1 //
2 // Copyright 2021 Signal Messenger, LLC.
3 // SPDX-License-Identifier: AGPL-3.0-only
4 //
5
6 use libsignal_bridge_macros::*;
7 use libsignal_protocol::error::Result;
8 use libsignal_protocol::*;
9 use static_assertions::const_assert_eq;
10 use std::convert::TryFrom;
11 use uuid::Uuid;
12
13 // Will be unused when building for Node only.
14 #[allow(unused_imports)]
15 use futures_util::FutureExt;
16
17 use crate::support::*;
18 use crate::*;
19
20 bridge_handle!(CiphertextMessage, clone = false, jni = false);
21 bridge_handle!(DecryptionErrorMessage);
22 bridge_handle!(Fingerprint, jni = NumericFingerprintGenerator);
23 bridge_handle!(PlaintextContent);
24 bridge_handle!(PreKeyBundle);
25 bridge_handle!(PreKeyRecord);
26 bridge_handle!(PreKeySignalMessage);
27 bridge_handle!(PrivateKey, ffi = privatekey, jni = ECPrivateKey);
28 bridge_handle!(ProtocolAddress, ffi = address);
29 bridge_handle!(PublicKey, ffi = publickey, jni = ECPublicKey);
30 bridge_handle!(SenderCertificate);
31 bridge_handle!(SenderKeyDistributionMessage);
32 bridge_handle!(SenderKeyMessage);
33 bridge_handle!(SenderKeyRecord);
34 bridge_handle!(ServerCertificate);
35 bridge_handle!(SessionRecord, mut = true);
36 bridge_handle!(SignalMessage, ffi = message);
37 bridge_handle!(SignedPreKeyRecord);
38 bridge_handle!(UnidentifiedSenderMessageContent, clone = false);
39 bridge_handle!(SealedSenderDecryptionResult, ffi = false, jni = false);
40
41 #[bridge_fn_buffer(ffi = false)]
HKDF_DeriveSecrets<E: Env>( env: E, output_length: u32, version: u32, ikm: &[u8], label: Option<&[u8]>, salt: Option<&[u8]>, ) -> Result<E::Buffer>42 fn HKDF_DeriveSecrets<E: Env>(
43 env: E,
44 output_length: u32,
45 version: u32,
46 ikm: &[u8],
47 label: Option<&[u8]>,
48 salt: Option<&[u8]>,
49 ) -> Result<E::Buffer> {
50 let kdf = HKDF::new(version)?;
51 let label = label.unwrap_or(&[]);
52 let buffer = match salt {
53 Some(salt) => kdf.derive_salted_secrets(ikm, salt, label, output_length as usize)?,
54 None => kdf.derive_secrets(ikm, label, output_length as usize)?,
55 };
56 Ok(env.buffer(buffer.into_vec()))
57 }
58
59 // Alternate implementation to fill an existing buffer.
60 #[bridge_fn_void(jni = false, node = false)]
HKDF_Derive( output: &mut [u8], version: u32, ikm: &[u8], label: &[u8], salt: &[u8], ) -> Result<()>61 fn HKDF_Derive(
62 output: &mut [u8],
63 version: u32,
64 ikm: &[u8],
65 label: &[u8],
66 salt: &[u8],
67 ) -> Result<()> {
68 let kdf = HKDF::new(version)?;
69 let kdf_output = kdf.derive_salted_secrets(ikm, salt, label, output.len())?;
70 output.copy_from_slice(&kdf_output);
71 Ok(())
72 }
73
74 #[bridge_fn(ffi = "address_new")]
ProtocolAddress_New(name: String, device_id: u32) -> ProtocolAddress75 fn ProtocolAddress_New(name: String, device_id: u32) -> ProtocolAddress {
76 ProtocolAddress::new(name, device_id)
77 }
78
79 bridge_deserialize!(PublicKey::deserialize, ffi = publickey, jni = false);
80
81 // Alternate implementation to deserialize from an offset.
82 #[bridge_fn(ffi = false, node = false)]
ECPublicKey_Deserialize(data: &[u8], offset: u32) -> Result<PublicKey>83 fn ECPublicKey_Deserialize(data: &[u8], offset: u32) -> Result<PublicKey> {
84 let offset = offset as usize;
85 PublicKey::deserialize(&data[offset..])
86 }
87
88 bridge_get_bytearray!(
89 PublicKey::serialize as Serialize,
90 ffi = "publickey_serialize",
91 jni = "ECPublicKey_1Serialize"
92 );
93 bridge_get_bytearray!(
94 PublicKey::public_key_bytes,
95 ffi = "publickey_get_public_key_bytes",
96 jni = "ECPublicKey_1GetPublicKeyBytes"
97 );
98 bridge_get!(ProtocolAddress::device_id as DeviceId -> u32, ffi = "address_get_device_id");
99 bridge_get!(ProtocolAddress::name as Name -> &str, ffi = "address_get_name");
100
101 #[bridge_fn(ffi = "publickey_compare", node = "PublicKey_Compare")]
ECPublicKey_Compare(key1: &PublicKey, key2: &PublicKey) -> i32102 fn ECPublicKey_Compare(key1: &PublicKey, key2: &PublicKey) -> i32 {
103 match key1.cmp(key2) {
104 std::cmp::Ordering::Less => -1,
105 std::cmp::Ordering::Equal => 0,
106 std::cmp::Ordering::Greater => 1,
107 }
108 }
109
110 #[bridge_fn(ffi = "publickey_verify", node = "PublicKey_Verify")]
ECPublicKey_Verify(key: &PublicKey, message: &[u8], signature: &[u8]) -> Result<bool>111 fn ECPublicKey_Verify(key: &PublicKey, message: &[u8], signature: &[u8]) -> Result<bool> {
112 key.verify_signature(message, signature)
113 }
114
115 bridge_deserialize!(
116 PrivateKey::deserialize,
117 ffi = privatekey,
118 jni = ECPrivateKey
119 );
120 bridge_get_bytearray!(
121 PrivateKey::serialize as Serialize,
122 ffi = "privatekey_serialize",
123 jni = "ECPrivateKey_1Serialize"
124 );
125
126 #[bridge_fn(ffi = "privatekey_generate", node = "PrivateKey_Generate")]
ECPrivateKey_Generate() -> PrivateKey127 fn ECPrivateKey_Generate() -> PrivateKey {
128 let mut rng = rand::rngs::OsRng;
129 let keypair = KeyPair::generate(&mut rng);
130 keypair.private_key
131 }
132
133 #[bridge_fn(ffi = "privatekey_get_public_key", node = "PrivateKey_GetPublicKey")]
ECPrivateKey_GetPublicKey(k: &PrivateKey) -> Result<PublicKey>134 fn ECPrivateKey_GetPublicKey(k: &PrivateKey) -> Result<PublicKey> {
135 k.public_key()
136 }
137
138 #[bridge_fn_buffer(ffi = "privatekey_sign", node = "PrivateKey_Sign")]
ECPrivateKey_Sign<T: Env>(env: T, key: &PrivateKey, message: &[u8]) -> Result<T::Buffer>139 fn ECPrivateKey_Sign<T: Env>(env: T, key: &PrivateKey, message: &[u8]) -> Result<T::Buffer> {
140 let mut rng = rand::rngs::OsRng;
141 let sig = key.calculate_signature(message, &mut rng)?;
142 Ok(env.buffer(sig.into_vec()))
143 }
144
145 #[bridge_fn_buffer(ffi = "privatekey_agree", node = "PrivateKey_Agree")]
ECPrivateKey_Agree<T: Env>( env: T, private_key: &PrivateKey, public_key: &PublicKey, ) -> Result<T::Buffer>146 fn ECPrivateKey_Agree<T: Env>(
147 env: T,
148 private_key: &PrivateKey,
149 public_key: &PublicKey,
150 ) -> Result<T::Buffer> {
151 let dh_secret = private_key.calculate_agreement(public_key)?;
152 Ok(env.buffer(dh_secret.into_vec()))
153 }
154
155 #[bridge_fn_buffer(ffi = "identitykeypair_serialize")]
IdentityKeyPair_Serialize<T: Env>( env: T, public_key: &PublicKey, private_key: &PrivateKey, ) -> Result<T::Buffer>156 fn IdentityKeyPair_Serialize<T: Env>(
157 env: T,
158 public_key: &PublicKey,
159 private_key: &PrivateKey,
160 ) -> Result<T::Buffer> {
161 let identity_key_pair = IdentityKeyPair::new(IdentityKey::new(*public_key), *private_key);
162 Ok(env.buffer(identity_key_pair.serialize().into_vec()))
163 }
164
165 #[bridge_fn(jni = false)]
Fingerprint_New( iterations: u32, version: u32, local_identifier: &[u8], local_key: &PublicKey, remote_identifier: &[u8], remote_key: &PublicKey, ) -> Result<Fingerprint>166 fn Fingerprint_New(
167 iterations: u32,
168 version: u32,
169 local_identifier: &[u8],
170 local_key: &PublicKey,
171 remote_identifier: &[u8],
172 remote_key: &PublicKey,
173 ) -> Result<Fingerprint> {
174 Fingerprint::new(
175 version,
176 iterations,
177 local_identifier,
178 &IdentityKey::new(*local_key),
179 remote_identifier,
180 &IdentityKey::new(*remote_key),
181 )
182 }
183
184 // Alternate implementation that takes untyped buffers.
