core_crypto_ffi::context

Struct CoreCryptoContext

Source 
pub struct CoreCryptoContext { /* private fields */ }

Implementations§

Source§

impl CoreCryptoContext

Source

pub async fn e2ei_new_enrollment( &self, client_id: String, display_name: String, handle: String, team: Option<String>, expiry_sec: u32, ciphersuite: Ciphersuite, ) -> Result<E2eiEnrollment, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_new_enrollment

Source

pub async fn e2ei_new_activation_enrollment( &self, display_name: String, handle: String, team: Option<String>, expiry_sec: u32, ciphersuite: Ciphersuite, ) -> Result<E2eiEnrollment, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_new_activation_enrollment

Source

pub async fn e2ei_new_rotate_enrollment( &self, display_name: Option<String>, handle: Option<String>, team: Option<String>, expiry_sec: u32, ciphersuite: Ciphersuite, ) -> Result<E2eiEnrollment, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_new_rotate_enrollment

Source

pub async fn e2ei_register_acme_ca( &self, trust_anchor_pem: String, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_register_acme_ca

Source

pub async fn e2ei_register_intermediate_ca( &self, cert_pem: String, ) -> Result<NewCrlDistributionPoints, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_register_intermediate_ca_pem

Source

pub async fn e2ei_register_crl( &self, crl_dp: String, crl_der: Vec<u8>, ) -> Result<CrlRegistration, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_register_crl

Source

pub async fn e2ei_mls_init_only( &self, enrollment: Arc<E2eiEnrollment>, certificate_chain: String, nb_key_package: Option<u32>, ) -> Result<NewCrlDistributionPoints, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_mls_init_only

Source

pub async fn e2ei_rotate( &self, conversation_id: Vec<u8>, ) -> Result<(), CoreCryptoError>

See core_crypto::mls::conversation::ConversationGuard::e2ei_rotate

Source

pub async fn save_x509_credential( &self, enrollment: Arc<E2eiEnrollment>, certificate_chain: String, ) -> Result<NewCrlDistributionPoints, CoreCryptoError>

See core_crypto::context::CentralContext::save_x509_credential

Source

pub async fn delete_stale_key_packages( &self, ciphersuite: Ciphersuite, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::delete_stale_key_packages

Source

pub async fn e2ei_enrollment_stash( &self, enrollment: Arc<E2eiEnrollment>, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_enrollment_stash

Source

pub async fn e2ei_enrollment_stash_pop( &self, handle: Vec<u8>, ) -> Result<E2eiEnrollment, CoreCryptoError>

See core_crypto::context::CentralContext::e2ei_enrollment_stash_pop

Source

pub async fn e2ei_conversation_state( &self, conversation_id: Vec<u8>, ) -> Result<E2eiConversationState, CoreCryptoError>

See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::e2ei_conversation_state]

Source

pub async fn e2ei_dump_pki_env( &self, ) -> Result<Option<E2eiDumpedPkiEnv>, CoreCryptoError>

Source

pub async fn e2ei_is_pki_env_setup(&self) -> Result<bool, CoreCryptoError>

See core_crypto::mls::MlsCentral::e2ei_is_pki_env_setup

Source

pub async fn e2ei_is_enabled( &self, ciphersuite: Ciphersuite, ) -> Result<bool, CoreCryptoError>

See core_crypto::mls::MlsCentral::e2ei_is_enabled

Source

pub async fn get_device_identities( &self, conversation_id: Vec<u8>, device_ids: Vec<ClientId>, ) -> Result<Vec<WireIdentity>, CoreCryptoError>

See [core_crypto::mls::MlsCentral::get_device_identities]

Source

pub async fn get_user_identities( &self, conversation_id: Vec<u8>, user_ids: Vec<String>, ) -> Result<HashMap<String, Vec<WireIdentity>>, CoreCryptoError>

See [core_crypto::mls::MlsCentral::get_user_identities]

