core_crypto

Struct CoreCrypto

Source 
pub struct CoreCrypto { /* private fields */ }
Expand description

Wrapper superstruct for both [mls::Client] and proteus::ProteusCentral

As std::ops::Deref is implemented, this struct is automatically dereferred to [mls::Client] apart from proteus_* calls

This is cheap to clone as all internal members have Arc wrappers or are Copy.

Implementations§

Source§

impl CoreCrypto

Source

pub async fn register_epoch_observer( &self, epoch_observer: Arc<dyn EpochObserver>, ) -> Result<(), Error>

Add an epoch observer to this session.

This function should be called 0 or 1 times in a session’s lifetime. If called when an epoch observer already exists, this will return an error.

Source§

impl CoreCrypto

Source

pub async fn proteus_session( &self, session_id: &str, ) -> Result<Option<Arc<RwLock<ProteusConversationSession>>>>

Proteus session accessor

Warning: The Proteus client MUST be initialized with TransactionContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session_exists(&self, session_id: &str) -> Result<bool>

Proteus session exists

Warning: The Proteus client MUST be initialized with TransactionContext::proteus_init first or an error will be returned

Source

pub fn proteus_last_resort_prekey_id() -> u16

Returns the proteus last resort prekey id (u16::MAX = 65535)

Source

pub async fn proteus_fingerprint(&self) -> Result<String>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with TransactionContext::proteus_init first or an error will be returned

Source

pub async fn proteus_fingerprint_local( &self, session_id: &str, ) -> Result<String>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with TransactionContext::proteus_init first or an error will be returned

Source

pub async fn proteus_fingerprint_remote( &self, session_id: &str, ) -> Result<String>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with TransactionContext::proteus_init first or an error will be returned

Source§

impl CoreCrypto

Source

pub async fn new_transaction(&self) -> Result<TransactionContext>

Creates a new transaction. All operations that persist data will be buffered in memory and when TransactionContext::finish is called, the data will be persisted in a single database transaction.

Source§

impl CoreCrypto

Source

pub fn take(self) -> Session

Allows to extract the MLS Client from the wrapper superstruct

Methods from Deref<Target = Session>§

Source

pub async fn e2ei_is_pki_env_setup(&self) -> bool

Returns whether the E2EI PKI environment is setup (i.e. Root CA, Intermediates, CRLs)

Source

pub async fn e2ei_dump_pki_env(&self) -> Result<Option<E2eiDumpedPkiEnv>, Error>

Dumps the PKI environment as PEM

Source

pub async fn e2ei_is_enabled( &self, signature_scheme: SignatureScheme, ) -> Result<bool, Error>

Returns true when end-to-end-identity is enabled for the given SignatureScheme

Source

pub async fn e2ei_verify_group_state( &self, group_info: VerifiableGroupInfo, ) -> Result<E2eiConversationState, Error>

Verifies a Group state before joining it

Source

pub async fn get_credential_in_use( &self, group_info: VerifiableGroupInfo, credential_type: MlsCredentialType, ) -> Result<E2eiConversationState, Error>

Gets the e2ei conversation state from a GroupInfo. Useful to check if the group has e2ei turned on or not before joining it.

Source

pub async fn generate_one_keypackage_from_credential_bundle( &self, backend: &MlsCryptoProvider, cs: MlsCiphersuite, cb: &CredentialBundle, ) -> Result<KeyPackage, Error>

Generates a single new keypackage

§Arguments
  • backend - the KeyStorage to load the keypackages from
§Errors

KeyStore and OpenMls errors

Source

pub async fn request_key_packages( &self, count: usize, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, backend: &MlsCryptoProvider, ) -> Result<Vec<KeyPackage>, Error>

Requests count keying material to be present and returns a reference to it for the consumer to copy/clone.

§Arguments
§Errors

KeyStore and OpenMls errors

Source

pub async fn valid_keypackages_count( &self, backend: &MlsCryptoProvider, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> Result<usize, Error>

Returns the count of valid, non-expired, unclaimed keypackages in store

Source

pub async fn prune_keypackages( &self, backend: &MlsCryptoProvider, refs: &[KeyPackageRef], ) -> Result<(), Error>

Prune the provided KeyPackageRefs from the keystore

Warning: Despite this API being public, the caller should know what they’re doing. Provided KeypackageRefs will be purged regardless of their expiration state, so please be wary of what you are doing if you directly call this API. This could result in still valid, uploaded keypackages being pruned from the system and thus being impossible to find when referenced in a future Welcome message.

