From 741316ddcf83fe0ba80a78baa7bc74094aab053a Mon Sep 17 00:00:00 2001 From: Konrad Kohbrok Date: Wed, 10 Jan 2024 14:51:15 +0100 Subject: [PATCH] MlsGroup: Builder, CreateConfig and JoinConfig (#1464) --- CHANGELOG.md | 2 + book/src/forward_secrecy.md | 6 +- book/src/user_manual/create_group.md | 10 +- book/src/user_manual/group_config.md | 22 +- .../user_manual/join_from_external_commit.md | 4 +- book/src/user_manual/join_from_welcome.md | 3 +- cli/src/user.rs | 4 +- delivery-service/ds/src/test.rs | 6 +- interop_client/src/main.rs | 14 +- openmls/src/extensions/test_extensions.rs | 6 +- .../group/core_group/kat_passive_client.rs | 21 +- openmls/src/group/mls_group/builder.rs | 201 +++++++++++++++++ openmls/src/group/mls_group/config.rs | 205 +++++++++++++----- openmls/src/group/mls_group/creation.rs | 85 ++------ openmls/src/group/mls_group/mod.rs | 9 +- openmls/src/group/mls_group/ser.rs | 2 +- openmls/src/group/mls_group/test_mls_group.rs | 120 ++++++++-- openmls/src/group/public_group/tests.rs | 10 +- .../src/group/tests/external_add_proposal.rs | 12 +- .../group/tests/external_remove_proposal.rs | 2 +- .../src/group/tests/test_commit_validation.rs | 8 +- .../tests/test_external_commit_validation.rs | 6 +- .../group/tests/test_framing_validation.rs | 6 +- openmls/src/group/tests/test_past_secrets.rs | 6 +- .../group/tests/test_proposal_validation.rs | 11 +- .../src/group/tests/test_remove_operation.rs | 8 +- .../group/tests/test_wire_format_policy.rs | 5 +- openmls/src/lib.rs | 4 +- openmls/src/messages/tests/test_welcome.rs | 10 +- .../src/test_utils/test_framework/client.rs | 10 +- openmls/src/test_utils/test_framework/mod.rs | 18 +- openmls/src/treesync/tests_and_kats/tests.rs | 8 +- openmls/tests/book_code.rs | 55 ++++- openmls/tests/test_decryption_key_index.rs | 4 +- openmls/tests/test_external_commit.rs | 18 +- openmls/tests/test_interop_scenarios.rs | 12 +- openmls/tests/test_managed_api.rs | 4 +- openmls/tests/test_mls_group.rs | 32 +-- 38 files changed, 676 insertions(+), 293 deletions(-) create mode 100644 openmls/src/group/mls_group/builder.rs diff --git a/CHANGELOG.md b/CHANGELOG.md index a534c0200e..16712e2efc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed +- [#1464](https://github.com/openmls/openmls/pull/1464): Add builder pattern for `MlsGroup`; split `MlsGroupJoinConfig` into `MlsGroupCreateConfig` and `MlsGroupJoinConfig` + ## 0.5.0 (XXXX-XX-XX) This release has many breaking API changes, a few of them are listed below: diff --git a/book/src/forward_secrecy.md b/book/src/forward_secrecy.md index 1e11e1db09..3ad479246c 100644 --- a/book/src/forward_secrecy.md +++ b/book/src/forward_secrecy.md @@ -46,8 +46,8 @@ When an encrypted message is received, the corresponding decryption key is deriv OpenMLS can address 3 scenarios: -- The Delivery Service cannot guarantee that application messages from one epoch are sent before the beginning of the next epoch. To address this, applications can configure their groups to keep the necessary key material around for past epochs by setting the `max_past_epochs` field in the `MlsGroupConfig` to the desired number of epochs. +- The Delivery Service cannot guarantee that application messages from one epoch are sent before the beginning of the next epoch. To address this, applications can configure their groups to keep the necessary key material around for past epochs by setting the `max_past_epochs` field in the `MlsGroupCreateConfig` to the desired number of epochs. -- The Delivery Service cannot guarantee that application messages will arrive in order within the same epoch. To address this, applications can configure the `out_of_order_tolerance` parameter of the `SenderRatchetConfiguration`. The configuration can be set as the `sender_ratchet_configuration` parameter of the `MlsGroupConfig`. +- The Delivery Service cannot guarantee that application messages will arrive in order within the same epoch. To address this, applications can configure the `out_of_order_tolerance` parameter of the `SenderRatchetConfiguration`. The configuration can be set as the `sender_ratchet_configuration` parameter of the `MlsGroupCreateConfig`. -- The Delivery Service cannot guarantee that application messages won't be dropped within the same epoch. To address this, applications can configure the `maximum_forward_distance` parameter of the `SenderRatchetConfiguration`. The configuration can be set as the `sender_ratchet_configuration` parameter of the `MlsGroupConfig`. +- The Delivery Service cannot guarantee that application messages won't be dropped within the same epoch. To address this, applications can configure the `maximum_forward_distance` parameter of the `SenderRatchetConfiguration`. The configuration can be set as the `sender_ratchet_configuration` parameter of the `MlsGroupCreateConfig`. diff --git a/book/src/user_manual/create_group.md b/book/src/user_manual/create_group.md index 0551a5cf7b..8ff8f2c506 100644 --- a/book/src/user_manual/create_group.md +++ b/book/src/user_manual/create_group.md @@ -1,6 +1,6 @@ # Creating groups -Before a group can be created, a group configuration (`MlsGroupConfiguration`) needs to be defined. The default values of configuration parameters are picked for safety. However, check all parameters carefully to ascertain if they match your implementation's requirements. See [Group configuration](group_config.md) for more details. +There are two ways to create a group: Either by building an `MlsGroup` directly, or by using an `MlsGroupCreateConfig`. The former is slightly simpler, while the latter allows the creating of multiple groups using the same configuration. See [Group configuration](./group_config.md) for more details on group parameters. In addition to the group configuration, the client should define all supported and required extensions for the group. The negotiation mechanism for extension in MLS consists in setting an initial list of extensions at group creation time and choosing key packages of subsequent new members accordingly. @@ -10,12 +10,18 @@ In practice, the supported and required extensions are set by adding them to the {{#include ../../../openmls/tests/book_code.rs:create_key_package}} ``` -After that, the group can be created: +After that, the group can be created either using a config: ```rust,no_run,noplayground {{#include ../../../openmls/tests/book_code.rs:alice_create_group}} ``` +... or using the builder pattern: + +```rust,no_run,noplayground +{{#include ../../../openmls/tests/book_code.rs:alice_create_group_with_builder}} +``` + Note: Every group is assigned a random group ID during creation. The group ID cannot be changed and remains immutable throughout the group's lifetime. Choosing it randomly makes sure that the group ID doesn't collide with any other group ID in the same system. If someone else already gave you a group ID, e.g., a provider server, you can also create a group using a specific group ID: diff --git a/book/src/user_manual/group_config.md b/book/src/user_manual/group_config.md index 6ac147fea9..cd826f9adc 100644 --- a/book/src/user_manual/group_config.md +++ b/book/src/user_manual/group_config.md @@ -1,8 +1,8 @@ # Group configuration -The group configuration can be specified by building a `MlsGroupConfig` object or choosing the default value. The default value contains safe values for all parameters and is suitable for scenarios without particular requirements. +Two very similar structs can help configure groups upon their creation: `MlsGroupJoinConfig` and `MlsGroupCreateConfig`. -The following parameters can be set: +`MlsGroupJoinConfig` contains the following runtime-relevant configuration options for an `MlsGroup` and can be set on a per-client basis when a group is joined. | Name | Type | Explanation | | ------------------------------ | ------------------------------- | ------------------------------------------------------------------------------------------------ | @@ -11,11 +11,25 @@ The following parameters can be set: | `max_past_epochs` | `usize` | Maximum number of past epochs for which application messages can be decrypted. The default is 0. | | `number_of_resumption_psks` | `usize` | Number of resumption psks to keep. The default is 0. | | `use_ratchet_tree_extension` | `bool` | Flag indicating the Ratchet Tree Extension should be used. The default is `false`. | -| `required_capabilities` | `RequiredCapabilitiesExtension` | Required capabilities (extensions and proposal types). | | `sender_ratchet_configuration` | `SenderRatchetConfiguration` | Sender ratchet configuration. | -Example configuration: +`MlsGroupCreateConfig` contains an `MlsGroupJoinConfig`, as well as a few additional parameters that are part of the group state that is agreed-upon by all group members. It can be set at the time of a group's creation and contains the following additional configuration options. + +| Name | Type | Explanation | +| ------------------------------ | ------------------------------- | ------------------------------------------------------------------------------------------------ | +| `required_capabilities` | `RequiredCapabilitiesExtension` | Required capabilities (extensions and proposal types). | +| `external_senders` | `ExternalSendersExtensions` | List credentials of non-group members that are allowed to send proposals to the group. | + +Both ways of group configurations can be specified by using the struct's builder pattern, or choosing their default values. The default value contains safe values for all parameters and is suitable for scenarios without particular requirements. + +Example join configuration: ```rust,no_run,noplayground {{#include ../../../openmls/tests/book_code.rs:mls_group_config_example}} ``` + +Example create configuration: + +```rust,no_run,noplayground +{{#include ../../../openmls/tests/book_code.rs:mls_group_create_config_example}} +``` diff --git a/book/src/user_manual/join_from_external_commit.md b/book/src/user_manual/join_from_external_commit.md index f74e84703a..22fc5fc534 100644 --- a/book/src/user_manual/join_from_external_commit.md +++ b/book/src/user_manual/join_from_external_commit.md @@ -2,7 +2,7 @@ To join a group with an external commit message, a new `MlsGroup` can be instantiated directly from the `GroupInfo`. The `GroupInfo`/Ratchet Tree should be shared over a secure channel. -If the RatchetTree extension is not in the required capabilities, then the ratchet tree needs to be provided. +If the RatchetTree extension is not included in the `GroupInfo` as a `GroupInfoExtension`, then the ratchet tree needs to be provided. The `GroupInfo` can be obtained either from a call to `export_group_info`from the `MlsGroup`: @@ -16,7 +16,7 @@ Or from a call to a function that results in a staged commit: {{#include ../../../openmls/tests/book_code.rs:alice_exports_group_info}} ``` -Calling `join_by_external_commit` will join the group and leave it with a commit pending to be merged. +Calling `join_by_external_commit` requires an `MlsGroupJoinConfig` (see [Group configuration](./group_config.md) for more details). The function creates an `MlsGroup` and leave it with a commit pending to be merged. ```rust,no_run,noplayground {{#include ../../../openmls/tests/book_code.rs:charlie_joins_external_commit}} diff --git a/book/src/user_manual/join_from_welcome.md b/book/src/user_manual/join_from_welcome.md index 59f5af53fb..22edf603b5 100644 --- a/book/src/user_manual/join_from_welcome.md +++ b/book/src/user_manual/join_from_welcome.md @@ -1,7 +1,6 @@ # Join a group from a Welcome message -To join a group from a `Welcome` message, a new `MlsGroup` can be instantiated directly from the `Welcome` message. -If the group configuration does not use the ratchet tree extension, the ratchet tree needs to be provided. +To join a group from a `Welcome` message, a new `MlsGroup` can be instantiated directly from the `Welcome` message and an `MlsGroupJoinConfig` (see [Group configuration](./group_config.md) for more details). If the group configuration does not use the ratchet tree extension, the ratchet tree needs to be provided. ```rust,no_run,noplayground {{#include ../../../openmls/tests/book_code.rs:bob_joins_with_welcome}} diff --git a/cli/src/user.rs b/cli/src/user.rs index 3885d292db..dfd864a1f1 100644 --- a/cli/src/user.rs +++ b/cli/src/user.rs @@ -526,7 +526,7 @@ impl User { // NOTE: Since the DS currently doesn't distribute copies of the group's ratchet // tree, we need to include the ratchet_tree_extension. - let group_config = MlsGroupConfig::builder() + let group_config = MlsGroupCreateConfig::builder() .use_ratchet_tree_extension(true) .build(); @@ -672,7 +672,7 @@ impl User { } // NOTE: Since the DS currently doesn't distribute copies of the group's ratchet // tree, we need to include the ratchet_tree_extension. - let group_config = MlsGroupConfig::builder() + let group_config = MlsGroupJoinConfig::builder() .use_ratchet_tree_extension(true) .build(); let mut mls_group = MlsGroup::new_from_welcome(&self.crypto, &group_config, welcome, None) diff --git a/delivery-service/ds/src/test.rs b/delivery-service/ds/src/test.rs index fafded0b8f..5d0ae7616c 100644 --- a/delivery-service/ds/src/test.rs +++ b/delivery-service/ds/src/test.rs @@ -148,7 +148,7 @@ async fn test_list_clients() { #[actix_rt::test] async fn test_group() { let crypto = &OpenMlsRustCrypto::default(); - let mls_group_config = MlsGroupConfig::default(); + let mls_group_create_config = MlsGroupCreateConfig::default(); let data = web::Data::new(DsData::default()); let app = test::init_service( App::new() @@ -257,7 +257,7 @@ async fn test_group() { let mut group = MlsGroup::new_with_group_id( crypto, &signer_1, - &mls_group_config, + &mls_group_create_config, group_id, credential_with_key_1, ) @@ -317,7 +317,7 @@ async fn test_group() { let mut group_on_client2 = MlsGroup::new_from_welcome( crypto, - &mls_group_config, + mls_group_create_config.join_config(), welcome_msg .into_welcome() .expect("Unexpected message type."), diff --git a/interop_client/src/main.rs b/interop_client/src/main.rs index 9590b07514..8274586174 100644 --- a/interop_client/src/main.rs +++ b/interop_client/src/main.rs @@ -17,7 +17,7 @@ use openmls::{ credentials::{Credential, CredentialType, CredentialWithKey}, framing::{MlsMessageIn, MlsMessageInBody, MlsMessageOut, ProcessedMessageContent}, group::{ - GroupEpoch, GroupId, MlsGroup, MlsGroupConfig, WireFormatPolicy, + GroupEpoch, GroupId, MlsGroup, MlsGroupCreateConfig, MlsGroupJoinConfig, WireFormatPolicy, PURE_CIPHERTEXT_WIRE_FORMAT_POLICY, PURE_PLAINTEXT_WIRE_FORMAT_POLICY, }, key_packages::KeyPackage, @@ -230,7 +230,7 @@ impl MlsClient for MlsClientImpl { // Note: We just use some values here that make live testing work. // There is nothing special about the used numbers and they // can be increased (or decreased) depending on the available scenarios. - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .max_past_epochs(32) .number_of_resumption_psks(32) @@ -375,7 +375,7 @@ impl MlsClient for MlsClientImpl { // Note: We just use some values here that make live testing work. // There is nothing special about the used numbers and they // can be increased (or decreased) depending on the available scenarios. - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .max_past_epochs(32) .number_of_resumption_psks(32) .sender_ratchet_configuration(SenderRatchetConfiguration::default()) @@ -521,7 +521,7 @@ impl MlsClient for MlsClientImpl { let mls_group_config = { let wire_format_policy = wire_format_policy(request.encrypt_handshake); - MlsGroupConfig::builder() + MlsGroupJoinConfig::builder() .max_past_epochs(32) .number_of_resumption_psks(32) .sender_ratchet_configuration(SenderRatchetConfiguration::default()) @@ -818,7 +818,7 @@ impl MlsClient for MlsClientImpl { // Note: We just use some values here that make live testing work. // There is nothing special about the used numbers and they // can be increased (or decreased) depending on the available scenarios. - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .use_ratchet_tree_extension(true) .max_past_epochs(32) .number_of_resumption_psks(32) @@ -866,7 +866,7 @@ impl MlsClient for MlsClientImpl { // Note: We just use some values here that make live testing work. // There is nothing special about the used numbers and they // can be increased (or decreased) depending on the available scenarios. - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .max_past_epochs(32) .number_of_resumption_psks(32) .use_ratchet_tree_extension(true) @@ -920,7 +920,7 @@ impl MlsClient for MlsClientImpl { // Note: We just use some values here that make live testing work. // There is nothing special about the used numbers and they // can be increased (or decreased) depending on the available scenarios. - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .max_past_epochs(32) .number_of_resumption_psks(32) .use_ratchet_tree_extension(true) diff --git a/openmls/src/extensions/test_extensions.rs b/openmls/src/extensions/test_extensions.rs index 4c9b567f7a..6badafcbe6 100644 --- a/openmls/src/extensions/test_extensions.rs +++ b/openmls/src/extensions/test_extensions.rs @@ -299,7 +299,7 @@ fn last_resort_extension(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvid provider, ); - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -307,7 +307,7 @@ fn last_resort_extension(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvid let mut alice_group = MlsGroup::new( provider, &alice_credential_with_key_and_signer.signer, - &mls_group_config, + &mls_group_create_config, alice_credential_with_key_and_signer.credential_with_key, ) .expect("An unexpected error occurred."); @@ -326,7 +326,7 @@ fn last_resort_extension(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvid let _bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected MLS message"), Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/core_group/kat_passive_client.rs