npm - @wireapp/core-crypto - Versions diffs - 1.0.0-rc.37 → 1.0.0-rc.39 - Mend

@wireapp/core-crypto 1.0.0-rc.37 → 1.0.0-rc.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +1 -1
package/platforms/web/core-crypto-ffi_bg.wasm +0 -0
package/platforms/web/corecrypto.d.ts +91 -77
package/platforms/web/corecrypto.js +138 -77

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@wireapp/core-crypto",
-  "version": "1.0.0-rc.37",
+  "version": "1.0.0-rc.39",
   "description": "CoreCrypto bindings for the Web",
   "type": "module",
   "module": "platforms/web/corecrypto.js",

package/platforms/web/core-crypto-ffi_bg.wasm CHANGED Viewed

Binary file

package/platforms/web/corecrypto.d.ts CHANGED Viewed

@@ -1,22 +1,3 @@
-/* tslint:disable */
-/* eslint-disable */
-/**
-* see [core_crypto::prelude::DeviceStatus]
-*/
-export enum DeviceStatus {
-	/**
-	* All is fine
-	*/
-	Valid = 0,
-	/**
-	* The Credential's certificate is expired
-	*/
-	Expired = 1,
-	/**
-	* The Credential's certificate is revoked (not implemented yet)
-	*/
-	Revoked = 2
-}
 /**
 * For creating a challenge.
 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5.1
@@ -38,29 +19,6 @@ export class AcmeChallenge {
 	readonly url: string;
 }
 /**
-* Holds URLs of all the standard ACME endpoint supported on an ACME server.
-* @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.1.1
-*/
-export class AcmeDirectory {
-	free(): void;
-	/**
-	* URL for creating a new account.
-	*/
-	readonly newAccount: string;
-	/**
-	* URL for fetching a new nonce. Use this only for creating a new account.
-	*/
-	readonly newNonce: string;
-	/**
-	* URL for creating a new order.
-	*/
-	readonly newOrder: string;
-	/**
-	* Revocation URL
-	*/
-	readonly revokeCert: string;
-}
-/**
 * Result of an authorization creation.
 * @see https://www.rfc-editor.org/rfc/rfc8555.html#section-7.5
 */
@@ -93,41 +51,6 @@ export class NewAcmeOrder {
 	*/
 	readonly delegate: Uint8Array;
 }
-/**
-* Represents the identity claims identifying a client
-* Those claims are verifiable by any member in the group
-*/
-export class WireIdentity {
-	free(): void;
-	/**
-	* X509 certificate identifying this client in the MLS group ; PEM encoded
-	*/
-	readonly certificate: string;
-	/**
-	* Unique client identifier e.g. `T4Coy4vdRzianwfOgXpn6A:6add501bacd1d90e@whitehouse.gov`
-	*/
-	readonly clientId: string;
-	/**
-	* Name as displayed in the messaging application e.g. `John Fitzgerald Kennedy`
-	*/
-	readonly displayName: string;
-	/**
-	* DNS domain for which this identity proof was generated e.g. `whitehouse.gov`
-	*/
-	readonly domain: string;
-	/**
-	* user handle e.g. `john_wire`
-	*/
-	readonly handle: string;
-	/**
-	* Status of the Credential at the moment T when this object is created
-	*/
-	readonly status: DeviceStatus;
-	/**
-	* MLS thumbprint
-	*/
-	readonly thumbprint: string;
-}
 /**
  * Error wrapper that takes care of extracting rich error details across the FFI (through JSON parsing)
  *
@@ -566,6 +489,88 @@ export interface BufferedDecryptedMessage {
 	 */
 	crlNewDistributionPoints?: string[];
 }
+/**
+ * Represents the identity claims identifying a client
+ * Those claims are verifiable by any member in the group
+ */
+export interface WireIdentity {
+	/**
+	 * Unique client identifier
+	 */
+	clientId: string;
+	/**
+	 * User handle e.g. `john_wire`
+	 */
+	handle: string;
+	/**
+	 * Name as displayed in the messaging application e.g. `John Fitzgerald Kennedy`
+	 */
+	displayName: string;
+	/**
+	 * DNS domain for which this identity proof was generated e.g. `whitehouse.gov`
+	 */
+	domain: string;
+	/**
+	 * X509 certificate identifying this client in the MLS group ; PEM encoded
+	 */
+	certificate: string;
+	/**
+	 * Status of the Credential at the moment T when this object is created
+	 */
+	status: DeviceStatus;
+	/**
+	 * MLS thumbprint
+	 */
+	thumbprint: string;
+	/**
+	 * X509 certificate serial number
+	 */
+	serialNumber: string;
+	/**
+	 * X509 certificate not before as Unix timestamp
+	 */
+	notBefore: bigint;
+	/**
+	 * X509 certificate not after as Unix timestamp
+	 */
+	notAfter: bigint;
+}
+export interface AcmeDirectory {
+	/**
+	 * URL for fetching a new nonce. Use this only for creating a new account.
