@wireapp/core-crypto 1.0.0-pre.8 → 1.0.0-rc.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
Binary file
|
|
@@ -79,6 +79,24 @@ export interface ConversationConfiguration {
|
|
|
79
79
|
* Implementation specific configuration
|
|
80
80
|
*/
|
|
81
81
|
custom?: CustomConfiguration;
|
|
82
|
+
/**
|
|
83
|
+
* Trust anchors to be added in the group's context extensions
|
|
84
|
+
*/
|
|
85
|
+
perDomainTrustAnchors?: PerDomainTrustAnchor[];
|
|
86
|
+
}
|
|
87
|
+
/**
|
|
88
|
+
* A wrapper containing the configuration for trust anchors to be added in the group's context
|
|
89
|
+
* extensions
|
|
90
|
+
*/
|
|
91
|
+
export interface PerDomainTrustAnchor {
|
|
92
|
+
/**
|
|
93
|
+
* Domain name of the owning backend this anchor refers to. One of the certificate in the chain has to have this domain in its SANs
|
|
94
|
+
*/
|
|
95
|
+
domain_name: string;
|
|
96
|
+
/**
|
|
97
|
+
* PEM encoded (partial) certificate chain. This contains the certificate chain for the CA certificate issuing the E2E Identity certificates
|
|
98
|
+
*/
|
|
99
|
+
intermediate_certificate_chain: string;
|
|
82
100
|
}
|
|
83
101
|
/**
|
|
84
102
|
* see [core_crypto::prelude::MlsWirePolicy]
|
|
@@ -690,6 +708,22 @@ export declare class CoreCrypto {
|
|
|
690
708
|
* @returns The encrypted payload for the given group. This needs to be fanned out to the other members of the group.
|
|
691
709
|
*/
|
|
692
710
|
encryptMessage(conversationId: ConversationId, message: Uint8Array): Promise<Uint8Array>;
|
|
711
|
+
/**
|
|
712
|
+
* Updates the trust anchors for a conversation. This should be called when a federated event happens (new team added/removed).
|
|
713
|
+
* Clients should add and/or remove trust anchors from the new backend to the conversation. The method will check
|
|
714
|
+
* for duplicated domains and the validity of the certificate chain.
|
|
715
|
+
*
|
|
716
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
|
717
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
|
718
|
+
* epoch, use new encryption secrets etc...
|
|
719
|
+
*
|
|
720
|
+
* @param conversationId - The ID of the conversation
|
|
721
|
+
* @param removeDomainNames - Domains to remove from the trust anchors
|
|
722
|
+
* @param addTrustAnchors - New trust anchors to add to the conversation
|
|
723
|
+
*
|
|
724
|
+
* @returns A {@link CommitBundle}
|
|
725
|
+
*/
|
|
726
|
+
update_trust_anchors_from_conversation(conversationId: ConversationId, removeDomainNames: string[], addTrustAnchors: PerDomainTrustAnchor[]): Promise<CommitBundle>;
|
|
693
727
|
/**
|
|
694
728
|
* Ingest a TLS-serialized MLS welcome message to join an existing MLS group
|
|
695
729
|
*
|
|
@@ -810,7 +844,7 @@ export declare class CoreCrypto {
|
|
|
810
844
|
*
|
|
811
845
|
* @param conversationId - The ID of the conversation
|
|
812
846
|
*/
|
|
813
|
-
mergePendingGroupFromExternalCommit(conversationId: ConversationId): Promise<
|
|
847
|
+
mergePendingGroupFromExternalCommit(conversationId: ConversationId): Promise<DecryptedMessage[] | undefined>;
|
|
814
848
|
/**
|
|
815
849
|
* In case the external commit generated by {@link CoreCrypto.joinByExternalCommit} is rejected by the Delivery Service, and we
|
|
816
850
|
* want to abort this external commit once for all, we can wipe out the pending group from the keystore in order
|
|
@@ -1026,30 +1060,30 @@ export declare class CoreCrypto {
|
|
|
1026
1060
|
e2eiNewEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1027
1061
|
/**
|
|
1028
1062
|
* Generates an E2EI enrollment instance for a "regular" client (with a Basic credential) willing to migrate to E2EI.
|
|
1029
|
-
* As a consequence, this method does not support changing the ClientId which should remain the same as the Basic one.
|
|
1030
1063
|
* Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
1031
1064
|
*
|
|
1065
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
1032
1066
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
1033
1067
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
1034
1068
|
* @param expiryDays generated x509 certificate expiry
|
|
1035
1069
|
* @param ciphersuite - for generating signing key material
|
|
1036
1070
|
* @returns The new {@link WireE2eIdentity} object
|
|
1037
1071
|
*/
|
|
1038
|
-
e2eiNewActivationEnrollment(displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1072
|
+
e2eiNewActivationEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1039
1073
|
/**
|
|
1040
1074
|
* Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential)
|
|
1041
1075
|
* having to change/rotate their credential, either because the former one is expired or it
|
|
1042
|
-
* has been revoked.
