diff --git a/crypto/src/context.rs b/crypto/src/context.rs index 7591bb00d..bbf783a8b 100644 --- a/crypto/src/context.rs +++ b/crypto/src/context.rs @@ -2,7 +2,7 @@ //! [MlsCentral]. All mutating operations need to be done through a [CentralContext]. use async_lock::{Mutex, RwLock, RwLockReadGuardArc, RwLockWriteGuardArc}; -use mls_crypto_provider::{CryptoKeystore, TransactionalCryptoProvider}; +use mls_crypto_provider::{CryptoKeystore, MlsCryptoProvider}; use std::{ops::Deref, sync::Arc}; use crate::mls::MlsCentral; @@ -31,7 +31,7 @@ pub struct CentralContext { #[derive(Debug, Clone)] enum ContextState { Valid { - provider: TransactionalCryptoProvider, + provider: MlsCryptoProvider, callbacks: Arc>>>, mls_client: Arc>>, mls_groups: Arc>>, @@ -117,7 +117,7 @@ impl CentralContext { } /// Creates a read guard on the internal mls provider for the current transaction - pub async fn mls_provider(&self) -> CryptoResult { + pub async fn mls_provider(&self) -> CryptoResult { match self.state.read().await.deref() { ContextState::Valid { provider, .. } => Ok(provider.clone()), ContextState::Invalid => Err(CryptoError::InvalidContext), diff --git a/crypto/src/e2e_identity/conversation_state.rs b/crypto/src/e2e_identity/conversation_state.rs index b75161a5e..47010a173 100644 --- a/crypto/src/e2e_identity/conversation_state.rs +++ b/crypto/src/e2e_identity/conversation_state.rs @@ -4,7 +4,7 @@ use crate::{ MlsError, }; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls_traits::OpenMlsCryptoProvider; use wire_e2e_identity::prelude::WireIdentityReader; @@ -149,10 +149,7 @@ impl MlsCentral { } impl MlsConversation { - async fn e2ei_conversation_state( - &self, - backend: &TransactionalCryptoProvider, - ) -> CryptoResult { + async fn e2ei_conversation_state(&self, backend: &MlsCryptoProvider) -> CryptoResult { backend.authentication_service().refresh_time_of_interest().await; Ok(compute_state( self.ciphersuite(), diff --git a/crypto/src/e2e_identity/crypto.rs b/crypto/src/e2e_identity/crypto.rs index dbd507249..08793ea09 100644 --- a/crypto/src/e2e_identity/crypto.rs +++ b/crypto/src/e2e_identity/crypto.rs @@ -1,6 +1,6 @@ use super::error::*; use crate::{prelude::MlsCiphersuite, CryptoError, CryptoResult, MlsError}; -use mls_crypto_provider::{PkiKeypair, RustCrypto, TransactionalCryptoProvider}; +use mls_crypto_provider::{MlsCryptoProvider, PkiKeypair, RustCrypto}; use openmls_basic_credential::SignatureKeyPair as OpenMlsSignatureKeyPair; use openmls_traits::{ crypto::OpenMlsCrypto, @@ -13,7 +13,7 @@ use zeroize::Zeroize; impl super::E2eiEnrollment { pub(super) fn new_sign_key( ciphersuite: MlsCiphersuite, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let (sk, _) = backend .crypto() diff --git a/crypto/src/e2e_identity/mod.rs b/crypto/src/e2e_identity/mod.rs index 8014072cf..0993027cc 100644 --- a/crypto/src/e2e_identity/mod.rs +++ b/crypto/src/e2e_identity/mod.rs @@ -5,7 +5,7 @@ use wire_e2e_identity::prelude::{E2eiAcmeAuthorization, RustyE2eIdentity}; use zeroize::Zeroize; use error::*; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::e2e_identity::init_certificates::NewCrlDistributionPoint; use crate::{ @@ -161,7 +161,7 @@ impl E2eiEnrollment { handle: String, team: Option, expiry_sec: u32, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ciphersuite: MlsCiphersuite, sign_keypair: Option, #[cfg(not(target_family = "wasm"))] refresh_token: Option, @@ -437,7 +437,7 @@ impl E2eiEnrollment { /// * `challenge` - http response body pub async fn new_oidc_challenge_response( &mut self, - #[cfg(not(target_family = "wasm"))] backend: &TransactionalCryptoProvider, + #[cfg(not(target_family = "wasm"))] backend: &MlsCryptoProvider, challenge: Json, ) -> E2eIdentityResult<()> { let challenge = serde_json::from_slice(&challenge[..])