+	 */
+	newNonce: string;
+	/**
+	 * URL for creating a new account.
+	 */
+	newAccount: string;
+	/**
+	 * URL for creating a new order.
+	 */
+	newOrder: string;
+	/**
+	 * Revocation URL
+	 */
+	revokeCert: string;
+}
+/**
+ * Indicates the standalone status of a device Credential in a MLS group at a moment T.
+ * This does not represent the states where a device is not using MLS or is not using end-to-end identity
+ */
+export declare enum DeviceStatus {
+	/**
+	 * All is fine
+	 */
+	Valid = 0,
+	/**
+	 * The Credential's certificate is expired
+	 */
+	Expired = 1,
+	/**
+	 * The Credential's certificate is revoked
+	 */
+	Revoked = 2
+}
 /**
  * Returned by all methods creating proposals. Contains a proposal message and an identifier to roll back the proposal
  */
@@ -1075,6 +1080,15 @@ export declare class CoreCrypto {
 	 * @returns A `Uint8Array` representing the derived key
 	 */
 	exportSecretKey(conversationId: ConversationId, keyLength: number): Promise<Uint8Array>;
+	/**
+	 * Returns the raw public key of the single external sender present in this group.
+	 * This should be used to initialize a subconversation
+	 *
+	 * @param conversationId - The group's ID
+	 *
+	 * @returns A `Uint8Array` representing the external sender raw public key
+	 */
+	getExternalSender(conversationId: ConversationId): Promise<Uint8Array>;
 	/**
 	 * Returns all clients from group's members
 	 *

package/platforms/web/corecrypto.js CHANGED Viewed

@@ -160,12 +160,12 @@ var makeMutClosure = function(arg0, arg1, dtor, f) {
   return real;
 };
 var __wbg_adapter_54 = function(arg0, arg1, arg2) {
-  wasm.wasm_bindgen__convert__closures__invoke1_mut__h1355a643cca522f3(arg0, arg1, addHeapObject(arg2));
+  wasm.wasm_bindgen__convert__closures__invoke1_mut__h601e8bd711f8c2cf(arg0, arg1, addHeapObject(arg2));
 };
 var __wbg_adapter_57 = function(arg0, arg1, arg2) {
   try {
     const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-    wasm.wasm_bindgen__convert__closures__invoke1_mut__h1d0caafd6e7f792a(retptr, arg0, arg1, addHeapObject(arg2));
+    wasm.wasm_bindgen__convert__closures__invoke1_mut__h853f0d8ce45de15b(retptr, arg0, arg1, addHeapObject(arg2));
     var r0 = getInt32Memory0()[retptr / 4 + 0];
     var r1 = getInt32Memory0()[retptr / 4 + 1];
     if (r1) {
@@ -235,8 +235,8 @@ var handleError = function(f, args) {
     wasm.__wbindgen_exn_store(addHeapObject(e));
   }
 };
-var __wbg_adapter_417 = function(arg0, arg1, arg2, arg3) {
-  wasm.wasm_bindgen__convert__closures__invoke2_mut__h74bc542a539f879a(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
+var __wbg_adapter_421 = function(arg0, arg1, arg2, arg3) {
+  wasm.wasm_bindgen__convert__closures__invoke2_mut__h6bedc2125abb8b9f(arg0, arg1, addHeapObject(arg2), addHeapObject(arg3));
 };
 async function __wbg_load(module, imports) {
   if (typeof Response === "function" && module instanceof Response) {
@@ -265,57 +265,53 @@ async function __wbg_load(module, imports) {
 var __wbg_get_imports = function() {
   const imports = {};
   imports.wbg = {};
-  imports.wbg.__wbg_corecrypto_new = function(arg0) {
-    const ret = CoreCrypto.__wrap(arg0);
+  imports.wbg.__wbg_acmedirectory_new = function(arg0) {
+    const ret = AcmeDirectory.__wrap(arg0);
+    return addHeapObject(ret);
+  };
+  imports.wbg.__wbg_ffiwiree2eidentity_new = function(arg0) {
+    const ret = FfiWireE2EIdentity.__wrap(arg0);
     return addHeapObject(ret);
   };
   imports.wbg.__wbindgen_number_new = function(arg0) {
     const ret = arg0;
     return addHeapObject(ret);
   };
-  imports.wbg.__wbindgen_object_drop_ref = function(arg0) {
-    takeObject(arg0);