|
|
1043
|
-
* should remain the same as the previous one. It lets you change the DisplayName or the handle
|
|
1076
|
+
* has been revoked. It lets you change the DisplayName or the handle
|
|
1044
1077
|
* if you need to. Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
1045
1078
|
*
|
|
1079
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
1046
1080
|
* @param expiryDays generated x509 certificate expiry
|
|
1047
1081
|
* @param ciphersuite - for generating signing key material
|
|
1048
1082
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
1049
1083
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
1050
1084
|
* @returns The new {@link WireE2eIdentity} object
|
|
1051
1085
|
*/
|
|
1052
|
-
e2eiNewRotateEnrollment(expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string): Promise<WireE2eIdentity>;
|
|
1086
|
+
e2eiNewRotateEnrollment(clientId: string, expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string): Promise<WireE2eIdentity>;
|
|
1053
1087
|
/**
|
|
1054
1088
|
* Use this method to initialize end-to-end identity when a client signs up and the grace period is already expired ; that means he cannot initialize with a Basic credential
|
|
1055
1089
|
*
|
|
@@ -39,14 +39,6 @@ const heap = new Array(128).fill(undefined);
|
|
|
39
39
|
heap.push(undefined, null, true, false);
|
|
40
40
|
function getObject(idx) { return heap[idx]; }
|
|
41
41
|
let heap_next = heap.length;
|
|
42
|
-
function addHeapObject(obj) {
|
|
43
|
-
if (heap_next === heap.length)
|
|
44
|
-
heap.push(heap.length + 1);
|
|
45
|
-
const idx = heap_next;
|
|
46
|
-
heap_next = heap[idx];
|
|
47
|
-
heap[idx] = obj;
|
|
48
|
-
return idx;
|
|
49
|
-
}
|
|
50
42
|
function dropObject(idx) {
|
|
51
43
|
if (idx < 132)
|
|
52
44
|
return;
|
|
@@ -58,6 +50,14 @@ function takeObject(idx) {
|
|
|
58
50
|
dropObject(idx);
|
|
59
51
|
return ret;
|
|
60
52
|
}
|
|
53
|
+
function addHeapObject(obj) {
|
|
54
|
+
if (heap_next === heap.length)
|
|
55
|
+
heap.push(heap.length + 1);
|
|
56
|
+
const idx = heap_next;
|
|
57
|
+
heap_next = heap[idx];
|
|
58
|
+
heap[idx] = obj;
|
|
59
|
+
return idx;
|
|
60
|
+
}
|
|
61
61
|
const cachedTextDecoder = (typeof TextDecoder !== 'undefined' ? new TextDecoder('utf-8', { ignoreBOM: true, fatal: true }) : { decode: () => { throw Error('TextDecoder not available'); } });
|
|
62
62
|
if (typeof TextDecoder !== 'undefined') {
|
|
63
63
|
cachedTextDecoder.decode();
|
|
@@ -234,12 +234,12 @@ function makeMutClosure(arg0, arg1, dtor, f) {
|
|
|
234
234
|
return real;
|
|
235
235
|
}
|
|
236
236
|
function __wbg_adapter_52(arg0, arg1, arg2) {
|
|
237
|
-
wasm$1.
|
|
237
|
+
wasm$1.wasm_bindgen__convert__closures__invoke1_mut__h79cafe3df8446843(arg0, arg1, addHeapObject(arg2));
|
|
238
238
|
}
|
|
239
239
|
function __wbg_adapter_55(arg0, arg1, arg2) {
|
|
240
240
|
try {
|
|
241
241
|
const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
|
|
242
|
-
wasm$1.
|
|
242
|
+
wasm$1.wasm_bindgen__convert__closures__invoke1_mut__he1696d119fd3caab(retptr, arg0, arg1, addHeapObject(arg2));
|
|
243
243
|
var r0 = getInt32Memory0()[retptr / 4 + 0];
|
|
244
244
|
var r1 = getInt32Memory0()[retptr / 4 + 1];
|
|
245
245
|
if (r1) {
|
|
@@ -313,8 +313,8 @@ function handleError(f, args) {
|
|
|
313
313
|
wasm$1.__wbindgen_exn_store(addHeapObject(e));
|
|
314
314
|
}
|
|
315
315
|
}
|
|
316
|
-
function
|
|
317
|
-
wasm$1.
