mirror/libsignal
0
0
Fork 0
mirror of https://github.com/signalapp/libsignal.git synced 2024-09-20 03:52:17 +02:00
Code
9822bb3b64
libsignal/node/Native.d.ts

352 lines
36 KiB
TypeScript
Raw Normal View History

Add a Yarn-based Node package for signal-client There's very little here yet, just enough to test something.
2020-10-23 20:44:41 +02:00
//
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
// Copyright 2020-2022 Signal Messenger, LLC.
Add a Yarn-based Node package for signal-client There's very little here yet, just enough to test something.
2020-10-23 20:44:41 +02:00
// SPDX-License-Identifier: AGPL-3.0-only
//
Node: Autogenerate libsignal_client.d.ts like we do Native.java This collects doc comments of the form "ts: <some TS declaration>", which can be written manually *or* generated by the various "bridge" macros. If the declaration looks like a function, it also does some substitution of Rust types for TypeScript types, to make autogeneration easier.
2021-01-26 23:59:39 +01:00
// WARNING: this file was automatically generated
Node: Switch to Neon's napi-runtime and JsBox We lose the ability to define classes in Rust, but we probably want to be doing that in TypeScript anyway.
2020-12-04 03:01:59 +01:00
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
type Uuid = Buffer;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
/// A Native.Timestamp may be measured in seconds or in milliseconds;
/// what's important is that it's an integer less than Number.MAX_SAFE_INTEGER.
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
type Timestamp = number;
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
TS store APIs
2021-02-16 21:45:16 +01:00
export abstract class IdentityKeyStore {
_getIdentityKey(): Promise<PrivateKey>;
_getLocalRegistrationId(): Promise<number>;
_saveIdentity(name: ProtocolAddress, key: PublicKey): Promise<boolean>;
_isTrustedIdentity(name: ProtocolAddress, key: PublicKey, sending: boolean): Promise<boolean>;
_getIdentity(name: ProtocolAddress): Promise<PublicKey | null>;
}
export abstract class SessionStore {
_saveSession(addr: ProtocolAddress, record: SessionRecord): Promise<void>;
_getSession(addr: ProtocolAddress): Promise<SessionRecord | null>;
}
export abstract class PreKeyStore {
_savePreKey(preKeyId: number, record: PreKeyRecord): Promise<void>;
_getPreKey(preKeyId: number): Promise<PreKeyRecord>;
_removePreKey(preKeyId: number): Promise<void>;
}
export abstract class SignedPreKeyStore {
_saveSignedPreKey(signedPreKeyId: number, record: SignedPreKeyRecord): Promise<void>;
_getSignedPreKey(signedPreKeyId: number): Promise<SignedPreKeyRecord>;
}
Add support for SenderKeyStore in TypeScript API
2021-02-08 20:35:40 +01:00
export abstract class SenderKeyStore {
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
_saveSenderKey(sender: ProtocolAddress, distributionId: Uuid, record: SenderKeyRecord): Promise<void>;
_getSenderKey(sender: ProtocolAddress, distributionId: Uuid): Promise<SenderKeyRecord | null>;
Add support for SenderKeyStore in TypeScript API
2021-02-08 20:35:40 +01:00
}
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
interface Wrapper<T> {
readonly _nativeHandle: T
}
bridge: Add support for bincode-serialized args and results This will be used by zkgroup. Note that in order to print the type correctly in C, a type `Serialized<FooBar>` will be translated to `[u8; FOO_BAR_LEN]`, where 'FOO_BAR_LEN' has to be a constant that's in scope.
2021-10-28 23:53:42 +02:00
// eslint-disable-next-line @typescript-eslint/no-unused-vars
type Serialized<T> = Buffer;
Bridge: add support for strongly-typed Node errors Within a new 'Errors' module, we have a base class that indicates this is a strongly-typed error, and an enum to identify what kind of error it is and thus what extra properties it might have. TypeScript's type narrowing support make this possible to do safely as long as all instances of the base class do in fact have the extra properties that match their code (and do not have an invalid code). To expose this to Rust (via Neon): - After loading the Rust library into Node, set an 'Errors' property with the relevant error types on the module object. - Whenever a bridge_fn produces an error, pass it to a new SignalNodeError::throw API along with the 'this' object, which is assumed to have to be the object with the 'Errors' property. This is a little less tidy than how we do Java exceptions, but it comes from not having access to the error classes by some kind of absolute name. Alternate approaches considered include: - Use an initialized-once global. Downside: would not work if you ever had more than one Node engine live in a process, or quit and restarted it. - Store the errors on the global object under some long, complicated key (like "org.signal.libsignal-client.Errors"). Downside: pollutes the global object. - Generate the base class using Neon instead of writing it in TypeScript. Downsides: inconvenient, difficult to maintain, harder to use /from/ TypeScript.
2021-03-30 03:07:59 +02:00
export function registerErrors(errorsModule: Record<string, unknown>): void;
TS store APIs
2021-02-16 21:45:16 +01:00
Node: align log levels for TypeScript with log levels in the Rust enum
2021-03-09 19:17:07 +01:00
export const enum LogLevel { Error = 1, Warn, Info, Debug, Trace }
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function Aes256GcmSiv_Decrypt(aesGcmSiv: Wrapper<Aes256GcmSiv>, ctext: Buffer, nonce: Buffer, associatedData: Buffer): Buffer;
Bridge: expose RustCrypto's AES-GCM-SIV instead of our own Same as before, but for the wrapper exposed to the app languages.
2021-06-17 03:36:36 +02:00
export function Aes256GcmSiv_Encrypt(aesGcmSivObj: Wrapper<Aes256GcmSiv>, ptext: Buffer, nonce: Buffer, associatedData: Buffer): Buffer;
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
export function Aes256GcmSiv_New(key: Buffer): Aes256GcmSiv;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function AuthCredentialPresentation_CheckValidContents(presentationBytes: Buffer): void;
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
export function AuthCredentialPresentation_GetPniCiphertext(presentationBytes: Buffer): Buffer;
export function AuthCredentialPresentation_GetRedemptionTime(presentationBytes: Buffer): Timestamp;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function AuthCredentialPresentation_GetUuidCiphertext(presentationBytes: Buffer): Serialized<UuidCiphertext>;
export function AuthCredentialResponse_CheckValidContents(buffer: Buffer): void;
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
export function AuthCredentialWithPniResponse_CheckValidContents(buffer: Buffer): void;
export function AuthCredentialWithPni_CheckValidContents(buffer: Buffer): void;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function AuthCredential_CheckValidContents(buffer: Buffer): void;
CDS2: add initial, not-for-production, client bindings
2022-05-13 22:39:26 +02:00
export function Cds2ClientState_CompleteHandshake(cli: Wrapper<Cds2ClientState>, handshakeReceived: Buffer): void;
export function Cds2ClientState_EstablishedRecv(cli: Wrapper<Cds2ClientState>, receivedCiphertext: Buffer): Buffer;
export function Cds2ClientState_EstablishedSend(cli: Wrapper<Cds2ClientState>, plaintextToSend: Buffer): Buffer;
export function Cds2ClientState_InitialRequest(obj: Wrapper<Cds2ClientState>): Buffer;
[feature] CDS2 attestation Implements (a subset of) Intel's DCAP attestation, making heavy use of 'boring' for X509 and ECDSA. Cds2Client is now ready for use! Co-authored-by: Jordan Rose <jrose@signal.org> Co-authored-by: Ravi Khadiwala <ravi@signal.org>
2022-07-22 21:23:57 +02:00
export function Cds2ClientState_New(mrenclave: Buffer, attestationMsg: Buffer, currentTimestamp: Timestamp): Cds2ClientState;
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
export function CiphertextMessage_FromPlaintextContent(m: Wrapper<PlaintextContent>): CiphertextMessage;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function CiphertextMessage_Serialize(obj: Wrapper<CiphertextMessage>): Buffer;
export function CiphertextMessage_Type(msg: Wrapper<CiphertextMessage>): number;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function DecryptionErrorMessage_Deserialize(data: Buffer): DecryptionErrorMessage;
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
export function DecryptionErrorMessage_ExtractFromSerializedContent(bytes: Buffer): DecryptionErrorMessage;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function DecryptionErrorMessage_ForOriginalMessage(originalBytes: Buffer, originalType: number, originalTimestamp: Timestamp, originalSenderDeviceId: number): DecryptionErrorMessage;
Add a deviceId field to DecryptionErrorMessage This allows a device to know whether it's the one that sent a bad message, and take action accordingly. We could have a slightly more typesafe API here by using ProtocolAddress and extracting the device ID, but that doesn't match up with getting the device ID out of a sealed sender certificate.
