make SecureKeyBackup internal

matrix-org · Jul 26, 2023 · 6f712ba · 6f712ba
1 parent f5ac3f5
commit 6f712ba
Show file tree

Hide file tree

Showing 7 changed files with 85 additions and 61 deletions.
diff --git a/spec/integ/crypto/megolm-backup.spec.ts b/spec/integ/crypto/megolm-backup.spec.ts
@@ -158,6 +158,7 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("megolm-keys backup (%s)", (backe
 
         // tell Alice to trust the dummy device that signed the backup
         await aliceCrypto.setDeviceVerified(testData.TEST_USER_ID, testData.TEST_DEVICE_ID);
+        // @ts-ignore backupManager is an internal property
         await aliceCrypto.backupManager.checkAndStart();
 
         // Now, send Alice a message that she won't be able to decrypt, and check that she fetches the key from the backup.

diff --git a/src/common-crypto/CryptoBackend.ts b/src/common-crypto/CryptoBackend.ts
@@ -17,7 +17,7 @@ limitations under the License.
 import type { IDeviceLists, IToDeviceEvent } from "../sync-accumulator";
 import { MatrixEvent } from "../models/event";
 import { Room } from "../models/room";
-import { CryptoApi } from "../crypto-api";
+import { CryptoApi, SecureKeyBackup } from "../crypto-api";
 import { CrossSigningInfo, UserTrustLevel } from "../crypto/CrossSigning";
 import { IEncryptedEventInfo } from "../crypto/api";
 import { IEventDecryptionResult } from "../@types/crypto";
@@ -99,6 +99,13 @@ export interface CryptoBackend extends SyncCryptoCallbacks, CryptoApi {
      * @deprecated Unneeded for the new crypto
      */
     checkOwnCrossSigningTrust(opts?: CheckOwnCrossSigningTrustOpts): Promise<void>;
+
+    /**
+     * Access the backup manager
+     *
+     * @see SecureKeyBackup
+     */
+    readonly backupManager: SecureKeyBackup;
 }
 
 /** The methods which crypto implementations should expose to the Sync api

diff --git a/src/common-crypto/SecureKeyBackup.ts b/src/common-crypto/SecureKeyBackup.ts
@@ -0,0 +1,72 @@
+/*
+Copyright 2023 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { KeyBackupInfo } from "../crypto-api/keybackup";
+
+/**
+ * Interface to server-side key backup
+ *
+ * Server-side key backup, aka "secure (key) backup" or "session backup", is a feature in which devices save copies of
+ * the megolm session keys that they receive on the server. The keys are encrypted with the public part of an asymmetric
+ * key, which makes it easy for devices to add newly-received session keys. In future, if the user logs in on another
+ * device which lacks history, the backup can be restored by providing the private part of the key (the "backup
+ * decryption key"), thus providing access to historical messages.
+ *
+ * (The backup decryption key is normally retrieved from server-side-secret-storage (4S) or gossipped between devices
+ * using secret sharing, rather than being entered directly).
+ *
+ * @see https://spec.matrix.org/v1.7/client-server-api/#server-side-key-backups
+ * @internal
+ */
+export interface SecureKeyBackup {
+    /**
+     * Check the server for an active key backup.
+     *
+     * If a key backup is present, and has a valid signature from one of the user's verified devices, start backing up
+     * to it.
+     *
+     * @returns `null` if there was an error checking for an active backup; otherwise, information about the active backup
+     *    (or lack thereof).
+     */
+    checkAndStart(): Promise<KeyBackupCheck | null>;
+}
+
+/**
+ * The result of {@link SecureKeyBackup.checkAndStart}.
+ *
+ * @internal
+ */
+export interface KeyBackupCheck {
+    /** Information from the server about the backup. `undefined` if there is no active backup. */
+    backupInfo?: KeyBackupInfo;
+
+    /** Information on whether we trust this backup. */
+    trustInfo: BackupTrustInfo;
+}
+
+/**
+ * Information on whether a given server-side backup is trusted.
+ *
+ * @internal
+ */
+export interface BackupTrustInfo {
+    /**
+     * Is this backup trusted?
+     *
+     * True if, and only if, there is a valid signature on the backup from a trusted device
+     */
+    readonly usable: boolean;
+}
diff --git a/src/crypto-api.ts b/src/crypto-api.ts
@@ -20,7 +20,7 @@ import { DeviceMap } from "./models/device";
 import { UIAuthCallback } from "./interactive-auth";
 import { AddSecretStorageKeyOpts, SecretStorageCallbacks, SecretStorageKeyDescription } from "./secret-storage";
 import { VerificationRequest } from "./crypto-api/verification";
-import { KeyBackupInfo, SecureKeyBackup } from "./crypto-api/keybackup";
+import { KeyBackupInfo } from "./crypto-api/keybackup";
 