Source

pub async fn get_credential_in_use( &self, group_info: Vec<u8>, credential_type: MlsCredentialType, ) -> Result<E2eiConversationState, CoreCryptoError>

See core_crypto::mls::MlsCentral::get_credential_in_use

Source§

impl CoreCryptoContext

Source

pub async fn proteus_init(&self) -> Result<(), CoreCryptoError>

See core_crypto::proteus::ProteusCentral::try_new

Source

pub async fn proteus_session_from_prekey( &self, session_id: String, prekey: Vec<u8>, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::proteus_session_from_prekey

Source

pub async fn proteus_session_from_message( &self, session_id: String, envelope: Vec<u8>, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_session_from_message

Source

pub async fn proteus_session_save( &self, session_id: String, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::proteus_session_save Note: This isn’t usually needed as persisting sessions happens automatically when decrypting/encrypting messages and initializing Sessions

Source

pub async fn proteus_session_delete( &self, session_id: String, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::proteus_session_delete

Source

pub async fn proteus_session_exists( &self, session_id: String, ) -> Result<bool, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_session_exists

Source

pub async fn proteus_decrypt( &self, session_id: String, ciphertext: Vec<u8>, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_decrypt

Source

pub async fn proteus_encrypt( &self, session_id: String, plaintext: Vec<u8>, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_encrypt

Source

pub async fn proteus_encrypt_batched( &self, sessions: Vec<String>, plaintext: Vec<u8>, ) -> Result<HashMap<String, Vec<u8>>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_encrypt_batched

Source

pub async fn proteus_new_prekey( &self, prekey_id: u16, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_new_prekey

Source

pub async fn proteus_new_prekey_auto( &self, ) -> Result<ProteusAutoPrekeyBundle, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_new_prekey_auto

Source

pub async fn proteus_last_resort_prekey( &self, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_last_resort_prekey

Source

pub fn proteus_last_resort_prekey_id(&self) -> Result<u16, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_last_resort_prekey_id

Source

pub async fn proteus_fingerprint(&self) -> Result<String, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_fingerprint

Source

pub async fn proteus_fingerprint_local( &self, session_id: String, ) -> Result<String, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_fingerprint_local

Source

pub async fn proteus_fingerprint_remote( &self, session_id: String, ) -> Result<String, CoreCryptoError>

See core_crypto::context::CentralContext::proteus_fingerprint_remote

Source

pub fn proteus_fingerprint_prekeybundle( &self, prekey: Vec<u8>, ) -> Result<String, CoreCryptoError>

See core_crypto::proteus::ProteusCentral::fingerprint_prekeybundle NOTE: uniffi doesn’t support associated functions, so we have to have the self here

Source

pub async fn proteus_cryptobox_migrate( &self, path: String, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::proteus_cryptobox_migrate

Source§

impl CoreCryptoContext

Source

pub async fn set_data(&self, data: Vec<u8>) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::set_data.

Source

pub async fn get_data(&self) -> Result<Option<Vec<u8>>, CoreCryptoError>

See core_crypto::context::CentralContext::get_data.

Source

pub async fn mls_init( &self, client_id: ClientId, ciphersuites: Ciphersuites, nb_key_package: Option<u32>, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::mls_init

Source

pub async fn mls_generate_keypairs( &self, ciphersuites: Ciphersuites, ) -> Result<Vec<ClientId>, CoreCryptoError>

See core_crypto::context::CentralContext::mls_generate_keypairs

Source

pub async fn mls_init_with_client_id( &self, client_id: ClientId, tmp_client_ids: Vec<ClientId>, ciphersuites: Ciphersuites, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::mls_init_with_client_id

Source

pub async fn client_public_key( &self, ciphersuite: Ciphersuite, credential_type: MlsCredentialType, ) -> Result<Vec<u8>, CoreCryptoError>

See core_crypto::mls::MlsCentral::client_public_key

Source

pub async fn conversation_epoch( &self, conversation_id: Vec<u8>, ) -> Result<u64, CoreCryptoError>

