@wireapp/core-crypto 0.6.0-rc.7 → 0.6.0-rc.8

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wireapp/core-crypto",
-  "version": "0.6.0-rc.7",
+  "version": "0.6.0-rc.8",
   "description": "CoreCrypto bindings for the Web",
   "type": "module",
   "module": "platforms/web/corecrypto.js",

package/platforms/web/corecrypto.d.ts

@@ -408,7 +408,7 @@ export interface CoreCryptoCallbacks {
 	 * @param clientId - id of the client performing an operation requiring authorization
 	 * @returns whether the user is authorized by the logic layer to perform the operation
 	 */
-	authorize: (conversationId: Uint8Array, clientId: Uint8Array) => boolean;
+	authorize: (conversationId: Uint8Array, clientId: Uint8Array) => Promise<boolean>;
 	/**
 	 * A mix between {@link authorize} and {@link clientIsExistingGroupUser}. We currently use this callback to verify
 	 * external commits to join a group ; in such case, the client has to:
@@ -420,7 +420,7 @@ export interface CoreCryptoCallbacks {
 	 * @param existingClients - all the clients currently within the MLS group
 	 * @returns true if the external client is authorized to write to the conversation
 	 */
-	userAuthorize: (conversationId: Uint8Array, externalClientId: Uint8Array, existingClients: Uint8Array[]) => boolean;
+	userAuthorize: (conversationId: Uint8Array, externalClientId: Uint8Array, existingClients: Uint8Array[]) => Promise<boolean>;
 	/**
 	 * Callback to ensure that the given `clientId` belongs to one of the provided `existingClients`
 	 * This basically allows to defer the client ID parsing logic to the caller - because CoreCrypto is oblivious to such things
@@ -429,7 +429,7 @@ export interface CoreCryptoCallbacks {
 	 * @param clientId - id of a client
 	 * @param existingClients - all the clients currently within the MLS group
 	 */
-	clientIsExistingGroupUser: (conversationId: Uint8Array, clientId: Uint8Array, existingClients: Uint8Array[]) => boolean;
+	clientIsExistingGroupUser: (conversationId: Uint8Array, clientId: Uint8Array, existingClients: Uint8Array[]) => Promise<boolean>;
 }
 /**
  * Wrapper for the WASM-compiled version of CoreCrypto
@@ -484,6 +484,22 @@ export declare class CoreCrypto {
 	 * @param clientId - {@link CoreCryptoParams#clientId} but required
 	 */
 	mlsInit(clientId: ClientId): Promise<void>;
+	/**
+	 * Generates a MLS KeyPair/CredentialBundle with a temporary, random client ID.
+	 * This method is designed to be used in conjunction with {@link CoreCrypto.mlsInitWithClientID} and represents the first step in this process
+	 *
+	 * @returns This returns the TLS-serialized identity key (i.e. the signature keypair's public key)
+	 */
+	mlsGenerateKeypair(): Promise<Uint8Array>;
+	/**
+	 * Updates the current temporary Client ID with the newly provided one. This is the second step in the externally-generated clients process
+	 *
+	 * Important: This is designed to be called after {@link CoreCrypto.mlsGenerateKeyPair}
+	 *
+	 * @param clientId - The newly-allocated client ID by the MLS Authentication Service
+	 * @param signaturePublicKey - The public key you were given at the first step; This is for authentication purposes
+	 */
+	mlsInitWithClientId(clientId: ClientId, signaturePublicKey: Uint8Array): Promise<void>;
 	/** @hidden */
 	private constructor();
 	/**
@@ -503,7 +519,7 @@ export declare class CoreCrypto {
 	 *
 	 * @param callbacks - Any interface following the {@link CoreCryptoCallbacks} interface
 	 */
-	registerCallbacks(callbacks: CoreCryptoCallbacks): void;
+	registerCallbacks(callbacks: CoreCryptoCallbacks, ctx?: any): Promise<void>;
 	/**
 	 * Checks if the Client is member of a given conversation and if the MLS Group is loaded up
 	 *
@@ -831,9 +847,19 @@ export declare class CoreCrypto {
 	/**
 	 * Creates a new prekey with an automatically generated ID..