-  };
   imports.wbg.__wbg_newacmeauthz_new = function(arg0) {
     const ret = NewAcmeAuthz.__wrap(arg0);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbg_proposalbundle_new = function(arg0) {
-    const ret = ProposalBundle.__wrap(arg0);
-    return addHeapObject(ret);
-  };
   imports.wbg.__wbg_commitbundle_new = function(arg0) {
     const ret = CommitBundle.__wrap(arg0);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbg_acmedirectory_new = function(arg0) {
-    const ret = AcmeDirectory.__wrap(arg0);
+  imports.wbg.__wbg_proposalbundle_new = function(arg0) {
+    const ret = ProposalBundle.__wrap(arg0);
     return addHeapObject(ret);
   };
   imports.wbg.__wbg_buffereddecryptedmessage_new = function(arg0) {
     const ret = BufferedDecryptedMessage.__wrap(arg0);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbg_ffiwiree2eidentity_new = function(arg0) {
-    const ret = FfiWireE2EIdentity.__wrap(arg0);
+  imports.wbg.__wbg_newacmeorder_new = function(arg0) {
+    const ret = NewAcmeOrder.__wrap(arg0);
+    return addHeapObject(ret);
+  };
+  imports.wbg.__wbg_corecrypto_new = function(arg0) {
+    const ret = CoreCrypto.__wrap(arg0);
     return addHeapObject(ret);
   };
   imports.wbg.__wbg_proteusautoprekeybundle_new = function(arg0) {
     const ret = ProteusAutoPrekeyBundle.__wrap(arg0);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbg_newacmeorder_new = function(arg0) {
-    const ret = NewAcmeOrder.__wrap(arg0);
-    return addHeapObject(ret);
+  imports.wbg.__wbindgen_object_drop_ref = function(arg0) {
+    takeObject(arg0);
   };
   imports.wbg.__wbindgen_object_clone_ref = function(arg0) {
     const ret = getObject(arg0);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbindgen_bigint_from_u64 = function(arg0) {
-    const ret = BigInt.asUintN(64, arg0);
-    return addHeapObject(ret);
-  };
   imports.wbg.__wbindgen_string_new = function(arg0, arg1) {
     const ret = getStringFromWasm0(arg0, arg1);
     return addHeapObject(ret);
@@ -328,6 +324,10 @@ var __wbg_get_imports = function() {
     const ret = getObject(arg0) === null;
     return ret;
   };
+  imports.wbg.__wbindgen_bigint_from_u64 = function(arg0) {
+    const ret = BigInt.asUintN(64, arg0);
+    return addHeapObject(ret);
+  };
   imports.wbg.__wbindgen_string_get = function(arg0, arg1) {
     const obj = getObject(arg1);
     const ret = typeof obj === "string" ? obj : undefined;
@@ -889,7 +889,7 @@ var __wbg_get_imports = function() {
         const a = state0.a;
         state0.a = 0;
         try {
-          return __wbg_adapter_417(a, state0.b, arg02, arg12);
+          return __wbg_adapter_421(a, state0.b, arg02, arg12);
         } finally {
           state0.a = a;
         }
@@ -969,12 +969,12 @@ var __wbg_get_imports = function() {
     const ret = wasm.memory;
     return addHeapObject(ret);
   };
-  imports.wbg.__wbindgen_closure_wrapper2565 = function(arg0, arg1, arg2) {
-    const ret = makeMutClosure(arg0, arg1, 648, __wbg_adapter_54);
+  imports.wbg.__wbindgen_closure_wrapper2578 = function(arg0, arg1, arg2) {
+    const ret = makeMutClosure(arg0, arg1, 652, __wbg_adapter_54);
     return addHeapObject(ret);
   };
-  imports.wbg.__wbindgen_closure_wrapper13130 = function(arg0, arg1, arg2) {
-    const ret = makeMutClosure(arg0, arg1, 2173, __wbg_adapter_57);
+  imports.wbg.__wbindgen_closure_wrapper13188 = function(arg0, arg1, arg2) {
+    const ret = makeMutClosure(arg0, arg1, 2185, __wbg_adapter_57);
     return addHeapObject(ret);
   };
   return imports;
@@ -1041,19 +1041,11 @@ var CLOSURE_DTORS = typeof FinalizationRegistry === "undefined" ? { register: ()