185 #[bridge_fn(ffi = false, node = false)]
NumericFingerprintGenerator_New( iterations: u32, version: u32, local_identifier: &[u8], local_key: &[u8], remote_identifier: &[u8], remote_key: &[u8], ) -> Result<Fingerprint>186 fn NumericFingerprintGenerator_New(
187 iterations: u32,
188 version: u32,
189 local_identifier: &[u8],
190 local_key: &[u8],
191 remote_identifier: &[u8],
192 remote_key: &[u8],
193 ) -> Result<Fingerprint> {
194 let local_key = IdentityKey::decode(local_key)?;
195 let remote_key = IdentityKey::decode(remote_key)?;
196
197 Fingerprint::new(
198 version,
199 iterations,
200 local_identifier,
201 &local_key,
202 remote_identifier,
203 &remote_key,
204 )
205 }
206
207 #[bridge_fn_buffer(jni = "NumericFingerprintGenerator_1GetScannableEncoding")]
Fingerprint_ScannableEncoding<E: Env>(env: E, obj: &Fingerprint) -> Result<E::Buffer>208 fn Fingerprint_ScannableEncoding<E: Env>(env: E, obj: &Fingerprint) -> Result<E::Buffer> {
209 Ok(env.buffer(obj.scannable.serialize()?))
210 }
211
212 bridge_get!(
213 Fingerprint::display_string as DisplayString -> String,
214 jni = "NumericFingerprintGenerator_1GetDisplayString"
215 );
216
217 #[bridge_fn(ffi = "fingerprint_compare")]
ScannableFingerprint_Compare(fprint1: &[u8], fprint2: &[u8]) -> Result<bool>218 fn ScannableFingerprint_Compare(fprint1: &[u8], fprint2: &[u8]) -> Result<bool> {
219 ScannableFingerprint::deserialize(fprint1)?.compare(fprint2)
220 }
221
222 bridge_deserialize!(SignalMessage::try_from, ffi = message);
223
224 #[bridge_fn_buffer(ffi = false, node = false)]
SignalMessage_GetSenderRatchetKey<E: Env>(env: E, m: &SignalMessage) -> E::Buffer225 fn SignalMessage_GetSenderRatchetKey<E: Env>(env: E, m: &SignalMessage) -> E::Buffer {
226 env.buffer(m.sender_ratchet_key().serialize().into_vec())
227 }
228
229 bridge_get_bytearray!(SignalMessage::body, ffi = "message_get_body");
230 bridge_get_bytearray!(SignalMessage::serialized, ffi = "message_get_serialized");
231 bridge_get!(SignalMessage::counter -> u32, ffi = "message_get_counter");
232 bridge_get!(SignalMessage::message_version -> u32, ffi = "message_get_message_version");
233
234 #[bridge_fn(ffi = "message_new")]
SignalMessage_New( message_version: u8, mac_key: &[u8], sender_ratchet_key: &PublicKey, counter: u32, previous_counter: u32, ciphertext: &[u8], sender_identity_key: &PublicKey, receiver_identity_key: &PublicKey, ) -> Result<SignalMessage>235 fn SignalMessage_New(
236 message_version: u8,
237 mac_key: &[u8],
238 sender_ratchet_key: &PublicKey,
239 counter: u32,
240 previous_counter: u32,
241 ciphertext: &[u8],
242 sender_identity_key: &PublicKey,
243 receiver_identity_key: &PublicKey,
244 ) -> Result<SignalMessage> {
245 SignalMessage::new(
246 message_version,
247 mac_key,
248 *sender_ratchet_key,
249 counter,
250 previous_counter,
251 ciphertext,
252 &IdentityKey::new(*sender_identity_key),
253 &IdentityKey::new(*receiver_identity_key),
254 )
255 }
256
257 #[bridge_fn(ffi = "message_verify_mac")]
SignalMessage_VerifyMac( msg: &SignalMessage, sender_identity_key: &PublicKey, receiver_identity_key: &PublicKey, mac_key: &[u8], ) -> Result<bool>258 fn SignalMessage_VerifyMac(
259 msg: &SignalMessage,
260 sender_identity_key: &PublicKey,
261 receiver_identity_key: &PublicKey,
262 mac_key: &[u8],
263 ) -> Result<bool> {
264 msg.verify_mac(
265 &IdentityKey::new(*sender_identity_key),
266 &IdentityKey::new(*receiver_identity_key),
267 mac_key,
268 )
269 }
270
271 #[bridge_fn(ffi = "message_get_sender_ratchet_key", jni = false, node = false)]
Message_GetSenderRatchetKey(m: &SignalMessage) -> PublicKey272 fn Message_GetSenderRatchetKey(m: &SignalMessage) -> PublicKey {
273 *m.sender_ratchet_key()
274 }
275
276 #[bridge_fn]
PreKeySignalMessage_New( message_version: u8, registration_id: u32, pre_key_id: Option<u32>, signed_pre_key_id: u32, base_key: &PublicKey, identity_key: &PublicKey, signal_message: &SignalMessage, ) -> Result<PreKeySignalMessage>277 fn PreKeySignalMessage_New(
278 message_version: u8,
279 registration_id: u32,
280 pre_key_id: Option<u32>,
281 signed_pre_key_id: u32,
282 base_key: &PublicKey,
283 identity_key: &PublicKey,
284 signal_message: &SignalMessage,
285 ) -> Result<PreKeySignalMessage> {
286 PreKeySignalMessage::new(
287 message_version,
288 registration_id,
289 pre_key_id,
290 signed_pre_key_id,
291 *base_key,
292 IdentityKey::new(*identity_key),
293 signal_message.clone(),
294 )
295 }
296
297 #[bridge_fn(jni = false, node = false)]
PreKeySignalMessage_GetBaseKey(m: &PreKeySignalMessage) -> PublicKey298 fn PreKeySignalMessage_GetBaseKey(m: &PreKeySignalMessage) -> PublicKey {
299 *m.base_key()
300 }
301
302 #[bridge_fn(jni = false, node = false)]
PreKeySignalMessage_GetIdentityKey(m: &PreKeySignalMessage) -> PublicKey303 fn PreKeySignalMessage_GetIdentityKey(m: &PreKeySignalMessage) -> PublicKey {
304 *m.identity_key().public_key()
305 }
306
307 #[bridge_fn(jni = false, node = false)]
PreKeySignalMessage_GetSignalMessage(m: &PreKeySignalMessage) -> SignalMessage308 fn PreKeySignalMessage_GetSignalMessage(m: &PreKeySignalMessage) -> SignalMessage {
309 m.message().clone()
310 }
311
312 bridge_deserialize!(PreKeySignalMessage::try_from);
313 bridge_get_bytearray!(
314 PreKeySignalMessage::serialized as Serialize,
315 jni = "PreKeySignalMessage_1GetSerialized"