2021-05-27 02:19:07 +02:00
export function DecryptionErrorMessage_GetDeviceId(obj: Wrapper<DecryptionErrorMessage>): number;
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
export function DecryptionErrorMessage_GetRatchetKey(m: Wrapper<DecryptionErrorMessage>): PublicKey | null;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function DecryptionErrorMessage_GetTimestamp(obj: Wrapper<DecryptionErrorMessage>): Timestamp;
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
export function DecryptionErrorMessage_Serialize(obj: Wrapper<DecryptionErrorMessage>): Buffer;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ExpiringProfileKeyCredentialResponse_CheckValidContents(buffer: Buffer): void;
export function ExpiringProfileKeyCredential_CheckValidContents(buffer: Buffer): void;
export function ExpiringProfileKeyCredential_GetExpirationTime(credential: Serialized<ExpiringProfileKeyCredential>): Timestamp;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function Fingerprint_DisplayString(obj: Wrapper<Fingerprint>): string;
export function Fingerprint_New(iterations: number, version: number, localIdentifier: Buffer, localKey: Wrapper<PublicKey>, remoteIdentifier: Buffer, remoteKey: Wrapper<PublicKey>): Fingerprint;
export function Fingerprint_ScannableEncoding(obj: Wrapper<Fingerprint>): Buffer;
Include distribution ID inside SenderKey[Distribution]Message The distribution ID is used to identify which key a particular sender is using to encrypt their SenderKeyMessage, so it has to be known as part of decryption. The previous design had the distribution ID stored alongside each message (perhaps on the "envelope" structure that's received from the server), but that's harder to keep track of, and it would only be present for certain message kinds anyway.
2021-03-11 21:02:37 +01:00
export function GroupCipher_DecryptMessage(sender: Wrapper<ProtocolAddress>, message: Buffer, store: SenderKeyStore, ctx: null): Promise<Buffer>;
Expose Sealed Sender v2 to clients - Add a new "multi-recipient encrypt" entry point - Add an "encrypt v1 sealed sender from UnidentifiedSenderMessage- Content" entry point - Add a public constructor for UnidentifiedSenderMessageContent - Change group_encrypt to return a CiphertextMessage instead of bytes, so it can be used with the above - Java: add SenderKeyStore to SignalProtocolStore requirements
2021-03-25 23:16:34 +01:00
export function GroupCipher_EncryptMessage(sender: Wrapper<ProtocolAddress>, distributionId: Uuid, message: Buffer, store: SenderKeyStore, ctx: null): Promise<CiphertextMessage>;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function GroupMasterKey_CheckValidContents(buffer: Buffer): void;
export function GroupPublicParams_CheckValidContents(buffer: Buffer): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function GroupPublicParams_GetGroupIdentifier(groupPublicParams: Serialized<GroupPublicParams>): Buffer;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function GroupSecretParams_CheckValidContents(buffer: Buffer): void;
zkgroup: Move blob padding/unpadding into Rust Previously this was defined in the app layers, because zkgroup's original codegen didn't support custom exception types. However, we can now move it to a common implementation in Rust.
2021-11-05 19:31:55 +01:00
export function GroupSecretParams_DecryptBlobWithPadding(params: Serialized<GroupSecretParams>, ciphertext: Buffer): Buffer;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function GroupSecretParams_DecryptProfileKey(params: Serialized<GroupSecretParams>, profileKey: Serialized<ProfileKeyCiphertext>, uuid: Uuid): Serialized<ProfileKey>;
export function GroupSecretParams_DecryptUuid(params: Serialized<GroupSecretParams>, uuid: Serialized<UuidCiphertext>): Uuid;
export function GroupSecretParams_DeriveFromMasterKey(masterKey: Serialized<GroupMasterKey>): Serialized<GroupSecretParams>;
zkgroup: Move blob padding/unpadding into Rust Previously this was defined in the app layers, because zkgroup's original codegen didn't support custom exception types. However, we can now move it to a common implementation in Rust.
2021-11-05 19:31:55 +01:00
export function GroupSecretParams_EncryptBlobWithPaddingDeterministic(params: Serialized<GroupSecretParams>, randomness: Buffer, plaintext: Buffer, paddingLen: number): Buffer;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function GroupSecretParams_EncryptProfileKey(params: Serialized<GroupSecretParams>, profileKey: Serialized<ProfileKey>, uuid: Uuid): Serialized<ProfileKeyCiphertext>;
export function GroupSecretParams_EncryptUuid(params: Serialized<GroupSecretParams>, uuid: Uuid): Serialized<UuidCiphertext>;
export function GroupSecretParams_GenerateDeterministic(randomness: Buffer): Serialized<GroupSecretParams>;
export function GroupSecretParams_GetMasterKey(params: Serialized<GroupSecretParams>): Serialized<GroupMasterKey>;
export function GroupSecretParams_GetPublicParams(params: Serialized<GroupSecretParams>): Serialized<GroupPublicParams>;
Remove support for HKDF "versions" Previously, we had HKDF-for-session-version-3, which matches RFC 5869, and HKDF-for-session-version-2, which produced slightly different results. However, nothing in the current versions of Signal uses anything but the RFC-compliant version. Therefore, this commit removes support for version 2 and deprecates the entry points that take a version: - Java: The HKDFv3 class is deprecated in favor of static methods on the HKDF class. - Swift: The hkdf function that takes a 'version' parameter is deprecated in favor of a new overload that does not. - TypeScript: The HKDF class is deprecated in favor of a top-level hkdf function. - Rust: The libsignal-protocol implementation of HKDF has been removed entirely in favor of the hkdf crate. There are no significant benchmark deltas from this change, and a minimal code size increase that's the cost for removing our own implementation of HKDF. The deprecations can be removed as a later breaking change.