 });
 var cachedUint32Memory0 = null;
 var cachedUint16Memory0 = null;
-var DeviceStatus = Object.freeze({
-  Valid: 0,
-  "0": "Valid",
-  Expired: 1,
-  "1": "Expired",
-  Revoked: 2,
-  "2": "Revoked"
-});
-var WirePolicy = Object.freeze({
-  Plaintext: 1,
-  "1": "Plaintext",
-  Ciphertext: 2,
-  "2": "Ciphertext"
+var CredentialType = Object.freeze({
+  Basic: 1,
+  "1": "Basic",
+  X509: 2,
+  "2": "X509"
 });
 var Ciphersuite = Object.freeze({
   MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519: 1,
@@ -1073,11 +1065,19 @@ var Ciphersuite = Object.freeze({
   MLS_128_X25519KYBER768DRAFT00_AES128GCM_SHA256_Ed25519: 61489,
   "61489": "MLS_128_X25519KYBER768DRAFT00_AES128GCM_SHA256_Ed25519"
 });
-var CredentialType = Object.freeze({
-  Basic: 1,
-  "1": "Basic",
-  X509: 2,
-  "2": "X509"
+var DeviceStatus = Object.freeze({
+  Valid: 0,
+  "0": "Valid",
+  Expired: 1,
+  "1": "Expired",
+  Revoked: 2,
+  "2": "Revoked"
+});
+var WirePolicy = Object.freeze({
+  Plaintext: 1,
+  "1": "Plaintext",
+  Ciphertext: 2,
+  "2": "Ciphertext"
 });
 var AcmeChallengeFinalization = typeof FinalizationRegistry === "undefined" ? { register: () => {
 }, unregister: () => {
@@ -1169,12 +1169,12 @@ class AcmeDirectory {
     const ptr = this.__destroy_into_raw();
     wasm.__wbg_acmedirectory_free(ptr);
   }
-  get newNonce() {
+  get new_nonce() {
     let deferred1_0;
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmedirectory_newNonce(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_acmedirectory_new_nonce(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -1185,7 +1185,7 @@ class AcmeDirectory {
       wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
     }
   }
-  get newAccount() {
+  get new_account() {
     let deferred1_0;
     let deferred1_1;
     try {
@@ -1201,7 +1201,7 @@ class AcmeDirectory {
       wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
     }
   }
-  get newOrder() {
+  get new_order() {
     let deferred1_0;
     let deferred1_1;
     try {
@@ -1217,12 +1217,12 @@ class AcmeDirectory {
       wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
     }
   }
-  get revokeCert() {
+  get revoke_cert() {
     let deferred1_0;
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmedirectory_revokeCert(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_acmedirectory_revoke_cert(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -1918,6 +1918,12 @@ class CoreCrypto {
     const ret = wasm.corecrypto_export_secret_key(this.__wbg_ptr, ptr0, len0, key_length);
     return takeObject(ret);
   }
+  get_external_sender(id) {
+    const ptr0 = passArray8ToWasm0(id, wasm.__wbindgen_malloc);
+    const len0 = WASM_VECTOR_LEN;
+    const ret = wasm.corecrypto_get_external_sender(this.__wbg_ptr, ptr0, len0);
+    return takeObject(ret);
+  }
   get_client_ids(conversation_id) {
     const ptr0 = passArray8ToWasm0(conversation_id, wasm.__wbindgen_malloc);
     const len0 = WASM_VECTOR_LEN;
@@ -2157,7 +2163,7 @@ class NewAcmeAuthz {
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmedirectory_newNonce(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_acmedirectory_new_nonce(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -2349,12 +2355,12 @@ class WireIdentity {
     const ptr = this.__destroy_into_raw();
     wasm.__wbg_wireidentity_free(ptr);
   }
-  get clientId() {
+  get client_id() {
     let deferred1_0;
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmedirectory_newNonce(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_wireidentity_client_id(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -2370,7 +2376,7 @@ class WireIdentity {
