Skip to content

Commit

Permalink
feat(e2ei)!: introduce handle & team in the client dpop token
Browse files Browse the repository at this point in the history
  • Loading branch information
@beltram
beltram committed Nov 28, 2023
1 parent 9c1e201 commit fcdbc2e
Show file tree
Hide file tree
Showing 12 changed files with 89 additions and 47 deletions.
15 changes: 9 additions & 6 deletions crypto-ffi/bindings/js/CoreCrypto.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1700,10 +1700,11 @@ export class CoreCrypto {
* @param handle - user handle e.g. `[email protected]`
* @param expiryDays - generated x509 certificate expiry
* @param ciphersuite - for generating signing key material
* @param team - name of the Wire team a user belongs to
* @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCrypto.e2eiMlsInitOnly}
*/
async e2eiNewEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
async e2eiNewEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite, team?: string): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_enrollment(clientId, displayName, handle, team, expiryDays, ciphersuite));
return new E2eiEnrollment(e2ei);
}

Expand All @@ -1716,10 +1717,11 @@ export class CoreCrypto {
* @param handle - user handle e.g. `[email protected]`
* @param expiryDays - generated x509 certificate expiry
* @param ciphersuite - for generating signing key material
* @param team - name of the Wire team a user belongs to
* @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCrypto.e2eiRotateAll}
*/
async e2eiNewActivationEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_activation_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
async e2eiNewActivationEnrollment(clientId: string, displayName: string, handle: string, expiryDays: number, ciphersuite: Ciphersuite, team?: string): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_activation_enrollment(clientId, displayName, handle, team, expiryDays, ciphersuite));
return new E2eiEnrollment(e2ei);
}

Expand All @@ -1734,10 +1736,11 @@ export class CoreCrypto {
* @param ciphersuite - for generating signing key material
* @param displayName - human-readable name displayed in the application e.g. `Smith, Alice M (QA)`
* @param handle - user handle e.g. `[email protected]`
* @param team - name of the Wire team a user belongs to
* @returns The new {@link E2eiEnrollment} enrollment instance to use with {@link CoreCrypto.e2eiRotateAll}
*/
async e2eiNewRotateEnrollment(clientId: string, expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string,): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_rotate_enrollment(clientId, displayName, handle, expiryDays, ciphersuite));
async e2eiNewRotateEnrollment(clientId: string, expiryDays: number, ciphersuite: Ciphersuite, displayName?: string, handle?: string, team?: string): Promise<E2eiEnrollment> {
const e2ei = await CoreCryptoError.asyncMapErr(this.#cc.e2ei_new_rotate_enrollment(clientId, displayName, handle, team, expiryDays, ciphersuite));
return new E2eiEnrollment(e2ei);
}

Expand Down
10 changes: 9 additions & 1 deletion crypto-ffi/bindings/jvm/src/main/kotlin/com/wire/crypto/client/CoreCryptoCentral.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
* @param handle user handle e.g. `[email protected]`
* @param expiryDays generated x509 certificate expiry
* @param ciphersuite for generating signing key material
* @param team name of the Wire team a user belongs to
* @return The new [E2EIEnrollment] enrollment to use with [e2eiMlsInitOnly]
*/
suspend fun e2eiNewEnrollment(
Expand All @@ -69,8 +70,9 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
handle: String,
expiryDays: UInt,
ciphersuite: Ciphersuite,
team: String? = null,
): E2EIEnrollment {
return E2EIEnrollment(cc.e2eiNewEnrollment(clientId, displayName, handle, expiryDays, ciphersuite.lower()))
return E2EIEnrollment(cc.e2eiNewEnrollment(clientId, displayName, handle, team, expiryDays, ciphersuite.lower()))
}

