@wireapp/core-crypto 0.6.0-rc.8 → 0.6.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wireapp/core-crypto",
-  "version": "0.6.0-rc.8",
+  "version": "0.6.1",
   "description": "CoreCrypto bindings for the Web",
   "type": "module",
   "module": "platforms/web/corecrypto.js",

package/platforms/web/corecrypto.d.ts

@@ -950,15 +950,17 @@ export declare class WireE2eIdentity {
 	/**
 	 * Creates a new acme order for the handle (userId + display name) and the clientId.
 	 *
-	 * @param handle domain of the authorization server e.g. `idp.example.org`
-	 * @param clientId domain of the wire-server e.g. `wire.example.org`
+	 * @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
+	 * @param domain DNS name of owning backend e.g. `example.com`
+	 * @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `impp:wireapp=NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ/6add501bacd1d90e@example.com`
+	 * @param handle user handle e.g. `impp:wireapp=alice.smith.qa@example.com`
 	 * @param expiryDays generated x509 certificate expiry
 	 * @param directory you got from {@link directoryResponse}
 	 * @param account you got from {@link newAccountResponse}
 	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/new-account`
 	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
 	 */
-	newOrderRequest(handle: string, clientId: string, expiryDays: number, directory: AcmeDirectory, account: AcmeAccount, previousNonce: string): JsonRawData;
+	newOrderRequest(displayName: string, domain: string, clientId: string, handle: string, expiryDays: number, directory: AcmeDirectory, account: AcmeAccount, previousNonce: string): JsonRawData;
 	/**
 	 * Parses the response from `POST /acme/{provisioner-name}/new-order`.
 	 *
@@ -1005,14 +1007,25 @@ export declare class WireE2eIdentity {
 	 */
 	createDpopToken(accessTokenUrl: string, userId: string, clientId: bigint, domain: string, clientIdChallenge: AcmeChallenge, backendNonce: string, expiryDays: number): string;
 	/**
-	 * Creates a new challenge request.
+	 * Creates a new challenge request for Wire Dpop challenge.
 	 *
-	 * @param handleChallenge you found after {@link newAuthzResponse}
+	 * @param accessToken returned by wire-server from https://staging-nginz-https.zinfra.io/api/swagger-ui/#/default/post_clients__cid__access_token
+	 * @param dpopChallenge you found after {@link newAuthzResponse}
 	 * @param account you found after {@link newAccountResponse}
 	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
 	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
 	 */
-	newChallengeRequest(handleChallenge: AcmeChallenge, account: AcmeAccount, previousNonce: string): JsonRawData;
+	newDpopChallengeRequest(accessToken: string, dpopChallenge: AcmeChallenge, account: AcmeAccount, previousNonce: string): JsonRawData;
+	/**
+	 * Creates a new challenge request for Wire Oidc challenge.
+	 *
+	 * @param idToken you get back from Identity Provider
+	 * @param oidcChallenge you found after {@link newAuthzResponse}
+	 * @param account you found after {@link newAccountResponse}
+	 * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
+	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
+	 */
+	newOidcChallengeRequest(idToken: string, oidcChallenge: AcmeChallenge, account: AcmeAccount, previousNonce: string): JsonRawData;
 	/**
 	 * Parses the response from `POST /acme/{provisioner-name}/challenge/{challenge-id}`.
 	 *
@@ -1039,13 +1052,12 @@ export declare class WireE2eIdentity {
 	/**
 	 * Final step before fetching the certificate.
 	 *
-	 * @param domains - domains you want to generate a certificate for e.g. `["wire.com"]`
 	 * @param order - order you got from {@link checkOrderResponse}
 	 * @param account - account you found after {@link newAccountResponse}
 	 * @param previousNonce - `replay-nonce` response header from `POST /acme/{provisioner-name}/order/{order-id}`
 	 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
 	 */
-	finalizeRequest(domains: string[], order: AcmeOrder, account: AcmeAccount, previousNonce: string): JsonRawData;
+	finalizeRequest(order: AcmeOrder, account: AcmeAccount, previousNonce: string): JsonRawData;
 	/**
 	 * Parses the response from `POST /acme/{provisioner-name}/order/{order-id}/finalize`.