 /**
  * Public interface to the cryptography parts of the js-sdk
@@ -307,13 +307,6 @@ export interface CryptoApi {
     //
     ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
 
-    /**
-     * Access the backup manager
-     *
-     * @see Crypto.SecureKeyBackup
-     */
-    readonly backupManager: SecureKeyBackup;
-
     /**
      * Fetch the backup decryption key we have saved in our store.
      *
@@ -539,3 +532,4 @@ export interface GeneratedSecretStorageKey {
 
 export * from "./crypto-api/verification";
 export * from "./crypto-api/keybackup";
+export type { SecureKeyBackup } from "./common-crypto/SecureKeyBackup";
diff --git a/src/crypto-api/keybackup.ts b/src/crypto-api/keybackup.ts
@@ -16,44 +16,6 @@ limitations under the License.
 
 import { ISigned } from "../@types/signed";
 
-/**
- * Interface to server-side key backup
- *
- * Server-side key backup, aka "secure (key) backup" or "session backup", is a feature in which devices save copies of
- * the megolm session keys that they receive on the server. The keys are encrypted with the public part of an asymmetric
- * key, which makes it easy for devices to add newly-received session keys. In future, if the user logs in on another
- * device which lacks history, the backup can be restored by providing the private part of the key (the "backup
- * decryption key"), thus providing access to historical messages.
- *
- * (The backup decryption key is normally retrieved from server-side-secret-storage (4S) or gossipped between devices
- * using secret sharing, rather than being entered directly).
- *
- * @see https://spec.matrix.org/v1.7/client-server-api/#server-side-key-backups
- */
-export interface SecureKeyBackup {
-    /**
-     * Check the server for an active key backup.
-     *
-     * If a key backup is present, and has a valid signature from one of the user's verified devices, start backing up
-     * to it.
-     *
-     * @returns `null` if there was an error checking for an active backup; otherwise, information about the active backup
-     *    (or lack thereof).
-     */
-    checkAndStart(): Promise<KeyBackupCheck | null>;
-}
-
-/**
- * The result of {@link SecureKeyBackup.checkAndStart}.
- */
-export interface KeyBackupCheck {
-    /** Information from the server about the backup. `undefined` if there is no active backup. */
-    backupInfo?: KeyBackupInfo;
-
-    /** Information on whether we trust this backup. */
-    trustInfo: BackupTrustInfo;
-}
-
 export interface Curve25519AuthData {
     public_key: string;
     private_key_salt?: string;
@@ -81,15 +43,3 @@ export interface KeyBackupInfo {
     etag?: string;
     version?: string; // number contained within
 }
-
-/**
- * Information on whether a given server-side backup is trusted.
- */
-export interface BackupTrustInfo {
-    /**
-     * Is this backup trusted?
-     *
-     * True if, and only if, there is a valid signature on the backup from a trusted device
-     */
-    readonly usable: boolean;
-}
diff --git a/src/crypto/backup.ts b/src/crypto/backup.ts
@@ -40,7 +40,7 @@ import { UnstableValue } from "../NamespacedValue";
 import { CryptoEvent } from "./index";
 import { crypto } from "./crypto";
 import { HTTPError, MatrixError } from "../http-api";
-import { SecureKeyBackup } from "../crypto-api/keybackup";
+import { SecureKeyBackup } from "../common-crypto/SecureKeyBackup";
 
 const KEY_BACKUP_KEYS_PER_REQUEST = 200;
 const KEY_BACKUP_CHECK_RATE_LIMIT = 5000; // ms

diff --git a/src/rust-crypto/backup.ts b/src/rust-crypto/backup.ts
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-import { KeyBackupCheck, SecureKeyBackup } from "../crypto-api/keybackup";
+import { KeyBackupCheck, SecureKeyBackup } from "../common-crypto/SecureKeyBackup";
 
 export class RustBackupManager implements SecureKeyBackup {
     public async checkAndStart(): Promise<KeyBackupCheck | null> {