Update import to use new functions

Author: florianduros

Diff for: spec/integ/crypto/cross-signing.spec.ts

@@ -21,7 +21,7 @@ import { IDBFactory } from "fake-indexeddb";
 import { CRYPTO_BACKENDS, InitCrypto, syncPromise } from "../../test-utils/test-utils";
 import { AuthDict, createClient, CryptoEvent, MatrixClient } from "../../../src";
 import { mockInitialApiRequests, mockSetupCrossSigningRequests } from "../../test-utils/mockEndpoints";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { CryptoCallbacks, CrossSigningKey } from "../../../src/crypto-api";
 import { SECRET_STORAGE_ALGORITHM_V1_AES } from "../../../src/secret-storage";
 import { ISyncResponder, SyncResponder } from "../../test-utils/SyncResponder";

Diff for: spec/unit/crypto/secrets.spec.ts

@@ -20,7 +20,7 @@ import { IObject } from "../../../src/crypto/olmlib";
 import { MatrixEvent } from "../../../src/models/event";
 import { TestClient } from "../../TestClient";
 import { makeTestClients } from "./verification/util";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { createSecretStorageKey, resetCrossSigningKeys } from "./crypto-utils";
 import { logger } from "../../../src/logger";
 import { ClientEvent, ICreateClientOpts, MatrixClient } from "../../../src/client";

Diff for: spec/unit/rust-crypto/rust-crypto.spec.ts

@@ -69,7 +69,7 @@ import { logger } from "../../../src/logger";
 import { OutgoingRequestsManager } from "../../../src/rust-crypto/OutgoingRequestsManager";
 import { ClientEvent, ClientEventHandlerMap } from "../../../src/client";
 import { Curve25519AuthData } from "../../../src/crypto-api/keybackup";
-import { encryptAES } from "../../../src/crypto/aes";
+import { encryptAES } from "../../../src/utils/encryptAES";
 import { CryptoStore, SecretStorePrivateKeys } from "../../../src/crypto/store/base";
 
 const TEST_USER = "@alice:example.com";

Diff for: spec/unit/secret-storage.spec.ts

@@ -25,7 +25,7 @@ import {
     ServerSideSecretStorageImpl,
     trimTrailingEquals,
 } from "../../src/secret-storage";
-import { calculateKeyCheck } from "../../src/crypto/aes";
+import { calculateKeyCheck } from "../../src/utils/calculateKeyCheck";
 import { randomString } from "../../src/randomstring";
 
 describe("ServerSideSecretStorageImpl", function () {

Diff for: src/crypto-api/keybackup.ts

@@ -15,7 +15,7 @@ limitations under the License.
 */
 
 import { ISigned } from "../@types/signed.ts";
-import { IEncryptedPayload } from "../crypto/aes.ts";
+import { SecretEncryptedPayload } from "../utils/encryptAES.ts";
 
 export interface Curve25519AuthData {
     public_key: string;
@@ -77,7 +77,7 @@ export interface Curve25519SessionData {
 }
 
 /* eslint-disable camelcase */
-export interface KeyBackupSession<T = Curve25519SessionData | IEncryptedPayload> {
+export interface KeyBackupSession<T = Curve25519SessionData | SecretEncryptedPayload> {
     first_message_index: number;
     forwarded_count: number;
     is_verified: boolean;

Diff for: src/crypto/CrossSigning.ts

@@ -22,7 +22,6 @@ import type { PkSigning } from "@matrix-org/olm";
 import { IObject, pkSign, pkVerify } from "./olmlib.ts";
 import { logger } from "../logger.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, encryptAES } from "./aes.ts";
 import { DeviceInfo } from "./deviceinfo.ts";
 import { ISignedKey, MatrixClient } from "../client.ts";
 import { OlmDevice } from "./OlmDevice.ts";
@@ -36,6 +35,8 @@ import {
     UserVerificationStatus as UserTrustLevel,
 } from "../crypto-api/index.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
 
 // backwards-compatibility re-exports
 export { UserTrustLevel };

