diff --git a/CHANGELOG.md b/CHANGELOG.md index 4de0640f91..b478344c87 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,30 @@ Platform support legends: * Note: the papercuts will majorly be with the build process. Things might be very rough to integrate as no polish at all has been given yet. * ❌ = tier 3 support. It doesn't work just yet, but we plan to make it work. +## [1.0.0-rc.55] - 2024-03-28 + +
+ git-conventional changelog + +### Features + +- [**breaking**] Borrow enrollment instead of requiring ownership +- MLS thumbprint has hash algorithm agility +- [**breaking**] WireIdentity now also wraps Basic credentials +- [**breaking**] Introduce `e2ei_verify_group_state` to preemptively check a group state through its GroupInfo before joining it + +### Miscellaneous Tasks + +- Apply clippy lints for Rust 1.77 + +
+ +* Introduce `e2ei_verify_group_state()` to preemptively check a group state through its GroupInfo before joining it +* WireIdentity (returned by `getUserIdentities()` & `getDeviceIdentities()`) now also works for Basic credentials. The struct has changed to reflect that ; the X509 related part being moved in a dedicated field +* MLS thumbprint returned by WireIdentity is consistent between X509 & Basic credentials +* Fixed: E2EI enrollment double free on iOS +* Fixed: MLS thumbprint has hash algorithm agility + ## [1.0.0-rc.54] - 2024-03-20
@@ -66,6 +90,15 @@ Platform support legends: ## [1.0.0-rc.50] - 2024-03-11 +
+ git-conventional changelog + +
+ +* Fixed CRL-based revocation handling in some rare cases that were encountered during testing + +## [1.0.0-rc.49] - 2024-03-11 +
git-conventional changelog @@ -79,6 +112,15 @@ Platform support legends: - Fix some clippy lints +
+ +* We now emit an `OrphanWelcome` error if a LeafNode's HPKE private key is missing from the store +* Web only: Dropped the unique index on MLS Signature Keys' public keys. This should prevent weird issues with x509 vs basic credential handling + +## [1.0.0-rc.48] - 2024-03-07 + +
+ git-conventional changelog ### Bug Fixes @@ -89,6 +131,15 @@ Platform support legends: - Add test to assert that a basic client can join a verified conversation - Add test to assert that revocation works properly +
+ +* Fix revocation (URIs were not supported when parsing CrlInfo) +* Deduplicate CRL DistributionPoints + +## [1.0.0-rc.47] - 2024-03-04 + +
+ git-conventional changelog ### Bug Fixes @@ -103,16 +154,51 @@ Platform support legends: - Remove ignore (and not relevant anymore) test +
+ +* Actually check revocation status instead of mocking it +* Fixed creating an empty PKI env on restore which will help Basic clients verifying (actually ignoring) x509 credentials from other groups +* Upload test results in JUnit format + +## [1.0.0-rc.46] - 2024-02-28 + +
+ git-conventional changelog ### Bug Fixes - Rollback handling of e2ei deactivation since it creates issues in the regular case +
+ +* Rollback regression introduced in v1.0.0-rc.44 + +## [1.0.0-rc.45] - 2024-02-28 + +
+ git-conventional changelog + +
+ +* Fix x509 validation in received messages (especially UpdatePath) lenient since there is no active eviction mechanism in place for ghost clients + +## [1.0.0-rc.44] - 2024-02-27 + +
+ git-conventional changelog ### Bug Fixes - Only restore PKI env if client is e2ei capable. This helps client developers when e2ei is turned off +
+ +* Fix issues when e2ei is turned off on a environment and the PKI env is restored which to validation failures when verifying a GroupInfo. + +## [1.0.0-rc.43] - 2024-02-22 + +
+ git-conventional changelog ### Bug Fixes @@ -122,6 +208,23 @@ Platform support legends: - Fix joining by external commit test +
+ +* Fixed WASM IndexedDB ObjectStores being tentatively created when they already exist during migrations + +## [1.0.0-rc.42] - 2024-02-21 + +
+ git-conventional changelog + +
+ +* Do not assert keypackage expiration when joining a group via external commit + +## [1.0.0-rc.41] - 2024-02-21 + +
+ git-conventional changelog ### Bug Fixes @@ -129,11 +232,31 @@ Platform support legends: - KeyPackage lifetime validation when receiving messages - Integrate -pre version to iDB store version +
+ +* WASM: Integrated pre-version into the calculation of the IndexedDB store version + * This issue was preventing migrations between CC 1.0.0-[pre|rc] versions on Web +* Only assert keypackage expiration when being the sender of a commit/proposal +* Internal: Remove the cached flag determining the client's ability to perform E2EI operations. + * This is precautionary to avoid potential state discrepancies when rotating credentials for example. + +## [1.0.0-rc.40] - 2024-02-20 + +
+ git-conventional changelog ### Bug Fixes - TS mapping of identities was using experimental methods +
+ +* Fixed an issue with incorrect code in TypeScript bindings + +## [1.0.0-rc.39] - 2024-02-20 + +
+ git-conventional changelog ### Bug Fixes @@ -156,6 +279,16 @@ Platform support legends: - Verify that registering a TA twice fails +
+ +* Integrated the display name in the JWT DPoP token +* Reworked and hardened all x.509 verifications (including revocation) +* Added `serialNumber`, `notBefore` and `notAfter` fields to the `WireIdentity` struct. These fields are pulled directly from the relevant fields in End-identity X.509 certificates + +## [1.0.0-rc.38] - 2024-02-16 + +
+ git-conventional changelog ### Bug Fixes @@ -169,6 +302,15 @@ Platform support legends: - Clippy warnings +
+ +* Add `getExternalSender()` to init a subconversation with the parent external sender +* Fix e2ei issue when intermediates were not registered during the enrollment. + +## [1.0.0-rc.37] - 2024-02-15 + +
+ git-conventional changelog ### Bug Fixes @@ -197,1808 +339,295 @@ Platform support legends: - Get rid of rcgen-based x509 cert generation +
-### Bug Fixes - -- Register intermediate certificates at issuance since they're not fetchable afterwards +* Fixed an issue with the WASM FFI where many fields were incorrectly exposed and were leading to constant `undefined` values (i.e. `epochHasChanged` issue) +* Avoided a clone of the signature public key when performing E2EI enrollment +* **API BREAKING CHANGES**: + * `clientPublicKey` now works with X.509 credentials. This implies that the CredentialType now has to be provided to fetch the correct credential. + * We now return dedicated errors for commits and proposals from older epochs instead of a generic `WrongEpoch` error. Respectively, we now return `StaleCommit` and `StaleProposal`. +* **BEHAVIORAL BREAKING CHANGES**: + * We now verify (as per the MLS spec / RFC9420) GroupInfo prior to joining via external commit + * We also verify Welcomes prior to joining a group + * We now properly validate X.509 credentials against the set up PKI Environment + * Note: Expired or Revoked credentials do not constitute hard errors in MLS operations but alter the E2EI status of a conversation -### Features +## [1.0.0-rc.36] - 2024-01-30 -- [**breaking**] Return CRL Distribution Points when registering intermediate certificates +
+ git-conventional changelog +
-### Features +* E2EI: + * Fix: intermediates certificates registration was not working because extracting the key was not working -- [**breaking**] Change certificate expiry from days to seconds in the public API +## [1.0.0-rc.35] - 2024-01-29 +
+ git-conventional changelog ### Bug Fixes -- Restore pki_env from disk whenever necessary -- Relax uniqueness constraint on intermediate certificates and CRLs on sqlite +- Register intermediate certificates at issuance since they're not fetchable afterwards ### Features -- Filter out root CA when registering intermediates in case the provider repeats it -- [**breaking**] Remove refreshToken handling from WASM altogether as it is not used +- [**breaking**] Return CRL Distribution Points when registering intermediate certificates +
-### Bug Fixes +* E2EI: + * **BREAKING CHANGE** `e2eiMlsInitOnly()` also returns CRL Distribution Point + * Fix: register intermediates at issuance since they're not provided by the /federation endpoint + * Fix: register CRL Distribution Points on intermediates -- Remove unused test -- Use forked x509-cert to fix WASM compilation -- Fix tests -- Duration overflow in x509 expiration setting -- Typo in E2eiAcmeCA registration SQL query -- Add missing CRLDP field to FFI + fill it up +## [1.0.0-rc.34] - 2024-01-25 + +
+ git-conventional changelog ### Features -- Add full PKI test harness +- [**breaking**] Change certificate expiry from days to seconds in the public API +
-### Bug Fixes +* E2EI: + * **BREAKING CHANGE** change certificate expiry from days to seconds in the public API + * **BREAKING CHANGE** add the potential new CRL Distribution points to: + * `decryptMessage` + * `processWelcomeMessage` + * `joinByExternalCommit` + * `addClientsToConversation` + * `newAddProposal` + * `e2eiRotateAll` -- Use 2 acme authorizations instead of 1 +## [1.0.0-rc.33] - 2024-01-24 +