b/openmls/src/group/core_group/kat_passive_client.rs index 78178d020f..b0a9d495b3 100644 --- a/openmls/src/group/core_group/kat_passive_client.rs +++ b/openmls/src/group/core_group/kat_passive_client.rs @@ -118,8 +118,7 @@ pub fn run_test_vector(test_vector: PassiveClientWelcomeTestVector) { return; } - let group_config = MlsGroupConfig::builder() - .crypto_config(CryptoConfig::with_default_version(cipher_suite)) + let group_config = MlsGroupJoinConfig::builder() .use_ratchet_tree_extension(true) .wire_format_policy(WireFormatPolicy::new( OutgoingWireFormatPolicy::AlwaysPlaintext, @@ -128,7 +127,11 @@ pub fn run_test_vector(test_vector: PassiveClientWelcomeTestVector) { .number_of_resumption_psks(16) .build(); - let mut passive_client = PassiveClient::new(group_config, test_vector.external_psks.clone()); + let mut passive_client = PassiveClient::new( + group_config, + cipher_suite, + test_vector.external_psks.clone(), + ); passive_client.inject_key_package( test_vector.key_package, @@ -198,12 +201,16 @@ fn test_write_vectors() { struct PassiveClient { provider: OpenMlsRustCrypto, - group_config: MlsGroupConfig, + group_config: MlsGroupJoinConfig, group: Option, } impl PassiveClient { - fn new(group_config: MlsGroupConfig, psks: Vec) -> Self { + fn new( + group_config: MlsGroupJoinConfig, + ciphersuite: Ciphersuite, + psks: Vec, + ) -> Self { let provider = OpenMlsRustCrypto::default(); // Load all PSKs into key store. @@ -213,7 +220,7 @@ impl PassiveClient { // The nonce is not saved, so it can be empty... let psk_id = PreSharedKeyId::external(psk.psk_id, vec![]); psk_id - .write_to_key_store(&provider, group_config.crypto_config.ciphersuite, &psk.psk) + .write_to_key_store(&provider, ciphersuite, &psk.psk) .unwrap(); } @@ -333,7 +340,7 @@ impl PassiveClient { } pub fn generate_test_vector(cipher_suite: Ciphersuite) -> PassiveClientWelcomeTestVector { - let group_config = MlsGroupConfig::builder() + let group_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(cipher_suite)) .use_ratchet_tree_extension(true) .build(); diff --git a/openmls/src/group/mls_group/builder.rs b/openmls/src/group/mls_group/builder.rs new file mode 100644 index 0000000000..fe7040bb12 --- /dev/null +++ b/openmls/src/group/mls_group/builder.rs @@ -0,0 +1,201 @@ +use openmls_traits::{key_store::OpenMlsKeyStore, signatures::Signer, OpenMlsProvider}; + +use crate::{ + credentials::CredentialWithKey, + extensions::ExternalSendersExtension, + group::{ + config::CryptoConfig, public_group::errors::PublicGroupBuildError, CoreGroup, + CoreGroupBuildError, CoreGroupConfig, GroupId, MlsGroupCreateConfig, + MlsGroupCreateConfigBuilder, NewGroupError, ProposalStore, WireFormatPolicy, + }, + prelude::{LibraryError, Lifetime, SenderRatchetConfiguration}, +}; + +use super::{InnerState, MlsGroup, MlsGroupState}; + +#[derive(Default)] +pub struct MlsGroupBuilder { + group_id: Option, + mls_group_create_config_builder: MlsGroupCreateConfigBuilder, +} + +impl MlsGroupBuilder { + pub(super) fn new() -> Self { + Self::default() + } + + /// Sets the group ID of the [`MlsGroup`]. + pub fn with_group_id(mut self, group_id: GroupId) -> Self { + self.group_id = Some(group_id); + self + } + + /// Build a new group as configured by this builder. + pub fn build( + self, + provider: &impl OpenMlsProvider, + signer: &impl Signer, + credential_with_key: CredentialWithKey, + ) -> Result> { + self.build_internal(provider, signer, credential_with_key, None) + } + + /// Build a new group with the given group ID. + /// + /// If an [`MlsGroupCreateConfig`] is provided, it will be used to configure the + /// group. Otherwise, the internal builder is used to build one with the + /// parameters set on this builder. + pub(super) fn build_internal( + self, + provider: &impl OpenMlsProvider, + signer: &impl Signer, + credential_with_key: CredentialWithKey, + mls_group_create_config_option: Option, + ) -> Result> { + let mls_group_create_config = mls_group_create_config_option + .unwrap_or_else(|| self.mls_group_create_config_builder.build()); + let group_id = self + .group_id + .unwrap_or_else(|| GroupId::random(provider.rand())); + // TODO #751 + let group_config = CoreGroupConfig { + add_ratchet_tree_extension: mls_group_create_config + .join_config + .use_ratchet_tree_extension, + }; + + let mut group = CoreGroup::builder( + group_id, + mls_group_create_config.crypto_config, + credential_with_key, + ) + .with_config(group_config) + .with_required_capabilities(mls_group_create_config.required_capabilities.clone()) + .with_external_senders(mls_group_create_config.external_senders.clone()) + .with_max_past_epoch_secrets(mls_group_create_config.join_config.max_past_epochs) + .with_lifetime(*mls_group_create_config.lifetime()) + .build(provider, signer) + .map_err(|e| match e { + CoreGroupBuildError::LibraryError(e) => e.into(), + // We don't support PSKs yet + CoreGroupBuildError::Psk(e) => { + log::debug!("Unexpected PSK error: {:?}", e); + LibraryError::custom("Unexpected PSK error").into() + } + CoreGroupBuildError::KeyStoreError(e) => NewGroupError::KeyStoreError(e), + CoreGroupBuildError::PublicGroupBuildError(e) => match e { + PublicGroupBuildError::LibraryError(e) => e.into(), + PublicGroupBuildError::UnsupportedProposalType => { + NewGroupError::UnsupportedProposalType + } + PublicGroupBuildError::UnsupportedExtensionType => { + NewGroupError::UnsupportedExtensionType + } + PublicGroupBuildError::InvalidExtensions(e) => NewGroupError::InvalidExtensions(e), + }, + })?; + + // We already add a resumption PSK for epoch 0 to make things more unified. + let resumption_psk = group.group_epoch_secrets().resumption_psk(); + group + .resumption_psk_store + .add(group.context().epoch(), resumption_psk.clone()); + + let mls_group = MlsGroup { + mls_group_config: mls_group_create_config.join_config.clone(), + group, + proposal_store: ProposalStore::new(), + own_leaf_nodes: vec![], + aad: vec![], + group_state: MlsGroupState::Operational, + state_changed: InnerState::Changed, + }; + + Ok(mls_group) + } + + // MlsGroupCreateConfigBuilder options + + /// Sets the `wire_format` property of the MlsGroup. + pub fn with_wire_format_policy(mut self, wire_format_policy: WireFormatPolicy) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .wire_format_policy(wire_format_policy); + self + } + + /// Sets the `padding_size` property of the MlsGroup. + pub fn padding_size(mut self, padding_size: usize) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .padding_size(padding_size); + self + } + + /// Sets the `max_past_epochs` property of the MlsGroup. + /// This allows application messages from previous epochs to be decrypted. + /// + /// **WARNING** + /// + /// This feature enables the storage of message secrets from past epochs. + /// It is a trade-off between functionality and forward secrecy and should only be enabled + /// if the Delivery Service cannot guarantee that application messages will be sent in + /// the same epoch in which they were generated. The number for `max_epochs` should be + /// as low as possible. + pub fn max_past_epochs(mut self, max_past_epochs: usize) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .max_past_epochs(max_past_epochs); + self + } + + /// Sets the `number_of_resumption_psks` property of the MlsGroup. + pub fn number_of_resumption_psks(mut self, number_of_resumption_psks: usize) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .number_of_resumption_psks(number_of_resumption_psks); + self + } + + /// Sets the `use_ratchet_tree_extension` property of the MlsGroup. + pub fn use_ratchet_tree_extension(mut self, use_ratchet_tree_extension: bool) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .use_ratchet_tree_extension(use_ratchet_tree_extension); + self + } + + /// Sets the `sender_ratchet_configuration` property of the MlsGroup. + /// See [`SenderRatchetConfiguration`] for more information. + pub fn sender_ratchet_configuration( + mut self, + sender_ratchet_configuration: SenderRatchetConfiguration, + ) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .sender_ratchet_configuration(sender_ratchet_configuration); + self + } + + /// Sets the `lifetime` of the group creator's leaf. + pub fn lifetime(mut self, lifetime: Lifetime) -> Self { + self.mls_group_create_config_builder = + self.mls_group_create_config_builder.lifetime(lifetime); + self + } + + /// Sets the `crypto_config` of the MlsGroup. + pub fn crypto_config(mut self, config: CryptoConfig) -> Self { + self.mls_group_create_config_builder = + self.mls_group_create_config_builder.crypto_config(config); + self + } + + /// Sets the `external_senders` property of the MlsGroup. + pub fn external_senders(mut self, external_senders: ExternalSendersExtension) -> Self { + self.mls_group_create_config_builder = self + .mls_group_create_config_builder + .external_senders(external_senders); + self + } +} diff --git a/openmls/src/group/mls_group/config.rs