@wireapp/core 32.1.3 → 34.0.0

package/package.json

@@ -3,18 +3,18 @@
     "./src/main/cryptography/AssetCryptography/crypto.node": "./src/main/cryptography/AssetCryptography/crypto.browser.js"
   },
   "dependencies": {
-    "@wireapp/api-client": "^20.6.11",
-    "@wireapp/commons": "^4.4.8",
+    "@wireapp/api-client": "^21.0.0",
+    "@wireapp/commons": "^4.4.10",
     "@wireapp/core-crypto": "0.5.2",
     "@wireapp/cryptobox": "12.8.0",
-    "@wireapp/promise-queue": "^1.3.2",
-    "@wireapp/protocol-messaging": "1.38.0",
-    "@wireapp/store-engine-dexie": "^1.7.8",
+    "@wireapp/promise-queue": "^1.3.4",
+    "@wireapp/protocol-messaging": "1.39.0",
+    "@wireapp/store-engine-dexie": "^1.7.10",
     "axios": "^0.27.2",
-    "bazinga64": "5.11.8",
+    "bazinga64": "5.11.10",
     "hash.js": "1.1.7",
     "http-status-codes": "2.2.0",
-    "idb": "7.0.2",
+    "idb": "7.1.0",
     "logdown": "3.3.1",
     "long": "4.0.0",
     "uuidjs": "4.2.12"
@@ -24,30 +24,22 @@
     "@babel/preset-env": "^7.19.1",
     "@babel/preset-typescript": "^7.18.6",
     "@faker-js/faker": "^7.6.0",
-    "@open-wc/webpack-import-meta-loader": "0.4.7",
     "@types/babel__core": "^7",
     "@types/jest": "29.2.0",
     "@types/long": "4.0.1",
-    "@types/node": "^14.18.29",
+    "@types/node": "^18.11.2",
     "@types/tough-cookie": "4.0.2",
     "@wireapp/commons": "workspace:^",
     "@wireapp/store-engine-dexie": "workspace:^",
-    "commander": "8.0.0",
+    "commander": "9.4.1",
     "cross-env": "7.0.3",
     "dotenv-defaults": "5.0.2",
     "fake-indexeddb": "4.0.0",
-    "istanbul": "1.1.0-alpha.1",
     "jest": "29.2.1",
-    "jest-babel": "1.0.1",
     "jest-jasmine2": "29.2.1",
     "jest-websocket-mock": "2.4.0",
     "mock-socket": "9.1.5",
-    "nock": "13.2.9",
-    "nyc": "15.1.0",
-    "rimraf": "3.0.2",
-    "typescript": "4.8.4",
-    "webpack": "4.46.0",
-    "webpack-cli": "4.10.0"
+    "nock": "13.2.9"
   },
   "description": "Wire for Web's communication core.",
   "files": [
@@ -63,7 +55,6 @@
   "scripts": {
     "build": "tsc",
     "clean": "rimraf .tmp \"src/main/{!(*.test*).js,*.js.map,*.d.ts}\" \"src/main/test/{*.js.map,*.d.ts}\" \"src/main/!(test)/{!(*.test*).js,*.js.map,*.d.ts}\" \"src/main/**/{!(*.test*|AccountHelper|StoreHelper).js,*.js.map,*.d.ts}\" \"src/main/**/*.node.js\"",
-    "coverage": "cross-env JASMINE_CONFIG_PATH=src/test/node/support/jasmine.json istanbul cover --report html node_modules/jasmine/bin/jasmine.js",
     "demo:composite": "cross-env NODE_DEBUG='@wireapp*' ts-node src/demo/composite.ts",
     "demo:sendCounter": "cross-env NODE_DEBUG='@wireapp*' ts-node src/demo/sendCounter.ts",
     "dist": "yarn clean && yarn build",
@@ -73,6 +64,6 @@
     "test": "jest",
     "watch": "tsc ---watch"
   },
-  "version": "32.1.3",
-  "gitHead": "2955478c0cc969992f01f92985c34b43265bbf3e"
+  "version": "34.0.0",
+  "gitHead": "28544331b51d4f6371ff71802271ecaa079da803"
 }

