coop-cloud-chaos-patchs
/
fluffychat
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Use sembast over sqflite

This commit is contained in:
Krille Fear 2021-11-16 15:10:23 +01:00
parent 0f26809ddc
commit 2fbf7376f6
6 changed files with 299 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/utils/client_manager.dart
View File

@ -5,13 +5,13 @@ import 'package:flutter/foundation.dart';
import 'package:hive_flutter/hive_flutter.dart';
import 'package:matrix/encryption/utils/key_verification.dart';
import 'package:matrix/matrix.dart';
import 'package:sembast/sembast.dart';
import 'package:path_provider/path_provider.dart';
import 'package:sembast/sembast.dart';
import 'package:fluffychat/utils/platform_infos.dart';
import 'famedlysdk_store.dart';
import 'matrix_sdk_extensions.dart/flutter_matrix_hive_database.dart';
import 'matrix_sdk_extensions.dart/flutter_matrix_sembast_database.dart';
import 'matrix_sdk_extensions.dart/flutter_matrix_sembast_database_old.dart';
abstract class ClientManager {
static const String clientNamespace = 'im.fluffychat.store.clients';
@ -81,7 +81,8 @@ abstract class ClientManager {
},
importantStateEvents: <String>{'im.ponies.room_emotes'},
databaseBuilder: FlutterMatrixSembastDatabase.databaseBuilder,
legacyDatabaseBuilder: FlutterMatrixHiveStore.hiveDatabaseBuilder,
legacyDatabaseBuilder: FlutterMatrixSembastDatabaseOld.databaseBuilder,
//legacyDatabaseBuilder: FlutterMatrixHiveStore.hiveDatabaseBuilder,
supportedLoginTypes: {
AuthenticationTypes.password,
if (PlatformInfos.isMobile || PlatformInfos.isWeb)

120
lib/utils/matrix_sdk_extensions.dart/codec.dart Normal file
View File

@ -0,0 +1,120 @@
//@dart=2.12
import 'dart:convert';
import 'dart:math';
import 'dart:typed_data';
import 'package:crypto/crypto.dart';
import 'package:encrypt/encrypt.dart';
import 'package:sembast/sembast.dart';
var _random = Random.secure();
/// Random bytes generator
Uint8List _randBytes(int length) {
return Uint8List.fromList(
List<int>.generate(length, (i) => _random.nextInt(256)));
}
/// Generate an encryption password based on a user input password
///
/// It uses MD5 which generates a 16 bytes blob, size needed for Salsa20
Uint8List _generateEncryptPassword(String password) {
final blob = Uint8List.fromList(md5.convert(utf8.encode(password)).bytes);
assert(blob.length == 16);
return blob;
}
/// Salsa20 based encoder
class _EncryptEncoder extends Converter<dynamic, String> {
final Salsa20 salsa20;
_EncryptEncoder(this.salsa20);
@override
String convert(dynamic input) {
// Generate random initial value
final iv = _randBytes(8);
final ivEncoded = base64.encode(iv);
assert(ivEncoded.length == 12);
// Encode the input value
final encoded =
Encrypter(salsa20).encrypt(json.encode(input), iv: IV(iv)).base64;
// Prepend the initial value
return '$ivEncoded$encoded';
}
}
/// Salsa20 based decoder
class _EncryptDecoder extends Converter<String, dynamic> {
final Salsa20 salsa20;
_EncryptDecoder(this.salsa20);
@override
dynamic convert(String input) {
// Read the initial value that was prepended
assert(input.length >= 12);
final iv = base64.decode(input.substring(0, 12));
// Extract the real input
input = input.substring(12);
// Decode the input
final decoded =
json.decode(Encrypter(salsa20).decrypt64(input, iv: IV(iv)));
if (decoded is Map) {
return decoded.cast<String, dynamic>();
}
return decoded;
}
}
/// Salsa20 based Codec
class _EncryptCodec extends Codec<dynamic, String> {
late _EncryptEncoder _encoder;
late _EncryptDecoder _decoder;
_EncryptCodec(Uint8List passwordBytes) {
final salsa20 = Salsa20(Key(passwordBytes));
_encoder = _EncryptEncoder(salsa20);
_decoder = _EncryptDecoder(salsa20);
}
@override
Converter<String, dynamic> get decoder => _decoder;
@override
Converter<dynamic, String> get encoder => _encoder;
}
/// Our plain text signature
const _encryptCodecSignature = 'encrypt';
/// Create a codec to use to open a database with encrypted stored data.
///
/// Hash (md5) of the password is used (but never stored) as a key to encrypt
/// the data using the Salsa20 algorithm with a random (8 bytes) initial value
///
/// This is just used as a demonstration and should not be considered as a
/// reference since its implementation (and storage format) might change.
///
/// No performance metrics has been made to check whether this is a viable
/// solution for big databases.
///
/// The usage is then
///
/// ```dart
/// // Initialize the encryption codec with a user password
/// var codec = getEncryptSembastCodec(password: '[your_user_password]');
/// // Open the database with the codec
/// Database db = await factory.openDatabase(dbPath, codec: codec);
///
/// // ...your database is ready to use
/// ```
SembastCodec getEncryptSembastCodec({required String password}) => SembastCodec(
signature: _encryptCodecSignature,
codec: _EncryptCodec(_generateEncryptPassword(password)),
);

