Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

indexeddb: expose new method IndexeddbCryptoStore::open_with_key #3423

Merged
merged 6 commits into from
May 22, 2024
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 4 additions & 2 deletions crates/matrix-sdk-indexeddb/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
# unreleased
# UNRELEASED

- Add new method `IndexeddbCryptoStore::open_with_key`. ([#3423](https://github.com/matrix-org/matrix-rust-sdk/pull/3423))

- `save_change` performance improvement, all encryption and serialization
is done now outside of the db transaction.
is done now outside of the db transaction.
4 changes: 4 additions & 0 deletions crates/matrix-sdk-indexeddb/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,9 @@ tokio = { workspace = true }
tracing = { workspace = true }
wasm-bindgen = "0.2.83"
web-sys = { version = "0.3.57", features = ["IdbKeyRange"] }
hkdf = "0.12.4"
zeroize.workspace = true
richvdh marked this conversation as resolved.
Show resolved Hide resolved
sha2.workspace = true
richvdh marked this conversation as resolved.
Show resolved Hide resolved

[target.'cfg(target_arch = "wasm32")'.dependencies]
# for wasm32 we need to activate this
Expand All @@ -50,6 +53,7 @@ matrix-sdk-base = { workspace = true, features = ["testing"] }
matrix-sdk-common = { workspace = true, features = ["js"] }
matrix-sdk-crypto = { workspace = true, features = ["js", "testing"] }
matrix-sdk-test = { workspace = true }
rand = { workspace = true }
tracing-subscriber = { version = "0.3.18", default-features = false, features = ["registry", "tracing-log"] }
uuid = "1.3.0"
wasm-bindgen-test = "0.3.33"
Expand Down
260 changes: 221 additions & 39 deletions crates/matrix-sdk-indexeddb/src/crypto_store/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ use std::{

use async_trait::async_trait;
use gloo_utils::format::JsValueSerdeExt;
use hkdf::Hkdf;
use indexed_db_futures::prelude::*;
use matrix_sdk_crypto::{
olm::{
Expand All @@ -30,6 +31,7 @@ use matrix_sdk_crypto::{
RoomKeyCounts, RoomSettings,
},
types::events::room_key_withheld::RoomKeyWithheldEvent,
vodozemac::base64_encode,
Account, GossipRequest, GossippedSecret, ReadOnlyDevice, ReadOnlyUserIdentities, SecretInfo,
TrackedUser,
};
Expand All @@ -38,6 +40,7 @@ use ruma::{
events::secret::request::SecretName, DeviceId, MilliSecondsSinceUnixEpoch, OwnedDeviceId,
RoomId, TransactionId, UserId,
};
use sha2::Sha256;
use tokio::sync::Mutex;
use tracing::{debug, warn};
use wasm_bindgen::JsValue;
Expand Down Expand Up @@ -272,34 +275,25 @@ impl IndexeddbCryptoStore {
IndexeddbCryptoStore::open_with_store_cipher("crypto", None).await
}

/// Open a new `IndexeddbCryptoStore` with given name and passphrase
/// Open an `IndexeddbCryptoStore` with given name and passphrase.
///
/// If the store previously existed, the encryption cipher is initialised
/// using the given passphrase and the details from the meta store. If the
/// store did not previously exist, a new encryption cipher is derived
/// from the passphrase, and the details are stored to the metastore.
///
/// The store is then opened, or a new one created, using the encryption
/// cipher.
///
/// # Arguments
///
/// * `prefix` - Common prefix for the names of the two IndexedDB stores.
/// * `passphrase` - Passphrase which is used to derive a key to encrypt the
/// key which is used to encrypt the store. Must be the same each time the
/// store is opened.
pub async fn open_with_passphrase(prefix: &str, passphrase: &str) -> Result<Self> {
let name = format!("{prefix:0}::matrix-sdk-crypto-meta");

debug!("IndexedDbCryptoStore: Opening meta-store {name}");
let mut db_req: OpenDbRequest = IdbDatabase::open_u32(&name, 1)?;
db_req.set_on_upgrade_needed(Some(|evt: &IdbVersionChangeEvent| -> Result<(), JsValue> {
let old_version = evt.old_version() as u32;
if old_version < 1 {
// migrating to version 1
let db = evt.db();

db.create_object_store("matrix-sdk-crypto")?;
}
Ok(())
}));

let db: IdbDatabase = db_req.await?;

let tx: IdbTransaction<'_> =
db.transaction_on_one_with_mode("matrix-sdk-crypto", IdbTransactionMode::Readonly)?;
let ob = tx.object_store("matrix-sdk-crypto")?;