package/src/main/Account.d.ts

@@ -13,7 +13,7 @@ import { AssetService, ConversationService, PayloadBundleSource, PayloadBundleTy
 import * as OtrMessage from './conversation/message/OtrMessage';
 import * as UserMessage from './conversation/message/UserMessage';
 import { CoreError } from './CoreError';
-import { CryptographyService } from './cryptography/';
+import { CryptographyService, SessionId } from './cryptography/';
 import { GiphyService } from './giphy/';
 import { HandledEventPayload, NotificationService } from './notification/';
 import { SelfService } from './self/';
@@ -84,6 +84,17 @@ interface AccountOptions<T> {
      */
     mlsConfig?: MLSConfig<T>;
 }
+declare type InitOptions = {
+    /** cookie used to identify the current user. Will use the browser cookie if not defined */
+    cookie?: Cookie;
+    /** fully initiate the client and register periodic checks */
+    initClient?: boolean;
+    /**
+     * callback triggered when a message from an unknown client is received.
+     * An unknown client is a client we don't yet have a session with
+     */
+    onNewClient?: (sessionId: SessionId) => void;
+};
 export declare class Account<T = any> extends EventEmitter {
     private readonly apiClient;
     private readonly logger;
@@ -130,9 +141,8 @@ export declare class Account<T = any> extends EventEmitter {
      * Will fail if local client cannot be found
      *
      * @param clientType The type of client the user is using (temporary or permanent)
-     * @param cookie The cookie to identify the user against backend (will use the browser's one if not given)
      */
-    init(clientType: ClientType, cookie?: Cookie, initClient?: boolean): Promise<Context>;
+    init(clientType: ClientType, { cookie, initClient, onNewClient }?: InitOptions): Promise<Context>;
     /**
      * Will log the user in with the given credential.
      * Will also create the local client and store it in DB