|
|
316
|
+
function __wbg_adapter_298(arg0, arg1, arg2, arg3) {
|
|
317
|
+
wasm$1.wasm_bindgen__convert__closures__invoke2_mut__h2ada45b9b70febc7(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
|
|
318
318
|
}
|
|
319
319
|
/**
|
|
320
320
|
* see [core_crypto::prelude::MlsWirePolicy]
|
|
@@ -343,7 +343,6 @@ const CredentialType$1 = Object.freeze({
|
|
|
343
343
|
X509: 2, "2": "X509",
|
|
344
344
|
});
|
|
345
345
|
/**
|
|
346
|
-
* see [core_crypto::prelude::CiphersuiteName]
|
|
347
346
|
*/
|
|
348
347
|
const Ciphersuite$1 = Object.freeze({
|
|
349
348
|
/**
|
|
@@ -618,12 +617,25 @@ class ConversationConfiguration {
|
|
|
618
617
|
* @param {(Uint8Array)[] | undefined} external_senders
|
|
619
618
|
* @param {number | undefined} key_rotation_span
|
|
620
619
|
* @param {number | undefined} wire_policy
|
|
620
|
+
* @param {Array<any>} per_domain_trust_anchors
|
|
621
621
|
*/
|
|
622
|
-
constructor(ciphersuite, external_senders, key_rotation_span, wire_policy) {
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
622
|
+
constructor(ciphersuite, external_senders, key_rotation_span, wire_policy, per_domain_trust_anchors) {
|
|
623
|
+
try {
|
|
624
|
+
const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
|
|
625
|
+
var ptr0 = isLikeNone(external_senders) ? 0 : passArrayJsValueToWasm0(external_senders, wasm$1.__wbindgen_malloc);
|
|
626
|
+
var len0 = WASM_VECTOR_LEN;
|
|
627
|
+
wasm$1.conversationconfiguration_new(retptr, isLikeNone(ciphersuite) ? 8 : ciphersuite, ptr0, len0, !isLikeNone(key_rotation_span), isLikeNone(key_rotation_span) ? 0 : key_rotation_span, isLikeNone(wire_policy) ? 3 : wire_policy, addHeapObject(per_domain_trust_anchors));
|
|
628
|
+
var r0 = getInt32Memory0()[retptr / 4 + 0];
|
|
629
|
+
var r1 = getInt32Memory0()[retptr / 4 + 1];
|
|
630
|
+
var r2 = getInt32Memory0()[retptr / 4 + 2];
|
|
631
|
+
if (r2) {
|
|
632
|
+
throw takeObject(r1);
|
|
633
|
+
}
|
|
634
|
+
return ConversationConfiguration.__wrap(r0);
|
|
635
|
+
}
|
|
636
|
+
finally {
|
|
637
|
+
wasm$1.__wbindgen_add_to_stack_pointer(16);
|
|
638
|
+
}
|
|
627
639
|
}
|
|
628
640
|
}
|
|
629
641
|
/**
|
|
@@ -703,36 +715,42 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
703
715
|
* Returns: [`WasmCryptoResult<WireE2eIdentity>`]
|
|
704
716
|
*
|
|
705
717
|
* see [core_crypto::mls::MlsCentral::e2ei_new_activation_enrollment]
|
|
718
|
+
* @param {string} client_id
|
|
706
719
|
* @param {string} display_name
|
|
707
720
|
* @param {string} handle
|
|
708
721
|
* @param {number} expiry_days
|
|
709
722
|
* @param {number} ciphersuite
|
|
710
723
|
* @returns {Promise<any>}
|
|
711
724
|
*/
|
|
712
|
-
e2ei_new_activation_enrollment(display_name, handle, expiry_days, ciphersuite) {
|
|
713
|
-
const ptr0 = passStringToWasm0(
|
|
725
|
+
e2ei_new_activation_enrollment(client_id, display_name, handle, expiry_days, ciphersuite) {
|
|
726
|
+
const ptr0 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
714
727
|
const len0 = WASM_VECTOR_LEN;
|
|
715
|
-
const ptr1 = passStringToWasm0(
|
|
728
|
+
const ptr1 = passStringToWasm0(display_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
716
729
|
const len1 = WASM_VECTOR_LEN;
|
|
717
|
-
const
|
|
730
|
+
const ptr2 = passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
731
|
+
const len2 = WASM_VECTOR_LEN;
|
|
732
|
+
const ret = wasm$1.corecrypto_e2ei_new_activation_enrollment(this.__wbg_ptr, ptr0, len0, ptr1, len1, ptr2, len2, expiry_days, ciphersuite);
|
|
718
733
|
return takeObject(ret);
|
|
719
734
|
}
|
|
720
735
|
/**
|
|
721
736
|
* Returns: [`WasmCryptoResult<WireE2eIdentity>`]
|
|
722
737
|
*
|
|
723
738
|
* see [core_crypto::mls::MlsCentral::e2ei_new_rotate_enrollment]
|
|
739
|
+
* @param {string} client_id
|
|
724
740
|
* @param {string | undefined} display_name
|
|
725
741
|
* @param {string | undefined} handle
|
|
726
742
|
* @param {number} expiry_days
|
|
727
743
|
* @param {number} ciphersuite
|
|
728
744
|
* @returns {Promise<any>}
|
|
729
745