 	 *

package/platforms/web/corecrypto.js

@@ -226,9 +226,12 @@ function makeMutClosure(arg0, arg1, dtor, f) {
     return real;
 }
 function __wbg_adapter_52(arg0, arg1, arg2) {
+    wasm$1._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hbc1e83b65f289d81(arg0, arg1, addHeapObject(arg2));
+}
+function __wbg_adapter_55(arg0, arg1, arg2) {
     try {
         const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
-        wasm$1._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h0b669391a1ca469a(retptr, arg0, arg1, addHeapObject(arg2));
+        wasm$1._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h7f871b07edcecab4(retptr, arg0, arg1, addHeapObject(arg2));
         var r0 = getInt32Memory0()[retptr / 4 + 0];
         var r1 = getInt32Memory0()[retptr / 4 + 1];
         if (r1) {
@@ -239,9 +242,6 @@ function __wbg_adapter_52(arg0, arg1, arg2) {
         wasm$1.__wbindgen_add_to_stack_pointer(16);
     }
 }
-function __wbg_adapter_55(arg0, arg1, arg2) {
-    wasm$1._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__ha3d8e2730fb8635e(arg0, arg1, addHeapObject(arg2));
-}
 function _assertClass(instance, klass) {
     if (!(instance instanceof klass)) {
         throw new Error(`expected instance of ${klass.name}`);
@@ -290,8 +290,8 @@ function handleError(f, args) {
 function getArrayU8FromWasm0(ptr, len) {
     return getUint8Memory0().subarray(ptr / 1, ptr / 1 + len);
 }
-function __wbg_adapter_271(arg0, arg1, arg2, arg3) {
-    wasm$1.wasm_bindgen__convert__closures__invoke2_mut__h191981cd1d6b08cc(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
+function __wbg_adapter_270(arg0, arg1, arg2, arg3) {
+    wasm$1.wasm_bindgen__convert__closures__invoke2_mut__h642728bf8a354f9a(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
 }
 /**
 * see [core_crypto::prelude::MlsWirePolicy]
@@ -1664,24 +1664,30 @@ class FfiWireE2EIdentity {
     }
     /**
     * See [core_crypto::e2e_identity::WireE2eIdentity::new_order_request]
-    * @param {string} handle
+    * @param {string} display_name
+    * @param {string} domain
     * @param {string} client_id
+    * @param {string} handle
     * @param {number} expiry_days
     * @param {any} directory
     * @param {Uint8Array} account
     * @param {string} previous_nonce
     * @returns {Uint8Array}
     */
-    new_order_request(handle, client_id, expiry_days, directory, account, previous_nonce) {
+    new_order_request(display_name, domain, client_id, handle, expiry_days, directory, account, previous_nonce) {
         try {
             const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
-            const ptr0 = passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const ptr0 = passStringToWasm0(display_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
             const len0 = WASM_VECTOR_LEN;
-            const ptr1 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const ptr1 = passStringToWasm0(domain, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
             const len1 = WASM_VECTOR_LEN;
-            const ptr2 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const ptr2 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
             const len2 = WASM_VECTOR_LEN;
-            wasm$1.ffiwiree2eidentity_new_order_request(retptr, this.ptr, ptr0, len0, ptr1, len1, expiry_days, addHeapObject(directory), addHeapObject(account), ptr2, len2);
+            const ptr3 = passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const len3 = WASM_VECTOR_LEN;
+            const ptr4 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const len4 = WASM_VECTOR_LEN;
+            wasm$1.ffiwiree2eidentity_new_order_request(retptr, this.ptr, ptr0, len0, ptr1, len1, ptr2, len2, ptr3, len3, expiry_days, addHeapObject(directory), addHeapObject(account), ptr4, len4);
