@wireapp/core-crypto 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +674 -0
- package/README.md +118 -0
- package/package.json +63 -0
- package/platforms/web/.gitkeep +0 -0
- package/platforms/web/assets/core_crypto_ffi-0df6a73f.wasm +0 -0
- package/platforms/web/corecrypto.d.ts +644 -0
- package/platforms/web/corecrypto.js +2315 -0
- package/platforms/web/es2017/assets/core_crypto_ffi-e63ef1c1.wasm +0 -0
- package/platforms/web/es2017/corecrypto.d.ts +644 -0
- package/platforms/web/es2017/corecrypto.js +2284 -0
- package/platforms/web/es2019/assets/core_crypto_ffi-e63ef1c1.wasm +0 -0
- package/platforms/web/es2019/corecrypto.d.ts +644 -0
- package/platforms/web/es2019/corecrypto.js +2284 -0
Binary file
|
@@ -0,0 +1,644 @@
|
|
1
|
+
/**
|
2
|
+
* see [core_crypto::prelude::CiphersuiteName]
|
3
|
+
*/
|
4
|
+
export enum Ciphersuite {
|
5
|
+
/**
|
6
|
+
* DH KEM x25519 | AES-GCM 128 | SHA2-256 | Ed25519
|
7
|
+
*/
|
8
|
+
MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519,
|
9
|
+
/**
|
10
|
+
* DH KEM P256 | AES-GCM 128 | SHA2-256 | EcDSA P256
|
11
|
+
*/
|
12
|
+
MLS_128_DHKEMP256_AES128GCM_SHA256_P256,
|
13
|
+
/**
|
14
|
+
* DH KEM x25519 | Chacha20Poly1305 | SHA2-256 | Ed25519
|
15
|
+
*/
|
16
|
+
MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519,
|
17
|
+
/**
|
18
|
+
* DH KEM x448 | AES-GCM 256 | SHA2-512 | Ed448
|
19
|
+
*/
|
20
|
+
MLS_256_DHKEMX448_AES256GCM_SHA512_Ed448,
|
21
|
+
/**
|
22
|
+
* DH KEM P521 | AES-GCM 256 | SHA2-512 | EcDSA P521
|
23
|
+
*/
|
24
|
+
MLS_256_DHKEMP521_AES256GCM_SHA512_P521,
|
25
|
+
/**
|
26
|
+
* DH KEM x448 | Chacha20Poly1305 | SHA2-512 | Ed448
|
27
|
+
*/
|
28
|
+
MLS_256_DHKEMX448_CHACHA20POLY1305_SHA512_Ed448,
|
29
|
+
/**
|
30
|
+
* DH KEM P384 | AES-GCM 256 | SHA2-384 | EcDSA P384
|
31
|
+
*/
|
32
|
+
MLS_256_DHKEMP384_AES256GCM_SHA384_P384
|
33
|
+
}
|
34
|
+
/**
|
35
|
+
* Configuration object for new conversations
|
36
|
+
*/
|
37
|
+
export interface ConversationConfiguration {
|
38
|
+
/**
|
39
|
+
* List of client IDs with administrative permissions
|
40
|
+
* Note: This is currently unused
|
41
|
+
*/
|
42
|
+
admins?: Uint8Array[];
|
43
|
+
/**
|
44
|
+
* Conversation ciphersuite
|
45
|
+
*/
|
46
|
+
ciphersuite?: Ciphersuite;
|
47
|
+
/**
|
48
|
+
* Duration in seconds after which we will automatically force a self_update commit
|
49
|
+
* Note: This isn't currently implemented
|
50
|
+
*/
|
51
|
+
keyRotationSpan?: number;
|
52
|
+
/**
|
53
|
+
* List of client IDs that are allowed to be external senders of commits
|
54
|
+
*/
|
55
|
+
externalSenders?: Uint8Array[];
|
56
|
+
}
|
57
|
+
/**
|
58
|
+
* Alias for conversation IDs.
|
59
|
+
* This is a freeform, uninspected buffer.
|
60
|
+
*/
|
61
|
+
export declare type ConversationId = Uint8Array;
|
62
|
+
/**
|
63
|
+
* Alias for client identifier.
|
64
|
+
* This is a freeform, uninspected buffer.
|
65
|
+
*/
|
66
|
+
export declare type ClientId = Uint8Array;
|
67
|
+
/**
|
68
|
+
* Alias for proposal reference. It is a byte array of size 16.
