@wireapp/core-crypto 1.0.0-rc.1 → 1.0.0-rc.5
Sign up to get free protection for your applications and to get access to all the features.
package/package.json
CHANGED
|
Binary file
|
|
@@ -79,6 +79,24 @@ export interface ConversationConfiguration {
|
|
|
79
79
|
* Implementation specific configuration
|
|
80
80
|
*/
|
|
81
81
|
custom?: CustomConfiguration;
|
|
82
|
+
/**
|
|
83
|
+
* Trust anchors to be added in the group's context extensions
|
|
84
|
+
*/
|
|
85
|
+
perDomainTrustAnchors?: PerDomainTrustAnchor[];
|
|
86
|
+
}
|
|
87
|
+
/**
|
|
88
|
+
* A wrapper containing the configuration for trust anchors to be added in the group's context
|
|
89
|
+
* extensions
|
|
90
|
+
*/
|
|
91
|
+
export interface PerDomainTrustAnchor {
|
|
92
|
+
/**
|
|
93
|
+
* Domain name of the owning backend this anchor refers to. One of the certificate in the chain has to have this domain in its SANs
|
|
94
|
+
*/
|
|
95
|
+
domain_name: string;
|
|
96
|
+
/**
|
|
97
|
+
* PEM encoded (partial) certificate chain. This contains the certificate chain for the CA certificate issuing the E2E Identity certificates
|
|
98
|
+
*/
|
|
99
|
+
intermediate_certificate_chain: string;
|
|
82
100
|
}
|
|
83
101
|
/**
|
|
84
102
|
* see [core_crypto::prelude::MlsWirePolicy]
|
|
@@ -690,6 +708,22 @@ export declare class CoreCrypto {
|
|
|
690
708
|
* @returns The encrypted payload for the given group. This needs to be fanned out to the other members of the group.
|
|
691
709
|
*/
|
|
692
710
|
encryptMessage(conversationId: ConversationId, message: Uint8Array): Promise<Uint8Array>;
|
|
711
|
+
/**
|
|
712
|
+
* Updates the trust anchors for a conversation. This should be called when a federated event happens (new team added/removed).
|
|
713
|
+
* Clients should add and/or remove trust anchors from the new backend to the conversation. The method will check
|
|
714
|
+
* for duplicated domains and the validity of the certificate chain.
|
|
715
|
+
*
|
|
716
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
|
717
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
|
718
|
+
* epoch, use new encryption secrets etc...
|
|
719
|
+
*
|
|
720
|
+
* @param conversationId - The ID of the conversation
|
|
721
|
+
* @param removeDomainNames - Domains to remove from the trust anchors
|
|
722
|
+
* @param addTrustAnchors - New trust anchors to add to the conversation
|
|
723
|
+
*
|
|
724
|
+
* @returns A {@link CommitBundle}
|
|
725
|
+
*/
|
|
726
|
+
update_trust_anchors_from_conversation(conversationId: ConversationId, removeDomainNames: string[], addTrustAnchors: PerDomainTrustAnchor[]): Promise<CommitBundle>;
|
|
693
727
|
/**
|
|
694
728
|
* Ingest a TLS-serialized MLS welcome message to join an existing MLS group
|
|
695
729
|
*
|
|
@@ -1026,30 +1060,30 @@ export declare class CoreCrypto {
|
|
|
1026
1060
|
e2eiNewEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1027
1061
|
/**
|
|
1028
1062
|
* Generates an E2EI enrollment instance for a "regular" client (with a Basic credential) willing to migrate to E2EI.
|
|
1029
|
-
* As a consequence, this method does not support changing the ClientId which should remain the same as the Basic one.
|
|
1030
1063
|
* Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
1031
1064
|
*
|
|
1065
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
1032
1066
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
1033
1067
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
1034
1068
|
* @param expiryDays generated x509 certificate expiry
|
|
1035
1069
|
* @param ciphersuite - for generating signing key material
|
|
1036
1070
|
* @returns The new {@link WireE2eIdentity} object
|
|
1037
1071
|
*/
|
|
1038
|
-
e2eiNewActivationEnrollment(displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1072
|
+
e2eiNewActivationEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<WireE2eIdentity>;
|
|
1039
1073
|
/**
|
|
1040
1074
|
* Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential)
|
|
1041
1075
|
* having to change/rotate their credential, either because the former one is expired or it
|
|
1042
|
-
* has been revoked.