b/openmls/src/group/mls_group/config.rs index a78c5e4ff6..b7366cdf00 100644 --- a/openmls/src/group/mls_group/config.rs +++ b/openmls/src/group/mls_group/config.rs @@ -1,18 +1,18 @@ //! Configuration module for [`MlsGroup`] configurations. //! -//! ## Building an MlsGroupConfig -//! The [`MlsGroupConfigBuilder`] makes it easy to build configurations for the +//! ## Building an MlsGroupCreateConfig +//! The [`MlsGroupCreateConfigBuilder`] makes it easy to build configurations for the //! [`MlsGroup`]. //! //! ``` //! use openmls::prelude::*; //! -//! let group_config = MlsGroupConfig::builder() +//! let group_config = MlsGroupCreateConfig::builder() //! .use_ratchet_tree_extension(true) //! .build(); //! ``` //! -//! See [`MlsGroupConfigBuilder`](MlsGroupConfigBuilder#implementations) for +//! See [`MlsGroupCreateConfigBuilder`](MlsGroupCreateConfigBuilder#implementations) for //! all options that can be configured. //! //! ### Wire format policies @@ -22,7 +22,7 @@ //! ``` //! use openmls::prelude::*; //! -//! let group_config = MlsGroupConfig::builder() +//! let group_config = MlsGroupCreateConfig::builder() //! .wire_format_policy(MIXED_CIPHERTEXT_WIRE_FORMAT_POLICY) //! .build(); //! ``` @@ -34,10 +34,12 @@ use crate::{ }; use serde::{Deserialize, Serialize}; -/// Specifies the configuration parameters for a [`MlsGroup`]. Refer to -/// the [User Manual](https://openmls.tech/book/user_manual/group_config.html) for more information about the different configuration values. +/// The [`MlsGroupJoinConfig`] contains all configuration parameters that are +/// relevant to group operation at runtime. It is used to configure the group's +/// behaviour when joining an existing group. To configure a newly created +/// group, use [`MlsGroupCreateConfig`]. #[derive(Clone, Debug, Default, PartialEq, Eq, Serialize, Deserialize)] -pub struct MlsGroupConfig { +pub struct MlsGroupJoinConfig { /// Defines the wire format policy for outgoing and incoming handshake messages. /// Application are always encrypted regardless. pub(crate) wire_format_policy: WireFormatPolicy, @@ -50,65 +52,155 @@ pub struct MlsGroupConfig { pub(crate) number_of_resumption_psks: usize, /// Flag to indicate the Ratchet Tree Extension should be used pub(crate) use_ratchet_tree_extension: bool, + /// Sender ratchet configuration + pub(crate) sender_ratchet_configuration: SenderRatchetConfiguration, +} + +impl MlsGroupJoinConfig { + /// Returns a builder for [`MlsGroupJoinConfig`]. + pub fn builder() -> MlsGroupJoinConfigBuilder { + MlsGroupJoinConfigBuilder::new() + } + + /// Returns the wire format policy set in this [`MlsGroupJoinConfig`]. + pub fn wire_format_policy(&self) -> WireFormatPolicy { + self.wire_format_policy + } + + /// Returns the padding size set in this [`MlsGroupJoinConfig`]. + pub fn padding_size(&self) -> usize { + self.padding_size + } + + /// Returns the [`SenderRatchetConfiguration`] set in this [`MlsGroupJoinConfig`]. + pub fn sender_ratchet_configuration(&self) -> &SenderRatchetConfiguration { + &self.sender_ratchet_configuration + } +} + +/// Specifies configuration for the creation of an [`MlsGroup`]. Refer to the +/// [User Manual](https://openmls.tech/book/user_manual/group_config.html) for +/// more information about the different configuration values. +#[derive(Clone, Debug, Default, PartialEq, Eq, Serialize, Deserialize)] +pub struct MlsGroupCreateConfig { /// Required capabilities (extensions and proposal types) pub(crate) required_capabilities: RequiredCapabilitiesExtension, /// Senders authorized to send external remove proposals pub(crate) external_senders: ExternalSendersExtension, - /// Sender ratchet configuration - pub(crate) sender_ratchet_configuration: SenderRatchetConfiguration, /// Lifetime of the own leaf node pub(crate) lifetime: Lifetime, /// Ciphersuite and protocol version pub(crate) crypto_config: CryptoConfig, + /// Configuration parameters relevant to group operation at runtime + pub(crate) join_config: MlsGroupJoinConfig, +} + +/// Builder struct for an [`MlsGroupJoinConfig`]. +#[derive(Default)] +pub struct MlsGroupJoinConfigBuilder { + join_config: MlsGroupJoinConfig, +} + +impl MlsGroupJoinConfigBuilder { + /// Creates a new builder with default values. + fn new() -> Self { + Self { + join_config: MlsGroupJoinConfig::default(), + } + } + + /// Sets the `wire_format` property of the [`MlsGroupJoinConfig`]. + pub fn wire_format_policy(mut self, wire_format_policy: WireFormatPolicy) -> Self { + self.join_config.wire_format_policy = wire_format_policy; + self + } + + /// Sets the `padding_size` property of the [`MlsGroupJoinConfig`]. + pub fn padding_size(mut self, padding_size: usize) -> Self { + self.join_config.padding_size = padding_size; + self + } + + /// Sets the `max_past_epochs` property of the [`MlsGroupJoinConfig`]. + pub fn max_past_epochs(mut self, max_past_epochs: usize) -> Self { + self.join_config.max_past_epochs = max_past_epochs; + self + } + + /// Sets the `number_of_resumption_psks` property of the [`MlsGroupJoinConfig`]. + pub fn number_of_resumption_psks(mut self, number_of_resumption_psks: usize) -> Self { + self.join_config.number_of_resumption_psks = number_of_resumption_psks; + self + } + + /// Sets the `use_ratchet_tree_extension` property of the [`MlsGroupJoinConfig`]. + pub fn use_ratchet_tree_extension(mut self, use_ratchet_tree_extension: bool) -> Self { + self.join_config.use_ratchet_tree_extension = use_ratchet_tree_extension; + self + } + + /// Sets the `sender_ratchet_configuration` property of the [`MlsGroupJoinConfig`]. + pub fn sender_ratchet_configuration( + mut self, + sender_ratchet_configuration: SenderRatchetConfiguration, + ) -> Self { + self.join_config.sender_ratchet_configuration = sender_ratchet_configuration; + self + } + + /// Finalizes the builder and returns an [`MlsGroupJoinConfig`]. + pub fn build(self) -> MlsGroupJoinConfig { + self.join_config + } } -impl MlsGroupConfig { - /// Returns a builder for [`MlsGroupConfig`] - pub fn builder() -> MlsGroupConfigBuilder { - MlsGroupConfigBuilder::new() +impl MlsGroupCreateConfig { + /// Returns a builder for [`MlsGroupCreateConfig`] + pub fn builder() -> MlsGroupCreateConfigBuilder { + MlsGroupCreateConfigBuilder::new() } - /// Returns the [`MlsGroupConfig`] wire format policy. + /// Returns the [`MlsGroupCreateConfig`] wire format policy. pub fn wire_format_policy(&self) -> WireFormatPolicy { - self.wire_format_policy + self.join_config.wire_format_policy } - /// Returns the [`MlsGroupConfig`] padding size. + /// Returns the [`MlsGroupCreateConfig`] padding size. pub fn padding_size(&self) -> usize { - self.padding_size + self.join_config.padding_size } - /// Returns the [`MlsGroupConfig`] max past epochs. + /// Returns the [`MlsGroupCreateConfig`] max past epochs. pub fn max_past_epochs(&self) -> usize { - self.max_past_epochs + self.join_config.max_past_epochs } - /// Returns the [`MlsGroupConfig`] number of resumption psks. + /// Returns the [`MlsGroupCreateConfig`] number of resumption psks. pub fn number_of_resumption_psks(&self) -> usize { - self.number_of_resumption_psks + self.join_config.number_of_resumption_psks } - /// Returns the [`MlsGroupConfig`] boolean flag that indicates whether ratchet_tree_extension should be used. + /// Returns the [`MlsGroupCreateConfig`] boolean flag that indicates whether ratchet_tree_extension should be used. pub fn use_ratchet_tree_extension(&self) -> bool { - self.use_ratchet_tree_extension + self.join_config.use_ratchet_tree_extension } - /// Returns the [`MlsGroupConfig`] required capabilities extension. + /// Returns the [`MlsGroupCreateConfig`] required capabilities extension. pub fn required_capabilities(&self) -> &RequiredCapabilitiesExtension { &self.required_capabilities } - /// Returns the [`MlsGroupConfig`] sender ratchet configuration. + /// Returns the [`MlsGroupCreateConfig`] sender ratchet configuration. pub fn sender_ratchet_configuration(&self) -> &SenderRatchetConfiguration { - &self.sender_ratchet_configuration + &self.join_config.sender_ratchet_configuration } - /// Returns the [`MlsGroupConfig`] external senders extension + /// Returns the [`MlsGroupCreateConfig`] external senders extension pub fn external_senders(&self) -> &ExternalSendersExtension { &self.external_senders } - /// Returns the [`MlsGroupConfig`] lifetime configuration. + /// Returns the [`MlsGroupCreateConfig`] lifetime configuration. pub fn lifetime(&self) -> &Lifetime { &self.lifetime } @@ -128,35 +220,40 @@ impl MlsGroupConfig { .