package/src/main/Account.js

@@ -74,6 +74,7 @@ const team_1 = require("./team/");
 const user_1 = require("./user/");
 const account_1 = require("./account/");
 const linkPreview_1 = require("./linkPreview");
+const core_crypto_1 = require("@wireapp/core-crypto");
 const ReconnectingWebsocket_1 = require("@wireapp/api-client/src/tcp/ReconnectingWebsocket");
 const encryptedStore_1 = require("./util/encryptedStore");
 const bazinga64_1 = require("bazinga64");
@@ -152,16 +153,29 @@ class Account extends events_1.EventEmitter {
      * Will fail if local client cannot be found
      *
      * @param clientType The type of client the user is using (temporary or permanent)
-     * @param cookie The cookie to identify the user against backend (will use the browser's one if not given)
      */
-    async init(clientType, cookie, initClient = true) {
+    async init(clientType, { cookie, initClient = true, onNewClient } = {}) {
         var _a, _b, _c;
         const context = await this.apiClient.init(clientType, cookie);
         await this.initServices(context);
+        /** @fixme
+         * When we will start migrating to CoreCrypto encryption/decryption, those hooks won't be available anymore
+         * We will need to implement
+         *   - the mechanism to handle messages from an unknown sender
+         *   - the mechanism to generate new prekeys when we reach a certain threshold of prekeys
+         */
+        this.service.cryptography.setCryptoboxHooks({
+            onNewPrekeys: async (prekeys) => {
+                this.logger.debug(`Received '${prekeys.length}' new PreKeys.`);
+                await this.apiClient.api.client.putClient(context.clientId, { prekeys });
+                this.logger.debug(`Successfully uploaded '${prekeys.length}' PreKeys.`);
+            },
+            onNewSession: onNewClient,
+        });
         // Assumption: client gets only initialized once
         if (initClient) {
             await this.initClient({ clientType });
-            if (this.mlsConfig) {
+            if (this.mlsConfig && this.backendFeatures.supportsMLS) {
                 // initialize schedulers for pending mls proposals once client is initialized
                 await ((_a = this.service) === null || _a === void 0 ? void 0 : _a.notification.checkExistingPendingProposals());
                 // initialize schedulers for renewing key materials
@@ -300,7 +314,7 @@ class Account extends events_1.EventEmitter {
         const loadedClient = await this.service.client.getLocalClient();
         await this.apiClient.api.client.getClient(loadedClient.id);
         this.apiClient.context.clientId = loadedClient.id;
-        if (this.mlsConfig) {
+        if (this.mlsConfig && this.backendFeatures.supportsMLS) {
             this.coreCryptoClient = await this.createMLSClient(loadedClient, this.apiClient.context, this.mlsConfig, entropyData);
         }
         return loadedClient;
@@ -310,10 +324,9 @@ class Account extends events_1.EventEmitter {
             throw new Error('Services are not set.');
         }
         const coreCryptoKeyId = 'corecrypto-key';
-        const { CoreCrypto } = await Promise.resolve().then(() => __importStar(require('@wireapp/core-crypto')));
         const dbName = this.generateSecretsDbName(context);
-        const secretStore = mlsConfig.secretsCrypto
-            ? await (0, encryptedStore_1.createCustomEncryptedStore)(dbName, mlsConfig.secretsCrypto)
+        const secretStore = mlsConfig.systemCrypto
+            ? await (0, encryptedStore_1.createCustomEncryptedStore)(dbName, mlsConfig.systemCrypto)
             : await (0, encryptedStore_1.createEncryptedStore)(dbName);
         let key = await secretStore.getsecretValue(coreCryptoKeyId);
         let isNewMLSDevice = false;
@@ -324,7 +337,7 @@ class Account extends events_1.EventEmitter {
             isNewMLSDevice = true;
         }
         const { userId, domain } = this.apiClient.context;
-        const mlsClient = await CoreCrypto.init({
+        const mlsClient = await core_crypto_1.CoreCrypto.init({
             databaseName: `corecrypto-${this.generateDbName(context)}`,
             key: bazinga64_1.Encoder.toBase64(key).asString,
             clientId: `${userId}:${client.id}@${domain}`,
@@ -344,7 +357,7 @@ class Account extends events_1.EventEmitter {
         }
         this.logger.info(`Creating new client {mls: ${!!this.mlsConfig}}`);
         const registeredClient = await this.service.client.register(loginData, clientInfo, entropyData);
-        if (this.mlsConfig) {
+        if (this.mlsConfig && this.backendFeatures.supportsMLS) {
             this.coreCryptoClient = await this.createMLSClient(registeredClient, this.apiClient.context, this.mlsConfig, entropyData);
         }
         this.apiClient.context.clientId = registeredClient.id;

package/src/main/cryptography/CryptographyService.d.ts

@@ -12,6 +12,11 @@ export declare type DecryptionError = {
     code: number;
     message: string;
 };
+export declare type SessionId = {
+    userId: string;
+    clientId: string;
+    domain?: string;
+};
 export interface MetaClient extends RegisteredClient {
     meta: {
         is_verified?: boolean;
@@ -30,7 +35,19 @@ export declare class CryptographyService {
         nbPrekeys: number;
     });
     constructSessionId(userId: string | QualifiedId, clientId: string, domain?: string): string;
+    private isSessionId;
+    /**
+     * Splits a sessionId into userId, clientId & domain (if any).
+     */
+    parseSessionId(sessionId: string): SessionId;
     static convertArrayRecipientsToBase64(recipients: OTRRecipients<Uint8Array>): OTRRecipients<string>;
+    setCryptoboxHooks({ onNewPrekeys, onNewSession, }: {
+        onNewPrekeys?: (prekeys: {
+            id: number;
+            key: string;
+        }[]) => void;
+        onNewSession?: (sessionId: SessionId) => void;
+    }): void;
     static convertBase64RecipientsToArray(recipients: OTRRecipients<string>): OTRRecipients<Uint8Array>;
     createCryptobox(entropyData?: Uint8Array): Promise<SerializedPreKey[]>;
     decrypt(sessionId: string, encodedCiphertext: string): Promise<Uint8Array>;