|
|
1043
|
-
* should remain the same as the previous one. It lets you change the DisplayName or the handle
|
|
1076
|
+
* has been revoked. It lets you change the DisplayName or the handle
|
|
1044
1077
|
* if you need to. Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
1045
1078
|
*
|
|
1079
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
1046
1080
|
* @param expiryDays generated x509 certificate expiry
|
|
1047
1081
|
* @param ciphersuite - for generating signing key material
|
|
1048
1082
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
1049
1083
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
1050
1084
|
* @returns The new {@link WireE2eIdentity} object
|
|
1051
1085
|
*/
|
|
1052
|
-
e2eiNewRotateEnrollment(expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string): Promise<WireE2eIdentity>;
|
|
1086
|
+
e2eiNewRotateEnrollment(clientId: string, expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string): Promise<WireE2eIdentity>;
|
|
1053
1087
|
/**
|
|
1054
1088
|
* Use this method to initialize end-to-end identity when a client signs up and the grace period is already expired ; that means he cannot initialize with a Basic credential
|
|
1055
1089
|
*
|
|
@@ -1087,9 +1121,16 @@ export declare class CoreCrypto {
|
|
|
1087
1121
|
* Credential generated by Wire's end-to-end identity enrollment
|
|
1088
1122
|
*
|
|
1089
1123
|
* @param conversationId The group's ID
|
|
1090
|
-
* @returns
|
|
1124
|
+
* @returns the conversation state given current members
|
|
1091
1125
|
*/
|
|
1092
|
-
|
|
1126
|
+
e2eiConversationState(conversationId: ConversationId): Promise<E2eiConversationState>;
|
|
1127
|
+
/**
|
|
1128
|
+
* Returns true when end-to-end-identity is enabled for the given Ciphersuite
|
|
1129
|
+
*
|
|
1130
|
+
* @param ciphersuite of the credential to check
|
|
1131
|
+
* @returns true end-to-end identity is enabled for the given ciphersuite
|
|
1132
|
+
*/
|
|
1133
|
+
e2eiIsEnabled(ciphersuite: Ciphersuite): Promise<boolean>;
|
|
1093
1134
|
/**
|
|
1094
1135
|
* Returns the current version of {@link CoreCrypto}
|
|
1095
1136
|
*
|
|
@@ -1325,5 +1366,24 @@ export interface AcmeChallenge {
|
|
|
1325
1366
|
*/
|
|
1326
1367
|
target: string;
|
|
1327
1368
|
}
|
|
1369
|
+
/**
|
|
1370
|
+
* Indicates the state of a Conversation regarding end-to-end identity.
|
|
1371
|
+
* Note: this does not check pending state (pending commit, pending proposals) so it does not
|
|
1372
|
+
* consider members about to be added/removed
|
|
1373
|
+
*/
|
|
1374
|
+
export declare enum E2eiConversationState {
|
|
1375
|
+
/**
|
|
1376
|
+
* All clients have a valid E2EI certificate
|
|
1377
|
+
*/
|
|
1378
|
+
Verified = 1,
|
|
1379
|
+
/**
|
|
1380
|
+
* Some clients are either still Basic or their certificate is expired
|
|
1381
|
+
*/
|
|
1382
|
+
Degraded = 2,
|
|
1383
|
+
/**
|
|
1384
|
+
* All clients are still Basic. If all client have expired certificates, Degraded is returned.
|
|
1385
|
+
*/
|
|
1386
|
+
NotEnabled = 3
|
|
1387
|
+
}
|
|
1328
1388
|
|
|
1329
1389
|
export {};
|
|
@@ -39,14 +39,6 @@ const heap = new Array(128).fill(undefined);
|
|
|
39
39
|
heap.push(undefined, null, true, false);
|
|
40
40
|
function getObject(idx) { return heap[idx]; }
|
|
41
41
|
let heap_next = heap.length;
|
|
42
|
-
function addHeapObject(obj) {
|
|
43
|
-
if (heap_next === heap.length)
|
|
44
|
-
heap.push(heap.length + 1);
|
|
45
|
-
const idx = heap_next;
|
|
46
|
-
heap_next = heap[idx];
|
|
47
|
-
heap[idx] = obj;
|
|
48
|
-
return idx;
|
|
49
|
-
}
|
|
50
42
|
function dropObject(idx) {
|
|
51
43
|
if (idx < 132)
|
|
52
44
|
return;
|
|
@@ -58,6 +50,14 @@ function takeObject(idx) {
|
|
|
58
50
|
dropObject(idx);
|
|
59
51
|
return ret;
|
|
60
52
|
}
|
|
53
|
+
function addHeapObject(obj) {
|
|
54
|
+
if (heap_next === heap.length)
|
|
55
|
+
heap.push(heap.length + 1);
|
|
56
|
+
const idx = heap_next;
|
|
57
|
+
heap_next = heap[idx];
|
|
58
|
+
heap[idx] = obj;
|
|
59
|
+
return idx;
|
|
60
|
+
}
|
|
61
61
|
const cachedTextDecoder = (typeof TextDecoder !== 'undefined' ? new TextDecoder('utf-8', { ignoreBOM: true, fatal: true }) : { decode: () => { throw Error('TextDecoder not available'); } });
|
|
62
62
|
if (typeof TextDecoder !== 'undefined') {
|
|
63
63
|
cachedTextDecoder.decode();
|
|
@@ -234,12 +234,12 @@ function makeMutClosure(arg0, arg1, dtor, f) {
|
|
|
234
234
|
return real;
|
|
235
235
|
}
|
|
236
236
|
function __wbg_adapter_52(arg0, arg1, arg2) {
|
|
237
|
-
wasm$1.
|
|
237
|
+
wasm$1.wasm_bindgen__convert__closures__invoke1_mut__hb865a4e905934256(arg0, arg1, addHeapObject(arg2));
|
|
238
238
|
}
|
|
239
239
|
function __wbg_adapter_55(arg0, arg1, arg2) {
|
|
240
240
|
try {
|
|
241
241
|
const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
|
|
242
|
-
wasm$1.
|
|
242
|
+
wasm$1.wasm_bindgen__convert__closures__invoke1_mut__h2720c46d5ff6c929(retptr, arg0, arg1, addHeapObject(arg2));
|
|
243
243
|
var r0 = getInt32Memory0()[retptr / 4 + 0];
|
|
244
244
|
var r1 = getInt32Memory0()[retptr / 4 + 1];
|
|
245
245
|
if (r1) {
|
|
@@ -313,8 +313,8 @@ function handleError(f, args) {
|
|
|
313
313
|
wasm$1.__wbindgen_exn_store(addHeapObject(e));
|
|
314
314
|
}
|
|
315
315
|
}
|
|
316
|
-
function
|
|
317
|
-
wasm$1.