See [core_crypto::mls::conversation::ConversationGuard::epoch]

Source

pub async fn conversation_ciphersuite( &self, conversation_id: &ConversationId, ) -> Result<Ciphersuite, CoreCryptoError>

See [core_crypto::mls::conversation::ConversationGuard::ciphersuite]

Source

pub async fn conversation_exists( &self, conversation_id: Vec<u8>, ) -> Result<bool, CoreCryptoError>

See core_crypto::mls::MlsCentral::conversation_exists

Source

pub async fn get_client_ids( &self, conversation_id: Vec<u8>, ) -> Result<Vec<ClientId>, CoreCryptoError>

See [core_crypto::mls::conversation::ImmutableConversation::get_client_ids]

Source

pub async fn export_secret_key( &self, conversation_id: Vec<u8>, key_length: u32, ) -> Result<Vec<u8>, CoreCryptoError>

See [core_crypto::mls::conversation::ImmutableConversation::export_secret_key]

Source

pub async fn get_external_sender( &self, conversation_id: Vec<u8>, ) -> Result<Vec<u8>, CoreCryptoError>

See [core_crypto::mls::conversation::ImmutableConversation::get_external_sender]

Source

pub async fn client_keypackages( &self, ciphersuite: Ciphersuite, credential_type: MlsCredentialType, amount_requested: u32, ) -> Result<Vec<Vec<u8>>, CoreCryptoError>

See core_crypto::context::CentralContext::get_or_create_client_keypackages

Source

pub async fn client_valid_keypackages_count( &self, ciphersuite: Ciphersuite, credential_type: MlsCredentialType, ) -> Result<u64, CoreCryptoError>

See core_crypto::context::CentralContext::client_valid_key_packages_count

Source

pub async fn delete_keypackages( &self, refs: Vec<Vec<u8>>, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::delete_keypackages

Source

pub async fn create_conversation( &self, conversation_id: Vec<u8>, creator_credential_type: MlsCredentialType, config: ConversationConfiguration, ) -> Result<(), CoreCryptoError>

See core_crypto::context::CentralContext::new_conversation

Source

pub async fn process_welcome_message( &self, welcome_message: Vec<u8>, custom_configuration: CustomConfiguration, ) -> Result<WelcomeBundle, CoreCryptoError>

See core_crypto::context::CentralContext::process_raw_welcome_message

Source

pub async fn add_clients_to_conversation( &self, conversation_id: Vec<u8>, key_packages: Vec<Vec<u8>>, ) -> Result<NewCrlDistributionPoints, CoreCryptoError>

See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::add_members]

Source

pub async fn remove_clients_from_conversation( &self, conversation_id: Vec<u8>, clients: Vec<ClientId>, ) -> Result<(), CoreCryptoError>

See [core_crypto::context::CentralContext::remove_members_from_conversation]

Source

pub async fn mark_conversation_as_child_of( &self, child_id: Vec<u8>, parent_id: Vec<u8>, ) -> Result<(), CoreCryptoError>

See core_crypto::mls::conversation::ConversationGuard::mark_as_child_of

Source

pub async fn update_keying_material( &self, conversation_id: Vec<u8>, ) -> Result<(), CoreCryptoError>

See [core_crypto::context::CentralContext::update_keying_material]

Source

pub async fn commit_pending_proposals( &self, conversation_id: Vec<u8>, ) -> Result<(), CoreCryptoError>

See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::commit_pending_proposals]

Source

pub async fn wipe_conversation( &self, conversation_id: Vec<u8>, ) -> Result<(), CoreCryptoError>

see core_crypto::context::CentralContext::wipe_conversation

Source

pub async fn decrypt_message( &self, conversation_id: Vec<u8>, payload: Vec<u8>, ) -> Result<DecryptedMessage, CoreCryptoError>

See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::decrypt_message]

Source

pub async fn encrypt_message( &self, conversation_id: Vec<u8>, message: Vec<u8>, ) -> Result<Vec<u8>, CoreCryptoError>