package/src/main/cryptography/CryptographyService.js

@@ -48,6 +48,21 @@ class CryptographyService {
         const baseId = `${id}@${clientId}`;
         return baseDomain && this.config.useQualifiedIds ? `${baseDomain}@${baseId}` : baseId;
     }
+    isSessionId(object) {
+        return object.userId && object.clientId;
+    }
+    /**
+     * Splits a sessionId into userId, clientId & domain (if any).
+     */
+    parseSessionId(sessionId) {
+        // see https://regex101.com/r/c8FtCw/1
+        const regex = /((?<domain>.+)@)?(?<userId>.+)@(?<clientId>.+)$/g;
+        const match = regex.exec(sessionId);
+        if (!match || !this.isSessionId(match.groups)) {
+            throw new Error(`given session id "${sessionId}" has wrong format`);
+        }
+        return match.groups;
+    }
     static convertArrayRecipientsToBase64(recipients) {
         return Object.fromEntries(Object.entries(recipients).map(([userId, otrClientMap]) => {
             const otrClientMapWithBase64 = Object.fromEntries(Object.entries(otrClientMap).map(([clientId, payload]) => {
@@ -56,6 +71,17 @@ class CryptographyService {
             return [userId, otrClientMapWithBase64];
         }));
     }
+    setCryptoboxHooks({ onNewPrekeys, onNewSession, }) {
+        if (onNewPrekeys) {
+            this.cryptobox.on(cryptobox_1.Cryptobox.TOPIC.NEW_PREKEYS, prekeys => {
+                const serializedPreKeys = prekeys.map(this.cryptobox.serialize_prekey);
+                onNewPrekeys(serializedPreKeys);
+            });
+        }
+        if (onNewSession) {
+            this.cryptobox.on(cryptobox_1.Cryptobox.TOPIC.NEW_SESSION, sessionId => onNewSession(this.parseSessionId(sessionId)));
+        }
+    }
     static convertBase64RecipientsToArray(recipients) {
         return Object.fromEntries(Object.entries(recipients).map(([userId, otrClientMap]) => {
             const otrClientMapWithUint8Array = Object.fromEntries(Object.entries(otrClientMap).map(([clientId, payload]) => {

package/src/main/mls/MLSService/MLSService.d.ts

@@ -9,7 +9,7 @@ export declare class MLSService {
     private readonly coreCryptoClientProvider;
     groupIdFromConversationId?: MLSCallbacks['groupIdFromConversationId'];
     constructor(config: MLSConfig | undefined, apiClient: APIClient, coreCryptoClientProvider: () => CoreCrypto | undefined);
-    private getCoreCryptoClient;
+    private get coreCryptoClient();
     private uploadCommitBundle;
     addUsersToExistingConversation(groupId: Uint8Array, invitee: Invitee[]): Promise<import("@wireapp/api-client/src/conversation").PostMlsMessageResponse | null>;
     configureMLSCallbacks({ groupIdFromConversationId, ...coreCryptoCallbacks }: MLSCallbacks): void;