             var r0 = getInt32Memory0()[retptr / 4 + 0];
             var r1 = getInt32Memory0()[retptr / 4 + 1];
             var r2 = getInt32Memory0()[retptr / 4 + 2];
@@ -1805,18 +1811,49 @@ class FfiWireE2EIdentity {
         }
     }
     /**
-    * See [core_crypto::e2e_identity::WireE2eIdentity::new_challenge_request]
-    * @param {any} handle_challenge
+    * See [core_crypto::e2e_identity::WireE2eIdentity::new_dpop_challenge_request]
+    * @param {string} access_token
+    * @param {any} dpop_challenge
     * @param {Uint8Array} account
     * @param {string} previous_nonce
     * @returns {Uint8Array}
     */
-    new_challenge_request(handle_challenge, account, previous_nonce) {
+    new_dpop_challenge_request(access_token, dpop_challenge, account, previous_nonce) {
         try {
             const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
-            const ptr0 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const ptr0 = passStringToWasm0(access_token, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
             const len0 = WASM_VECTOR_LEN;
-            wasm$1.ffiwiree2eidentity_new_challenge_request(retptr, this.ptr, addHeapObject(handle_challenge), addHeapObject(account), ptr0, len0);
+            const ptr1 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const len1 = WASM_VECTOR_LEN;
+            wasm$1.ffiwiree2eidentity_new_dpop_challenge_request(retptr, this.ptr, ptr0, len0, addHeapObject(dpop_challenge), addHeapObject(account), ptr1, len1);
+            var r0 = getInt32Memory0()[retptr / 4 + 0];
+            var r1 = getInt32Memory0()[retptr / 4 + 1];
+            var r2 = getInt32Memory0()[retptr / 4 + 2];
+            if (r2) {
+                throw takeObject(r1);
+            }
+            return takeObject(r0);
+        }
+        finally {
+            wasm$1.__wbindgen_add_to_stack_pointer(16);
+        }
+    }
+    /**
+    * See [core_crypto::e2e_identity::WireE2eIdentity::new_oidc_challenge_request]
+    * @param {string} id_token
+    * @param {any} oidc_challenge
+    * @param {Uint8Array} account
+    * @param {string} previous_nonce
+    * @returns {Uint8Array}
+    */
+    new_oidc_challenge_request(id_token, oidc_challenge, account, previous_nonce) {
+        try {
+            const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
+            const ptr0 = passStringToWasm0(id_token, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const len0 = WASM_VECTOR_LEN;
+            const ptr1 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
+            const len1 = WASM_VECTOR_LEN;
+            wasm$1.ffiwiree2eidentity_new_oidc_challenge_request(retptr, this.ptr, ptr0, len0, addHeapObject(oidc_challenge), addHeapObject(account), ptr1, len1);
             var r0 = getInt32Memory0()[retptr / 4 + 0];
             var r1 = getInt32Memory0()[retptr / 4 + 1];
             var r2 = getInt32Memory0()[retptr / 4 + 2];
@@ -1897,20 +1934,17 @@ class FfiWireE2EIdentity {
     }
     /**
     * See [core_crypto::e2e_identity::WireE2eIdentity::finalize_request]
-    * @param {(string)[]} domains
     * @param {Uint8Array} order
     * @param {Uint8Array} account
     * @param {string} previous_nonce
     * @returns {Uint8Array}
     */
-    finalize_request(domains, order, account, previous_nonce) {
+    finalize_request(order, account, previous_nonce) {
         try {
             const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
-            const ptr0 = passArrayJsValueToWasm0(domains, wasm$1.__wbindgen_malloc);
+            const ptr0 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
             const len0 = WASM_VECTOR_LEN;
-            const ptr1 = passStringToWasm0(previous_nonce, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
-            const len1 = WASM_VECTOR_LEN;
