Merge branch 'main' into remove-getrandom-custom

mls-rs-codec/src/lib.rs

@@ -121,10 +121,7 @@ pub trait MlsDecode: Sized {
     fn mls_decode(reader: &mut &[u8]) -> Result<Self, Error>;
 }
 
-impl<T> MlsDecode for Box<T>
-where
-    T: MlsDecode + ?Sized,
-{
+impl<T: MlsDecode> MlsDecode for Box<T> {
     #[inline]
     fn mls_decode(reader: &mut &[u8]) -> Result<Self, Error> {
         T::mls_decode(reader).map(Box::new)

mls-rs-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "mls-rs-core"
-version = "0.19.0"
+version = "0.19.1"
 edition = "2021"
 description = "Core components and traits for mls-rs"
 homepage = "https://github.com/awslabs/mls-rs"
@@ -20,6 +20,7 @@ ffi = ["dep:safer-ffi", "dep:safer-ffi-gen"]
 x509 = []
 test_suite = ["serde", "dep:serde_json", "dep:itertools"]
 serde = ["dep:serde", "zeroize/serde", "hex/serde", "dep:serde_bytes"]
+last_resort_key_package_ext = []
 
 [dependencies]
 mls-rs-codec = { version = "0.5.2", path = "../mls-rs-codec", default-features = false}

mls-rs-core/src/extension.rs

@@ -34,6 +34,9 @@ impl ExtensionType {
     pub const EXTERNAL_PUB: ExtensionType = ExtensionType(4);
     pub const EXTERNAL_SENDERS: ExtensionType = ExtensionType(5);
 
+    #[cfg(feature = "last_resort_key_package_ext")]
+    pub const LAST_RESORT_KEY_PACKAGE: ExtensionType = ExtensionType(0x000A);
+
     /// Default extension types defined
     /// in [RFC 9420](https://www.rfc-editor.org/rfc/rfc9420.html#name-leaf-node-contents)
     pub const DEFAULT: &'static [ExtensionType] = &[

mls-rs-uniffi/tests/kotlin_scenarios.rs

@@ -39,7 +39,7 @@ impl MavenArtifact {
         let exit_status = std::process::Command::new("mvn")
             .arg("--no-transfer-progress")
             .arg("dependency:copy")
-            .arg(&format!("-Dartifact={group_id}:{artifact_id}:{version}"))
+            .arg(format!("-Dartifact={group_id}:{artifact_id}:{version}"))
             .arg(format!("-DoutputDirectory={output_dir}"))
             .status()
             .context("running `mvn` failed")?;

mls-rs/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "mls-rs"
-version = "0.41.2"
+version = "0.41.3"
 edition = "2021"
 description = "An implementation of Messaging Layer Security (RFC 9420)"
 homepage = "https://github.com/awslabs/mls-rs"
@@ -32,6 +32,7 @@ by_ref_proposal = []
 psk = []
 x509 = ["mls-rs-core/x509", "dep:mls-rs-identity-x509"]
 rfc_compliant = ["private_message", "custom_proposal", "out_of_order", "psk", "x509", "prior_epoch", "by_ref_proposal", "mls-rs-core/rfc_compliant"]
+last_resort_key_package_ext = ["mls-rs-core/last_resort_key_package_ext"]
 
 std = ["mls-rs-core/std", "mls-rs-codec/std", "mls-rs-identity-x509?/std", "hex/std", "futures/std", "itertools/use_std", "safer-ffi-gen?/std", "zeroize/std", "dep:debug_tree", "dep:thiserror", "serde?/std"]
 
@@ -50,7 +51,7 @@ benchmark_util = ["test_util", "default", "dep:mls-rs-crypto-openssl"]
 fuzz_util = ["test_util", "default", "dep:once_cell", "dep:mls-rs-crypto-openssl"]
 
 [dependencies]
-mls-rs-core = { path = "../mls-rs-core", default-features = false, version = "0.19.0" }
+mls-rs-core = { path = "../mls-rs-core", default-features = false, version = "0.19.1" }
 mls-rs-identity-x509 = { path = "../mls-rs-identity-x509", default-features = false, version = "0.12.0", optional = true }
 zeroize = { version = "1", default-features = false, features = ["alloc", "zeroize_derive"] }
 mls-rs-codec = { version = "0.5.2", path = "../mls-rs-codec", default-features = false}

mls-rs/src/client.rs

@@ -791,16 +791,17 @@ mod tests {
     };
     use assert_matches::assert_matches;
 
-    use crate::{
-        group::{
-            message_processor::ProposalMessageDescription,
-            proposal::Proposal,
-            test_utils::{test_group, test_group_custom_config},
-            ReceivedMessage,
-        },
-        psk::{ExternalPskId, PreSharedKey},
-    };
-
+    #[cfg(feature = "by_ref_proposal")]
+    use crate::group::message_processor::ProposalMessageDescription;
+    #[cfg(feature = "by_ref_proposal")]
+    use crate::group::proposal::Proposal;
+    use crate::group::test_utils::test_group;
+    #[cfg(feature = "psk")]
+    use crate::group::test_utils::test_group_custom_config;
+    #[cfg(feature = "by_ref_proposal")]
+    use crate::group::ReceivedMessage;
+    #[cfg(feature = "psk")]
+    use crate::psk::{ExternalPskId, PreSharedKey};
     use alloc::vec;
 
