Add a new crate, libsignal-message-backup-io, and move the existing code that
handles backup decryption, deframing, and protobuf deserialization there. Keep
the actual validation of the protobuf contents in the libsignal-message-backup
crate.
This allows the existing example binproto<->json binaries to be built with
local modifications to the backup.proto file without also requiring all the
validation code to be modified.
This (1) actually works on iOS and Android, and (2) will likely be
more full-featured and better-supported going forward. But it does
mean plugging one system's certificate verifier (rustls) into
another's TLS implementation (BoringSSL). Still, having *all* of
rustls used alongside BoringSSL would be redundant.
Handle encrypted & compressed message backup files with additional padding
after the compressed contents (the padding bytes are encrypted, but not
compressed). Update the example encrypter binary to add padding by default.
Add a test using a local server with a generated self-signed certificate. Also
miscellaneous improvements that made the test easier to write and debug.
Move the implementation of the CDSI service into its own module to provide
better scoping. Move the CdsiError that is used only for bridging out of
libsignal-net and into the bridging crate.
This involves a family of new types that will be used for issuing and
verifying these endorsements.
This is a breaking change for zkgroup: it adds a new key to
ServerSecretParams and ServerPublicParams.
Add a flag to the CLI validation tool and an argument to the bridged validation
functions so users can specify whether a provided message backup should be
validated according to the rules for device-to-device transfers or backups
intended for remote storage.
- Feature flags removed for unconditionally-provided APIs.
- A function's this() is no longer guaranteed to be an object,
so we have to check and error out more often.
- Use of usize instead of i32 in a few places.
- Convenience for fetching globals.