101
lib/utils/matrix_sdk_extensions.dart/flutter_matrix_sembast_database.dart
View File

@ -1,4 +1,3 @@
import 'dart:convert';
import 'dart:io';
import 'dart:typed_data';
@ -11,9 +10,13 @@ import 'package:matrix/matrix.dart';
import 'package:path_provider/path_provider.dart';
import 'package:sembast/sembast.dart';
import 'package:sembast/sembast_io.dart';
import 'package:sembast_sqflite/sembast_sqflite.dart';
import 'package:sembast_web/sembast_web.dart';
import 'package:sqflite/sqflite.dart' as sqflite;
import 'package:sqflite_common_ffi/sqflite_ffi.dart' as sqflite_ffi;
import '../platform_infos.dart';
import 'codec.dart';
class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
FlutterMatrixSembastDatabase(
@ -29,7 +32,7 @@ class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
);
static const String _cipherStorageKey = 'sembast_encryption_key';
static const int _cipherStorageKeyLength = 512;
static const int _cipherStorageKeyLength = 1024;
static Future<FlutterMatrixSembastDatabase> databaseBuilder(
Client client) async {
@ -53,7 +56,6 @@ class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
// workaround for if we just wrote to the key and it still doesn't exist
final rawEncryptionKey = await secureStorage.read(key: _cipherStorageKey);
if (rawEncryptionKey == null) throw MissingPluginException();
codec = getEncryptSembastCodec(password: rawEncryptionKey);
} on MissingPluginException catch (_) {
Logs().i('Sembast encryption is not supported on this platform');
@ -63,13 +65,26 @@ class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
client.clientName,
codec: codec,
path: await _findDatabasePath(client),
dbFactory: kIsWeb ? databaseFactoryWeb : databaseFactoryIo,
dbFactory: kIsWeb
? databaseFactoryWeb
: getDatabaseFactorySqflite(sqflite.databaseFactory),
);
await db.open();
Logs().d('Sembast is ready');
return db;
}
static DatabaseFactory get factory {
if (kIsWeb) return databaseFactoryWeb;
if (Platform.isAndroid || Platform.isIOS) {
return getDatabaseFactorySqflite(sqflite.databaseFactory);
}
if (Platform.isLinux || Platform.isWindows || Platform.isMacOS) {
return getDatabaseFactorySqflite(sqflite_ffi.databaseFactoryFfi);
}
return databaseFactoryIo;
}
static Future<String> _findDatabasePath(Client client) async {
String path = client.clientName;
if (!kIsWeb) {
@ -83,7 +98,7 @@ class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
directory = Directory.current;
}
}
path = '${directory.path}${client.clientName}.db';
path = '${directory.path}${client.clientName}.sqflite';
}
return path;
}
@ -129,79 +144,3 @@ class FlutterMatrixSembastDatabase extends MatrixSembastDatabase {
return;
}
}
class _EncryptEncoder extends Converter<Map<String, dynamic>, String> {
final String key;
final String signature;
_EncryptEncoder(this.key, this.signature);
@override
String convert(Map<String, dynamic> input) {
String encoded;
switch (signature) {
case "Salsa20":
encoded = Encrypter(Salsa20(Key.fromUtf8(key)))
.encrypt(json.encode(input), iv: IV.fromLength(8))
.base64;
break;
case "AES":
encoded = Encrypter(AES(Key.fromUtf8(key)))
.encrypt(json.encode(input), iv: IV.fromLength(16))
.base64;
break;
default:
throw FormatException('invalid $signature');
break;
}
return encoded;
}
}
class _EncryptDecoder extends Converter<String, Map<String, dynamic>> {
final String key;
final String signature;
_EncryptDecoder(this.key, this.signature);
@override
Map<String, dynamic> convert(String input) {
dynamic decoded;
switch (signature) {
case "Salsa20":
decoded = json.decode(Encrypter(Salsa20(Key.fromUtf8(key)))
.decrypt64(input, iv: IV.fromLength(8)));
break;
case "AES":
decoded = json.decode(Encrypter(AES(Key.fromUtf8(key)))
.decrypt64(input, iv: IV.fromLength(16)));
break;
default:
break;
}
if (decoded is Map) {
return decoded.cast<String, dynamic>();
}
throw FormatException('invalid input $input');
}
}
class _EncryptCodec extends Codec<Map<String, dynamic>, String> {
final String signature;
_EncryptEncoder _encoder;
_EncryptDecoder _decoder;
_EncryptCodec(String password, this.signature) {
_encoder = _EncryptEncoder(password, signature);
_decoder = _EncryptDecoder(password, signature);
}
@override
Converter<String, Map<String, dynamic>> get decoder => _decoder;
@override
Converter<Map<String, dynamic>, String> get encoder => _encoder;
}
// Salsa20 (16 length key required) or AES (32 length key required)
SembastCodec getEncryptSembastCodec(
{@required String password, String signature = "Salsa20"}) =>
SembastCodec(
signature: signature, codec: _EncryptCodec(password, signature));