 	 *
-	 * @returns: A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey
+	 * @returns A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey
 	 */
 	proteusNewPrekeyAuto(): Promise<Uint8Array>;
+	/**
+	 * Proteus last resort prekey stuff
+	 *
+	 * @returns A CBOR-serialize version of the PreKeyBundle associated with the last resort PreKey (holding the last resort prekey id)
+	 */
+	proteusLastResortPrekey(): Promise<Uint8Array>;
+	/**
+	 * @returns The last resort PreKey id
+	 */
+	static proteusLastResortPrekeyId(): number;
 	/**
 	 * Proteus public key fingerprint
 	 * It's basically the public key encoded as an hex string
@@ -876,12 +902,12 @@ export declare class CoreCrypto {
 	/**
 	 * Creates an enrollment instance with private key material you can use in order to fetch
 	 * a new x509 certificate from the acme server.
-	 * Make sure to call [WireE2eIdentity::free] (not yet available) to dispose this instance and its associated
+	 * Make sure to call {@link WireE2eIdentity.free} to dispose this instance and its associated
 	 * keying material.
 	 *
 	 * @param ciphersuite - For generating signing key material. Only {@link Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519} is supported currently
 	 */
-	newAcmeEnrollment(): Promise<WireE2eIdentity>;
+	newAcmeEnrollment(ciphersuite?: Ciphersuite): Promise<WireE2eIdentity>;
 	/**
 	 * Returns the current version of {@link CoreCrypto}
 	 *
@@ -896,6 +922,7 @@ export declare class WireE2eIdentity {
 	#private;
 	/** @hidden */
 	constructor(e2ei: unknown);
+	free(): void;
 	/**
 	 * Parses the response from `GET /acme/{provisioner-name}/directory`.
 	 * Use this {@link AcmeDirectory} in the next step to fetch the first nonce from the acme server. Use

package/platforms/web/corecrypto.js

@@ -34,14 +34,6 @@ const heap = new Array(128).fill(undefined);
 heap.push(undefined, null, true, false);
 function getObject(idx) { return heap[idx]; }
 let heap_next = heap.length;
-function addHeapObject(obj) {
-    if (heap_next === heap.length)
-        heap.push(heap.length + 1);
-    const idx = heap_next;
-    heap_next = heap[idx];
-    heap[idx] = obj;
-    return idx;
-}
 function dropObject(idx) {
     if (idx < 132)
         return;
@@ -53,6 +45,14 @@ function takeObject(idx) {
     dropObject(idx);
     return ret;
 }
+function addHeapObject(obj) {
+    if (heap_next === heap.length)
+        heap.push(heap.length + 1);
+    const idx = heap_next;
+    heap_next = heap[idx];
+    heap[idx] = obj;
+    return idx;
+}
 const cachedTextDecoder = new TextDecoder('utf-8', { ignoreBOM: true, fatal: true });
 cachedTextDecoder.decode();
 let cachedUint8Memory0 = null;
@@ -279,23 +279,6 @@ function getArrayJsValueFromWasm0(ptr, len) {
     }
     return result;
 }
-/**
-* Returns the current version of CoreCrypto
-* @returns {string}
-*/
-function version() {
-    try {
-        const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
-        wasm$1.version(retptr);
-        var r0 = getInt32Memory0()[retptr / 4 + 0];
-        var r1 = getInt32Memory0()[retptr / 4 + 1];
-        return getStringFromWasm0(r0, r1);
-    }
-    finally {
-        wasm$1.__wbindgen_add_to_stack_pointer(16);
-        wasm$1.__wbindgen_free(r0, r1);
-    }
-}
 function handleError(f, args) {
     try {
         return f.apply(this, args);
@@ -307,7 +290,7 @@ function handleError(f, args) {
 function getArrayU8FromWasm0(ptr, len) {
     return getUint8Memory0().subarray(ptr / 1, ptr / 1 + len);
 }
-function __wbg_adapter_267(arg0, arg1, arg2, arg3) {
+function __wbg_adapter_271(arg0, arg1, arg2, arg3) {
     wasm$1.wasm_bindgen__convert__closures__invoke2_mut__h191981cd1d6b08cc(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
 }
 /**
@@ -659,6 +642,23 @@ let CoreCrypto$1 = class CoreCrypto {
