-
-
Notifications
You must be signed in to change notification settings - Fork 832
Conversation
Apparently Safari doesn't sport a TextEncoder, so here's a polyfill for it.
8bf785d
to
d63f7e8
Compare
I'm thinking of factoring the TextEncoderPolyfill out to a separate npm.js module - wdyt? |
} | ||
|
||
/** | ||
* Derive the AES and SHA keys for the file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should probably use "hmac key" or "hmac-sha256 key" rather than "sha key" for referring to the hmac key.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yup. done.
|
||
const REPLACEMENT_CHAR = '\uFFFD'; | ||
|
||
export default class TextDecoder { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this copied from somewhere? Or is it something you wrote yourself?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I ended up writing it myself, because I couldn't find any other plausible implementations. As I wrote in the PR:
I'm thinking of factoring the TextEncoderPolyfill [and Decoder] out to a separate npm.js module - wdyt?
continue; | ||
} | ||
|
||
u1 = u8Array[idx++]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing bounds check on idx
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, I missed the ```u1 === undefined`` below. I guess that works
I think factoring out the TextEncoder polyfill to a separate JS module would be a very good idea. |
outU8Array[outIdx++] = 0x80 | (u & 63); | ||
} else if (u <= 0xFFFF) { | ||
outU8Array[outIdx++] = 0xE0 | (u >> 12); | ||
outU8Array[outIdx++] = 0x80 | ((u >> 6) & 63); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'd prefer it if you use 0x3F
rather than 63
here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
while (idx < u8Array.length) { | ||
u0 = u8Array[idx++]; | ||
if (!(u0 & 0x80)) { | ||
str += String.fromCharCode(u0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume browsers optimise the string concat ops here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hrm. I'm not sure that's a valid assumption, though it appears to be the case: https://jsperf.com/vdh-string-concatenation.
Can you think of any other solutions?
Would it be worth splitting the session export/import functions to a separate module so we can test it properly? |
which ones? the stubs in |
I guess I actually meant the ones that are doing the actual encryption/decryption using webcrypto rather than the import/export functions themselves. |
Somebody else seems to have done a good job of polyfilling TextEncoder, so let's use that.
We decided to use somebody else's TextEncoder polyfill. We also decided that MegolmExportEncryption could stay here for now. @NegativeMjark: ptal |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
} | ||
|
||
const ciphertextLength = body.length-(1+16+16+4+32); | ||
if (body.length < 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (ciphertextLength < 0), no?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. fixed by #660
Implementation of encryption/decryption of Megolm session data export/import, and some very hacky functions in index.js to prove that much works, until I figure out how to actually turn the data into Files and add it to the UI.
Requires matrix-org/matrix-js-sdk#326 (which in turn requires master libolm).
To try it, you can use the javascript console:
exportKeys("<password>")
will log an encrypted blob to the console; that can be cut and pasted into another Riot client and imported withimportKeys("<password>", "<blob>")
.(Relates to element-hq/element-web#2108).