wip

Cargo.toml

@@ -46,28 +46,32 @@ git = "https://github.com/wireapp/proteus"
 branch = "2.x"
 
 [patch.crates-io.openmls]
-package = "openmls"
-git = "https://github.com/wireapp/openmls"
+#package = "openmls"
+#git = "https://github.com/wireapp/openmls"
 #tag = "v1.0.0-pre.core-crypto-1.0.0"
-branch = "feat/rfc9420"
+#branch = "feat/rfc9420"
+path = "../openmls/openmls"
 
 [patch.crates-io.openmls_traits]
-package = "openmls_traits"
-git = "https://github.com/wireapp/openmls"
+#package = "openmls_traits"
+#git = "https://github.com/wireapp/openmls"
 #tag = "v1.0.0-pre.core-crypto-1.0.0"
-branch = "feat/rfc9420"
+#branch = "feat/rfc9420"
+path = "../openmls/traits"
 
 [patch.crates-io.openmls_basic_credential]
-package = "openmls_basic_credential"
-git = "https://github.com/wireapp/openmls"
+#package = "openmls_basic_credential"
+#git = "https://github.com/wireapp/openmls"
 #tag = "v1.0.0-pre.core-crypto-1.0.0"
-branch = "feat/rfc9420"
+#branch = "feat/rfc9420"
+path = "../openmls/basic_credential"
 
 [patch.crates-io.openmls_x509_credential]
-package = "openmls_x509_credential"
-git = "https://github.com/wireapp/openmls"
+#package = "openmls_x509_credential"
+#git = "https://github.com/wireapp/openmls"
 #tag = "v1.0.0-pre.core-crypto-1.0.0"
-branch = "feat/rfc9420"
+#branch = "feat/rfc9420"
+path = "../openmls/x509_credential"
 
 [patch.crates-io.hpke]
 git = "https://github.com/wireapp/rust-hpke.git"

crypto-ffi/src/generic.rs

@@ -214,21 +214,39 @@ pub struct MemberAddedMessages {
     pub welcome: Vec<u8>,
     pub commit: Vec<u8>,
     pub group_info: GroupInfoBundle,
+    pub crl_new_distribution_points: Option<Vec<String>>,
 }
 
 impl TryFrom<MlsConversationCreationMessage> for MemberAddedMessages {
     type Error = CoreCryptoError;
 
     fn try_from(msg: MlsConversationCreationMessage) -> Result<Self, Self::Error> {
-        let (welcome, commit, group_info) = msg.to_bytes_triple()?;
+        let (welcome, commit, group_info, crl_new_distribution_points) = msg.to_bytes_triple()?;
         Ok(Self {
             welcome,
             commit,
             group_info: group_info.into(),
+            crl_new_distribution_points,
         })
     }
 }
 
+#[derive(Debug, uniffi::Record)]
+/// see [core_crypto::prelude::MlsConversationCreationMessage]
+pub struct WelcomeBundle {
+    pub id: ConversationId,
+    pub crl_new_distribution_points: Option<Vec<String>>,
+}
+
+impl From<core_crypto::prelude::WelcomeBundle> for WelcomeBundle {
+    fn from(w: core_crypto::prelude::WelcomeBundle) -> Self {
+        Self {
+            id: w.id,
+            crl_new_distribution_points: w.crl_new_distribution_points,
+        }
+    }
+}
+
 #[derive(Debug, uniffi::Record)]
 pub struct CommitBundle {
     pub welcome: Option<Vec<u8>>,
@@ -372,18 +390,20 @@ pub struct ConversationInitBundle {
     pub conversation_id: Vec<u8>,
     pub commit: Vec<u8>,
     pub group_info: GroupInfoBundle,
+    pub crl_new_distribution_points: Option<Vec<String>>,
 }
 
 impl TryFrom<MlsConversationInitBundle> for ConversationInitBundle {
     type Error = CoreCryptoError;
 
     fn try_from(mut from: MlsConversationInitBundle) -> Result<Self, Self::Error> {
         let conversation_id = std::mem::take(&mut from.conversation_id);
-        let (commit, gi) = from.to_bytes_pair()?;
+        let (commit, gi, crl_new_distribution_points) = from.to_bytes_triple()?;
         Ok(Self {
             conversation_id,
             commit,
             group_info: gi.into(),
+            crl_new_distribution_points,
         })
     }
 }
@@ -919,13 +939,14 @@ impl CoreCrypto {
         &self,
         welcome_message: Vec<u8>,
         custom_configuration: CustomConfiguration,
-    ) -> CoreCryptoResult<Vec<u8>> {
+    ) -> CoreCryptoResult<WelcomeBundle> {
         Ok(self
             .central
             .lock()
             .await
             .process_raw_welcome_message(welcome_message, custom_configuration.into())
-            .await?)
+            .await?
+            .into())
     }
 