316 );
317
318 #[bridge_fn_buffer(ffi = false, jni = "PreKeySignalMessage_1GetBaseKey", node = false)]
PreKeySignalMessage_GetBaseKeySerialized<E: Env>(env: E, m: &PreKeySignalMessage) -> E::Buffer319 fn PreKeySignalMessage_GetBaseKeySerialized<E: Env>(env: E, m: &PreKeySignalMessage) -> E::Buffer {
320 env.buffer(m.base_key().serialize().into_vec())
321 }
322
323 #[bridge_fn_buffer(ffi = false, jni = "PreKeySignalMessage_1GetIdentityKey", node = false)]
PreKeySignalMessage_GetIdentityKeySerialized<E: Env>( env: E, m: &PreKeySignalMessage, ) -> E::Buffer324 fn PreKeySignalMessage_GetIdentityKeySerialized<E: Env>(
325 env: E,
326 m: &PreKeySignalMessage,
327 ) -> E::Buffer {
328 env.buffer(m.identity_key().serialize().into_vec())
329 }
330
331 #[bridge_fn_buffer(
332 ffi = false,
333 jni = "PreKeySignalMessage_1GetSignalMessage",
334 node = false
335 )]
PreKeySignalMessage_GetSignalMessageSerialized<E: Env>( env: E, m: &PreKeySignalMessage, ) -> E::Buffer336 fn PreKeySignalMessage_GetSignalMessageSerialized<E: Env>(
337 env: E,
338 m: &PreKeySignalMessage,
339 ) -> E::Buffer {
340 env.buffer(m.message().serialized())
341 }
342
343 bridge_get!(PreKeySignalMessage::registration_id -> u32);
344 bridge_get!(PreKeySignalMessage::signed_pre_key_id -> u32);
345 bridge_get!(PreKeySignalMessage::pre_key_id -> Option<u32>);
346 bridge_get!(PreKeySignalMessage::message_version as GetVersion -> u32);
347
348 bridge_deserialize!(SenderKeyMessage::try_from);
349 bridge_get_bytearray!(SenderKeyMessage::ciphertext as GetCipherText);
350 bridge_get_bytearray!(
351 SenderKeyMessage::serialized as Serialize,
352 jni = "SenderKeyMessage_1GetSerialized"
353 );
354 bridge_get!(SenderKeyMessage::distribution_id -> Uuid, ffi = false);
355 bridge_get!(SenderKeyMessage::chain_id -> u32);
356 bridge_get!(SenderKeyMessage::iteration -> u32);
357
358 // Alternate form that copies into an existing buffer.
359 #[bridge_fn_void(jni = false, node = false)]
SenderKeyMessageGetDistributionId(out: &mut [u8; 16], obj: &SenderKeyMessage) -> Result<()>360 fn SenderKeyMessageGetDistributionId(out: &mut [u8; 16], obj: &SenderKeyMessage) -> Result<()> {
361 *out = *obj.distribution_id().as_bytes();
362 Ok(())
363 }
364
365 // For testing
366 #[bridge_fn]
SenderKeyMessage_New( message_version: u8, distribution_id: Uuid, chain_id: u32, iteration: u32, ciphertext: &[u8], pk: &PrivateKey, ) -> Result<SenderKeyMessage>367 fn SenderKeyMessage_New(
368 message_version: u8,
369 distribution_id: Uuid,
370 chain_id: u32,
371 iteration: u32,
372 ciphertext: &[u8],
373 pk: &PrivateKey,
374 ) -> Result<SenderKeyMessage> {
375 let mut csprng = rand::rngs::OsRng;
376 SenderKeyMessage::new(
377 message_version,
378 distribution_id,
379 chain_id,
380 iteration,
381 ciphertext.into(),
382 &mut csprng,
383 pk,
384 )
385 }
386
387 #[bridge_fn]
SenderKeyMessage_VerifySignature(skm: &SenderKeyMessage, pubkey: &PublicKey) -> Result<bool>388 fn SenderKeyMessage_VerifySignature(skm: &SenderKeyMessage, pubkey: &PublicKey) -> Result<bool> {
389 skm.verify_signature(pubkey)
390 }
391
392 bridge_deserialize!(SenderKeyDistributionMessage::try_from);
393 bridge_get_bytearray!(SenderKeyDistributionMessage::chain_key);
394
395 #[bridge_fn_buffer(
396 ffi = false,
397 jni = "SenderKeyDistributionMessage_1GetSignatureKey",
398 node = false
399 )]
SenderKeyDistributionMessage_GetSignatureKeySerialized<E: Env>( env: E, m: &SenderKeyDistributionMessage, ) -> Result<E::Buffer>400 fn SenderKeyDistributionMessage_GetSignatureKeySerialized<E: Env>(
401 env: E,
402 m: &SenderKeyDistributionMessage,
403 ) -> Result<E::Buffer> {
404 Ok(env.buffer(m.signing_key()?.serialize().into_vec()))
405 }
406
407 bridge_get_bytearray!(
408 SenderKeyDistributionMessage::serialized as Serialize,
409 jni = "SenderKeyDistributionMessage_1GetSerialized"
410 );
411 bridge_get!(SenderKeyDistributionMessage::distribution_id -> Uuid, ffi = false);
412 bridge_get!(SenderKeyDistributionMessage::chain_id -> u32);
413 bridge_get!(SenderKeyDistributionMessage::iteration -> u32);
414
415 // Alternate form that copies into an existing buffer.
416 #[bridge_fn_void(jni = false, node = false)]
SenderKeyDistributionMessageGetDistributionId( out: &mut [u8; 16], obj: &SenderKeyDistributionMessage, ) -> Result<()>417 fn SenderKeyDistributionMessageGetDistributionId(
418 out: &mut [u8; 16],
419 obj: &SenderKeyDistributionMessage,
420 ) -> Result<()> {
421 *out = *obj.distribution_id()?.as_bytes();
422 Ok(())
423 }
424
425 // For testing
426 #[bridge_fn]
SenderKeyDistributionMessage_New( message_version: u8, distribution_id: Uuid, chain_id: u32, iteration: u32, chainkey: &[u8], pk: &PublicKey, ) -> Result<SenderKeyDistributionMessage>427 fn SenderKeyDistributionMessage_New(
428 message_version: u8,
429 distribution_id: Uuid,
430 chain_id: u32,
431 iteration: u32,
432 chainkey: &[u8],
433 pk: &PublicKey,
434 ) -> Result<SenderKeyDistributionMessage> {
435 SenderKeyDistributionMessage::new(
436 message_version,
437 distribution_id,
438 chain_id,
439 iteration,
440 chainkey.into(),
441 *pk,
442 )
443 }
444
445 #[bridge_fn(jni = false, node = false)]
SenderKeyDistributionMessage_GetSignatureKey( m: &SenderKeyDistributionMessage, ) -> Result<PublicKey>446 fn SenderKeyDistributionMessage_GetSignatureKey(