131
lib/utils/matrix_sdk_extensions.dart/flutter_matrix_sembast_database_old.dart Normal file
View File

@ -0,0 +1,131 @@
import 'dart:io';
import 'dart:typed_data';
import 'package:flutter/foundation.dart' hide Key;
import 'package:flutter/services.dart';
import 'package:encrypt/encrypt.dart';
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
import 'package:matrix/matrix.dart';
import 'package:path_provider/path_provider.dart';
import 'package:sembast/sembast.dart';
import 'package:sembast/sembast_io.dart';
import 'package:sembast_web/sembast_web.dart';
import '../platform_infos.dart';
import 'codec.dart';
class FlutterMatrixSembastDatabaseOld extends MatrixSembastDatabase {
FlutterMatrixSembastDatabaseOld(
String name, {
SembastCodec codec,
String path,
DatabaseFactory dbFactory,
}) : super(
name,
codec: codec,
path: path,
dbFactory: dbFactory,
);
static const String _cipherStorageKey = 'sembast_encryption_key';
static const int _cipherStorageKeyLength = 512;
static Future<FlutterMatrixSembastDatabaseOld> databaseBuilder(
Client client) async {
Logs().d('Open Sembast...');
SembastCodec codec;
try {
// Workaround for secure storage is calling Platform.operatingSystem on web
if (kIsWeb) throw MissingPluginException();
const secureStorage = FlutterSecureStorage();
final containsEncryptionKey =
await secureStorage.containsKey(key: _cipherStorageKey);
if (!containsEncryptionKey) {
final key = SecureRandom(_cipherStorageKeyLength).base64;
await secureStorage.write(
key: _cipherStorageKey,
value: key,
);
}
// workaround for if we just wrote to the key and it still doesn't exist
final rawEncryptionKey = await secureStorage.read(key: _cipherStorageKey);
if (rawEncryptionKey == null) throw MissingPluginException();
codec = getEncryptSembastCodec(password: rawEncryptionKey);
} on MissingPluginException catch (_) {
Logs().i('Sembast encryption is not supported on this platform');
}
final db = FlutterMatrixSembastDatabaseOld(
client.clientName,
codec: codec,
path: await _findDatabasePath(client),
dbFactory: kIsWeb ? databaseFactoryWeb : databaseFactoryIo,
);
await db.open();
Logs().d('Sembast is ready');
return db;
}
static Future<String> _findDatabasePath(Client client) async {
String path = client.clientName;
if (!kIsWeb) {
Directory directory;
try {
directory = await getApplicationSupportDirectory();
} catch (_) {