let store_cipher: Option<Vec<u8>> = ob
.get(&JsValue::from_str(keys::STORE_CIPHER))?
.await?
.map(|k| k.into_serde())
.transpose()?;
let db = open_meta_db(prefix).await?;
let store_cipher = load_store_cipher(&db).await?;

let store_cipher = match store_cipher {
Some(cipher) => {
Expand All @@ -315,17 +309,58 @@ impl IndexeddbCryptoStore {
#[cfg(test)]
let export = cipher._insecure_export_fast_for_testing(passphrase);

let tx: IdbTransaction<'_> = db.transaction_on_one_with_mode(
"matrix-sdk-crypto",
IdbTransactionMode::Readwrite,
)?;
let ob = tx.object_store("matrix-sdk-crypto")?;

ob.put_key_val(
&JsValue::from_str(keys::STORE_CIPHER),
&JsValue::from_serde(&export.map_err(CryptoStoreError::backend)?)?,
)?;
tx.await.into_result()?;
let export = export.map_err(CryptoStoreError::backend)?;

save_store_cipher(&db, &export).await?;
cipher
}
};

// Must release the database access manually as it's not done when
// dropping it.
db.close();

IndexeddbCryptoStore::open_with_store_cipher(prefix, Some(store_cipher.into())).await
}

/// Open an `IndexeddbCryptoStore` with given name and key.
///
/// If the store previously existed, the encryption cipher is initialised
/// using the given key and the details from the meta store. If the store
/// did not previously exist, a new encryption cipher is derived from
/// the passphrase, and the details are stored to the metastore.
///
/// The store is then opened, or a new one created, using the encryption
/// cipher.
///
/// # Arguments
///
/// * `prefix` - Common prefix for the names of the two IndexedDB stores.
/// * `key` - key with which to encrypt the key which is used to encrypt the
richvdh marked this conversation as resolved.
Show resolved Hide resolved
/// store. Must be the same each time the store is opened.
pub async fn open_with_key(prefix: &str, key: &[u8; 32]) -> Result<Self> {
// The application might also use the provided key for something else, so to
// avoid key reuse, we pass the provided key through an HKDF
let mut chacha_key = zeroize::Zeroizing::new([0u8; 32]);
const HKDF_INFO: &[u8] = b"CRYPTOSTORE_CIPHER";
let hkdf = Hkdf::<Sha256>::new(None, key);
hkdf.expand(HKDF_INFO, &mut *chacha_key)
.expect("We should be able to generate a 32-byte key");

let db = open_meta_db(prefix).await?;
let store_cipher = load_store_cipher(&db).await?;

let store_cipher = match store_cipher {
Some(cipher) => {
debug!("IndexedDbCryptoStore: decrypting store cipher");
import_store_cipher_with_key(&chacha_key, key, &cipher, &db).await?
}
None => {
debug!("IndexedDbCryptoStore: encrypting new store cipher");
let cipher = StoreCipher::new().map_err(CryptoStoreError::backend)?;
let export =
cipher.export_with_key(&chacha_key).map_err(CryptoStoreError::backend)?;
save_store_cipher(&db, &export).await?;
cipher
}
};
Expand Down Expand Up @@ -1289,6 +1324,114 @@ impl Drop for IndexeddbCryptoStore {
}
}

/// Open the meta store.
///
/// The meta store contains details about the encryption of the main store.
async fn open_meta_db(prefix: &str) -> Result<IdbDatabase, IndexeddbCryptoStoreError> {
let name = format!("{prefix:0}::matrix-sdk-crypto-meta");

debug!("IndexedDbCryptoStore: Opening meta-store {name}");
let mut db_req: OpenDbRequest = IdbDatabase::open_u32(&name, 1)?;
db_req.set_on_upgrade_needed(Some(|evt: &IdbVersionChangeEvent| -> Result<(), JsValue> {
let old_version = evt.old_version() as u32;
if old_version < 1 {
// migrating to version 1
let db = evt.db();

db.create_object_store("matrix-sdk-crypto")?;
}
Ok(())
}));

Ok(db_req.await?)
}

/// Load the serialised store cipher from the meta store.
///
/// # Arguments:
///
/// * `meta_db`: Connection to the meta store, as returned by [`open_meta_db`].
///
/// # Returns:
///
/// The serialised `StoreCipher` object.
async fn load_store_cipher(
meta_db: &IdbDatabase,
) -> Result<Option<Vec<u8>>, IndexeddbCryptoStoreError> {
let tx: IdbTransaction<'_> =
meta_db.transaction_on_one_with_mode("matrix-sdk-crypto", IdbTransactionMode::Readonly)?;
let ob = tx.object_store("matrix-sdk-crypto")?;

let store_cipher: Option<Vec<u8>> = ob
.get(&JsValue::from_str(keys::STORE_CIPHER))?
.await?
.map(|k| k.into_serde())
.transpose()?;
Ok(store_cipher)
}