Diff for: src/crypto/backup.ts

@@ -27,7 +27,6 @@ import { DeviceTrustLevel } from "./CrossSigning.ts";
 import { keyFromPassphrase } from "./key_passphrase.ts";
 import { encodeUri, safeSet, sleep } from "../utils.ts";
 import { IndexedDBCryptoStore } from "./store/indexeddb-crypto-store.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
 import {
     Curve25519SessionData,
     IAes256AuthData,
@@ -41,6 +40,9 @@ import { ClientPrefix, HTTPError, MatrixError, Method } from "../http-api/index.
 import { BackupTrustInfo } from "../crypto-api/keybackup.ts";
 import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
 import { encodeRecoveryKey } from "../crypto-api/index.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
+import { encryptAES, SecretEncryptedPayload } from "../utils/encryptAES.ts";
 
 const KEY_BACKUP_KEYS_PER_REQUEST = 200;
 const KEY_BACKUP_CHECK_RATE_LIMIT = 5000; // ms
@@ -94,7 +96,7 @@ interface BackupAlgorithmClass {
 
 interface BackupAlgorithm {
     untrusted: boolean;
-    encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | IEncryptedPayload>;
+    encryptSession(data: Record<string, any>): Promise<Curve25519SessionData | SecretEncryptedPayload>;
     decryptSessions(ciphertexts: Record<string, IKeyBackupSession>): Promise<IMegolmSessionData[]>;
     authData: AuthData;
     keyMatches(key: ArrayLike<number>): Promise<boolean>;
@@ -825,7 +827,7 @@ export class Aes256 implements BackupAlgorithm {
         return false;
     }
 
-    public encryptSession(data: Record<string, any>): Promise<IEncryptedPayload> {
+    public encryptSession(data: Record<string, any>): Promise<SecretEncryptedPayload> {
         const plainText: Record<string, any> = Object.assign({}, data);
         delete plainText.session_id;
         delete plainText.room_id;
@@ -834,7 +836,7 @@ export class Aes256 implements BackupAlgorithm {
     }
 
     public async decryptSessions(
-        sessions: Record<string, IKeyBackupSession<IEncryptedPayload>>,
+        sessions: Record<string, IKeyBackupSession<SecretEncryptedPayload>>,
     ): Promise<IMegolmSessionData[]> {
         const keys: IMegolmSessionData[] = [];
 

Diff for: src/crypto/dehydration.ts

@@ -19,11 +19,12 @@ import anotherjson from "another-json";
 import type { IDeviceKeys, IOneTimeKey } from "../@types/crypto.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, encryptAES } from "./aes.ts";
 import { logger } from "../logger.ts";
 import { Crypto } from "./index.ts";
 import { Method } from "../http-api/index.ts";
 import { SecretStorageKeyDescription } from "../secret-storage.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { encryptAES } from "../utils/encryptAES.ts";
 
 export interface IDehydratedDevice {
     device_id: string; // eslint-disable-line camelcase

Diff for: src/crypto/index.ts

@@ -47,7 +47,6 @@ import { InRoomChannel, InRoomRequests } from "./verification/request/InRoomChan
 import { Request, ToDeviceChannel, ToDeviceRequests } from "./verification/request/ToDeviceChannel.ts";
 import { IllegalMethod } from "./verification/IllegalMethod.ts";
 import { KeySignatureUploadError } from "../errors.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./aes.ts";
 import { DehydrationManager } from "./dehydration.ts";
 import { BackupManager, LibOlmBackupDecryptor, backupTrustInfoFromLegacyTrustInfo } from "./backup.ts";
 import { IStore } from "../store/index.ts";
@@ -107,6 +106,9 @@ import { deviceInfoToDevice } from "./device-converter.ts";
 import { ClientPrefix, MatrixError, Method } from "../http-api/index.ts";
 import { decodeBase64, encodeBase64 } from "../base64.ts";
 import { KnownMembership } from "../@types/membership.ts";
+import { calculateKeyCheck } from "../utils/calculateKeyCheck.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { encryptAES, SecretEncryptedPayload } from "../utils/encryptAES.ts";
 