+ git-conventional changelog ### Bug Fixes -- Wrong rusty-jwt-tools pinned in rc30 +- Restore pki_env from disk whenever necessary +- Relax uniqueness constraint on intermediate certificates and CRLs on sqlite ### Features -- [**breaking**] Expose keyauth in ACME authz - - -### Bug Fixes - -- Pin rusty-jwt-tools v0.8.4 fixing an issue with the wrong signature key being used for the client DPoP token +- Filter out root CA when registering intermediates in case the provider repeats it +- [**breaking**] Remove refreshToken handling from WASM altogether as it is not used +
-### Bug Fixes +* E2EI: + * Fixed a bug on mobile where intermediate certificates & CRLs had a uniqueness constraint + * Fixed a bug where the PkiEnv was not restored from disk after restarts + * Ignore TrustAnchor when registering intermediate certificates + * Remove RefreshToken handling on Web -- Actually fix keyauth issue +## [1.0.0-rc.32] - 2024-01-23 +
+ git-conventional changelog ### Bug Fixes -- Use rusty-jwt-tools v0.8.1 which fixes the keyauth issue - +- Remove unused test +- Use forked x509-cert to fix WASM compilation +- Fix tests +- Duration overflow in x509 expiration setting +- Typo in E2eiAcmeCA registration SQL query +- Add missing CRLDP field to FFI + fill it up -### Bug Fixes +### Features -- Previous fix was not compiling +- Add full PKI test harness +
-### Bug Fixes +* E2EI: + * Fixed a bug with Root CA Trust Anchor registration that wasn't working on native platforms (non-WASM) + * Fixed a bug with the initialization of our Intermediate CA store causing CRL & End-Identity certificate validation to fail + * Fixed a missing field in the FFI (CRL distribution-points) and added the logic to fill up the field + * Fixed an integer overflow in the X.509 expiration setting +* MLS: + * Fixed errors when a single certificate is contained in a Credential (obsolete check) +* Misc: + * Updated dependencies in many libraries -- E2ei keystore method 'find_all' was unimplemented on WASM for intermediate CAs & CRLs +## [1.0.0-rc.31] - 2024-01-22 +
+ git-conventional changelog ### Bug Fixes -- Pin e2ei package tag -- Add PKI API to bindings +- Use 2 acme authorizations instead of 1 -### Features +
-- Added support for PKI environment -- Change ClientId & Handle format to URIs +* fix(e2ei): use 2 ACME authorizations instead of 1 +## [1.0.0-rc.30] - 2024-01-16 -### Bug Fixes +
+ git-conventional changelog -- Null pointer in Javascript when calling 'new_oidc_challenge_response' -- Swift wrapper for E2eiEnrollment was not used in other methods -- Use 'implementation' Gradle configuration not to enforce dependencies version into consumers. Fixes #451 - -### Features - -- [**breaking**] Remove PerDomainTrustAnchor extension altogether. Backward incompatible changes ! - - -### Bug Fixes - -- README mentions a task which doesn't exist ([#445](https://github.com/wireapp/core-crypto/issues/445)) -- Remove unnecessary boxing of values before persisting them in IndexedDb - -### Features - -- [**breaking**] Remove 'clientId' from activation & rotate enrollment now that we expect a specific ClientId format -- [**breaking**] Add `get_credential_in_use()` to check the e2ei state from a GroupInfo -- [**breaking**] Rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` -- [**breaking**] Managed OIDC refreshToken (wpb-5012) - -### Miscellaneous Tasks - -- Remove unused 'MlsSignatureKeyPairExt' trait and 'get_indexed' method -- Streamline "collection" in wasm storage -- WasmEncryptedStorage::get_many was not used - -### Testing - -- Verify that clients can create conversation with x509 credentials - - -### Features - -- [**breaking**] Canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to 'getUserIdentities()' - - -### Features - -- Better errors: 'ImplementationError' was way too often used as a fallback when the developer was too lazy to create a new error. This tries to cure that, especially with e2ei errors. It also tries to distinguish client errors from internal errors -- [**breaking**] Simplify API of 'add_clients_to_conversation' by not requiring to repeat the ClientId of the new members alongside their KeyPackage when the former can now be extracted from the latter -- [**breaking**] Introduce handle & team in the client dpop token - -### Testing - -- Test DB migration from 0.9.2 - - -### Testing - -- Add new keystore regression test to CI -- Test keystore migration regressions - - -### Bug Fixes - -- Preserve schema upgrade path between schemafix'd versions and upcoming - -### Miscellaneous Tasks - -- Release v1.0.0-rc.18 - - -### Bug Fixes - -- Don't depend on OpenSSL on WASM -- Dynamic linking issue on Android with the atomic lib - -### Miscellaneous Tasks - -- Release v1.0.0-rc.17 ([#425](https://github.com/wireapp/core-crypto/issues/425)) -- Use actual CI cache - - -### Bug Fixes - -- Prevent CI from overriding RUSTFLAGS -- Added missing d.ts declarations -- KP test was taking too much time - -### Documentation - -- Updated README.md noting Bun usage - -### Features - -- Switch from node to bun - -### Miscellaneous Tasks - -- Release v1.0.0-rc.16 - - -### Bug Fixes - -- Add '-latomic' flag when building for Android to dynamically link atomic lib which is supposedly causing issues with openssl - -### Features - -- Re-export e2ei types - -### Miscellaneous Tasks - -- Fix some clippy lints - - -### Bug Fixes - -- Backward incompatible database schemas. It only preserves Proteus compatibility when migrating from CC 0.11.0 -> 1.0.0. For anything MLS-related it is recommended to wipe all the groups - -### Miscellaneous Tasks - -- Release 1.0.0-rc.14 - - -### Bug Fixes - -- Do not reapply buffered messages when rejoining with external commit -- Coarsetime issue causing compilation error on WASM - -### Features - -- [**breaking**] Make initial number of generated KeyPackage configurable -- Add e2ei ffi in Swift wrapper -- [**breaking**] Add LeafNode validation - -### Miscellaneous Tasks - -- Release 1.0.0-rc.13 -- Use wasm_bindgen macros to generate Typescript classes used in e2ei enrollment process - -### Testing - -- Try fixing flaky time-based LeafNode validation tests - - -### Bug Fixes - -- Use sed in a cross-platform way for kt edits - -### Miscellaneous Tasks - -- Release v1.0.0-rc.12 - - -### Bug Fixes - -- [**breaking**] UniFFI Errors - -### Miscellaneous Tasks - -- Release v1.0.0-rc.11 - - -### Bug Fixes - -- UniFFI symbol matching - -### Miscellaneous Tasks - -- Release v1.0.0-rc.10 - - -### Bug Fixes - -- Make UniFFI produce the correct symbol in bindings -- Change e2ei enrollment identifier causing collision now that keypairs are reused - -### Documentation - -- Regenerate changelog - -### Features - -- [**breaking**] Return raw PEM certificate in `getUserIdentities` for display purpose -- [**breaking**] Bump rusty-jwt-tools to v0.5.0. Add 'revokeCert' to AcmeDirectory - -### Miscellaneous Tasks - -- Release v1.0.0-rc.9 - - -### Bug Fixes - -- TLS serialization of x509 credential -- [**breaking**] UniFFI Async cancellable routines + bytes -- Make interop runner pick up CHROME_PATH from env - -### Features - -- Expose `getUserIdentities` through the FFI -- [**breaking**] Also restore buffered messages on the receiver side -- Increase max past epoch to 3 since backend inordering of messages requires client's config to backend's one + 1 - -### Miscellaneous Tasks - -- Release 1.0.0-rc.8 -- Fix clippy lint on wasm tests -- Quiet clippy new lint about non send in Arc because it comes from wasm-bindgen wrapped Javascript object which cannot be shared between threads anyway -- Remove useless application message epoch check - -### Refactor - -- Borrow conversation_id in `new_conversation` - -### Testing - -- Fix wasm test hitting a limit. Just split them for now, waiting for a proper solution -- Fix spinoff 0.8 compilation - - -### Bug Fixes - -- Kotlin tests not compiling after methods became async - -### Features - -- Correlate RotateBundle with a GroupId - -### Miscellaneous Tasks - -- Release 1.0.0-rc.7 - - -### Bug Fixes - -- `e2eiRotateAll` return type was not wrapped -- Signature KeyPair was rotated when credentials were which was zealous. Also fixes an important bug caused by inverted private & public keypair part when rotating credentials - -### Features - -- [**breaking**] Handle the case when a client tries to decrypt a Welcome referring to a KeyPackage he already has deleted locally -- Add keystore dump exporter CLI tool - -### Miscellaneous Tasks - -- Release 1.0.0-rc.6 - -### Testing - -- Add a roundtrip test for e2ei credential rotation to tackle a false positive regression - -
- -* Fixed CRL-based revocation handling in some rare cases that were encountered during testing - -## [1.0.0-rc.49] - 2024-03-11 - -
- git-conventional changelog - -### Bug Fixes - -- Misc improvements -- Remove unique index on SignatureKeypair.pk -- Catch the "NoMatchingEncryptionKey" error from openmls and also return a "OrphanWelcome" one - -### Miscellaneous Tasks - -- Fix some clippy lints - -
