Revert per-sender keys

package.json

@@ -58,7 +58,7 @@
     "i18next-http-backend": "^2.0.0",
     "livekit-client": "^1.12.3",
     "lodash": "^4.17.21",
-    "matrix-js-sdk": "github:matrix-org/matrix-js-sdk#bf81c4bfebd52532d67d30a66e651e3658c8aaad",
+    "matrix-js-sdk": "github:matrix-org/matrix-js-sdk#4ce837b20e638a185f9002b2388fbaf48975ee6e",
     "matrix-widget-api": "^1.3.1",
     "normalize.css": "^8.0.1",
     "pako": "^2.0.4",

src/UrlParams.ts

@@ -115,10 +115,6 @@ interface UrlParams {
    * E2EE password
    */
   password: string | null;
-  /**
-   * Whether we the app should use per participant keys for E2EE.
-   */
-  perParticipantE2EE: boolean;
   /**
    * Setting this flag skips the lobby and brings you in the call directly.
    * In the widget this can be combined with preload to pass the device settings
@@ -221,7 +217,6 @@ export const getUrlParams = (
     fontScale: Number.isNaN(fontScale) ? null : fontScale,
     analyticsID: parser.getParam("analyticsID"),
     allowIceFallback: parser.getFlagParam("allowIceFallback"),
-    perParticipantE2EE: parser.getFlagParam("perParticipantE2EE"),
     skipLobby: parser.getFlagParam("skipLobby"),
   };
 };

src/home/RegisteredView.tsx

@@ -40,7 +40,6 @@ import { Caption } from "../typography/Typography";
 import { Form } from "../form/Form";
 import { useOptInAnalytics } from "../settings/useSetting";
 import { AnalyticsNotice } from "../analytics/AnalyticsNotice";
-import { E2eeType } from "../e2ee/e2eeType";
 
 interface Props {
   client: MatrixClient;
@@ -73,11 +72,7 @@ export const RegisteredView: FC<Props> = ({ client }) => {
         setError(undefined);
         setLoading(true);
 
-        const createRoomResult = await createRoom(
-          client,
-          roomName,
-          E2eeType.SHARED_KEY,
-        );
+        const createRoomResult = await createRoom(client, roomName, true);
 
         history.push(
           getRelativeRoomUrl(

src/home/UnauthenticatedView.tsx

@@ -43,7 +43,6 @@ import { generateRandomName } from "../auth/generateRandomName";
 import { AnalyticsNotice } from "../analytics/AnalyticsNotice";
 import { useOptInAnalytics } from "../settings/useSetting";
 import { Config } from "../config/Config";
-import { E2eeType } from "../e2ee/e2eeType";
 
 export const UnauthenticatedView: FC = () => {
   const { setClient } = useClient();
@@ -85,11 +84,7 @@ export const UnauthenticatedView: FC = () => {
 
         let createRoomResult;
         try {
-          createRoomResult = await createRoom(
-            client,
-            roomName,
-            E2eeType.SHARED_KEY,
-          );
+          createRoomResult = await createRoom(client, roomName, true);
         } catch (error) {
           if (!setClient) {
             throw error;

src/livekit/useLiveKit.ts

@@ -26,7 +26,6 @@ import { useLiveKitRoom } from "@livekit/components-react";
 import { useEffect, useMemo, useRef, useState } from "react";
 import E2EEWorker from "livekit-client/e2ee-worker?worker";
 import { logger } from "matrix-js-sdk/src/logger";
-import { MatrixRTCSession } from "matrix-js-sdk/src/matrixrtc/MatrixRTCSession";
 
 import { defaultLiveKitOptions } from "./options";
 import { SFUConfig } from "./openIDSFU";
@@ -40,12 +39,9 @@ import {
   ECConnectionState,
   useECConnectionState,
 } from "./useECConnectionState";
-import { MatrixKeyProvider } from "../e2ee/matrixKeyProvider";
-import { E2eeType } from "../e2ee/e2eeType";
 
 export type E2EEConfig = {
-  mode: E2eeType;
-  sharedKey?: string;
+  sharedKey: string;
 };
 
 interface UseLivekitResult {
@@ -54,44 +50,26 @@ interface UseLivekitResult {
 }
 
 export function useLiveKit(
-  rtcSession: MatrixRTCSession,
   muteStates: MuteStates,
   sfuConfig?: SFUConfig,
   e2eeConfig?: E2EEConfig,
 ): UseLivekitResult {
-  const e2eeOptions = useMemo((): E2EEOptions | undefined => {
-    if (!e2eeConfig || e2eeConfig.mode === E2eeType.NONE) return undefined;
+  const e2eeOptions = useMemo(() => {
+    if (!e2eeConfig?.sharedKey) return undefined;
 