     /// See [core_crypto::mls::MlsCentral::add_members_to_conversation]

crypto-ffi/src/wasm.rs

@@ -496,6 +496,7 @@ pub struct ConversationInitBundle {
     conversation_id: ConversationId,
     commit: Vec<u8>,
     group_info: GroupInfoBundle,
+    crl_new_distribution_points: Option<Vec<String>>,
 }
 
 #[wasm_bindgen]
@@ -514,6 +515,13 @@ impl ConversationInitBundle {
     pub fn group_info(&self) -> GroupInfoBundle {
         self.group_info.clone()
     }
+
+    #[wasm_bindgen(getter)]
+    pub fn crl_new_distribution_points(&self) -> Option<js_sys::Array> {
+        self.crl_new_distribution_points
+            .clone()
+            .map(|crl_dp| crl_dp.iter().cloned().map(JsValue::from).collect::<js_sys::Array>())
+    }
 }
 
 impl TryFrom<MlsConversationInitBundle> for ConversationInitBundle {
@@ -530,6 +538,7 @@ impl TryFrom<MlsConversationInitBundle> for ConversationInitBundle {
             conversation_id,
             commit,
             group_info: pgs.into(),
+            crl_new_distribution_points: from.crl_new_distribution_points,
         })
     }
 }
@@ -653,6 +662,38 @@ impl DecryptedMessage {
     }
 }
 
+#[wasm_bindgen]
+#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
+/// see [core_crypto::prelude::WelcomeBundle]
+pub struct WelcomeBundle {
+    id: ConversationId,
+    crl_new_distribution_points: Option<Vec<String>>,
+}
+
+impl From<core_crypto::prelude::WelcomeBundle> for WelcomeBundle {
+    fn from(w: core_crypto::prelude::WelcomeBundle) -> Self {
+        Self {
+            id: w.id,
+            crl_new_distribution_points: w.crl_new_distribution_points,
+        }
+    }
+}
+
+#[wasm_bindgen]
+impl WelcomeBundle {
+    #[wasm_bindgen(getter)]
+    pub fn id(&self) -> Uint8Array {
+        Uint8Array::from(&*self.id)
+    }
+
+    #[wasm_bindgen(getter)]
+    pub fn crl_new_distribution_points(&self) -> Option<js_sys::Array> {
+        self.crl_new_distribution_points
+            .clone()
+            .map(|crl_dp| crl_dp.iter().cloned().map(JsValue::from).collect::<js_sys::Array>())
+    }
+}
+
 #[wasm_bindgen]
 #[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
 /// to avoid recursion
@@ -1470,13 +1511,14 @@ impl CoreCrypto {
         let this = self.inner.clone();
         future_to_promise(
             async move {
-                let conversation_id = this
+                let bundle = this
                     .write()
                     .await
                     .process_raw_welcome_message(welcome_message.into(), custom_configuration.into())
                     .await
                     .map_err(CoreCryptoError::from)?;
-                WasmCryptoResult::Ok(Uint8Array::from(conversation_id.as_slice()).into())
+                let bundle: WelcomeBundle = bundle.into();
+                WasmCryptoResult::Ok(serde_wasm_bindgen::to_value(&bundle)?)
             }
             .err_into(),
         )

crypto/src/e2e_identity/rotate.rs

@@ -15,52 +15,6 @@ use crate::{
     MlsError,
 };
 
-/// Result returned after rotating the Credential of the current client in all the local conversations
-#[derive(Debug, Clone)]
-pub struct MlsRotateBundle {
-    /// An Update commit for each conversation
-    pub commits: HashMap<ConversationId, MlsCommitBundle>,
-    /// Fresh KeyPackages with the new Credential
-    pub new_key_packages: Vec<KeyPackage>,
-    /// All the now deprecated KeyPackages. Once deleted remotely, delete them locally with [MlsCentral::delete_keypackages]
-    pub key_package_refs_to_remove: Vec<KeyPackageRef>,
-}
-
-impl MlsRotateBundle {
-    /// Lower through the FFI
-    #[allow(clippy::type_complexity)]
-    pub fn to_bytes(self) -> CryptoResult<(HashMap<String, MlsCommitBundle>, Vec<Vec<u8>>, Vec<Vec<u8>>)> {
-        use openmls::prelude::TlsSerializeTrait as _;
-
-        let commits_size = self.commits.len();
-        let commits = self
-            .commits
-            .into_iter()
-            .try_fold(HashMap::with_capacity(commits_size), |mut acc, (id, c)| {
-                // because uniffi ONLY supports HashMap<String, T>
-                let id = hex::encode(id);
-                let _ = acc.insert(id, c);
-                CryptoResult::Ok(acc)
-            })?;
-
-        let kp_size = self.new_key_packages.len();
-        let new_key_packages =
-            self.new_key_packages
-                .into_iter()
-                .try_fold(Vec::with_capacity(kp_size), |mut acc, kp| {
-                    acc.push(kp.tls_serialize_detached().map_err(MlsError::from)?);
-                    CryptoResult::Ok(acc)
-                })?;
-        let key_package_refs_to_remove = self
-            .key_package_refs_to_remove
-            .into_iter()
-            // TODO: add a method for taking ownership in HashReference
-            .map(|r| r.as_slice().to_vec())
-            .collect::<Vec<_>>();
-        Ok((commits, new_key_packages, key_package_refs_to_remove))
-    }
-}
-
 impl MlsCentral {
     /// Generates an E2EI enrollment instance for a "regular" client (with a Basic credential)
     /// willing to migrate to E2EI. As a consequence, this method does not support changing the
@@ -159,6 +113,9 @@ impl MlsCentral {
             signature_scheme: cs.signature_algorithm(),
         };
 
