core_crypto::mls

Struct MlsCentral

source
pub struct MlsCentral { /* private fields */ }
Expand description

The entry point for the MLS CoreCrypto library. This struct provides all functionality to create and manage groups, make proposals and commits.

Implementations§

source§

impl MlsCentral

source

pub async fn export_secret_key( &self, conversation_id: &ConversationId, key_length: usize, ) -> CryptoResult<Vec<u8>>

Derives a new key from the one in the group, allowing it to be use elsewehere.

§Arguments
  • conversation_id - the group/conversation id
  • key_length - the length of the key to be derived. If the value is higher than the bounds of u16 or the context hash * 255, an error will be returned
§Errors

OpenMls secret generation error or conversation not found

source

pub async fn get_client_ids( &self, conversation_id: &ConversationId, ) -> CryptoResult<Vec<ClientId>>

Exports the clients from a conversation

§Arguments
  • conversation_id - the group/conversation id
§Errors

if the conversation can’t be found

source§

impl MlsCentral

source

pub async fn get_external_sender( &self, id: &ConversationId, ) -> CryptoResult<Vec<u8>>

Returns the raw public key of the single external sender present in this group. This should be used to initialize a subconversation

source§

impl MlsCentral

source

pub async fn try_new( configuration: MlsCentralConfiguration, ) -> CryptoResult<Self>

Tries to initialize the MLS Central object. Takes a store path (i.e. Disk location of the embedded database, should be consistent between messaging sessions) And a root identity key (i.e. enclaved encryption key for this device)

§Arguments
  • configuration - the configuration for the MlsCentral
§Errors

Failures in the initialization of the KeyStore can cause errors, such as IO, the same kind of errors can happen when the groups are being restored from the KeyStore or even during the client initialization (to fetch the identity signature). Other than that, MlsError can be caused by group deserialization or during the initialization of the credentials:

  • for x509 Credentials if the cetificate chain length is lower than 2
  • for Basic Credentials if the signature key cannot be generated either by not supported scheme or the key generation fails
source

pub async fn try_new_in_memory( configuration: MlsCentralConfiguration, ) -> CryptoResult<Self>

Same as the MlsCentral::try_new but instead, it uses an in memory KeyStore. Although required, the store_path parameter from the MlsCentralConfiguration won’t be used here.

source

pub async fn provide_transport(&self, transport: Arc<dyn MlsTransport>)

Provide the implementation of functions to communicate with the delivery service (see MlsTransport).

source

pub async fn client_public_key( &self, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> CryptoResult<Vec<u8>>

Returns the client’s most recent public signature key as a buffer. Used to upload a public key to the server in order to verify client’s messages signature.

§Arguments
  • ciphersuite - a callback to be called to perform authorization
  • credential_type - of the credential to look for
source

pub async fn client_id(&self) -> CryptoResult<ClientId>

Returns the client’s id as a buffer

source

pub async fn conversation_exists( &self, id: &ConversationId, ) -> CryptoResult<bool>

Checks if a given conversation id exists locally

source

pub async fn conversation_epoch(&self, id: &ConversationId) -> CryptoResult<u64>

Returns the epoch of a given conversation

§Errors

If the conversation can’t be found

source

pub async fn conversation_ciphersuite( &self, id: &ConversationId, ) -> CryptoResult<MlsCiphersuite>

Returns the ciphersuite of a given conversation

§Errors

If the conversation can’t be found

source

pub fn random_bytes(&self, len: usize) -> CryptoResult<Vec<u8>>

Generates a random byte array of the specified size

source

pub async fn close(self) -> CryptoResult<()>

Closes the connection with the local KeyStore

§Errors

KeyStore errors, such as IO

source

pub async fn reseed(&self, seed: Option<EntropySeed>) -> CryptoResult<()>

source§

impl MlsCentral

source

pub async fn e2ei_verify_group_state( &self, group_info: VerifiableGroupInfo, ) -> CryptoResult<E2eiConversationState>

Verifies a Group state before joining it

source

pub async fn get_credential_in_use( &self, group_info: VerifiableGroupInfo, credential_type: MlsCredentialType, ) -> CryptoResult<E2eiConversationState>

Gets the e2ei conversation state from a GroupInfo. Useful to check if the group has e2ei turned on or not before joining it.

source§

impl MlsCentral

source

pub async fn e2ei_is_enabled( &self, signature_scheme: SignatureScheme, ) -> CryptoResult<bool>

Returns true when end-to-end-identity is enabled for the given SignatureScheme

source§

impl MlsCentral

source

pub async fn get_device_identities( &self, conversation_id: &ConversationId, client_ids: &[ClientId], ) -> CryptoResult<Vec<WireIdentity>>

From a given conversation, get the identity of the members supplied. Identity is only present for members with a Certificate Credential (after turning on end-to-end identity). If no member has a x509 certificate, it will return an empty Vec

source

pub async fn get_user_identities( &self, conversation_id: &ConversationId, user_ids: &[String], ) -> CryptoResult<HashMap<String, Vec<WireIdentity>>>

From a given conversation, get the identity of the users (device holders) supplied. Identity is only present for devices with a Certificate Credential (after turning on end-to-end identity). If no member has a x509 certificate, it will return an empty Vec.

Returns a Map with all the identities for a given users. Consumers are then recommended to reduce those identities to determine the actual status of a user.

source§

impl MlsCentral

source

pub async fn e2ei_is_pki_env_setup(&self) -> bool

Returns whether the E2EI PKI environment is setup (i.e. Root CA, Intermediates, CRLs)

source

pub async fn e2ei_dump_pki_env(&self) -> CryptoResult<Option<E2eiDumpedPkiEnv>>

Dumps the PKI environment as PEM

Trait Implementations§

source§

impl Clone for MlsCentral

source§

fn clone(&self) -> MlsCentral

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for MlsCentral

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl From<MlsCentral> for CoreCrypto

source§

fn from(mls: MlsCentral) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, UT> HandleAlloc<UT> for T
where T: Send + Sync,

§

fn new_handle(value: Arc<T>) -> Handle

Create a new handle for an Arc value Read more
§

unsafe fn clone_handle(handle: Handle) -> Handle

Clone a handle Read more
§

unsafe fn consume_handle(handle: Handle) -> Arc<T>

Consume a handle, getting back the initial Arc<> Read more
§

unsafe fn get_arc(handle: Handle) -> Arc<Self>

Get a clone of the Arc<> using a “borrowed” handle. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> Same for T

source§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

source§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T