|
69
|
+
*/
|
70
|
+
export declare type ProposalRef = Uint8Array;
|
71
|
+
/**
|
72
|
+
* Alias for an MLS generic commit.
|
73
|
+
* It contains:
|
74
|
+
* * MLS Commit that needs to be fanned out to other (existing) members of the conversation
|
75
|
+
* * (Optional) MLS Welcome message that needs to be fanned out to the clients newly added to the conversation (if any)
|
76
|
+
* * TLS-serialized MLS PublicGroupState (GroupInfo in draft-15) which is required for joining a group by external commit + some metadatas for optimizations
|
77
|
+
* (For final version. Requires to be implemented in the Delivery Service)
|
78
|
+
* This is a freeform, uninspected buffer.
|
79
|
+
*/
|
80
|
+
export declare type TlsCommitBundle = Uint8Array;
|
81
|
+
/**
|
82
|
+
* Data shape for the returned MLS commit & welcome message tuple upon adding clients to a conversation
|
83
|
+
*/
|
84
|
+
export interface MemberAddedMessages {
|
85
|
+
/**
|
86
|
+
* TLS-serialized MLS Commit that needs to be fanned out to other (existing) members of the conversation
|
87
|
+
*
|
88
|
+
* @readonly
|
89
|
+
*/
|
90
|
+
commit: Uint8Array;
|
91
|
+
/**
|
92
|
+
* TLS-serialized MLS Welcome message that needs to be fanned out to the clients newly added to the conversation
|
93
|
+
*
|
94
|
+
* @readonly
|
95
|
+
*/
|
96
|
+
welcome: Uint8Array;
|
97
|
+
/**
|
98
|
+
* TLS-serialized MLS PublicGroupState (GroupInfo in draft-15) which is required for joining a group by external commit
|
99
|
+
*
|
100
|
+
* @readonly
|
101
|
+
*/
|
102
|
+
publicGroupState: Uint8Array;
|
103
|
+
}
|
104
|
+
/**
|
105
|
+
* Data shape for a MLS generic commit + optional bundle (aka stapled commit & welcome)
|
106
|
+
*/
|
107
|
+
export interface CommitBundle {
|
108
|
+
/**
|
109
|
+
* TLS-serialized MLS Commit that needs to be fanned out to other (existing) members of the conversation
|
110
|
+
*
|
111
|
+
* @readonly
|
112
|
+
*/
|
113
|
+
commit: Uint8Array;
|
114
|
+
/**
|
115
|
+
* Optional TLS-serialized MLS Welcome message that needs to be fanned out to the clients newly added to the conversation
|
116
|
+
*
|
117
|
+
* @readonly
|
118
|
+
*/
|
119
|
+
welcome?: Uint8Array;
|
120
|
+
/**
|
121
|
+
* TLS-serialized MLS PublicGroupState (GroupInfo in draft-15) which is required for joining a group by external commit
|
122
|
+
*
|
123
|
+
* @readonly
|
124
|
+
*/
|
125
|
+
publicGroupState: Uint8Array;
|
126
|
+
}
|
127
|
+
/**
|
128
|
+
* Params for CoreCrypto initialization
|
129
|
+
* Please note that the `entropySeed` parameter MUST be exactly 32 bytes
|
130
|
+
*/
|
131
|
+
export interface CoreCryptoParams {
|
132
|
+
/**
|
133
|
+
* Name of the IndexedDB database
|
134
|
+
*/
|
135
|
+
databaseName: string;
|
136
|
+
/**
|
137
|
+
* Encryption master key
|
138
|
+
* This should be appropriately stored in a secure location (i.e. WebCrypto private key storage)
|
139
|
+
*/
|
140
|
+
key: string;
|
141
|
+
/**
|
142
|
+
* MLS Client ID.
|
143
|
+
* This should stay consistent as it will be verified against the stored signature & identity to validate the persisted credential
|
144
|
+
*/
|
145
|
+
clientId: string;
|
146
|
+
/**
|
147
|
+
* External PRNG entropy pool seed.