|
*/
|
|
730
|
-
e2ei_new_rotate_enrollment(display_name, handle, expiry_days, ciphersuite) {
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
var ptr1 = isLikeNone(
|
|
746
|
+
e2ei_new_rotate_enrollment(client_id, display_name, handle, expiry_days, ciphersuite) {
|
|
747
|
+
const ptr0 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
748
|
+
const len0 = WASM_VECTOR_LEN;
|
|
749
|
+
var ptr1 = isLikeNone(display_name) ? 0 : passStringToWasm0(display_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
734
750
|
var len1 = WASM_VECTOR_LEN;
|
|
735
|
-
|
|
751
|
+
var ptr2 = isLikeNone(handle) ? 0 : passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
752
|
+
var len2 = WASM_VECTOR_LEN;
|
|
753
|
+
const ret = wasm$1.corecrypto_e2ei_new_rotate_enrollment(this.__wbg_ptr, ptr0, len0, ptr1, len1, ptr2, len2, expiry_days, ciphersuite);
|
|
736
754
|
return takeObject(ret);
|
|
737
755
|
}
|
|
738
756
|
/**
|
|
@@ -867,7 +885,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
867
885
|
* see [core_crypto::mls::MlsCentral::mls_init]
|
|
868
886
|
* @param {Uint8Array} client_id
|
|
869
887
|
* @param {Uint16Array} ciphersuites
|
|
870
|
-
* @returns {Promise<
|
|
888
|
+
* @returns {Promise<any>}
|
|
871
889
|
*/
|
|
872
890
|
mls_init(client_id, ciphersuites) {
|
|
873
891
|
const ptr0 = passArray8ToWasm0(client_id, wasm$1.__wbindgen_malloc);
|
|
@@ -1178,6 +1196,23 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1178
1196
|
return takeObject(ret);
|
|
1179
1197
|
}
|
|
1180
1198
|
/**
|
|
1199
|
+
* Returns: [`WasmCryptoResult<CommitBundle>`]
|
|
1200
|
+
*
|
|
1201
|
+
* see [core_crypto::mls::MlsCentral::update_trust_anchors_from_conversation]
|
|
1202
|
+
* @param {Uint8Array} conversation_id
|
|
1203
|
+
* @param {(string)[]} remove_domain_names
|
|
1204
|
+
* @param {Array<any>} add_trust_anchors
|
|
1205
|
+
* @returns {Promise<any>}
|
|
1206
|
+
*/
|
|
1207
|
+
update_trust_anchors_from_conversation(conversation_id, remove_domain_names, add_trust_anchors) {
|
|
1208
|
+
const ptr0 = passArray8ToWasm0(conversation_id, wasm$1.__wbindgen_malloc);
|
|
1209
|
+
const len0 = WASM_VECTOR_LEN;
|
|
1210
|
+
const ptr1 = passArrayJsValueToWasm0(remove_domain_names, wasm$1.__wbindgen_malloc);
|
|
1211
|
+
const len1 = WASM_VECTOR_LEN;
|
|
1212
|
+
const ret = wasm$1.corecrypto_update_trust_anchors_from_conversation(this.__wbg_ptr, ptr0, len0, ptr1, len1, addHeapObject(add_trust_anchors));
|
|
1213
|
+
return takeObject(ret);
|
|
1214
|
+
}
|
|
1215
|
+
/**
|
|
1181
1216
|
* Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
|
|
1182
1217
|
*
|
|
1183
1218
|
* see [core_crypto::mls::MlsCentral::new_proposal]
|
|
@@ -1446,7 +1481,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1446
1481
|
* see [core_crypto::proteus::ProteusCentral::encrypt]
|
|
1447
1482
|
* @param {string} session_id
|
|
1448
1483
|
* @param {Uint8Array} plaintext
|
|
1449
|
-
* @returns {Promise<
|
|
1484
|
+
* @returns {Promise<any>}
|
|
1450
1485
|
*/
|
|
1451
1486
|
proteus_encrypt(session_id, plaintext) {
|
|
1452
1487
|
const ptr0 = passStringToWasm0(session_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
@@ -1477,7 +1512,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1477
1512
|
*
|
|
1478
1513
|
* see [core_crypto::proteus::ProteusCentral::new_prekey]
|
|
1479
1514
|
* @param {number} prekey_id
|
|
1480
|
-
* @returns {Promise<
|
|
1515
|
+
* @returns {Promise<any>}
|
|
1481
1516
|
*/
|
|
1482
1517
|
proteus_new_prekey(prekey_id) {
|
|
1483
1518
|
const ret = wasm$1.corecrypto_proteus_new_prekey(this.__wbg_ptr, prekey_id);
|
|
@@ -1487,7 +1522,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1487
1522
|
* Returns: [`WasmCryptoResult<ProteusAutoPrekeyBundle>`]
|
|
1488
1523
|
*
|
|
1489
1524
|
* see [core_crypto::proteus::ProteusCentral::new_prekey]
|
|
1490
|
-
* @returns {Promise<
|
|
1525
|
+
* @returns {Promise<any>}
|
|
1491
1526
|
*/
|
|
1492
1527
|
proteus_new_prekey_auto() {
|
|
1493
1528
|