See [core_crypto::mls::conversation::conversation_guard::ConversationGuard::encrypt_message]

Source

pub async fn join_by_external_commit( &self, group_info: Vec<u8>, custom_configuration: CustomConfiguration, credential_type: MlsCredentialType, ) -> Result<WelcomeBundle, CoreCryptoError>

See core_crypto::context::CentralContext::join_by_external_commit

Methods from Deref<Target = CentralContext>§

Source

pub async fn get_or_create_client_keypackages( &self, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, amount_requested: usize, ) -> Result<Vec<KeyPackage>, Error>

Returns amount_requested OpenMLS [openmls::key_packages::KeyPackage]s. Will always return the requested amount as it will generate the necessary (lacking) amount on-the-fly

Note: Keypackage pruning is performed as a first step

§Arguments
  • amount_requested - number of KeyPackages to request and fill the KeyPackageBundle
§Return type

A vector of KeyPackageBundle

§Errors

Errors can happen when accessing the KeyStore

Source

pub async fn client_valid_key_packages_count( &self, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> Result<usize, Error>

Returns the count of valid, non-expired, unclaimed keypackages in store for the given MlsCiphersuite and MlsCredentialType

Source

pub async fn delete_keypackages( &self, refs: &[HashReference], ) -> Result<(), Error>

Prunes local KeyPackages after making sure they also have been deleted on the backend side You should only use this after CentralContext::save_x509_credential

Source

pub async fn set_raw_external_senders( &self, cfg: &mut MlsConversationConfiguration, external_senders: Vec<Vec<u8>>, ) -> Result<(), Error>

Parses supplied key from Delivery Service in order to build back an [ExternalSender]

Source

pub async fn process_raw_welcome_message( &self, welcome: Vec<u8>, custom_cfg: MlsCustomConfiguration, ) -> Result<WelcomeBundle, Error>

Create a conversation from a TLS serialized MLS Welcome message. The MlsConversationConfiguration used in this function will be the default implementation.

§Arguments
  • welcome - a TLS serialized welcome message
  • configuration - configuration of the MLS conversation fetched from the Delivery Service
§Return type

This function will return the conversation/group id

§Errors

see CentralContext::process_welcome_message

Source

pub async fn process_welcome_message( &self, welcome: MlsMessageIn, custom_cfg: MlsCustomConfiguration, ) -> Result<WelcomeBundle, Error>

Create a conversation from a received MLS Welcome message

§Arguments
  • welcome - a Welcome message received as a result of a commit adding new members to a group
  • configuration - configuration of the group/conversation
§Return type

This function will return the conversation/group id

§Errors

Errors can be originating from the KeyStore of from OpenMls:

  • if no [openmls::key_packages::KeyPackage] can be read from the KeyStore
  • if the message can’t be decrypted
Source

pub async fn wipe_conversation(&self, id: &Vec<u8>) -> Result<(), Error>

Destroys a group locally

§Errors

KeyStore errors, such as IO

Source

pub async fn conversation( &self, id: &Vec<u8>, ) -> Result<ConversationGuard, Error>

Acquire a conversation guard.

This helper struct permits mutations on a conversation.

Source

pub async fn join_by_external_commit( &self, group_info: VerifiableGroupInfo, custom_cfg: MlsCustomConfiguration, credential_type: MlsCredentialType, ) -> Result<WelcomeBundle, Error>

Issues an external commit and stores the group in a temporary table. This method is intended for example when a new client wants to join the user’s existing groups. On success this function will return the group id and a message to be fanned out to other clients.

If the Delivery Service accepts the external commit, you have to [PendingConversation::merge] in order to get back a functional MLS group. On the opposite, if it rejects it, you can either retry by just calling again CentralContext::join_by_external_commit.