-            wasm$1.ffiwiree2eidentity_finalize_request(retptr, this.ptr, ptr0, len0, addHeapObject(order), addHeapObject(account), ptr1, len1);
+            wasm$1.ffiwiree2eidentity_finalize_request(retptr, this.ptr, addHeapObject(order), addHeapObject(account), ptr0, len0);
             var r0 = getInt32Memory0()[retptr / 4 + 0];
             var r1 = getInt32Memory0()[retptr / 4 + 1];
             var r2 = getInt32Memory0()[retptr / 4 + 2];
@@ -2108,16 +2142,16 @@ class NewAcmeAuthz {
     }
     /**
     * @param {string} identifier
-    * @param {AcmeChallenge | undefined} wire_http_challenge
+    * @param {AcmeChallenge | undefined} wire_dpop_challenge
     * @param {AcmeChallenge | undefined} wire_oidc_challenge
     */
-    constructor(identifier, wire_http_challenge, wire_oidc_challenge) {
+    constructor(identifier, wire_dpop_challenge, wire_oidc_challenge) {
         const ptr0 = passStringToWasm0(identifier, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
         const len0 = WASM_VECTOR_LEN;
         let ptr1 = 0;
-        if (!isLikeNone(wire_http_challenge)) {
-            _assertClass(wire_http_challenge, AcmeChallenge);
-            ptr1 = wire_http_challenge.__destroy_into_raw();
+        if (!isLikeNone(wire_dpop_challenge)) {
+            _assertClass(wire_dpop_challenge, AcmeChallenge);
+            ptr1 = wire_dpop_challenge.__destroy_into_raw();
         }
         let ptr2 = 0;
         if (!isLikeNone(wire_oidc_challenge)) {
@@ -2146,8 +2180,8 @@ class NewAcmeAuthz {
     /**
     * @returns {AcmeChallenge | undefined}
     */
-    get wire_http_challenge() {
-        const ret = wasm$1.newacmeauthz_wire_http_challenge(this.ptr);
+    get wire_dpop_challenge() {
+        const ret = wasm$1.newacmeauthz_wire_dpop_challenge(this.ptr);
         return ret === 0 ? undefined : AcmeChallenge.__wrap(ret);
     }
     /**
@@ -2383,22 +2417,6 @@ function getImports() {
         const ret = new Uint8Array(getObject(arg0));
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_push_49c286f04dd3bf59 = function (arg0, arg1) {
-        const ret = getObject(arg0).push(getObject(arg1));
-        return ret;
-    };
-    imports.wbg.__wbg_new_f841cc6f2098f4b5 = function () {
-        const ret = new Map();
-        return addHeapObject(ret);
-    };
-    imports.wbg.__wbg_set_388c4c6422704173 = function (arg0, arg1, arg2) {
-        const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
-        return addHeapObject(ret);
-    };
-    imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
-        const ret = BigInt.asUintN(64, arg0);
-        return addHeapObject(ret);
-    };
     imports.wbg.__wbg_new_9d3a9ce4282a18a8 = function (arg0, arg1) {
         try {
             var state0 = { a: arg0, b: arg1 };
@@ -2406,7 +2424,7 @@ function getImports() {
                 const a = state0.a;
                 state0.a = 0;
                 try {
-                    return __wbg_adapter_271(a, state0.b, arg0, arg1);
+                    return __wbg_adapter_270(a, state0.b, arg0, arg1);
                 }
                 finally {
                     state0.a = a;
@@ -2419,10 +2437,26 @@ function getImports() {
             state0.a = state0.b = 0;
         }
     };
+    imports.wbg.__wbg_push_49c286f04dd3bf59 = function (arg0, arg1) {
+        const ret = getObject(arg0).push(getObject(arg1));
+        return ret;
+    };
     imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
         const ret = FfiWireE2EIdentity.__wrap(arg0);
         return addHeapObject(ret);
     };
+    imports.wbg.__wbg_new_f841cc6f2098f4b5 = function () {
+        const ret = new Map();
+        return addHeapObject(ret);
+    };
+    imports.wbg.__wbg_set_388c4c6422704173 = function (arg0, arg1, arg2) {