const ret = wasm$1.corecrypto_proteus_new_prekey_auto(this.__wbg_ptr);
|
|
@@ -2437,6 +2472,37 @@ class NewAcmeOrder {
|
|
|
2437
2472
|
}
|
|
2438
2473
|
/**
|
|
2439
2474
|
*/
|
|
2475
|
+
class PerDomainTrustAnchor {
|
|
2476
|
+
static __wrap(ptr) {
|
|
2477
|
+
ptr = ptr >>> 0;
|
|
2478
|
+
const obj = Object.create(PerDomainTrustAnchor.prototype);
|
|
2479
|
+
obj.__wbg_ptr = ptr;
|
|
2480
|
+
return obj;
|
|
2481
|
+
}
|
|
2482
|
+
__destroy_into_raw() {
|
|
2483
|
+
const ptr = this.__wbg_ptr;
|
|
2484
|
+
this.__wbg_ptr = 0;
|
|
2485
|
+
return ptr;
|
|
2486
|
+
}
|
|
2487
|
+
free() {
|
|
2488
|
+
const ptr = this.__destroy_into_raw();
|
|
2489
|
+
wasm$1.__wbg_perdomaintrustanchor_free(ptr);
|
|
2490
|
+
}
|
|
2491
|
+
/**
|
|
2492
|
+
* @param {string} domain_name
|
|
2493
|
+
* @param {string} intermediate_certificate_chain
|
|
2494
|
+
*/
|
|
2495
|
+
constructor(domain_name, intermediate_certificate_chain) {
|
|
2496
|
+
const ptr0 = passStringToWasm0(domain_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
2497
|
+
const len0 = WASM_VECTOR_LEN;
|
|
2498
|
+
const ptr1 = passStringToWasm0(intermediate_certificate_chain, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
2499
|
+
const len1 = WASM_VECTOR_LEN;
|
|
2500
|
+
const ret = wasm$1.perdomaintrustanchor_new(ptr0, len0, ptr1, len1);
|
|
2501
|
+
return PerDomainTrustAnchor.__wrap(ret);
|
|
2502
|
+
}
|
|
2503
|
+
}
|
|
2504
|
+
/**
|
|
2505
|
+
*/
|
|
2440
2506
|
class ProposalBundle {
|
|
2441
2507
|
static __wrap(ptr) {
|
|
2442
2508
|
ptr = ptr >>> 0;
|
|
@@ -2728,6 +2794,9 @@ async function __wbg_load(module, imports) {
|
|
|
2728
2794
|
function __wbg_get_imports() {
|
|
2729
2795
|
const imports = {};
|
|
2730
2796
|
imports.wbg = {};
|
|
2797
|
+
imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
|
|
2798
|
+
takeObject(arg0);
|
|
2799
|
+
};
|
|
2731
2800
|
imports.wbg.__wbindgen_object_clone_ref = function (arg0) {
|
|
2732
2801
|
const ret = getObject(arg0);
|
|
2733
2802
|
return addHeapObject(ret);
|
|
@@ -2737,9 +2806,6 @@ function __wbg_get_imports() {
|
|
|
2737
2806
|
const ret = typeof (val) === 'object' && val !== null;
|
|
2738
2807
|
return ret;
|
|
2739
2808
|
};
|
|
2740
|
-
imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
|
|
2741
|
-
takeObject(arg0);
|
|
2742
|
-
};
|
|
2743
2809
|
imports.wbg.__wbg_getwithrefkey_5e6d9547403deab8 = function (arg0, arg1) {
|
|
2744
2810
|
const ret = getObject(arg0)[getObject(arg1)];
|
|
2745
2811
|
return addHeapObject(ret);
|
|
@@ -2810,48 +2876,29 @@ function __wbg_get_imports() {
|
|
|
2810
2876
|
const ret = new Array();
|
|
2811
2877
|
return addHeapObject(ret);
|
|
2812
2878
|
};
|
|
2813
|
-
imports.wbg.
|
|
2814
|
-
|
|
2879
|
+
imports.wbg.__wbg_push_ca1c26067ef907ac = function (arg0, arg1) {
|
|
2880
|
+
const ret = getObject(arg0).push(getObject(arg1));
|
|
2881
|
+
return ret;
|
|
2815
2882
|
};
|
|
2816
|
-
imports.wbg.
|
|
2817
|
-
|
|
2883
|
+
imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
|
|
2884
|
+
const ret = FfiWireE2EIdentity.__wrap(arg0);
|
|
2885
|
+
return addHeapObject(ret);
|
|
2818
2886
|
};
|
|
2819
2887
|
imports.wbg.__wbindgen_number_new = function (arg0) {
|
|
2820
2888
|
const ret = arg0;
|
|
2821
2889
|
return addHeapObject(ret);
|
|
2822
2890
|
};
|
|
2823
|
-
imports.wbg.
|
|
2824
|
-
|
|
2825
|
-
var state0 = { a: arg0, b: arg1 };
|
|
2826
|
-
var cb0 = (arg0, arg1) => {
|
|
2827
|
-
const a = state0.a;
|
|
2828
|
-
state0.a = 0;
|
|
2829
|
-
try {
|
|
2830
|
-
return __wbg_adapter_296(a, state0.b, arg0, arg1);
|
|
2831
|
-
}
|
|
2832
|
-
finally {
|
|
2833
|
-
state0.a = a;
|
|
2834
|
-
}
|
|
2835
|
-
};
|
|
2836
|
-
const ret = new Promise(cb0);
|
|
2837
|
-
return addHeapObject(ret);
|
|
2838
|
-
}
|
|
2839
|
-
finally {
|
|
2840
|
-
state0.a = state0.b = 0;
|
|
2841
|
-
}
|
|
2891
|
+
imports.wbg.__wbg_set_502d29070ea18557 = function (arg0, arg1, arg2) {
|
|
2892
|
+
getObject(arg0)[arg1 >>> 0] = takeObject(arg2);
|
|
2842
2893
|
};
|
|
2843
|
-
imports.wbg.
