e2ee: sync ratchetted key with olm layer

modules/e2ee/E2EEContext.js

@@ -139,15 +139,4 @@ export default class E2EEcontext {
             keyIndex
         });
     }
-
-    /**
-     * Ratchet our own key.
-     * @param {string} participantId - the ID of the participant who's key we should ratchet.
-     */
-    ratchet(participantId) {
-        this._worker.postMessage({
-            operation: 'ratchet',
-            participantId
-        });
-    }
 }

modules/e2ee/E2EEncryption.js

@@ -30,6 +30,7 @@ export class E2EEncryption {
         this._conferenceJoined = false;
         this._enabled = false;
         this._initialized = false;
+        this._key = undefined;
 
         this._e2eeCtx = new E2EEContext();
         this._olmAdapter = new OlmAdapter(conference);
@@ -125,12 +126,12 @@ export class E2EEncryption {
         }
 
         // Generate a random key in case we are enabling.
-        const key = enabled ? this._generateKey() : false;
+        this._key = enabled ? this._generateKey() : false;
 
         // Send it to others using the E2EE olm channel.
-        this._olmAdapter.updateKey(key).then(index => {
+        this._olmAdapter.updateKey(this._key).then(index => {
             // Set our key so we begin encrypting.
-            this._e2eeCtx.setKey(this.conference.myUserId(), key, index);
+            this._e2eeCtx.setKey(this.conference.myUserId(), this._key, index);
         });
     }
 
@@ -224,10 +225,19 @@ export class E2EEncryption {
     async _ratchetKeyImpl() {
         logger.debug('Ratchetting key');
 
-        this._e2eeCtx.ratchet(this.conference.myUserId());
+        const material = await crypto.subtle.importKey('raw', this._key, 'HKDF', false, [ 'deriveBits' ]);
+        const newKey = await crypto.subtle.deriveBits({
+            name: 'HKDF',
+            salt: new TextEncoder().encode('JFrameRatchetKey'),
+            hash: 'SHA-256',
+            info: new ArrayBuffer()
+        }, material, 256);
 
-        // TODO: how do we tell the olm adapter which might need to send the current ratchet key
-        //      to the other side?
+        this._key = new Uint8Array(newKey);
+
+        const index = await this._olmAdapter.updateCurrentKey(this._key);
+
+        this._e2eeCtx.setKey(this.conference.myUserId(), this._key, index);
     }
 
     /**
@@ -239,10 +249,10 @@ export class E2EEncryption {
     async _rotateKeyImpl() {
         logger.debug('Rotating key');
 
-        const key = this._generateKey();
-        const index = await this._olmAdapter.updateKey(key);
+        this._key = this._generateKey();
+        const index = await this._olmAdapter.updateKey(this._key);
 
-        this._e2eeCtx.setKey(this.conference.myUserId(), key, index);
+        this._e2eeCtx.setKey(this.conference.myUserId(), this._key, index);
     }
 
     /**

modules/e2ee/OlmAdapter.js

@@ -83,6 +83,19 @@ export class OlmAdapter extends Listenable {
         return typeof window.Olm !== 'undefined';
     }
 
+    /**
+     * Updates the current participant key and distributes it to all participants in the conference
+     * by sending a key-info message.
+     *
+     * @param {Uint8Array|boolean} key - The new key.
+     * @returns {number}
+     */
+    async updateCurrentKey(key) {
+        this._key = key;
+
+        return this._keyIndex;
+    }
+
     /**
      * Updates the current participant key and distributes it to all participants in the conference
      * by sending a key-info message.
@@ -95,9 +108,9 @@ export class OlmAdapter extends Listenable {
         this._key = key;
         this._keyIndex++;
 
+        // Broadcast it.
         const promises = [];
 
-        // Broadcast it.
         for (const participant of this._conf.getParticipants()) {
             const pId = participant.getId();
             const olmData = this._getParticipantOlmData(participant);

modules/e2ee/Worker.js

@@ -192,16 +192,6 @@ class Context {
         this._sendCount = 0n; // Reset the send count (bigint).
     }
 
-    /**
-     * Ratchets a key forward one step.
-     */
-    async ratchet() {
-        const keys = this._cryptoKeyRing[this._currentKeyIndex];
-        const material = await ratchet(keys.material);
-
-        this.setKey(material, this._currentKeyIndex);
-    }
-
     /**
      * Function that will be injected in a stream and will encrypt the given encoded frames.
      *
@@ -484,19 +474,6 @@ onmessage = async event => {
         } else {
             context.setKey(false, keyIndex);
         }
-    } else if (operation === 'ratchet') {
-        const { participantId } = event.data;
-
-        // TODO: can we ensure this is for our own sender key?
-
-        if (!contexts.has(participantId)) {
-            console.error('Could not find context for', participantId);
-
-            return;
-        }
-        const context = contexts.get(participantId);
-
-        context.ratchet();
     } else if (operation === 'cleanup') {
         const { participantId } = event.data;