-    if (e2eeConfig.mode === E2eeType.PER_PARTICIPANT) {
-      return {
-        keyProvider: new MatrixKeyProvider(),
-        worker: new E2EEWorker(),
-      };
-    } else if (
-      e2eeConfig.mode === E2eeType.SHARED_KEY &&
-      e2eeConfig.sharedKey
-    ) {
-      return {
-        keyProvider: new ExternalE2EEKeyProvider(),
-        worker: new E2EEWorker(),
-      };
-    }
+    return {
+      keyProvider: new ExternalE2EEKeyProvider(),
+      worker: new E2EEWorker(),
+    } as E2EEOptions;
   }, [e2eeConfig]);
 
   useEffect(() => {
-    if (!e2eeConfig || !e2eeOptions) return;
+    if (!e2eeConfig?.sharedKey || !e2eeOptions) return;
 
-    if (e2eeConfig.mode === E2eeType.PER_PARTICIPANT) {
-      (e2eeOptions.keyProvider as MatrixKeyProvider).setRTCSession(rtcSession);
-    } else if (
-      e2eeConfig.mode === E2eeType.SHARED_KEY &&
-      e2eeConfig.sharedKey
-    ) {
-      (e2eeOptions.keyProvider as ExternalE2EEKeyProvider).setKey(
-        e2eeConfig.sharedKey,
-      );
-    }
-  }, [e2eeOptions, e2eeConfig, rtcSession]);
+    (e2eeOptions.keyProvider as ExternalE2EEKeyProvider).setKey(
+      e2eeConfig?.sharedKey,
+    );
+  }, [e2eeOptions, e2eeConfig?.sharedKey]);
 
   const initialMuteStates = useRef<MuteStates>(muteStates);
   const devices = useMediaDevices();

src/matrix-utils.ts

@@ -28,7 +28,6 @@ import {
   GroupCallIntent,
   GroupCallType,
 } from "matrix-js-sdk/src/webrtc/groupCall";
-import { secureRandomBase64Url } from "matrix-js-sdk/src/randomstring";
 
 import type { MatrixClient } from "matrix-js-sdk/src/client";
 import type { Room } from "matrix-js-sdk/src/models/room";
@@ -38,7 +37,6 @@ import { loadOlm } from "./olm";
 import { Config } from "./config/Config";
 import { setLocalStorageItem } from "./useLocalStorage";
 import { getRoomSharedKeyLocalStorageKey } from "./e2ee/sharedKeyManagement";
-import { E2eeType } from "./e2ee/e2eeType";
 
 export const fallbackICEServerAllowed =
   import.meta.env.VITE_FALLBACK_STUN_ALLOWED === "true";
@@ -75,6 +73,23 @@ function waitForSync(client: MatrixClient): Promise<void> {
   });
 }
 
+function secureRandomString(entropyBytes: number): string {
+  const key = new Uint8Array(entropyBytes);
+  crypto.getRandomValues(key);
+  // encode to base64url as this value goes into URLs
+  // base64url is just base64 with thw two non-alphanum characters swapped out for
+  // ones that can be put in a URL without encoding. Browser JS has a native impl
+  // for base64 encoding but only a string (there isn't one that takes a UInt8Array
+  // yet) so just use the built-in one and convert, replace the chars and strip the
+  // padding from the end (otherwise we'd need to pull in another dependency).
+  return btoa(
+    key.reduce((acc, current) => acc + String.fromCharCode(current), ""),
+  )
+    .replace("+", "-")
+    .replace("/", "_")
+    .replace(/=*$/, "");
+}
+
 /**
  * Initialises and returns a new standalone Matrix Client.
  * If true is passed for the 'restore' parameter, a check will be made
@@ -279,20 +294,10 @@ interface CreateRoomResult {
   password?: string;
 }
 