|
|
2844
|
-
const ret =
|
|
2845
|
-
return ret;
|
|
2894
|
+
imports.wbg.__wbg_proteusautoprekeybundle_new = function (arg0) {
|
|
2895
|
+
const ret = ProteusAutoPrekeyBundle.__wrap(arg0);
|
|
2896
|
+
return addHeapObject(ret);
|
|
2846
2897
|
};
|
|
2847
2898
|
imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
|
|
2848
2899
|
const ret = BigInt.asUintN(64, arg0);
|
|
2849
2900
|
return addHeapObject(ret);
|
|
2850
2901
|
};
|
|
2851
|
-
imports.wbg.__wbg_proteusautoprekeybundle_new = function (arg0) {
|
|
2852
|
-
const ret = ProteusAutoPrekeyBundle.__wrap(arg0);
|
|
2853
|
-
return addHeapObject(ret);
|
|
2854
|
-
};
|
|
2855
2902
|
imports.wbg.__wbg_new_56693dbed0c32988 = function () {
|
|
2856
2903
|
const ret = new Map();
|
|
2857
2904
|
return addHeapObject(ret);
|
|
@@ -2860,10 +2907,6 @@ function __wbg_get_imports() {
|
|
|
2860
2907
|
const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
|
|
2861
2908
|
return addHeapObject(ret);
|
|
2862
2909
|
};
|
|
2863
|
-
imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
|
|
2864
|
-
const ret = FfiWireE2EIdentity.__wrap(arg0);
|
|
2865
|
-
return addHeapObject(ret);
|
|
2866
|
-
};
|
|
2867
2910
|
imports.wbg.__wbg_new_d258248ed531ff54 = function (arg0, arg1) {
|
|
2868
2911
|
const ret = new Error(getStringFromWasm0(arg0, arg1));
|
|
2869
2912
|
return addHeapObject(ret);
|
|
@@ -2936,6 +2979,9 @@ function __wbg_get_imports() {
|
|
|
2936
2979
|
const ret = CoreCrypto$1.__wrap(arg0);
|
|
2937
2980
|
return addHeapObject(ret);
|
|
2938
2981
|
};
|
|
2982
|
+
imports.wbg.__wbg_set_841ac57cff3d672b = function (arg0, arg1, arg2) {
|
|
2983
|
+
getObject(arg0)[takeObject(arg1)] = takeObject(arg2);
|
|
2984
|
+
};
|
|
2939
2985
|
imports.wbg.__wbg_instanceof_Promise_0e98a5bf082e090f = function (arg0) {
|
|
2940
2986
|
let result;
|
|
2941
2987
|
try {
|
|
@@ -2980,6 +3026,26 @@ function __wbg_get_imports() {
|
|
|
2980
3026
|
const ret = performance.now();
|
|
2981
3027
|
return ret;
|
|
2982
3028
|
};
|
|
3029
|
+
imports.wbg.__wbg_new_43f1b47c28813cbd = function (arg0, arg1) {
|
|
3030
|
+
try {
|
|
3031
|
+
var state0 = { a: arg0, b: arg1 };
|
|
3032
|
+
var cb0 = (arg0, arg1) => {
|
|
3033
|
+
const a = state0.a;
|
|
3034
|
+
state0.a = 0;
|
|
3035
|
+
try {
|
|
3036
|
+
return __wbg_adapter_298(a, state0.b, arg0, arg1);
|
|
3037
|
+
}
|
|
3038
|
+
finally {
|
|
3039
|
+
state0.a = a;
|
|
3040
|
+
}
|
|
3041
|
+
};
|
|
3042
|
+
const ret = new Promise(cb0);
|
|
3043
|
+
return addHeapObject(ret);
|
|
3044
|
+
}
|
|
3045
|
+
finally {
|
|
3046
|
+
state0.a = state0.b = 0;
|
|
3047
|
+
}
|
|
3048
|
+
};
|
|
2983
3049
|
imports.wbg.__wbg_reject_7bd6ac9617013c02 = function (arg0) {
|
|
2984
3050
|
const ret = Promise.reject(getObject(arg0));
|
|
2985
3051
|
return addHeapObject(ret);
|
|
@@ -3242,6 +3308,12 @@ function __wbg_get_imports() {
|
|
|
3242
3308
|
const ret = getObject(arg0).target;
|
|
3243
3309
|
return isLikeNone(ret) ? 0 : addHeapObject(ret);
|
|
3244
3310
|
};
|
|
3311
|
+
imports.wbg.__wbg_error_8a79f35fe9368563 = function () {
|
|
3312
|
+
return handleError(function (arg0) {
|
|
3313
|
+
const ret = getObject(arg0).error;
|
|
3314
|
+
return isLikeNone(ret) ? 0 : addHeapObject(ret);
|
|
3315
|
+
}, arguments);
|
|
3316
|
+
};
|
|
3245
3317
|
imports.wbg.__wbg_result_edff16ff107d6acb = function () {
|
|
3246
3318
|
return handleError(function (arg0) {
|
|
3247
3319
|
const ret = getObject(arg0).result;
|
|
@@ -3282,12 +3354,6 @@ function __wbg_get_imports() {