|
148
|
+
* This **must** be exactly 32 bytes
|
149
|
+
*/
|
150
|
+
entropySeed?: Uint8Array;
|
151
|
+
/**
|
152
|
+
* .wasm file path, this will be useful in case your bundling system likes to relocate files (i.e. what webpack does)
|
153
|
+
*/
|
154
|
+
wasmFilePath?: string;
|
155
|
+
}
|
156
|
+
/**
|
157
|
+
* Data shape for adding clients to a conversation
|
158
|
+
*/
|
159
|
+
export interface Invitee {
|
160
|
+
/**
|
161
|
+
* Client ID as a byte array
|
162
|
+
*/
|
163
|
+
id: ClientId;
|
164
|
+
/**
|
165
|
+
* MLS KeyPackage belonging to the aforementioned client
|
166
|
+
*/
|
167
|
+
kp: Uint8Array;
|
168
|
+
}
|
169
|
+
export interface MlsConversationInitMessage {
|
170
|
+
/**
|
171
|
+
* Group ID
|
172
|
+
*
|
173
|
+
* @readonly
|
174
|
+
*/
|
175
|
+
group: Uint8Array;
|
176
|
+
/**
|
177
|
+
* TLS-serialized MLS Commit that needs to be fanned out
|
178
|
+
*
|
179
|
+
* @readonly
|
180
|
+
*/
|
181
|
+
commit: Uint8Array;
|
182
|
+
}
|
183
|
+
/**
|
184
|
+
* This is a wrapper for all the possible outcomes you can get after decrypting a message
|
185
|
+
*/
|
186
|
+
export interface DecryptedMessage {
|
187
|
+
/**
|
188
|
+
* Raw decrypted application message, if the decrypted MLS message is an application message
|
189
|
+
*/
|
190
|
+
message?: Uint8Array;
|
191
|
+
/**
|
192
|
+
* List of proposals that were retrieved from the decrypted message, in addition to the pending local proposals
|
193
|
+
*/
|
194
|
+
proposals: ProposalBundle[];
|
195
|
+
/**
|
196
|
+
* It is set to false if ingesting this MLS message has resulted in the client being removed from the group (i.e. a Remove commit)
|
197
|
+
*/
|
198
|
+
isActive: boolean;
|
199
|
+
/**
|
200
|
+
* Commit delay hint (in milliseconds) to prevent clients from hammering the server with epoch changes
|
201
|
+
*/
|
202
|
+
commitDelay?: number;
|
203
|
+
/**
|
204
|
+
* Client identifier of the sender of the message being decrypted. Only present for application messages.
|
205
|
+
*/
|
206
|
+
senderClientId?: ClientId;
|
207
|
+
}
|
208
|
+
/**
|
209
|
+
* Returned by all methods creating proposals. Contains a proposal message and an identifier to roll back the proposal
|
210
|
+
*/
|
211
|
+
export interface ProposalBundle {
|
212
|
+
/**
|
213
|
+
* TLS-serialized MLS proposal that needs to be fanned out to other (existing) members of the conversation
|
214
|
+
*
|
215
|
+
* @readonly
|
216
|
+
*/
|
217
|
+
proposal: Uint8Array;
|
218
|
+
/**
|
219
|
+
* Unique identifier of a proposal. Use this in {@link CoreCrypto.clear_pending_proposal} to roll back (delete) the proposal
|
220
|
+
*
|
221
|
+
* @readonly
|
222
|
+
*/
|
223
|
+
proposalRef: ProposalRef;
|
224
|
+
}
|
225
|
+
/**
|
226
|
+
* MLS Proposal type
|
227
|
+
*/
|
228
|
+
export declare const enum ProposalType {
|
229
|
+
/**
|
230
|
+
* This allows to propose the addition of other clients to the MLS group/conversation
|
231
|
+
*/
|
232
|
+
Add = 0,
|
233
|
+
/**
|
234
|
+
* This allows to propose the removal of clients from the MLS group/conversation
|
235
|
+
*/
|
236
|
+
Remove = 1,
|
237
|
+
/**
|
238
|
+
* This allows to propose to update the client keying material (i.e. keypackage rotation) and the group root key
|
239
|
+
*/
|
240
|
+
Update = 2
|
241
|
+
}
|
242
|
+
/**
|
243
|
+
* Common arguments for proposals
|
244
|
+
*/
|
245
|
+
export interface ProposalArgs {
|
246
|
+
/**
|
247
|
+
* Conversation ID that is targeted by the proposal
|
248
|
+
*/
|
249
|
+
conversationId: ConversationId;
|
250
|
+
}
|
251
|
+
/**
|
252
|
+
* Arguments for a proposal of type `Add`
|
253
|
+
*/
|
254
|
+
export interface AddProposalArgs extends ProposalArgs {
|
255
|
+
/**
|
256
|
+
* TLS-serialized MLS KeyPackage to be added
|
257
|
+
*/
|
258
|
+
kp: Uint8Array;
|
259
|
+
}
|
260
|
+
/**
|
261
|
+
* Arguments for a proposal of type `Remove`
|
262
|
+
*/
|
263
|
+
export interface RemoveProposalArgs extends ProposalArgs {
|
264
|
+
/**
|
265
|
+
* Client ID to be removed from the conversation
|
266
|
+
*/
|
267
|
+
clientId: ClientId;
|
268
|
+
}
|
269
|
+
/**
|
270
|
+
* MLS External Proposal type
|
271
|
+
*/
|
272
|
+
export declare const enum ExternalProposalType {
|
273
|
+
/**
|
274
|
+
* This allows to propose the addition of other clients to the MLS group/conversation
|
275
|
+
*/
|
276
|
+
Add = 0,
|
277
|
+
/**
|
278
|
+
* This allows to propose the removal of clients from the MLS group/conversation
|
279
|
+
*/
|
280
|
+
Remove = 1
|
281
|
+
}
|
282
|
+
export interface ExternalProposalArgs {
|
283
|
+
/**
|
284
|
+
* Conversation ID that is targeted by the external proposal
|
285
|
+
*/
|
286
|
+
conversationId: ConversationId;
|
287
|
+
/**
|
288
|
+
* MLS Group epoch for the external proposal.