447 m: &SenderKeyDistributionMessage,
448 ) -> Result<PublicKey> {
449 Ok(*m.signing_key()?)
450 }
451
452 bridge_deserialize!(DecryptionErrorMessage::try_from);
453 bridge_get!(DecryptionErrorMessage::timestamp -> u64);
454 bridge_get!(DecryptionErrorMessage::device_id -> u32);
455 bridge_get_bytearray!(
456 DecryptionErrorMessage::serialized as Serialize,
457 jni = "DecryptionErrorMessage_1GetSerialized"
458 );
459
460 #[bridge_fn]
DecryptionErrorMessage_GetRatchetKey(m: &DecryptionErrorMessage) -> Option<PublicKey>461 fn DecryptionErrorMessage_GetRatchetKey(m: &DecryptionErrorMessage) -> Option<PublicKey> {
462 m.ratchet_key().cloned()
463 }
464
465 #[bridge_fn]
DecryptionErrorMessage_ForOriginalMessage( original_bytes: &[u8], original_type: u8, original_timestamp: u64, original_sender_device_id: u32, ) -> Result<DecryptionErrorMessage>466 fn DecryptionErrorMessage_ForOriginalMessage(
467 original_bytes: &[u8],
468 original_type: u8,
469 original_timestamp: u64,
470 original_sender_device_id: u32,
471 ) -> Result<DecryptionErrorMessage> {
472 let original_type = CiphertextMessageType::try_from(original_type).map_err(|_| {
473 SignalProtocolError::InvalidArgument(format!("unknown message type {}", original_type))
474 })?;
475 DecryptionErrorMessage::for_original(
476 original_bytes,
477 original_type,
478 original_timestamp,
479 original_sender_device_id,
480 )
481 }
482
483 #[bridge_fn]
DecryptionErrorMessage_ExtractFromSerializedContent( bytes: &[u8], ) -> Result<DecryptionErrorMessage>484 fn DecryptionErrorMessage_ExtractFromSerializedContent(
485 bytes: &[u8],
486 ) -> Result<DecryptionErrorMessage> {
487 extract_decryption_error_message_from_serialized_content(bytes)
488 }
489
490 bridge_deserialize!(PlaintextContent::try_from);
491 bridge_get_bytearray!(
492 PlaintextContent::serialized as Serialize,
493 jni = "PlaintextContent_1GetSerialized"
494 );
495 bridge_get_bytearray!(PlaintextContent::body);
496
497 #[bridge_fn]
PlaintextContent_FromDecryptionErrorMessage(m: &DecryptionErrorMessage) -> PlaintextContent498 fn PlaintextContent_FromDecryptionErrorMessage(m: &DecryptionErrorMessage) -> PlaintextContent {
499 PlaintextContent::from(m.clone())
500 }
501
502 /// Save an allocation by decrypting all in one go.
503 ///
504 /// Only useful for APIs that *do* decrypt all in one go, which is currently just Java.
505 #[bridge_fn_buffer(ffi = false, node = false)]
PlaintextContent_DeserializeAndGetContent<E: Env>(env: E, bytes: &[u8]) -> Result<E::Buffer>506 fn PlaintextContent_DeserializeAndGetContent<E: Env>(env: E, bytes: &[u8]) -> Result<E::Buffer> {
507 Ok(env.buffer(PlaintextContent::try_from(bytes)?.body()))
508 }
509
510 #[bridge_fn]
PreKeyBundle_New( registration_id: u32, device_id: u32, prekey_id: Option<u32>, prekey: Option<&PublicKey>, signed_prekey_id: u32, signed_prekey: &PublicKey, signed_prekey_signature: &[u8], identity_key: &PublicKey, ) -> Result<PreKeyBundle>511 fn PreKeyBundle_New(
512 registration_id: u32,
513 device_id: u32,
514 prekey_id: Option<u32>,
515 prekey: Option<&PublicKey>,
516 signed_prekey_id: u32,
517 signed_prekey: &PublicKey,
518 signed_prekey_signature: &[u8],
519 identity_key: &PublicKey,
520 ) -> Result<PreKeyBundle> {
521 let identity_key = IdentityKey::new(*identity_key);
522
523 let prekey = match (prekey, prekey_id) {
524 (None, None) => None,
525 (Some(k), Some(id)) => Some((id, *k)),
526 _ => {
527 return Err(SignalProtocolError::InvalidArgument(
528 "Must supply both or neither of prekey and prekey_id".to_owned(),
529 ))
530 }
531 };
532
533 PreKeyBundle::new(
534 registration_id,
535 device_id,
536 prekey,
537 signed_prekey_id,
538 *signed_prekey,
539 signed_prekey_signature.to_vec(),
540 identity_key,
541 )
542 }
543
544 #[bridge_fn]
PreKeyBundle_GetIdentityKey(p: &PreKeyBundle) -> Result<PublicKey>545 fn PreKeyBundle_GetIdentityKey(p: &PreKeyBundle) -> Result<PublicKey> {
546 Ok(*p.identity_key()?.public_key())
547 }
548
549 bridge_get_bytearray!(PreKeyBundle::signed_pre_key_signature);
550 bridge_get!(PreKeyBundle::registration_id -> u32);
551 bridge_get!(PreKeyBundle::device_id -> u32);
552 bridge_get!(PreKeyBundle::signed_pre_key_id -> u32);
553 bridge_get!(PreKeyBundle::pre_key_id -> Option<u32>);
554 bridge_get!(PreKeyBundle::pre_key_public -> Option<PublicKey>);
555 bridge_get!(PreKeyBundle::signed_pre_key_public -> PublicKey);
556
557 bridge_deserialize!(SignedPreKeyRecord::deserialize);
558 bridge_get_bytearray!(SignedPreKeyRecord::signature);
559 bridge_get_bytearray!(
560 SignedPreKeyRecord::serialize as Serialize,
561 jni = "SignedPreKeyRecord_1GetSerialized"
562 );
563 bridge_get!(SignedPreKeyRecord::id -> u32);
564 bridge_get!(SignedPreKeyRecord::timestamp -> u64);
565 bridge_get!(SignedPreKeyRecord::public_key -> PublicKey);
566 bridge_get!(SignedPreKeyRecord::private_key -> PrivateKey);
567
568 #[bridge_fn]
SignedPreKeyRecord_New( id: u32, timestamp: u64, pub_key: &PublicKey, priv_key: &PrivateKey, signature: &[u8], ) -> SignedPreKeyRecord569 fn SignedPreKeyRecord_New(
570 id: u32,
571 timestamp: u64,
572 pub_key: &PublicKey,
573 priv_key: &PrivateKey,
574 signature: &[u8],
575 ) -> SignedPreKeyRecord {
576 let keypair = KeyPair::new(*pub_key, *priv_key);
577 SignedPreKeyRecord::new(id, timestamp, &keypair, signature)
578 }
579
580 bridge_deserialize!(PreKeyRecord::deserialize);
581 bridge_get_bytearray!(
582 PreKeyRecord::serialize as Serialize,
583 jni = "PreKeyRecord_1GetSerialized"
584 );
585 bridge_get!(PreKeyRecord::id -> u32);
586 bridge_get!(PreKeyRecord::public_key -> PublicKey);
587 bridge_get!(PreKeyRecord::private_key -> PrivateKey);
588
589 #[bridge_fn]
PreKeyRecord_New(id: u32, pub_key: &PublicKey, priv_key: &PrivateKey) -> PreKeyRecord590 fn PreKeyRecord_New(id: u32, pub_key: &PublicKey, priv_key: &PrivateKey) -> PreKeyRecord {
591 let keypair = KeyPair::new(*pub_key, *priv_key);
592 PreKeyRecord::new(id, &keypair)
593 }
594
595 bridge_deserialize!(SenderKeyRecord::deserialize);
596 bridge_get_bytearray!(
597 SenderKeyRecord::serialize as Serialize,
598 jni = "SenderKeyRecord_1GetSerialized"
599 );
600
601 #[bridge_fn(ffi = "sender_key_record_new_fresh")]