         wasm$1.__wbg_corecrypto_free(ptr);
     }
     /**
+    * Returns the current version of CoreCrypto
+    * @returns {string}
+    */
+    static version() {
+        try {
+            const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
+            wasm$1.corecrypto_version(retptr);
+            var r0 = getInt32Memory0()[retptr / 4 + 0];
+            var r1 = getInt32Memory0()[retptr / 4 + 1];
+            return getStringFromWasm0(r0, r1);
+        }
+        finally {
+            wasm$1.__wbindgen_add_to_stack_pointer(16);
+            wasm$1.__wbindgen_free(r0, r1);
+        }
+    }
+    /**
     * see [core_crypto::MlsCentral::try_new]
     * @param {string} path
     * @param {string} key
@@ -707,6 +707,32 @@ let CoreCrypto$1 = class CoreCrypto {
         return takeObject(ret);
     }
     /**
+    * Returns [`WasmCryptoResult<Vec<u8>>`]
+    *
+    * See [core_crypto::MlsCentral::mls_generate_keypair]
+    * @returns {Promise<any>}
+    */
+    mls_generate_keypair() {
+        const ret = wasm$1.corecrypto_mls_generate_keypair(this.ptr);
+        return takeObject(ret);
+    }
+    /**
+    * Returns [`WasmCryptoResult<()>`]
+    *
+    * See [core_crypto::MlsCentral::mls_init_with_client_id]
+    * @param {Uint8Array} client_id
+    * @param {Uint8Array} signature_public_key
+    * @returns {Promise<any>}
+    */
+    mls_init_with_client_id(client_id, signature_public_key) {
+        const ptr0 = passArray8ToWasm0(client_id, wasm$1.__wbindgen_malloc);
+        const len0 = WASM_VECTOR_LEN;
+        const ptr1 = passArray8ToWasm0(signature_public_key, wasm$1.__wbindgen_malloc);
+        const len1 = WASM_VECTOR_LEN;
+        const ret = wasm$1.corecrypto_mls_init_with_client_id(this.ptr, ptr0, len0, ptr1, len1);
+        return takeObject(ret);
+    }
+    /**
     * Returns: [`WasmCryptoResult<()>`]
     *
     * see [core_crypto::MlsCentral::close]
@@ -1227,7 +1253,7 @@ let CoreCrypto$1 = class CoreCrypto {
     * see [core_crypto::proteus::ProteusCentral::encrypt]
     * @param {string} session_id
     * @param {Uint8Array} plaintext
-    * @returns {Promise<Uint8Array>}
+    * @returns {Promise<Promise<any>>}
     */
     proteus_encrypt(session_id, plaintext) {
         const ptr0 = passStringToWasm0(session_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
@@ -1243,7 +1269,7 @@ let CoreCrypto$1 = class CoreCrypto {
     * see [core_crypto::proteus::ProteusCentral::encrypt_batched]
     * @param {(string)[]} sessions
     * @param {Uint8Array} plaintext
-    * @returns {Promise<Map<any, any>>}
+    * @returns {Promise<any>}
     */
     proteus_encrypt_batched(sessions, plaintext) {
         const ptr0 = passArrayJsValueToWasm0(sessions, wasm$1.__wbindgen_malloc);
@@ -1258,7 +1284,7 @@ let CoreCrypto$1 = class CoreCrypto {
     *
     * see [core_crypto::proteus::ProteusCentral::new_prekey]
     * @param {number} prekey_id
-    * @returns {Promise<Uint8Array>}
+    * @returns {Promise<Promise<any>>}
     */
     proteus_new_prekey(prekey_id) {
         const ret = wasm$1.corecrypto_proteus_new_prekey(this.ptr, prekey_id);
@@ -1268,13 +1294,45 @@ let CoreCrypto$1 = class CoreCrypto {
     * Returns: [`WasmCryptoResult<Uint8Array>`]
     *
     * see [core_crypto::proteus::ProteusCentral::new_prekey]
-    * @returns {Promise<Uint8Array>}
+    * @returns {Promise<Promise<any>>}
     */
     proteus_new_prekey_auto() {
         const ret = wasm$1.corecrypto_proteus_new_prekey_auto(this.ptr);
         return takeObject(ret);
     }
     /**
+    * Returns [`WasmCryptoResult<Uint8Array>`]
+    *
+    * see [core_crypto::proteus::ProteusCentral::last_resort_prekey]
+    * @returns {Promise<any>}
+    */
+    proteus_last_resort_prekey() {
+        const ret = wasm$1.corecrypto_proteus_last_resort_prekey(this.ptr);