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmechallenge_url(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_wireidentity_handle(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -2381,12 +2387,12 @@ class WireIdentity {
       wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
     }
   }
-  get displayName() {
+  get display_name() {
     let deferred1_0;
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmechallenge_target(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_wireidentity_display_name(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -2402,7 +2408,7 @@ class WireIdentity {
     let deferred1_1;
     try {
       const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
-      wasm.__wbg_get_acmedirectory_revokeCert(retptr, this.__wbg_ptr);
+      wasm.__wbg_get_wireidentity_domain(retptr, this.__wbg_ptr);
       var r0 = getInt32Memory0()[retptr / 4 + 0];
       var r1 = getInt32Memory0()[retptr / 4 + 1];
       deferred1_0 = r0;
@@ -2449,6 +2455,30 @@ class WireIdentity {
       wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
     }
   }
+  get serial_number() {
+    let deferred1_0;
+    let deferred1_1;
+    try {
+      const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+      wasm.__wbg_get_wireidentity_serial_number(retptr, this.__wbg_ptr);
+      var r0 = getInt32Memory0()[retptr / 4 + 0];
+      var r1 = getInt32Memory0()[retptr / 4 + 1];
+      deferred1_0 = r0;
+      deferred1_1 = r1;
+      return getStringFromWasm0(r0, r1);
+    } finally {
+      wasm.__wbindgen_add_to_stack_pointer(16);
+      wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
+    }
+  }
+  get not_before() {
+    const ret = wasm.__wbg_get_wireidentity_not_before(this.__wbg_ptr);
+    return BigInt.asUintN(64, ret);
+  }
+  get not_after() {
+    const ret = wasm.__wbg_get_wireidentity_not_after(this.__wbg_ptr);
+    return BigInt.asUintN(64, ret);
+  }
 }
 var core_crypto_ffi_default = __wbg_init;
@@ -2531,6 +2561,29 @@ var RatchetTreeType;
   RatchetTreeType2[RatchetTreeType2["Delta"] = 2] = "Delta";
   RatchetTreeType2[RatchetTreeType2["ByRef"] = 3] = "ByRef";
 })(RatchetTreeType || (RatchetTreeType = {}));
+var mapWireIdentity = (ffiIdentity) => {
+  if (!ffiIdentity) {
+    return;
+  }
+  return {
+    clientId: ffiIdentity.client_id,
+    handle: ffiIdentity.handle,
+    displayName: ffiIdentity.display_name,
+    domain: ffiIdentity.domain,
+    certificate: ffiIdentity.certificate,
+    status: ffiIdentity.status,
+    thumbprint: ffiIdentity.thumbprint,
+    serialNumber: ffiIdentity.serial_number,
+    notBefore: ffiIdentity.not_before,
+    notAfter: ffiIdentity.not_after
+  };
+};
+var DeviceStatus2;
+(function(DeviceStatus3) {
+  DeviceStatus3[DeviceStatus3["Valid"] = 0] = "Valid";
+  DeviceStatus3[DeviceStatus3["Expired"] = 1] = "Expired";
+  DeviceStatus3[DeviceStatus3["Revoked"] = 2] = "Revoked";
+})(DeviceStatus2 || (DeviceStatus2 = {}));
 var ProposalType;
 (function(ProposalType2) {
   ProposalType2[ProposalType2["Add"] = 0] = "Add";
@@ -2654,24 +2707,25 @@ class CoreCrypto2 {
       if (typeof ffiCommitDelay === "number" && ffiCommitDelay >= 0) {
         commitDelay = ffiCommitDelay * 1000;
       }
+      const identity = mapWireIdentity(ffiDecryptedMessage.identity);
       const ret = {
         message: ffiDecryptedMessage.message,
         proposals: ffiDecryptedMessage.proposals,
         isActive: ffiDecryptedMessage.is_active,
         senderClientId: ffiDecryptedMessage.sender_client_id,
         commitDelay,
+        identity,
         hasEpochChanged: ffiDecryptedMessage.has_epoch_changed,