2021-10-09 03:17:45 +02:00
export function HKDF_DeriveSecrets(outputLength: number, ikm: Buffer, label: Buffer | null, salt: Buffer | null): Buffer;
Implement node interfaces for HsmEnclave
2021-10-27 02:51:25 +02:00
export function HsmEnclaveClient_CompleteHandshake(cli: Wrapper<HsmEnclaveClient>, handshakeReceived: Buffer): void;
export function HsmEnclaveClient_EstablishedRecv(cli: Wrapper<HsmEnclaveClient>, receivedCiphertext: Buffer): Buffer;
export function HsmEnclaveClient_EstablishedSend(cli: Wrapper<HsmEnclaveClient>, plaintextToSend: Buffer): Buffer;
export function HsmEnclaveClient_InitialRequest(obj: Wrapper<HsmEnclaveClient>): Buffer;
export function HsmEnclaveClient_New(trustedPublicKey: Buffer, trustedCodeHashes: Buffer): HsmEnclaveClient;
Node: Add missing IdentityKeyPair_Deserialize This annoying function is implemented separately for each bridge because it produces two results, and the optimal way of doing that for each bridge differs.
2022-07-20 02:21:58 +02:00
export function IdentityKeyPair_Deserialize(buffer: Buffer): {publicKey:PublicKey,privateKey:PrivateKey};
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function IdentityKeyPair_Serialize(publicKey: Wrapper<PublicKey>, privateKey: Wrapper<PrivateKey>): Buffer;
Expose signAlternateIdentity and verifyAlternateIdentity - Java: on IdentityKeyPair and IdentityKey, respectively - Swift: on IdentityKeyPair and IdentityKey, respectively - Node: on IdentityKeyPair and PublicKey; Node doesn't have a separate IdentityKey API For convenience, exposes IdentityKeyPair.generate() in Java and Node as well. (This API already existed in Swift.)
2021-11-11 00:15:08 +01:00
export function IdentityKeyPair_SignAlternateIdentity(publicKey: Wrapper<PublicKey>, privateKey: Wrapper<PrivateKey>, otherIdentity: Wrapper<PublicKey>): Buffer;
export function IdentityKey_VerifyAlternateIdentity(publicKey: Wrapper<PublicKey>, otherIdentity: Wrapper<PublicKey>, signature: Buffer): boolean;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function PlaintextContent_Deserialize(data: Buffer): PlaintextContent;
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
export function PlaintextContent_FromDecryptionErrorMessage(m: Wrapper<DecryptionErrorMessage>): PlaintextContent;
export function PlaintextContent_GetBody(obj: Wrapper<PlaintextContent>): Buffer;
export function PlaintextContent_Serialize(obj: Wrapper<PlaintextContent>): Buffer;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function PniCredentialPresentation_CheckValidContents(presentationBytes: Buffer): void;
export function PniCredentialPresentation_GetAciCiphertext(presentationBytes: Buffer): Serialized<UuidCiphertext>;
export function PniCredentialPresentation_GetPniCiphertext(presentationBytes: Buffer): Serialized<UuidCiphertext>;
export function PniCredentialPresentation_GetProfileKeyCiphertext(presentationBytes: Buffer): Serialized<ProfileKeyCiphertext>;
export function PniCredentialRequestContext_CheckValidContents(buffer: Buffer): void;
Expose PniCredential operations to app languages
2021-11-13 00:24:26 +01:00
export function PniCredentialRequestContext_GetRequest(context: Serialized<PniCredentialRequestContext>): Serialized<ProfileKeyCredentialRequest>;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function PniCredentialResponse_CheckValidContents(buffer: Buffer): void;
export function PniCredential_CheckValidContents(buffer: Buffer): void;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PreKeyBundle_GetDeviceId(obj: Wrapper<PreKeyBundle>): number;
export function PreKeyBundle_GetIdentityKey(p: Wrapper<PreKeyBundle>): PublicKey;
export function PreKeyBundle_GetPreKeyId(obj: Wrapper<PreKeyBundle>): number | null;
export function PreKeyBundle_GetPreKeyPublic(obj: Wrapper<PreKeyBundle>): PublicKey | null;
export function PreKeyBundle_GetRegistrationId(obj: Wrapper<PreKeyBundle>): number;
export function PreKeyBundle_GetSignedPreKeyId(obj: Wrapper<PreKeyBundle>): number;
export function PreKeyBundle_GetSignedPreKeyPublic(obj: Wrapper<PreKeyBundle>): PublicKey;
export function PreKeyBundle_GetSignedPreKeySignature(obj: Wrapper<PreKeyBundle>): Buffer;
export function PreKeyBundle_New(registrationId: number, deviceId: number, prekeyId: number | null, prekey: Wrapper<PublicKey> | null, signedPrekeyId: number, signedPrekey: Wrapper<PublicKey>, signedPrekeySignature: Buffer, identityKey: Wrapper<PublicKey>): PreKeyBundle;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function PreKeyRecord_Deserialize(data: Buffer): PreKeyRecord;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PreKeyRecord_GetId(obj: Wrapper<PreKeyRecord>): number;
export function PreKeyRecord_GetPrivateKey(obj: Wrapper<PreKeyRecord>): PrivateKey;
export function PreKeyRecord_GetPublicKey(obj: Wrapper<PreKeyRecord>): PublicKey;
export function PreKeyRecord_New(id: number, pubKey: Wrapper<PublicKey>, privKey: Wrapper<PrivateKey>): PreKeyRecord;
export function PreKeyRecord_Serialize(obj: Wrapper<PreKeyRecord>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function PreKeySignalMessage_Deserialize(data: Buffer): PreKeySignalMessage;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PreKeySignalMessage_GetPreKeyId(obj: Wrapper<PreKeySignalMessage>): number | null;
export function PreKeySignalMessage_GetRegistrationId(obj: Wrapper<PreKeySignalMessage>): number;
export function PreKeySignalMessage_GetSignedPreKeyId(obj: Wrapper<PreKeySignalMessage>): number;
export function PreKeySignalMessage_GetVersion(obj: Wrapper<PreKeySignalMessage>): number;
export function PreKeySignalMessage_New(messageVersion: number, registrationId: number, preKeyId: number | null, signedPreKeyId: number, baseKey: Wrapper<PublicKey>, identityKey: Wrapper<PublicKey>, signalMessage: Wrapper<SignalMessage>): PreKeySignalMessage;
export function PreKeySignalMessage_Serialize(obj: Wrapper<PreKeySignalMessage>): Buffer;
export function PrivateKey_Agree(privateKey: Wrapper<PrivateKey>, publicKey: Wrapper<PublicKey>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function PrivateKey_Deserialize(data: Buffer): PrivateKey;
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
export function PrivateKey_Generate(): PrivateKey;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PrivateKey_GetPublicKey(k: Wrapper<PrivateKey>): PublicKey;
export function PrivateKey_Serialize(obj: Wrapper<PrivateKey>): Buffer;
export function PrivateKey_Sign(key: Wrapper<PrivateKey>, message: Buffer): Buffer;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ProfileKeyCiphertext_CheckValidContents(buffer: Buffer): void;
export function ProfileKeyCommitment_CheckValidContents(buffer: Buffer): void;
export function ProfileKeyCredentialPresentation_CheckValidContents(presentationBytes: Buffer): void;
export function ProfileKeyCredentialPresentation_GetProfileKeyCiphertext(presentationBytes: Buffer): Serialized<ProfileKeyCiphertext>;
export function ProfileKeyCredentialPresentation_GetUuidCiphertext(presentationBytes: Buffer): Serialized<UuidCiphertext>;
export function ProfileKeyCredentialRequestContext_CheckValidContents(buffer: Buffer): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ProfileKeyCredentialRequestContext_GetRequest(context: Serialized<ProfileKeyCredentialRequestContext>): Serialized<ProfileKeyCredentialRequest>;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ProfileKeyCredentialRequest_CheckValidContents(buffer: Buffer): void;
export function ProfileKeyCredentialResponse_CheckValidContents(buffer: Buffer): void;
export function ProfileKeyCredential_CheckValidContents(buffer: Buffer): void;
export function ProfileKey_CheckValidContents(buffer: Buffer): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ProfileKey_GetCommitment(profileKey: Serialized<ProfileKey>, uuid: Uuid): Serialized<ProfileKeyCommitment>;