 /* re-exports for backwards compatibility */
 export type {
@@ -1323,7 +1325,7 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
      * @returns the key, if any, or null
      */
     public async getSessionBackupPrivateKey(): Promise<Uint8Array | null> {
-        const encodedKey = await new Promise<Uint8Array | IEncryptedPayload | string | null>((resolve) => {
+        const encodedKey = await new Promise<Uint8Array | SecretEncryptedPayload | string | null>((resolve) => {
             this.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {
                 this.cryptoStore.getSecretStorePrivateKey(txn, resolve, "m.megolm_backup.v1");
             });

Diff for: src/crypto/store/base.ts

@@ -25,8 +25,8 @@ import { Logger } from "../../logger.ts";
 import { InboundGroupSessionData } from "../OlmDevice.ts";
 import { MatrixEvent } from "../../models/event.ts";
 import { DehydrationManager } from "../dehydration.ts";
-import { IEncryptedPayload } from "../aes.ts";
 import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
+import { SecretEncryptedPayload } from "../../utils/encryptAES.ts";
 
 /**
  * Internal module. Definitions for storage for the crypto module
@@ -35,11 +35,11 @@ import { CrossSigningKeyInfo } from "../../crypto-api/index.ts";
 export interface SecretStorePrivateKeys {
     "dehydration": {
         keyInfo: DehydrationManager["keyInfo"];
-        key: IEncryptedPayload;
+        key: SecretEncryptedPayload;
         deviceDisplayName: string;
         time: number;
     } | null;
-    "m.megolm_backup.v1": IEncryptedPayload;
+    "m.megolm_backup.v1": SecretEncryptedPayload;
 }
 
 /**

Diff for: src/rust-crypto/backup.ts

@@ -33,10 +33,10 @@ import { encodeUri, logDuration } from "../utils.ts";
 import { OutgoingRequestProcessor } from "./OutgoingRequestProcessor.ts";
 import { sleep } from "../utils.ts";
 import { BackupDecryptor } from "../common-crypto/CryptoBackend.ts";
-import { IEncryptedPayload } from "../crypto/aes.ts";
 import { ImportRoomKeyProgressData, ImportRoomKeysOpts } from "../crypto-api/index.ts";
 import { IKeyBackupInfo } from "../crypto/keybackup.ts";
 import { IKeyBackup } from "../crypto/backup.ts";
+import { SecretEncryptedPayload } from "../utils/encryptAES.ts";
 
 /** Authentification of the backup info, depends on algorithm */
 type AuthData = KeyBackupInfo["auth_data"];
@@ -622,7 +622,7 @@ export class RustBackupDecryptor implements BackupDecryptor {
      * Implements {@link BackupDecryptor#decryptSessions}
      */
     public async decryptSessions(
-        ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | IEncryptedPayload>>,
+        ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | SecretEncryptedPayload>>,
     ): Promise<IMegolmSessionData[]> {
         const keys: IMegolmSessionData[] = [];
         for (const [sessionId, sessionData] of Object.entries(ciphertexts)) {

Diff for: src/rust-crypto/libolm_migration.ts

@@ -19,7 +19,6 @@ import * as RustSdkCryptoJs from "@matrix-org/matrix-sdk-crypto-wasm";
 import { Logger } from "../logger.ts";
 import { CryptoStore, MigrationState, SecretStorePrivateKeys } from "../crypto/store/base.ts";
 import { IndexedDBCryptoStore } from "../crypto/store/indexeddb-crypto-store.ts";
-import { decryptAES, IEncryptedPayload } from "../crypto/aes.ts";
 import { IHttpOpts, MatrixHttpApi } from "../http-api/index.ts";
 import { requestKeyBackupVersion } from "./backup.ts";
 import { IRoomEncryption } from "../crypto/RoomList.ts";
@@ -28,6 +27,8 @@ import { RustCrypto } from "./rust-crypto.ts";
 import { KeyBackupInfo } from "../crypto-api/keybackup.ts";
 import { sleep } from "../utils.ts";
 import { encodeBase64 } from "../base64.ts";
+import { decryptAES } from "../utils/decryptAES.ts";
+import { SecretEncryptedPayload } from "../utils/encryptAES.ts";
 