/**
Expand All @@ -82,6 +84,7 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
* @param handle user handle e.g. `[email protected]`
* @param expiryDays generated x509 certificate expiry
* @param ciphersuite for generating signing key material
* @param team name of the Wire team a user belongs to
* @return The new [E2EIEnrollment] enrollment to use with [e2eiRotateAll]
*/
suspend fun e2eiNewActivationEnrollment(
Expand All @@ -90,12 +93,14 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
handle: String,
expiryDays: UInt,
ciphersuite: Ciphersuite,
team: String? = null,
): E2EIEnrollment {
return E2EIEnrollment(
cc.e2eiNewActivationEnrollment(
clientId,
displayName,
handle,
team,
expiryDays,
ciphersuite.lower()
)
Expand All @@ -112,6 +117,7 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
* @param ciphersuite for generating signing key material
* @param displayName human-readable name displayed in the application e.g. `Smith, Alice M (QA)`
* @param handle user handle e.g. `[email protected]`
* @param team name of the Wire team a user belongs to
* @return The new [E2EIEnrollment] enrollment to use with [e2eiRotateAll]
*/
suspend fun e2eiNewRotateEnrollment(
Expand All @@ -120,12 +126,14 @@ class CoreCryptoCentral private constructor(private val cc: CoreCrypto, private
ciphersuite: Ciphersuite,
displayName: String? = null,
handle: String? = null,
team: String? = null,
): E2EIEnrollment {
return E2EIEnrollment(
cc.e2eiNewRotateEnrollment(
clientId,
displayName,
handle,
team,
expiryDays,
ciphersuite.lower()
)
Expand Down
15 changes: 9 additions & 6 deletions crypto-ffi/bindings/swift/Sources/CoreCrypto/CoreCrypto.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1154,9 +1154,10 @@ public class CoreCryptoWrapper {
/// - parameter handle: user handle e.g. `[email protected]`
/// - parameter expiryDays: generated x509 certificate expiry
/// - parameter ciphersuite: For generating signing key material.
/// - parameter team: name of the Wire team a user belongs to
/// - returns: The new ``CoreCryptoSwift.WireE2eIdentity`` object
public func e2eiNewEnrollment(clientId: String, displayName: String, handle: String, expiryDays: UInt32, ciphersuite: UInt16) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewEnrollment(clientId: clientId, displayName: displayName, handle: handle, expiryDays: expiryDays, ciphersuite: ciphersuite)
public func e2eiNewEnrollment(clientId: String, displayName: String, handle: String, expiryDays: UInt32, ciphersuite: UInt16, handle: String? = nil) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewEnrollment(clientId: clientId, displayName: displayName, handle: handle, team: team, expiryDays: expiryDays, ciphersuite: ciphersuite)
return E2eiEnrollment(enrollment)
}

Expand All @@ -1168,9 +1169,10 @@ public class CoreCryptoWrapper {
/// - parameter handle: user handle e.g. `[email protected]`
/// - parameter expiryDays: generated x509 certificate expiry
/// - parameter ciphersuite: For generating signing key material.
/// - parameter team: name of the Wire team a user belongs to
/// - returns: The new ``CoreCryptoSwift.WireE2eIdentity`` object
public func e2eiNewActivationEnrollment(clientId: String, displayName: String, handle: String, expiryDays: UInt32, ciphersuite: UInt16) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewActivationEnrollment(clientId: clientId, displayName: displayName, handle: handle, expiryDays: expiryDays, ciphersuite: ciphersuite)
public func e2eiNewActivationEnrollment(clientId: String, displayName: String, handle: String, expiryDays: UInt32, ciphersuite: UInt16, handle: String? = nil) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewActivationEnrollment(clientId: clientId, displayName: displayName, handle: handle, team: team, expiryDays: expiryDays, ciphersuite: ciphersuite)
return E2eiEnrollment(enrollment)
}

Expand All @@ -1183,9 +1185,10 @@ public class CoreCryptoWrapper {
/// - parameter ciphersuite: For generating signing key material.
/// - parameter displayName: human readable name displayed in the application e.g. `Smith, Alice M (QA)`
/// - parameter handle: user handle e.g. `[email protected]`
/// - parameter team: name of the Wire team a user belongs to
/// - returns: The new ``CoreCryptoSwift.WireE2eIdentity`` object
public func e2eiNewRotateEnrollment(clientId: String, expiryDays: UInt32, ciphersuite: UInt16, displayName: String? = nil, handle: String? = nil) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewRotateEnrollment(clientId: clientId, expiryDays: expiryDays, ciphersuite: ciphersuite, displayName: displayName, handle: handle)
public func e2eiNewRotateEnrollment(clientId: String, expiryDays: UInt32, ciphersuite: UInt16, displayName: String? = nil, handle: String? = nil, team: String? = nil) async throws -> E2eiEnrollment {
let enrollment = try await self.coreCrypto.e2eiNewRotateEnrollment(clientId: clientId, expiryDays: expiryDays, ciphersuite: ciphersuite, displayName: displayName, handle: handle, team: team)
return E2eiEnrollment(enrollment)
}