export function ProfileKey_GetProfileKeyVersion(profileKey: Serialized<ProfileKey>, uuid: Uuid): Buffer;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function ProtocolAddress_DeviceId(obj: Wrapper<ProtocolAddress>): number;
export function ProtocolAddress_Name(obj: Wrapper<ProtocolAddress>): string;
CamelCase arguments in libsignal_client.d.ts
2021-02-02 23:01:24 +01:00
export function ProtocolAddress_New(name: string, deviceId: number): ProtocolAddress;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PublicKey_Compare(key1: Wrapper<PublicKey>, key2: Wrapper<PublicKey>): number;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function PublicKey_Deserialize(data: Buffer): PublicKey;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function PublicKey_GetPublicKeyBytes(obj: Wrapper<PublicKey>): Buffer;
export function PublicKey_Serialize(obj: Wrapper<PublicKey>): Buffer;
export function PublicKey_Verify(key: Wrapper<PublicKey>, message: Buffer, signature: Buffer): boolean;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ReceiptCredentialPresentation_CheckValidContents(buffer: Buffer): void;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ReceiptCredentialPresentation_GetReceiptExpirationTime(presentation: Serialized<ReceiptCredentialPresentation>): Timestamp;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ReceiptCredentialPresentation_GetReceiptLevel(presentation: Serialized<ReceiptCredentialPresentation>): Buffer;
export function ReceiptCredentialPresentation_GetReceiptSerial(presentation: Serialized<ReceiptCredentialPresentation>): Buffer;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ReceiptCredentialRequestContext_CheckValidContents(buffer: Buffer): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ReceiptCredentialRequestContext_GetRequest(requestContext: Serialized<ReceiptCredentialRequestContext>): Serialized<ReceiptCredentialRequest>;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ReceiptCredentialRequest_CheckValidContents(buffer: Buffer): void;
export function ReceiptCredentialResponse_CheckValidContents(buffer: Buffer): void;
export function ReceiptCredential_CheckValidContents(buffer: Buffer): void;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ReceiptCredential_GetReceiptExpirationTime(receiptCredential: Serialized<ReceiptCredential>): Timestamp;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ReceiptCredential_GetReceiptLevel(receiptCredential: Serialized<ReceiptCredential>): Buffer;
Node: standardize on "Foo_Bar" for functions exposed from Rust This is easier for the Rust macros to generate than "Foo_bar", and it's also the same as what we've been doing for Java.
2021-01-27 00:38:48 +01:00
export function ScannableFingerprint_Compare(fprint1: Buffer, fprint2: Buffer): boolean;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SealedSenderDecryptionResult_GetDeviceId(obj: Wrapper<SealedSenderDecryptionResult>): number;
export function SealedSenderDecryptionResult_GetSenderE164(obj: Wrapper<SealedSenderDecryptionResult>): string | null;
export function SealedSenderDecryptionResult_GetSenderUuid(obj: Wrapper<SealedSenderDecryptionResult>): string;
export function SealedSenderDecryptionResult_Message(obj: Wrapper<SealedSenderDecryptionResult>): Buffer;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function SealedSender_DecryptMessage(message: Buffer, trustRoot: Wrapper<PublicKey>, timestamp: Timestamp, localE164: string | null, localUuid: string, localDeviceId: number, sessionStore: SessionStore, identityStore: IdentityKeyStore, prekeyStore: PreKeyStore, signedPrekeyStore: SignedPreKeyStore): Promise<SealedSenderDecryptionResult>;
Bridge: add ignored Context args to methods taking stores for JNI/Node Previously we defined one entry point for FFI (Swift) that took an extra "context" parameter (to pass through iOS's database transactions), and one for JNI+Node that did not (no context needed currently). But this is all in our glue layer, which doesn't need to be a perfect reflection of the outside interface. Remove that duplication by accepting a Context parameter for both JNI and Node that, for now, must be null.
2021-03-11 02:31:28 +01:00
export function SealedSender_DecryptToUsmc(ctext: Buffer, identityStore: IdentityKeyStore, ctx: null): Promise<UnidentifiedSenderMessageContent>;
Expose Sealed Sender v2 to clients - Add a new "multi-recipient encrypt" entry point - Add an "encrypt v1 sealed sender from UnidentifiedSenderMessage- Content" entry point - Add a public constructor for UnidentifiedSenderMessageContent - Change group_encrypt to return a CiphertextMessage instead of bytes, so it can be used with the above - Java: add SenderKeyStore to SignalProtocolStore requirements
2021-03-25 23:16:34 +01:00
export function SealedSender_Encrypt(destination: Wrapper<ProtocolAddress>, content: Wrapper<UnidentifiedSenderMessageContent>, identityKeyStore: IdentityKeyStore, ctx: null): Promise<Buffer>;
Get registration IDs from sessions for Sealed Sender v2 The app-visible change is that sealedSenderMultiRecipientEncrypt now takes a SessionStore as well. Sessions will be looked up in bulk using a new SessionStore API, 'loadExistingSessions' or 'getExistingSessions`. The registration ID is then loaded from each session and included in the resulting SSv2 payload. The implementation is a bit of a divergence from some other APIs in libsignal-client in that the "look up in bulk" step is performed in the Java, Swift, or TypeScript layer, with the resulting sessions passed down to Rust. Why? Because otherwise we'd pass a list of addresses into Rust, which would have to turn them back into a Java, Swift, or TypeScript array to call the SessionStore method. This would be (1) a bunch of extra work to implement, and (2) a waste of CPU when we already /have/ a list of addresses in the correct format: the argument to sealedSenderMultiRecipientEncrypt. This is an example of "the boundaries between the Rust and Java/Swift/TypeScript parts of the library don't have to be perfect; they're internal to the overall product". In this case, we've taken that a little further than usual: usually we try to make the libsignal-protocol API as convenient as possible as well, but here it had to be a bit lower-level to satisfy the needs of the app language wrappers. (Specifically, callers need to fetch the list of SessionRecords themselves.) P.S. Why doesn't v1 of sealed sender include registration IDs? Because for SSv1, libsignal-client isn't producing the entire request body to upload to the server; it's only producing the message content that will be decrypted by the recipient. With SSv2, the serialized message the recipient downloads has both shared and per-recipient data in it, which the server must assemble from the uploaded request. Because of this, SSv2's encrypt API might as well produce the entire request.
2021-05-20 01:26:45 +02:00
export function SealedSender_MultiRecipientEncrypt(recipients: Wrapper<ProtocolAddress>[], recipientSessions: Wrapper<SessionRecord>[], content: Wrapper<UnidentifiedSenderMessageContent>, identityKeyStore: IdentityKeyStore, ctx: null): Promise<Buffer>;
Switch to a flat (non-protobuf) encoding for SealedSender v2 We're optimizing for size overhead in this encoding, so forego the flexibility of protobufs in favor of a flat encoding (though one that still uses protobuf's varints). Additionally, this encoding includes the recipients inline in the message so the client can dump it all to server in one go. As a side effect, this means an SSv2 message encoded for sending no longer has the same format as one encoded for receiving when there's only one recipient. Consequently, all the tests need to be modified to "fan out" a multi-recipient message to several single-recipient messages. For simplicity, the wrapper language tests only support this operation for SSv2 messages sent to exactly one recipient.
