Support sign in + E2EE set up using QR code implementing MSC3886, MSC3903 and MSC3906 (#2747)

* Clean implementation of MSC3886 and MSC3903

* Refactor to use object initialiser instead of lots of args + handle non-compliant fetch better

* Start of some unit tests

* Make AES work on Node.js as well as browser

* Tests for ECDH/X25519

* stric mode linting

* Fix incorrect test

* Refactor full rendezvous logic out of react-sdk into js-sdk

* Use correct unstable import

* Pass fetch around

* Make correct usage of fetch in tests

* fix: you can't call fetch when it's not on window

* Use class names to make it clearer that these are unstable MSC implementations

* Linting

* Clean implementation of MSC3886 and MSC3903

* Refactor to use object initialiser instead of lots of args + handle non-compliant fetch better

* Start of some unit tests

* Make AES work on Node.js as well as browser

* Tests for ECDH/X25519

* stric mode linting

* Fix incorrect test

* Refactor full rendezvous logic out of react-sdk into js-sdk

* Use correct unstable import

* Pass fetch around

* Make correct usage of fetch in tests

* fix: you can't call fetch when it's not on window

* Use class names to make it clearer that these are unstable MSC implementations

* Linting

* Reduce log noise

* Tidy up interface a bit

* Additional test for transport layer

* Linting

* Refactor dummy transport to be re-usable

* Remove redundant condition

* Handle more error cases

* Initial tests for MSC3906

* Reduce scope of PR to only cover generating a code on existing device

* Strict linting

* Additional test cases

* Lint

* additional test cases and remove some code smells

* More test cases

* Strict lint

* Strict lint

* Test case

* Refactor to handle UIA

* Unstable prefixes

* Lint

* Missed due to lack of strict...

* Test server capabilities using Feature

* Remove redundant assignment

* Refactor ro resuse generateDecimal from SAS

* Update src/rendezvous/transports/simpleHttpTransport.ts

Co-authored-by: Travis Ralston <[email protected]>

* Update src/rendezvous/transports/simpleHttpTransport.ts

Co-authored-by: Travis Ralston <[email protected]>

* Update src/rendezvous/channels/ecdhV1.ts

Co-authored-by: Travis Ralston <[email protected]>

* Update src/rendezvous/transports/simpleHttpTransport.ts

Co-authored-by: Travis Ralston <[email protected]>

* Rename files to titlecase

* Visibility modifiers

* Resolve public mutability

* Refactor logic to reduce duplication

* Refactor to have better defined data types throughout

* Rebase and remove Node.js crypto

* Wipe AES key out after use

* Add typing for MSC3906 layer

* Strict lint

* Fix double connect detection

* Remove unintended debug statement

* Return types

* Use generics

* Make type of MSC3903ECDHPayload explicit

* Use unstable prefix for RendezvousChannelAlgorithm

* Fix

* Extra unstable type

* Test types

Co-authored-by: Travis Ralston <[email protected]>
Co-authored-by: Kerry <[email protected]>

Author: 3 people

spec/unit/rendezvous/DummyTransport.ts

@@ -0,0 +1,92 @@
+/*
+Copyright 2022 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { logger } from "../../../src/logger";
+import {
+    RendezvousFailureListener,
+    RendezvousFailureReason,
+    RendezvousTransport,
+    RendezvousTransportDetails,
+} from "../../../src/rendezvous";
+import { sleep } from '../../../src/utils';
+
+export class DummyTransport<D extends RendezvousTransportDetails, T> implements RendezvousTransport<T> {
+    otherParty?: DummyTransport<D, T>;
+    etag?: string;
+    lastEtagReceived?: string;
+    data: T | undefined;
+
+    ready = false;
+    cancelled = false;
+
+    constructor(private name: string, private mockDetails: D) {}
+    onCancelled?: RendezvousFailureListener;
+
+    details(): Promise<RendezvousTransportDetails> {
+        return Promise.resolve(this.mockDetails);
+    }
+
+    async send(data: T): Promise<void> {
+        logger.info(
+            `[${this.name}] => [${this.otherParty?.name}] Attempting to send data: ${
+                JSON.stringify(data)} where etag matches ${this.etag}`,
+        );
+        // eslint-disable-next-line no-constant-condition
+        while (!this.cancelled) {
+            if (!this.etag || (this.otherParty?.etag && this.otherParty?.etag === this.etag)) {
+                this.data = data;
+                this.etag = Math.random().toString();
+                this.lastEtagReceived = this.etag;
+                this.otherParty!.etag = this.etag;
+                this.otherParty!.data = data;
+                logger.info(`[${this.name}] => [${this.otherParty?.name}] Sent with etag ${this.etag}`);
+                return;
+            }
+            logger.info(`[${this.name}] Sleeping to retry send after etag ${this.etag}`);
+            await sleep(250);
+        }
+    }
+
+    async receive(): Promise<T | undefined> {
+        logger.info(`[${this.name}] Attempting to receive where etag is after ${this.lastEtagReceived}`);
+        // eslint-disable-next-line no-constant-condition
+        while (!this.cancelled) {
+            if (!this.lastEtagReceived || this.lastEtagReceived !== this.etag) {
+                this.lastEtagReceived = this.etag;
+                logger.info(
+                    `[${this.otherParty?.name}] => [${this.name}] Received data: ` +
+                    `${JSON.stringify(this.data)} with etag ${this.etag}`,
+                );
+                return this.data;
+            }
+            logger.info(`[${this.name}] Sleeping to retry receive after etag ${
+                this.lastEtagReceived} as remote is ${this.etag}`);
+            await sleep(250);
+        }
+
+        return undefined;
+    }
+
+    cancel(reason: RendezvousFailureReason): Promise<void> {
+        this.cancelled = true;
+        this.onCancelled?.(reason);
+        return Promise.resolve();
+    }
+
+    cleanup() {
+        this.cancelled = true;
+    }
+}