SenderKeyRecord_New() -> SenderKeyRecord602 fn SenderKeyRecord_New() -> SenderKeyRecord {
603 SenderKeyRecord::new_empty()
604 }
605
606 bridge_deserialize!(ServerCertificate::deserialize);
607 bridge_get_bytearray!(ServerCertificate::serialized);
608 bridge_get_bytearray!(ServerCertificate::certificate);
609 bridge_get_bytearray!(ServerCertificate::signature);
610 bridge_get!(ServerCertificate::key_id -> u32);
611 bridge_get!(ServerCertificate::public_key as GetKey -> PublicKey);
612
613 #[bridge_fn]
ServerCertificate_New( key_id: u32, server_key: &PublicKey, trust_root: &PrivateKey, ) -> Result<ServerCertificate>614 fn ServerCertificate_New(
615 key_id: u32,
616 server_key: &PublicKey,
617 trust_root: &PrivateKey,
618 ) -> Result<ServerCertificate> {
619 let mut rng = rand::rngs::OsRng;
620 ServerCertificate::new(key_id, *server_key, trust_root, &mut rng)
621 }
622
623 bridge_deserialize!(SenderCertificate::deserialize);
624 bridge_get_bytearray!(SenderCertificate::serialized);
625 bridge_get_bytearray!(SenderCertificate::certificate);
626 bridge_get_bytearray!(SenderCertificate::signature);
627 bridge_get!(SenderCertificate::sender_uuid -> &str);
628 bridge_get!(SenderCertificate::sender_e164 -> Option<&str>);
629 bridge_get!(SenderCertificate::expiration -> u64);
630 bridge_get!(SenderCertificate::sender_device_id as GetDeviceId -> u32);
631 bridge_get!(SenderCertificate::key -> PublicKey);
632
633 #[bridge_fn]
SenderCertificate_Validate( cert: &SenderCertificate, key: &PublicKey, time: u64, ) -> Result<bool>634 fn SenderCertificate_Validate(
635 cert: &SenderCertificate,
636 key: &PublicKey,
637 time: u64,
638 ) -> Result<bool> {
639 cert.validate(key, time)
640 }
641
642 #[bridge_fn]
SenderCertificate_GetServerCertificate(cert: &SenderCertificate) -> Result<ServerCertificate>643 fn SenderCertificate_GetServerCertificate(cert: &SenderCertificate) -> Result<ServerCertificate> {
644 Ok(cert.signer()?.clone())
645 }
646
647 #[bridge_fn]
SenderCertificate_New( sender_uuid: String, sender_e164: Option<String>, sender_device_id: u32, sender_key: &PublicKey, expiration: u64, signer_cert: &ServerCertificate, signer_key: &PrivateKey, ) -> Result<SenderCertificate>648 fn SenderCertificate_New(
649 sender_uuid: String,
650 sender_e164: Option<String>,
651 sender_device_id: u32,
652 sender_key: &PublicKey,
653 expiration: u64,
654 signer_cert: &ServerCertificate,
655 signer_key: &PrivateKey,
656 ) -> Result<SenderCertificate> {
657 let mut rng = rand::rngs::OsRng;
658
659 SenderCertificate::new(
660 sender_uuid,
661 sender_e164,
662 *sender_key,
663 sender_device_id,
664 expiration,
665 signer_cert.clone(),
666 signer_key,
667 &mut rng,
668 )
669 }
670
671 bridge_deserialize!(UnidentifiedSenderMessageContent::deserialize);
672 bridge_get_bytearray!(
673 UnidentifiedSenderMessageContent::serialized as Serialize,
674 jni = "UnidentifiedSenderMessageContent_1GetSerialized"
675 );
676 bridge_get_bytearray!(UnidentifiedSenderMessageContent::contents);
677
678 #[bridge_fn]
UnidentifiedSenderMessageContent_GetSenderCert( m: &UnidentifiedSenderMessageContent, ) -> Result<SenderCertificate>679 fn UnidentifiedSenderMessageContent_GetSenderCert(
680 m: &UnidentifiedSenderMessageContent,
681 ) -> Result<SenderCertificate> {
682 Ok(m.sender()?.clone())
683 }
684
685 #[bridge_fn_buffer]
UnidentifiedSenderMessageContent_GetGroupId<E: Env>( env: E, m: &UnidentifiedSenderMessageContent, ) -> Result<Option<E::Buffer>>686 fn UnidentifiedSenderMessageContent_GetGroupId<E: Env>(
687 env: E,
688 m: &UnidentifiedSenderMessageContent,
689 ) -> Result<Option<E::Buffer>> {
690 Ok(m.group_id()?.map(|buf| env.buffer(buf)))
691 }
692
693 #[bridge_fn]
UnidentifiedSenderMessageContent_GetMsgType(m: &UnidentifiedSenderMessageContent) -> Result<u8>694 fn UnidentifiedSenderMessageContent_GetMsgType(m: &UnidentifiedSenderMessageContent) -> Result<u8> {
695 Ok(m.msg_type()? as u8)
696 }
697
698 #[derive(Debug)]
699 #[repr(C)]
700 pub enum FfiContentHint {
701 Default = 0,
702 Resendable = 1,
703 Implicit = 2,
704 }
705
706 const_assert_eq!(
707 FfiContentHint::Default as u32,
708 ContentHint::Default.to_u32(),
709 );
710 const_assert_eq!(
711 FfiContentHint::Resendable as u32,
712 ContentHint::Resendable.to_u32(),
713 );
714 const_assert_eq!(
715 FfiContentHint::Implicit as u32,
716 ContentHint::Implicit.to_u32()
717 );
718
719 #[bridge_fn]
UnidentifiedSenderMessageContent_GetContentHint( m: &UnidentifiedSenderMessageContent, ) -> Result<u32>720 fn UnidentifiedSenderMessageContent_GetContentHint(
721 m: &UnidentifiedSenderMessageContent,
722 ) -> Result<u32> {
723 Ok(m.content_hint()?.into())
724 }
725
726 #[bridge_fn(ffi = false, jni = false)]
UnidentifiedSenderMessageContent_New( message: &CiphertextMessage, sender: &SenderCertificate, content_hint: u32, group_id: Option<&[u8]>, ) -> Result<UnidentifiedSenderMessageContent>727 fn UnidentifiedSenderMessageContent_New(
728 message: &CiphertextMessage,
729 sender: &SenderCertificate,
730 content_hint: u32,
731 group_id: Option<&[u8]>,
732 ) -> Result<UnidentifiedSenderMessageContent> {
733 UnidentifiedSenderMessageContent::new(
734 message.message_type(),
735 sender.clone(),
736 message.serialize().to_owned(),
737 ContentHint::from(content_hint),
738 group_id.map(|g| g.to_owned()),
739 )
740 }
741
742 // Alternate version for FFI because FFI can't support optional slices.
743 #[bridge_fn(jni = false, node = false)]
UnidentifiedSenderMessageContentNew( message: &CiphertextMessage, sender: &SenderCertificate, content_hint: u32, group_id: &[u8], ) -> Result<UnidentifiedSenderMessageContent>744 fn UnidentifiedSenderMessageContentNew(
745 message: &CiphertextMessage,
746 sender: &SenderCertificate,
747 content_hint: u32,
748 group_id: &[u8],
749 ) -> Result<UnidentifiedSenderMessageContent> {
750 UnidentifiedSenderMessageContent::new(
751 message.message_type(),
752 sender.clone(),
753 message.serialize().to_owned(),
754 ContentHint::from(content_hint),
755 if group_id.is_empty() {
756 None
757 } else {
758 Some(group_id.to_owned())
759 },
760 )
761 }
762
763 // Alternate version for Java since CiphertextMessage isn't opaque in Java.