Expand Down
6 changes: 6 additions & 0 deletions crypto-ffi/src/generic.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1296,6 +1296,7 @@ impl CoreCrypto {
client_id: String,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> CoreCryptoResult<std::sync::Arc<E2eiEnrollment>> {
Expand All @@ -1306,6 +1307,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand All @@ -1322,6 +1324,7 @@ impl CoreCrypto {
client_id: String,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> CoreCryptoResult<std::sync::Arc<E2eiEnrollment>> {
Expand All @@ -1332,6 +1335,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand All @@ -1348,6 +1352,7 @@ impl CoreCrypto {
client_id: String,
display_name: Option<String>,
handle: Option<String>,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> CoreCryptoResult<std::sync::Arc<E2eiEnrollment>> {
Expand All @@ -1358,6 +1363,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand Down
6 changes: 6 additions & 0 deletions crypto-ffi/src/wasm.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2443,6 +2443,7 @@ impl CoreCrypto {
client_id: String,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> Promise {
Expand All @@ -2456,6 +2457,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand All @@ -2477,6 +2479,7 @@ impl CoreCrypto {
client_id: String,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> Promise {
Expand All @@ -2490,6 +2493,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand All @@ -2511,6 +2515,7 @@ impl CoreCrypto {
client_id: String,
display_name: Option<String>,
handle: Option<String>,
team: Option<String>,
expiry_days: u32,
ciphersuite: Ciphersuite,
) -> Promise {
Expand All @@ -2524,6 +2529,7 @@ impl CoreCrypto {
client_id.into_bytes().into(),
display_name,
handle,
team,
expiry_days,
ciphersuite.into(),
)
Expand Down
4 changes: 2 additions & 2 deletions crypto/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ async-trait = "0.1"
async-lock = "3.0"
schnellru = "0.2"
zeroize = "1.5"
wire-e2e-identity = { version = "0.5", default-features = false }
wire-e2e-identity = { version = "=0.6.1", default-features = false }
indexmap = "2"
x509-cert = "0.2"
pem = "3.0"
Expand Down Expand Up @@ -99,7 +99,7 @@ async-std = { version = "1.12", features = ["attributes"] }
futures-util = { version = "0.3", features = ["std", "alloc"] }
proteus-traits = "2.0"
async-trait = "0.1"
wire-e2e-identity = { version = "0.5", features = ["identity-builder"] }
wire-e2e-identity = { version = "=0.6.1", features = ["identity-builder"] }
fluvio-wasm-timer = "0.2"
time = { version = "0.3", features = ["wasm-bindgen"] }
base64 = "0.21"
Expand Down
5 changes: 4 additions & 1 deletion crypto/src/e2e_identity/identity.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ impl<'a> TryFrom<(wire_e2e_identity::prelude::WireIdentity, &'a [u8])> for WireI
let certificate = document.to_pem("CERTIFICATE", LineEnding::LF)?;
Ok(Self {
client_id: i.client_id,
handle: i.handle,
handle: i.handle.to_string(),
display_name: i.display_name,
domain: i.domain,
certificate,
Expand Down Expand Up @@ -123,8 +123,11 @@ pub mod tests {

wasm_bindgen_test_configure!(run_in_browser);

#[allow(clippy::redundant_static_lifetimes)]
const ALICE_ANDROID: &'static str = "t6wRpI8BRSeviBwwiFp5MQ:[email protected]";
#[allow(clippy::redundant_static_lifetimes)]
const ALICE_IOS: &'static str = "t6wRpI8BRSeviBwwiFp5MQ:[email protected]";
#[allow(clippy::redundant_static_lifetimes)]
const BOB_ANDROID: &'static str = "wjoxZL5tTzi2-8iND-HimA:[email protected]";

#[async_std::test]
Expand Down
16 changes: 15 additions & 1 deletion crypto/src/e2e_identity/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,15 @@ impl MlsCentral {
client_id: ClientId,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
ciphersuite: MlsCiphersuite,
) -> E2eIdentityResult<E2eiEnrollment> {
E2eiEnrollment::try_new(
client_id,
display_name,
handle,
team,
expiry_days,
&self.mls_backend,
ciphersuite,
Expand Down Expand Up @@ -84,6 +86,7 @@ pub struct E2eiEnrollment {
client_id: String,
display_name: String,
handle: String,
team: Option<String>,
expiry: core::time::Duration,
directory: Option<types::E2eiAcmeDirectory>,
account: Option<wire_e2e_identity::prelude::E2eiAcmeAccount>,
Expand All @@ -110,10 +113,12 @@ impl E2eiEnrollment {
/// * `display_name` - human readable name displayed in the application e.g. `Smith, Alice M (QA)`
/// * `handle` - user handle e.g. `[email protected]`
/// * `expiry_days` - generated x509 certificate expiry in days
#[allow(clippy::too_many_arguments)]
pub fn try_new(
client_id: ClientId,
display_name: String,
handle: String,
team: Option<String>,
expiry_days: u32,
backend: &MlsCryptoProvider,
ciphersuite: MlsCiphersuite,
Expand All @@ -134,6 +139,7 @@ impl E2eiEnrollment {
client_id,
display_name,
handle,
team,
expiry,
directory: None,
account: None,
Expand Down Expand Up @@ -270,7 +276,14 @@ impl E2eiEnrollment {
.wire_dpop_challenge
.as_ref()
.ok_or(E2eIdentityError::ImplementationError)?;
Ok(self.new_dpop_token(&self.client_id, dpop_challenge, backend_nonce, expiry)?)
Ok(self.new_dpop_token(
&self.client_id,
dpop_challenge,
backend_nonce,
self.handle.as_str(),
self.team.clone(),
expiry,
)?)
}

/// Creates a new challenge request.
Expand Down Expand Up @@ -443,6 +456,7 @@ pub mod tests {
E2EI_CLIENT_ID.into(),
E2EI_DISPLAY_NAME.to_string(),
E2EI_HANDLE.to_string(),
Some(TEAM.to_string()),
E2EI_EXPIRY,
case.ciphersuite(),
)
Expand Down
Loading

0 comments on commit fcdbc2e

Please sign in to comment.