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build() } + + /// Returns the [`MlsGroupJoinConfig`] of groups created with this create config. + pub fn join_config(&self) -> &MlsGroupJoinConfig { + &self.join_config + } } -/// Builder for an [`MlsGroupConfig`]. +/// Builder for an [`MlsGroupCreateConfig`]. #[derive(Default)] -pub struct MlsGroupConfigBuilder { - config: MlsGroupConfig, +pub struct MlsGroupCreateConfigBuilder { + config: MlsGroupCreateConfig, } -impl MlsGroupConfigBuilder { +impl MlsGroupCreateConfigBuilder { /// Creates a new builder with default values. - pub fn new() -> Self { - MlsGroupConfigBuilder { - config: MlsGroupConfig::default(), + fn new() -> Self { + MlsGroupCreateConfigBuilder { + config: MlsGroupCreateConfig::default(), } } - /// Sets the `wire_format` property of the MlsGroupConfig. + /// Sets the `wire_format` property of the MlsGroupCreateConfig. pub fn wire_format_policy(mut self, wire_format_policy: WireFormatPolicy) -> Self { - self.config.wire_format_policy = wire_format_policy; + self.config.join_config.wire_format_policy = wire_format_policy; self } - /// Sets the `padding_size` property of the MlsGroupConfig. + /// Sets the `padding_size` property of the MlsGroupCreateConfig. pub fn padding_size(mut self, padding_size: usize) -> Self { - self.config.padding_size = padding_size; + self.config.join_config.padding_size = padding_size; self } - /// Sets the `max_past_epochs` property of the MlsGroupConfig. + /// Sets the `max_past_epochs` property of the MlsGroupCreateConfig. /// This allows application messages from previous epochs to be decrypted. /// /// **WARNING** @@ -167,23 +264,23 @@ impl MlsGroupConfigBuilder { /// the same epoch in which they were generated. The number for `max_epochs` should be /// as low as possible. pub fn max_past_epochs(mut self, max_past_epochs: usize) -> Self { - self.config.max_past_epochs = max_past_epochs; + self.config.join_config.max_past_epochs = max_past_epochs; self } - /// Sets the `number_of_resumption_psks` property of the MlsGroupConfig. + /// Sets the `number_of_resumption_psks` property of the MlsGroupCreateConfig. pub fn number_of_resumption_psks(mut self, number_of_resumption_psks: usize) -> Self { - self.config.number_of_resumption_psks = number_of_resumption_psks; + self.config.join_config.number_of_resumption_psks = number_of_resumption_psks; self } - /// Sets the `use_ratchet_tree_extension` property of the MlsGroupConfig. + /// Sets the `use_ratchet_tree_extension` property of the MlsGroupCreateConfig. pub fn use_ratchet_tree_extension(mut self, use_ratchet_tree_extension: bool) -> Self { - self.config.use_ratchet_tree_extension = use_ratchet_tree_extension; + self.config.join_config.use_ratchet_tree_extension = use_ratchet_tree_extension; self } - /// Sets the `required_capabilities` property of the MlsGroupConfig. + /// Sets the `required_capabilities` property of the MlsGroupCreateConfig. pub fn required_capabilities( mut self, required_capabilities: RequiredCapabilitiesExtension, @@ -192,36 +289,36 @@ impl MlsGroupConfigBuilder { self } - /// Sets the `sender_ratchet_configuration` property of the MlsGroupConfig. + /// Sets the `sender_ratchet_configuration` property of the MlsGroupCreateConfig. /// See [`SenderRatchetConfiguration`] for more information. pub fn sender_ratchet_configuration( mut self, sender_ratchet_configuration: SenderRatchetConfiguration, ) -> Self { - self.config.sender_ratchet_configuration = sender_ratchet_configuration; + self.config.join_config.sender_ratchet_configuration = sender_ratchet_configuration; self } - /// Sets the `lifetime` property of the MlsGroupConfig. + /// Sets the `lifetime` property of the MlsGroupCreateConfig. pub fn lifetime(mut self, lifetime: Lifetime) -> Self { self.config.lifetime = lifetime; self } - /// Sets the `crypto_config` property of the MlsGroupConfig. + /// Sets the `crypto_config` property of the MlsGroupCreateConfig. pub fn crypto_config(mut self, config: CryptoConfig) -> Self { self.config.crypto_config = config; self } - /// Sets the `external_senders` property of the MlsGroupConfig. + /// Sets the `external_senders` property of the MlsGroupCreateConfig. pub fn external_senders(mut self, external_senders: ExternalSendersExtension) -> Self { self.config.external_senders = external_senders; self } - /// Finalizes the builder and retursn an `[MlsGroupConfig`]. - pub fn build(self) -> MlsGroupConfig { + /// Finalizes the builder and retursn an `[MlsGroupCreateConfig`]. + pub fn build(self) -> MlsGroupCreateConfig { self.config } } diff --git a/openmls/src/group/mls_group/creation.rs b/openmls/src/group/mls_group/creation.rs index df2164bea4..378233544a 100644 --- a/openmls/src/group/mls_group/creation.rs +++ b/openmls/src/group/mls_group/creation.rs @@ -1,13 +1,12 @@ use openmls_traits::signatures::Signer; -use super::*; +use super::{builder::MlsGroupBuilder, *}; use crate::{ ciphersuite::HpkePrivateKey, credentials::CredentialWithKey, group::{ core_group::create_commit_params::CreateCommitParams, - errors::{CoreGroupBuildError, ExternalCommitError, WelcomeError}, - public_group::errors::PublicGroupBuildError, + errors::{ExternalCommitError, WelcomeError}, }, messages::group_info::{GroupInfo, VerifiableGroupInfo}, schedule::psk::store::ResumptionPskStore, @@ -17,6 +16,12 @@ use crate::{ impl MlsGroup { // === Group creation === + /// Creates a builder which can be used to configure and build + /// a new [`MlsGroup`]. + pub fn builder() -> MlsGroupBuilder { + MlsGroupBuilder::new() + } + /// Creates a new group with the creator as the only member (and a random /// group ID). /// @@ -25,15 +30,14 @@ impl MlsGroup { pub fn new( provider: &impl OpenMlsProvider, signer: &impl Signer, - mls_group_config: &MlsGroupConfig, + mls_group_create_config: &MlsGroupCreateConfig, credential_with_key: CredentialWithKey, ) -> Result> { - Self::new_with_group_id( + MlsGroupBuilder::new().build_internal( provider, signer, - mls_group_config, - GroupId::random(provider.rand()), credential_with_key, + Some(mls_group_create_config.clone()), ) } @@ -42,63 +46,18 @@ impl MlsGroup { pub fn new_with_group_id( provider: &impl OpenMlsProvider, signer: &impl Signer, - mls_group_config: &MlsGroupConfig, + mls_group_create_config: &MlsGroupCreateConfig, group_id: GroupId, credential_with_key: CredentialWithKey, ) -> Result> { - // TODO #751 - let group_config = CoreGroupConfig { - add_ratchet_tree_extension: mls_group_config.use_ratchet_tree_extension, - }; - - let mut group = CoreGroup::builder( - group_id, - mls_group_config.crypto_config, - credential_with_key, - ) - .with_config(group_config) - .with_required_capabilities(mls_group_config.required_capabilities.clone()) - .with_external_senders(mls_group_config.external_senders.clone()) - .with_max_past_epoch_secrets(mls_group_config.max_past_epochs) - .with_lifetime(*mls_group_config.lifetime()) - .build(provider, signer) - .map_err(|e| match e { - CoreGroupBuildError::LibraryError(e) => e.into(), - // We don't support PSKs yet - CoreGroupBuildError::Psk(e) => { - log::debug!("Unexpected PSK error: {:?}", e); - LibraryError::custom("Unexpected PSK error").into() - } - CoreGroupBuildError::KeyStoreError(e) => NewGroupError::KeyStoreError(e), - CoreGroupBuildError::PublicGroupBuildError(e) => match e { - PublicGroupBuildError::LibraryError(e) => e.into(), - PublicGroupBuildError::UnsupportedProposalType => { - NewGroupError::UnsupportedProposalType - } - PublicGroupBuildError::UnsupportedExtensionType => { - NewGroupError::UnsupportedExtensionType - } - PublicGroupBuildError::InvalidExtensions(e) => NewGroupError::InvalidExtensions(e), - }, - })?; - - // We already add a resumption PSK for epoch 0 to make things more unified. - let resumption_psk = group.group_epoch_secrets().resumption_psk(); - group - .resumption_psk_store - .add(group.context().epoch(), resumption_psk.clone()); - - let mls_group = MlsGroup { - mls_group_config: mls_group_config.clone(), - group, - proposal_store: ProposalStore::new(), - own_leaf_nodes: vec![], - aad: vec![], - group_state: MlsGroupState::Operational, - state_changed: InnerState::Changed, - }; - - Ok(mls_group) + MlsGroupBuilder::new() + .with_group_id(group_id) + .build_internal( + provider, + signer, + credential_with_key, + Some(mls_group_create_config.clone()), + ) } /// Creates a new group from a [`Welcome`] message. Returns an error @@ -107,7 +66,7 @@ impl MlsGroup { // TODO: #1326 This should take an MlsMessage rather than a Welcome message. pub fn new_from_welcome( provider: &impl OpenMlsProvider, - mls_group_config: &MlsGroupConfig, + mls_group_config: &MlsGroupJoinConfig, welcome: Welcome, ratchet_tree: Option, ) -> Result> { @@ -187,7 +146,7 @@ impl MlsGroup { signer: &impl Signer, ratchet_tree: Option, verifiable_group_info: VerifiableGroupInfo, - mls_group_config: &MlsGroupConfig, + mls_group_config: &MlsGroupJoinConfig, aad: &[u8], credential_with_key: CredentialWithKey, ) -> Result<(Self, MlsMessageOut, Option), ExternalCommitError> { diff --git a/openmls/src/group/mls_group/mod.rs b/openmls/src/group/mls_group/mod.rs index b06b9259cd..64a9982c02 100644 --- a/openmls/src/group/mls_group/mod.rs +++ b/openmls/src/group/mls_group/mod.rs @@ -19,6 +19,7 @@ use openmls_traits::{key_store::OpenMlsKeyStore, types::Ciphersuite, OpenMlsProv // Private mod application; +mod