764 #[bridge_fn(
765 ffi = false,
766 jni = "UnidentifiedSenderMessageContent_1New",
767 node = false
768 )]
UnidentifiedSenderMessageContent_New_Java( message: jni::CiphertextMessageRef, sender: &SenderCertificate, content_hint: u32, group_id: Option<&[u8]>, ) -> Result<UnidentifiedSenderMessageContent>769 fn UnidentifiedSenderMessageContent_New_Java(
770 message: jni::CiphertextMessageRef,
771 sender: &SenderCertificate,
772 content_hint: u32,
773 group_id: Option<&[u8]>,
774 ) -> Result<UnidentifiedSenderMessageContent> {
775 UnidentifiedSenderMessageContent::new(
776 message.message_type(),
777 sender.clone(),
778 message.serialize().to_owned(),
779 ContentHint::from(content_hint),
780 group_id.map(|g| g.to_owned()),
781 )
782 }
783
784 #[derive(Debug)]
785 #[repr(C)]
786 pub enum FfiCiphertextMessageType {
787 Whisper = 2,
788 PreKey = 3,
789 SenderKey = 7,
790 Plaintext = 8,
791 }
792
793 const_assert_eq!(
794 FfiCiphertextMessageType::Whisper as u8,
795 CiphertextMessageType::Whisper as u8
796 );
797 const_assert_eq!(
798 FfiCiphertextMessageType::PreKey as u8,
799 CiphertextMessageType::PreKey as u8
800 );
801 const_assert_eq!(
802 FfiCiphertextMessageType::SenderKey as u8,
803 CiphertextMessageType::SenderKey as u8
804 );
805 const_assert_eq!(
806 FfiCiphertextMessageType::Plaintext as u8,
807 CiphertextMessageType::Plaintext as u8
808 );
809
810 #[bridge_fn(jni = false)]
CiphertextMessage_Type(msg: &CiphertextMessage) -> u8811 fn CiphertextMessage_Type(msg: &CiphertextMessage) -> u8 {
812 msg.message_type() as u8
813 }
814
815 bridge_get_bytearray!(CiphertextMessage::serialize as Serialize, jni = false);
816
817 #[bridge_fn(jni = false)]
CiphertextMessage_FromPlaintextContent(m: &PlaintextContent) -> CiphertextMessage818 fn CiphertextMessage_FromPlaintextContent(m: &PlaintextContent) -> CiphertextMessage {
819 CiphertextMessage::PlaintextContent(m.clone())
820 }
821
822 #[bridge_fn(ffi = false, node = false)]
SessionRecord_NewFresh() -> SessionRecord823 fn SessionRecord_NewFresh() -> SessionRecord {
824 SessionRecord::new_fresh()
825 }
826
827 #[bridge_fn(ffi = false, node = false)]
SessionRecord_FromSingleSessionState(session_state: &[u8]) -> Result<SessionRecord>828 fn SessionRecord_FromSingleSessionState(session_state: &[u8]) -> Result<SessionRecord> {
829 SessionRecord::from_single_session_state(session_state)
830 }
831
832 // For historical reasons Android assumes this function will return zero if there is no session state
833 #[bridge_fn(ffi = false, node = false)]
SessionRecord_GetSessionVersion(s: &SessionRecord) -> Result<u32>834 fn SessionRecord_GetSessionVersion(s: &SessionRecord) -> Result<u32> {
835 match s.session_version() {
836 Ok(v) => Ok(v),
837 Err(SignalProtocolError::InvalidState(_, _)) => Ok(0),
838 Err(e) => Err(e),
839 }
840 }
841
842 #[bridge_fn_void]
SessionRecord_ArchiveCurrentState(session_record: &mut SessionRecord) -> Result<()>843 fn SessionRecord_ArchiveCurrentState(session_record: &mut SessionRecord) -> Result<()> {
844 session_record.archive_current_state()
845 }
846
847 #[bridge_fn]
SessionRecord_CurrentRatchetKeyMatches(s: &SessionRecord, key: &PublicKey) -> Result<bool>848 fn SessionRecord_CurrentRatchetKeyMatches(s: &SessionRecord, key: &PublicKey) -> Result<bool> {
849 s.current_ratchet_key_matches(key)
850 }
851
852 bridge_get!(SessionRecord::has_current_session_state as HasCurrentState -> bool, jni = false);
853
854 bridge_deserialize!(SessionRecord::deserialize);
855 bridge_get_bytearray!(SessionRecord::serialize as Serialize);
856 bridge_get_bytearray!(SessionRecord::alice_base_key, ffi = false, node = false);
857 bridge_get_bytearray!(
858 SessionRecord::local_identity_key_bytes as GetLocalIdentityKeyPublic,
859 ffi = false,
860 node = false
861 );
862 bridge_get_optional_bytearray!(
863 SessionRecord::remote_identity_key_bytes as GetRemoteIdentityKeyPublic,
864 ffi = false,
865 node = false
866 );
867 bridge_get!(SessionRecord::local_registration_id -> u32);
868 bridge_get!(SessionRecord::remote_registration_id -> u32);
869 bridge_get!(SessionRecord::has_sender_chain as HasSenderChain -> bool, ffi = false, node = false);
870
871 bridge_get!(SealedSenderDecryptionResult::sender_uuid -> String, ffi = false, jni = false);
872 bridge_get!(SealedSenderDecryptionResult::sender_e164 -> Option<String>, ffi = false, jni = false);
873 bridge_get!(SealedSenderDecryptionResult::device_id -> u32, ffi = false, jni = false);
874 bridge_get_bytearray!(
875 SealedSenderDecryptionResult::message as Message,
876 ffi = false,
877 jni = false
878 );
879
880 // The following SessionRecord APIs are just exposed to make it possible to retain some of the Java tests:
881
882 bridge_get_bytearray!(
883 SessionRecord::get_sender_chain_key_bytes as GetSenderChainKeyValue,
884 ffi = false,
885 node = false
886 );
887 #[bridge_fn_buffer(ffi = false, node = false)]
SessionRecord_GetReceiverChainKeyValue<E: Env>( env: E, session_state: &SessionRecord, key: &PublicKey, ) -> Result<Option<E::Buffer>>888 fn SessionRecord_GetReceiverChainKeyValue<E: Env>(
889 env: E,
890 session_state: &SessionRecord,
891 key: &PublicKey,
892 ) -> Result<Option<E::Buffer>> {
893 let chain_key = session_state.get_receiver_chain_key(key)?;