- -* We now emit an `OrphanWelcome` error if a LeafNode's HPKE private key is missing from the store -* Web only: Dropped the unique index on MLS Signature Keys' public keys. This should prevent weird issues with x509 vs basic credential handling - -## [1.0.0-rc.48] - 2024-03-07 - -
- git-conventional changelog - -### Bug Fixes - -- Deduplicate CRL DPs - -### Testing - -- Add test to assert that a basic client can join a verified conversation -- Add test to assert that revocation works properly - -
- -* Fix revocation (URIs were not supported when parsing CrlInfo) -* Deduplicate CRL DistributionPoints - -## [1.0.0-rc.47] - 2024-03-04 - -
- git-conventional changelog - -### Bug Fixes - -- Check revocation in status -- Don't create an empty PKI env on restore - -### Features - -- Upload unit test results in junit format (WPB-6928) - -### Testing - -- Remove ignore (and not relevant anymore) test - -
- -* Actually check revocation status instead of mocking it -* Fixed creating an empty PKI env on restore which will help Basic clients verifying (actually ignoring) x509 credentials from other groups -* Upload test results in JUnit format - -## [1.0.0-rc.46] - 2024-02-28 - -
- git-conventional changelog - -### Bug Fixes - -- Rollback handling of e2ei deactivation since it creates issues in the regular case - -
- -* Rollback regression introduced in v1.0.0-rc.44 - -## [1.0.0-rc.45] - 2024-02-28 - -
- git-conventional changelog - -
- -* Fix x509 validation in received messages (especially UpdatePath) lenient since there is no active eviction mechanism in place for ghost clients - -## [1.0.0-rc.44] - 2024-02-27 - -
- git-conventional changelog - -### Bug Fixes - -- Only restore PKI env if client is e2ei capable. This helps client developers when e2ei is turned off - -
- -* Fix issues when e2ei is turned off on a environment and the PKI env is restored which to validation failures when verifying a GroupInfo. - -## [1.0.0-rc.43] - 2024-02-22 - -
- git-conventional changelog - -### Bug Fixes - -- Update deps for wasm-browser-run - -### Testing - -- Fix joining by external commit test - -
- -* Fixed WASM IndexedDB ObjectStores being tentatively created when they already exist during migrations - -## [1.0.0-rc.42] - 2024-02-21 - -
- git-conventional changelog - -
- -* Do not assert keypackage expiration when joining a group via external commit - -## [1.0.0-rc.41] - 2024-02-21 - -
- git-conventional changelog - -### Bug Fixes - -- Remove cached is_e2ei_capable flag -- KeyPackage lifetime validation when receiving messages -- Integrate -pre version to iDB store version - -
- -* WASM: Integrated pre-version into the calculation of the IndexedDB store version - * This issue was preventing migrations between CC 1.0.0-[pre|rc] versions on Web -* Only assert keypackage expiration when being the sender of a commit/proposal -* Internal: Remove the cached flag determining the client's ability to perform E2EI operations. - * This is precautionary to avoid potential state discrepancies when rotating credentials for example. - -## [1.0.0-rc.40] - 2024-02-20 - -
- git-conventional changelog - -### Bug Fixes - -- TS mapping of identities was using experimental methods - - -### Bug Fixes - -- Harden x509 validation & revocation checks - -### Documentation - -- Update all doc warnings including a lot of broken links - -### Features - -- Add serialNumber, notBefore & notAfter in `WireIdentity` object -- Add display name in dpop token - -### Miscellaneous Tasks - -- Fix some clippy lints - -### Testing - -- Verify that registering a TA twice fails - - -### Bug Fixes - -- Intermediates were not registered during enrollment - -### Features - -- Add getter for external sender to seed subconversations - -### Miscellaneous Tasks - -- Clippy warnings - - -### Bug Fixes - -- [**breaking**] Add dedicated error for stale commits and proposals -- Verify GroupInfo -- Allow revoked Credentials in MLS operations -- Reenable E2EI tests -- Update tests -- Post-rebase fixes -- Consider x509 credentials as always valid if no PKI environment is available -- Adapt calls to OpenMLS new async methods -- Disable non working (MissingSki) E2EI tests -- Undo WASM binding API mistake - -### Features - -- [**breaking**] `clientPublicKey` now also works for x509 credentials -- Validate x509 credentials when introduced - -### Miscellaneous Tasks - -- Update deps -- Do not clone MLS signature keypair while creating the enrollment - -### Testing - -- Get rid of rcgen-based x509 cert generation - - -### Bug Fixes - -- Register intermediate certificates at issuance since they're not fetchable afterwards - -### Features - -- [**breaking**] Return CRL Distribution Points when registering intermediate certificates - - -### Features - -- [**breaking**] Change certificate expiry from days to seconds in the public API - - -### Bug Fixes - -- Restore pki_env from disk whenever necessary -- Relax uniqueness constraint on intermediate certificates and CRLs on sqlite - -### Features - -- Filter out root CA when registering intermediates in case the provider repeats it -- [**breaking**] Remove refreshToken handling from WASM altogether as it is not used - - -### Bug Fixes - -- Remove unused test -- Use forked x509-cert to fix WASM compilation -- Fix tests -- Duration overflow in x509 expiration setting -- Typo in E2eiAcmeCA registration SQL query -- Add missing CRLDP field to FFI + fill it up - -### Features - -- Add full PKI test harness - - -### Bug Fixes - -- Use 2 acme authorizations instead of 1 - - -### Bug Fixes - -- Wrong rusty-jwt-tools pinned in rc30 - -### Features - -- [**breaking**] Expose keyauth in ACME authz - - -### Bug Fixes - -- Pin rusty-jwt-tools v0.8.4 fixing an issue with the wrong signature key being used for the client DPoP token - - -### Bug Fixes - -- Actually fix keyauth issue - - -### Bug Fixes - -- Use rusty-jwt-tools v0.8.1 which fixes the keyauth issue - - -### Bug Fixes - -- Previous fix was not compiling - - -### Bug Fixes - -- E2ei keystore method 'find_all' was unimplemented on WASM for intermediate CAs & CRLs - - -### Bug Fixes - -- Pin e2ei package tag -- Add PKI API to bindings - -### Features - -- Added support for PKI environment -- Change ClientId & Handle format to URIs - - -### Bug Fixes - -- Null pointer in Javascript when calling 'new_oidc_challenge_response' -- Swift wrapper for E2eiEnrollment was not used in other methods -- Use 'implementation' Gradle configuration not to enforce dependencies version into consumers. Fixes #451 - -### Features - -- [**breaking**] Remove PerDomainTrustAnchor extension altogether. Backward incompatible changes ! - - -### Bug Fixes - -- README mentions a task which doesn't exist ([#445](https://github.com/wireapp/core-crypto/issues/445)) -- Remove unnecessary boxing of values before persisting them in IndexedDb - -### Features - -- [**breaking**] Remove 'clientId' from activation & rotate enrollment now that we expect a specific ClientId format -- [**breaking**] Add `get_credential_in_use()` to check the e2ei state from a GroupInfo -- [**breaking**] Rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` -- [**breaking**] Managed OIDC refreshToken (wpb-5012) - -### Miscellaneous Tasks - -- Remove unused 'MlsSignatureKeyPairExt' trait and 'get_indexed' method -- Streamline "collection" in wasm storage -- WasmEncryptedStorage::get_many was not used - -### Testing - -- Verify that clients can create conversation with x509 credentials - - -### Features - -- [**breaking**] Canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to 'getUserIdentities()' - - -### Features - -- Better errors: 'ImplementationError' was way too often used as a fallback when the developer was too lazy to create a new error. This tries to cure that, especially with e2ei errors. It also tries to distinguish client errors from internal errors -- [**breaking**] Simplify API of 'add_clients_to_conversation' by not requiring to repeat the ClientId of the new members alongside their KeyPackage when the former can now be extracted from the latter -- [**breaking**] Introduce handle & team in the client dpop token - -### Testing - -- Test DB migration from 0.9.2 - - -### Testing - -- Add new keystore regression test to CI -- Test keystore migration regressions - - -### Bug Fixes - -- Preserve schema upgrade path between schemafix'd versions and upcoming - -### Miscellaneous Tasks - -- Release v1.0.0-rc.18 - - -### Bug Fixes - -- Don't depend on OpenSSL on WASM -- Dynamic linking issue on Android with the atomic lib - -### Miscellaneous Tasks - -- Release v1.0.0-rc.17 ([#425](https://github.com/wireapp/core-crypto/issues/425)) -- Use actual CI cache - - -### Bug Fixes - -- Prevent CI from overriding RUSTFLAGS -- Added missing d.ts declarations -- KP test was taking too much time - -### Documentation - -- Updated README.md noting Bun usage - -### Features - -- Switch from node to bun - -### Miscellaneous Tasks - -- Release v1.0.0-rc.16 - - -### Bug Fixes - -- Add '-latomic' flag when building for Android to dynamically link atomic lib which is supposedly causing issues with openssl - -### Features - -- Re-export e2ei types - -### Miscellaneous Tasks - -- Fix some clippy lints - - -### Bug Fixes - -- Backward incompatible database schemas. It only preserves Proteus compatibility when migrating from CC 0.11.0 -> 1.0.0. For anything MLS-related it is recommended to wipe all the groups - -### Miscellaneous Tasks - -- Release 1.0.0-rc.14 - - -### Bug Fixes - -- Do not reapply buffered messages when rejoining with external commit -- Coarsetime issue causing compilation error on WASM - -### Features - -- [**breaking**] Make initial number of generated KeyPackage configurable -- Add e2ei ffi in Swift wrapper -- [**breaking**] Add LeafNode validation - -### Miscellaneous Tasks - -- Release 1.0.0-rc.13 -- Use wasm_bindgen macros to generate Typescript classes used in e2ei enrollment process - -### Testing - -- Try fixing flaky time-based LeafNode validation tests - - -### Bug Fixes - -- Use sed in a cross-platform way for kt edits - -### Miscellaneous Tasks - -- Release v1.0.0-rc.12 - - -### Bug Fixes - -- [**breaking**] UniFFI Errors - -### Miscellaneous Tasks - -- Release v1.0.0-rc.11 - - -### Bug Fixes - -- UniFFI symbol matching - -### Miscellaneous Tasks - -- Release v1.0.0-rc.10 - - -### Bug Fixes - -- Make UniFFI produce the correct symbol in bindings -- Change e2ei enrollment identifier causing collision now that keypairs are reused - -### Documentation - -- Regenerate changelog - -### Features - -- [**breaking**] Return raw PEM certificate in `getUserIdentities` for display purpose -- [**breaking**] Bump rusty-jwt-tools to v0.5.0. Add 'revokeCert' to AcmeDirectory - -### Miscellaneous Tasks - -- Release v1.0.0-rc.9 - - -### Bug Fixes - -- TLS serialization of x509 credential -- [**breaking**] UniFFI Async cancellable routines + bytes -- Make interop runner pick up CHROME_PATH from env - -### Features - -- Expose `getUserIdentities` through the FFI -- [**breaking**] Also restore buffered messages on the receiver side -- Increase max past epoch to 3 since backend inordering of messages requires client's config to backend's one + 1 - -### Miscellaneous Tasks - -- Release 1.0.0-rc.8 -- Fix clippy lint on wasm tests -- Quiet clippy new lint about non send in Arc because it comes from wasm-bindgen wrapped Javascript object which cannot be shared between threads anyway -- Remove useless application message epoch check - -### Refactor - -- Borrow conversation_id in `new_conversation` - -### Testing - -- Fix wasm test hitting a limit. Just split them for now, waiting for a proper solution -- Fix spinoff 0.8 compilation - - -### Bug Fixes - -- Kotlin tests not compiling after methods became async - -### Features - -- Correlate RotateBundle with a GroupId - -### Miscellaneous Tasks - -- Release 1.0.0-rc.7 - - -### Bug Fixes - -- `e2eiRotateAll` return type was not wrapped -- Signature KeyPair was rotated when credentials were which was zealous. Also fixes an important bug caused by inverted private & public keypair part when rotating credentials - -### Features - -- [**breaking**] Handle the case when a client tries to decrypt a Welcome referring to a KeyPackage he already has deleted locally -- Add keystore dump exporter CLI tool - -### Miscellaneous Tasks - -- Release 1.0.0-rc.6 - -### Testing - -- Add a roundtrip test for e2ei credential rotation to tackle a false positive regression - - -### Bug Fixes - -- E2ei enum for conversation state was unused and failing the Typescript publication. Now CI will have the same compiler flags when checking bindings in order to prevent this again - -### Miscellaneous Tasks - -- Release 1.0.0-rc.5 - -
- -* Fixed an issue with incorrect code in TypeScript bindings - -## [1.0.0-rc.39] - 2024-02-20 - -
- git-conventional changelog - -### Bug Fixes - -- Harden x509 validation & revocation checks - -### Documentation - -- Update all doc warnings including a lot of broken links - -### Features - -- Add serialNumber, notBefore & notAfter in `WireIdentity` object -- Add display name in dpop token - -### Miscellaneous Tasks - -- Fix some clippy lints - -### Testing - -- Verify that registering a TA twice fails - -
- -* Integrated the display name in the JWT DPoP token -* Reworked and hardened all x.509 verifications (including revocation) -* Added `serialNumber`, `notBefore` and `notAfter` fields to the `WireIdentity` struct. These fields are pulled directly from the relevant fields in End-identity X.509 certificates - -## [1.0.0-rc.38] - 2024-02-16 - -
- git-conventional changelog - -### Bug Fixes - -- Intermediates were not registered during enrollment - -### Features - -- Add getter for external sender to seed subconversations - -### Miscellaneous Tasks - -- Clippy warnings - -
- -* Add `getExternalSender()` to init a subconversation with the parent external sender -* Fix e2ei issue when intermediates were not registered during the enrollment. - -## [1.0.0-rc.37] - 2024-02-15 - -
- git-conventional changelog - -### Bug Fixes - -- [**breaking**] Add dedicated error for stale commits and proposals -- Verify GroupInfo -- Allow revoked Credentials in MLS operations -- Reenable E2EI tests -- Update tests -- Post-rebase fixes -- Consider x509 credentials as always valid if no PKI environment is available -- Adapt calls to OpenMLS new async methods -- Disable non working (MissingSki) E2EI tests -- Undo WASM binding API mistake - -### Features - -- [**breaking**] `clientPublicKey` now also works for x509 credentials -- Validate x509 credentials when introduced - -### Miscellaneous Tasks - -- Update deps -- Do not clone MLS signature keypair while creating the enrollment - -### Testing - -- Get rid of rcgen-based x509 cert generation - -
- -* Fixed an issue with the WASM FFI where many fields were incorrectly exposed and were leading to constant `undefined` values (i.e. `epochHasChanged` issue) -* Avoided a clone of the signature public key when performing E2EI enrollment -* **API BREAKING CHANGES**: - * `clientPublicKey` now works with X.509 credentials. This implies that the CredentialType now has to be provided to fetch the correct credential. - * We now return dedicated errors for commits and proposals from older epochs instead of a generic `WrongEpoch` error. Respectively, we now return `StaleCommit` and `StaleProposal`. -* **BEHAVIORAL BREAKING CHANGES**: - * We now verify (as per the MLS spec / RFC9420) GroupInfo prior to joining via external commit - * We also verify Welcomes prior to joining a group - * We now properly validate X.509 credentials against the set up PKI Environment - * Note: Expired or Revoked credentials do not constitute hard errors in MLS operations but alter the E2EI status of a conversation - -## [1.0.0-rc.36] - 2024-01-30 - -
- git-conventional changelog - -
- -* E2EI: - * Fix: intermediates certificates registration was not working because extracting the key was not working - -## [1.0.0-rc.35] - 2024-01-29 - -
- git-conventional changelog - -### Bug Fixes - -- Register intermediate certificates at issuance since they're not fetchable afterwards - -### Features - -- [**breaking**] Return CRL Distribution Points when registering intermediate certificates - -
- -* E2EI: - * **BREAKING CHANGE** `e2eiMlsInitOnly()` also returns CRL Distribution Point - * Fix: register intermediates at issuance since they're not provided by the /federation endpoint - * Fix: register CRL Distribution Points on intermediates - -## [1.0.0-rc.34] - 2024-01-25 - -
- git-conventional changelog - -### Features - -- [**breaking**] Change certificate expiry from days to seconds in the public API - -
- -* E2EI: - * **BREAKING CHANGE** change certificate expiry from days to seconds in the public API - * **BREAKING CHANGE** add the potential new CRL Distribution points to: - * `decryptMessage` - * `processWelcomeMessage` - * `joinByExternalCommit` - * `addClientsToConversation` - * `newAddProposal` - * `e2eiRotateAll` - -## [1.0.0-rc.33] - 2024-01-24 - -
- git-conventional changelog - -### Bug Fixes - -- Restore pki_env from disk whenever necessary -- Relax uniqueness constraint on intermediate certificates and CRLs on sqlite - -### Features - -- Filter out root CA when registering intermediates in case the provider repeats it -- [**breaking**] Remove refreshToken handling from WASM altogether as it is not used - -
- -* E2EI: - * Fixed a bug on mobile where intermediate certificates & CRLs had a uniqueness constraint - * Fixed a bug where the PkiEnv was not restored from disk after restarts - * Ignore TrustAnchor when registering intermediate certificates - * Remove RefreshToken handling on Web - -## [1.0.0-rc.32] - 2024-01-23 - -
- git-conventional changelog - -### Bug Fixes - -- Remove unused test -- Use forked x509-cert to fix WASM compilation -- Fix tests -- Duration overflow in x509 expiration setting -- Typo in E2eiAcmeCA registration SQL query -- Add missing CRLDP field to FFI + fill it up - -### Features - -- Add full PKI test harness - -