|
|
316
|
+
function __wbg_adapter_299(arg0, arg1, arg2, arg3) {
|
|
317
|
+
wasm$1.wasm_bindgen__convert__closures__invoke2_mut__h22687e7c7a9c3c35(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
|
|
318
318
|
}
|
|
319
319
|
/**
|
|
320
320
|
* see [core_crypto::prelude::MlsWirePolicy]
|
|
@@ -617,12 +617,25 @@ class ConversationConfiguration {
|
|
|
617
617
|
* @param {(Uint8Array)[] | undefined} external_senders
|
|
618
618
|
* @param {number | undefined} key_rotation_span
|
|
619
619
|
* @param {number | undefined} wire_policy
|
|
620
|
+
* @param {Array<any>} per_domain_trust_anchors
|
|
620
621
|
*/
|
|
621
|
-
constructor(ciphersuite, external_senders, key_rotation_span, wire_policy) {
|
|
622
|
-
|
|
623
|
-
|
|
624
|
-
|
|
625
|
-
|
|
622
|
+
constructor(ciphersuite, external_senders, key_rotation_span, wire_policy, per_domain_trust_anchors) {
|
|
623
|
+
try {
|
|
624
|
+
const retptr = wasm$1.__wbindgen_add_to_stack_pointer(-16);
|
|
625
|
+
var ptr0 = isLikeNone(external_senders) ? 0 : passArrayJsValueToWasm0(external_senders, wasm$1.__wbindgen_malloc);
|
|
626
|
+
var len0 = WASM_VECTOR_LEN;
|
|
627
|
+
wasm$1.conversationconfiguration_new(retptr, isLikeNone(ciphersuite) ? 8 : ciphersuite, ptr0, len0, !isLikeNone(key_rotation_span), isLikeNone(key_rotation_span) ? 0 : key_rotation_span, isLikeNone(wire_policy) ? 3 : wire_policy, addHeapObject(per_domain_trust_anchors));
|
|
628
|
+
var r0 = getInt32Memory0()[retptr / 4 + 0];
|
|
629
|
+
var r1 = getInt32Memory0()[retptr / 4 + 1];
|
|
630
|
+
var r2 = getInt32Memory0()[retptr / 4 + 2];
|
|
631
|
+
if (r2) {
|
|
632
|
+
throw takeObject(r1);
|
|
633
|
+
}
|
|
634
|
+
return ConversationConfiguration.__wrap(r0);
|
|
635
|
+
}
|
|
636
|
+
finally {
|
|
637
|
+
wasm$1.__wbindgen_add_to_stack_pointer(16);
|
|
638
|
+
}
|
|
626
639
|
}
|
|
627
640
|
}
|
|
628
641
|
/**
|
|
@@ -702,36 +715,42 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
702
715
|
* Returns: [`WasmCryptoResult<WireE2eIdentity>`]
|
|
703
716
|
*
|
|
704
717
|
* see [core_crypto::mls::MlsCentral::e2ei_new_activation_enrollment]
|
|
718
|
+
* @param {string} client_id
|
|
705
719
|
* @param {string} display_name
|
|
706
720
|
* @param {string} handle
|
|
707
721
|
* @param {number} expiry_days
|
|
708
722
|
* @param {number} ciphersuite
|
|
709
723
|
* @returns {Promise<any>}
|
|
710
724
|
*/
|
|
711
|
-
e2ei_new_activation_enrollment(display_name, handle, expiry_days, ciphersuite) {
|
|
712
|
-
const ptr0 = passStringToWasm0(
|
|
725
|
+
e2ei_new_activation_enrollment(client_id, display_name, handle, expiry_days, ciphersuite) {
|
|
726
|
+
const ptr0 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
713
727
|
const len0 = WASM_VECTOR_LEN;
|
|
714
|
-
const ptr1 = passStringToWasm0(
|
|
728
|
+
const ptr1 = passStringToWasm0(display_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
715
729
|
const len1 = WASM_VECTOR_LEN;
|
|
716
|
-
const
|
|
730
|
+
const ptr2 = passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
731
|
+
const len2 = WASM_VECTOR_LEN;
|
|
732
|
+
const ret = wasm$1.corecrypto_e2ei_new_activation_enrollment(this.__wbg_ptr, ptr0, len0, ptr1, len1, ptr2, len2, expiry_days, ciphersuite);
|
|
717
733
|
return takeObject(ret);
|
|
718
734
|
}
|
|
719
735
|
/**
|
|
720
736
|
* Returns: [`WasmCryptoResult<WireE2eIdentity>`]
|
|
721
737
|
*
|
|
722
738
|
* see [core_crypto::mls::MlsCentral::e2ei_new_rotate_enrollment]
|
|
739
|
+
* @param {string} client_id
|
|
723
740
|
* @param {string | undefined} display_name
|
|
724
741
|
* @param {string | undefined} handle
|
|
725
742
|
* @param {number} expiry_days
|
|
726
743
|
* @param {number} ciphersuite
|
|
727
744
|
* @returns {Promise<any>}
|
|
728
745
|
*/
|
|
729
|
-
e2ei_new_rotate_enrollment(display_name, handle, expiry_days, ciphersuite) {
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
var ptr1 = isLikeNone(
|
|
746
|
+
e2ei_new_rotate_enrollment(client_id, display_name, handle, expiry_days, ciphersuite) {
|
|
747
|
+
const ptr0 = passStringToWasm0(client_id, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
748
|
+
const len0 = WASM_VECTOR_LEN;
|
|
749
|
+
var ptr1 = isLikeNone(display_name) ? 0 : passStringToWasm0(display_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
733
750
|
var len1 = WASM_VECTOR_LEN;
|
|
734
|
-
|
|
751
|
+
var ptr2 = isLikeNone(handle) ? 0 : passStringToWasm0(handle, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
752
|
+
var len2 = WASM_VECTOR_LEN;
|
|
753
|
+
const ret = wasm$1.corecrypto_e2ei_new_rotate_enrollment(this.__wbg_ptr, ptr0, len0, ptr1, len1, ptr2, len2, expiry_days, ciphersuite);
|
|
735
754
|
return takeObject(ret);
|
|
736
755
|
}
|
|
737
756
|
/**
|
|
@@ -788,14 +807,25 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
788
807
|
/**
|
|
789
808
|
* Returns [`WasmCryptoResult<bool>`]
|
|
790
809
|
*
|
|
791
|
-
* see [core_crypto::mls::MlsCentral::
|
|
810
|
+
* see [core_crypto::mls::MlsCentral::e2ei_conversation_state]
|
|
792
811
|
* @param {Uint8Array} conversation_id
|
|
793
812
|
* @returns {Promise<any>}
|
|
794
813
|
*/
|
|
795
|
-
|
|
814
|
+
e2ei_conversation_state(conversation_id) {
|
|
796
815
|
const ptr0 = passArray8ToWasm0(conversation_id, wasm$1.__wbindgen_malloc);
|
|
797
816
|
const len0 = WASM_VECTOR_LEN;
|
|
798
|
-
const ret = wasm$1.