?; diff --git a/crypto/src/e2e_identity/refresh_token.rs b/crypto/src/e2e_identity/refresh_token.rs index c87b6a8ac..c1001b396 100644 --- a/crypto/src/e2e_identity/refresh_token.rs +++ b/crypto/src/e2e_identity/refresh_token.rs @@ -5,7 +5,7 @@ use crate::{ }; use core_crypto_keystore::connection::FetchFromDatabase; use core_crypto_keystore::{entities::E2eiRefreshToken, CryptoKeystoreResult}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use zeroize::Zeroize; /// An OIDC refresh token managed by CoreCrypto to benefit from encryption-at-rest @@ -18,7 +18,7 @@ impl RefreshToken { key_store.find_unique::().await?.try_into() } - pub(crate) async fn replace(self, backend: &TransactionalCryptoProvider) -> CryptoKeystoreResult<()> { + pub(crate) async fn replace(self, backend: &MlsCryptoProvider) -> CryptoKeystoreResult<()> { let keystore = backend.keystore(); let rt = E2eiRefreshToken::from(self); keystore.save(rt).await?; diff --git a/crypto/src/e2e_identity/rotate.rs b/crypto/src/e2e_identity/rotate.rs index 3a23e9b6d..a5a015939 100644 --- a/crypto/src/e2e_identity/rotate.rs +++ b/crypto/src/e2e_identity/rotate.rs @@ -5,7 +5,7 @@ use openmls_traits::OpenMlsCryptoProvider; use core_crypto_keystore::connection::FetchFromDatabase; use core_crypto_keystore::{entities::MlsKeyPackage, CryptoKeystoreMls}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::context::CentralContext; use crate::e2e_identity::init_certificates::NewCrlDistributionPoint; @@ -237,7 +237,7 @@ impl MlsConversation { #[cfg_attr(test, crate::durable)] pub(crate) async fn e2ei_rotate( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, client: &Client, cb: Option<&CredentialBundle>, ) -> CryptoResult { diff --git a/crypto/src/e2e_identity/stash.rs b/crypto/src/e2e_identity/stash.rs index f9c7f776b..378a8e30b 100644 --- a/crypto/src/e2e_identity/stash.rs +++ b/crypto/src/e2e_identity/stash.rs @@ -3,14 +3,14 @@ use openmls_traits::{random::OpenMlsRand, OpenMlsCryptoProvider}; use crate::context::CentralContext; use crate::prelude::{CryptoError, CryptoResult, E2eiEnrollment}; use core_crypto_keystore::CryptoKeystoreMls; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; /// A unique identifier for an enrollment a consumer can use to fetch it from the keystore when he /// wants to resume the process pub(crate) type EnrollmentHandle = Vec; impl E2eiEnrollment { - pub(crate) async fn stash(self, backend: &TransactionalCryptoProvider) -> CryptoResult { + pub(crate) async fn stash(self, backend: &MlsCryptoProvider) -> CryptoResult { // should be enough to prevent collisions const HANDLE_SIZE: usize = 32; @@ -24,10 +24,7 @@ impl E2eiEnrollment { Ok(handle) } - pub(crate) async fn stash_pop( - backend: &TransactionalCryptoProvider, - handle: EnrollmentHandle, - ) -> CryptoResult { + pub(crate) async fn stash_pop(backend: &MlsCryptoProvider, handle: EnrollmentHandle) -> CryptoResult { let content = backend .key_store() .pop_e2ei_enrollment(&handle) diff --git a/crypto/src/mls/client/identifier.rs b/crypto/src/mls/client/identifier.rs index db3755e35..38073433a 100644 --- a/crypto/src/mls/client/identifier.rs +++ b/crypto/src/mls/client/identifier.rs @@ -3,7 +3,7 @@ use crate::{ prelude::CryptoError, prelude::{CertificateBundle, Client, ClientId, CryptoResult}, }; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls_traits::types::SignatureScheme; use std::collections::{HashMap, HashSet}; @@ -38,7 +38,7 @@ impl ClientIdentifier { /// This method does not persist them in the keystore ! pub fn generate_credential_bundles( self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, signature_schemes: HashSet, ) -> CryptoResult> { match self { diff --git a/crypto/src/mls/client/key_package.rs b/crypto/src/mls/client/key_package.rs index 4c3842c6a..81e00f840 100644 --- a/crypto/src/mls/client/key_package.rs +++ b/crypto/src/mls/client/key_package.rs @@ -24,7 +24,7 @@ use core_crypto_keystore::{ connection::FetchFromDatabase, entities::{EntityFindParams, MlsEncryptionKeyPair, MlsHpkePrivateKey, MlsKeyPackage}, }; -use mls_crypto_provider::{CryptoKeystore, TransactionalCryptoProvider}; +use mls_crypto_provider::{CryptoKeystore, MlsCryptoProvider}; use crate::context::CentralContext; use crate::{ @@ -54,7 +54,7 @@ impl Client { /// KeyStore and OpenMls errors pub async fn generate_one_keypackage_from_credential_bundle( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, cs: MlsCiphersuite, cb: &CredentialBundle, ) -> CryptoResult { @@ -94,7 +94,7 @@ impl Client { count: usize, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult> { // Auto-prune expired keypackages on request self.prune_keypackages(backend, &[]).await?; @@ -131,7 +131,7 @@ impl Client { pub(crate) async fn generate_new_keypackages( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ciphersuite: MlsCiphersuite, cb: &CredentialBundle, count: usize, @@ -151,7 +151,7 @@ impl Client { /// Returns the count of valid, non-expired, unclaimed keypackages in store pub async fn valid_keypackages_count( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ciphersuite: MlsCiphersuite, credential_type: MlsCredentialType, ) -> CryptoResult { @@ -191,11 +191,7 @@ impl Client { /// Warning: Despite this API being public, the caller should know what they're doing. /// Provided KeypackageRefs **will** be purged regardless of their expiration state, so please be wary of what you are doing if you directly call this API. /// This could result in still valid, uploaded keypackages being pruned from the system and thus being impossible to find when referenced in a future Welcome message. - pub async fn prune_keypackages( - &self, - backend: &TransactionalCryptoProvider, - refs: &[KeyPackageRef], - ) -> CryptoResult<()> { + pub async fn prune_keypackages(&self, backend: &MlsCryptoProvider, refs: &[KeyPackageRef]) -> CryptoResult<()> { let keystore = backend.keystore(); let kps = self.find_all_keypackages(&keystore).await?; let _ = self._prune_keypackages(&kps, &keystore, refs).await?; @@ -204,7 +200,7 @@ impl Client { pub(crate) async fn prune_keypackages_and_credential( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, refs: &[KeyPackageRef], ) -> CryptoResult<()> { let keystore = backend.key_store(); diff --git a/crypto/src/mls/client/mod.rs b/crypto/src/mls/client/mod.rs index 695c99143..fb51e4f36 100644 --- a/crypto/src/mls/client/mod.rs +++ b/crypto/src/mls/client/mod.rs @@ -38,7 +38,7 @@ use tls_codec::{Deserialize, Serialize}; use core_crypto_keystore::entities::{EntityFindParams, MlsCredential, MlsSignatureKeyPair}; use identities::ClientIdentities; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; impl MlsCentral { pub(crate) async fn mls_client(&self) -> RwLockReadGuard<'_, Option> { @@ -73,7 +73,7 @@ impl Client { pub async fn init( identifier: ClientIdentifier, ciphersuites: &[MlsCiphersuite], - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, nb_key_package: usize, ) -> CryptoResult { let id = identifier.get_id()?; @@ -124,7 +124,7 @@ impl Client { /// KeyStore and OpenMls errors can happen pub async fn generate_raw_keypairs( ciphersuites: &[MlsCiphersuite], - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult> { const TEMP_KEY_SIZE: usize = 16; @@ -168,7 +168,7 @@ impl Client { client_id: ClientId, tmp_ids: Vec, ciphersuites: &[MlsCiphersuite], - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { // Find all the keypairs, get the ones that exist (or bail), then insert new ones + delete the provisional ones let stored_skp = backend @@ -240,7 +240,7 @@ impl Client { /// Generates a brand new client from scratch pub(crate) async fn generate( identifier: ClientIdentifier, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ciphersuites: &[MlsCiphersuite], nb_key_package: usize, ) -> CryptoResult { @@ -279,7 +279,7 @@ impl Client { /// Loads the client from the keystore. pub(crate) async fn load( - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, id: &ClientId, mut credentials: Vec<(Credential, u64)>, signature_schemes: HashSet, @@ -338,7 +338,7 @@ impl Client { }) } - async fn find_all_basic_credentials(backend: &TransactionalCryptoProvider) -> CryptoResult> { + async fn find_all_basic_credentials(backend: &MlsCryptoProvider) -> CryptoResult> { let store_credentials = backend .key_store() .find_all::(EntityFindParams::default()) @@ -408,7 +408,7 @@ impl Client { pub(crate) async fn get_most_recent_or_create_credential_bundle( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, sc: SignatureScheme, ct: MlsCredentialType, ) -> CryptoResult { @@ -428,7 +428,7 @@ impl Client { pub(crate) async fn