inbox: use pgp encryption (#70)

* inbox: use pgp encryption && other fixes
* fix inbox key last used at time
* remove inbox items if keys change or same item id syncs

* inbox:update inbox sync item
* rename item field to sync
* add alg field

* sync: delete inbox items after commit succeeds

* user: merge if conditions

---------

Co-authored-by: Abdullah Atta <abdullahatta@streetwriters.co>

Notesnook.API/Authorization/InboxApiKeyAuthenticationHandler.cs

@@ -78,7 +78,7 @@ namespace Notesnook.API.Authorization
                     return AuthenticateResult.Fail("API key has expired");
                 }
 
-                inboxApiKey.LastUsedAt = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
+                inboxApiKey.LastUsedAt = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
                 await _inboxApiKeyRepository.UpsertAsync(inboxApiKey, k => k.Key == apiKey);
 
                 var claims = new[]

Notesnook.API/Controllers/InboxController.cs

@@ -151,34 +151,18 @@ namespace Notesnook.API.Controllers
             var userId = User.GetUserId();
             try
             {
-                if (request.Key.Algorithm != Algorithms.XSAL_X25519_7)
+                if (string.IsNullOrWhiteSpace(request.Cipher))
                 {
-                    return BadRequest(new { error = $"Only {Algorithms.XSAL_X25519_7} is supported for inbox item password." });
+                    return BadRequest(new { error = "Inbox item is required." });
                 }
-                if (string.IsNullOrWhiteSpace(request.Key.Cipher))
+                if (string.IsNullOrWhiteSpace(request.Algorithm))
                 {
-                    return BadRequest(new { error = "Inbox item password cipher is required." });
-                }
-                if (request.Key.Length <= 0)
-                {
-                    return BadRequest(new { error = "Valid inbox item password length is required." });
-                }
-                if (request.Algorithm != Algorithms.Default)
-                {
-                    return BadRequest(new { error = $"Only {Algorithms.Default} is supported for inbox item." });
+                    return BadRequest(new { error = "Inbox item algorithm is required." });
                 }
                 if (request.Version <= 0)
                 {
                     return BadRequest(new { error = "Valid inbox item version is required." });
                 }
-                if (string.IsNullOrWhiteSpace(request.Cipher) || string.IsNullOrWhiteSpace(request.IV))
-                {
-                    return BadRequest(new { error = "Inbox item cipher and iv is required." });
-                }
-                if (request.Length <= 0)
-                {
-                    return BadRequest(new { error = "Valid inbox item length is required." });
-                }
 
                 request.UserId = userId;
                 request.ItemId = ObjectId.GenerateNewId().ToString();

Notesnook.API/Hubs/SyncV2Hub.cs

@@ -132,13 +132,19 @@ namespace Notesnook.API.Hubs
             var stopwatch = Stopwatch.StartNew();
             try
             {
-
                 var UpsertItems = UpsertActionsMap[pushItem.Type] ?? throw new Exception($"Invalid item type: {pushItem.Type}.");
                 UpsertItems(pushItem.Items, userId, 1);
 
                 if (!await unit.Commit()) return 0;
 
                 await SyncDeviceService.AddIdsToOtherDevicesAsync(userId, deviceId, pushItem.Items.Select((i) => new ItemKey(i.ItemId, pushItem.Type)));
+
+                // we need to delete the inbox items from the inbox collection
+                // after syncing to prevent them from being sent again in the 
+                // next fetch.
+                var itemIds = pushItem.Items.Select(i => i.ItemId).ToList();
+                await Repositories.InboxItems.DeleteManyAsync(i => i.UserId == userId && itemIds.Contains(i.ItemId));
+
                 return 1;
             }
             finally

Notesnook.API/Models/Algorithms.cs

@@ -22,6 +22,5 @@ namespace Notesnook.API.Models
     public class Algorithms
     {
         public static string Default => "xcha-argon2i13-7";
-        public static string XSAL_X25519_7 => "xsal-x25519-7";
     }
 }

Notesnook.API/Models/InboxSyncItem.cs

@@ -20,46 +20,64 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 using System.ComponentModel.DataAnnotations;
 using System.Runtime.Serialization;
 using System.Text.Json.Serialization;
+using MongoDB.Bson;
+using MongoDB.Bson.Serialization.Attributes;
 
 namespace Notesnook.API.Models
 {
 
     [MessagePack.MessagePackObject]
-    public class InboxSyncItem : SyncItem
+    public class InboxSyncItem
     {
-        [DataMember(Name = "key")]
-        [JsonPropertyName("key")]
-        [MessagePack.Key("key")]
-        [Required]
-        public required EncryptedKey Key { get; set; }
-
-        [DataMember(Name = "salt")]
-        [JsonPropertyName("salt")]
-        [MessagePack.Key("salt")]
-        [Required]
-        public required string Salt { get; set; }
-    }
-
-    [MessagePack.MessagePackObject]
-    public class EncryptedKey
-    {
-        [DataMember(Name = "alg")]
-        [JsonPropertyName("alg")]
-        [MessagePack.Key("alg")]
-        [Required]
-        public required string Algorithm { get; set; }
-
         [DataMember(Name = "cipher")]
         [JsonPropertyName("cipher")]
         [MessagePack.Key("cipher")]
         [Required]
-        public required string Cipher { get; set; }
+        public string Cipher
+        {
+            get; set;
+        }
 
-        [JsonPropertyName("length")]
-        [DataMember(Name = "length")]
-        [MessagePack.Key("length")]
+        [DataMember(Name = "userId")]
+        [JsonPropertyName("userId")]
+        [MessagePack.Key("userId")]
+        public string? UserId
+        {
+            get; set;
+        }
+
+        [DataMember(Name = "id")]
+        [JsonPropertyName("id")]
+        [MessagePack.Key("id")]
+        public string? ItemId
+        {
+            get; set;
+        }
+
+        [BsonId]
+        [BsonIgnoreIfDefault]
+        [BsonRepresentation(BsonType.ObjectId)]
+        [JsonIgnore]
+        [MessagePack.IgnoreMember]
+        public ObjectId Id
+        {
+            get; set;
+        }
+
+        [JsonPropertyName("v")]
+        [DataMember(Name = "v")]
+        [MessagePack.Key("v")]
         [Required]
-        public long Length
+        public double Version
+        {
+            get; set;
+        }
+
+        [JsonPropertyName("alg")]
+        [DataMember(Name = "alg")]
+        [MessagePack.Key("alg")]
+        [Required]
+        public string Algorithm
         {
             get; set;
         }

Notesnook.API/Repositories/SyncItemsRepository.cs

@@ -49,7 +49,7 @@ namespace Notesnook.API.Repositories
             this.logger = logger;
         }
 
-        private readonly List<string> ALGORITHMS = [Algorithms.Default, Algorithms.XSAL_X25519_7];
+        private readonly List<string> ALGORITHMS = [Algorithms.Default];
         private bool IsValidAlgorithm(string algorithm)
         {
             return ALGORITHMS.Contains(algorithm);

Notesnook.API/Services/UserService.cs

@@ -184,6 +184,8 @@ namespace Notesnook.API.Services
                     };
                     await Repositories.InboxApiKey.InsertAsync(defaultInboxKey);
                 }
+
+                await Repositories.InboxItems.DeleteManyAsync(t => t.UserId == userId);
             }
 
             await Repositories.UsersSettings.UpdateAsync(userSettings.Id, userSettings);