|
289
|
+
* This needs to be the current epoch of the group or this proposal **will** be rejected
|
290
|
+
*/
|
291
|
+
epoch: number;
|
292
|
+
}
|
293
|
+
export interface ExternalRemoveProposalArgs extends ExternalProposalArgs {
|
294
|
+
/**
|
295
|
+
* KeyPackageRef of the client that needs to be removed in the proposal
|
296
|
+
*/
|
297
|
+
keyPackageRef: Uint8Array;
|
298
|
+
}
|
299
|
+
/**
|
300
|
+
* Wrapper for the WASM-compiled version of CoreCrypto
|
301
|
+
*/
|
302
|
+
export declare class CoreCrypto {
|
303
|
+
#private;
|
304
|
+
/**
|
305
|
+
* This is your entrypoint to initialize {@link CoreCrypto}!
|
306
|
+
*
|
307
|
+
* @param params - {@link CoreCryptoParams}
|
308
|
+
*
|
309
|
+
* @example
|
310
|
+
* ## Simple init
|
311
|
+
* ```ts
|
312
|
+
* const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
|
313
|
+
* // Do the rest with `cc`
|
314
|
+
* ```
|
315
|
+
*
|
316
|
+
* ## Custom Entropy seed init & wasm file location
|
317
|
+
* ```ts
|
318
|
+
* // FYI, this is the IETF test vector #1
|
319
|
+
* const entropySeed = Uint32Array.from([
|
320
|
+
* 0xade0b876, 0x903df1a0, 0xe56a5d40, 0x28bd8653,
|
321
|
+
* 0xb819d2bd, 0x1aed8da0, 0xccef36a8, 0xc70d778b,
|
322
|
+
* 0x7c5941da, 0x8d485751, 0x3fe02477, 0x374ad8b8,
|
323
|
+
* 0xf4b8436a, 0x1ca11815, 0x69b687c3, 0x8665eeb2,
|
324
|
+
* ]);
|
325
|
+
*
|
326
|
+
* const wasmFilePath = "/long/complicated/path/on/webserver/whatever.wasm";
|
327
|
+
*
|
328
|
+
* const cc = await CoreCrypto.init({
|
329
|
+
* databaseName: "test",
|
330
|
+
* key: "test",
|
331
|
+
* clientId: "test",
|
332
|
+
* entropySeed,
|
333
|
+
* wasmFilePath,
|
334
|
+
* });
|
335
|
+
* ````
|
336
|
+
*/
|
337
|
+
static init({ databaseName, key, clientId, wasmFilePath, entropySeed }: CoreCryptoParams): Promise<CoreCrypto>;
|
338
|
+
/** @hidden */
|
339
|
+
private constructor();
|
340
|
+
/**
|
341
|
+
* Wipes the {@link CoreCrypto} backing storage (i.e. {@link https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API | IndexedDB} database)
|
342
|
+
*
|
343
|
+
* **CAUTION**: This {@link CoreCrypto} instance won't be useable after a call to this method, but there's no way to express this requirement in TypeScript so you'll get errors instead!