- -* E2EI: - * Fixed a bug with Root CA Trust Anchor registration that wasn't working on native platforms (non-WASM) - * Fixed a bug with the initialization of our Intermediate CA store causing CRL & End-Identity certificate validation to fail - * Fixed a missing field in the FFI (CRL distribution-points) and added the logic to fill up the field - * Fixed an integer overflow in the X.509 expiration setting -* MLS: - * Fixed errors when a single certificate is contained in a Credential (obsolete check) -* Misc: - * Updated dependencies in many libraries - -## [1.0.0-rc.31] - 2024-01-22 - -
- git-conventional changelog - -### Bug Fixes - -- Use 2 acme authorizations instead of 1 - -
- -* fix(e2ei): use 2 ACME authorizations instead of 1 - -## [1.0.0-rc.30] - 2024-01-16 - -
- git-conventional changelog - -### Bug Fixes - -- Wrong rusty-jwt-tools pinned in rc30 - -### Features - -- [**breaking**] Expose keyauth in ACME authz - - -### Bug Fixes - -- Pin rusty-jwt-tools v0.8.4 fixing an issue with the wrong signature key being used for the client DPoP token - - -### Bug Fixes - -- Actually fix keyauth issue - - -### Bug Fixes - -- Use rusty-jwt-tools v0.8.1 which fixes the keyauth issue - - -### Bug Fixes - -- Previous fix was not compiling - - -### Bug Fixes - -- E2ei keystore method 'find_all' was unimplemented on WASM for intermediate CAs & CRLs - - -### Bug Fixes - -- Pin e2ei package tag -- Add PKI API to bindings - -### Features - -- Added support for PKI environment -- Change ClientId & Handle format to URIs - - -### Bug Fixes - -- Null pointer in Javascript when calling 'new_oidc_challenge_response' -- Swift wrapper for E2eiEnrollment was not used in other methods -- Use 'implementation' Gradle configuration not to enforce dependencies version into consumers. Fixes #451 - -### Features - -- [**breaking**] Remove PerDomainTrustAnchor extension altogether. Backward incompatible changes ! - - -### Bug Fixes - -- README mentions a task which doesn't exist ([#445](https://github.com/wireapp/core-crypto/issues/445)) -- Remove unnecessary boxing of values before persisting them in IndexedDb - -### Features - -- [**breaking**] Remove 'clientId' from activation & rotate enrollment now that we expect a specific ClientId format -- [**breaking**] Add `get_credential_in_use()` to check the e2ei state from a GroupInfo -- [**breaking**] Rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` -- [**breaking**] Managed OIDC refreshToken (wpb-5012) - -### Miscellaneous Tasks - -- Remove unused 'MlsSignatureKeyPairExt' trait and 'get_indexed' method -- Streamline "collection" in wasm storage -- WasmEncryptedStorage::get_many was not used - -### Testing - -- Verify that clients can create conversation with x509 credentials - - -### Features - -- [**breaking**] Canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to 'getUserIdentities()' - - -### Features - -- Better errors: 'ImplementationError' was way too often used as a fallback when the developer was too lazy to create a new error. This tries to cure that, especially with e2ei errors. It also tries to distinguish client errors from internal errors -- [**breaking**] Simplify API of 'add_clients_to_conversation' by not requiring to repeat the ClientId of the new members alongside their KeyPackage when the former can now be extracted from the latter -- [**breaking**] Introduce handle & team in the client dpop token - -### Testing - -- Test DB migration from 0.9.2 - - -### Testing - -- Add new keystore regression test to CI -- Test keystore migration regressions - - -### Bug Fixes - -- Preserve schema upgrade path between schemafix'd versions and upcoming - -### Miscellaneous Tasks - -- Release v1.0.0-rc.18 - - -### Bug Fixes - -- Don't depend on OpenSSL on WASM -- Dynamic linking issue on Android with the atomic lib - -### Miscellaneous Tasks - -- Release v1.0.0-rc.17 ([#425](https://github.com/wireapp/core-crypto/issues/425)) -- Use actual CI cache - - -### Bug Fixes - -- Prevent CI from overriding RUSTFLAGS -- Added missing d.ts declarations -- KP test was taking too much time - -### Documentation - -- Updated README.md noting Bun usage - -### Features - -- Switch from node to bun - -### Miscellaneous Tasks - -- Release v1.0.0-rc.16 - - -### Bug Fixes - -- Add '-latomic' flag when building for Android to dynamically link atomic lib which is supposedly causing issues with openssl - -### Features - -- Re-export e2ei types - -### Miscellaneous Tasks - -- Fix some clippy lints - - -### Bug Fixes - -- Backward incompatible database schemas. It only preserves Proteus compatibility when migrating from CC 0.11.0 -> 1.0.0. For anything MLS-related it is recommended to wipe all the groups - -### Miscellaneous Tasks - -- Release 1.0.0-rc.14 - - -### Bug Fixes - -- Do not reapply buffered messages when rejoining with external commit -- Coarsetime issue causing compilation error on WASM - -### Features - -- [**breaking**] Make initial number of generated KeyPackage configurable -- Add e2ei ffi in Swift wrapper -- [**breaking**] Add LeafNode validation - -### Miscellaneous Tasks - -- Release 1.0.0-rc.13 -- Use wasm_bindgen macros to generate Typescript classes used in e2ei enrollment process - -### Testing - -- Try fixing flaky time-based LeafNode validation tests - - -### Bug Fixes - -- Use sed in a cross-platform way for kt edits - -### Miscellaneous Tasks - -- Release v1.0.0-rc.12 - - -### Bug Fixes - -- [**breaking**] UniFFI Errors - -### Miscellaneous Tasks - -- Release v1.0.0-rc.11 - - -### Bug Fixes - -- UniFFI symbol matching - -### Miscellaneous Tasks - -- Release v1.0.0-rc.10 - - -### Bug Fixes - -- Make UniFFI produce the correct symbol in bindings -- Change e2ei enrollment identifier causing collision now that keypairs are reused - -### Documentation - -- Regenerate changelog - -### Features - -- [**breaking**] Return raw PEM certificate in `getUserIdentities` for display purpose -- [**breaking**] Bump rusty-jwt-tools to v0.5.0. Add 'revokeCert' to AcmeDirectory - -### Miscellaneous Tasks - -- Release v1.0.0-rc.9 - - -### Bug Fixes - -- TLS serialization of x509 credential -- [**breaking**] UniFFI Async cancellable routines + bytes -- Make interop runner pick up CHROME_PATH from env - -### Features - -- Expose `getUserIdentities` through the FFI -- [**breaking**] Also restore buffered messages on the receiver side -- Increase max past epoch to 3 since backend inordering of messages requires client's config to backend's one + 1 - -### Miscellaneous Tasks - -- Release 1.0.0-rc.8 -- Fix clippy lint on wasm tests -- Quiet clippy new lint about non send in Arc because it comes from wasm-bindgen wrapped Javascript object which cannot be shared between threads anyway -- Remove useless application message epoch check - -### Refactor - -- Borrow conversation_id in `new_conversation` - -### Testing - -- Fix wasm test hitting a limit. Just split them for now, waiting for a proper solution -- Fix spinoff 0.8 compilation - - -### Bug Fixes - -- Kotlin tests not compiling after methods became async - -### Features - -- Correlate RotateBundle with a GroupId - -### Miscellaneous Tasks - -- Release 1.0.0-rc.7 - - -### Bug Fixes - -- `e2eiRotateAll` return type was not wrapped -- Signature KeyPair was rotated when credentials were which was zealous. Also fixes an important bug caused by inverted private & public keypair part when rotating credentials - -### Features - -- [**breaking**] Handle the case when a client tries to decrypt a Welcome referring to a KeyPackage he already has deleted locally -- Add keystore dump exporter CLI tool - -### Miscellaneous Tasks - -- Release 1.0.0-rc.6 - -### Testing - -- Add a roundtrip test for e2ei credential rotation to tackle a false positive regression - - -### Bug Fixes - -- E2ei enum for conversation state was unused and failing the Typescript publication. Now CI will have the same compiler flags when checking bindings in order to prevent this again - -### Miscellaneous Tasks - -- Release 1.0.0-rc.5 - - -### Miscellaneous Tasks - -- Release 1.0.0-rc.4 -- Patch visibility issue for enum 'E2eiConversationState' which was failing when building Typescript bindings - -
- -* fix(e2ei): include "keyauth" in the ACME authorization, turn challenge non-optional in ACME authorization and stop including keyauth in the ACME challenge request. This version only works with IdP supporting extra OAuth claims (and by consequence only work with Keycloak and not Dex) - -## [1.0.0-rc.29] - 2024-01-16 - -
- git-conventional changelog - -### Bug Fixes - -- Pin rusty-jwt-tools v0.8.4 fixing an issue with the wrong signature key being used for the client DPoP token - -
- -* fix(e2ei): issue with the wrong signature key being used for the client DPoP token - -## [1.0.0-rc.28] - 2024-01-15 - -
- git-conventional changelog - -### Bug Fixes - -- Actually fix keyauth issue - -
- -* fix(e2ei): issue related to invalid 'keyauth' - -## [1.0.0-rc.26] - 2024-01-15 - -
- git-conventional changelog - -### Bug Fixes - -- Previous fix was not compiling - -
- -* fix(e2ei): e2ei keystore method 'find_all' was unimplemented on WASM for intermediate CAs & CRLs - -## [1.0.0-rc.24] - 2024-01-15 - -