init_basic_credential_bundle_if_missing( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, sc: SignatureScheme, ) -> CryptoResult<()> { let existing_cb = self @@ -466,7 +466,7 @@ impl Eq for Client {} impl Client { pub async fn random_generate( case: &crate::test_utils::TestCase, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, signer: Option<&crate::test_utils::x509::X509Certificate>, provision: bool, ) -> CryptoResult { @@ -490,7 +490,7 @@ impl Client { pub async fn find_keypackages( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult> { use core_crypto_keystore::CryptoKeystoreMls as _; let kps = backend diff --git a/crypto/src/mls/conversation/buffer_messages.rs b/crypto/src/mls/conversation/buffer_messages.rs index e7c84a8ec..da702b56e 100644 --- a/crypto/src/mls/conversation/buffer_messages.rs +++ b/crypto/src/mls/conversation/buffer_messages.rs @@ -16,7 +16,7 @@ use core_crypto_keystore::{ entities::{EntityFindParams, MlsPendingMessage}, }; use log::{error, info, trace}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{MlsMessageIn, MlsMessageInBody}; use tls_codec::Deserialize; @@ -68,7 +68,7 @@ impl MlsConversation { pub(crate) async fn restore_pending_messages<'a>( &'a mut self, client: &'a Client, - backend: &'a TransactionalCryptoProvider, + backend: &'a MlsCryptoProvider, callbacks: Option<&'a dyn CoreCryptoCallbacks>, parent_conversation: Option<&'a GroupStoreValue>, is_rejoin: bool, diff --git a/crypto/src/mls/conversation/commit.rs b/crypto/src/mls/conversation/commit.rs index 8a74fe738..3c7049e31 100644 --- a/crypto/src/mls/conversation/commit.rs +++ b/crypto/src/mls/conversation/commit.rs @@ -7,7 +7,7 @@ use openmls::prelude::{KeyPackageIn, LeafNode, LeafNodeIndex, MlsMessageOut}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use super::MlsConversation; use crate::context::CentralContext; @@ -149,7 +149,7 @@ impl MlsConversation { &mut self, client: &Client, key_packages: Vec, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let signer = &self .find_most_recent_credential_bundle(client) @@ -198,7 +198,7 @@ impl MlsConversation { &mut self, client: &Client, clients: &[ClientId], - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let member_kps = self .group @@ -243,7 +243,7 @@ impl MlsConversation { pub(crate) async fn update_keying_material( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, cb: Option<&CredentialBundle>, leaf_node: Option, ) -> CryptoResult { @@ -280,7 +280,7 @@ impl MlsConversation { pub(crate) async fn commit_pending_proposals( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult> { if self.group.pending_proposals().count() > 0 { let signer = &self diff --git a/crypto/src/mls/conversation/config.rs b/crypto/src/mls/conversation/config.rs index 278ae88f3..c303b5c8f 100644 --- a/crypto/src/mls/conversation/config.rs +++ b/crypto/src/mls/conversation/config.rs @@ -19,7 +19,7 @@ //! Either use [MlsConversationConfiguration] when creating a conversation or [MlsCustomConfiguration] //! when joining one by Welcome or external commit -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{ Capabilities, Credential, CredentialType, ExternalSender, OpenMlsSignaturePublicKey, ProtocolVersion, RequiredCapabilitiesExtension, SenderRatchetConfiguration, WireFormatPolicy, PURE_CIPHERTEXT_WIRE_FORMAT_POLICY, @@ -160,7 +160,7 @@ impl MlsConversationConfiguration { fn legacy_external_sender( key: Vec, signature_scheme: SignatureScheme, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { backend .crypto() diff --git a/crypto/src/mls/conversation/decrypt.rs b/crypto/src/mls/conversation/decrypt.rs index 204b674cf..01d874752 100644 --- a/crypto/src/mls/conversation/decrypt.rs +++ b/crypto/src/mls/conversation/decrypt.rs @@ -21,7 +21,7 @@ use openmls_traits::OpenMlsCryptoProvider; use tls_codec::Deserialize; use core_crypto_keystore::entities::MlsPendingMessage; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::context::CentralContext; use crate::{ @@ -120,7 +120,7 @@ impl MlsConversation { message: MlsMessageIn, parent_conv: Option<&GroupStoreValue>, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, callbacks: Option<&dyn CoreCryptoCallbacks>, restore_pending: bool, ) -> CryptoResult { @@ -277,7 +277,7 @@ impl MlsConversation { async fn parse_message( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, msg_in: MlsMessageIn, ) -> CryptoResult { let mut is_duplicate = false; @@ -338,7 +338,7 @@ impl MlsConversation { Ok(processed_msg) } - async fn validate_commit(&self, commit: &StagedCommit, backend: &TransactionalCryptoProvider) -> CryptoResult<()> { + async fn validate_commit(&self, commit: &StagedCommit, backend: &MlsCryptoProvider) -> CryptoResult<()> { if backend.authentication_service().is_env_setup().await { let credentials: Vec<_> = commit .add_proposals() diff --git a/crypto/src/mls/conversation/duplicate.rs b/crypto/src/mls/conversation/duplicate.rs index 851505686..78afa034c 100644 --- a/crypto/src/mls/conversation/duplicate.rs +++ b/crypto/src/mls/conversation/duplicate.rs @@ -4,13 +4,13 @@ use crate::prelude::MlsConversation; use crate::{CryptoError, MlsError}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{ContentType, FramedContentBodyIn, Proposal, PublicMessageIn, Sender}; impl MlsConversation { pub(crate) fn is_duplicate_message( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, msg: &PublicMessageIn, ) -> Result { let (sender, content_type) = (msg.sender(), msg.body().content_type()); diff --git a/crypto/src/mls/conversation/durability.rs b/crypto/src/mls/conversation/durability.rs index 1e4394bfc..b8e67af78 100644 --- a/crypto/src/mls/conversation/durability.rs +++ b/crypto/src/mls/conversation/durability.rs @@ -5,7 +5,7 @@ impl MlsConversation { /// Replaces the MLS group in memory with the one from keystore. /// see [crate::durable] #[cfg_attr(not(test), tracing::instrument(skip_all))] - pub async fn drop_and_restore(&mut self, backend: &mls_crypto_provider::TransactionalCryptoProvider) { + pub async fn drop_and_restore(&mut self, backend: &mls_crypto_provider::MlsCryptoProvider) { use core_crypto_keystore::CryptoKeystoreMls as _; let group_id = self.group.group_id(); diff --git a/crypto/src/mls/conversation/encrypt.rs b/crypto/src/mls/conversation/encrypt.rs index a38e57d10..f839d1c88 100644 --- a/crypto/src/mls/conversation/encrypt.rs +++ b/crypto/src/mls/conversation/encrypt.rs @@ -7,7 +7,7 @@ //! | 0 pend. Proposal | ✅ | ❌ | //! | 1+ pend. Proposal | ❌ | ❌ | -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::MlsMessageOutBody; use super::MlsConversation; @@ -24,7 +24,7 @@ impl MlsConversation { &mut self, client: &Client, message: impl AsRef<[u8]>, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult> { let signer = &self .find_current_credential_bundle(client) diff --git a/crypto/src/mls/conversation/merge.rs b/crypto/src/mls/conversation/merge.rs index 0c8d90b2d..3fb95af11 100644 --- a/crypto/src/mls/conversation/merge.rs +++ b/crypto/src/mls/conversation/merge.rs @@ -15,7 +15,7 @@ use core_crypto_keystore::entities::{MlsEncryptionKeyPair, MlsPendingMessage}; use openmls::prelude::MlsGroupStateError; use openmls_traits::OpenMlsCryptoProvider; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::context::CentralContext; use crate::{ @@ -28,7 +28,7 @@ use crate::{ impl MlsConversation { /// see [MlsCentral::commit_accepted] #[cfg_attr(test, crate::durable)] - pub async fn commit_accepted(&mut self, backend: &TransactionalCryptoProvider) -> CryptoResult<()> { + pub async fn commit_accepted(&mut self, backend: &MlsCryptoProvider) -> CryptoResult<()> { // openmls stores here all the encryption keypairs used for update proposals.. let previous_own_leaf_nodes = self.group.own_leaf_nodes.clone(); @@ -49,7 +49,7 @@ impl MlsConversation { pub async fn clear_pending_proposal( &mut self, proposal_ref: MlsProposalRef, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult<()> { self.group .remove_pending_proposal(backend.key_store(), &proposal_ref) @@ -64,7 +64,7 @@ impl MlsConversation { /// see [MlsCentral::clear_pending_commit] #[cfg_attr(test, crate::durable)] - pub async fn clear_pending_commit(&mut self, backend: &TransactionalCryptoProvider) -> CryptoResult<()> { + pub async fn clear_pending_commit(&mut self, backend: &MlsCryptoProvider) -> CryptoResult<()> { if self.group.pending_commit().is_some() { self.group.clear_pending_commit(); self.persist_group_when_changed(&backend.keystore(), true).await?; diff --git a/crypto/src/mls/conversation/mod.rs b/crypto/src/mls/conversation/mod.rs index 325e23a72..71ecc2832 100644 --- a/crypto/src/mls/conversation/mod.rs +++ b/crypto/src/mls/conversation/mod.rs @@ -34,7 +34,7 @@ use openmls::{group::MlsGroup, prelude::Credential}; use openmls_traits::types::SignatureScheme; use core_crypto_keystore::{Connection, CryptoKeystoreMls}; -use mls_crypto_provider::{CryptoKeystore, TransactionalCryptoProvider}; +use mls_crypto_provider::{CryptoKeystore, MlsCryptoProvider}; use config::MlsConversationConfiguration; @@ -102,7 +102,7 @@ impl MlsConversation { author_client: &mut Client, creator_credential_type: MlsCredentialType, configuration: MlsConversationConfiguration, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let (cs, ct) = (configuration.ciphersuite, creator_credential_type); let cb = author_client @@ -137,7 +137,7 @@ impl MlsConversation { pub(crate) async fn from_mls_group( group: MlsGroup, configuration: MlsConversationConfiguration, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let id = ConversationId::from(group.group_id().as_slice()); diff --git a/crypto/src/mls/conversation/own_commit.rs b/crypto/src/mls/conversation/own_commit.rs index d69c85ca8..100231ddf 100644 --- a/crypto/src/mls/conversation/own_commit.rs +++ b/crypto/src/mls/conversation/own_commit.rs @@ -5,7 +5,7 @@ use crate::{ }, prelude::{CryptoError, CryptoResult, MlsConversation, MlsConversationDecryptMessage}, }; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{ ConfirmationTag, ContentType, CredentialWithKey, FramedContentBodyIn, MlsMessageIn, MlsMessageInBody, Sender, }; @@ -51,7 +51,7 @@ impl MlsConversation { pub(crate) async fn handle_own_commit<'a>( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ct: &ConfirmationTag, ) -> CryptoResult { if self.group.pending_commit().is_some() { @@ -85,7 +85,7 @@ impl MlsConversation { /// This adapts [Self::commit_accepted] to return the same as [MlsConversation::decrypt_message] pub(crate) async fn merge_pending_commit( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { self.commit_accepted(backend).await?; diff --git a/crypto/src/mls/conversation/proposal.rs b/crypto/src/mls/conversation/proposal.rs index 30ff71988..d49f71769 100644 --- a/crypto/src/mls/conversation/proposal.rs +++ b/crypto/src/mls/conversation/proposal.rs @@ -7,7 +7,7 @@ use openmls::{binary_tree::LeafNodeIndex, framing::MlsMessageOut, key_packages::KeyPackageIn, prelude::LeafNode}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::{ e2e_identity::init_certificates::NewCrlDistributionPoint, mls::credential::crl::get_new_crl_distribution_points, @@ -25,7 +25,7 @@ impl MlsConversation { pub async fn propose_add_member( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, key_package: KeyPackageIn, ) -> CryptoResult { let signer = &self @@ -59,7 +59,7 @@ impl MlsConversation { pub async fn propose_remove_member( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, member: LeafNodeIndex, ) -> CryptoResult { let signer = &self @@ -82,7 +82,7 @@ impl MlsConversation { pub async fn propose_self_update( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { self.propose_explicit_self_update(client, backend, None).await } @@ -92,7 +92,7 @@ impl MlsConversation { pub async fn propose_explicit_self_update( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, leaf_node: Option, ) -> CryptoResult { let msg_signer = &self diff --git a/crypto/src/mls/conversation/renew.rs b/crypto/src/mls/conversation/renew.rs index a11b3c23f..70f0aaa4a 100644 --- a/crypto/src/mls/conversation/renew.rs +++ b/crypto/src/mls/conversation/renew.rs @@ -2,7 +2,7 @@ use core_crypto_keystore::entities::MlsEncryptionKeyPair; use openmls::prelude::{LeafNode, LeafNodeIndex, Proposal, QueuedProposal, Sender, StagedCommit}; use openmls_traits::OpenMlsCryptoProvider; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::prelude::{Client, CryptoError, CryptoResult, MlsConversation, MlsProposalBundle}; @@ -98,7 +98,7 @@ impl MlsConversation { pub(crate) async fn renew_proposals_for_current_epoch( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, proposals: impl Iterator, needs_update: bool, ) -> CryptoResult> { @@ -127,7 +127,7 @@ impl MlsConversation { async fn renew_update( &mut self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, leaf_node: Option<&LeafNode>, ) -> CryptoResult { if let Some(leaf_node) = leaf_node { diff --git a/crypto/src/mls/conversation/welcome.rs b/crypto/src/mls/conversation/welcome.rs index b4054bbd4..a1f8903b4 100644 --- a/crypto/src/mls/conversation/welcome.rs +++ b/crypto/src/mls/conversation/welcome.rs @@ -11,7 +11,7 @@ use crate::{ }, }; use core_crypto_keystore::{connection::FetchFromDatabase, entities::PersistedMlsPendingGroup}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{MlsGroup, MlsMessageIn, MlsMessageInBody, Welcome}; use openmls_traits::OpenMlsCryptoProvider; use tls_codec::Deserialize; @@ -111,7 +111,7 @@ impl MlsConversation { async fn from_welcome_message( welcome: Welcome, configuration: MlsConversationConfiguration, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, mls_groups: &mut GroupStore, ) -> CryptoResult { let mls_group_config = configuration.as_openmls_default_configuration()?; diff --git a/crypto/src/mls/conversation/wipe.rs b/crypto/src/mls/conversation/wipe.rs index 4d373a159..0bfe3a0fe 100644 --- a/crypto/src/mls/conversation/wipe.rs +++ b/crypto/src/mls/conversation/wipe.rs @@ -1,7 +1,7 @@ use crate::context::CentralContext; use crate::prelude::{ConversationId, CryptoResult, MlsConversation, MlsError}; use core_crypto_keystore::CryptoKeystoreMls; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls_traits::OpenMlsCryptoProvider; impl CentralContext { @@ -25,7 +25,7 @@ impl CentralContext { } impl MlsConversation { - async fn wipe_associated_entities(&mut self, backend: &TransactionalCryptoProvider) -> CryptoResult<()> { + async fn wipe_associated_entities(&mut self, backend: &MlsCryptoProvider) -> CryptoResult<()> { // the own client may or may not have generated an epoch keypair in the previous epoch // Since it is a terminal operation, ignoring the error is fine here. let _ = self.group.delete_previous_epoch_keypairs(backend).await; diff --git a/crypto/src/mls/credential/crl.rs b/crypto/src/mls/credential/crl.rs index 4438b881e..e20139a24 100644 --- a/crypto/src/mls/credential/crl.rs +++ b/crypto/src/mls/credential/crl.rs @@ -2,7 +2,7 @@ use crate::context::CentralContext; use crate::e2e_identity::init_certificates::NewCrlDistributionPoint; use crate::{CryptoError, CryptoResult}; use core_crypto_keystore::{connection::FetchFromDatabase, entities::E2eiCrl}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::{ group::MlsGroup, prelude::{Certificate, MlsCredentialType, Proposal, StagedCommit}, @@ -66,7 +66,7 @@ pub(crate) fn extract_dp(cert: &Certificate) -> CryptoResult> { } pub(crate) async fn get_new_crl_distribution_points( - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, mut crl_dps: HashSet, ) -> CryptoResult { if crl_dps.is_empty() { diff --git a/crypto/src/mls/credential/mod.rs b/crypto/src/mls/credential/mod.rs index c6e048084..940948121 100644 --- a/crypto/src/mls/credential/mod.rs +++ b/crypto/src/mls/credential/mod.rs @@ -13,7 +13,7 @@ use openmls_basic_credential::SignatureKeyPair; use openmls_traits::types::SignatureScheme; use openmls_x509_credential::CertificateKeyPair; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::prelude::{CertificateBundle, Client, ClientId, CryptoResult, MlsError}; @@ -104,7 +104,7 @@ impl Client { pub(crate) fn new_basic_credential_bundle( id: &ClientId, sc: SignatureScheme, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, ) -> CryptoResult { let (sk, pk) = backend.crypto().signature_key_gen(sc).map_err(MlsError::from)?; diff --git a/crypto/src/mls/external_commit.rs b/crypto/src/mls/external_commit.rs index 30cd1cc5e..34588ad0c 100644 --- a/crypto/src/mls/external_commit.rs +++ b/crypto/src/mls/external_commit.rs @@ -14,7 +14,7 @@ // You should have received a copy of the GNU