2021-03-27 00:33:04 +01:00
export function SealedSender_MultiRecipientMessageForSingleRecipient(encodedMultiRecipientMessage: Buffer): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SenderCertificate_Deserialize(data: Buffer): SenderCertificate;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderCertificate_GetCertificate(obj: Wrapper<SenderCertificate>): Buffer;
export function SenderCertificate_GetDeviceId(obj: Wrapper<SenderCertificate>): number;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function SenderCertificate_GetExpiration(obj: Wrapper<SenderCertificate>): Timestamp;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderCertificate_GetKey(obj: Wrapper<SenderCertificate>): PublicKey;
export function SenderCertificate_GetSenderE164(obj: Wrapper<SenderCertificate>): string | null;
export function SenderCertificate_GetSenderUuid(obj: Wrapper<SenderCertificate>): string;
export function SenderCertificate_GetSerialized(obj: Wrapper<SenderCertificate>): Buffer;
export function SenderCertificate_GetServerCertificate(cert: Wrapper<SenderCertificate>): ServerCertificate;
export function SenderCertificate_GetSignature(obj: Wrapper<SenderCertificate>): Buffer;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function SenderCertificate_New(senderUuid: string, senderE164: string | null, senderDeviceId: number, senderKey: Wrapper<PublicKey>, expiration: Timestamp, signerCert: Wrapper<ServerCertificate>, signerKey: Wrapper<PrivateKey>): SenderCertificate;
export function SenderCertificate_Validate(cert: Wrapper<SenderCertificate>, key: Wrapper<PublicKey>, time: Timestamp): boolean;
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
export function SenderKeyDistributionMessage_Create(sender: Wrapper<ProtocolAddress>, distributionId: Uuid, store: SenderKeyStore, ctx: null): Promise<SenderKeyDistributionMessage>;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SenderKeyDistributionMessage_Deserialize(data: Buffer): SenderKeyDistributionMessage;
SenderKey: Rename 'keyId' to 'chainId', 'groupId' to 'distributionId' Clarifies the use of "ID" in SenderKey-related APIs. I've left deprecated entry points for Java but not for Swift and TypeScript (which are not in use yet). - SenderKeyMessage::key_id -> chain_id (avoids double "key" in name) - SenderKeyDistributionMessage::id -> chain_id (to match SKM) - SenderKeyName::group_id -> distribution_id (it's not the global group ID)
2021-02-25 20:42:53 +01:00
export function SenderKeyDistributionMessage_GetChainId(obj: Wrapper<SenderKeyDistributionMessage>): number;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyDistributionMessage_GetChainKey(obj: Wrapper<SenderKeyDistributionMessage>): Buffer;
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
export function SenderKeyDistributionMessage_GetDistributionId(obj: Wrapper<SenderKeyDistributionMessage>): Uuid;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyDistributionMessage_GetIteration(obj: Wrapper<SenderKeyDistributionMessage>): number;
SenderKey: Use the session version as the message version We still encode the "current" version in the message version byte, but the part that the receiver will check is now based on the session's original message version rather than the "current" version in the sender. (Note that these are the /same/ version right now, so this change won't have any effect on the current wire format.) This matches the behavior of SignalMessage and PreKeySignalMessage.
2021-05-08 03:24:44 +02:00
export function SenderKeyDistributionMessage_New(messageVersion: number, distributionId: Uuid, chainId: number, iteration: number, chainkey: Buffer, pk: Wrapper<PublicKey>): SenderKeyDistributionMessage;
Include distribution ID inside SenderKey[Distribution]Message The distribution ID is used to identify which key a particular sender is using to encrypt their SenderKeyMessage, so it has to be known as part of decryption. The previous design had the distribution ID stored alongside each message (perhaps on the "envelope" structure that's received from the server), but that's harder to keep track of, and it would only be present for certain message kinds anyway.
2021-03-11 21:02:37 +01:00
export function SenderKeyDistributionMessage_Process(sender: Wrapper<ProtocolAddress>, senderKeyDistributionMessage: Wrapper<SenderKeyDistributionMessage>, store: SenderKeyStore, ctx: null): Promise<void>;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyDistributionMessage_Serialize(obj: Wrapper<SenderKeyDistributionMessage>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SenderKeyMessage_Deserialize(data: Buffer): SenderKeyMessage;
SenderKey: Rename 'keyId' to 'chainId', 'groupId' to 'distributionId' Clarifies the use of "ID" in SenderKey-related APIs. I've left deprecated entry points for Java but not for Swift and TypeScript (which are not in use yet). - SenderKeyMessage::key_id -> chain_id (avoids double "key" in name) - SenderKeyDistributionMessage::id -> chain_id (to match SKM) - SenderKeyName::group_id -> distribution_id (it's not the global group ID)
2021-02-25 20:42:53 +01:00
export function SenderKeyMessage_GetChainId(obj: Wrapper<SenderKeyMessage>): number;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyMessage_GetCipherText(obj: Wrapper<SenderKeyMessage>): Buffer;
Use a strongly-typed UUID for the distribution ID of SenderKeyMessages That's a java.util.UUID for Android, Foundation.UUID for iOS, and, uh, strings for Electron.
2021-03-12 20:36:24 +01:00
export function SenderKeyMessage_GetDistributionId(obj: Wrapper<SenderKeyMessage>): Uuid;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyMessage_GetIteration(obj: Wrapper<SenderKeyMessage>): number;
SenderKey: Use the session version as the message version We still encode the "current" version in the message version byte, but the part that the receiver will check is now based on the session's original message version rather than the "current" version in the sender. (Note that these are the /same/ version right now, so this change won't have any effect on the current wire format.) This matches the behavior of SignalMessage and PreKeySignalMessage.