|
|
817
|
+
const ret = wasm$1.corecrypto_e2ei_conversation_state(this.__wbg_ptr, ptr0, len0);
|
|
818
|
+
return takeObject(ret);
|
|
819
|
+
}
|
|
820
|
+
/**
|
|
821
|
+
* Returns [`WasmCryptoResult<bool>`]
|
|
822
|
+
*
|
|
823
|
+
* see [core_crypto::mls::MlsCentral::e2ei_is_enabled]
|
|
824
|
+
* @param {number} ciphersuite
|
|
825
|
+
* @returns {Promise<any>}
|
|
826
|
+
*/
|
|
827
|
+
e2ei_is_enabled(ciphersuite) {
|
|
828
|
+
const ret = wasm$1.corecrypto_e2ei_is_enabled(this.__wbg_ptr, ciphersuite);
|
|
799
829
|
return takeObject(ret);
|
|
800
830
|
}
|
|
801
831
|
/**
|
|
@@ -1177,9 +1207,26 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1177
1207
|
return takeObject(ret);
|
|
1178
1208
|
}
|
|
1179
1209
|
/**
|
|
1210
|
+
* Returns: [`WasmCryptoResult<CommitBundle>`]
|
|
1211
|
+
*
|
|
1212
|
+
* see [core_crypto::mls::MlsCentral::update_trust_anchors_from_conversation]
|
|
1213
|
+
* @param {Uint8Array} conversation_id
|
|
1214
|
+
* @param {(string)[]} remove_domain_names
|
|
1215
|
+
* @param {Array<any>} add_trust_anchors
|
|
1216
|
+
* @returns {Promise<any>}
|
|
1217
|
+
*/
|
|
1218
|
+
update_trust_anchors_from_conversation(conversation_id, remove_domain_names, add_trust_anchors) {
|
|
1219
|
+
const ptr0 = passArray8ToWasm0(conversation_id, wasm$1.__wbindgen_malloc);
|
|
1220
|
+
const len0 = WASM_VECTOR_LEN;
|
|
1221
|
+
const ptr1 = passArrayJsValueToWasm0(remove_domain_names, wasm$1.__wbindgen_malloc);
|
|
1222
|
+
const len1 = WASM_VECTOR_LEN;
|
|
1223
|
+
const ret = wasm$1.corecrypto_update_trust_anchors_from_conversation(this.__wbg_ptr, ptr0, len0, ptr1, len1, addHeapObject(add_trust_anchors));
|
|
1224
|
+
return takeObject(ret);
|
|
1225
|
+
}
|
|
1226
|
+
/**
|
|
1180
1227
|
* Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
|
|
1181
1228
|
*
|
|
1182
|
-
* see [core_crypto::mls::MlsCentral::
|
|
1229
|
+
* see [core_crypto::mls::MlsCentral::new_add_proposal]
|
|
1183
1230
|
* @param {Uint8Array} conversation_id
|
|
1184
1231
|
* @param {Uint8Array} keypackage
|
|
1185
1232
|
* @returns {Promise<any>}
|
|
@@ -1195,7 +1242,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1195
1242
|
/**
|
|
1196
1243
|
* Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
|
|
1197
1244
|
*
|
|
1198
|
-
* see [core_crypto::mls::MlsCentral::
|
|
1245
|
+
* see [core_crypto::mls::MlsCentral::new_update_proposal]
|
|
1199
1246
|
* @param {Uint8Array} conversation_id
|
|
1200
1247
|
* @returns {Promise<any>}
|
|
1201
1248
|
*/
|
|
@@ -1208,7 +1255,7 @@ let CoreCrypto$1 = class CoreCrypto {
|
|
|
1208
1255
|
/**
|
|
1209
1256
|
* Returns: [`WasmCryptoResult<js_sys::Uint8Array>`]
|
|
1210
1257
|
*
|
|
1211
|
-
* see [core_crypto::mls::MlsCentral::
|
|
1258
|
+
* see [core_crypto::mls::MlsCentral::new_remove_proposal]
|
|
1212
1259
|
* @param {Uint8Array} conversation_id
|
|
1213
1260
|
* @param {Uint8Array} client_id
|
|
1214
1261
|
* @returns {Promise<any>}
|
|
@@ -2436,6 +2483,37 @@ class NewAcmeOrder {
|
|
|
2436
2483
|
}
|
|
2437
2484
|
/**
|
|
2438
2485
|
*/
|
|
2486
|
+
class PerDomainTrustAnchor {
|
|
2487
|
+
static __wrap(ptr) {
|
|
2488
|
+
ptr = ptr >>> 0;
|
|
2489
|
+
const obj = Object.create(PerDomainTrustAnchor.prototype);
|
|
2490
|
+
obj.__wbg_ptr = ptr;
|
|
2491
|
+
return obj;
|
|
2492
|
+
}
|
|
2493
|
+
__destroy_into_raw() {
|
|
2494
|
+
const ptr = this.__wbg_ptr;
|
|
2495
|
+
this.__wbg_ptr = 0;