|
344
|
+
*/
|
345
|
+
wipe(): Promise<void>;
|
346
|
+
/**
|
347
|
+
* Closes this {@link CoreCrypto} instance and deallocates all loaded resources
|
348
|
+
*
|
349
|
+
* **CAUTION**: This {@link CoreCrypto} instance won't be useable after a call to this method, but there's no way to express this requirement in TypeScript so you'll get errors instead!
|
350
|
+
*/
|
351
|
+
close(): Promise<void>;
|
352
|
+
/**
|
353
|
+
* Checks if the Client is member of a given conversation and if the MLS Group is loaded up
|
354
|
+
*
|
355
|
+
* @returns Whether the given conversation ID exists
|
356
|
+
*
|
357
|
+
* @example
|
358
|
+
* ```ts
|
359
|
+
* const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
|
360
|
+
* const encoder = new TextEncoder();
|
361
|
+
* if (await cc.conversationExists(encoder.encode("my super chat"))) {
|
362
|
+
* // Do something
|
363
|
+
* } else {
|
364
|
+
* // Do something else
|
365
|
+
* }
|
366
|
+
* ```
|
367
|
+
*/
|
368
|
+
conversationExists(conversationId: ConversationId): Promise<boolean>;
|
369
|
+
/**
|
370
|
+
* Returns the current epoch of a conversation
|
371
|
+
*
|
372
|
+
* @returns the epoch of the conversation
|
373
|
+
*
|
374
|
+
* @example
|
375
|
+
* ```ts
|
376
|
+
* const cc = await CoreCrypto.init({ databaseName: "test", key: "test", clientId: "test" });
|
377
|
+
* const encoder = new TextEncoder();
|
378
|
+
* console.log(await cc.conversationEpoch(encoder.encode("my super chat")))
|
379
|
+
* ```
|
380
|
+
*/
|
381
|
+
conversationEpoch(conversationId: ConversationId): Promise<number>;
|
382
|
+
/**
|
383
|
+
* Wipes and destroys the local storage of a given conversation / MLS group
|
384
|
+
*
|
385
|
+
* @param conversationId - The ID of the conversation to remove
|
386
|
+
*/
|
387
|
+
wipeConversation(conversationId: ConversationId): Promise<void>;
|
388
|
+
/**
|
389
|
+
* Creates a new conversation with the current client being the sole member
|
390
|
+
* You will want to use {@link CoreCrypto.addClientsToConversation} afterwards to add clients to this conversation
|
391
|
+
*
|
392
|
+
* @param conversationId - The conversation ID; You can either make them random or let the backend attribute MLS group IDs
|
393
|
+
* @param configuration.admins - An array of client IDs that will have administrative permissions over the group
|
394
|
+
* @param configuration.ciphersuite - The {@link Ciphersuite} that is chosen to be the group's
|
395
|
+
* @param configuration.keyRotationSpan - The amount of time in milliseconds after which the MLS Keypackages will be rotated
|
396
|
+
* @param configuration.externalSenders - Array of Client IDs that are qualified as external senders within the group
|
397
|
+
*/
|
398
|
+
createConversation(conversationId: ConversationId, configuration?: ConversationConfiguration): Promise<any>;
|
399
|
+
/**
|
400
|
+
* Decrypts a message for a given conversation
|
401
|
+
*
|
402
|
+
* @param conversationId - The ID of the conversation
|
403
|
+
* @param payload - The encrypted message buffer
|
404
|
+
*
|
405
|
+
* @returns Either a {@link DecryptedMessage} payload or `undefined` - This happens when the encrypted payload contains a system message such a proposal or commit
|
406
|
+
*/
|
407
|
+
decryptMessage(conversationId: ConversationId, payload: Uint8Array): Promise<DecryptedMessage>;
|
408
|
+
/**
|
409
|
+
* Encrypts a message for a given conversation
|
410
|
+
*
|
411
|
+
* @param conversationId - The ID of the conversation
|
412
|
+
* @param message - The plaintext message to encrypt
|
413
|
+
*
|
414
|
+
* @returns The encrypted payload for the given group. This needs to be fanned out to the other members of the group.
