matrix-org · t3chguy · Jun 5, 2024 · Jun 3, 2024 · Jun 3, 2024 · Jun 3, 2024
diff --git a/spec/unit/crypto/secrets.spec.ts b/spec/unit/crypto/secrets.spec.ts
@@ -687,23 +687,4 @@ describe("Secrets", function () {
             alice.stopClient();
         });
     });
-
-    it("should return false for supportsSecretsForQrLogin", async () => {
-        const alice = await makeTestClient({ userId: "@alice:example.com", deviceId: "Osborne2" });
-        expect(alice.getCrypto()?.supportsSecretsForQrLogin()).toBe(false);
-    });
-
-    it("should throw Not Implemented for importSecretsForQRLogin", async () => {
-        const alice = await makeTestClient({ userId: "@alice:example.com", deviceId: "Osborne2" });
-        await expect(
-            alice.getCrypto()?.importSecretsForQrLogin({
-                cross_signing: { master_key: "", self_signing_key: "", user_signing_key: "" },
-            }),
-        ).rejects.toThrow("Method not implemented.");
-    });
-
-    it("should throw Not Implemented for exportSecretsForQRLogin", async () => {
-        const alice = await makeTestClient({ userId: "@alice:example.com", deviceId: "Osborne2" });
-        await expect(alice.getCrypto()?.exportSecretsForQrLogin()).rejects.toThrow("Method not implemented.");
-    });
 });
@@ -1516,7 +1516,7 @@ describe("RustCrypto", () => {
         });
     });
 
-    describe("exportSecretsForQrLogin", () => {
+    describe("import & export secrets bundle", () => {
         let rustCrypto: RustCrypto;
 
         beforeEach(async () => {
@@ -1530,17 +1530,13 @@ describe("RustCrypto", () => {
             );
         });
 
-        it("should return true for supportsSecretsForQrLogin", async () => {
-            expect(rustCrypto.supportsSecretsForQrLogin()).toBe(true);
-        });
-
         it("should throw an error if there is nothing to export", async () => {
-            await expect(rustCrypto.exportSecretsForQrLogin()).rejects.toThrow(
+            await expect(rustCrypto.exportsSecretsBundle()).rejects.toThrow(
                 "The store doesn't contain any cross-signing keys",
             );
         });
 
-        it("should return a JSON secrets bundle if there is something to export", async () => {
+        it("should correctly import & export a secrets bundle", async () => {
             const bundle = {
                 cross_signing: {
                     master_key: "bMnVpkHI4S2wXRxy+IpaKM5PIAUUkl6DE+n0YLIW/qs",
@@ -1553,8 +1549,8 @@ describe("RustCrypto", () => {
                     backup_version: "9",
                 },
             };
-            await rustCrypto.importSecretsForQrLogin(bundle);
-            await expect(rustCrypto.exportSecretsForQrLogin()).resolves.toEqual(expect.objectContaining(bundle));
+            await rustCrypto.importSecretsBundle(bundle);
+            await expect(rustCrypto.exportsSecretsBundle()).resolves.toEqual(expect.objectContaining(bundle));
         });
     });
 });

@@ -25,33 +25,12 @@ import { BackupTrustInfo, KeyBackupCheck, KeyBackupInfo } from "./crypto-api/key
 import { ISignatures } from "./@types/signed";
 import { MatrixEvent } from "./models/event";
 
-export type QRSecretsBundle = Awaited<ReturnType<SecretsBundle["to_json"]>>;
-
 /**
  * Public interface to the cryptography parts of the js-sdk
  *
  * @remarks Currently, this is a work-in-progress. In time, more methods will be added here.
  */
 export interface CryptoApi {
-    /**
-     * Boolean check to indicate whether `exportSecretsForQrLogin` and `importSecretsForQrLogin` are supported.
-     * @experimental - part of MSC4108
-     */
-    supportsSecretsForQrLogin(): boolean;
-
-    /**
-     * Export secrets bundle for transmitting to another device as part of OIDC QR login
-     * @experimental - part of MSC4108
-     */
-    exportSecretsForQrLogin(): Promise<QRSecretsBundle>;
-
-    /**
-     * Import secrets bundle transmitted from another device as part of OIDC QR login
-     * @param secrets the secrets bundle received from the other device
-     * @experimental - part of MSC4108
-     */
-    importSecretsForQrLogin(secrets: QRSecretsBundle): Promise<void>;
-
     /**
      * Global override for whether the client should ever send encrypted
      * messages to unverified devices. This provides the default for rooms which
@@ -554,6 +533,23 @@ export interface CryptoApi {
      *   to false.
      */
     startDehydration(createNewKey?: boolean): Promise<void>;
+
+    ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+    //
+    // Import/export of secret keys
+    //
+    ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+
+    /**
+     * Export secrets bundle for transmitting to another device as part of OIDC QR login
+     */
+    exportSecretsBundle?(): Promise<Awaited<ReturnType<SecretsBundle["to_json"]>>>;
+
+    /**
+     * Import secrets bundle transmitted from another device.
+     * @param secrets - The secrets bundle received from the other device
+     */
+    importSecretsBundle?(secrets: Awaited<ReturnType<SecretsBundle["to_json"]>>): Promise<void>;
 }
 