package/src/main/mls/MLSService/MLSService.js

@@ -45,7 +45,7 @@ class MLSService {
         this.apiClient = apiClient;
         this.coreCryptoClientProvider = coreCryptoClientProvider;
     }
-    getCoreCryptoClient() {
+    get coreCryptoClient() {
         const client = this.coreCryptoClientProvider();
         if (!client) {
             throw new Error('Could not get coreCryptoClient');
@@ -53,13 +53,12 @@ class MLSService {
         return client;
     }
     async uploadCommitBundle(groupId, { commit, welcome }) {
-        const coreCryptoClient = this.getCoreCryptoClient();
         if (commit) {
             try {
                 const messageResponse = await this.apiClient.api.conversation.postMlsMessage(
                 //@todo: it's temporary - we wait for core-crypto fix to return the actual Uint8Array instead of regular array
                 (0, exports.optionalToUint8Array)(commit));
-                await coreCryptoClient.commitAccepted(groupId);
+                await this.coreCryptoClient.commitAccepted(groupId);
                 if (welcome) {
                     // If the commit went well, we can send the Welcome
                     //@todo: it's temporary - we wait for core-crypto fix to return the actual Uint8Array instead of regular array
@@ -68,17 +67,17 @@ class MLSService {
                 return messageResponse;
             }
             catch (error) {
-                await coreCryptoClient.clearPendingCommit(groupId);
+                await this.coreCryptoClient.clearPendingCommit(groupId);
             }
         }
         return null;
     }
     addUsersToExistingConversation(groupId, invitee) {
-        return this.processCommitAction(groupId, () => this.getCoreCryptoClient().addClientsToConversation(groupId, invitee));
+        return this.processCommitAction(groupId, () => this.coreCryptoClient.addClientsToConversation(groupId, invitee));
     }
     configureMLSCallbacks(_a) {
         var { groupIdFromConversationId } = _a, coreCryptoCallbacks = __rest(_a, ["groupIdFromConversationId"]);
-        this.getCoreCryptoClient().registerCallbacks(Object.assign(Object.assign({}, coreCryptoCallbacks), { clientIdBelongsToOneOf: (client, otherClients) => {
+        this.coreCryptoClient.registerCallbacks(Object.assign(Object.assign({}, coreCryptoCallbacks), { clientIdBelongsToOneOf: (client, otherClients) => {
                 const decoder = new TextDecoder();
                 const { user } = (0, fullyQualifiedClientIdUtils_1.parseFullQualifiedClientId)(decoder.decode(client));
                 return otherClients.some(client => {
@@ -113,22 +112,22 @@ class MLSService {
         return coreCryptoKeyPackagesPayload;
     }
     getEpoch(groupId) {
-        return this.getCoreCryptoClient().conversationEpoch(groupId);
+        return this.coreCryptoClient.conversationEpoch(groupId);
     }
     async newProposal(proposalType, args) {
-        return this.getCoreCryptoClient().newProposal(proposalType, args);
+        return this.coreCryptoClient.newProposal(proposalType, args);
     }
     async newExternalProposal(externalProposalType, args) {
-        return this.getCoreCryptoClient().newExternalProposal(externalProposalType, args);
+        return this.coreCryptoClient.newExternalProposal(externalProposalType, args);
     }
     async processWelcomeMessage(welcomeMessage) {
-        return this.getCoreCryptoClient().processWelcomeMessage(welcomeMessage);
+        return this.coreCryptoClient.processWelcomeMessage(welcomeMessage);
     }
     async decryptMessage(conversationId, payload) {
-        return this.getCoreCryptoClient().decryptMessage(conversationId, payload);
+        return this.coreCryptoClient.decryptMessage(conversationId, payload);
     }
     async encryptMessage(conversationId, message) {
-        return this.getCoreCryptoClient().encryptMessage(conversationId, message);
+        return this.coreCryptoClient.encryptMessage(conversationId, message);
     }
     /**
      * Will wrap a coreCrypto call that generates a CommitBundle and do all the necessary work so that commitbundle is handled the right way.
@@ -148,26 +147,26 @@ class MLSService {
         });
     }
     updateKeyingMaterial(conversationId) {
-        return this.processCommitAction(conversationId, () => this.getCoreCryptoClient().updateKeyingMaterial(conversationId));
+        return this.processCommitAction(conversationId, () => this.coreCryptoClient.updateKeyingMaterial(conversationId));
     }
     async createConversation(conversationId, configuration) {
-        return this.getCoreCryptoClient().createConversation(conversationId, configuration);
+        return this.coreCryptoClient.createConversation(conversationId, configuration);
     }
     removeClientsFromConversation(conversationId, clientIds) {
-        return this.processCommitAction(conversationId, () => this.getCoreCryptoClient().removeClientsFromConversation(conversationId, clientIds));
+        return this.processCommitAction(conversationId, () => this.coreCryptoClient.removeClientsFromConversation(conversationId, clientIds));
     }
     async commitPendingProposals(groupId) {
-        const commitBundle = await this.getCoreCryptoClient().commitPendingProposals(groupId);
+        const commitBundle = await this.coreCryptoClient.commitPendingProposals(groupId);
         return commitBundle ? void (await this.uploadCommitBundle(groupId, commitBundle)) : undefined;
     }
     async conversationExists(conversationId) {
-        return this.getCoreCryptoClient().conversationExists(conversationId);
+        return this.coreCryptoClient.conversationExists(conversationId);
     }
     async clientValidKeypackagesCount() {
-        return this.getCoreCryptoClient().clientValidKeypackagesCount();
+        return this.coreCryptoClient.clientValidKeypackagesCount();
     }
     async clientKeypackages(amountRequested) {
-        return this.getCoreCryptoClient().clientKeypackages(amountRequested);
+        return this.coreCryptoClient.clientKeypackages(amountRequested);
     }
     /**
      * Will make the given client mls capable (generate and upload key packages)
@@ -184,7 +183,7 @@ class MLSService {
         return this.apiClient.api.client.uploadMLSKeyPackages(clientId, keypackages.map(keypackage => btoa(bazinga64_1.Converter.arrayBufferViewToBaselineString(keypackage))));
     }
     async wipeConversation(conversationId) {
-        return this.getCoreCryptoClient().wipeConversation(conversationId);
+        return this.coreCryptoClient.wipeConversation(conversationId);
     }
 }
 exports.MLSService = MLSService;