894 Ok(chain_key.map(|ck| env.buffer(&ck.key()[..])))
895 }
896
897 #[bridge_fn(ffi = false, node = false)]
SessionRecord_InitializeAliceSession( identity_key_private: &PrivateKey, identity_key_public: &PublicKey, base_private: &PrivateKey, base_public: &PublicKey, their_identity_key: &PublicKey, their_signed_prekey: &PublicKey, their_ratchet_key: &PublicKey, ) -> Result<SessionRecord>898 fn SessionRecord_InitializeAliceSession(
899 identity_key_private: &PrivateKey,
900 identity_key_public: &PublicKey,
901 base_private: &PrivateKey,
902 base_public: &PublicKey,
903 their_identity_key: &PublicKey,
904 their_signed_prekey: &PublicKey,
905 their_ratchet_key: &PublicKey,
906 ) -> Result<SessionRecord> {
907 let our_identity_key_pair = IdentityKeyPair::new(
908 IdentityKey::new(*identity_key_public),
909 *identity_key_private,
910 );
911
912 let our_base_key_pair = KeyPair::new(*base_public, *base_private);
913
914 let their_identity_key = IdentityKey::new(*their_identity_key);
915
916 let mut csprng = rand::rngs::OsRng;
917
918 let parameters = AliceSignalProtocolParameters::new(
919 our_identity_key_pair,
920 our_base_key_pair,
921 their_identity_key,
922 *their_signed_prekey,
923 None,
924 *their_ratchet_key,
925 );
926
927 initialize_alice_session_record(¶meters, &mut csprng)
928 }
929
930 #[bridge_fn(ffi = false, node = false)]
SessionRecord_InitializeBobSession( identity_key_private: &PrivateKey, identity_key_public: &PublicKey, signed_prekey_private: &PrivateKey, signed_prekey_public: &PublicKey, eph_private: &PrivateKey, eph_public: &PublicKey, their_identity_key: &PublicKey, their_base_key: &PublicKey, ) -> Result<SessionRecord>931 fn SessionRecord_InitializeBobSession(
932 identity_key_private: &PrivateKey,
933 identity_key_public: &PublicKey,
934 signed_prekey_private: &PrivateKey,
935 signed_prekey_public: &PublicKey,
936 eph_private: &PrivateKey,
937 eph_public: &PublicKey,
938 their_identity_key: &PublicKey,
939 their_base_key: &PublicKey,
940 ) -> Result<SessionRecord> {
941 let our_identity_key_pair = IdentityKeyPair::new(
942 IdentityKey::new(*identity_key_public),
943 *identity_key_private,
944 );
945
946 let our_signed_pre_key_pair = KeyPair::new(*signed_prekey_public, *signed_prekey_private);
947
948 let our_ratchet_key_pair = KeyPair::new(*eph_public, *eph_private);
949
950 let their_identity_key = IdentityKey::new(*their_identity_key);
951
952 let parameters = BobSignalProtocolParameters::new(
953 our_identity_key_pair,
954 our_signed_pre_key_pair,
955 None,
956 our_ratchet_key_pair,
957 their_identity_key,
958 *their_base_key,
959 );
960
961 initialize_bob_session_record(¶meters)
962 }
963
964 // End SessionRecord testing functions
965
966 #[bridge_fn_void(ffi = "process_prekey_bundle")]
SessionBuilder_ProcessPreKeyBundle( bundle: &PreKeyBundle, protocol_address: &ProtocolAddress, session_store: &mut dyn SessionStore, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<()>967 async fn SessionBuilder_ProcessPreKeyBundle(
968 bundle: &PreKeyBundle,
969 protocol_address: &ProtocolAddress,
970 session_store: &mut dyn SessionStore,
971 identity_key_store: &mut dyn IdentityKeyStore,
972 ctx: Context,
973 ) -> Result<()> {
974 let mut csprng = rand::rngs::OsRng;
975 process_prekey_bundle(
976 protocol_address,
977 session_store,
978 identity_key_store,
979 bundle,
980 &mut csprng,
981 ctx,
982 )
983 .await
984 }
985
986 #[bridge_fn(ffi = "encrypt_message")]
SessionCipher_EncryptMessage( ptext: &[u8], protocol_address: &ProtocolAddress, session_store: &mut dyn SessionStore, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<CiphertextMessage>987 async fn SessionCipher_EncryptMessage(
988 ptext: &[u8],
989 protocol_address: &ProtocolAddress,
990 session_store: &mut dyn SessionStore,
991 identity_key_store: &mut dyn IdentityKeyStore,
992 ctx: Context,
993 ) -> Result<CiphertextMessage> {
994 message_encrypt(
995 ptext,
996 protocol_address,
997 session_store,
998 identity_key_store,
999 ctx,
1000 )
1001 .await
1002 }
1003
1004 #[bridge_fn_buffer(ffi = "decrypt_message")]
SessionCipher_DecryptSignalMessage<E: Env>( env: E, message: &SignalMessage, protocol_address: &ProtocolAddress, session_store: &mut dyn SessionStore, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<E::Buffer>1005 async fn SessionCipher_DecryptSignalMessage<E: Env>(
1006 env: E,
1007 message: &SignalMessage,
1008 protocol_address: &ProtocolAddress,
1009 session_store: &mut dyn SessionStore,
1010 identity_key_store: &mut dyn IdentityKeyStore,
1011 ctx: Context,
1012 ) -> Result<E::Buffer> {
1013 let mut csprng = rand::rngs::OsRng;
1014 let ptext = message_decrypt_signal(
1015 message,
1016 protocol_address,
1017 session_store,
1018 identity_key_store,
1019 &mut csprng,
1020 ctx,
1021 )
1022 .await?;
1023 Ok(env.buffer(ptext))
1024 }
1025
1026 #[bridge_fn_buffer(ffi = "decrypt_pre_key_message")]
SessionCipher_DecryptPreKeySignalMessage<E: Env>( env: E, message: &PreKeySignalMessage, protocol_address: &ProtocolAddress, session_store: &mut dyn SessionStore, identity_key_store: &mut dyn IdentityKeyStore, prekey_store: &mut dyn PreKeyStore, signed_prekey_store: &mut dyn SignedPreKeyStore, ctx: Context, ) -> Result<E::Buffer>1027 async fn SessionCipher_DecryptPreKeySignalMessage<E: Env>(
1028 env: E,
1029 message: &PreKeySignalMessage,
1030 protocol_address: &ProtocolAddress,
1031 session_store: &mut dyn SessionStore,
1032 identity_key_store: &mut dyn IdentityKeyStore,
1033 prekey_store: &mut dyn PreKeyStore,
1034 signed_prekey_store: &mut dyn SignedPreKeyStore,
1035 ctx: Context,
1036 ) -> Result<E::Buffer> {
1037 let mut csprng = rand::rngs::OsRng;
1038 let ptext = message_decrypt_prekey(
1039 message,
1040 protocol_address,
1041 session_store,
1042 identity_key_store,
1043 prekey_store,
1044 signed_prekey_store,
1045 &mut csprng,
1046 ctx,
1047 )
1048 .await?;
1049 Ok(env.buffer(ptext))
1050 }
1051
1052 #[bridge_fn_buffer(node = "SealedSender_Encrypt")]
SealedSessionCipher_Encrypt<E: Env>( env: E, destination: &ProtocolAddress, content: &UnidentifiedSenderMessageContent, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<E::Buffer>1053 async fn SealedSessionCipher_Encrypt<E: Env>(
1054 env: E,
1055 destination: &ProtocolAddress,
1056 content: &UnidentifiedSenderMessageContent,
1057 identity_key_store: &mut dyn IdentityKeyStore,
1058 ctx: Context,
1059 ) -> Result<E::Buffer> {
1060 let mut rng = rand::rngs::OsRng;
1061 let ctext =
1062 sealed_sender_encrypt_from_usmc(destination, content, identity_key_store, ctx, &mut rng)
1063 .await?;
1064 Ok(env.buffer(ctext))
1065 }
1066
1067 #[bridge_fn_buffer(jni = "SealedSessionCipher_1MultiRecipientEncrypt", node = false)]
SealedSender_MultiRecipientEncrypt<E: Env>( env: E, recipients: &[&ProtocolAddress], recipient_sessions: &[&SessionRecord], content: &UnidentifiedSenderMessageContent, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<E::Buffer>1068 async fn SealedSender_MultiRecipientEncrypt<E: Env>(
1069 env: E,
1070 recipients: &[&ProtocolAddress],
1071 recipient_sessions: &[&SessionRecord],
1072 content: &UnidentifiedSenderMessageContent,
1073 identity_key_store: &mut dyn IdentityKeyStore,
1074 ctx: Context,
1075 ) -> Result<E::Buffer> {
1076 let mut rng = rand::rngs::OsRng;
1077 let ctext = sealed_sender_multi_recipient_encrypt(
1078 recipients,
1079 recipient_sessions,
1080 content,
1081 identity_key_store,
1082 ctx,
1083 &mut rng,
1084 )
1085 .await?;
1086 Ok(env.buffer(ctext))
1087 }
1088
1089 // Node can't support the `&[&Foo]` type, so we clone the sessions instead.