|
|
|
3282
3354
|
getObject(arg0).deleteObjectStore(getStringFromWasm0(arg1, arg2));
|
|
3283
3355
|
}, arguments);
|
|
3284
3356
|
};
|
|
3285
|
-
imports.wbg.__wbg_error_8a79f35fe9368563 = function () {
|
|
3286
|
-
return handleError(function (arg0) {
|
|
3287
|
-
const ret = getObject(arg0).error;
|
|
3288
|
-
return isLikeNone(ret) ? 0 : addHeapObject(ret);
|
|
3289
|
-
}, arguments);
|
|
3290
|
-
};
|
|
3291
3357
|
imports.wbg.__wbindgen_is_falsy = function (arg0) {
|
|
3292
3358
|
const ret = !getObject(arg0);
|
|
3293
3359
|
return ret;
|
|
@@ -3417,11 +3483,11 @@ function __wbg_get_imports() {
|
|
|
3417
3483
|
}, arguments);
|
|
3418
3484
|
};
|
|
3419
3485
|
imports.wbg.__wbindgen_closure_wrapper1985 = function (arg0, arg1, arg2) {
|
|
3420
|
-
const ret = makeMutClosure(arg0, arg1,
|
|
3486
|
+
const ret = makeMutClosure(arg0, arg1, 168, __wbg_adapter_52);
|
|
3421
3487
|
return addHeapObject(ret);
|
|
3422
3488
|
};
|
|
3423
|
-
imports.wbg.
|
|
3424
|
-
const ret = makeMutClosure(arg0, arg1,
|
|
3489
|
+
imports.wbg.__wbindgen_closure_wrapper4701 = function (arg0, arg1, arg2) {
|
|
3490
|
+
const ret = makeMutClosure(arg0, arg1, 168, __wbg_adapter_55);
|
|
3425
3491
|
return addHeapObject(ret);
|
|
3426
3492
|
};
|
|
3427
3493
|
return imports;
|
|
@@ -3477,6 +3543,7 @@ var exports = /*#__PURE__*/Object.freeze({
|
|
|
3477
3543
|
MemberAddedMessages: MemberAddedMessages,
|
|
3478
3544
|
NewAcmeAuthz: NewAcmeAuthz,
|
|
3479
3545
|
NewAcmeOrder: NewAcmeOrder,
|
|
3546
|
+
PerDomainTrustAnchor: PerDomainTrustAnchor,
|
|
3480
3547
|
ProposalBundle: ProposalBundle,
|
|
3481
3548
|
ProteusAutoPrekeyBundle: ProteusAutoPrekeyBundle,
|
|
3482
3549
|
RotateBundle: RotateBundle,
|
|
@@ -3489,7 +3556,7 @@ var exports = /*#__PURE__*/Object.freeze({
|
|
|
3489
3556
|
var wasm = async (opt = {}) => {
|
|
3490
3557
|
let {importHook, serverPath} = opt;
|
|
3491
3558
|
|
|
3492
|
-
let path = "assets/core_crypto_ffi-
|
|
3559
|
+
let path = "assets/core_crypto_ffi-b7eb1191.wasm";
|
|
3493
3560
|
|
|
3494
3561
|
if (serverPath != null) {
|
|
3495
3562
|
path = serverPath + /[^\/\\]*$/.exec(path)[0];
|
|
@@ -3897,8 +3964,8 @@ class CoreCrypto {
|
|
|
3897
3964
|
*/
|
|
3898
3965
|
async createConversation(conversationId, creatorCredentialType, configuration = {}) {
|
|
3899
3966
|
try {
|
|
3900
|
-
const { ciphersuite, externalSenders, custom = {} } = configuration || {};
|
|
3901
|
-
const config = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).ConversationConfiguration)(ciphersuite, externalSenders, custom?.keyRotationSpan);
|
|
3967
|
+
const { ciphersuite, externalSenders, custom = {}, perDomainTrustAnchors = [] } = configuration || {};
|
|
3968
|
+
const config = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).ConversationConfiguration)(ciphersuite, externalSenders, custom?.keyRotationSpan, custom?.wirePolicy, perDomainTrustAnchors);
|
|
3902
3969
|
const ret = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").create_conversation(conversationId, creatorCredentialType, config));
|
|
3903
3970
|
return ret;
|
|
3904
3971
|
}
|
|
@@ -3950,6 +4017,40 @@ class CoreCrypto {
|
|
|
3950
4017
|
async encryptMessage(conversationId, message) {
|
|
3951
4018
|
return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").encrypt_message(conversationId, message));
|
|
3952
4019
|
}
|
|
4020
|
+
/**
|
|
4021
|
+
* Updates the trust anchors for a conversation. This should be called when a federated event happens (new team added/removed).