§Arguments
  • group_info - a GroupInfo wrapped in a MLS message. it can be obtained by deserializing a TLS serialized GroupInfo object
  • custom_cfg - configuration of the MLS conversation fetched from the Delivery Service
  • credential_type - kind of [openmls::prelude::Credential] to use for joining this group. If MlsCredentialType::Basic is chosen and no Credential has been created yet for it, a new one will be generated. When MlsCredentialType::X509 is chosen, it fails when no [openmls::prelude::Credential] has been created for the given Ciphersuite.
§Returns WelcomeBundle
§Errors

Errors resulting from OpenMls, the KeyStore calls and serialization

Source

pub async fn new_external_add_proposal( &self, conversation_id: Vec<u8>, epoch: GroupEpoch, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> Result<MlsMessageOut, Error>

Crafts a new external Add proposal. Enables a client outside a group to request addition to this group. For Wire only, the client must belong to an user already in the group

§Arguments
  • conversation_id - the group/conversation id
  • epoch - the current epoch of the group. See [openmls::group::GroupEpoch]
  • ciphersuite - of the new [openmls::prelude::KeyPackage] to create
  • credential_type - of the new [openmls::prelude::KeyPackage] to create
§Return type

Returns a message with the proposal to be add a new client

§Errors

Errors resulting from the creation of the proposal within OpenMls. Fails when credential_type is MlsCredentialType::X509 and no Credential has been created for it beforehand with CentralContext::e2ei_mls_init_only or variants.

Source

pub async fn new_add_proposal( &self, id: &Vec<u8>, key_package: KeyPackage, ) -> Result<MlsProposalBundle, Error>

Creates a new Add proposal

Source

pub async fn new_remove_proposal( &self, id: &Vec<u8>, client_id: ClientId, ) -> Result<MlsProposalBundle, Error>

Creates a new Add proposal

Source

pub async fn new_update_proposal( &self, id: &Vec<u8>, ) -> Result<MlsProposalBundle, Error>

Creates a new Add proposal

Source

pub async fn mls_init( &self, identifier: ClientIdentifier, ciphersuites: Vec<MlsCiphersuite>, nb_init_key_packages: Option<usize>, ) -> Result<(), Error>

Initializes the MLS client if super::CoreCrypto has previously been initialized with CoreCrypto::deferred_init instead of CoreCrypto::new. This should stay as long as proteus is supported. Then it should be removed.

Source

pub async fn mls_generate_keypairs( &self, ciphersuites: Vec<MlsCiphersuite>, ) -> Result<Vec<ClientId>, Error>

Generates MLS KeyPairs/CredentialBundle with a temporary, random client ID. This method is designed to be used in conjunction with CentralContext::mls_init_with_client_id and represents the first step in this process.

This returns the TLS-serialized identity keys (i.e. the signature keypair’s public key)

Source

pub async fn mls_init_with_client_id( &self, client_id: ClientId, tmp_client_ids: Vec<ClientId>, ciphersuites: Vec<MlsCiphersuite>, ) -> Result<(), Error>

Updates the current temporary Client ID with the newly provided one. This is the second step in the externally-generated clients process

Important: This is designed to be called after CentralContext::mls_generate_keypairs

Source

pub async fn client_public_key( &self, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> Result<Vec<u8>, Error>

see MlsCentral::client_public_key

Source

pub async fn client_id(&self) -> Result<ClientId, Error>

see MlsCentral::client_id

Source

pub async fn new_conversation( &self, id: &Vec<u8>, creator_credential_type: MlsCredentialType, config: MlsConversationConfiguration, ) -> Result<(), Error>

Create a new empty conversation

§Arguments
  • id - identifier of the group/conversation (must be unique otherwise the existing group will be overridden)
  • creator_credential_type - kind of credential the creator wants to create the group with
  • config - configuration of the group/conversation
§Errors

Errors can happen from the KeyStore or from OpenMls for ex if no [openmls::key_packages::KeyPackage] can be found in the KeyStore

Source

pub async fn conversation_exists(&self, id: &Vec<u8>) -> Result<bool, Error>

Checks if a given conversation id exists locally

Source

pub async fn random_bytes(&self, len: usize) -> Result<Vec<u8>, Error>

Generates a random byte array of the specified size

Source

pub async fn e2ei_verify_group_state( &self, group_info: VerifiableGroupInfo, ) -> Result<E2eiConversationState, Error>

See MlsCentral::e2ei_verify_group_state.