|
|
2496
|
+
return ptr;
|
|
2497
|
+
}
|
|
2498
|
+
free() {
|
|
2499
|
+
const ptr = this.__destroy_into_raw();
|
|
2500
|
+
wasm$1.__wbg_perdomaintrustanchor_free(ptr);
|
|
2501
|
+
}
|
|
2502
|
+
/**
|
|
2503
|
+
* @param {string} domain_name
|
|
2504
|
+
* @param {string} intermediate_certificate_chain
|
|
2505
|
+
*/
|
|
2506
|
+
constructor(domain_name, intermediate_certificate_chain) {
|
|
2507
|
+
const ptr0 = passStringToWasm0(domain_name, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
2508
|
+
const len0 = WASM_VECTOR_LEN;
|
|
2509
|
+
const ptr1 = passStringToWasm0(intermediate_certificate_chain, wasm$1.__wbindgen_malloc, wasm$1.__wbindgen_realloc);
|
|
2510
|
+
const len1 = WASM_VECTOR_LEN;
|
|
2511
|
+
const ret = wasm$1.perdomaintrustanchor_new(ptr0, len0, ptr1, len1);
|
|
2512
|
+
return PerDomainTrustAnchor.__wrap(ret);
|
|
2513
|
+
}
|
|
2514
|
+
}
|
|
2515
|
+
/**
|
|
2516
|
+
*/
|
|
2439
2517
|
class ProposalBundle {
|
|
2440
2518
|
static __wrap(ptr) {
|
|
2441
2519
|
ptr = ptr >>> 0;
|
|
@@ -2727,6 +2805,9 @@ async function __wbg_load(module, imports) {
|
|
|
2727
2805
|
function __wbg_get_imports() {
|
|
2728
2806
|
const imports = {};
|
|
2729
2807
|
imports.wbg = {};
|
|
2808
|
+
imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
|
|
2809
|
+
takeObject(arg0);
|
|
2810
|
+
};
|
|
2730
2811
|
imports.wbg.__wbindgen_object_clone_ref = function (arg0) {
|
|
2731
2812
|
const ret = getObject(arg0);
|
|
2732
2813
|
return addHeapObject(ret);
|
|
@@ -2736,9 +2817,6 @@ function __wbg_get_imports() {
|
|
|
2736
2817
|
const ret = typeof (val) === 'object' && val !== null;
|
|
2737
2818
|
return ret;
|
|
2738
2819
|
};
|
|
2739
|
-
imports.wbg.__wbindgen_object_drop_ref = function (arg0) {
|
|
2740
|
-
takeObject(arg0);
|
|
2741
|
-
};
|
|
2742
2820
|
imports.wbg.__wbg_getwithrefkey_5e6d9547403deab8 = function (arg0, arg1) {
|
|
2743
2821
|
const ret = getObject(arg0)[getObject(arg1)];
|
|
2744
2822
|
return addHeapObject(ret);
|
|
@@ -2797,41 +2875,41 @@ function __wbg_get_imports() {
|
|
|
2797
2875
|
return addHeapObject(ret);
|
|
2798
2876
|
}, arguments);
|
|
2799
2877
|
};
|
|
2800
|
-
imports.wbg.
|
|
2801
|
-
const ret =
|
|
2878
|
+
imports.wbg.__wbindgen_number_new = function (arg0) {
|
|
2879
|
+
const ret = arg0;
|
|
2802
2880
|
return addHeapObject(ret);
|
|
2803
2881
|
};
|
|
2804
2882
|
imports.wbg.__wbg_new_898a68150f225f2e = function () {
|
|
2805
2883
|
const ret = new Array();
|
|
2806
2884
|
return addHeapObject(ret);
|
|
2807
2885
|
};
|
|
2808
|
-
imports.wbg.
|
|
2809
|
-
|
|
2810
|
-
return ret;
|
|
2886
|
+
imports.wbg.__wbg_set_502d29070ea18557 = function (arg0, arg1, arg2) {
|
|
2887
|
+
getObject(arg0)[arg1 >>> 0] = takeObject(arg2);
|
|
2811
2888
|
};
|
|
2812
|
-
imports.wbg.
|
|
2813
|
-
const ret =
|
|
2889
|
+
imports.wbg.__wbg_new_8125e318e6245eed = function (arg0) {
|
|
2890
|
+
const ret = new Uint8Array(getObject(arg0));
|
|
2891
|
+
return addHeapObject(ret);
|
|
2892
|
+
};
|
|
2893
|
+
imports.wbg.__wbg_new_b51585de1b234aff = function () {
|
|
2894
|
+
const ret = new Object();
|
|
2814
2895
|
return addHeapObject(ret);
|
|
2815
2896
|
};
|
|
2816
2897
|
imports.wbg.__wbg_proteusautoprekeybundle_new = function (arg0) {
|
|
2817
2898
|
const ret = ProteusAutoPrekeyBundle.__wrap(arg0);
|
|
2818
2899
|
return addHeapObject(ret);
|
|
2819
2900
|
};
|
|
2820
|
-
imports.wbg.