|
|
4022
|
+
* Clients should add and/or remove trust anchors from the new backend to the conversation. The method will check
|
|
4023
|
+
* for duplicated domains and the validity of the certificate chain.
|
|
4024
|
+
*
|
|
4025
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
|
4026
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
|
4027
|
+
* epoch, use new encryption secrets etc...
|
|
4028
|
+
*
|
|
4029
|
+
* @param conversationId - The ID of the conversation
|
|
4030
|
+
* @param removeDomainNames - Domains to remove from the trust anchors
|
|
4031
|
+
* @param addTrustAnchors - New trust anchors to add to the conversation
|
|
4032
|
+
*
|
|
4033
|
+
* @returns A {@link CommitBundle}
|
|
4034
|
+
*/
|
|
4035
|
+
async update_trust_anchors_from_conversation(conversationId, removeDomainNames, addTrustAnchors) {
|
|
4036
|
+
try {
|
|
4037
|
+
const ffiRet = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").update_trust_anchors_from_conversation(conversationId, removeDomainNames, addTrustAnchors));
|
|
4038
|
+
const gi = ffiRet.group_info;
|
|
4039
|
+
const ret = {
|
|
4040
|
+
welcome: ffiRet.welcome,
|
|
4041
|
+
commit: ffiRet.commit,
|
|
4042
|
+
groupInfo: {
|
|
4043
|
+
encryptionType: gi.encryption_type,
|
|
4044
|
+
ratchetTreeType: gi.ratchet_tree_type,
|
|
4045
|
+
payload: gi.payload
|
|
4046
|
+
},
|
|
4047
|
+
};
|
|
4048
|
+
return ret;
|
|
4049
|
+
}
|
|
4050
|
+
catch (e) {
|
|
4051
|
+
throw CoreCryptoError.fromStdError(e);
|
|
4052
|
+
}
|
|
4053
|
+
}
|
|
3953
4054
|
/**
|
|
3954
4055
|
* Ingest a TLS-serialized MLS welcome message to join an existing MLS group
|
|
3955
4056
|
*
|
|
@@ -4496,34 +4597,34 @@ class CoreCrypto {
|
|
|
4496
4597
|
}
|
|
4497
4598
|
/**
|
|
4498
4599
|
* Generates an E2EI enrollment instance for a "regular" client (with a Basic credential) willing to migrate to E2EI.
|
|
4499
|
-
* As a consequence, this method does not support changing the ClientId which should remain the same as the Basic one.
|
|
4500
4600
|
* Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
4501
4601
|
*
|
|
4602
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
4502
4603
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
4503
4604
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
4504
4605
|
* @param expiryDays generated x509 certificate expiry
|
|
4505
4606
|
* @param ciphersuite - for generating signing key material
|
|
4506
4607
|
* @returns The new {@link WireE2eIdentity} object
|
|
4507
4608
|
*/
|
|
4508
|
-
async e2eiNewActivationEnrollment(displayName, handle, expiryDays, ciphersuite) {
|
|
4509
|
-
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_activation_enrollment(displayName, handle, expiryDays, ciphersuite));
|
|
4609
|
+
async e2eiNewActivationEnrollment(clientId, displayName, handle, expiryDays, ciphersuite) {
|
|
4610
|
+
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_activation_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
|
|
4510
4611
|
return new WireE2eIdentity(e2ei);
|
|
4511
4612
|
}
|
|
4512
4613
|
/**
|
|
4513
4614
|
* Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential)
|
|
4514
4615
|
* having to change/rotate their credential, either because the former one is expired or it
|
|
4515
|
-
* has been revoked.
|
|
4516
|
-
* should remain the same as the previous one. It lets you change the DisplayName or the handle
|
|
4616
|
+
* has been revoked. It lets you change the DisplayName or the handle
|
|
4517
4617
|
* if you need to. Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
4518
4618
|
*
|
|
4619
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
4519
4620
|
* @param expiryDays generated x509 certificate expiry
|
|
4520
4621
|
* @param ciphersuite - for generating signing key material
|
|
4521
4622
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
4522
4623
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
4523
4624
|
* @returns The new {@link WireE2eIdentity} object
|
|
4524
4625
|
*/
|
|
4525
|
-
async e2eiNewRotateEnrollment(expiryDays, ciphersuite, displayName, handle) {
|
|
4526
|
-
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_rotate_enrollment(displayName, handle, expiryDays, ciphersuite));
|
|
4626
|
+
async e2eiNewRotateEnrollment(clientId, expiryDays, ciphersuite, displayName, handle) {
|
|
4627
|
+
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_rotate_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
|
|
4527
4628
|
return new WireE2eIdentity(e2ei);
|
|
4528
4629
|
}
|
|
4529
4630
|
/**
|
|
Binary file
|