encryptedInfo).toCanonicalJson())
- DownloadBody(
- encryptedBody = EncryptedBody(
- cipherText = olmResult.mCipherText,
- ephemeral = olmResult.mEphemeralKey,
- mac = olmResult.mMac
- )
- )
- }
+ val pkEncryption = PkEncryption.fromPublicKey(publicServerKey.fromBase64())
+ val result = pkEncryption.encrypt(DownloadBody(encryptedInfo).toCanonicalJson().toByteArray())
+ DownloadBody(
+ encryptedBody = EncryptedBody(
+ cipherText = result.ciphertext.toBase64NoPadding(),
+ ephemeral = result.ephemeralKey.toBase64NoPadding(),
+ mac = result.mac.toBase64NoPadding()
+ )
+ )
  } else {
  DownloadBody(encryptedInfo)
  }