try {
directory = await getLibraryDirectory();
} catch (_) {
directory = Directory.current;
}
}
path = '${directory.path}${client.clientName}.db';
}
return path;
}
@override
int get maxFileSize => supportsFileStoring ? 100 * 1024 * 1024 : 0;
@override
bool get supportsFileStoring => (PlatformInfos.isIOS ||
PlatformInfos.isAndroid ||
PlatformInfos.isDesktop);
Future<String> _getFileStoreDirectory() async {
try {
try {
return (await getApplicationSupportDirectory()).path;
} catch (_) {
return (await getApplicationDocumentsDirectory()).path;
}
} catch (_) {
return (await getDownloadsDirectory()).path;
}
}
@override
Future<Uint8List> getFile(Uri mxcUri) async {
if (!supportsFileStoring) return null;
final tempDirectory = await _getFileStoreDirectory();
final file =
File('$tempDirectory/${Uri.encodeComponent(mxcUri.toString())}');
if (await file.exists() == false) return null;
final bytes = await file.readAsBytes();
return bytes;
}
@override
Future storeFile(Uri mxcUri, Uint8List bytes, int time) async {
if (!supportsFileStoring) return null;
final tempDirectory = await _getFileStoreDirectory();
final file =
File('$tempDirectory/${Uri.encodeComponent(mxcUri.toString())}');
if (await file.exists()) return;
await file.writeAsBytes(bytes);
return;
}
}

23
pubspec.lock
View File

@ -1171,6 +1171,13 @@ packages:
url: "https://pub.dartlang.org"
source: hosted
version: "3.1.1"
sembast_sqflite:
dependency: "direct main"
description:
name: sembast_sqflite
url: "https://pub.dartlang.org"
source: hosted
version: "2.0.0+1"
sembast_web:
dependency: "direct main"
description:
@ -1308,7 +1315,21 @@ packages:
name: sqflite_common
url: "https://pub.dartlang.org"
source: hosted
version: "2.0.0+2"
version: "2.0.1+1"
sqflite_common_ffi:
dependency: "direct main"
description:
name: sqflite_common_ffi
url: "https://pub.dartlang.org"
source: hosted
version: "2.1.0"
sqlite3:
dependency: transitive
description:
name: sqlite3
url: "https://pub.dartlang.org"
source: hosted
version: "1.3.1"
stack_trace:
dependency: transitive
description:

2
pubspec.yaml
View File

@ -63,10 +63,12 @@ dependencies:
record: ^3.0.0
salomon_bottom_bar: ^3.1.0
scroll_to_index: ^2.1.0
sembast_sqflite: ^2.0.0+1
sembast_web: ^2.0.1+1
sentry: ^6.0.1
share: ^2.0.4
slugify: ^2.0.0
sqflite_common_ffi: ^2.1.0
swipe_to_action: ^0.2.0
uni_links: ^0.5.1
unifiedpush: ^1.0.6