Megolm session import and export #617
Conversation
Apparently Safari doesn't sport a TextEncoder, so here's a polyfill for it.
richvdh
force-pushed
the
rav/megolm_backup
branch
from
8bf785d
to
d63f7e8
Compare
|
I'm thinking of factoring the TextEncoderPolyfill out to a separate npm.js module - wdyt? |
| } | ||
|
|
||
| /** | ||
| * Derive the AES and SHA keys for the file |
There was a problem hiding this comment.
You should probably use "hmac key" or "hmac-sha256 key" rather than "sha key" for referring to the hmac key.
|
|
||
| const REPLACEMENT_CHAR = '\uFFFD'; | ||
|
|
||
| export default class TextDecoder { |
There was a problem hiding this comment.
Is this copied from somewhere? Or is it something you wrote yourself?
There was a problem hiding this comment.
I ended up writing it myself, because I couldn't find any other plausible implementations. As I wrote in the PR:
I'm thinking of factoring the TextEncoderPolyfill [and Decoder] out to a separate npm.js module - wdyt?
| continue; | ||
| } | ||
|
|
||
| u1 = u8Array[idx++]; |
There was a problem hiding this comment.
Missing bounds check on idx
There was a problem hiding this comment.
Oh, I missed the ```u1 === undefined`` below. I guess that works
|
I think factoring out the TextEncoder polyfill to a separate JS module would be a very good idea. |
| outU8Array[outIdx++] = 0x80 | (u & 63); | ||
| } else if (u <= 0xFFFF) { | ||
| outU8Array[outIdx++] = 0xE0 | (u >> 12); | ||
| outU8Array[outIdx++] = 0x80 | ((u >> 6) & 63); |
There was a problem hiding this comment.
I think I'd prefer it if you use 0x3F rather than 63 here.
| while (idx < u8Array.length) { | ||
| u0 = u8Array[idx++]; | ||
| if (!(u0 & 0x80)) { | ||
| str += String.fromCharCode(u0); |
There was a problem hiding this comment.
I assume browsers optimise the string concat ops here.
There was a problem hiding this comment.
hrm. I'm not sure that's a valid assumption, though it appears to be the case: https://jsperf.com/vdh-string-concatenation.
Can you think of any other solutions?
|
Would it be worth splitting the session export/import functions to a separate module so we can test it properly? |
which ones? the stubs in |
I guess I actually meant the ones that are doing the actual encryption/decryption using webcrypto rather than the import/export functions themselves. |
Somebody else seems to have done a good job of polyfilling TextEncoder, so let's use that.
|
We decided to use somebody else's TextEncoder polyfill. We also decided that MegolmExportEncryption could stay here for now. @NegativeMjark: ptal |
| } | ||
|
|
||
| const ciphertextLength = body.length-(1+16+16+4+32); | ||
| if (body.length < 0) { |
There was a problem hiding this comment.
if (ciphertextLength < 0), no?
Implementation of encryption/decryption of Megolm session data export/import, and some very hacky functions in index.js to prove that much works, until I figure out how to actually turn the data into Files and add it to the UI.
Requires matrix-org/matrix-js-sdk#326 (which in turn requires master libolm).
To try it, you can use the javascript console:
exportKeys("<password>")will log an encrypted blob to the console; that can be cut and pasted into another Riot client and imported withimportKeys("<password>", "<blob>").(Relates to element-hq/element-web#2108).