+        let ee = certificate_chain.get(0).ok_or(CryptoError::InvalidCertificateChain)?;
+        let crl_new_distribution_points = None;
+
         let cert_bundle = CertificateBundle {
             certificate_chain,
             private_key,
@@ -184,6 +141,7 @@ impl MlsCentral {
             commits,
             new_key_packages,
             key_package_refs_to_remove,
+            crl_new_distribution_points,
         })
     }
 
@@ -261,6 +219,66 @@ impl MlsConversation {
     }
 }
 
+/// Result returned after rotating the Credential of the current client in all the local conversations
+#[derive(Debug, Clone)]
+pub struct MlsRotateBundle {
+    /// An Update commit for each conversation
+    pub commits: HashMap<ConversationId, MlsCommitBundle>,
+    /// Fresh KeyPackages with the new Credential
+    pub new_key_packages: Vec<KeyPackage>,
+    /// All the now deprecated KeyPackages. Once deleted remotely, delete them locally with [MlsCentral::delete_keypackages]
+    pub key_package_refs_to_remove: Vec<KeyPackageRef>,
+    /// New CRL distribution points that appeared by the introduction of a new credential
+    pub crl_new_distribution_points: Option<Vec<String>>,
+}
+
+impl MlsRotateBundle {
+    /// Lower through the FFI
+    #[allow(clippy::type_complexity)]
+    pub fn to_bytes(
+        self,
+    ) -> CryptoResult<(
+        HashMap<String, MlsCommitBundle>,
+        Vec<Vec<u8>>,
+        Vec<Vec<u8>>,
+        Option<Vec<String>>,
+    )> {
+        use openmls::prelude::TlsSerializeTrait as _;
+
+        let commits_size = self.commits.len();
+        let commits = self
+            .commits
+            .into_iter()
+            .try_fold(HashMap::with_capacity(commits_size), |mut acc, (id, c)| {
+                // because uniffi ONLY supports HashMap<String, T>
+                let id = hex::encode(id);
+                let _ = acc.insert(id, c);
+                CryptoResult::Ok(acc)
+            })?;
+
+        let kp_size = self.new_key_packages.len();
+        let new_key_packages =
+            self.new_key_packages
+                .into_iter()
+                .try_fold(Vec::with_capacity(kp_size), |mut acc, kp| {
+                    acc.push(kp.tls_serialize_detached().map_err(MlsError::from)?);
+                    CryptoResult::Ok(acc)
+                })?;
+        let key_package_refs_to_remove = self
+            .key_package_refs_to_remove
+            .into_iter()
+            // TODO: add a method for taking ownership in HashReference
+            .map(|r| r.as_slice().to_vec())
+            .collect::<Vec<_>>();
+        Ok((
+            commits,
+            new_key_packages,
+            key_package_refs_to_remove,
+            self.crl_new_distribution_points,
+        ))
+    }
+}
+
 #[cfg(test)]
 pub mod tests {
     use std::collections::HashSet;

crypto/src/lib.rs

@@ -83,10 +83,12 @@ pub mod prelude {
             client::*,
             config::MlsCentralConfiguration,
             conversation::{
+                commit::{MlsCommitBundle, MlsConversationCreationMessage},
                 config::{MlsConversationConfiguration, MlsCustomConfiguration, MlsWirePolicy},
                 decrypt::{MlsBufferedConversationDecryptMessage, MlsConversationDecryptMessage},
                 group_info::{GroupInfoPayload, MlsGroupInfoBundle, MlsGroupInfoEncryptionType, MlsRatchetTreeType},
-                handshake::{MlsCommitBundle, MlsConversationCreationMessage, MlsProposalBundle},
+                proposal::MlsProposalBundle,
+                welcome::WelcomeBundle,
                 *,
             },
             credential::{typ::MlsCredentialType, x509::CertificateBundle},