+        return takeObject(ret);
+    }
+    /**
+    * Returns: [`WasmCryptoResult<u16>`]
+    *
+    * see [core_crypto::proteus::ProteusCentral::last_resort_prekey_id]
+    * @returns {number}
+    */
+    static proteus_last_resort_prekey_id() {
+        try {
+            const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
+            wasm$1.corecrypto_proteus_last_resort_prekey_id(retptr);
+            var r0 = getInt32Memory0()[retptr / 4 + 0];
+            var r1 = getInt32Memory0()[retptr / 4 + 1];
+            var r2 = getInt32Memory0()[retptr / 4 + 2];
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return r0;
+        }
+        finally {
+            wasm$1.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
+    /**
     * Returns: [`WasmCryptoResult<String>`]
     *
     * see [core_crypto::proteus::ProteusCentral::fingerprint]
@@ -1421,9 +1479,10 @@ class CoreCryptoWasmCallbacks {
     * @param {Function} authorize
     * @param {Function} user_authorize
     * @param {Function} client_is_existing_group_user
+    * @param {any} ctx
     */
-    constructor(authorize, user_authorize, client_is_existing_group_user) {
-        const ret = wasm$1.corecryptowasmcallbacks_new(addHeapObject(authorize), addHeapObject(user_authorize), addHeapObject(client_is_existing_group_user));
+    constructor(authorize, user_authorize, client_is_existing_group_user, ctx) {
+        const ret = wasm$1.corecryptowasmcallbacks_new(addHeapObject(authorize), addHeapObject(user_authorize), addHeapObject(client_is_existing_group_user), addHeapObject(ctx));
         return CoreCryptoWasmCallbacks.__wrap(ret);
     }
 }
@@ -2244,6 +2303,27 @@ async function load(module, imports) {
 function getImports() {
     const imports = {};
     imports.wbg = {};
+    imports.wbg.__wbg_new_f9876326328f45ed = function () {
+        const ret = new Object();
+        return addHeapObject(ret);
+    };
+    imports.wbg.__wbg_new_b525de17f44a8943 = function () {
+        const ret = new Array();
+        return addHeapObject(ret);
+    };
+    imports.wbg.__wbg_set_17224bc548dd1d7b = function (arg0, arg1, arg2) {
+        getObject(arg0)[arg1 >>> 0] = takeObject(arg2);
+    };
+    imports.wbg.__wbg_set_20cbc34131e76824 = function (arg0, arg1, arg2) {
+        getObject(arg0)[takeObject(arg1)] = takeObject(arg2);
+    };
+    imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
+        takeObject(arg0);
+    };
+    imports.wbg.__wbindgen_number_new = function (arg0) {
+        const ret = arg0;
+        return addHeapObject(ret);
+    };
     imports.wbg.__wbindgen_object_clone_ref = function (arg0) {
         const ret = getObject(arg0);
         return addHeapObject(ret);
@@ -2253,9 +2333,6 @@ function getImports() {
         const ret = typeof (val) === 'object' && val !== null;
         return ret;
     };
-    imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
-        takeObject(arg0);
-    };
     imports.wbg.__wbg_getwithrefkey_15c62c2b8546208d = function (arg0, arg1) {
         const ret = getObject(arg0)[getObject(arg1)];
         return addHeapObject(ret);
@@ -2306,30 +2383,20 @@ function getImports() {
         const ret = new Uint8Array(getObject(arg0));
         return addHeapObject(ret);
     };
-    imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
-        const ret = BigInt.asUintN(64, arg0);
-        return addHeapObject(ret);
-    };
-    imports.wbg.__wbg_new_f9876326328f45ed = function () {
-        const ret = new Object();
-        return addHeapObject(ret);
+    imports.wbg.__wbg_push_49c286f04dd3bf59 = function (arg0, arg1) {
+        const ret = getObject(arg0).push(getObject(arg1));
+        return ret;
     };
-    imports.wbg.__wbg_new_b525de17f44a8943 = function () {
-        const ret = new Array();