builder; mod creation; mod exporting; mod updates; @@ -148,8 +149,8 @@ pub enum MlsGroupState { /// more information. #[derive(Debug)] pub struct MlsGroup { - // The group configuration. See `MlsGroupCongig` for more information. - mls_group_config: MlsGroupConfig, + // The group configuration. See [`MlsGroupJoinConfig`] for more information. + mls_group_config: MlsGroupJoinConfig, // the internal `CoreGroup` used for lower level operations. See `CoreGroup` for more // information. group: CoreGroup, @@ -176,12 +177,12 @@ impl MlsGroup { // === Configuration === /// Returns the configuration. - pub fn configuration(&self) -> &MlsGroupConfig { + pub fn configuration(&self) -> &MlsGroupJoinConfig { &self.mls_group_config } /// Sets the configuration. - pub fn set_configuration(&mut self, mls_group_config: &MlsGroupConfig) { + pub fn set_configuration(&mut self, mls_group_config: &MlsGroupJoinConfig) { self.mls_group_config = mls_group_config.clone(); // Since the state of the group might be changed, arm the state flag diff --git a/openmls/src/group/mls_group/ser.rs b/openmls/src/group/mls_group/ser.rs index b8b82333e4..7977fad823 100644 --- a/openmls/src/group/mls_group/ser.rs +++ b/openmls/src/group/mls_group/ser.rs @@ -17,7 +17,7 @@ use serde::{ )] #[derive(Serialize, Deserialize)] pub struct SerializedMlsGroup { - mls_group_config: MlsGroupConfig, + mls_group_config: MlsGroupJoinConfig, group: CoreGroup, proposal_store: ProposalStore, own_leaf_nodes: Vec, diff --git a/openmls/src/group/mls_group/test_mls_group.rs b/openmls/src/group/mls_group/test_mls_group.rs index 46dd2eea94..b22ec84b6a 100644 --- a/openmls/src/group/mls_group/test_mls_group.rs +++ b/openmls/src/group/mls_group/test_mls_group.rs @@ -14,6 +14,7 @@ use crate::{ MlsGroupTestSetup, }, test_utils::*, + tree::sender_ratchet::SenderRatchetConfiguration, }; #[apply(ciphersuites_and_providers)] @@ -24,7 +25,7 @@ fn test_mls_group_persistence(ciphersuite: Ciphersuite, provider: &impl OpenMlsP setup_client("Alice", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( @@ -72,7 +73,7 @@ fn remover(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { setup_client("Charly", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -80,7 +81,7 @@ fn remover(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -97,7 +98,7 @@ fn remover(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -132,7 +133,7 @@ fn remover(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut charlie_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(bob_group.export_ratchet_tree().into()), ) @@ -209,13 +210,13 @@ fn export_secret(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { setup_client("Alice", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -242,11 +243,11 @@ fn export_secret(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { #[apply(ciphersuites_and_providers)] fn test_invalid_plaintext(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { // Some basic setup functions for the MlsGroup. - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); let number_of_clients = 20; let setup = MlsGroupTestSetup::new( - mls_group_config, + mls_group_create_config, number_of_clients, CodecUse::StructMessages, ); @@ -359,7 +360,7 @@ fn test_verify_staged_commit_credentials( setup_client("Bob", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( @@ -408,7 +409,7 @@ fn test_verify_staged_commit_credentials( let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_config.join_config(), welcome_option .expect("no welcome after commit") .into_welcome() @@ -524,13 +525,13 @@ fn test_commit_with_update_path_leaf_node( setup_client("Bob", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key.clone(), ) @@ -575,7 +576,7 @@ fn test_commit_with_update_path_leaf_node( let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome_option .expect("no welcome after commit") .into_welcome() @@ -700,13 +701,13 @@ fn test_pending_commit_logic(ciphersuite: Ciphersuite, provider: &impl OpenMlsPr setup_client("Bob", ciphersuite, provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -817,7 +818,7 @@ fn test_pending_commit_logic(ciphersuite: Ciphersuite, provider: &impl OpenMlsPr let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome_option .expect("no welcome after commit") .into_welcome() @@ -874,7 +875,7 @@ fn key_package_deletion(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let bob_key_package = bob_kpb.key_package(); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -882,7 +883,7 @@ fn key_package_deletion(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -898,7 +899,7 @@ fn key_package_deletion(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide // === Bob joins the group === let _bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -940,7 +941,7 @@ fn remove_prosposal_by_ref(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv let charlie_key_package = charlie_kpb.key_package(); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -948,7 +949,7 @@ fn remove_prosposal_by_ref(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -961,7 +962,7 @@ fn remove_prosposal_by_ref(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv alice_group.merge_pending_commit(provider).unwrap(); let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().unwrap(), Some(alice_group.export_ratchet_tree().into()), ) @@ -1001,3 +1002,76 @@ fn remove_prosposal_by_ref(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv _ => unreachable!("Expected a StagedCommit."), } } + +// Test that the builder pattern accurately configures the new group. +#[apply(ciphersuites_and_providers)] +fn builder_pattern(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { + let (alice_credential_with_key, _alice_kpb, alice_signer, _alice_pk) = + setup_client("Alice", ciphersuite, provider); + + // Variables for the MlsGroup configuration + let test_group_id = GroupId::from_slice(b"Test Group"); + let test_lifetime = Lifetime::new(3600); + let test_wire_format_policy = PURE_CIPHERTEXT_WIRE_FORMAT_POLICY; + let test_padding_size = 100; + let test_external_senders = vec![ExternalSender::new( + alice_credential_with_key.signature_key.clone(), + alice_credential_with_key.credential.clone(), + )]; + let test_crypto_config = CryptoConfig::with_default_version(ciphersuite); + let test_sender_ratchet_config = SenderRatchetConfiguration::new(10, 2000); + let test_max_past_epochs = 10; + let test_number_of_resumption_psks = 5; + + // === Alice creates a group === + let alice_group = MlsGroup::builder() + .with_group_id(test_group_id.clone()) + .padding_size(test_padding_size) + .sender_ratchet_configuration(test_sender_ratchet_config.clone()) + .external_senders(test_external_senders.clone()) + .crypto_config(test_crypto_config) + .with_wire_format_policy(test_wire_format_policy) + .lifetime(test_lifetime) + .use_ratchet_tree_extension(true) + .max_past_epochs(test_max_past_epochs) + .number_of_resumption_psks(test_number_of_resumption_psks) + .build(provider, &alice_signer, alice_credential_with_key) + .expect("error creating group using builder"); + + // Check that the group was created with the correct configuration + + // first the config + let group_config = alice_group.configuration(); + assert_eq!(group_config.padding_size(), test_padding_size); + assert_eq!( + group_config.sender_ratchet_configuration(), + &test_sender_ratchet_config + ); + assert_eq!(group_config.wire_format_policy(), test_wire_format_policy); + assert!(group_config.use_ratchet_tree_extension); + assert_eq!(group_config.max_past_epochs, test_max_past_epochs); + assert_eq!( + group_config.number_of_resumption_psks, + test_number_of_resumption_psks + ); + + // and the rest of the parameters + let group_context = alice_group.export_group_context(); + assert_eq!(alice_group.group_id(), &test_group_id); + let external_senders = group_context + .extensions() + .external_senders() + .expect("error getting external senders"); + assert_eq!(external_senders, &test_external_senders); + let crypto_config = CryptoConfig { + ciphersuite, + version: group_context.protocol_version(), + }; + assert_eq!(crypto_config, test_crypto_config); + let lifetime = alice_group + .own_leaf() + .expect("error getting own leaf") + .life_time() + .expect("leaf doesn't have a lifetime"); + assert_eq!