From d373081db15ff09b5f5e1480c0f6cf1d36fdf488 Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 5 Oct 2023 17:32:43 +0100 Subject: [PATCH 1/2] Generate call passwords with secure RNG --- src/matrix-utils.ts | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/matrix-utils.ts b/src/matrix-utils.ts index 471df590..475a85d0 100644 --- a/src/matrix-utils.ts +++ b/src/matrix-utils.ts @@ -28,7 +28,7 @@ import { GroupCallIntent, GroupCallType, } from "matrix-js-sdk/src/webrtc/groupCall"; -import { randomString } from "matrix-js-sdk/src/randomstring"; +import { encodeUnpaddedBase64 } from "matrix-js-sdk/src/common-crypto/base64"; import type { MatrixClient } from "matrix-js-sdk/src/client"; import type { Room } from "matrix-js-sdk/src/models/room"; @@ -74,6 +74,12 @@ function waitForSync(client: MatrixClient) { }); } +function secureRandomString(entropyBytes: number): string { + const key = new Uint8Array(entropyBytes); + crypto.getRandomValues(key); + return encodeUnpaddedBase64(key); +} + /** * Initialises and returns a new standalone Matrix Client. * If true is passed for the 'restore' parameter, a check will be made @@ -347,7 +353,7 @@ export async function createRoom( let password; if (e2ee) { - password = randomString(32); + password = secureRandomString(16); setLocalStorageItem( getRoomSharedKeyLocalStorageKey(result.room_id), password From 87d5062d34bcd322a4b17a8f9def1f9f1a46c26d Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 5 Oct 2023 17:57:23 +0100 Subject: [PATCH 2/2] Don't use js-sdk's base64 encode function It uses the NodeJS Buffer global which presumably is provided by Webpack in element-web but isn't here, apparently. --- src/matrix-utils.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/matrix-utils.ts b/src/matrix-utils.ts index 475a85d0..58f8bab5 100644 --- a/src/matrix-utils.ts +++ b/src/matrix-utils.ts @@ -28,7 +28,6 @@ import { GroupCallIntent, GroupCallType, } from "matrix-js-sdk/src/webrtc/groupCall"; -import { encodeUnpaddedBase64 } from "matrix-js-sdk/src/common-crypto/base64"; import type { MatrixClient } from "matrix-js-sdk/src/client"; import type { Room } from "matrix-js-sdk/src/models/room"; @@ -77,7 +76,9 @@ function waitForSync(client: MatrixClient) { function secureRandomString(entropyBytes: number): string { const key = new Uint8Array(entropyBytes); crypto.getRandomValues(key); - return encodeUnpaddedBase64(key); + return btoa( + key.reduce((acc, current) => acc + String.fromCharCode(current), "") + ).replace(/=*$/, ""); } /**