Source

pub async fn get_credential_in_use( &self, group_info: VerifiableGroupInfo, credential_type: MlsCredentialType, ) -> Result<E2eiConversationState, Error>

See MlsCentral::get_credential_in_use.

Source

pub async fn e2ei_is_enabled( &self, signature_scheme: SignatureScheme, ) -> Result<bool, Error>

See MlsCentral::e2ei_is_enabled

Source

pub async fn e2ei_is_pki_env_setup(&self) -> Result<bool, Error>

See MlsCentral::e2ei_is_pki_env_setup. Unlike MlsCentral::e2ei_is_pki_env_setup, this function returns a result.

Source

pub async fn e2ei_dump_pki_env(&self) -> Result<Option<E2eiDumpedPkiEnv>, Error>

See MlsCentral::e2ei_dump_pki_env.

Source

pub async fn e2ei_register_acme_ca( &self, trust_anchor_pem: String, ) -> Result<(), Error>

Registers a Root Trust Anchor CA for the use in E2EI processing.

Please note that without a Root Trust Anchor, all validations will fail; So this is the first step to perform after initializing your E2EI client

§Parameters
  • trust_anchor_pem - PEM certificate to anchor as a Trust Root
Source

pub async fn e2ei_register_intermediate_ca_pem( &self, cert_pem: String, ) -> Result<NewCrlDistributionPoint, Error>

Registers an Intermediate CA for the use in E2EI processing.

Please note that a Root Trust Anchor CA is needed to validate Intermediate CAs; You need to have a Root CA registered before calling this

§Parameters
  • cert_pem - PEM certificate to register as an Intermediate CA
Source

pub async fn e2ei_register_crl( &self, crl_dp: String, crl_der: Vec<u8>, ) -> Result<CrlRegistration, Error>

Registers a CRL for the use in E2EI processing.

Please note that a Root Trust Anchor CA is needed to validate CRLs; You need to have a Root CA registered before calling this

§Parameters
  • crl_dp - CRL Distribution Point; Basically the URL you fetched it from
  • crl_der - DER representation of the CRL
§Returns

A CrlRegistration with the dirty state of the new CRL (see struct) and its expiration timestamp

Source

pub async fn e2ei_new_activation_enrollment( &self, display_name: String, handle: String, team: Option<String>, expiry_sec: u32, ciphersuite: MlsCiphersuite, ) -> Result<E2eiEnrollment, Error>

Generates an E2EI enrollment instance for a “regular” client (with a Basic credential) willing to migrate to E2EI. As a consequence, this method does not support changing the ClientId which should remain the same as the Basic one. Once the enrollment is finished, use the instance in CentralContext::save_x509_credential to save the new credential.

Source

pub async fn e2ei_new_rotate_enrollment( &self, display_name: Option<String>, handle: Option<String>, team: Option<String>, expiry_sec: u32, ciphersuite: MlsCiphersuite, ) -> Result<E2eiEnrollment, Error>

Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential) having to change/rotate their credential, either because the former one is expired or it has been revoked. As a consequence, this method does not support changing neither ClientId which should remain the same as the previous one. It lets you change the DisplayName or the handle if you need to. Once the enrollment is finished, use the instance in CentralContext::save_x509_credential to do the rotation.

Source

pub async fn save_x509_credential( &self, enrollment: &mut E2eiEnrollment, certificate_chain: String, ) -> Result<NewCrlDistributionPoint, Error>

Saves a new X509 credential. Requires first having enrolled a new X509 certificate with either CentralContext::e2ei_new_activation_enrollment or CentralContext::e2ei_new_rotate_enrollment.