+    imports.wbg.__wbg_new_f841cc6f2098f4b5 = function () {
+        const ret = new Map();
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_set_17224bc548dd1d7b = function (arg0, arg1, arg2) {
-        getObject(arg0)[arg1 >>> 0] = takeObject(arg2);
-    };
-    imports.wbg.__wbg_set_20cbc34131e76824 = function (arg0, arg1, arg2) {
-        getObject(arg0)[takeObject(arg1)] = takeObject(arg2);
-    };
-    imports.wbg.__wbindgen_number_new = function (arg0) {
-        const ret = arg0;
+    imports.wbg.__wbg_set_388c4c6422704173 = function (arg0, arg1, arg2) {
+        const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
-        const ret = FfiWireE2EIdentity.__wrap(arg0);
+    imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
+        const ret = BigInt.asUintN(64, arg0);
         return addHeapObject(ret);
     };
     imports.wbg.__wbg_new_9d3a9ce4282a18a8 = function (arg0, arg1) {
@@ -2339,7 +2406,7 @@ function getImports() {
                 const a = state0.a;
                 state0.a = 0;
                 try {
-                    return __wbg_adapter_267(a, state0.b, arg0, arg1);
+                    return __wbg_adapter_271(a, state0.b, arg0, arg1);
                 }
                 finally {
                     state0.a = a;
@@ -2352,16 +2419,8 @@ function getImports() {
             state0.a = state0.b = 0;
         }
     };
-    imports.wbg.__wbg_push_49c286f04dd3bf59 = function (arg0, arg1) {
-        const ret = getObject(arg0).push(getObject(arg1));
-        return ret;
-    };
-    imports.wbg.__wbg_new_f841cc6f2098f4b5 = function () {
-        const ret = new Map();
-        return addHeapObject(ret);
-    };
-    imports.wbg.__wbg_set_388c4c6422704173 = function (arg0, arg1, arg2) {
-        const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
+    imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
+        const ret = FfiWireE2EIdentity.__wrap(arg0);
         return addHeapObject(ret);
     };
     imports.wbg.__wbg_setonsuccess_925a7718d3f62bc1 = function (arg0, arg1) {
@@ -2888,6 +2947,10 @@ function getImports() {
         const ret = getObject(arg0).then(getObject(arg1));
         return addHeapObject(ret);
     };
+    imports.wbg.__wbg_then_f753623316e2873a = function (arg0, arg1, arg2) {
+        const ret = getObject(arg0).then(getObject(arg1), getObject(arg2));
+        return addHeapObject(ret);
+    };
     imports.wbg.__wbg_resolve_fd40f858d9db1a04 = function (arg0) {
         const ret = Promise.resolve(getObject(arg0));
         return addHeapObject(ret);
@@ -2952,11 +3015,11 @@ function getImports() {
             return addHeapObject(ret);
         }, arguments);
     };
-    imports.wbg.__wbindgen_closure_wrapper4324 = function (arg0, arg1, arg2) {
+    imports.wbg.__wbindgen_closure_wrapper4402 = function (arg0, arg1, arg2) {
         const ret = makeMutClosure(arg0, arg1, 145, __wbg_adapter_52);
         return addHeapObject(ret);
     };
-    imports.wbg.__wbindgen_closure_wrapper4778 = function (arg0, arg1, arg2) {
+    imports.wbg.__wbindgen_closure_wrapper4858 = function (arg0, arg1, arg2) {
         const ret = makeMutClosure(arg0, arg1, 145, __wbg_adapter_55);
         return addHeapObject(ret);
     };
@@ -3011,14 +3074,13 @@ var exports = /*#__PURE__*/Object.freeze({
     PublicGroupStateBundle: PublicGroupStateBundle,
     WirePolicy: WirePolicy$1,
     default: init,
-    initSync: initSync,
-    version: version
+    initSync: initSync
 });
 
 var wasm = async (opt = {}) => {
                 let {importHook, serverPath} = opt;
 
-                let path = "assets/core_crypto_ffi-734d7b2f.wasm";
+                let path = "assets/core_crypto_ffi-d7dac5b2.wasm";
 
                 if (serverPath != null) {
                     path = serverPath + /[^\/\\]*$/.exec(path)[0];