|
|
2821
|
-
const ret =
|
|
2822
|
-
return
|
|
2901
|
+
imports.wbg.__wbg_push_ca1c26067ef907ac = function (arg0, arg1) {
|
|
2902
|
+
const ret = getObject(arg0).push(getObject(arg1));
|
|
2903
|
+
return ret;
|
|
2823
2904
|
};
|
|
2824
|
-
imports.wbg.
|
|
2825
|
-
|
|
2905
|
+
imports.wbg.__wbg_ffiwiree2eidentity_new = function (arg0) {
|
|
2906
|
+
const ret = FfiWireE2EIdentity.__wrap(arg0);
|
|
2907
|
+
return addHeapObject(ret);
|
|
2826
2908
|
};
|
|
2827
2909
|
imports.wbg.__wbindgen_bigint_from_u64 = function (arg0) {
|
|
2828
2910
|
const ret = BigInt.asUintN(64, arg0);
|
|
2829
2911
|
return addHeapObject(ret);
|
|
2830
2912
|
};
|
|
2831
|
-
imports.wbg.__wbindgen_number_new = function (arg0) {
|
|
2832
|
-
const ret = arg0;
|
|
2833
|
-
return addHeapObject(ret);
|
|
2834
|
-
};
|
|
2835
2913
|
imports.wbg.__wbg_new_56693dbed0c32988 = function () {
|
|
2836
2914
|
const ret = new Map();
|
|
2837
2915
|
return addHeapObject(ret);
|
|
@@ -2840,6 +2918,9 @@ function __wbg_get_imports() {
|
|
|
2840
2918
|
const ret = getObject(arg0).set(getObject(arg1), getObject(arg2));
|
|
2841
2919
|
return addHeapObject(ret);
|
|
2842
2920
|
};
|
|
2921
|
+
imports.wbg.__wbg_set_841ac57cff3d672b = function (arg0, arg1, arg2) {
|
|
2922
|
+
getObject(arg0)[takeObject(arg1)] = takeObject(arg2);
|
|
2923
|
+
};
|
|
2843
2924
|
imports.wbg.__wbg_new_d258248ed531ff54 = function (arg0, arg1) {
|
|
2844
2925
|
const ret = new Error(getStringFromWasm0(arg0, arg1));
|
|
2845
2926
|
return addHeapObject(ret);
|
|
@@ -2912,9 +2993,6 @@ function __wbg_get_imports() {
|
|
|
2912
2993
|
const ret = CoreCrypto$1.__wrap(arg0);
|
|
2913
2994
|
return addHeapObject(ret);
|
|
2914
2995
|
};
|
|
2915
|
-
imports.wbg.__wbg_set_841ac57cff3d672b = function (arg0, arg1, arg2) {
|
|
2916
|
-
getObject(arg0)[takeObject(arg1)] = takeObject(arg2);
|
|
2917
|
-
};
|
|
2918
2996
|
imports.wbg.__wbg_instanceof_Promise_0e98a5bf082e090f = function (arg0) {
|
|
2919
2997
|
let result;
|
|
2920
2998
|
try {
|
|
@@ -2966,7 +3044,7 @@ function __wbg_get_imports() {
|
|
|
2966
3044
|
const a = state0.a;
|
|
2967
3045
|
state0.a = 0;
|
|
2968
3046
|
try {
|
|
2969
|
-
return
|
|
3047
|
+
return __wbg_adapter_299(a, state0.b, arg0, arg1);
|
|
2970
3048
|
}
|
|
2971
3049
|
finally {
|
|
2972
3050
|
state0.a = a;
|
|
@@ -3415,11 +3493,11 @@ function __wbg_get_imports() {
|
|
|
3415
3493
|
return addHeapObject(ret);
|
|
3416
3494
|
}, arguments);
|
|
3417
3495
|
};
|
|
3418
|
-
imports.wbg.
|
|
3496
|
+
imports.wbg.__wbindgen_closure_wrapper1966 = function (arg0, arg1, arg2) {
|
|
3419
3497
|
const ret = makeMutClosure(arg0, arg1, 166, __wbg_adapter_52);
|
|
3420
3498
|
return addHeapObject(ret);
|
|
3421
3499
|
};
|
|
3422
|
-
imports.wbg.