- git-conventional changelog - -### Bug Fixes - -- Pin e2ei package tag -- Add PKI API to bindings - -### Features - -- Added support for PKI environment -- Change ClientId & Handle format to URIs - -
- -* feat(e2ei): add methods to register root/intermediate certificates and CRLs. Also checks revocation status when asking for a conversation/user/device state. -* feat(e2ei): change ClientId & Handle to URIs with the scheme 'wireapp://'. Use '!' as delimiter in the ClientId - -## [1.0.0-rc.23] - 2024-01-08 - -
- git-conventional changelog - -### Bug Fixes - -- Null pointer in Javascript when calling 'new_oidc_challenge_response' -- Swift wrapper for E2eiEnrollment was not used in other methods -- Use 'implementation' Gradle configuration not to enforce dependencies version into consumers. Fixes #451 - -### Features - -- [**breaking**] Remove PerDomainTrustAnchor extension altogether. Backward incompatible changes ! - -
- -* feat(mls)!: remove `PerDomainTrustAnchor` extension from required capabilities. Backward incompatible changes ! If you ever migrate from a previous version to this one take care of deleting all your groups -* fix(e2ei): fix a null pointer in the Javascript API -* fix(e2ei): Swift wrapper for E2eiEnrollment was not used in other methods -* fix: use 'implementation' Gradle configuration not to enforce dependencies version into consumers - -## [1.0.0-rc.22] - 2023-12-13 - -
- git-conventional changelog - -### Bug Fixes - -- README mentions a task which doesn't exist ([#445](https://github.com/wireapp/core-crypto/issues/445)) -- Remove unnecessary boxing of values before persisting them in IndexedDb - -### Features - -- [**breaking**] Remove 'clientId' from activation & rotate enrollment now that we expect a specific ClientId format -- [**breaking**] Add `get_credential_in_use()` to check the e2ei state from a GroupInfo -- [**breaking**] Rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` -- [**breaking**] Managed OIDC refreshToken (wpb-5012) - -### Miscellaneous Tasks - -- Remove unused 'MlsSignatureKeyPairExt' trait and 'get_indexed' method -- Streamline "collection" in wasm storage -- WasmEncryptedStorage::get_many was not used - -### Testing - -- Verify that clients can create conversation with x509 credentials - -
- -* feat(e2ei)!: manage OIDC refreshToken in CoreCrypto's encrypted-at-rest store. As a consequence, some methods went async (all the enrollment ones in WASM). The refreshToken has to be supplied in `newOidcChallengeRequest()` and is persisted in `newOidcChallengeResponse()`. Clients should fetch it back from an `Enrollment` created by `newRotateEnrollment()` with the new `getRefreshToken()` method. -* feat(e2ei)!: remove 'clientId' from `newActivationEnrollment()` & `newRotateEnrollment()`. We can do this now that we expect a specific ClientId format. -* feat(e2ei): add `getCredentialInUse(GroupInfo)` to check the e2ei state from a GroupInfo. This allows verifying the state of a conversation before joining it (and potentially degrading the e2ei state). -* feat(e2ei)!: rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` - -## [1.0.0-rc.21] - 2023-12-05 - -
- git-conventional changelog - -### Features - -- [**breaking**] Canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to 'getUserIdentities()' - -
- -* feat!: canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to `getUserIdentities()` - -## [1.0.0-rc.20] - 2023-12-04 - -
- git-conventional changelog - -### Features - -- Better errors: 'ImplementationError' was way too often used as a fallback when the developer was too lazy to create a new error. This tries to cure that, especially with e2ei errors. It also tries to distinguish client errors from internal errors -- [**breaking**] Simplify API of 'add_clients_to_conversation' by not requiring to repeat the ClientId of the new members alongside their KeyPackage when the former can now be extracted from the latter -- [**breaking**] Introduce handle & team in the client dpop token - -### Testing - -- Test DB migration from 0.9.2 - - -### Testing - -- Add new keystore regression test to CI -- Test keystore migration regressions - - -### Bug Fixes - -- Preserve schema upgrade path between schemafix'd versions and upcoming - -### Miscellaneous Tasks - -- Release v1.0.0-rc.18 - - -### Bug Fixes - -- Don't depend on OpenSSL on WASM -- Dynamic linking issue on Android with the atomic lib - -### Miscellaneous Tasks - -- Release v1.0.0-rc.17 ([#425](https://github.com/wireapp/core-crypto/issues/425)) -- Use actual CI cache - - -### Bug Fixes - -- Prevent CI from overriding RUSTFLAGS -- Added missing d.ts declarations -- KP test was taking too much time - -### Documentation - -- Updated README.md noting Bun usage - -### Features - -- Switch from node to bun - -### Miscellaneous Tasks - -- Release v1.0.0-rc.16 - - -### Bug Fixes - -- Add '-latomic' flag when building for Android to dynamically link atomic lib which is supposedly causing issues with openssl - -### Features - -- Re-export e2ei types - -### Miscellaneous Tasks - -- Fix some clippy lints - - -### Bug Fixes - -- Backward incompatible database schemas. It only preserves Proteus compatibility when migrating from CC 0.11.0 -> 1.0.0. For anything MLS-related it is recommended to wipe all the groups - -### Miscellaneous Tasks - -- Release 1.0.0-rc.14 - - -### Bug Fixes - -- Do not reapply buffered messages when rejoining with external commit -- Coarsetime issue causing compilation error on WASM - -### Features - -- [**breaking**] Make initial number of generated KeyPackage configurable -- Add e2ei ffi in Swift wrapper -- [**breaking**] Add LeafNode validation - -### Miscellaneous Tasks - -- Release 1.0.0-rc.13 -- Use wasm_bindgen macros to generate Typescript classes used in e2ei enrollment process - -### Testing - -- Try fixing flaky time-based LeafNode validation tests - - -### Bug Fixes - -- Use sed in a cross-platform way for kt edits - -### Miscellaneous Tasks +### Bug Fixes -- Release v1.0.0-rc.12 +- Wrong rusty-jwt-tools pinned in rc30 +### Features -### Bug Fixes +- [**breaking**] Expose keyauth in ACME authz -- [**breaking**] UniFFI Errors +
-### Miscellaneous Tasks +* fix(e2ei): include "keyauth" in the ACME authorization, turn challenge non-optional in ACME authorization and stop including keyauth in the ACME challenge request. This version only works with IdP supporting extra OAuth claims (and by consequence only work with Keycloak and not Dex) -- Release v1.0.0-rc.11 +## [1.0.0-rc.29] - 2024-01-16 +
+ git-conventional changelog ### Bug Fixes -- UniFFI symbol matching +- Pin rusty-jwt-tools v0.8.4 fixing an issue with the wrong signature key being used for the client DPoP token -### Miscellaneous Tasks +
-- Release v1.0.0-rc.10 +* fix(e2ei): issue with the wrong signature key being used for the client DPoP token +## [1.0.0-rc.28] - 2024-01-15 + +
+ git-conventional changelog ### Bug Fixes -- Make UniFFI produce the correct symbol in bindings -- Change e2ei enrollment identifier causing collision now that keypairs are reused +- Actually fix keyauth issue -### Documentation +
-- Regenerate changelog +* fix(e2ei): issue related to invalid 'keyauth' -### Features +## [1.0.0-rc.26] - 2024-01-15 -- [**breaking**] Return raw PEM certificate in `getUserIdentities` for display purpose -- [**breaking**] Bump rusty-jwt-tools to v0.5.0. Add 'revokeCert' to AcmeDirectory +
+ git-conventional changelog -### Miscellaneous Tasks +### Bug Fixes -- Release v1.0.0-rc.9 +- Previous fix was not compiling +
-### Bug Fixes +* fix(e2ei): e2ei keystore method 'find_all' was unimplemented on WASM for intermediate CAs & CRLs -- TLS serialization of x509 credential -- [**breaking**] UniFFI Async cancellable routines + bytes -- Make interop runner pick up CHROME_PATH from env +## [1.0.0-rc.24] - 2024-01-15 -### Features +
+ git-conventional changelog -- Expose `getUserIdentities` through the FFI -- [**breaking**] Also restore buffered messages on the receiver side -- Increase max past epoch to 3 since backend inordering of messages requires client's config to backend's one + 1 +### Bug Fixes -### Miscellaneous Tasks +- Pin e2ei package tag +- Add PKI API to bindings -- Release 1.0.0-rc.8 -- Fix clippy lint on wasm tests -- Quiet clippy new lint about non send in Arc because it comes from wasm-bindgen wrapped Javascript object which cannot be shared between threads anyway -- Remove useless application message epoch check +### Features -### Refactor +- Added support for PKI environment +- Change ClientId & Handle format to URIs -- Borrow conversation_id in `new_conversation` +
-### Testing +* feat(e2ei): add methods to register root/intermediate certificates and CRLs. Also checks revocation status when asking for a conversation/user/device state. +* feat(e2ei): change ClientId & Handle to URIs with the scheme 'wireapp://'. Use '!' as delimiter in the ClientId -- Fix wasm test hitting a limit. Just split them for now, waiting for a proper solution -- Fix spinoff 0.8 compilation +## [1.0.0-rc.23] - 2024-01-08 +