@@ -3034,7 +3096,7 @@ var wasm = async (opt = {}) => {
 
 // Wire
 // Copyright (C) 2022 Wire Swiss GmbH
-var _a, _CoreCrypto_module, _CoreCrypto_cc, _WireE2eIdentity_e2ei;
+var _a, _CoreCrypto_module, _CoreCrypto_cc, _CoreCrypto_assertModuleLoaded, _WireE2eIdentity_e2ei;
 /**
  * Error wrapper that takes care of extracting rich error details across the FFI (through JSON parsing)
  *
@@ -3054,7 +3116,7 @@ class CoreCryptoError extends Error {
         this.proteusErrorCode = richError.proteusErrorCode;
     }
     static fallback(msg, ...params) {
-        console.warn("Cannot build CoreCryptoError, falling back to standard Error");
+        console.warn(`Cannot build CoreCryptoError, falling back to standard Error! ctx: ${msg}`);
         // @ts-ignore
         return new Error(msg, ...params);
     }
@@ -3277,6 +3339,26 @@ class CoreCrypto {
     async mlsInit(clientId) {
         return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").mls_init(clientId));
     }
+    /**
+     * Generates a MLS KeyPair/CredentialBundle with a temporary, random client ID.
+     * This method is designed to be used in conjunction with {@link CoreCrypto.mlsInitWithClientID} and represents the first step in this process
+     *
+     * @returns This returns the TLS-serialized identity key (i.e. the signature keypair's public key)
+     */
+    async mlsGenerateKeypair() {
+        return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").mls_generate_keypair());
+    }
+    /**
+     * Updates the current temporary Client ID with the newly provided one. This is the second step in the externally-generated clients process
+     *
+     * Important: This is designed to be called after {@link CoreCrypto.mlsGenerateKeyPair}
+     *
+     * @param clientId - The newly-allocated client ID by the MLS Authentication Service
+     * @param signaturePublicKey - The public key you were given at the first step; This is for authentication purposes
+     */
+    async mlsInitWithClientId(clientId, signaturePublicKey) {
+        return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").mls_init_with_client_id(clientId, signaturePublicKey));
+    }
     /** @hidden */
     constructor(cc) {
         /** @hidden */
@@ -3304,10 +3386,10 @@ class CoreCrypto {
      *
      * @param callbacks - Any interface following the {@link CoreCryptoCallbacks} interface
      */
-    registerCallbacks(callbacks) {
+    async registerCallbacks(callbacks, ctx = null) {
         try {
-            const wasmCallbacks = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).CoreCryptoWasmCallbacks)(callbacks.authorize, callbacks.userAuthorize, callbacks.clientIsExistingGroupUser);
-            __classPrivateFieldGet(this, _CoreCrypto_cc, "f").set_callbacks(wasmCallbacks);
+            const wasmCallbacks = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).CoreCryptoWasmCallbacks)(callbacks.authorize, callbacks.userAuthorize, callbacks.clientIsExistingGroupUser, ctx);
+            await __classPrivateFieldGet(this, _CoreCrypto_cc, "f").set_callbacks(wasmCallbacks);
         }
         catch (e) {
             throw CoreCryptoError.fromStdError(e);
@@ -3385,6 +3467,9 @@ class CoreCrypto {
      * @returns a {@link DecryptedMessage}. Note that {@link DecryptedMessage#message} is `undefined` when the encrypted payload contains a system message such a proposal or commit
      */
     async decryptMessage(conversationId, payload) {
+        if (!payload?.length) {
+            throw new Error("decryptMessage payload is empty or null");
+        }
         try {
             const ffiDecryptedMessage = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").decrypt_message(conversationId, payload));
             const commitDelay = ffiDecryptedMessage.commit_delay ?