+        const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
+        return addHeapObject(ret);
+    };
+    imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
+        const ret = BigInt.asUintN(64, arg0);
+        return addHeapObject(ret);
+    };
     imports.wbg.__wbg_setonsuccess_925a7718d3f62bc1 = function (arg0, arg1) {
         getObject(arg0).onsuccess = getObject(arg1);
     };
@@ -2495,20 +2529,32 @@ function getImports() {
         const ret = new Error(getStringFromWasm0(arg0, arg1));
         return addHeapObject(ret);
     };
+    imports.wbg.__wbg_instanceof_Promise_4333c4e5587e8936 = function (arg0) {
+        let result;
+        try {
+            result = getObject(arg0) instanceof Promise;
+        }
+        catch {
+            result = false;
+        }
+        const ret = result;
+        return ret;
+    };
+    imports.wbg.__wbg_then_f753623316e2873a = function (arg0, arg1, arg2) {
+        const ret = getObject(arg0).then(getObject(arg1), getObject(arg2));
+        return addHeapObject(ret);
+    };
+    imports.wbg.__wbg_warn_e57696dbb3977030 = function (arg0) {
+        console.warn(getObject(arg0));
+    };
     imports.wbg.__wbg_call_96878afb7a8201ca = function () {
         return handleError(function (arg0, arg1, arg2, arg3) {
             const ret = getObject(arg0).call(getObject(arg1), getObject(arg2), getObject(arg3));
             return addHeapObject(ret);
         }, arguments);
     };
-    imports.wbg.__wbg_call_99043a1e2a9e5916 = function () {
-        return handleError(function (arg0, arg1, arg2, arg3, arg4) {
-            const ret = getObject(arg0).call(getObject(arg1), getObject(arg2), getObject(arg3), getObject(arg4));
-            return addHeapObject(ret);
-        }, arguments);
-    };
-    imports.wbg.__wbg_length_ea0846e494e3b16e = function (arg0) {
-        const ret = getObject(arg0).length;
+    imports.wbg.__wbg_now_78244d2ced74c026 = function () {
+        const ret = performance.now();
         return ret;
     };
     imports.wbg.__wbg_reject_57029f54148d79c3 = function (arg0) {
@@ -2523,10 +2569,6 @@ function getImports() {
         const ret = Date.now();
         return ret;
     };
-    imports.wbg.__wbg_now_78244d2ced74c026 = function () {
-        const ret = performance.now();
-        return ret;
-    };
     imports.wbg.__wbg_new_abda76e883ba8a5f = function () {
         const ret = new Error();
         return addHeapObject(ret);
@@ -2701,10 +2743,6 @@ function getImports() {
         const ret = new Uint8Array(arg0 >>> 0);
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_charCodeAt_d78a90aced59e02f = function (arg0, arg1) {
-        const ret = getObject(arg0).charCodeAt(arg1 >>> 0);
-        return ret;
-    };
     imports.wbg.__wbg_next_88560ec06a094dea = function () {
         return handleError(function (arg0) {
             const ret = getObject(arg0).next();
@@ -2757,6 +2795,12 @@ function getImports() {
         const ret = new Function(getStringFromWasm0(arg0, arg1));
         return addHeapObject(ret);
     };
+    imports.wbg.__wbg_call_99043a1e2a9e5916 = function () {
+        return handleError(function (arg0, arg1, arg2, arg3, arg4) {
+            const ret = getObject(arg0).call(getObject(arg1), getObject(arg2), getObject(arg3), getObject(arg4));
+            return addHeapObject(ret);
+        }, arguments);
+    };
     imports.wbg.__wbg_set_6aa458a4ebdb65cb = function () {
         return handleError(function (arg0, arg1, arg2) {
             const ret = Reflect.set(getObject(arg0), getObject(arg1), getObject(arg2));
@@ -2786,12 +2830,6 @@ function getImports() {
         const ret = getObject(arg0).target;
         return isLikeNone(ret) ? 0 : addHeapObject(ret);
     };
-    imports.wbg.__wbg_error_f64b8d41ed4d2fdc = function () {