-        bufferedMessages: ffiDecryptedMessage.buffered_messages?.map((m) => {
-          return {
-            message: m.message,
-            proposals: m.proposals,
-            isActive: m.is_active,
-            senderClientId: m.sender_client_id,
-            commitDelay: m.commit_delay,
-            hasEpochChanged: m.has_epoch_changed,
-            crlNewDistributionPoints: m.crl_new_distribution_points
-          };
-        }),
+        bufferedMessages: ffiDecryptedMessage.buffered_messages?.map((m) => ({
+          message: m.message,
+          proposals: m.proposals,
+          isActive: m.is_active,
+          senderClientId: m.sender_client_id,
+          commitDelay: m.commit_delay,
+          identity: mapWireIdentity(m.identity),
+          hasEpochChanged: m.has_epoch_changed,
+          crlNewDistributionPoints: m.crl_new_distribution_points
+        })),
         crlNewDistributionPoints: ffiDecryptedMessage.crl_new_distribution_points
       };
       return ret;
@@ -2853,6 +2907,9 @@ class CoreCrypto2 {
   async exportSecretKey(conversationId, keyLength) {
     return await CoreCryptoError.asyncMapErr(this.#cc.export_secret_key(conversationId, keyLength));
   }
+  async getExternalSender(conversationId) {
+    return await CoreCryptoError.asyncMapErr(this.#cc.get_external_sender(conversationId));
+  }
   async getClientIds(conversationId) {
     return await CoreCryptoError.asyncMapErr(this.#cc.get_client_ids(conversationId));
   }
@@ -2976,10 +3033,10 @@ class CoreCrypto2 {
     return await CoreCryptoError.asyncMapErr(this.#cc.e2ei_is_enabled(ciphersuite));
   }
   async getDeviceIdentities(conversationId, deviceIds) {
-    return await CoreCryptoError.asyncMapErr(this.#cc.get_device_identities(conversationId, deviceIds));
+    return (await CoreCryptoError.asyncMapErr(this.#cc.get_device_identities(conversationId, deviceIds))).map(mapWireIdentity);
   }
   async getUserIdentities(conversationId, userIds) {
-    return await CoreCryptoError.asyncMapErr(this.#cc.get_user_identities(conversationId, userIds));
+    return (await CoreCryptoError.asyncMapErr(this.#cc.get_user_identities(conversationId, userIds))).map(([userId, identities]) => [userId, identities.map(mapWireIdentity)]);
   }
   async getCredentialInUse(groupInfo, credentialType = CredentialType2.X509) {
     let state = await CoreCryptoError.asyncMapErr(this.#cc.get_credential_in_use(groupInfo, credentialType));
@@ -3003,7 +3060,13 @@ class E2eiEnrollment {
     return this.#enrollment;
   }
   async directoryResponse(directory) {
-    return await CoreCryptoError.asyncMapErr(this.#enrollment.directory_response(directory));
+    const ffiRet = await CoreCryptoError.asyncMapErr(this.#enrollment.directory_response(directory));
+    return {
+      newNonce: ffiRet.new_nonce,
+      newAccount: ffiRet.new_account,
+      newOrder: ffiRet.new_order,
+      revokeCert: ffiRet.revoke_cert
+    };
   }
   async newAccountRequest(previousNonce) {
     return await CoreCryptoError.asyncMapErr(this.#enrollment.new_account_request(previousNonce));
@@ -3062,7 +3125,6 @@ var E2eiConversationState;
 })(E2eiConversationState || (E2eiConversationState = {}));
 export {
   WirePolicy2 as WirePolicy,
-  WireIdentity,
   RatchetTreeType,
   ProposalType,
   NewAcmeOrder,
@@ -3071,11 +3133,10 @@ export {
   ExternalProposalType,
   E2eiEnrollment,
   E2eiConversationState,
-  DeviceStatus,
+  DeviceStatus2 as DeviceStatus,
   CredentialType2 as CredentialType,
   CoreCryptoError,
   CoreCrypto2 as CoreCrypto,
   Ciphersuite2 as Ciphersuite,
-  AcmeDirectory,
   AcmeChallenge
 };