spec/unit/rendezvous/ecdh.spec.ts

@@ -0,0 +1,172 @@
+/*
+Copyright 2022 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import '../../olm-loader';
+import { RendezvousFailureReason, RendezvousIntent } from "../../../src/rendezvous";
+import { MSC3903ECDHPayload, MSC3903ECDHv1RendezvousChannel } from '../../../src/rendezvous/channels';
+import { decodeBase64 } from '../../../src/crypto/olmlib';
+import { DummyTransport } from './DummyTransport';
+
+function makeTransport(name: string) {
+    return new DummyTransport<any, MSC3903ECDHPayload>(name, { type: 'dummy' });
+}
+
+describe('ECDHv1', function() {
+    beforeAll(async function() {
+        await global.Olm.init();
+    });
+
+    describe('with crypto', () => {
+        it("initiator wants to sign in", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            const aliceCode = await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+            const bob = new MSC3903ECDHv1RendezvousChannel(bobTransport, decodeBase64(aliceCode.rendezvous.key));
+
+            const bobChecksum = await bob.connect();
+            const aliceChecksum = await alice.connect();
+
+            expect(aliceChecksum).toEqual(bobChecksum);
+
+            const message = { key: "xxx" };
+            await alice.send(message);
+            const bobReceive = await bob.receive();
+            expect(bobReceive).toEqual(message);
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+            await bob.cancel(RendezvousFailureReason.Unknown);
+        });
+
+        it("initiator wants to reciprocate", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            const aliceCode = await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+            const bob = new MSC3903ECDHv1RendezvousChannel(bobTransport, decodeBase64(aliceCode.rendezvous.key));
+
+            const bobChecksum = await bob.connect();
+            const aliceChecksum = await alice.connect();
+
+            expect(aliceChecksum).toEqual(bobChecksum);
+
+            const message = { key: "xxx" };
+            await bob.send(message);
+            const aliceReceive = await alice.receive();
+            expect(aliceReceive).toEqual(message);
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+            await bob.cancel(RendezvousFailureReason.Unknown);
+        });
+
+        it("double connect", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            const aliceCode = await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+            const bob = new MSC3903ECDHv1RendezvousChannel(bobTransport, decodeBase64(aliceCode.rendezvous.key));
+
+            const bobChecksum = await bob.connect();
+            const aliceChecksum = await alice.connect();
+
+            expect(aliceChecksum).toEqual(bobChecksum);
+
+            expect(alice.connect()).rejects.toThrow();
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+            await bob.cancel(RendezvousFailureReason.Unknown);
+        });
+
+        it("closed", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            const aliceCode = await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+            const bob = new MSC3903ECDHv1RendezvousChannel(bobTransport, decodeBase64(aliceCode.rendezvous.key));
+
+            const bobChecksum = await bob.connect();
+            const aliceChecksum = await alice.connect();
+
+            expect(aliceChecksum).toEqual(bobChecksum);
+
+            alice.close();
+
+            expect(alice.connect()).rejects.toThrow();
+            expect(alice.send({})).rejects.toThrow();
+            expect(alice.receive()).rejects.toThrow();
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+            await bob.cancel(RendezvousFailureReason.Unknown);
+        });
+
+        it("require ciphertext", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            const aliceCode = await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+            const bob = new MSC3903ECDHv1RendezvousChannel(bobTransport, decodeBase64(aliceCode.rendezvous.key));
+
+            const bobChecksum = await bob.connect();
+            const aliceChecksum = await alice.connect();
+
+            expect(aliceChecksum).toEqual(bobChecksum);
+
+            // send a message without encryption
+            await aliceTransport.send({ iv: "dummy", ciphertext: "dummy" });
+            expect(bob.receive()).rejects.toThrowError();
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+            await bob.cancel(RendezvousFailureReason.Unknown);
+        });
+
+        it("ciphertext before set up", async function() {
+            const aliceTransport = makeTransport('Alice');
+            const bobTransport = makeTransport('Bob');
+            aliceTransport.otherParty = bobTransport;
+            bobTransport.otherParty = aliceTransport;
+
+            // alice is signing in initiates and generates a code
+            const alice = new MSC3903ECDHv1RendezvousChannel(aliceTransport);
+            await alice.generateCode(RendezvousIntent.LOGIN_ON_NEW_DEVICE);
+
+            await bobTransport.send({ iv: "dummy", ciphertext: "dummy" });
+
+            expect(alice.receive()).rejects.toThrowError();
+
+            await alice.cancel(RendezvousFailureReason.Unknown);
+        });
+    });
+});