|
415
|
+
*/
|
416
|
+
encryptMessage(conversationId: ConversationId, message: Uint8Array): Promise<Uint8Array>;
|
417
|
+
/**
|
418
|
+
* Ingest a TLS-serialized MLS welcome message to join a an existing MLS group
|
419
|
+
*
|
420
|
+
* @param welcomeMessage - TLS-serialized MLS Welcome message
|
421
|
+
* @returns The conversation ID of the newly joined group. You can use the same ID to decrypt/encrypt messages
|
422
|
+
*/
|
423
|
+
processWelcomeMessage(welcomeMessage: Uint8Array): Promise<ConversationId>;
|
424
|
+
/**
|
425
|
+
* @returns The client's public key
|
426
|
+
*/
|
427
|
+
clientPublicKey(): Promise<Uint8Array>;
|
428
|
+
/**
|
429
|
+
* @returns The amount of valid, non-expired KeyPackages that are persisted in the backing storage
|
430
|
+
*/
|
431
|
+
clientValidKeypackagesCount(): Promise<number>;
|
432
|
+
/**
|
433
|
+
* Fetches a requested amount of keypackages
|
434
|
+
*
|
435
|
+
* @param amountRequested - The amount of keypackages requested
|
436
|
+
* @returns An array of length `amountRequested` containing TLS-serialized KeyPackages
|
437
|
+
*/
|
438
|
+
clientKeypackages(amountRequested: number): Promise<Array<Uint8Array>>;
|
439
|
+
/**
|
440
|
+
* Adds new clients to a conversation, assuming the current client has the right to add new clients to the conversation.
|
441
|
+
*
|
442
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
443
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
444
|
+
* epoch, use new encryption secrets etc...
|
445
|
+
*
|
446
|
+
* @param conversationId - The ID of the conversation
|
447
|
+
* @param clients - Array of {@link Invitee} (which are Client ID / KeyPackage pairs)
|
448
|
+
*
|
449
|
+
* @returns A {@link CommitBundle}
|
450
|
+
*/
|
451
|
+
addClientsToConversation(conversationId: ConversationId, clients: Invitee[]): Promise<MemberAddedMessages>;
|
452
|
+
/**
|
453
|
+
* Removes the provided clients from a conversation; Assuming those clients exist and the current client is allowed
|
454
|
+
* to do so, otherwise this operation does nothing.
|
455
|
+
*
|
456
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
457
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
458
|
+
* epoch, use new encryption secrets etc...
|
459
|
+
*
|
460
|
+
* @param conversationId - The ID of the conversation
|
461
|
+
* @param clientIds - Array of Client IDs to remove.
|
462
|
+
*
|
463
|
+
* @returns A {@link CommitBundle}, or `undefined` if for any reason, the operation would result in an empty commit
|
464
|
+
*/
|
465
|
+
removeClientsFromConversation(conversationId: ConversationId, clientIds: ClientId[]): Promise<CommitBundle>;
|
466
|
+
/**
|
467
|
+
* Creates an update commit which forces every client to update their keypackages in the conversation
|
468
|
+
*
|
469
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
470
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
471
|
+
* epoch, use new encryption secrets etc...
|
472
|
+
*
|
473
|
+
* @param conversationId - The ID of the conversation
|
474
|
+
*
|
475
|
+
* @returns A {@link CommitBundle}
|
476
|
+
*/
|
477
|
+
updateKeyingMaterial(conversationId: ConversationId): Promise<CommitBundle>;
|
478
|
+
/**
|
479
|
+
* Commits the local pending proposals and returns the {@link CommitBundle} object containing what can result from this operation.
|
480
|
+
*
|
481
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
482
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
483
|
+
* epoch, use new encryption secrets etc...
|
484
|
+
*
|
485
|
+
* @param conversationId - The ID of the conversation
|
486
|
+
*
|
487
|
+
* @returns A {@link CommitBundle}
|
488
|
+
*/
|
489
|
+
commitPendingProposals(conversationId: ConversationId): Promise<CommitBundle>;
|
490
|
+
/**
|
491
|
+
* Adds new clients to a conversation, assuming the current client has the right to add new clients to the conversation.
|
492
|
+
* The returned {@link CommitBundle} is a TLS struct that needs to be fanned out to Delivery Service in order to validate the commit.
|
493
|
+
* It also contains a Welcome message the Delivery Service will forward to invited clients and
|
494
|
+
* an updated PublicGroupState required by clients willing to join the group by an external commit.
|
495
|
+
*
|
496
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
497
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
498
|
+
* epoch, use new encryption secrets etc...
|
499
|
+
*
|
500
|
+
* @param conversationId - The ID of the conversation
|
501
|
+
* @param clients - Array of {@link Invitee} (which are Client ID / KeyPackage pairs)
|
502
|
+
*
|
503
|
+
* @returns A {@link CommitBundle} byte array to fan out to the Delivery Service
|
504
|
+
*/
|
505
|
+
finalAddClientsToConversation(conversationId: ConversationId, clients: Invitee[]): Promise<TlsCommitBundle>;
|
506
|
+
/**
|
507
|
+
* Removes the provided clients from a conversation; Assuming those clients exist and the current client is allowed
|
508
|
+
* to do so, otherwise this operation does nothing.
