core_crypto/mls/conversation/
merge.rs

1//! A MLS group can be merged (aka committed) when it has a pending commit. The latter is a commit
2//! we created which is still waiting to be "committed". By doing so, we will apply all the
3//! modifications present in the commit to the ratchet tree and also persist the new group in the
4//! keystore. Like this, even if the application crashes we will be able to restore.
5//!
6//! This table summarizes when a MLS group can be merged:
7//!
8//! | can be merged ?   | 0 pend. Commit | 1 pend. Commit |
9//! |-------------------|----------------|----------------|
10//! | 0 pend. Proposal  | ❌              | ✅              |
11//! | 1+ pend. Proposal | ❌              | ✅              |
12//!
13
14use core_crypto_keystore::entities::MlsEncryptionKeyPair;
15use openmls_traits::OpenMlsCryptoProvider;
16
17use mls_crypto_provider::MlsCryptoProvider;
18
19use super::Result;
20use crate::{MlsError, mls::MlsConversation, prelude::Session};
21
22/// Abstraction over a MLS group capable of merging a commit
23impl MlsConversation {
24    /// see [TransactionContext::commit_accepted]
25    #[cfg_attr(test, crate::durable)]
26    pub(crate) async fn commit_accepted(&mut self, client: &Session, backend: &MlsCryptoProvider) -> Result<()> {
27        // openmls stores here all the encryption keypairs used for update proposals..
28        let previous_own_leaf_nodes = self.group.own_leaf_nodes.clone();
29
30        self.group
31            .merge_pending_commit(backend)
32            .await
33            .map_err(MlsError::wrap("merging pending commit"))?;
34        self.persist_group_when_changed(&backend.keystore(), false).await?;
35
36        // ..so if there's any, we clear them after the commit is merged
37        for oln in &previous_own_leaf_nodes {
38            let ek = oln.encryption_key().as_slice();
39            let _ = backend.key_store().remove::<MlsEncryptionKeyPair, _>(ek).await;
40        }
41
42        client
43            .notify_epoch_changed(self.id.clone(), self.group.epoch().as_u64())
44            .await;
45
46        Ok(())
47    }
48}
49
50#[cfg(test)]
51mod tests {
52    use wasm_bindgen_test::*;
53
54    use crate::test_utils::*;
55
56    wasm_bindgen_test_configure!(run_in_browser);
57
58    mod commit_accepted {
59        use super::*;
60
61        #[apply(all_cred_cipher)]
62        #[wasm_bindgen_test]
63        async fn should_apply_pending_commit(case: TestContext) {
64            let [alice_central, bob_central] = case.sessions().await;
65            Box::pin(async move {
66                let id = conversation_id();
67                alice_central
68                    .transaction
69                    .new_conversation(&id, case.credential_type, case.cfg.clone())
70                    .await
71                    .unwrap();
72                alice_central.invite_all(&case, &id, [&bob_central]).await.unwrap();
73                assert_eq!(alice_central.get_conversation_unchecked(&id).await.members().len(), 2);
74                alice_central
75                    .transaction
76                    .conversation(&id)
77                    .await
78                    .unwrap()
79                    .remove_members(&[bob_central.get_client_id().await])
80                    .await
81                    .unwrap();
82                assert_eq!(alice_central.get_conversation_unchecked(&id).await.members().len(), 1);
83            })
84            .await
85        }
86
87        #[apply(all_cred_cipher)]
88        #[wasm_bindgen_test]
89        async fn should_clear_pending_commit_and_proposals(case: TestContext) {
90            let [mut alice_central] = case.sessions().await;
91            Box::pin(async move {
92                let id = conversation_id();
93                alice_central
94                    .transaction
95                    .new_conversation(&id, case.credential_type, case.cfg.clone())
96                    .await
97                    .unwrap();
98                alice_central.transaction.new_update_proposal(&id).await.unwrap();
99                alice_central.create_unmerged_commit(&id).await;
100                assert!(!alice_central.pending_proposals(&id).await.is_empty());
101                assert!(alice_central.pending_commit(&id).await.is_some());
102                alice_central
103                    .get_conversation_unchecked(&id)
104                    .await
105                    .commit_accepted(
106                        &alice_central.transaction.session().await.unwrap(),
107                        &alice_central.session.crypto_provider,
108                    )
109                    .await
110                    .unwrap();
111                assert!(alice_central.pending_commit(&id).await.is_none());
112                assert!(alice_central.pending_proposals(&id).await.is_empty());
113            })
114            .await
115        }
116
117        #[apply(all_cred_cipher)]
118        #[wasm_bindgen_test]
119        async fn should_clean_associated_key_material(case: TestContext) {
120            let [alice_central] = case.sessions().await;
121            Box::pin(async move {
122                let id = conversation_id();
123                alice_central
124                    .transaction
125                    .new_conversation(&id, case.credential_type, case.cfg.clone())
126                    .await
127                    .unwrap();
128
129                let initial_count = alice_central.transaction.count_entities().await;
130
131                alice_central.transaction.new_update_proposal(&id).await.unwrap();
132                let post_proposal_count = alice_central.transaction.count_entities().await;
133                assert_eq!(
134                    post_proposal_count.encryption_keypair,
135                    initial_count.encryption_keypair + 1
136                );
137
138                alice_central
139                    .transaction
140                    .conversation(&id)
141                    .await
142                    .unwrap()
143                    .commit_pending_proposals()
144                    .await
145                    .unwrap();
146
147                let final_count = alice_central.transaction.count_entities().await;
148                assert_eq!(initial_count, final_count);
149            })
150            .await
151        }
152    }
153}