1090 #[bridge_fn_buffer(ffi = false, jni = false, node = "SealedSender_MultiRecipientEncrypt")]
SealedSender_MultiRecipientEncryptNode<E: Env>( env: E, recipients: &[&ProtocolAddress], recipient_sessions: &[SessionRecord], content: &UnidentifiedSenderMessageContent, identity_key_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<E::Buffer>1091 async fn SealedSender_MultiRecipientEncryptNode<E: Env>(
1092 env: E,
1093 recipients: &[&ProtocolAddress],
1094 recipient_sessions: &[SessionRecord],
1095 content: &UnidentifiedSenderMessageContent,
1096 identity_key_store: &mut dyn IdentityKeyStore,
1097 ctx: Context,
1098 ) -> Result<E::Buffer> {
1099 let mut rng = rand::rngs::OsRng;
1100 let ctext = sealed_sender_multi_recipient_encrypt(
1101 recipients,
1102 &recipient_sessions.iter().collect::<Vec<&SessionRecord>>(),
1103 content,
1104 identity_key_store,
1105 ctx,
1106 &mut rng,
1107 )
1108 .await?;
1109 Ok(env.buffer(ctext))
1110 }
1111
1112 #[bridge_fn_buffer(jni = "SealedSessionCipher_1MultiRecipientMessageForSingleRecipient")]
SealedSender_MultiRecipientMessageForSingleRecipient<E: Env>( env: E, encoded_multi_recipient_message: &[u8], ) -> Result<E::Buffer>1113 fn SealedSender_MultiRecipientMessageForSingleRecipient<E: Env>(
1114 env: E,
1115 encoded_multi_recipient_message: &[u8],
1116 ) -> Result<E::Buffer> {
1117 let messages = sealed_sender_multi_recipient_fan_out(encoded_multi_recipient_message)?;
1118 let [single_message] = <[_; 1]>::try_from(messages)
1119 .map_err(|_| SignalProtocolError::InvalidMessage("encoded for more than one recipient"))?;
1120 Ok(env.buffer(single_message))
1121 }
1122
1123 #[bridge_fn(node = "SealedSender_DecryptToUsmc")]
SealedSessionCipher_DecryptToUsmc( ctext: &[u8], identity_store: &mut dyn IdentityKeyStore, ctx: Context, ) -> Result<UnidentifiedSenderMessageContent>1124 async fn SealedSessionCipher_DecryptToUsmc(
1125 ctext: &[u8],
1126 identity_store: &mut dyn IdentityKeyStore,
1127 ctx: Context,
1128 ) -> Result<UnidentifiedSenderMessageContent> {
1129 sealed_sender_decrypt_to_usmc(ctext, identity_store, ctx).await
1130 }
1131
1132 #[allow(clippy::too_many_arguments)]
1133 #[bridge_fn(ffi = false, jni = false)]
SealedSender_DecryptMessage( message: &[u8], trust_root: &PublicKey, timestamp: u64, local_e164: Option<String>, local_uuid: String, local_device_id: u32, session_store: &mut dyn SessionStore, identity_store: &mut dyn IdentityKeyStore, prekey_store: &mut dyn PreKeyStore, signed_prekey_store: &mut dyn SignedPreKeyStore, ) -> Result<SealedSenderDecryptionResult>1134 async fn SealedSender_DecryptMessage(
1135 message: &[u8],
1136 trust_root: &PublicKey,
1137 timestamp: u64,
1138 local_e164: Option<String>,
1139 local_uuid: String,
1140 local_device_id: u32,
1141 session_store: &mut dyn SessionStore,
1142 identity_store: &mut dyn IdentityKeyStore,
1143 prekey_store: &mut dyn PreKeyStore,
1144 signed_prekey_store: &mut dyn SignedPreKeyStore,
1145 ) -> Result<SealedSenderDecryptionResult> {
1146 sealed_sender_decrypt(
1147 message,
1148 trust_root,
1149 timestamp,
1150 local_e164,
1151 local_uuid,
1152 local_device_id,
1153 identity_store,
1154 session_store,
1155 prekey_store,
1156 signed_prekey_store,
1157 None,
1158 )
1159 .await
1160 }
1161
1162 #[bridge_fn(jni = "GroupSessionBuilder_1CreateSenderKeyDistributionMessage")]
SenderKeyDistributionMessage_Create( sender: &ProtocolAddress, distribution_id: Uuid, store: &mut dyn SenderKeyStore, ctx: Context, ) -> Result<SenderKeyDistributionMessage>1163 async fn SenderKeyDistributionMessage_Create(
1164 sender: &ProtocolAddress,
1165 distribution_id: Uuid,
1166 store: &mut dyn SenderKeyStore,
1167 ctx: Context,
1168 ) -> Result<SenderKeyDistributionMessage> {
1169 let mut csprng = rand::rngs::OsRng;
1170 create_sender_key_distribution_message(sender, distribution_id, store, &mut csprng, ctx).await
1171 }
1172
1173 #[bridge_fn_void(
1174 ffi = "process_sender_key_distribution_message",
1175 jni = "GroupSessionBuilder_1ProcessSenderKeyDistributionMessage"
1176 )]
SenderKeyDistributionMessage_Process( sender: &ProtocolAddress, sender_key_distribution_message: &SenderKeyDistributionMessage, store: &mut dyn SenderKeyStore, ctx: Context, ) -> Result<()>1177 async fn SenderKeyDistributionMessage_Process(
1178 sender: &ProtocolAddress,
1179 sender_key_distribution_message: &SenderKeyDistributionMessage,
1180 store: &mut dyn SenderKeyStore,
1181 ctx: Context,
1182 ) -> Result<()> {
1183 process_sender_key_distribution_message(sender, sender_key_distribution_message, store, ctx)
1184 .await
1185 }
1186
1187 #[bridge_fn(ffi = "group_encrypt_message")]
GroupCipher_EncryptMessage( sender: &ProtocolAddress, distribution_id: Uuid, message: &[u8], store: &mut dyn SenderKeyStore, ctx: Context, ) -> Result<CiphertextMessage>1188 async fn GroupCipher_EncryptMessage(
1189 sender: &ProtocolAddress,
1190 distribution_id: Uuid,
1191 message: &[u8],
1192 store: &mut dyn SenderKeyStore,
1193 ctx: Context,
1194 ) -> Result<CiphertextMessage> {
1195 let mut rng = rand::rngs::OsRng;
1196 let ctext = group_encrypt(store, sender, distribution_id, message, &mut rng, ctx).await?;
1197 Ok(CiphertextMessage::SenderKeyMessage(ctext))
1198 }
1199
1200 #[bridge_fn_buffer(ffi = "group_decrypt_message")]
GroupCipher_DecryptMessage<E: Env>( env: E, sender: &ProtocolAddress, message: &[u8], store: &mut dyn SenderKeyStore, ctx: Context, ) -> Result<E::Buffer>1201 async fn GroupCipher_DecryptMessage<E: Env>(
1202 env: E,
1203 sender: &ProtocolAddress,
1204 message: &[u8],
1205 store: &mut dyn SenderKeyStore,
1206 ctx: Context,
1207 ) -> Result<E::Buffer> {
1208 let ptext = group_decrypt(message, store, sender, ctx).await?;
1209 Ok(env.buffer(ptext))
1210 }
1211