{"version":3,"file":"secret-storage.js","names":[],"sources":["../src/secret-storage.ts"],"sourcesContent":["/*\nCopyright 2021-2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\n/**\n * Implementation of server-side secret storage\n *\n * @see https://spec.matrix.org/v1.6/client-server-api/#storage\n */\n\n/**\n * Common base interface for Secret Storage Keys.\n *\n * The common properties for all encryption keys used in server-side secret storage.\n *\n * @see https://spec.matrix.org/v1.6/client-server-api/#key-storage\n */\nexport interface SecretStorageKeyDescriptionCommon {\n    /** A human-readable name for this key. */\n    // XXX: according to the spec, this is optional\n    name: string;\n\n    /** The encryption algorithm used with this key. */\n    algorithm: string;\n\n    /** Information for deriving this key from a passphrase. */\n    // XXX: according to the spec, this is optional\n    passphrase: PassphraseInfo;\n}\n\n/**\n * Properties for a SSSS key using the `m.secret_storage.v1.aes-hmac-sha2` algorithm.\n *\n * Corresponds to `AesHmacSha2KeyDescription` in the specification.\n *\n * @see https://spec.matrix.org/v1.6/client-server-api/#msecret_storagev1aes-hmac-sha2\n */\nexport interface SecretStorageKeyDescriptionAesV1 extends SecretStorageKeyDescriptionCommon {\n    // XXX: strictly speaking, we should be able to enforce the algorithm here. But\n    //   this interface ends up being incorrectly used where other algorithms are in use (notably\n    //   in device-dehydration support), and unpicking that is too much like hard work\n    //   at the moment.\n    // algorithm: \"m.secret_storage.v1.aes-hmac-sha2\";\n\n    /** The 16-byte AES initialization vector, encoded as base64. */\n    iv: string;\n\n    /** The MAC of the result of encrypting 32 bytes of 0, encoded as base64. */\n    mac: string;\n}\n\n/**\n * Union type for secret storage keys.\n *\n * For now, this is only {@link SecretStorageKeyDescriptionAesV1}, but other interfaces may be added in future.\n */\nexport type SecretStorageKeyDescription = SecretStorageKeyDescriptionAesV1;\n\n/**\n * Information on how to generate the key from a passphrase.\n *\n * @see https://spec.matrix.org/v1.6/client-server-api/#deriving-keys-from-passphrases\n */\nexport interface PassphraseInfo {\n    /** The algorithm to be used to derive the key. */\n    algorithm: \"m.pbkdf2\";\n\n    /** The number of PBKDF2 iterations to use. */\n    iterations: number;\n\n    /** The salt to be used for PBKDF2. */\n    salt: string;\n\n    /** The number of bits to generate. Defaults to 256. */\n    bits?: number;\n}\n"],"mappings":""}