General Public License // along with this program. If not, see http://www.gnu.org/licenses/. -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{ group_info::VerifiableGroupInfo, CredentialType, MlsGroup, MlsMessageOut, Proposal, Sender, StagedCommit, }; @@ -236,7 +236,7 @@ impl MlsConversation { commit: &StagedCommit, sender: ClientId, parent_conversation: Option<&GroupStoreValue>, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, callbacks: Option<&dyn CoreCryptoCallbacks>, ) -> CryptoResult<()> { // i.e. has this commit been created by [MlsCentral::join_by_external_commit] ? diff --git a/crypto/src/mls/proposal.rs b/crypto/src/mls/proposal.rs index 8cffc7ef3..52ec4a610 100644 --- a/crypto/src/mls/proposal.rs +++ b/crypto/src/mls/proposal.rs @@ -16,7 +16,7 @@ use openmls::prelude::{hash_ref::ProposalRef, KeyPackage}; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use crate::{ mls::{ClientId, ConversationId, MlsConversation}, @@ -73,7 +73,7 @@ impl MlsProposal { async fn create( self, client: &Client, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, mut conversation: impl std::ops::DerefMut, ) -> CryptoResult { let proposal = match self { diff --git a/crypto/src/test_utils/central.rs b/crypto/src/test_utils/central.rs index 00f2bba3e..d2f9d5680 100644 --- a/crypto/src/test_utils/central.rs +++ b/crypto/src/test_utils/central.rs @@ -18,7 +18,7 @@ use core_crypto_keystore::connection::FetchFromDatabase; use core_crypto_keystore::entities::{ EntityFindParams, MlsCredential, MlsEncryptionKeyPair, MlsHpkePrivateKey, MlsKeyPackage, MlsSignatureKeyPair, }; -use mls_crypto_provider::TransactionalCryptoProvider; +use mls_crypto_provider::MlsCryptoProvider; use openmls::prelude::{ group_info::VerifiableGroupInfo, Credential, CredentialWithKey, CryptoConfig, ExternalSender, HpkePublicKey, KeyPackage, KeyPackageIn, LeafNodeIndex, Lifetime, MlsMessageIn, QueuedProposal, SignaturePublicKey, StagedCommit, @@ -673,7 +673,7 @@ impl MlsConversation { impl Client { pub(crate) async fn init_x509_credential_bundle_if_missing( &mut self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, sc: SignatureScheme, cb: CertificateBundle, ) -> CryptoResult<()> { @@ -692,7 +692,7 @@ impl Client { pub(crate) async fn generate_one_keypackage( &self, - backend: &TransactionalCryptoProvider, + backend: &MlsCryptoProvider, cs: MlsCiphersuite, ct: MlsCredentialType, ) -> CryptoResult { diff --git a/mls-provider/src/lib.rs b/mls-provider/src/lib.rs index 6cd99de32..3b0e10eac 100644 --- a/mls-provider/src/lib.rs +++ b/mls-provider/src/lib.rs @@ -95,7 +95,6 @@ pub struct MlsCryptoProvider { key_store: CryptoKeystore, pki_env: PkiEnvironmentProvider, } -pub type TransactionalCryptoProvider = MlsCryptoProvider; impl MlsCryptoProvider { /// Initialize a CryptoProvider with a backend following the provided `config` (see: [MlsCryptoProviderConfiguration]) @@ -145,12 +144,8 @@ impl MlsCryptoProvider { /// Clones the references of the PkiEnvironment and the CryptoProvider into a transaction /// keystore to pass to openmls as the `OpenMlsCryptoProvider` - pub async fn new_transaction(&self) -> MlsProviderResult { - Ok(TransactionalCryptoProvider { - crypto: self.crypto.clone(), - tx: self.key_store.new_transaction().await?, - pki_env: self.pki_env.clone(), - }) + pub async fn new_transaction(&self) -> MlsProviderResult<()> { + self.key_store.new_transaction().await.map_err(Into::into) } /// Replaces the PKI env currently in place @@ -220,26 +215,3 @@ impl openmls_traits::OpenMlsCryptoProvider for MlsCryptoProvider { &self.pki_env } } - -impl openmls_traits::OpenMlsCryptoProvider for TransactionalCryptoProvider { - type CryptoProvider = RustCrypto; - type RandProvider = RustCrypto; - type KeyStoreProvider = KeystoreTransaction; - type AuthenticationServiceProvider = PkiEnvironmentProvider; - - fn crypto(&self) -> &Self::CryptoProvider { - &self.crypto - } - - fn rand(&self) -> &Self::RandProvider { - &self.crypto - } - - fn key_store(&self) -> &Self::KeyStoreProvider { - &self.tx - } - - fn authentication_service(&self) -> &Self::AuthenticationServiceProvider { - &self.pki_env - } -}