Private Readonly cryptoCurve25519 key for the account, unknown until we load the account from storage in init()
Ed25519 key for the account, unknown until we load the account from storage in init()
Private inboundPrivate maxPrivate outboundAdd an inbound group session to the session store
room in which this session will be used
base64-encoded curve25519 key of the sender
Devices involved in forwarding this session to us.
session identifier
base64-encoded secret key
Other keys the sender claims.
true if the megolm keys are in export format (ie, they lack an ed25519 signature)
any other data to be include with the session
Record in the data store why an inbound group session was withheld.
room that the session belongs to
base64-encoded curve25519 key of the sender
session identifier
reason code
human-readable version of code
Generate a new inbound session, given an incoming message
decrypted payload, and session id of new session
Error if the received message was not valid (for instance, it didn't use a valid one-time key).
remote user's Curve25519 identity key
messageType field from the received message (must be 0)
base64-encoded body from the received message
Generate a new outbound session
The new session will be stored in the cryptoStore.
sessionId for the outbound session.
remote user's Curve25519 identity key
remote user's one-time Curve25519 key
Decrypt a received message with an inbound group session
null if the sessionId is unknown
room in which the message was received
base64-encoded curve25519 key of the sender
session identifier
base64-encoded body of the encrypted message
ID of the event being decrypted
timestamp of the event being decrypted
Decrypt an incoming message using an existing session
decrypted payload.
Curve25519 identity key for the remote device
the id of the active session
messageType field from the received message
base64-encoded body from the received message
Encrypt an outgoing message using an existing session
ciphertext
Curve25519 identity key for the remote device
the id of the active session
payload to be encrypted and sent
Export data for re-creating the Olm device later. TODO export data other than just account and (P2P) sessions.
The exported data
Export an inbound group session
exported session data
base64-encoded curve25519 key of the sender
session identifier
The session object from the store
Private getInternal
extract our OlmAccount from the crypto store and call the given function
with the account object
The account object is usable only within the callback passed to this
function and will be freed as soon the callback returns. It is not
usable for the rest of the lifetime of the transaction.
This function requires a live transaction object from cryptoStore.doTxn()
and therefore may only be called in a doTxn() callback.
Opaque transaction object from cryptoStore.doTxn()
Private getInternal
extract an InboundGroupSession from the crypto store and call the given function
The room ID to extract the session for, or null to fetch sessions for any room.
Opaque transaction object from cryptoStore.doTxn()
function to call.
Extract the keys to a given megolm session, for sharing
details of the session key. The key is a base64-encoded megolm key in export format.
Error If the given chain index could not be obtained from the known index (ie. the given chain index is before the first we have).
room in which the message was received
base64-encoded curve25519 key of the sender
session identifier
Optional chainIndex: numberThe chain index at which to export the session. If omitted, export at the first index we know about.
Get the current (unused, unpublished) one-time keys for this account.
one time keys; an object with the single property curve25519, which is itself an object mapping key id to Curve25519 key.
Private getInternal
extract an OutboundGroupSession from outboundGroupSessionStore and call the given function
result of func
Get the session keys for an outbound group session
current chain index, and base64-encoded secret key.
the id of the outbound group session
Private getInternal
extract an OlmSession from the session store and call the given function The session is usable only within the callback passed to this function and will be freed as soon the callback returns. It is not usable for the rest of the lifetime of the transaction.
Opaque transaction object from cryptoStore.doTxn()
Get the right olm session id for encrypting messages to the given identity key
session id, or null if no established session
Curve25519 identity key for the remote device
Don't wait for an in-progress session to complete. This should only be set to true of the calling function is the function that marked the session as being in-progress.
Optional log: PrefixedLoggerA possibly customised log
Get information on the active Olm sessions for a device.
Returns an array, with an entry for each active session. The first entry in the result will be the one used for outgoing messages. Each entry contains the keys 'hasReceivedMessage' (true if the session has received an incoming message and is therefore past the pre-key stage), and 'sessionId'.
Curve25519 identity key for the device
Don't wait for an in-progress session to complete. This should only be set to true of the calling function is the function that marked the session as being in-progress.
A possibly customised log
Private getDetermine if we have the keys for a given megolm session
true if we have the keys to this session
room in which the message was received
base64-encoded curve25519 key of the sender
session identifier
Initialise the OlmAccount. This must be called before any other operations on the OlmDevice.
Data from an exported Olm device can be provided in order to re-create this device.
Attempts to load the OlmAccount from the crypto store, or creates one if none is found.
Reads the device keys from the OlmAccount object.
Private initialisePrivate initialisePopulates the crypto store using data that was exported from an existing device. Note that for now only the “account” and “sessions” stores are populated; Other stores will be as with a new device.
Data exported from another device through the “export” method.
an olm account to initialize
Determine if an incoming messages is a prekey message matching an existing session
true if the received message is a prekey message which matches the given session.
Curve25519 identity key for the remote device
the id of the active session
messageType field from the received message
base64-encoded body from the received message
Private savePrivate saveInternal
store our OlmSession in the session store
{session: OlmSession, lastReceivedMessageTs: int}
Opaque transaction object from cryptoStore.doTxn()
Private storePrivate unpickleUnpickle a session from a sessionData object and invoke the given function. The session is valid only until func returns.
result of func
Object describing the session.
Invoked with the unpickled session
Private unpickleInternal
Creates a session object from a session pickle and executes the given function with it. The session object is destroyed once the function returns.
Verify an ed25519 signature.
Error if there is a problem with the verification. If the key was too small then the message will be "OLM.INVALID_BASE64". If the signature was invalid then the message will be "OLM.BAD_MESSAGE_MAC".
ed25519 key
message which was signed
base64-encoded signature to be checked
Static getGenerated using TypeDoc
Manages the olm cryptography functions. Each OlmDevice has a single OlmAccount and a number of OlmSessions.
Accounts and sessions are kept pickled in the cryptoStore.