-        return handleError(function (arg0) {
-            const ret = getObject(arg0).error;
-            return isLikeNone(ret) ? 0 : addHeapObject(ret);
-        }, arguments);
-    };
     imports.wbg.__wbg_result_3a1fef332bc47038 = function () {
         return handleError(function (arg0) {
             const ret = getObject(arg0).result;
@@ -2832,6 +2870,12 @@ function getImports() {
             getObject(arg0).deleteObjectStore(getStringFromWasm0(arg1, arg2));
         }, arguments);
     };
+    imports.wbg.__wbg_error_f64b8d41ed4d2fdc = function () {
+        return handleError(function (arg0) {
+            const ret = getObject(arg0).error;
+            return isLikeNone(ret) ? 0 : addHeapObject(ret);
+        }, arguments);
+    };
     imports.wbg.__wbindgen_is_falsy = function (arg0) {
         const ret = !getObject(arg0);
         return ret;
@@ -2877,29 +2921,6 @@ function getImports() {
         const ret = getObject(arg0).toString();
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_instanceof_Window_e266f02eee43b570 = function (arg0) {
-        let result;
-        try {
-            result = getObject(arg0) instanceof Window;
-        }
-        catch {
-            result = false;
-        }
-        const ret = result;
-        return ret;
-    };
-    imports.wbg.__wbg_crypto_71b946c90b06fb5b = function () {
-        return handleError(function (arg0) {
-            const ret = getObject(arg0).crypto;
-            return addHeapObject(ret);
-        }, arguments);
-    };
-    imports.wbg.__wbg_getRandomValues_2a91ccd2d6c499b0 = function () {
-        return handleError(function (arg0, arg1, arg2) {
-            const ret = getObject(arg0).getRandomValues(getArrayU8FromWasm0(arg1, arg2));
-            return addHeapObject(ret);
-        }, arguments);
-    };
     imports.wbg.__wbg_instanceof_Uint8Array_01cebe79ca606cca = function (arg0) {
         let result;
         try {
@@ -2947,10 +2968,6 @@ function getImports() {
         const ret = getObject(arg0).then(getObject(arg1));
         return addHeapObject(ret);
     };
-    imports.wbg.__wbg_then_f753623316e2873a = function (arg0, arg1, arg2) {
-        const ret = getObject(arg0).then(getObject(arg1), getObject(arg2));
-        return addHeapObject(ret);
-    };
     imports.wbg.__wbg_resolve_fd40f858d9db1a04 = function (arg0) {
         const ret = Promise.resolve(getObject(arg0));
         return addHeapObject(ret);
@@ -3015,12 +3032,12 @@ function getImports() {
             return addHeapObject(ret);
         }, arguments);
     };
-    imports.wbg.__wbindgen_closure_wrapper4402 = function (arg0, arg1, arg2) {
-        const ret = makeMutClosure(arg0, arg1, 145, __wbg_adapter_52);
+    imports.wbg.__wbindgen_closure_wrapper1526 = function (arg0, arg1, arg2) {
+        const ret = makeMutClosure(arg0, arg1, 144, __wbg_adapter_52);
         return addHeapObject(ret);
     };
-    imports.wbg.__wbindgen_closure_wrapper4858 = function (arg0, arg1, arg2) {
-        const ret = makeMutClosure(arg0, arg1, 145, __wbg_adapter_55);
+    imports.wbg.__wbindgen_closure_wrapper4415 = function (arg0, arg1, arg2) {
+        const ret = makeMutClosure(arg0, arg1, 144, __wbg_adapter_55);
         return addHeapObject(ret);
     };
     return imports;
@@ -3080,7 +3097,7 @@ var exports = /*#__PURE__*/Object.freeze({
 var wasm = async (opt = {}) => {
                 let {importHook, serverPath} = opt;
 
-                let path = "assets/core_crypto_ffi-d7dac5b2.wasm";
+                let path = "assets/core_crypto_ffi-d45ab989.wasm";
 
                 if (serverPath != null) {
                     path = serverPath + /[^\/\\]*$/.exec(path)[0];
@@ -4116,17 +4133,19 @@ class WireE2eIdentity {
     /**
      * Creates a new acme order for the handle (userId + display name) and the clientId.