/// Save the serialised store cipher to the meta store.
///
/// # Arguments:
///
/// * `meta_db`: Connection to the meta store, as returned by [`open_meta_db`].
/// * `store_cipher`: The serialised `StoreCipher` object.
async fn save_store_cipher(
db: &IdbDatabase,
export: &Vec<u8>,
) -> Result<(), IndexeddbCryptoStoreError> {
let tx: IdbTransaction<'_> =
db.transaction_on_one_with_mode("matrix-sdk-crypto", IdbTransactionMode::Readwrite)?;
let ob = tx.object_store("matrix-sdk-crypto")?;

ob.put_key_val(&JsValue::from_str(keys::STORE_CIPHER), &JsValue::from_serde(&export)?)?;
tx.await.into_result()?;
Ok(())
}

/// Given a serialised store cipher, try importing with the given key.
///
/// This is a helper for [`IndexeddbCryptoStore::open_with_key`].
///
/// # Arguments
///
/// * `chacha_key`: The key to use with [`StoreCipher::import_with_key`].
/// Derived from `original_key` via an HKDF.
/// * `original_key`: The key provided by the application. Used to provide a
/// migration path from an older key derivation system.
/// * `serialised_cipher`: The serialized `EncryptedStoreCipher`, retrieved from
/// the database.
/// * `db`: Connection to the database.
async fn import_store_cipher_with_key(
chacha_key: &[u8; 32],
original_key: &[u8],
serialised_cipher: &[u8],
db: &IdbDatabase,
) -> Result<StoreCipher, IndexeddbCryptoStoreError> {
let cipher = match StoreCipher::import_with_key(chacha_key, serialised_cipher) {
Ok(cipher) => cipher,
Err(matrix_sdk_store_encryption::Error::KdfMismatch) => {
// Old versions of the matrix-js-sdk used to base64-encode their encryption
// key, and pass it into [`IndexeddbCryptoStore::open_with_passphrase`]. For
// backwards compatibility, we fall back to that if we discover we have a cipher
// encrypted with a KDF when we expected it to be encrypted directly with a key.
let cipher = StoreCipher::import(&base64_encode(original_key), serialised_cipher)
.map_err(|_| CryptoStoreError::UnpicklingError)?;

// Loading the cipher with the passphrase was successful. Let's update the
// stored version of the cipher so that it is encrypted with a key,
// to save doing this again.
debug!("IndexedDbCryptoStore: Migrating passphrase-encrypted store cipher to key-encryption");

let export = cipher.export_with_key(chacha_key).map_err(CryptoStoreError::backend)?;
save_store_cipher(db, &export).await?;
cipher
}
Err(_) => Err(CryptoStoreError::UnpicklingError)?,
};
Ok(cipher)
}

/// Fetch items from an object store in batches, transform each item using
/// the supplied function, and stuff the transformed items into a single
/// vector to return.
Expand Down Expand Up @@ -1546,7 +1689,14 @@ mod tests {

#[cfg(all(test, target_arch = "wasm32"))]
mod encrypted_tests {
use matrix_sdk_crypto::cryptostore_integration_tests;
use matrix_sdk_crypto::{
cryptostore_integration_tests,
olm::Account,
store::{CryptoStore, PendingChanges},
vodozemac::base64_encode,
};
use matrix_sdk_test::async_test;
use ruma::{device_id, user_id};

use super::IndexeddbCryptoStore;

Expand All @@ -1561,4 +1711,36 @@ mod encrypted_tests {
.expect("Can't create a passphrase protected store")
}
cryptostore_integration_tests!();

/// Test that we can migrate a store created with a passphrase, to being
/// encrypted with a key instead.
#[async_test]
async fn migrate_passphrase_to_key() {
let store_name = "test_migrate_passphrase_to_key";
let passdata: [u8; 32] = rand::random();
let b64_passdata = base64_encode(passdata);

// Initialise the store with some account data
let store = IndexeddbCryptoStore::open_with_passphrase(&store_name, &b64_passdata)
.await
.expect("Can't create a passphrase-protected store");

store
.save_pending_changes(PendingChanges {
account: Some(Account::with_device_id(
user_id!("@alice:example.org"),
device_id!("ALICEDEVICE"),
)),
})
.await
.expect("Can't save account");

// Now reopen the store, passing the key directly rather than as a b64 string.
let store = IndexeddbCryptoStore::open_with_key(&store_name, &passdata)
.await
.expect("Can't create a key-protected store");
let loaded_account =
store.load_account().await.expect("Can't load account").expect("Account was not saved");
assert_eq!(loaded_account.user_id, user_id!("@alice:example.org"));
}
}