|
509
|
+
*
|
510
|
+
* The returned {@link CommitBundle} is a TLS struct that needs to be fanned out to Delivery Service in order to validate the commit.
|
511
|
+
* It also contains a Welcome message the Delivery Service will forward to invited clients and
|
512
|
+
* an updated PublicGroupState required by clients willing to join the group by an external commit.
|
513
|
+
*
|
514
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
515
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
516
|
+
* epoch, use new encryption secrets etc...
|
517
|
+
*
|
518
|
+
* @param conversationId - The ID of the conversation
|
519
|
+
* @param clientIds - Array of Client IDs to remove.
|
520
|
+
*
|
521
|
+
* @returns A {@link CommitBundle} byte array to fan out to the Delivery Service, or `undefined` if for any reason, the operation would result in an empty commit
|
522
|
+
*/
|
523
|
+
finalRemoveClientsFromConversation(conversationId: ConversationId, clientIds: ClientId[]): Promise<TlsCommitBundle>;
|
524
|
+
/**
|
525
|
+
* Creates an update commit which forces every client to update their keypackages in the conversation
|
526
|
+
*
|
527
|
+
* The returned {@link CommitBundle} is a TLS struct that needs to be fanned out to Delivery Service in order to validate the commit.
|
528
|
+
* It also contains a Welcome message the Delivery Service will forward to invited clients and
|
529
|
+
* an updated PublicGroupState required by clients willing to join the group by an external commit.
|
530
|
+
*
|
531
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
532
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
533
|
+
* epoch, use new encryption secrets etc...
|
534
|
+
*
|
535
|
+
* @param conversationId - The ID of the conversation
|
536
|
+
*
|
537
|
+
* @returns A {@link CommitBundle} byte array to fan out to the Delivery Service
|
538
|
+
*/
|
539
|
+
finalUpdateKeyingMaterial(conversationId: ConversationId): Promise<TlsCommitBundle>;
|
540
|
+
/**
|
541
|
+
* Commits the local pending proposals and returns the {@link CommitBundle} object containing what can result from this operation.
|
542
|
+
*
|
543
|
+
* The returned {@link CommitBundle} is a TLS struct that needs to be fanned out to Delivery Service in order to validate the commit.
|
544
|
+
* It also contains a Welcome message the Delivery Service will forward to invited clients and
|
545
|
+
* an updated PublicGroupState required by clients willing to join the group by an external commit.
|
546
|
+
*
|
547
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
548
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
549
|
+
* epoch, use new encryption secrets etc...
|
550
|
+
*
|
551
|
+
* @param conversationId - The ID of the conversation
|
552
|
+
*
|
553
|
+
* @returns A {@link CommitBundle} byte array to fan out to the Delivery Service
|
554
|
+
*/
|
555
|
+
finalCommitPendingProposals(conversationId: ConversationId): Promise<TlsCommitBundle>;
|
556
|
+
/**
|
557
|
+
* Creates a new proposal for the provided Conversation ID
|
558
|
+
*
|
559
|
+
* @param proposalType - The type of proposal, see {@link ProposalType}
|
560
|
+
* @param args - The arguments of the proposal, see {@link ProposalArgs}, {@link AddProposalArgs} or {@link RemoveProposalArgs}
|
561
|
+
*
|
562
|
+
* @returns A {@link ProposalBundle} containing the Proposal and its reference in order to roll it back if necessary
|
563
|
+
*/
|
564
|
+
newProposal(proposalType: ProposalType, args: ProposalArgs | AddProposalArgs | RemoveProposalArgs): Promise<ProposalBundle>;
|
565
|
+
newExternalProposal(externalProposalType: ExternalProposalType, args: ExternalProposalArgs | ExternalRemoveProposalArgs): Promise<Uint8Array>;
|
566
|
+
/**
|
567
|
+
* Exports public group state for use in external commits
|
568
|
+
*
|
569
|
+
* @param conversationId - MLS Conversation ID
|
570
|
+
* @returns TLS-serialized MLS public group state