|
|
3500
|
+
imports.wbg.__wbindgen_closure_wrapper4730 = function (arg0, arg1, arg2) {
|
|
3423
3501
|
const ret = makeMutClosure(arg0, arg1, 166, __wbg_adapter_55);
|
|
3424
3502
|
return addHeapObject(ret);
|
|
3425
3503
|
};
|
|
@@ -3476,6 +3554,7 @@ var exports = /*#__PURE__*/Object.freeze({
|
|
|
3476
3554
|
MemberAddedMessages: MemberAddedMessages,
|
|
3477
3555
|
NewAcmeAuthz: NewAcmeAuthz,
|
|
3478
3556
|
NewAcmeOrder: NewAcmeOrder,
|
|
3557
|
+
PerDomainTrustAnchor: PerDomainTrustAnchor,
|
|
3479
3558
|
ProposalBundle: ProposalBundle,
|
|
3480
3559
|
ProteusAutoPrekeyBundle: ProteusAutoPrekeyBundle,
|
|
3481
3560
|
RotateBundle: RotateBundle,
|
|
@@ -3488,7 +3567,7 @@ var exports = /*#__PURE__*/Object.freeze({
|
|
|
3488
3567
|
var wasm = async (opt = {}) => {
|
|
3489
3568
|
let {importHook, serverPath} = opt;
|
|
3490
3569
|
|
|
3491
|
-
let path = "assets/core_crypto_ffi-
|
|
3570
|
+
let path = "assets/core_crypto_ffi-9ad99558.wasm";
|
|
3492
3571
|
|
|
3493
3572
|
if (serverPath != null) {
|
|
3494
3573
|
path = serverPath + /[^\/\\]*$/.exec(path)[0];
|
|
@@ -3896,8 +3975,8 @@ class CoreCrypto {
|
|
|
3896
3975
|
*/
|
|
3897
3976
|
async createConversation(conversationId, creatorCredentialType, configuration = {}) {
|
|
3898
3977
|
try {
|
|
3899
|
-
const { ciphersuite, externalSenders, custom = {} } = configuration || {};
|
|
3900
|
-
const config = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).ConversationConfiguration)(ciphersuite, externalSenders, custom?.keyRotationSpan);
|
|
3978
|
+
const { ciphersuite, externalSenders, custom = {}, perDomainTrustAnchors = [] } = configuration || {};
|
|
3979
|
+
const config = new (__classPrivateFieldGet(CoreCrypto, _a, "f", _CoreCrypto_module).ConversationConfiguration)(ciphersuite, externalSenders, custom?.keyRotationSpan, custom?.wirePolicy, perDomainTrustAnchors);
|
|
3901
3980
|
const ret = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").create_conversation(conversationId, creatorCredentialType, config));
|
|
3902
3981
|
return ret;
|
|
3903
3982
|
}
|
|
@@ -3949,6 +4028,40 @@ class CoreCrypto {
|
|
|
3949
4028
|
async encryptMessage(conversationId, message) {
|
|
3950
4029
|
return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").encrypt_message(conversationId, message));
|
|
3951
4030
|
}
|
|
4031
|
+
/**
|
|
4032
|
+
* Updates the trust anchors for a conversation. This should be called when a federated event happens (new team added/removed).
|
|
4033
|
+
* Clients should add and/or remove trust anchors from the new backend to the conversation. The method will check
|
|
4034
|
+
* for duplicated domains and the validity of the certificate chain.
|
|
4035
|
+
*
|
|
4036
|
+
* **CAUTION**: {@link CoreCrypto.commitAccepted} **HAS TO** be called afterwards **ONLY IF** the Delivery Service responds
|
|
4037
|
+
* '200 OK' to the {@link CommitBundle} upload. It will "merge" the commit locally i.e. increment the local group
|
|
4038
|
+
* epoch, use new encryption secrets etc...
|
|
4039
|
+
*
|
|
4040
|
+
* @param conversationId - The ID of the conversation
|
|
4041
|
+
* @param removeDomainNames - Domains to remove from the trust anchors
|
|
4042
|
+
* @param addTrustAnchors - New trust anchors to add to the conversation
|
|
4043
|
+
*
|
|
4044
|
+
* @returns A {@link CommitBundle}
|
|
4045
|
+
*/
|
|
4046
|
+
async update_trust_anchors_from_conversation(conversationId, removeDomainNames, addTrustAnchors) {
|
|
4047
|
+
try {
|
|
4048
|
+
const ffiRet = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").update_trust_anchors_from_conversation(conversationId, removeDomainNames, addTrustAnchors));
|
|
4049
|
+
const gi = ffiRet.group_info;
|
|
4050
|
+
const ret = {
|
|
4051
|
+
welcome: ffiRet.welcome,
|
|
4052
|
+
commit: ffiRet.commit,
|
|
4053
|
+
groupInfo: {
|
|
4054
|
+
encryptionType: gi.encryption_type,
|
|
4055
|
+
ratchetTreeType: gi.ratchet_tree_type,
|
|
4056
|
+
payload: gi.payload
|
|
4057
|
+
},
|
|
4058
|
+
};
|
|
4059
|
+
return ret;
|
|
4060
|
+
}
|
|
4061
|
+
catch (e) {
|
|
4062
|
+
throw CoreCryptoError.fromStdError(e);
|
|
4063
|
+
}
|
|
4064
|
+
}
|
|
3952
4065
|
/**
|
|
3953
4066
|
* Ingest a TLS-serialized MLS welcome message to join an existing MLS group
|
|
3954
4067
|
*
|
|
@@ -4495,34 +4608,34 @@ class CoreCrypto {
|
|
|
4495
4608
|
}
|
|
4496
4609
|
/**
|
|
4497
4610
|
* Generates an E2EI enrollment instance for a "regular" client (with a Basic credential) willing to migrate to E2EI.
|
|
4498
|
-
* As a consequence, this method does not support changing the ClientId which should remain the same as the Basic one.
|
|
4499
4611
|
* Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
4500
4612
|
*
|
|
4613
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
4501
4614
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
4502
4615
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
4503
4616
|
* @param expiryDays generated x509 certificate expiry
|
|
4504
4617
|
* @param ciphersuite - for generating signing key material
|
|
4505
4618
|
* @returns The new {@link WireE2eIdentity} object
|
|
4506
4619
|
*/
|
|
4507
|
-
async e2eiNewActivationEnrollment(displayName, handle, expiryDays, ciphersuite) {
|
|
4508
|
-
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_activation_enrollment(displayName, handle, expiryDays, ciphersuite));
|
|
4620
|
+
async e2eiNewActivationEnrollment(clientId, displayName, handle, expiryDays, ciphersuite) {
|
|
4621
|
+
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_activation_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
|
|
4509
4622
|
return new WireE2eIdentity(e2ei);
|
|
4510
4623
|
}
|
|
4511
4624
|
/**
|
|
4512
4625
|
* Generates an E2EI enrollment instance for a E2EI client (with a X509 certificate credential)
|
|
4513
4626
|
* having to change/rotate their credential, either because the former one is expired or it
|
|
4514
|
-
* has been revoked.