(lifetime, &test_lifetime); +} diff --git a/openmls/src/group/public_group/tests.rs b/openmls/src/group/public_group/tests.rs index a83230d00e..d4dc01ce61 100644 --- a/openmls/src/group/public_group/tests.rs +++ b/openmls/src/group/public_group/tests.rs @@ -11,7 +11,7 @@ use crate::{ }, group::{ config::CryptoConfig, test_core_group::setup_client, GroupId, MlsGroup, - MlsGroupConfigBuilder, ProposalStore, StagedCommit, PURE_PLAINTEXT_WIRE_FORMAT_POLICY, + MlsGroupCreateConfig, ProposalStore, StagedCommit, PURE_PLAINTEXT_WIRE_FORMAT_POLICY, }, messages::proposals::Proposal, }; @@ -31,7 +31,7 @@ fn public_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { // Define the MlsGroup configuration // Set plaintext wire format policy s.t. the public group can track changes. - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(PURE_PLAINTEXT_WIRE_FORMAT_POLICY) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -40,7 +40,7 @@ fn public_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -95,7 +95,7 @@ fn public_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -139,7 +139,7 @@ fn public_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut charlie_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(bob_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/external_add_proposal.rs b/openmls/src/group/tests/external_add_proposal.rs index 40e2ad5332..6dbc55ae39 100644 --- a/openmls/src/group/tests/external_add_proposal.rs +++ b/openmls/src/group/tests/external_add_proposal.rs @@ -36,7 +36,7 @@ fn new_test_group( generate_credential_with_key(identity.into(), ciphersuite.signature_algorithm(), provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -45,7 +45,7 @@ fn new_test_group( MlsGroup::new_with_group_id( provider, &credential_with_keys.signer, - &mls_group_config, + &mls_group_create_config, group_id, credential_with_keys.credential_with_key.clone(), ) @@ -83,9 +83,8 @@ fn validation_test_setup( .expect("error merging pending commit"); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .wire_format_policy(wire_format_policy) - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); let bob_group = MlsGroup::new_from_welcome( @@ -194,13 +193,12 @@ fn external_add_proposal_should_succeed(ciphersuite: Ciphersuite, provider: &imp assert_eq!(bob_group.members().count(), 3); // Finally, Charlie can join with the Welcome - let cfg = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .wire_format_policy(policy) - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); let charlie_group = MlsGroup::new_from_welcome( provider, - &cfg, + &mls_group_config, welcome.unwrap().into_welcome().unwrap(), Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/external_remove_proposal.rs b/openmls/src/group/tests/external_remove_proposal.rs index 24da3f2d9a..bb057e4e35 100644 --- a/openmls/src/group/tests/external_remove_proposal.rs +++ b/openmls/src/group/tests/external_remove_proposal.rs @@ -27,7 +27,7 @@ fn new_test_group( generate_credential_with_key(identity.into(), ciphersuite.signature_algorithm(), provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .external_senders(external_senders) diff --git a/openmls/src/group/tests/test_commit_validation.rs b/openmls/src/group/tests/test_commit_validation.rs index 8fed69bad1..2b734e6602 100644 --- a/openmls/src/group/tests/test_commit_validation.rs +++ b/openmls/src/group/tests/test_commit_validation.rs @@ -64,7 +64,7 @@ fn validation_test_setup( // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -73,7 +73,7 @@ fn validation_test_setup( let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_credential.signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential.credential_with_key.clone(), ) @@ -95,7 +95,7 @@ fn validation_test_setup( let bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.clone(), Some(alice_group.export_ratchet_tree().into()), ) @@ -103,7 +103,7 @@ fn validation_test_setup( let charlie_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome, Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/test_external_commit_validation.rs b/openmls/src/group/tests/test_external_commit_validation.rs index d0c2de87a4..8071501ebb 100644 --- a/openmls/src/group/tests/test_external_commit_validation.rs +++ b/openmls/src/group/tests/test_external_commit_validation.rs @@ -753,7 +753,7 @@ mod utils { group::{ config::CryptoConfig, tests::utils::{generate_credential_with_key, CredentialWithKeyAndSigner}, - MlsGroup, MlsGroupConfig, WireFormatPolicy, + MlsGroup, MlsGroupCreateConfig, WireFormatPolicy, }, }; @@ -783,7 +783,7 @@ mod utils { generate_credential_with_key("Bob".into(), ciphersuite.signature_algorithm(), provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -792,7 +792,7 @@ mod utils { let alice_group = MlsGroup::new( provider, &alice_credential.signer, - &mls_group_config, + &mls_group_create_config, alice_credential.credential_with_key.clone(), ) .unwrap(); diff --git a/openmls/src/group/tests/test_framing_validation.rs b/openmls/src/group/tests/test_framing_validation.rs index b217a72bd9..cbc63d6664 100644 --- a/openmls/src/group/tests/test_framing_validation.rs +++ b/openmls/src/group/tests/test_framing_validation.rs @@ -60,7 +60,7 @@ fn validation_test_setup( ); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -69,7 +69,7 @@ fn validation_test_setup( let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_credential.signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential.credential_with_key.clone(), ) @@ -90,7 +90,7 @@ fn validation_test_setup( let bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/test_past_secrets.rs b/openmls/src/group/tests/test_past_secrets.rs index dc33390996..6586b37dcb 100644 --- a/openmls/src/group/tests/test_past_secrets.rs +++ b/openmls/src/group/tests/test_past_secrets.rs @@ -40,7 +40,7 @@ fn test_past_secrets_in_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsP // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .max_past_epochs(max_epochs / 2) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -49,7 +49,7 @@ fn test_past_secrets_in_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsP let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_credential_with_keys.signer, - &mls_group_config, + &mls_group_create_config, group_id.clone(), alice_credential_with_keys.credential_with_key.clone(), ) @@ -70,7 +70,7 @@ fn test_past_secrets_in_group(ciphersuite: Ciphersuite, provider: &impl OpenMlsP let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/test_proposal_validation.rs b/openmls/src/group/tests/test_proposal_validation.rs index da6b902850..12a4bf6987 100644 --- a/openmls/src/group/tests/test_proposal_validation.rs +++ b/openmls/src/group/tests/test_proposal_validation.rs @@ -61,7 +61,7 @@ fn create_group_with_members( let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_credential_with_key_and_signer.signer, - &MlsGroupConfigBuilder::new() + &MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(), GroupId::from_slice(b"Alice's Friends"), @@ -106,7 +106,7 @@ fn new_test_group( generate_credential_with_key(identity.into(), ciphersuite.signature_algorithm(), provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -115,7 +115,7 @@ fn new_test_group( MlsGroup::new_with_group_id( provider, &credential_with_key_and_signer.signer, - &mls_group_config, + &mls_group_create_config, group_id, credential_with_key_and_signer.credential_with_key.clone(), ) @@ -155,9 +155,8 @@ fn validation_test_setup( alice_group.merge_pending_commit(provider).unwrap(); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .wire_format_policy(wire_format_policy) - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); let bob_group = MlsGroup::new_from_welcome( @@ -611,7 +610,7 @@ fn test_valsem101b(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_credential_with_key.signer, - &MlsGroupConfigBuilder::new() + &MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(), GroupId::from_slice(b"Alice's Friends"), diff --git a/openmls/src/group/tests/test_remove_operation.rs b/openmls/src/group/tests/test_remove_operation.rs index 213026ef36..dc8c148f70 100644 --- a/openmls/src/group/tests/test_remove_operation.rs +++ b/openmls/src/group/tests/test_remove_operation.rs @@ -61,7 +61,7 @@ fn test_remove_operation_variants(ciphersuite: Ciphersuite, provider: &impl Open ); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -69,7 +69,7 @@ fn test_remove_operation_variants(ciphersuite: Ciphersuite, provider: &impl Open let mut alice_group = MlsGroup::new_with_group_id( &alice_provider, &alice_credential_with_key_and_signer.signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key_and_signer.credential_with_key, ) @@ -92,7 +92,7 @@ fn test_remove_operation_variants(ciphersuite: Ciphersuite, provider: &impl Open let mut bob_group = MlsGroup::new_from_welcome( &bob_provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.clone(), Some(alice_group.export_ratchet_tree().into()), ) @@ -100,7 +100,7 @@ fn test_remove_operation_variants(ciphersuite: Ciphersuite, provider: &impl Open let mut charlie_group = MlsGroup::new_from_welcome( &charlie_provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome, Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/group/tests/test_wire_format_policy.rs b/openmls/src/group/tests/test_wire_format_policy.rs index 69d20ee9d4..c1acfa16bd 100644 --- a/openmls/src/group/tests/test_wire_format_policy.rs +++ b/openmls/src/group/tests/test_wire_format_policy.rs @@ -28,7 +28,7 @@ fn