      *
-     * @param handle domain of the authorization server e.g. `idp.example.org`
-     * @param clientId domain of the wire-server e.g. `wire.example.org`
+     * @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
+     * @param domain DNS name of owning backend e.g. `example.com`
+     * @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `impp:wireapp=NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ/6add501bacd1d90e@example.com`
+     * @param handle user handle e.g. `impp:wireapp=alice.smith.qa@example.com`
      * @param expiryDays generated x509 certificate expiry
      * @param directory you got from {@link directoryResponse}
      * @param account you got from {@link newAccountResponse}
      * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/new-account`
      * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
      */
-    newOrderRequest(handle, clientId, expiryDays, directory, account, previousNonce) {
+    newOrderRequest(displayName, domain, clientId, handle, expiryDays, directory, account, previousNonce) {
         try {
-            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").new_order_request(handle, clientId, expiryDays, directory, account, previousNonce);
+            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").new_order_request(displayName, domain, clientId, handle, expiryDays, directory, account, previousNonce);
         }
         catch (e) {
             throw CoreCryptoError.fromStdError(e);
@@ -4206,16 +4225,34 @@ class WireE2eIdentity {
         }
     }
     /**
-     * Creates a new challenge request.
+     * Creates a new challenge request for Wire Dpop challenge.
+     *
+     * @param accessToken returned by wire-server from https://staging-nginz-https.zinfra.io/api/swagger-ui/#/default/post_clients__cid__access_token
+     * @param dpopChallenge you found after {@link newAuthzResponse}
+     * @param account you found after {@link newAccountResponse}
+     * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
+     * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
+     */
+    newDpopChallengeRequest(accessToken, dpopChallenge, account, previousNonce) {
+        try {
+            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").new_dpop_challenge_request(accessToken, dpopChallenge, account, previousNonce);
+        }
+        catch (e) {
+            throw CoreCryptoError.fromStdError(e);
+        }
+    }
+    /**
+     * Creates a new challenge request for Wire Oidc challenge.
      *
-     * @param handleChallenge you found after {@link newAuthzResponse}
+     * @param idToken you get back from Identity Provider
+     * @param oidcChallenge you found after {@link newAuthzResponse}
      * @param account you found after {@link newAccountResponse}
      * @param previousNonce `replay-nonce` response header from `POST /acme/{provisioner-name}/authz/{authz-id}`
      * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
      */
-    newChallengeRequest(handleChallenge, account, previousNonce) {
+    newOidcChallengeRequest(idToken, oidcChallenge, account, previousNonce) {
         try {
-            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").new_challenge_request(handleChallenge, account, previousNonce);
+            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").new_oidc_challenge_request(idToken, oidcChallenge, account, previousNonce);
         }
         catch (e) {
             throw CoreCryptoError.fromStdError(e);
@@ -4268,15 +4305,14 @@ class WireE2eIdentity {
     /**
      * Final step before fetching the certificate.
      *
-     * @param domains - domains you want to generate a certificate for e.g. `["wire.com"]`
      * @param order - order you got from {@link checkOrderResponse}
      * @param account - account you found after {@link newAccountResponse}
      * @param previousNonce - `replay-nonce` response header from `POST /acme/{provisioner-name}/order/{order-id}`
      * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.4
      */
-    finalizeRequest(domains, order, account, previousNonce) {
+    finalizeRequest(order, account, previousNonce) {
         try {
-            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").finalize_request(domains, order, account, previousNonce);
+            return __classPrivateFieldGet(this, _WireE2eIdentity_e2ei, "f").finalize_request(order, account, previousNonce);
         }
         catch (e) {
             throw CoreCryptoError.fromStdError(e);