§Expected actions to perform after this function (in this order)
  1. Rotate credentials for each conversation in crate::mls::conversation::ConversationGuard::e2ei_rotate
  2. Generate new key packages with [Client::generate_new_keypackages]
  3. Use these to replace the stale ones the in the backend
  4. Delete the stale ones locally using Self::delete_stale_key_packages
    • This is the last step because you might still need the old key packages to avoid an orphan welcome message
Source

pub async fn delete_stale_key_packages( &self, cipher_suite: MlsCiphersuite, ) -> Result<(), Error>

Deletes all key packages whose leaf node’s credential does not match the most recently saved x509 credential with the provided signature scheme.

Source

pub async fn e2ei_enrollment_stash( &self, enrollment: E2eiEnrollment, ) -> Result<Vec<u8>, Error>

Allows persisting an active enrollment (for example while redirecting the user during OAuth) in order to resume it later with CentralContext::e2ei_enrollment_stash_pop

§Arguments
  • enrollment - the enrollment instance to persist
§Returns

A handle for retrieving the enrollment later on

Source

pub async fn e2ei_enrollment_stash_pop( &self, handle: Vec<u8>, ) -> Result<E2eiEnrollment, Error>

Fetches the persisted enrollment and deletes it from the keystore

§Arguments
Source

pub async fn e2ei_new_enrollment( &self, client_id: ClientId, display_name: String, handle: String, team: Option<String>, expiry_sec: u32, ciphersuite: MlsCiphersuite, ) -> Result<E2eiEnrollment, Error>

Creates an enrollment instance with private key material you can use in order to fetch a new x509 certificate from the acme server.

§Parameters
  • client_id - client identifier e.g. b7ac11a4-8f01-4527-af88-1c30885a7931:6add501bacd1d90e@example.com
  • display_name - human readable name displayed in the application e.g. Smith, Alice M (QA)
  • handle - user handle e.g. alice.smith.qa@example.com
  • expiry_sec - generated x509 certificate expiry in seconds
Source

pub async fn e2ei_mls_init_only( &self, enrollment: &mut E2eiEnrollment, certificate_chain: String, nb_init_key_packages: Option<usize>, ) -> Result<NewCrlDistributionPoint, Error>

Parses the ACME server response from the endpoint fetching x509 certificates and uses it to initialize the MLS client with a certificate

Source

pub async fn proteus_init(&self) -> Result<(), Error>

Initializes the proteus client

Source

pub async fn proteus_reload_sessions(&self) -> Result<(), Error>

Reloads the sessions from the key store

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or it will do nothing

Source

pub async fn proteus_session_from_prekey( &self, session_id: &str, prekey: &[u8], ) -> Result<Arc<RwLock<ProteusConversationSession>>, Error>

Creates a proteus session from a prekey

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session_from_message( &self, session_id: &str, envelope: &[u8], ) -> Result<(Arc<RwLock<ProteusConversationSession>>, Vec<u8>), Error>

Creates a proteus session from a Proteus message envelope

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session_save(&self, session_id: &str) -> Result<(), Error>

Saves a proteus session in the keystore

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session_delete( &self, session_id: &str, ) -> Result<(), Error>

Deletes a proteus session from the keystore

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session( &self, session_id: &str, ) -> Result<Option<Arc<RwLock<ProteusConversationSession>>>, Error>

Proteus session accessor

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_session_exists( &self, session_id: &str, ) -> Result<bool, Error>

Proteus session exists

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_decrypt( &self, session_id: &str, ciphertext: &[u8], ) -> Result<Vec<u8>, Error>

Decrypts a proteus message envelope

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_encrypt( &self, session_id: &str, plaintext: &[u8], ) -> Result<Vec<u8>, Error>

Encrypts proteus message for a given session ID

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_encrypt_batched( &self, sessions: &[impl AsRef<str>], plaintext: &[u8], ) -> Result<HashMap<String, Vec<u8>>, Error>

Encrypts a proteus message for several sessions ID. This is more efficient than other methods as the calls are batched. This also reduces the rountrips when crossing over the FFI