+ git-conventional changelog ### Bug Fixes -- Kotlin tests not compiling after methods became async +- Null pointer in Javascript when calling 'new_oidc_challenge_response' +- Swift wrapper for E2eiEnrollment was not used in other methods +- Use 'implementation' Gradle configuration not to enforce dependencies version into consumers. Fixes #451 ### Features -- Correlate RotateBundle with a GroupId +- [**breaking**] Remove PerDomainTrustAnchor extension altogether. Backward incompatible changes ! -### Miscellaneous Tasks +
-- Release 1.0.0-rc.7 +* feat(mls)!: remove `PerDomainTrustAnchor` extension from required capabilities. Backward incompatible changes ! If you ever migrate from a previous version to this one take care of deleting all your groups +* fix(e2ei): fix a null pointer in the Javascript API +* fix(e2ei): Swift wrapper for E2eiEnrollment was not used in other methods +* fix: use 'implementation' Gradle configuration not to enforce dependencies version into consumers + +## [1.0.0-rc.22] - 2023-12-13 +
+ git-conventional changelog ### Bug Fixes -- `e2eiRotateAll` return type was not wrapped -- Signature KeyPair was rotated when credentials were which was zealous. Also fixes an important bug caused by inverted private & public keypair part when rotating credentials +- README mentions a task which doesn't exist ([#445](https://github.com/wireapp/core-crypto/issues/445)) +- Remove unnecessary boxing of values before persisting them in IndexedDb ### Features -- [**breaking**] Handle the case when a client tries to decrypt a Welcome referring to a KeyPackage he already has deleted locally -- Add keystore dump exporter CLI tool +- [**breaking**] Remove 'clientId' from activation & rotate enrollment now that we expect a specific ClientId format +- [**breaking**] Add `get_credential_in_use()` to check the e2ei state from a GroupInfo +- [**breaking**] Rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` +- [**breaking**] Managed OIDC refreshToken (wpb-5012) ### Miscellaneous Tasks -- Release 1.0.0-rc.6 +- Remove unused 'MlsSignatureKeyPairExt' trait and 'get_indexed' method +- Streamline "collection" in wasm storage +- WasmEncryptedStorage::get_many was not used ### Testing -- Add a roundtrip test for e2ei credential rotation to tackle a false positive regression - +- Verify that clients can create conversation with x509 credentials -### Bug Fixes +
-- E2ei enum for conversation state was unused and failing the Typescript publication. Now CI will have the same compiler flags when checking bindings in order to prevent this again +* feat(e2ei)!: manage OIDC refreshToken in CoreCrypto's encrypted-at-rest store. As a consequence, some methods went async (all the enrollment ones in WASM). The refreshToken has to be supplied in `newOidcChallengeRequest()` and is persisted in `newOidcChallengeResponse()`. Clients should fetch it back from an `Enrollment` created by `newRotateEnrollment()` with the new `getRefreshToken()` method. +* feat(e2ei)!: remove 'clientId' from `newActivationEnrollment()` & `newRotateEnrollment()`. We can do this now that we expect a specific ClientId format. +* feat(e2ei): add `getCredentialInUse(GroupInfo)` to check the e2ei state from a GroupInfo. This allows verifying the state of a conversation before joining it (and potentially degrading the e2ei state). +* feat(e2ei)!: rename `E2eiConversationState::Degraded` in to `E2eiConversationState::NotVerified` -### Miscellaneous Tasks +## [1.0.0-rc.21] - 2023-12-05 -- Release 1.0.0-rc.5 +
+ git-conventional changelog +### Features -### Miscellaneous Tasks +- [**breaking**] Canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to 'getUserIdentities()' -- Release 1.0.0-rc.4 -- Patch visibility issue for enum 'E2eiConversationState' which was failing when building Typescript bindings +
+* feat!: canonicalize ClientId keeping only the regular version where the UserId portion is the hyphenated string representation of the UUID. Also apply this to `getUserIdentities()` -### Bug Fixes +## [1.0.0-rc.20] - 2023-12-04 -- Proteus wasm test now uses wasm-browser-run -- Cargo doc fixes for wasm-browser-run -- Interop runner now uses wasm-browser-run to install chromedriver -- Support chromedriver 115 delivery method -- `e2ei_rotate_all` was returning 'undefined' on WASM -- [**breaking**] Entities leaked. Some methods handling the lifecycle of a MLS group were not cleaning created entities correctly. This avoids required storage space to grow linearly. +
+ git-conventional changelog ### Features -- [**breaking**] Rename `e2eiIsDegraded` by `e2eiConversationState` and change return type to an enumeration instead of a boolean to match all the e2ei states a conversation could have. -- Add `e2ei_is_enabled` for clients to spot if their MLS client is enrolled for end-to-end identity +- Better errors: 'ImplementationError' was way too often used as a fallback when the developer was too lazy to create a new error. This tries to cure that, especially with e2ei errors. It also tries to distinguish client errors from internal errors +- [**breaking**] Simplify API of 'add_clients_to_conversation' by not requiring to repeat the ClientId of the new members alongside their KeyPackage when the former can now be extracted from the latter +- [**breaking**] Introduce handle & team in the client dpop token -### Miscellaneous Tasks +### Testing -- Release 1.0.0-rc.3 -- Update rstest versions -- Updated xtask deps +- Test DB migration from 0.9.2
@@ -2030,14 +659,6 @@ Platform support legends:
git-conventional changelog -### Bug Fixes - -- Preserve schema upgrade path between schemafix'd versions and upcoming - -### Miscellaneous Tasks - -- Release v1.0.0-rc.18 -
* Native platforms only: Preserve database schema upgrade path from 0.8.x, 1.0.0-pre.6+schemafix-0007 and onwards. @@ -2442,6 +1063,24 @@ to correlate the commit with its group id and to merge it afterwards. Note that
git-conventional changelog +### Bug Fixes + +- `e2eiRotateAll` return type was not wrapped +- Signature KeyPair was rotated when credentials were which was zealous. Also fixes an important bug caused by inverted private & public keypair part when rotating credentials + +### Features + +- [**breaking**] Handle the case when a client tries to decrypt a Welcome referring to a KeyPackage he already has deleted locally +- Add keystore dump exporter CLI tool + +### Miscellaneous Tasks + +- Release 1.0.0-rc.6 + +### Testing + +- Add a roundtrip test for e2ei credential rotation to tackle a false positive regression +
* Add keystore dump CLI tool to debug internal applications and export the content of the keystore for further analysis @@ -2455,6 +1094,14 @@ In that case he has to catch & ignore the "OrphanWelcome" error and to rejoin th
git-conventional changelog +### Bug Fixes + +- E2ei enum for conversation state was unused and failing the Typescript publication. Now CI will have the same compiler flags when checking bindings in order to prevent this again + +### Miscellaneous Tasks + +- Release 1.0.0-rc.5 +
* Fix WASM publication issues @@ -2464,6 +1111,11 @@ In that case he has to catch & ignore the "OrphanWelcome" error and to rejoin th
git-conventional changelog +### Miscellaneous Tasks + +- Release 1.0.0-rc.4 +- Patch visibility issue for enum 'E2eiConversationState' which was failing when building Typescript bindings +
* Fix WASM publication issues @@ -2473,6 +1125,26 @@ In that case he has to catch & ignore the "OrphanWelcome" error and to rejoin th
git-conventional changelog +### Bug Fixes + +- Proteus wasm test now uses wasm-browser-run +- Cargo doc fixes for wasm-browser-run +- Interop runner now uses wasm-browser-run to install chromedriver +- Support chromedriver 115 delivery method +- `e2ei_rotate_all` was returning 'undefined' on WASM +- [**breaking**] Entities leaked. Some methods handling the lifecycle of a MLS group were not cleaning created entities correctly. This avoids required storage space to grow linearly. + +### Features + +- [**breaking**] Rename `e2eiIsDegraded` by `e2eiConversationState` and change return type to an enumeration instead of a boolean to match all the e2ei states a conversation could have. +- Add `e2ei_is_enabled` for clients to spot if their MLS client is enrolled for end-to-end identity + +### Miscellaneous Tasks + +- Release 1.0.0-rc.3 +- Update rstest versions +- Updated xtask deps +
@@ -2549,6 +1221,24 @@ In that case he has to catch & ignore the "OrphanWelcome" error and to rejoin th
git-conventional changelog +### Bug Fixes + +- Make clippy happy +- Xtask release fix for kotlin sonatype publishing +- Disable stripping to allow FFI to build +- Incorrect error value in tests + +### Features + +- [**breaking**] Prevent conversation overwrite when joining +- [**breaking**] Detect duplicate messages from previous epoch and fail with a dedicated error +- Publish to Sonatype instead of Github Packages ([#347](https://github.com/wireapp/core-crypto/issues/347)) + +### Miscellaneous Tasks + +- Release v1.0.0-pre.7 +- Pin dependencies on wireapp org forks +