     #[maybe_async::test(not(mls_build_async), async(mls_build_async, crate::futures_test))]
@@ -855,15 +856,14 @@ mod tests {
 
         let proposal = bob
             .external_add_proposal(
-                &alice_group.group.group_info_message(true).await.unwrap(),
+                &alice_group.group_info_message(true).await.unwrap(),
                 None,
                 vec![],
             )
             .await
             .unwrap();
 
         let message = alice_group
-            .group
             .process_incoming_message(proposal)
             .await
             .unwrap();
@@ -875,12 +875,11 @@ mod tests {
             ) if p.key_package.leaf_node.signing_identity == bob_identity
         );
 
-        alice_group.group.commit(vec![]).await.unwrap();
-        alice_group.group.apply_pending_commit().await.unwrap();
+        alice_group.commit(vec![]).await.unwrap();
+        alice_group.apply_pending_commit().await.unwrap();
 
         // Check that the new member is in the group
         assert!(alice_group
-            .group
             .roster()
             .members_iter()
             .any(|member| member.signing_identity == bob_identity))
@@ -912,7 +911,6 @@ mod tests {
             .unwrap();
 
         let group_info_msg = alice_group
-            .group
             .group_info_message_allowing_ext_commit(true)
             .await
             .unwrap();
@@ -944,26 +942,24 @@ mod tests {
         assert_eq!(new_group.roster().members_iter().count(), num_members);
 
         let _ = alice_group
-            .group
             .process_incoming_message(external_commit.clone())
             .await
             .unwrap();
 
-        let bob_current_epoch = bob_group.group.current_epoch();
+        let bob_current_epoch = bob_group.current_epoch();
 
         let message = bob_group
-            .group
             .process_incoming_message(external_commit)
             .await
             .unwrap();
 
-        assert!(alice_group.group.roster().members_iter().count() == num_members);
+        assert!(alice_group.roster().members_iter().count() == num_members);
 
         if !do_remove {
-            assert!(bob_group.group.roster().members_iter().count() == num_members);
+            assert!(bob_group.roster().members_iter().count() == num_members);
         } else {
             // Bob was removed so his epoch must stay the same
-            assert_eq!(bob_group.group.current_epoch(), bob_current_epoch);
+            assert_eq!(bob_group.current_epoch(), bob_current_epoch);
 
             assert_matches!(
                 message,
@@ -979,7 +975,7 @@ mod tests {
 
         // Comparing epoch authenticators is sufficient to check that members are in sync.
         assert_eq!(
-            alice_group.group.epoch_authenticator().unwrap(),
+            alice_group.epoch_authenticator().unwrap(),
             new_group.epoch_authenticator().unwrap()
         );
 
@@ -1019,11 +1015,10 @@ mod tests {
         let mut alice_group = test_group(TEST_PROTOCOL_VERSION, TEST_CIPHER_SUITE).await;
         let mut bob_group = test_group(TEST_PROTOCOL_VERSION, TEST_CIPHER_SUITE).await;
 
-        bob_group.group.commit(vec![]).await.unwrap();
-        bob_group.group.apply_pending_commit().await.unwrap();
+        bob_group.commit(vec![]).await.unwrap();
+        bob_group.apply_pending_commit().await.unwrap();
 
         let group_info_msg = bob_group
-            .group
             .group_info_message_allowing_ext_commit(true)
             .await
             .unwrap();
@@ -1043,10 +1038,7 @@ mod tests {
             .unwrap();
 
         // If Carol tries to join Alice's group using the group info from Bob's group, that fails.
-        let res = alice_group
-            .group
-            .process_incoming_message(external_commit)
-            .await;
+        let res = alice_group.process_incoming_message(external_commit).await;
         assert_matches!(res, Err(_));
     }
 

mls-rs/src/extension.rs

@@ -5,10 +5,16 @@
 pub use mls_rs_core::extension::{ExtensionType, MlsCodecExtension, MlsExtension};
 
 pub(crate) use built_in::*;
+#[cfg(feature = "last_resort_key_package_ext")]
+pub(crate) use recommended::*;
 
 /// Default extension types required by the MLS RFC.
 pub mod built_in;
 
+/// Extension types which are not mandatory, but still recommended.
+#[cfg(feature = "last_resort_key_package_ext")]
+pub mod recommended;
+
 #[cfg(test)]
 pub(crate) mod test_utils {
     use alloc::vec::Vec;

mls-rs/src/extension/recommended.rs

@@ -0,0 +1,29 @@
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// Copyright by contributors to this project.
+// SPDX-License-Identifier: (Apache-2.0 OR MIT)
+
+//! Recommended MLS extensions.
+//!
+//! Optional, but recommended extensions from [The Messaging Layer
+//! Security (MLS) Extensions][1].
+//!
+//! [1]: https://datatracker.ietf.org/doc/html/draft-ietf-mls-extensions-04
+
+use mls_rs_codec::{MlsDecode, MlsEncode, MlsSize};
+use mls_rs_core::extension::{ExtensionType, MlsCodecExtension};
+
+/// Last resort key packages.
+///
+/// The extension allows clients that pre-publish key packages to
+/// signal to the Delivery Service which key packages are meant to be
+/// used as last resort key packages.
+#[cfg(feature = "last_resort_key_package_ext")]
+#[derive(Debug, Clone, PartialEq, Eq, MlsSize, MlsEncode, MlsDecode)]
+pub struct LastResortKeyPackageExt;
+
+#[cfg(feature = "last_resort_key_package_ext")]
+impl MlsCodecExtension for LastResortKeyPackageExt {
+    fn extension_type() -> ExtensionType {
+        ExtensionType::LAST_RESORT_KEY_PACKAGE
+    }
+}