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_new_prekey(&self, prekey_id: u16) -> Result<Vec<u8>, Error>

Creates a new Proteus prekey and returns the CBOR-serialized version of the prekey bundle

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_new_prekey_auto(&self) -> Result<(u16, Vec<u8>), Error>

Creates a new Proteus prekey with an automatically incremented ID and returns the CBOR-serialized version of the prekey bundle

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_last_resort_prekey(&self) -> Result<Vec<u8>, Error>

Returns the last resort prekey

Source

pub async fn proteus_fingerprint(&self) -> Result<String, Error>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_fingerprint_local( &self, session_id: &str, ) -> Result<String, Error>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_fingerprint_remote( &self, session_id: &str, ) -> Result<String, Error>

Returns the proteus identity’s public key fingerprint

Warning: The Proteus client MUST be initialized with CentralContext::proteus_init first or an error will be returned

Source

pub async fn proteus_cryptobox_migrate(&self, path: &str) -> Result<(), Error>

Migrates an existing Cryptobox data store (whether a folder or an IndexedDB database) located at path to the keystore.

The client can then be initialized with CentralContext::proteus_init

Source

pub async fn mls_provider(&self) -> Result<MlsCryptoProvider, Error>

Clones all references that the MlsCryptoProvider comprises.

Source

pub async fn finish(&self) -> Result<(), Error>

Commits the transaction, meaning it takes all the enqueued operations and persist them into the keystore. After that the internal state is switched to invalid, causing errors if something is called from this object.

Source

pub async fn abort(&self) -> Result<(), Error>

Aborts the transaction, meaning it discards all the enqueued operations. After that the internal state is switched to invalid, causing errors if something is called from this object.

Source

pub async fn set_data(&self, data: Vec<u8>) -> Result<(), Error>

Set arbitrary data to be retrieved by CentralContext::get_data. This is meant to be used as a check point at the end of a transaction. The data should be limited to a reasonable size.

Source

pub async fn get_data(&self) -> Result<Option<Vec<u8>>, Error>

Get the data that has previously been set by CentralContext::set_data. This is meant to be used as a check point at the end of a transaction.

Trait Implementations§

Source§

impl Deref for CoreCryptoContext

Source§

type Target = CentralContext

The resulting type after dereferencing.
Source§

fn deref(&self) -> &Self::Target

Dereferences the value.
Source§

impl<UT> LiftRef<UT> for CoreCryptoContext

Source§

type LiftType = Arc<CoreCryptoContext>

Source§

impl<UT> LowerError<UT> for CoreCryptoContext

Source§

fn lower_error(obj: Self) -> RustBuffer

Lower this value for scaffolding function return Read more
Source§

impl<UT> LowerReturn<UT> for CoreCryptoContext

Source§

type ReturnType = <Arc<CoreCryptoContext> as LowerReturn<UniFfiTag>>::ReturnType

The type that should be returned by scaffolding functions for this type. Read more
Source§

fn lower_return(obj: Self) -> Result<Self::ReturnType, RustCallError>

Lower the return value from an scaffolding call Read more
§

fn handle_failed_lift( error: LiftArgsError, ) -> Result<Self::ReturnType, RustCallError>

Lower the return value for failed argument lifts Read more
Source§

impl<UT> TypeId<UT> for CoreCryptoContext

Source§

const TYPE_ID_META: MetadataBuffer

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, UT> HandleAlloc<UT> for T
where T: Send + Sync,

§

fn new_handle(value: Arc<T>) -> Handle

Create a new handle for an Arc value Read more
§

unsafe fn clone_handle(handle: Handle) -> Handle

Clone a handle Read more
§

unsafe fn consume_handle(handle: Handle) -> Arc<T>

Consume a handle, getting back the initial Arc<> Read more
§

unsafe fn get_arc(handle: Handle) -> Arc<Self>

Get a clone of the Arc<> using a “borrowed” handle. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

Source§

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)
The target type on which the method may be called.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T