-/**
- * Create a new room ready for calls
- *
- * @param client Matrix client to use
- * @param name The name of the room
- * @param e2ee The type of e2ee call to create. Note that we would currently never
- *             create a room for per-participant e2ee calls: since it's used in
- *             embedded mode, we use the existing room.
- * @returns Object holding information about the new room
- */
 export async function createRoom(
   client: MatrixClient,
   name: string,
-  e2ee: E2eeType,
+  e2ee: boolean,
 ): Promise<CreateRoomResult> {
   logger.log(`Creating room for group call`);
   const createPromise = client.createRoom({
@@ -357,8 +362,8 @@ export async function createRoom(
   );
 
   let password;
-  if (e2ee == E2eeType.SHARED_KEY) {
-    password = secureRandomBase64Url(16);
+  if (e2ee) {
+    password = secureRandomString(16);
     setLocalStorageItem(
       getRoomSharedKeyLocalStorageKey(result.room_id),
       password,

src/room/GroupCallView.tsx

@@ -44,9 +44,6 @@ import { useRoomAvatar } from "./useRoomAvatar";
 import { useRoomName } from "./useRoomName";
 import { useJoinRule } from "./useJoinRule";
 import { InviteModal } from "./InviteModal";
-import { E2EEConfig } from "../livekit/useLiveKit";
-import { useUrlParams } from "../UrlParams";
-import { E2eeType } from "../e2ee/e2eeType";
 
 declare global {
   interface Window {
@@ -90,7 +87,6 @@ export const GroupCallView: FC<Props> = ({
   const roomName = useRoomName(rtcSession.room);
   const roomAvatar = useRoomAvatar(rtcSession.room);
   const roomEncrypted = useIsRoomE2EE(rtcSession.room.roomId)!;
-  const { perParticipantE2EE } = useUrlParams();
 
   const matrixInfo = useMemo((): MatrixInfo => {
     return {
@@ -186,7 +182,7 @@ export const GroupCallView: FC<Props> = ({
         ev: CustomEvent<IWidgetApiRequest>,
       ): Promise<void> => {
         defaultDeviceSetup(ev.detail.data as unknown as JoinCallData);
-        enterRTCSession(rtcSession, perParticipantE2EE);
+        enterRTCSession(rtcSession);
         await Promise.all([
           widget!.api.setAlwaysOnScreen(true),
           widget!.api.transport.reply(ev.detail, {}),
@@ -199,9 +195,9 @@ export const GroupCallView: FC<Props> = ({
     } else {
       // if we don't use preload and only skipLobby we enter the rtc session right away
       defaultDeviceSetup({ audioInput: null, videoInput: null });
-      enterRTCSession(rtcSession, perParticipantE2EE);
+      enterRTCSession(rtcSession);
     }
-  }, [rtcSession, preload, skipLobby, perParticipantE2EE]);
+  }, [rtcSession, preload, skipLobby]);
 
   const [left, setLeft] = useState(false);
   const [leaveError, setLeaveError] = useState<Error | undefined>(undefined);
@@ -249,19 +245,16 @@ export const GroupCallView: FC<Props> = ({
     }
   }, [isJoined, rtcSession]);
 
-  const e2eeConfig = useMemo((): E2EEConfig | undefined => {
-    if (perParticipantE2EE) {
-      return { mode: E2eeType.PER_PARTICIPANT };
-    } else if (e2eeSharedKey) {
-      return { mode: E2eeType.SHARED_KEY, sharedKey: e2eeSharedKey };
-    }
-  }, [perParticipantE2EE, e2eeSharedKey]);
+  const e2eeConfig = useMemo(
+    () => (e2eeSharedKey ? { sharedKey: e2eeSharedKey } : undefined),
+    [e2eeSharedKey],
+  );
 
   const onReconnect = useCallback(() => {
     setLeft(false);
     setLeaveError(undefined);
-    enterRTCSession(rtcSession, perParticipantE2EE);
-  }, [rtcSession, perParticipantE2EE]);
+    enterRTCSession(rtcSession);
+  }, [rtcSession]);
 
   const joinRule = useJoinRule(rtcSession.room);
 
@@ -287,7 +280,7 @@ export const GroupCallView: FC<Props> = ({
 
   const { t } = useTranslation();
 
-  if (isRoomE2EE && !perParticipantE2EE && !e2eeSharedKey) {
+  if (isRoomE2EE && !e2eeSharedKey) {
     return (
       <ErrorView
         error={
@@ -377,7 +370,7 @@ export const GroupCallView: FC<Props> = ({
           client={client}
           matrixInfo={matrixInfo}
           muteStates={muteStates}
-          onEnter={(): void => enterRTCSession(rtcSession, perParticipantE2EE)}
+          onEnter={(): void => enterRTCSession(rtcSession)}
           confineToRoom={confineToRoom}
           hideHeader={hideHeader}
           participantCount={participantCount}