@@ -3865,11 +3950,26 @@ class CoreCrypto {
     /**
      * Creates a new prekey with an automatically generated ID..
      *
-     * @returns: A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey
+     * @returns A CBOR-serialized version of the PreKeyBundle corresponding to the newly generated and stored PreKey
      */
     async proteusNewPrekeyAuto() {
         return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").proteus_new_prekey_auto());
     }
+    /**
+     * Proteus last resort prekey stuff
+     *
+     * @returns A CBOR-serialize version of the PreKeyBundle associated with the last resort PreKey (holding the last resort prekey id)
+     */
+    async proteusLastResortPrekey() {
+        return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").proteus_last_resort_prekey());
+    }
+    /**
+     * @returns The last resort PreKey id
+     */
+    static proteusLastResortPrekeyId() {
+        __classPrivateFieldGet(this, _a, "m", _CoreCrypto_assertModuleLoaded).call(this);
+        return __classPrivateFieldGet(this, _a, "f", _CoreCrypto_module).CoreCrypto.proteus_last_resort_prekey_id();
+    }
     /**
      * Proteus public key fingerprint
      * It's basically the public key encoded as an hex string
@@ -3929,13 +4029,16 @@ class CoreCrypto {
     /**
      * Creates an enrollment instance with private key material you can use in order to fetch
      * a new x509 certificate from the acme server.
-     * Make sure to call [WireE2eIdentity::free] (not yet available) to dispose this instance and its associated
+     * Make sure to call {@link WireE2eIdentity.free} to dispose this instance and its associated
      * keying material.
      *
      * @param ciphersuite - For generating signing key material. Only {@link Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519} is supported currently
      */
-    async newAcmeEnrollment() {
-        const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").new_acme_enrollment(Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519));
+    async newAcmeEnrollment(ciphersuite = Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519) {
+        if (ciphersuite !== Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519) {
+            throw new Error("This ACME ciphersuite isn't supported. Only `Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519` is as of now");
+        }
+        const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").new_acme_enrollment(ciphersuite));
         return new WireE2eIdentity(e2ei);
     }
     /**
@@ -3944,13 +4047,15 @@ class CoreCrypto {
      * @returns The `core-crypto-ffi` version as defined in its `Cargo.toml` file
      */
     static version() {
-        if (!__classPrivateFieldGet(this, _a, "f", _CoreCrypto_module)) {
-            throw new Error("Internal module hasn't been initialized. Please use `await CoreCrypto.init(params)`!");
-        }
-        return __classPrivateFieldGet(this, _a, "f", _CoreCrypto_module).version();
+        __classPrivateFieldGet(this, _a, "m", _CoreCrypto_assertModuleLoaded).call(this);
+        return __classPrivateFieldGet(this, _a, "f", _CoreCrypto_module).CoreCrypto.version();
     }
 }
-_a = CoreCrypto, _CoreCrypto_cc = new WeakMap();
+_a = CoreCrypto, _CoreCrypto_cc = new WeakMap(), _CoreCrypto_assertModuleLoaded = function _CoreCrypto_assertModuleLoaded() {
+    if (!__classPrivateFieldGet(this, _a, "f", _CoreCrypto_module)) {
+        throw new Error("Internal module hasn't been initialized. Please use `await CoreCrypto.init(params)` or `await CoreCrypto.deferredInit(params)` !");
+    }
+};
 /** @hidden */
 _CoreCrypto_module = { value: void 0 };
 class WireE2eIdentity {
@@ -3960,6 +4065,9 @@ class WireE2eIdentity {
         _WireE2eIdentity_e2ei.set(this, void 0);
         __classPrivateFieldSet(this, _WireE2eIdentity_e2ei, e2ei, "f");
     }
+    free() {
+        __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").free();
+    }
     /**
      * Parses the response from `GET /acme/{provisioner-name}/directory`.
      * Use this {@link AcmeDirectory} in the next step to fetch the first nonce from the acme server. Use