2021-05-08 03:24:44 +02:00
export function SenderKeyMessage_New(messageVersion: number, distributionId: Uuid, chainId: number, iteration: number, ciphertext: Buffer, pk: Wrapper<PrivateKey>): SenderKeyMessage;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyMessage_Serialize(obj: Wrapper<SenderKeyMessage>): Buffer;
export function SenderKeyMessage_VerifySignature(skm: Wrapper<SenderKeyMessage>, pubkey: Wrapper<PublicKey>): boolean;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SenderKeyRecord_Deserialize(data: Buffer): SenderKeyRecord;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SenderKeyRecord_Serialize(obj: Wrapper<SenderKeyRecord>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function ServerCertificate_Deserialize(data: Buffer): ServerCertificate;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function ServerCertificate_GetCertificate(obj: Wrapper<ServerCertificate>): Buffer;
export function ServerCertificate_GetKey(obj: Wrapper<ServerCertificate>): PublicKey;
export function ServerCertificate_GetKeyId(obj: Wrapper<ServerCertificate>): number;
export function ServerCertificate_GetSerialized(obj: Wrapper<ServerCertificate>): Buffer;
export function ServerCertificate_GetSignature(obj: Wrapper<ServerCertificate>): Buffer;
export function ServerCertificate_New(keyId: number, serverKey: Wrapper<PublicKey>, trustRoot: Wrapper<PrivateKey>): ServerCertificate;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ServerPublicParams_CheckValidContents(buffer: Buffer): void;
export function ServerPublicParams_CreateAuthCredentialPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, groupSecretParams: Serialized<GroupSecretParams>, authCredential: Serialized<AuthCredential>): Buffer;
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
export function ServerPublicParams_CreateAuthCredentialWithPniPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, groupSecretParams: Serialized<GroupSecretParams>, authCredential: Serialized<AuthCredentialWithPni>): Buffer;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ServerPublicParams_CreateExpiringProfileKeyCredentialPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, groupSecretParams: Serialized<GroupSecretParams>, profileKeyCredential: Serialized<ExpiringProfileKeyCredential>): Buffer;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ServerPublicParams_CreatePniCredentialPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, groupSecretParams: Serialized<GroupSecretParams>, pniCredential: Serialized<PniCredential>): Buffer;
Expose PniCredential operations to app languages
2021-11-13 00:24:26 +01:00
export function ServerPublicParams_CreatePniCredentialRequestContextDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, aci: Uuid, pni: Uuid, profileKey: Serialized<ProfileKey>): Serialized<PniCredentialRequestContext>;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ServerPublicParams_CreateProfileKeyCredentialPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, groupSecretParams: Serialized<GroupSecretParams>, profileKeyCredential: Serialized<ProfileKeyCredential>): Buffer;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerPublicParams_CreateProfileKeyCredentialRequestContextDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, uuid: Uuid, profileKey: Serialized<ProfileKey>): Serialized<ProfileKeyCredentialRequestContext>;
export function ServerPublicParams_CreateReceiptCredentialPresentationDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, receiptCredential: Serialized<ReceiptCredential>): Serialized<ReceiptCredentialPresentation>;
export function ServerPublicParams_CreateReceiptCredentialRequestContextDeterministic(serverPublicParams: Serialized<ServerPublicParams>, randomness: Buffer, receiptSerial: Buffer): Serialized<ReceiptCredentialRequestContext>;
export function ServerPublicParams_ReceiveAuthCredential(params: Serialized<ServerPublicParams>, uuid: Uuid, redemptionTime: number, response: Serialized<AuthCredentialResponse>): Serialized<AuthCredential>;
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
export function ServerPublicParams_ReceiveAuthCredentialWithPni(params: Serialized<ServerPublicParams>, aci: Uuid, pni: Uuid, redemptionTime: Timestamp, response: Serialized<AuthCredentialWithPniResponse>): Serialized<AuthCredentialWithPni>;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ServerPublicParams_ReceiveExpiringProfileKeyCredential(serverPublicParams: Serialized<ServerPublicParams>, requestContext: Serialized<ProfileKeyCredentialRequestContext>, response: Serialized<ExpiringProfileKeyCredentialResponse>, currentTimeInSeconds: Timestamp): Serialized<ExpiringProfileKeyCredential>;
Expose PniCredential operations to app languages
2021-11-13 00:24:26 +01:00
export function ServerPublicParams_ReceivePniCredential(serverPublicParams: Serialized<ServerPublicParams>, requestContext: Serialized<PniCredentialRequestContext>, response: Serialized<PniCredentialResponse>): Serialized<PniCredential>;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerPublicParams_ReceiveProfileKeyCredential(serverPublicParams: Serialized<ServerPublicParams>, requestContext: Serialized<ProfileKeyCredentialRequestContext>, response: Serialized<ProfileKeyCredentialResponse>): Serialized<ProfileKeyCredential>;
export function ServerPublicParams_ReceiveReceiptCredential(serverPublicParams: Serialized<ServerPublicParams>, requestContext: Serialized<ReceiptCredentialRequestContext>, response: Serialized<ReceiptCredentialResponse>): Serialized<ReceiptCredential>;
export function ServerPublicParams_VerifySignature(serverPublicParams: Serialized<ServerPublicParams>, message: Buffer, notarySignature: Buffer): void;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ServerSecretParams_CheckValidContents(buffer: Buffer): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerSecretParams_GenerateDeterministic(randomness: Buffer): Serialized<ServerSecretParams>;
export function ServerSecretParams_GetPublicParams(params: Serialized<ServerSecretParams>): Serialized<ServerPublicParams>;
export function ServerSecretParams_IssueAuthCredentialDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, uuid: Uuid, redemptionTime: number): Serialized<AuthCredentialResponse>;
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
export function ServerSecretParams_IssueAuthCredentialWithPniDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, aci: Uuid, pni: Uuid, redemptionTime: Timestamp): Serialized<AuthCredentialWithPniResponse>;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ServerSecretParams_IssueExpiringProfileKeyCredentialDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, request: Serialized<ProfileKeyCredentialRequest>, uuid: Uuid, commitment: Serialized<ProfileKeyCommitment>, expirationInSeconds: Timestamp): Serialized<ExpiringProfileKeyCredentialResponse>;
Expose PniCredential operations to app languages
2021-11-13 00:24:26 +01:00
export function ServerSecretParams_IssuePniCredentialDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, request: Serialized<ProfileKeyCredentialRequest>, aci: Uuid, pni: Uuid, commitment: Serialized<ProfileKeyCommitment>): Serialized<PniCredentialResponse>;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerSecretParams_IssueProfileKeyCredentialDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, request: Serialized<ProfileKeyCredentialRequest>, uuid: Uuid, commitment: Serialized<ProfileKeyCommitment>): Serialized<ProfileKeyCredentialResponse>;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ServerSecretParams_IssueReceiptCredentialDeterministic(serverSecretParams: Serialized<ServerSecretParams>, randomness: Buffer, request: Serialized<ReceiptCredentialRequest>, receiptExpirationTime: Timestamp, receiptLevel: Buffer): Serialized<ReceiptCredentialResponse>;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerSecretParams_SignDeterministic(params: Serialized<ServerSecretParams>, randomness: Buffer, message: Buffer): Buffer;
zkgroup: Move AuthCredential redemption time checking down to Rust This was previously in the Java layer because it only really affects the server, but it's more consistent to have all verification in the Rust layer. We do lose the separate exception type for it, though.
2022-07-01 02:31:23 +02:00
export function ServerSecretParams_VerifyAuthCredentialPresentation(serverSecretParams: Serialized<ServerSecretParams>, groupPublicParams: Serialized<GroupPublicParams>, presentationBytes: Buffer, currentTimeInSeconds: Timestamp): void;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function ServerSecretParams_VerifyPniCredentialPresentation(serverSecretParams: Serialized<ServerSecretParams>, groupPublicParams: Serialized<GroupPublicParams>, presentationBytes: Buffer): void;
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
export function ServerSecretParams_VerifyProfileKeyCredentialPresentation(serverSecretParams: Serialized<ServerSecretParams>, groupPublicParams: Serialized<GroupPublicParams>, presentationBytes: Buffer, currentTimeInSeconds: Timestamp): void;
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
export function ServerSecretParams_VerifyReceiptCredentialPresentation(serverSecretParams: Serialized<ServerSecretParams>, presentation: Serialized<ReceiptCredentialPresentation>): void;
Bridge: add ignored Context args to methods taking stores for JNI/Node Previously we defined one entry point for FFI (Swift) that took an extra "context" parameter (to pass through iOS's database transactions), and one for JNI+Node that did not (no context needed currently). But this is all in our glue layer, which doesn't need to be a perfect reflection of the outside interface. Remove that duplication by accepting a Context parameter for both JNI and Node that, for now, must be null.