 /**
  * Determine if any data needs migrating from the legacy store, and do so.
@@ -421,7 +422,7 @@ async function getAndDecryptCachedSecretKey(
     });
 
     if (key && key.ciphertext && key.iv && key.mac) {
-        return await decryptAES(key as IEncryptedPayload, legacyPickleKey, name);
+        return await decryptAES(key as SecretEncryptedPayload, legacyPickleKey, name);
     } else if (key instanceof Uint8Array) {
         // This is a legacy backward compatibility case where the key was stored in clear.
         return encodeBase64(key);

Diff for: src/secret-storage.ts

@@ -23,9 +23,11 @@ limitations under the License.
 import { TypedEventEmitter } from "./models/typed-event-emitter.ts";
 import { ClientEvent, ClientEventHandlerMap } from "./client.ts";
 import { MatrixEvent } from "./models/event.ts";
-import { calculateKeyCheck, decryptAES, encryptAES, IEncryptedPayload } from "./crypto/aes.ts";
 import { randomString } from "./randomstring.ts";
 import { logger } from "./logger.ts";
+import { calculateKeyCheck } from "./utils/calculateKeyCheck.ts";
+import { encryptAES, SecretEncryptedPayload } from "./utils/encryptAES.ts";
+import { decryptAES } from "./utils/decryptAES.ts";
 
 export const SECRET_STORAGE_ALGORITHM_V1_AES = "m.secret_storage.v1.aes-hmac-sha2";
 
@@ -200,13 +202,13 @@ export interface SecretStorageCallbacks {
 
 interface SecretInfo {
     encrypted: {
-        [keyId: string]: IEncryptedPayload;
+        [keyId: string]: SecretEncryptedPayload;
     };
 }
 
 interface Decryptors {
-    encrypt: (plaintext: string) => Promise<IEncryptedPayload>;
-    decrypt: (ciphertext: IEncryptedPayload) => Promise<string>;
+    encrypt: (plaintext: string) => Promise<SecretEncryptedPayload>;
+    decrypt: (ciphertext: SecretEncryptedPayload) => Promise<string>;
 }
 
 /**
@@ -491,7 +493,7 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
      * @param keys - The IDs of the keys to use to encrypt the secret, or null/undefined to use the default key.
      */
     public async store(name: string, secret: string, keys?: string[] | null): Promise<void> {
-        const encrypted: Record<string, IEncryptedPayload> = {};
+        const encrypted: Record<string, SecretEncryptedPayload> = {};
 
         if (!keys) {
             const defaultKeyId = await this.getDefaultKeyId();
@@ -638,10 +640,10 @@ export class ServerSideSecretStorageImpl implements ServerSideSecretStorage {
 
         if (keys[keyId].algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
             const decryption = {
-                encrypt: function (secret: string): Promise<IEncryptedPayload> {
+                encrypt: function (secret: string): Promise<SecretEncryptedPayload> {
                     return encryptAES(secret, privateKey, name);
                 },
-                decrypt: function (encInfo: IEncryptedPayload): Promise<string> {
+                decrypt: function (encInfo: SecretEncryptedPayload): Promise<string> {
                     return decryptAES(encInfo, privateKey, name);
                 },
             };

Diff for: src/utils/calculateKeyCheck.ts

@@ -14,10 +14,9 @@
  * limitations under the License.
  */
 
-// string of zeroes, for calculating the key check
-import { SecretEncryptedPayload } from "../@types/secretEncryptedPayload.ts";
-import { encryptAES } from "./encryptAES.ts";
+import { encryptAES, SecretEncryptedPayload } from "./encryptAES.ts";
 
+// string of zeroes, for calculating the key check
 const ZERO_STR = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
 
 /** Calculate the MAC for checking the key.