|
|
4515
|
-
* should remain the same as the previous one. It lets you change the DisplayName or the handle
|
|
4627
|
+
* has been revoked. It lets you change the DisplayName or the handle
|
|
4516
4628
|
* if you need to. Once the enrollment is finished, use the instance in {@link CoreCrypto.e2eiRotateAll} to do the rotation.
|
|
4517
4629
|
*
|
|
4630
|
+
* @param clientId client identifier with user b64Url encoded & clientId hex encoded e.g. `NDUyMGUyMmY2YjA3NGU3NjkyZjE1NjJjZTAwMmQ2NTQ:6add501bacd1d90e@example.com`
|
|
4518
4631
|
* @param expiryDays generated x509 certificate expiry
|
|
4519
4632
|
* @param ciphersuite - for generating signing key material
|
|
4520
4633
|
* @param displayName human readable name displayed in the application e.g. `Smith, Alice M (QA)`
|
|
4521
4634
|
* @param handle user handle e.g. `alice.smith.qa@example.com`
|
|
4522
4635
|
* @returns The new {@link WireE2eIdentity} object
|
|
4523
4636
|
*/
|
|
4524
|
-
async e2eiNewRotateEnrollment(expiryDays, ciphersuite, displayName, handle) {
|
|
4525
|
-
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_rotate_enrollment(displayName, handle, expiryDays, ciphersuite));
|
|
4637
|
+
async e2eiNewRotateEnrollment(clientId, expiryDays, ciphersuite, displayName, handle) {
|
|
4638
|
+
const e2ei = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_new_rotate_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
|
|
4526
4639
|
return new WireE2eIdentity(e2ei);
|
|
4527
4640
|
}
|
|
4528
4641
|
/**
|
|
@@ -4571,10 +4684,21 @@ class CoreCrypto {
|
|
|
4571
4684
|
* Credential generated by Wire's end-to-end identity enrollment
|
|
4572
4685
|
*
|
|
4573
4686
|
* @param conversationId The group's ID
|
|
4574
|
-
* @returns
|
|
4687
|
+
* @returns the conversation state given current members
|
|
4688
|
+
*/
|
|
4689
|
+
async e2eiConversationState(conversationId) {
|
|
4690
|
+
let state = await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_conversation_state(conversationId));
|
|
4691
|
+
// @ts-ignore
|
|
4692
|
+
return E2eiConversationState[E2eiConversationState[state]];
|
|
4693
|
+
}
|
|
4694
|
+
/**
|
|
4695
|
+
* Returns true when end-to-end-identity is enabled for the given Ciphersuite
|
|
4696
|
+
*
|
|
4697
|
+
* @param ciphersuite of the credential to check
|
|
4698
|
+
* @returns true end-to-end identity is enabled for the given ciphersuite
|
|
4575
4699
|
*/
|
|
4576
|
-
async
|
|
4577
|
-
return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").
|
|
4700
|
+
async e2eiIsEnabled(ciphersuite) {
|
|
4701
|
+
return await CoreCryptoError.asyncMapErr(__classPrivateFieldGet(this, _CoreCrypto_cc, "f").e2ei_is_enabled(ciphersuite));
|
|
4578
4702
|
}
|
|
4579
4703
|
/**
|
|
4580
4704
|
* Returns the current version of {@link CoreCrypto}
|
|
@@ -4849,5 +4973,25 @@ class WireE2eIdentity {
|
|
|
4849
4973
|
}
|
|
4850
4974
|
}
|
|
4851
4975
|
_WireE2eIdentity_e2ei = new WeakMap();
|
|
4976
|
+
/**
|
|
4977
|
+
* Indicates the state of a Conversation regarding end-to-end identity.
|
|
4978
|
+
* Note: this does not check pending state (pending commit, pending proposals) so it does not
|
|
4979
|
+
* consider members about to be added/removed
|
|
4980
|
+
*/
|
|
4981
|
+
var E2eiConversationState;
|
|
4982
|
+
(function (E2eiConversationState) {
|
|
4983
|
+
/**
|
|
4984
|
+
* All clients have a valid E2EI certificate
|
|
4985
|
+
*/
|
|
4986
|
+
E2eiConversationState[E2eiConversationState["Verified"] = 1] = "Verified";
|
|
4987
|
+
/**
|
|
4988
|
+
* Some clients are either still Basic or their certificate is expired
|
|
4989
|
+
*/
|
|
4990
|
+
E2eiConversationState[E2eiConversationState["Degraded"] = 2] = "Degraded";
|
|
4991
|
+
/**
|
|
4992
|
+
* All clients are still Basic. If all client have expired certificates, Degraded is returned.
|
|
4993
|
+
*/
|
|
4994
|
+
E2eiConversationState[E2eiConversationState["NotEnabled"] = 3] = "NotEnabled";
|
|
4995
|
+
})(E2eiConversationState || (E2eiConversationState = {}));
|
|
4852
4996
|
|
|
4853
|
-
export { Ciphersuite, CoreCrypto, CoreCryptoError, CredentialType, ExternalProposalType, GroupInfoEncryptionType, ProposalType, RatchetTreeType, WireE2eIdentity, WirePolicy };
|
|
4997
|
+
export { Ciphersuite, CoreCrypto, CoreCryptoError, CredentialType, E2eiConversationState, ExternalProposalType, GroupInfoEncryptionType, ProposalType, RatchetTreeType, WireE2eIdentity, WirePolicy };
|
|
Binary file
|