2021-03-11 02:31:28 +01:00
export function SessionBuilder_ProcessPreKeyBundle(bundle: Wrapper<PreKeyBundle>, protocolAddress: Wrapper<ProtocolAddress>, sessionStore: SessionStore, identityKeyStore: IdentityKeyStore, ctx: null): Promise<void>;
export function SessionCipher_DecryptPreKeySignalMessage(message: Wrapper<PreKeySignalMessage>, protocolAddress: Wrapper<ProtocolAddress>, sessionStore: SessionStore, identityKeyStore: IdentityKeyStore, prekeyStore: PreKeyStore, signedPrekeyStore: SignedPreKeyStore, ctx: null): Promise<Buffer>;
export function SessionCipher_DecryptSignalMessage(message: Wrapper<SignalMessage>, protocolAddress: Wrapper<ProtocolAddress>, sessionStore: SessionStore, identityKeyStore: IdentityKeyStore, ctx: null): Promise<Buffer>;
export function SessionCipher_EncryptMessage(ptext: Buffer, protocolAddress: Wrapper<ProtocolAddress>, sessionStore: SessionStore, identityKeyStore: IdentityKeyStore, ctx: null): Promise<CiphertextMessage>;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SessionRecord_ArchiveCurrentState(sessionRecord: Wrapper<SessionRecord>): void;
Add SessionRecord.currentRatchetKeyMatches This checks if there is an active sender state using the given ratchet key, for use with decryption error messages. In this case, the app may choose to archive the current session, or take even stronger actions such as fetching new prekeys for the recipient.
2021-05-26 05:21:12 +02:00
export function SessionRecord_CurrentRatchetKeyMatches(s: Wrapper<SessionRecord>, key: Wrapper<PublicKey>): boolean;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SessionRecord_Deserialize(data: Buffer): SessionRecord;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SessionRecord_GetLocalRegistrationId(obj: Wrapper<SessionRecord>): number;
export function SessionRecord_GetRemoteRegistrationId(obj: Wrapper<SessionRecord>): number;
Expose HasCurrentState for Node Desktop relies on this notion
2021-03-03 18:56:37 +01:00
export function SessionRecord_HasCurrentState(obj: Wrapper<SessionRecord>): boolean;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SessionRecord_Serialize(obj: Wrapper<SessionRecord>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SignalMessage_Deserialize(data: Buffer): SignalMessage;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SignalMessage_GetBody(obj: Wrapper<SignalMessage>): Buffer;
export function SignalMessage_GetCounter(obj: Wrapper<SignalMessage>): number;
export function SignalMessage_GetMessageVersion(obj: Wrapper<SignalMessage>): number;
export function SignalMessage_GetSerialized(obj: Wrapper<SignalMessage>): Buffer;
export function SignalMessage_New(messageVersion: number, macKey: Buffer, senderRatchetKey: Wrapper<PublicKey>, counter: number, previousCounter: number, ciphertext: Buffer, senderIdentityKey: Wrapper<PublicKey>, receiverIdentityKey: Wrapper<PublicKey>): SignalMessage;
export function SignalMessage_VerifyMac(msg: Wrapper<SignalMessage>, senderIdentityKey: Wrapper<PublicKey>, receiverIdentityKey: Wrapper<PublicKey>, macKey: Buffer): boolean;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function SignedPreKeyRecord_Deserialize(data: Buffer): SignedPreKeyRecord;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SignedPreKeyRecord_GetId(obj: Wrapper<SignedPreKeyRecord>): number;
export function SignedPreKeyRecord_GetPrivateKey(obj: Wrapper<SignedPreKeyRecord>): PrivateKey;
export function SignedPreKeyRecord_GetPublicKey(obj: Wrapper<SignedPreKeyRecord>): PublicKey;
export function SignedPreKeyRecord_GetSignature(obj: Wrapper<SignedPreKeyRecord>): Buffer;
bridge: Be more explicit about bridging u64 timestamps u64 can't be represented as a primitive in Java or TypeScript (and for the latter, Neon doesn't support bigint yet). However, for timestamps represented as milliseconds, the integer-safe range of float64 still covers more than 285,000 years, so it's reasonably safe to use TypeScript's 'number' or Java's 'long' to represent these ostensibly-64-bit values. Indicate this with a new Timestamp wrapper type in the bridge layer. In theory we could push this new Timestamp type down to the libsignal-protocol crate. However, the protocol itself doesn't impose any restrictions on the timestamp fields, so I figured it was best to put it at the bridge layer, to indicate that it's about how Signal specifically uses these fields. This commit paves the way for being stricter about *other* u64 values that might want to use the full 64-bit space.
2021-10-30 01:27:45 +02:00
export function SignedPreKeyRecord_GetTimestamp(obj: Wrapper<SignedPreKeyRecord>): Timestamp;
export function SignedPreKeyRecord_New(id: number, timestamp: Timestamp, pubKey: Wrapper<PublicKey>, privKey: Wrapper<PrivateKey>, signature: Buffer): SignedPreKeyRecord;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function SignedPreKeyRecord_Serialize(obj: Wrapper<SignedPreKeyRecord>): Buffer;
bridge: Restrict bridge_deserialize! to only the most common case Unlike bridge_get or bridge_get_bytearray, bridge_deserialize doesn't do any complicated transformation of the return value to accept optional or non-optional, failable and non-failable results alike. At the same time, its syntax has been subtly different from the other bridge_fn macros, dating from when we were first setting up this library. Since the extra parameters to rename or disable a particular bridge's entry point were rarely used, this commit removes them and replaces those use sites with spelled-out bridge_fns. This in turn allows removing the custom per-bridge implementations of bridge_deserialize in favor of a bridge_fn-based implementation like bridge_get already has.
2021-10-20 00:40:18 +02:00
export function UnidentifiedSenderMessageContent_Deserialize(data: Buffer): UnidentifiedSenderMessageContent;
Add contentHint and groupId fields to UnidentifiedSenderMessageContent And to the ProtocolExceptions for Java, thrown when a sealed sender message's content fails to decrypt. (Eventually all languages will support this.)
2021-03-26 18:38:50 +01:00
export function UnidentifiedSenderMessageContent_GetContentHint(m: Wrapper<UnidentifiedSenderMessageContent>): number;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function UnidentifiedSenderMessageContent_GetContents(obj: Wrapper<UnidentifiedSenderMessageContent>): Buffer;
bridge: Update generated decls
2021-10-21 21:16:41 +02:00
export function UnidentifiedSenderMessageContent_GetGroupId(obj: Wrapper<UnidentifiedSenderMessageContent>): Buffer;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function UnidentifiedSenderMessageContent_GetMsgType(m: Wrapper<UnidentifiedSenderMessageContent>): number;
export function UnidentifiedSenderMessageContent_GetSenderCert(m: Wrapper<UnidentifiedSenderMessageContent>): SenderCertificate;
Add contentHint and groupId fields to UnidentifiedSenderMessageContent And to the ProtocolExceptions for Java, thrown when a sealed sender message's content fails to decrypt. (Eventually all languages will support this.)
2021-03-26 18:38:50 +01:00
export function UnidentifiedSenderMessageContent_New(message: Wrapper<CiphertextMessage>, sender: Wrapper<SenderCertificate>, contentHint: number, groupId: Buffer | null): UnidentifiedSenderMessageContent;
Node: Rust handle arguments should always be wrapped in JS objects This will be necessary for async, which needs to keep the boxed Rust values alive. (Node N-API only allows keeping JS objects alive; boxed values don't count on their own.)