|
571
|
+
*/
|
572
|
+
exportGroupState(conversationId: ConversationId): Promise<Uint8Array>;
|
573
|
+
/**
|
574
|
+
* Allows to create an external commit to "apply" to join a group through its public group state
|
575
|
+
*
|
576
|
+
* Also see the second step of this process: {@link CoreCrypto.mergePendingGroupFromExternalCommit}
|
577
|
+
*
|
578
|
+
* @param publicGroupState - The public group state that can be fetched from the backend for a given conversation
|
579
|
+
* @returns see {@link MlsConversationInitMessage}
|
580
|
+
*/
|
581
|
+
joinByExternalCommit(publicGroupState: Uint8Array): Promise<MlsConversationInitMessage>;
|
582
|
+
/**
|
583
|
+
* This is the second step of the process of joining a group through an external commit
|
584
|
+
*
|
585
|
+
* This step makes the group operational and ready to encrypt/decrypt message
|
586
|
+
*
|
587
|
+
* @param conversationId - The ID of the conversation
|
588
|
+
* @param configuration - Configuration of the group, see {@link ConversationConfiguration}
|
589
|
+
*/
|
590
|
+
mergePendingGroupFromExternalCommit(conversationId: ConversationId, configuration: ConversationConfiguration): Promise<void>;
|
591
|
+
/**
|
592
|
+
* Allows to mark the latest commit produced as "accepted" and be able to safely merge it
|
593
|
+
* into the local group state
|
594
|
+
*
|
595
|
+
* @param conversationId - The group's ID
|
596
|
+
*/
|
597
|
+
commitAccepted(conversationId: ConversationId): Promise<void>;
|
598
|
+
/**
|
599
|
+
* Allows {@link CoreCrypto} to act as a CSPRNG provider
|
600
|
+
* @note The underlying CSPRNG algorithm is ChaCha20 and takes in account the external seed provider either at init time or provided with {@link CoreCrypto.reseedRng}
|
601
|
+
*
|
602
|
+
* @param length - The number of bytes to be returned in the `Uint8Array`
|
603
|
+
*
|
604
|
+
* @returns A `Uint8Array` buffer that contains `length` cryptographically-secure random bytes
|
605
|
+
*/
|
606
|
+
randomBytes(length: number): Promise<Uint8Array>;
|
607
|
+
/**
|
608
|
+
* Allows to reseed {@link CoreCrypto}'s internal CSPRNG with a new seed.
|
609
|
+
*
|
610
|
+
* @param seed - **exactly 32** bytes buffer seed
|
611
|
+
*/
|
612
|
+
reseedRng(seed: Uint8Array): Promise<void>;
|
613
|
+
/**
|
614
|
+
* Allows to remove a pending proposal (rollback). Use this when backend rejects the proposal you just sent e.g. if permissions
|
615
|
+
* have changed meanwhile.
|
616
|
+
*
|
617
|
+
* **CAUTION**: only use this when you had an explicit response from the Delivery Service
|
618
|
+
* e.g. 403 or 409. Do not use otherwise e.g. 5xx responses, timeout etc..
|
619
|
+
*
|
620
|
+
* @param conversationId - The group's ID
|
621
|
+
* @param proposalRef - A reference to the proposal to delete. You get one when using {@link CoreCrypto.newProposal}
|
622
|
+
*/
|
623
|
+
clear_pending_proposal(conversationId: ConversationId, proposalRef: ProposalRef): Promise<void>;
|
624
|
+
/**
|
625
|
+
* Allows to remove a pending commit (rollback). Use this when backend rejects the commit you just sent e.g. if permissions
|
626
|
+
* have changed meanwhile.
|
627
|
+
*
|
628
|
+
* **CAUTION**: only use this when you had an explicit response from the Delivery Service
|
629
|
+
* e.g. 403. Do not use otherwise e.g. 5xx responses, timeout etc..
|
630
|
+
* **DO NOT** use when Delivery Service responds 409, pending state will be renewed
|
631
|
+
* in {@link CoreCrypto.decrypt_message}
|
632
|
+
*
|
633
|
+
* @param conversationId - The group's ID
|
634
|
+
*/
|
635
|
+
clear_pending_commit(conversationId: ConversationId): Promise<void>;
|
636
|
+
/**
|
637
|
+
* Returns the current version of {@link CoreCrypto}
|
638
|
+
*
|
639
|
+
* @returns The `core-crypto-ffi` version as defined in its `Cargo.toml` file
|
640
|
+
*/
|
641
|
+
static version(): string;
|
642
|
+
}
|
643
|
+
|
644
|
+
export {};
|