package/src/main/mls/types.d.ts

@@ -18,7 +18,7 @@ export interface MLSConfig<T = any> {
      * encrypt/decrypt function pair that will be called before storing/fetching secrets in the secrets database.
      * If not provided will use the built in encryption mechanism
      */
-    secretsCrypto?: SecretCrypto<T>;
+    systemCrypto?: SecretCrypto<T>;
     /**
      * path on the public server to the core crypto wasm file.
      * This file will be downloaded lazily when corecrypto is needed.

package/src/main/notification/NotificationService.js

@@ -71,6 +71,7 @@ const NotificationDatabaseRepository_1 = require("./NotificationDatabaseReposito
 const protocol_messaging_1 = require("@wireapp/protocol-messaging");
 const bazinga64_1 = require("bazinga64");
 const TaskScheduler_1 = require("../util/TaskScheduler/TaskScheduler");
+const mls_1 = require("../mls");
 const LowPrecisionTaskScheduler_1 = require("../util/LowPrecisionTaskScheduler/LowPrecisionTaskScheduler");
 const keyPackagesStatusStore_1 = require("../mls/keyPackagesStatusStore/keyPackagesStatusStore");
 const keyMaterialUpdatesStore_1 = require("../mls/keyMaterialUpdatesStore");
@@ -260,7 +261,12 @@ class NotificationService extends events_1.EventEmitter {
                 const encryptedData = bazinga64_1.Decoder.fromBase64(event.data).asBytes;
                 const groupId = await this.getGroupIdFromConversationId((_a = event.qualified_conversation) !== null && _a !== void 0 ? _a : { id: event.conversation, domain: '' });
                 const groupIdBytes = bazinga64_1.Decoder.fromBase64(groupId).asBytes;
-                const { proposals, commitDelay, message } = await this.mlsService.decryptMessage(groupIdBytes, encryptedData);
+                const { proposals, commitDelay, message, senderClientId: encodedSenderClientId, } = await this.mlsService.decryptMessage(groupIdBytes, encryptedData);
+                if (encodedSenderClientId) {
+                    const decoder = new TextDecoder();
+                    const senderClientId = decoder.decode((0, mls_1.optionalToUint8Array)(encodedSenderClientId));
+                    event.senderClientId = senderClientId;
+                }
                 // Check if the message includes proposals
                 if (typeof commitDelay === 'number' || proposals.length > 0) {
                     // we are dealing with a proposal, add a task to process this proposal later on
@@ -283,7 +289,10 @@ class NotificationService extends events_1.EventEmitter {
                  * @todo Find a proper solution to add mappedEvent to this return
                  * otherwise event.data will be base64 raw data of the received event
                  */
-                return { event, decryptedData };
+                return {
+                    event,
+                    decryptedData,
+                };
             // Encrypted Proteus events
             case Events.CONVERSATION_EVENT.OTR_MESSAGE_ADD: {
                 if (dryRun) {