Struct Session 

pub struct Session<D> { /* private fields */ }

A MLS Session enables a user device to communicate via the MLS protocol.

This closely maps to the Client term in RFC 9720, but we avoid that term to avoid ambiguity; Client is very overloaded with distinct meanings.

There is one Session per user per device. A session can contain many MLS groups/conversations.

It is cheap to clone a Session because everything heavy is wrapped inside an Arc.

Why does the session have a generic parameter?

The reason is to ensure at compile time that from inside the session, we don’t have the full interface of the database, just the read-only one, so we don’t have to remember that the session should only have API that doesn’t require writing to the DB – it won’t compile if we forget and try to do that. All API requiring to write to the DB should live on the transaction context.

Ideally, we’d like to have the database as an Arc<dyn FetchFromDatabase>> field on the session. However, we’d need to refactor the FetchFromDatabase trait, and thus the Entity trait to be dyn-compatible, which would require us to rewrite the entire keystore crate.

Implementations

impl<D> Session<D>

pub async fn find_credentials( &self, find_filters: CredentialFindFilters<'_>, ) -> Result<Vec<CredentialRef>, Error>

where D: FetchFromDatabase,

Find all credentials known by this session which match the specified conditions.

If no filters are set, this is equivalent to Self::get_credentials.

pub async fn get_credentials(&self) -> Result<Vec<CredentialRef>, Error>

where D: FetchFromDatabase,

Get all credentials known by this session.

impl<D> Session<D>

pub async fn e2ei_is_pki_env_setup(&self) -> bool

Returns whether the E2EI PKI environment is setup (i.e. Root CA, Intermediates, CRLs)

pub async fn e2ei_is_enabled( &self, ciphersuite: Ciphersuite, ) -> Result<bool, Error>

where D: FetchFromDatabase,

Returns true if end-to-end-identity is enabled for the given ciphersuite.

This is determined by checking for existence of credentials for the given ciphersuite: If there are x509 (and optionally basic) credentials -> Ok(true) If there are no x509 but basic credentials -> Ok(false) If there are no credentials for the given ciphersuite -> Err(CredentialNotFound)

pub async fn e2ei_verify_group_state( &self, group_info: VerifiableGroupInfo, ) -> Result<E2eiConversationState, Error>

Verifies a Group state before joining it

pub async fn get_credential_in_use( &self, group_info: VerifiableGroupInfo, credential_type: CredentialType, ) -> Result<E2eiConversationState, Error>

Gets the e2ei conversation state from a GroupInfo. Useful to check if the group has e2ei turned on or not before joining it.

impl<D> Session<D>

pub async fn register_epoch_observer( &self, epoch_observer: Arc<dyn EpochObserver>, ) -> Result<(), Error>

Add an epoch observer to this session. (see EpochObserver).

This function should be called 0 or 1 times in a session’s lifetime. If called when an epoch observer already exists, this will return an error.

impl<D> Session<D>

pub async fn register_history_observer( &self, history_observer: Arc<dyn HistoryObserver>, ) -> Result<()>

Add an history observer to this session. (see HistoryObserver).

This function should be called 0 or 1 times in a session’s lifetime. If called when an epoch observer already exists, this will return an error.

impl<D> Session<D>

where D: FetchFromDatabase,

pub async fn get_keypackage_refs(&self) -> Result<Vec<KeypackageRef>, Error>

Get all KeypackageRefs in the database.

impl<D: FetchFromDatabase> Session<D>

pub fn new( id: ClientId, crypto_provider: MlsCryptoProvider, database: D, transport: Arc<dyn MlsTransport>, ) -> Self

Create a new Session

pub async fn get_raw_conversation( &self, id: &ConversationIdRef, ) -> Result<ImmutableConversation<D>, Error>

where D: FetchFromDatabase + Clone,

Get an immutable view of an MlsConversation.

Because it operates on the raw conversation type, this may be faster than crate::transaction_context::TransactionContext::conversation for transient and immutable purposes. For long-lived or mutable purposes, prefer the other method.

pub async fn conversation_exists( &self, id: &ConversationIdRef, ) -> Result<bool, Error>

where D: Clone + FetchFromDatabase,

Checks if a given conversation id exists locally

pub fn random_bytes(&self, len: usize) -> Result<Vec<u8>>

Generates a random byte array of the specified size

pub async fn close(&self) -> Result<()>

Waits for running transactions to finish, then closes the connection with the local KeyStore.

Errors

KeyStore errors, such as IO, and if there is more than one strong reference to the connection.

pub fn database(&self) -> &impl FetchFromDatabase

Get read-only access to the database.

pub async fn reseed(&self, seed: Option<EntropySeed>) -> Result<()>

see crate::mls_provider::MlsCryptoProvider::reseed

pub fn id(&self) -> ClientId

Retrieves the client’s client id. This is free-form and not inspected.

Trait Implementations

impl<D: Clone> Clone for Session<D>

fn clone(&self) -> Session<D>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<D> Debug for Session<D>

where D: Debug,

fn fmt(&self, __derive_more_f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.