2021-02-10 03:34:42 +01:00
export function UnidentifiedSenderMessageContent_Serialize(obj: Wrapper<UnidentifiedSenderMessageContent>): Buffer;
Bridge username hashing APIs to all client platforms
2023-02-01 18:36:49 +01:00
export function Username_CandidatesFrom(nickname: string, minLen: number, maxLen: number): string;
export function Username_Hash(username: string): Buffer;
export function Username_Proof(username: string, randomness: Buffer): Buffer;
export function Username_Verify(proof: Buffer, hash: Buffer): void;
zkgroup: Optimize credential presentation and FFI cleanup Optimize presentation of credentials (AuthCredentialPresentationV2, ProfileKeyCredentialPresentationV2, PniCredentialPresentationV2). Server will accept V1 or V2 presentations. Clients will produce V2. Various improvements to FFI to support this, and some minor optimizations (in particular "lazy statics" to avoid redundant loading of SystemParams).
2022-04-06 20:07:08 +02:00
export function UuidCiphertext_CheckValidContents(buffer: Buffer): void;
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
export function initLogger(maxLevel: LogLevel, callback: (level: LogLevel, target: string, file: string | null, line: number | null, message: string) => void): void
interface Aes256GcmSiv { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface AuthCredential { readonly __type: unique symbol; }
interface AuthCredentialResponse { readonly __type: unique symbol; }
zkgroup: Add AuthCredentialWithPni This is a variant of AuthCredential that carries two UUIDs, intended to be a user's ACI and PNI. Why? Because when you've been invited to a group, you may have been invited by your ACI or by your PNI, or by both, and it's easier for clients to treat all those states the same by having a credential that covers both identities. The downside is that it's larger (both the data, obviously, but also the zkgroup proof of validity, unsurprisingly). AnyAuthCredentialPresentation gains a 'get_pni_ciphertext' method, which will return `None` for the existing presentations and `Some(encrypted_pni)` for the new credential. Having a separate credential type but a common presentation type makes it easier for the server to handle all possible credentials uniformly.
2022-06-22 00:11:57 +02:00
interface AuthCredentialWithPni { readonly __type: unique symbol; }
interface AuthCredentialWithPniResponse { readonly __type: unique symbol; }
CDS2: add initial, not-for-production, client bindings
2022-05-13 22:39:26 +02:00
interface Cds2ClientState { readonly __type: unique symbol; }
Bridge: bridge_handle! should imply bridge_destroy!
2021-02-01 21:20:16 +01:00
interface CiphertextMessage { readonly __type: unique symbol; }
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
interface DecryptionErrorMessage { readonly __type: unique symbol; }
zkgroup: Add ExpiringProfileKeyCredential Like ProfileKeyCredential, but with an expiration timestamp embedded in it. This has its own credential type and response type, but uses the same request type as a "classic" ProfileKeyCredential, and generates presentations usable with AnyProfileKeyCredential- Presentation, so that existing server code accepting presentations will automatically do the right thing. Adoption for servers: - Update secret params - When presentations are saved in group state, use ProfileKeyCredentialPresentation.getStructurallyValidV1PresentationBytes() to maintain backwards compatibility with existing clients. - Add an endpoint to issue ExpiringProfileKeyCredentials - (future) Remove the endpoint that issues regular ProfileKeyCredentials Adoption for clients, after the server has updated: - Update public params - Start fetching and using ExpiringProfileKeyCredentials instead of regular ProfileKeyCredentials (the old endpoint will eventually go away) - Node: To bring types into harmony, a receipt's expiration time has been changed to a `number` instead of a `bigint`
2022-06-17 22:10:10 +02:00
interface ExpiringProfileKeyCredential { readonly __type: unique symbol; }
interface ExpiringProfileKeyCredentialResponse { readonly __type: unique symbol; }
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
interface Fingerprint { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface GroupMasterKey { readonly __type: unique symbol; }
interface GroupPublicParams { readonly __type: unique symbol; }
interface GroupSecretParams { readonly __type: unique symbol; }
Implement node interfaces for HsmEnclave
2021-10-27 02:51:25 +02:00
interface HsmEnclaveClient { readonly __type: unique symbol; }
Expose DecryptionErrorMessage and PlaintextContent to Java/Swift/TS
2021-05-26 04:51:55 +02:00
interface PlaintextContent { readonly __type: unique symbol; }
Expose PniCredential operations to app languages
2021-11-13 00:24:26 +01:00
interface PniCredential { readonly __type: unique symbol; }
interface PniCredentialRequestContext { readonly __type: unique symbol; }
interface PniCredentialResponse { readonly __type: unique symbol; }
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
interface PreKeyBundle { readonly __type: unique symbol; }
interface PreKeyRecord { readonly __type: unique symbol; }
interface PreKeySignalMessage { readonly __type: unique symbol; }
interface PrivateKey { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface ProfileKey { readonly __type: unique symbol; }
interface ProfileKeyCiphertext { readonly __type: unique symbol; }
interface ProfileKeyCommitment { readonly __type: unique symbol; }
interface ProfileKeyCredential { readonly __type: unique symbol; }
interface ProfileKeyCredentialRequest { readonly __type: unique symbol; }
interface ProfileKeyCredentialRequestContext { readonly __type: unique symbol; }
interface ProfileKeyCredentialResponse { readonly __type: unique symbol; }
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
interface ProtocolAddress { readonly __type: unique symbol; }
interface PublicKey { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface ReceiptCredential { readonly __type: unique symbol; }
interface ReceiptCredentialPresentation { readonly __type: unique symbol; }
interface ReceiptCredentialRequest { readonly __type: unique symbol; }
interface ReceiptCredentialRequestContext { readonly __type: unique symbol; }
interface ReceiptCredentialResponse { readonly __type: unique symbol; }
TS store APIs
2021-02-16 21:45:16 +01:00
interface SealedSenderDecryptionResult { readonly __type: unique symbol; }
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
interface SenderCertificate { readonly __type: unique symbol; }
interface SenderKeyDistributionMessage { readonly __type: unique symbol; }
interface SenderKeyMessage { readonly __type: unique symbol; }
interface SenderKeyRecord { readonly __type: unique symbol; }
interface ServerCertificate { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface ServerPublicParams { readonly __type: unique symbol; }
interface ServerSecretParams { readonly __type: unique symbol; }
Node: Sort libsignal_client.d.ts This groups related functions (but does little else for organization)
2021-01-27 00:43:02 +01:00
interface SessionRecord { readonly __type: unique symbol; }
interface SignalMessage { readonly __type: unique symbol; }
interface SignedPreKeyRecord { readonly __type: unique symbol; }
interface UnidentifiedSenderMessageContent { readonly __type: unique symbol; }
bridge: Add zkgroup APIs These APIs are designed to match the generated "simpleapi" entry points in the original zkgroup repository, to make it easier to adapt the existing Java, Swift, and TypeScript code to libsignal-client. The cbindgen-generated signal_ffi.h now includes constants, so that the fixed-size arrays used to serialize zkgroup types can use named constants in Rust. This meant filtering out some constants that were getting picked up but that should not be included. Note that this commit makes references to Java exception types that will be added in a later commit.
2021-10-29 01:48:02 +02:00
interface UuidCiphertext { readonly __type: unique symbol; }
Copy Permalink