core_crypto/transaction_context/conversation/
welcome.rs1use std::borrow::BorrowMut as _;
4
5use super::{Error, Result, TransactionContext};
6use crate::{
7 RecursiveError,
8 mls::credential::crl::{extract_crl_uris_from_group, get_new_crl_distribution_points},
9 prelude::{MlsConversation, MlsConversationConfiguration, MlsCustomConfiguration, WelcomeBundle},
10};
11use openmls::prelude::{MlsMessageIn, MlsMessageInBody};
12use tls_codec::Deserialize as _;
13
14impl TransactionContext {
15 #[cfg_attr(test, crate::dispotent)]
27 pub async fn process_raw_welcome_message(
28 &self,
29 welcome: &[u8],
30 custom_cfg: MlsCustomConfiguration,
31 ) -> Result<WelcomeBundle> {
32 let mut cursor = std::io::Cursor::new(welcome);
33 let welcome =
34 MlsMessageIn::tls_deserialize(&mut cursor).map_err(Error::tls_deserialize("mls message in (welcome)"))?;
35 self.process_welcome_message(welcome, custom_cfg).await
36 }
37
38 #[cfg_attr(test, crate::dispotent)]
52 pub async fn process_welcome_message(
53 &self,
54 welcome: MlsMessageIn,
55 custom_cfg: MlsCustomConfiguration,
56 ) -> Result<WelcomeBundle> {
57 let MlsMessageInBody::Welcome(welcome) = welcome.extract() else {
58 return Err(Error::CallerError(
59 "the message provided to process_welcome_message was not a welcome message",
60 ));
61 };
62 let cs = welcome.ciphersuite().into();
63 let configuration = MlsConversationConfiguration {
64 ciphersuite: cs,
65 custom: custom_cfg,
66 ..Default::default()
67 };
68 let mls_provider = self
69 .mls_provider()
70 .await
71 .map_err(RecursiveError::transaction("getting mls provider"))?;
72 let mut mls_groups = self
73 .mls_groups()
74 .await
75 .map_err(RecursiveError::transaction("getting mls groups"))?;
76 let conversation =
77 MlsConversation::from_welcome_message(welcome, configuration, &mls_provider, mls_groups.borrow_mut())
78 .await
79 .map_err(RecursiveError::mls_conversation("creating conversation from welcome"))?;
80
81 let crl_new_distribution_points = get_new_crl_distribution_points(
83 &mls_provider,
84 extract_crl_uris_from_group(&conversation.group)
85 .map_err(RecursiveError::mls_credential("extracting crl uris from group"))?,
86 )
87 .await
88 .map_err(RecursiveError::mls_credential("getting new crl distribution points"))?;
89
90 let id = conversation.id.clone();
91 mls_groups.insert(id.clone(), conversation);
92
93 Ok(WelcomeBundle {
94 id,
95 crl_new_distribution_points,
96 })
97 }
98}
99
100#[cfg(test)]
101mod tests {
102 use crate::test_utils::*;
103
104 use super::*;
105
106 #[apply(all_cred_cipher)]
107 async fn joining_from_welcome_should_prune_local_key_material(case: TestContext) {
108 let [alice, bob] = case.sessions().await;
109 Box::pin(async move {
110 let commit_guard = case.create_conversation([&alice]).await.invite([&bob]).await;
113
114 let prev_count = bob.transaction.count_entities().await;
116 commit_guard.notify_members().await;
118
119 let next_count = bob.transaction.count_entities().await;
121 assert_eq!(next_count.key_package, prev_count.key_package - 1);
122 assert_eq!(next_count.hpke_private_key, prev_count.hpke_private_key - 1);
123 assert_eq!(next_count.encryption_keypair, prev_count.encryption_keypair - 1);
124 })
125 .await;
126 }
127
128 #[apply(all_cred_cipher)]
129 async fn process_welcome_should_fail_when_already_exists(case: TestContext) {
130 use crate::LeafError;
131
132 let [alice, bob] = case.sessions().await;
133 Box::pin(async move {
134 let commit = case.create_conversation([&alice]).await.invite([&bob]).await;
135 let conversation = commit.conversation();
136 let id = conversation.id().clone();
137 bob
139 .transaction
140 .new_conversation(&id, case.credential_type, case.cfg.clone())
141 .await
142 .unwrap();
143
144 let welcome = conversation.transport().await.latest_welcome_message().await;
145 let join_welcome = bob
146 .transaction
147 .process_welcome_message(welcome.into(), case.custom_cfg())
148 .await;
149 assert!(
150 matches!(join_welcome.unwrap_err(),
151 Error::Recursive(crate::RecursiveError::MlsConversation { source, .. })
152 if matches!(*source, crate::mls::conversation::Error::Leaf(LeafError::ConversationAlreadyExists(ref i)) if i == &id
153 )
154 )
155 );
156 })
157 .await;
158 }
159}