 /** A reason code for a failure to decrypt an event. */

diff --git a/src/crypto/index.ts b/src/crypto/index.ts
@@ -94,7 +94,6 @@ import {
     KeyBackupInfo,
     OwnDeviceKeys,
     VerificationRequest as CryptoApiVerificationRequest,
-    QRSecretsBundle,
 } from "../crypto-api";
 import { Device, DeviceMap } from "../models/device";
 import { deviceInfoToDevice } from "./device-converter";
@@ -577,18 +576,6 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
         }
     }
 
-    public supportsSecretsForQrLogin(): boolean {
-        return false;
-    }
-
-    public async exportSecretsForQrLogin(): Promise<QRSecretsBundle> {
-        throw new Error("Method not implemented.");
-    }
-
-    public async importSecretsForQrLogin(secrets: QRSecretsBundle): Promise<void> {
-        throw new Error("Method not implemented.");
-    }
-
     /**
      * Initialise the crypto module so that it is ready for use
      *

@@ -38,6 +38,7 @@ import {
     CrossSigningKey,
     CrossSigningKeyInfo,
     CrossSigningStatus,
+    CryptoApi,
     CryptoCallbacks,
     Curve25519AuthData,
     DecryptionFailureCode,
@@ -50,7 +51,6 @@ import {
     KeyBackupCheck,
     KeyBackupInfo,
     OwnDeviceKeys,
-    QRSecretsBundle,
     UserVerificationStatus,
     VerificationRequest,
 } from "../crypto-api";
@@ -178,22 +178,6 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, RustCryptoEv
         this.checkKeyBackupAndEnable();
     }
 
-    public supportsSecretsForQrLogin(): boolean {
-        return true;
-    }
-
-    public async exportSecretsForQrLogin(): Promise<QRSecretsBundle> {
-        const secretsBundle = await this.getOlmMachineOrThrow().exportSecretsBundle();
-        const secrets = secretsBundle.to_json();
-        secretsBundle.free();
-        return secrets;
-    }
-
-    public async importSecretsForQrLogin(secrets: QRSecretsBundle): Promise<void> {
-        const secretsBundle = RustSdkCryptoJs.SecretsBundle.from_json(secrets);
-        await this.getOlmMachineOrThrow().importSecretsBundle(secretsBundle); // this method frees the SecretsBundle
-    }
-
     /**
      * Return the OlmMachine only if {@link RustCrypto#stop} has not been called.
      *
@@ -1182,6 +1166,26 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, RustCryptoEv
         this.checkKeyBackupAndEnable();
     }
 
+    /**
+     * Implementation of {@link CryptoApi#importSecretsBundle}.
+     */
+    public async importSecretsBundle(
+        secrets: Parameters<NonNullable<CryptoApi["importSecretsBundle"]>>[0],
+    ): Promise<void> {
+        const secretsBundle = RustSdkCryptoJs.SecretsBundle.from_json(secrets);
+        await this.getOlmMachineOrThrow().importSecretsBundle(secretsBundle); // this method frees the SecretsBundle
+    }
+
+    /**
+     * Implementation of {@link CryptoApi#exportSecretsBundle}.
+     */
+    public async exportsSecretsBundle(): ReturnType<NonNullable<CryptoApi["exportSecretsBundle"]>> {
+        const secretsBundle = await this.getOlmMachineOrThrow().exportSecretsBundle();
+        const secrets = secretsBundle.to_json();
+        secretsBundle.free();
+        return secrets;
+    }
+
     /**
      * Signs the given object with the current device and current identity (if available).
      * As defined in {@link https://spec.matrix.org/v1.8/appendices/#signing-json | Signing JSON}.