* **[BREAKING]** We now detect duplicate messages from previous epochs, as such the `GenerationOutOfBound` error is now named `DuplicateMessage`. @@ -2575,47 +1265,6 @@ In that case he has to catch & ignore the "OrphanWelcome" error and to rejoin th - PostQuantum Ciphersuite - [**breaking**] Remove `export_group_info()` - -### Bug Fixes - -- Backend sends raw GroupInfo, we were trying to deserialize it from a MlsMessage - - -### Bug Fixes - -- Pin a version of openmls with a fix in tls_codec related to variable length encoding - -### Testing - -- Fix external commit test was not merging the external commit - - -### Bug Fixes - -- Typo in build xcframework task - - -### Features - -- CoreCrypto draft-20 upgrade -- Generate XCFramework when releasing for Swift ([#330](https://github.com/wireapp/core-crypto/issues/330)) - - -### Features - -- Add `e2ei_is_degraded` to flag a conversation as degraded when at least 1 member is not using a e2ei certificate - - -### Bug Fixes - -- Usize to u64 conversion error on Android in `client_valid_keypackages_count`. Whatever the reason this applies a default meaningful value -- [**breaking**] Creating a MLS group does not consume an existing KeyPackage anymore, instead it always generates a new local one. Also, explicitly ask for the credential type of the creator before creating a new MLS group. -- Mobile FFI was failing when initializing MLS client due to a Arc being incremented one too many times. Also add the E2EI API in the Kotlin wrapper and a test for it - -### Features - -- [**breaking**] Hide everywhere `Vec` appears in the public API since it seems to fail for obscure reasons on aarch64 Android devices. Undo when we have a better understanding of the root cause of this -
* feat!: PostQuantum Ciphersuite support ! Using [Xyber768](https://www.ietf.org/archive/id/draft-westerbaan-cfrg-hpke-xyber768d00-02.html) for Key Exchange. diff --git a/CHANGELOG.tpl b/CHANGELOG.tpl index 697034c46f..de97e70c1a 100644 --- a/CHANGELOG.tpl +++ b/CHANGELOG.tpl @@ -7,11 +7,24 @@ Platform support legends: * Note: the papercuts will majorly be with the build process. Things might be very rough to integrate as no polish at all has been given yet. * ❌ = tier 3 support. It doesn't work just yet, but we plan to make it work. +## [1.0.0-rc.55] - 2024-03-28 + +
+ git-conventional changelog +{{git-cliff tag="v1.0.0-rc.55" unreleased=true}} +
+ +* Introduce `e2ei_verify_group_state()` to preemptively check a group state through its GroupInfo before joining it +* WireIdentity (returned by `getUserIdentities()` & `getDeviceIdentities()`) now also works for Basic credentials. The struct has changed to reflect that ; the X509 related part being moved in a dedicated field +* MLS thumbprint returned by WireIdentity is consistent between X509 & Basic credentials +* Fixed: E2EI enrollment double free on iOS +* Fixed: MLS thumbprint has hash algorithm agility + ## [1.0.0-rc.54] - 2024-03-20
git-conventional changelog -{{git-cliff tag="v1.0.0-rc.54" unreleased=true}} +{{git-cliff tag="v1.0.0-rc.54"}}
* Fixed `new_crl_distribution_points` not being deduplicated vs what we have in-store for `add_members_to_conversation` diff --git a/crypto-attributes/Cargo.toml b/crypto-attributes/Cargo.toml index 9c10ddbfaf..630ea2267e 100644 --- a/crypto-attributes/Cargo.toml +++ b/crypto-attributes/Cargo.toml @@ -2,7 +2,7 @@ name = "core-crypto-attributes" description = "Macros for core-crypto" repository = "https://github.com/wireapp/core-crypto" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" diff --git a/crypto-ffi/Cargo.toml b/crypto-ffi/Cargo.toml index d4e9ff1416..0ecb727416 100644 --- a/crypto-ffi/Cargo.toml +++ b/crypto-ffi/Cargo.toml @@ -2,7 +2,7 @@ name = "core-crypto-ffi" description = "Platform-specific bindings (Android, iOS, WASM) for CoreCrypto" repository = "https://github.com/wireapp/core-crypto" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" publish = false @@ -47,7 +47,7 @@ sha2 = { version = "0.10", features = ["force-soft"] } [target.'cfg(not(target_family = "wasm"))'.dependencies] # UniFFI - Android + iOS bindings - Runtime support uniffi = { workspace = true } -core-crypto = { version = "^1.0.0-rc.54", path = "../crypto", features = ["uniffi"] } +core-crypto = { version = "^1.0.0-rc.55", path = "../crypto", features = ["uniffi"] } [target.wasm32-unknown-unknown.dependencies] wasm-bindgen = "0.2" @@ -58,7 +58,7 @@ serde = { version = "1.0", features = ["derive"] } js-sys = "0.3" web-sys = "0.3" strum = "0.26" -core-crypto = { version = "^1.0.0-rc.54", path = "../crypto" } +core-crypto = { version = "^1.0.0-rc.55", path = "../crypto" } # UniFFI - Android + iOS bindings - Build support diff --git a/crypto-ffi/bindings/gradle.properties b/crypto-ffi/bindings/gradle.properties index cfff467c0c..611bb4d42a 100644 --- a/crypto-ffi/bindings/gradle.properties +++ b/crypto-ffi/bindings/gradle.properties @@ -15,7 +15,7 @@ kotlin.code.style=official # gradle-maven-publish configuration GROUP=com.wire -VERSION_NAME=1.0.0-rc.54 +VERSION_NAME=1.0.0-rc.55 SONATYPE_HOST=DEFAULT SONATYPE_AUTOMATIC_RELEASE=true RELEASE_SIGNING_ENABLED=true diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml index ec4b99d873..5b699d7e08 100644 --- a/crypto/Cargo.toml +++ b/crypto/Cargo.toml @@ -2,7 +2,7 @@ name = "core-crypto" description = "Abstraction over OpenMLS with persistent keystore" repository = "https://github.com/wireapp/core-crypto" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" publish = false @@ -76,13 +76,13 @@ rexie = { version = "0.4", optional = true } base64 = { version = "0.21", optional = true } [target.'cfg(not(target_os = "ios"))'.dependencies] -core-crypto-keystore = { version = "^1.0.0-rc.54", path = "../keystore" } +core-crypto-keystore = { version = "^1.0.0-rc.55", path = "../keystore" } [target.'cfg(target_os = "ios")'.dependencies] -core-crypto-keystore = { version = "^1.0.0-rc.54", path = "../keystore", features = ["ios-wal-compat"] } +core-crypto-keystore = { version = "^1.0.0-rc.55", path = "../keystore", features = ["ios-wal-compat"] } [dependencies.mls-crypto-provider] -version = "^1.0.0-rc.54" +version = "^1.0.0-rc.55" path = "../mls-provider" [dev-dependencies] @@ -106,7 +106,7 @@ fluvio-wasm-timer = "0.2" time = { version = "0.3", features = ["wasm-bindgen"] } [dev-dependencies.core-crypto-keystore] -version = "^1.0.0-rc.54" +version = "^1.0.0-rc.55" path = "../keystore" features = ["dummy-entity"] @@ -119,7 +119,7 @@ version = "0.5" features = ["async_std", "html_reports"] [dev-dependencies.core-crypto-attributes] -version = "^1.0.0-rc.54" +version = "^1.0.0-rc.55" path = "../crypto-attributes" [package.metadata.wasm-pack.profile.release] diff --git a/interop/Cargo.toml b/interop/Cargo.toml index f6ebc8cbe5..6da7776e39 100644 --- a/interop/Cargo.toml +++ b/interop/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "interop" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" diff --git a/keystore-dump/Cargo.toml b/keystore-dump/Cargo.toml index 59852e518b..68b3be6aae 100644 --- a/keystore-dump/Cargo.toml +++ b/keystore-dump/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "keystore-dump" description = "Dumps a keystore to JSON on stdout" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" diff --git a/keystore/Cargo.toml b/keystore/Cargo.toml index e09957673e..a78f0f7ba5 100644 --- a/keystore/Cargo.toml +++ b/keystore/Cargo.toml @@ -2,7 +2,7 @@ name = "core-crypto-keystore" description = "Encrypted keystore with support for OpenMLS and Proteus" repository = "https://github.com/wireapp/core-crypto" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" publish = false diff --git a/mls-provider/Cargo.toml b/mls-provider/Cargo.toml index 8552f2650f..55607a2b5a 100644 --- a/mls-provider/Cargo.toml +++ b/mls-provider/Cargo.toml @@ -2,7 +2,7 @@ name = "mls-crypto-provider" description = "MLS Crypto Provider wrapping core-crypto-keystore" repository = "https://github.com/wireapp/core-crypto" -version = "1.0.0-rc.54" +version = "1.0.0-rc.55" edition = "2021" license = "GPL-3.0-only" publish = false @@ -50,10 +50,10 @@ version = "0.10" features = ["x25519", "p256", "p384", "xyber768d00", "serde_impls"] [target.'cfg(not(target_os = "ios"))'.dependencies] -core-crypto-keystore = { version = "^1.0.0-rc.54", path = "../keystore" } +core-crypto-keystore = { version = "^1.0.0-rc.55", path = "../keystore" } [target.'cfg(target_os = "ios")'.dependencies] -core-crypto-keystore = { version = "^1.0.0-rc.54", path = "../keystore", features = ["ios-wal-compat"] } +core-crypto-keystore = { version = "^1.0.0-rc.55", path = "../keystore", features = ["ios-wal-compat"] } [dev-dependencies] wasm-bindgen-test = "0.3" diff --git a/package.json b/package.json index 842b9027ba..d8b2278c0b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@wireapp/core-crypto", - "version": "1.0.0-rc.54", + "version": "1.0.0-rc.55", "description": "CoreCrypto bindings for the Web", "type": "module", "module": "platforms/web/corecrypto.js",