Source

pub async fn provide_transport(&self, transport: Arc<dyn MlsTransport>)

Provide the implementation of functions to communicate with the delivery service (see MlsTransport).

Source

pub async fn init( &self, identifier: ClientIdentifier, ciphersuites: &[MlsCiphersuite], backend: &MlsCryptoProvider, nb_key_package: usize, ) -> Result<(), Error>

Initializes the client. If the client’s cryptographic material is already stored in the keystore, it loads it Otherwise, it is being created.

§Arguments
  • identifier - client identifier ; either a ClientId or a x509 certificate chain
  • ciphersuites - all ciphersuites this client is supposed to support
  • backend - the KeyStore and crypto provider to read identities from
§Errors

KeyStore and OpenMls errors can happen

Source

pub async fn get_raw_conversation( &self, id: &ConversationId, ) -> Result<ImmutableConversation, Error>

Get an immutable view of an MlsConversation.

Because it operates on the raw conversation type, this may be faster than crate::mls::TransactionContext::conversation. for transient and immutable purposes. For long-lived or mutable purposes, prefer the other method.

Source

pub async fn public_key( &self, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> Result<Vec<u8>>

Returns the client’s most recent public signature key as a buffer. Used to upload a public key to the server in order to verify client’s messages signature.

§Arguments
  • ciphersuite - a callback to be called to perform authorization
  • credential_type - of the credential to look for
Source

pub async fn conversation_exists( &self, id: &ConversationId, ) -> Result<bool, Error>

Checks if a given conversation id exists locally

Source

pub fn random_bytes(&self, len: usize) -> Result<Vec<u8>>

Generates a random byte array of the specified size

Source

pub async fn can_close(&self) -> bool

Reports whether the local KeyStore believes that it can currently close.

Beware TOCTOU!

Source

pub async fn reseed(&self, seed: Option<EntropySeed>) -> Result<()>

see mls_crypto_provider::MlsCryptoProvider::reseed

Source

pub async fn generate_raw_keypairs( &self, ciphersuites: &[MlsCiphersuite], backend: &MlsCryptoProvider, ) -> Result<Vec<ClientId>, Error>

Initializes a raw MLS keypair without an associated client ID Returns a random ClientId to bind later in [Client::init_with_external_client_id]

§Arguments
  • ciphersuites - all ciphersuites this client is supposed to support
  • backend - the KeyStore and crypto provider to read identities from
§Errors

KeyStore and OpenMls errors can happen

Source

pub async fn init_with_external_client_id( &self, client_id: ClientId, tmp_ids: Vec<ClientId>, ciphersuites: &[MlsCiphersuite], backend: &MlsCryptoProvider, ) -> Result<(), Error>

Finalizes initialization using a 2-step process of uploading first a public key and then associating a new Client ID to that keypair

§Arguments
  • client_id - The client ID you have fetched from the MLS Authentication Service
  • tmp_ids - The temporary random client ids generated in the previous step [Client::generate_raw_keypairs]
  • ciphersuites - To initialize the Client with
  • backend - the KeyStore and crypto provider to read identities from

WARNING: You have absolutely NO reason to call this if you didn’t call [Client::generate_raw_keypairs] first. You have been warned!

Source

pub async fn id(&self) -> Result<ClientId, Error>

Retrieves the client’s client id. This is free-form and not inspected.

Source

pub async fn is_e2ei_capable(&self) -> bool

Returns whether this client is E2EI capable

Trait Implementations§

Source§

impl Clone for CoreCrypto

Source§

fn clone(&self) -> CoreCrypto

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CoreCrypto

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Deref for CoreCrypto

Source§

type Target = Session

The resulting type after dereferencing.
Source§

fn deref(&self) -> &Self::Target

Dereferences the value.
Source§

impl DerefMut for CoreCrypto

Source§

fn deref_mut(&mut self) -> &mut Self::Target

Mutably dereferences the value.
Source§

impl From<Session> for CoreCrypto

Source§

fn from(mls: Session) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

Source§

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)
The target type on which the method may be called.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T