create_group( generate_credential_with_key("Alice".into(), ciphersuite.signature_algorithm(), provider); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupCreateConfig::builder() .wire_format_policy(wire_format_policy) .use_ratchet_tree_extension(true) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) @@ -74,9 +74,8 @@ fn receive_message( .merge_pending_commit(provider) .expect("error merging pending commit"); - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupJoinConfig::builder() .wire_format_policy(alice_group.configuration().wire_format_policy()) - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); let mut bob_group = MlsGroup::new_from_welcome( diff --git a/openmls/src/lib.rs b/openmls/src/lib.rs index 1a9438dd02..1d3a2b4414 100644 --- a/openmls/src/lib.rs +++ b/openmls/src/lib.rs @@ -88,7 +88,7 @@ //! let mut sasha_group = MlsGroup::new( //! provider, //! &sasha_signer, -//! &MlsGroupConfig::default(), +//! &MlsGroupCreateConfig::default(), //! sasha_credential_with_key, //! ) //! .expect("An unexpected error occurred."); @@ -124,7 +124,7 @@ //! // Now Maxim can join the group. //! let mut maxim_group = MlsGroup::new_from_welcome( //! provider, -//! &MlsGroupConfig::default(), +//! &MlsGroupJoinConfig::default(), //! welcome, //! // The public tree is need and transferred out of band. //! // It is also possible to use the [`RatchetTreeExtension`] diff --git a/openmls/src/messages/tests/test_welcome.rs b/openmls/src/messages/tests/test_welcome.rs index 0371b5b848..0eeea55d9b 100644 --- a/openmls/src/messages/tests/test_welcome.rs +++ b/openmls/src/messages/tests/test_welcome.rs @@ -15,7 +15,7 @@ use crate::{ extensions::Extensions, group::{ config::CryptoConfig, errors::WelcomeError, GroupContext, GroupId, MlsGroup, - MlsGroupConfigBuilder, + MlsGroupCreateConfig, }, messages::{ group_info::{GroupInfoTBS, VerifiableGroupInfo}, @@ -48,7 +48,7 @@ fn test_welcome_context_mismatch(ciphersuite: Ciphersuite, provider: &impl OpenM }; let group_id = GroupId::random(provider.rand()); - let mls_group_config = MlsGroupConfigBuilder::new() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -64,7 +64,7 @@ fn test_welcome_context_mismatch(ciphersuite: Ciphersuite, provider: &impl OpenM let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential_with_key, ) @@ -163,7 +163,7 @@ fn test_welcome_context_mismatch(ciphersuite: Ciphersuite, provider: &impl OpenM // Bob tries to join the group let err = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome, Some(alice_group.export_ratchet_tree().into()), ) @@ -196,7 +196,7 @@ fn test_welcome_context_mismatch(ciphersuite: Ciphersuite, provider: &impl OpenM let _group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), original_welcome, Some(alice_group.export_ratchet_tree().into()), ) diff --git a/openmls/src/test_utils/test_framework/client.rs b/openmls/src/test_utils/test_framework/client.rs index bcbe185b82..417ebfe9d6 100644 --- a/openmls/src/test_utils/test_framework/client.rs +++ b/openmls/src/test_utils/test_framework/client.rs @@ -79,12 +79,12 @@ impl Client { Ok(key_package) } - /// Create a group with the given [MlsGroupConfig] and [Ciphersuite], and return the created [GroupId]. + /// Create a group with the given [MlsGroupCreateConfig] and [Ciphersuite], and return the created [GroupId]. /// /// Returns an error if the client doesn't support the `ciphersuite`. pub fn create_group( &self, - mls_group_config: MlsGroupConfig, + mls_group_create_config: MlsGroupCreateConfig, ciphersuite: Ciphersuite, ) -> Result { let credential_with_key = self @@ -101,7 +101,7 @@ impl Client { let group_state = MlsGroup::new( &self.crypto, &signer, - &mls_group_config, + &mls_group_create_config, credential_with_key.clone(), )?; let group_id = group_state.group_id().clone(); @@ -113,12 +113,12 @@ impl Client { } /// Join a group based on the given `welcome` and `ratchet_tree`. The group - /// is created with the given `MlsGroupConfig`. Throws an error if no + /// is created with the given `MlsGroupCreateConfig`. Throws an error if no /// `KeyPackage` exists matching the `Welcome`, if the client doesn't /// support the ciphersuite, or if an error occurs processing the `Welcome`. pub fn join_group( &self, - mls_group_config: MlsGroupConfig, + mls_group_config: MlsGroupJoinConfig, welcome: Welcome, ratchet_tree: Option, ) -> Result<(), ClientError> { diff --git a/openmls/src/test_utils/test_framework/mod.rs b/openmls/src/test_utils/test_framework/mod.rs index c4d0b6f47c..1e83be5e9b 100644 --- a/openmls/src/test_utils/test_framework/mod.rs +++ b/openmls/src/test_utils/test_framework/mod.rs @@ -60,7 +60,7 @@ pub struct Group { pub group_id: GroupId, pub members: Vec<(usize, Vec)>, pub ciphersuite: Ciphersuite, - pub group_config: MlsGroupConfig, + pub group_config: MlsGroupJoinConfig, pub public_tree: RatchetTree, pub exporter_secret: Vec, } @@ -108,7 +108,7 @@ pub struct MlsGroupTestSetup { pub groups: RwLock>, // This maps key package hashes to client ids. pub waiting_for_welcome: RwLock, Vec>>, - pub default_mgc: MlsGroupConfig, + pub default_mgp: MlsGroupCreateConfig, /// Flag to indicate if messages should be serialized and de-serialized as /// part of message distribution pub use_codec: CodecUse, @@ -132,10 +132,14 @@ pub struct MlsGroupTestSetup { impl MlsGroupTestSetup { /// Create a new `MlsGroupTestSetup` with the given default - /// `MlsGroupConfig` and the given number of clients. For lifetime + /// `MlsGroupCreateConfig` and the given number of clients. For lifetime /// reasons, `create_clients` has to be called in addition with the same /// number of clients. - pub fn new(default_mgc: MlsGroupConfig, number_of_clients: usize, use_codec: CodecUse) -> Self { + pub fn new( + default_mgp: MlsGroupCreateConfig, + number_of_clients: usize, + use_codec: CodecUse, + ) -> Self { let mut clients = HashMap::new(); for i in 0..number_of_clients { let identity = i.to_be_bytes().to_vec(); @@ -175,7 +179,7 @@ impl MlsGroupTestSetup { clients: RwLock::new(clients), groups, waiting_for_welcome, - default_mgc, + default_mgp, use_codec, } } @@ -458,7 +462,7 @@ impl MlsGroupTestSetup { .read() .expect("An unexpected error occurred."); let mut groups = self.groups.write().expect("An unexpected error occurred."); - let group_id = group_creator.create_group(self.default_mgc.clone(), ciphersuite)?; + let group_id = group_creator.create_group(self.default_mgp.clone(), ciphersuite)?; let creator_groups = group_creator .groups .read() @@ -474,7 +478,7 @@ impl MlsGroupTestSetup { group_id: group_id.clone(), members: member_ids, ciphersuite, - group_config: self.default_mgc.clone(), + group_config: self.default_mgp.join_config.clone(), public_tree, exporter_secret, }; diff --git a/openmls/src/treesync/tests_and_kats/tests.rs b/openmls/src/treesync/tests_and_kats/tests.rs index 57d35802d7..dae428b523 100644 --- a/openmls/src/treesync/tests_and_kats/tests.rs +++ b/openmls/src/treesync/tests_and_kats/tests.rs @@ -3,7 +3,7 @@ use openmls_rust_crypto::OpenMlsRustCrypto; use crate::{ group::{ tests::utils::{generate_credential_with_key, CredentialWithKeyAndSigner}, - MlsGroup, MlsGroupConfig, + MlsGroup, MlsGroupCreateConfig, }, key_packages::KeyPackage, prelude::*, @@ -22,7 +22,7 @@ fn that_commit_secret_is_derived_from_end_of_update_path_not_root( ) { let _ = provider; // get rid of warning let crypto_config = CryptoConfig::with_default_version(ciphersuite); - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .crypto_config(crypto_config) .use_ratchet_tree_extension(true) .build(); @@ -94,7 +94,7 @@ fn that_commit_secret_is_derived_from_end_of_update_path_not_root( let mut alice_group = MlsGroup::new( &alice.provider, &alice.credential_with_key_and_signer.signer, - &mls_group_config, + &mls_group_create_config, alice .credential_with_key_and_signer .credential_with_key @@ -120,7 +120,7 @@ fn that_commit_secret_is_derived_from_end_of_update_path_not_root( let mut charlie_group = { MlsGroup::new_from_welcome( &charlie.provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().unwrap(), None, ) diff --git a/openmls/tests/book_code.rs b/openmls/tests/book_code.rs index 94ac69e5d1..3ac0574b8e 100644 --- a/openmls/tests/book_code.rs +++ b/openmls/tests/book_code.rs @@ -126,27 +126,27 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { provider, ); - // ANCHOR: mls_group_config_example - let mls_group_config = MlsGroupConfig::builder() + // ANCHOR: mls_group_create_config_example + let mls_group_create_config = MlsGroupCreateConfig::builder() .padding_size(100) .sender_ratchet_configuration(SenderRatchetConfiguration::new( 10, // out_of_order_tolerance 2000, // maximum_forward_distance )) .external_senders(vec![ExternalSender::new( - ds_credential_with_key.signature_key, - ds_credential_with_key.credential, + ds_credential_with_key.signature_key.clone(), + ds_credential_with_key.credential.clone(), )]) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .use_ratchet_tree_extension(true) .build(); - // ANCHOR_END: mls_group_config_example + // ANCHOR_END: mls_group_create_config_example // ANCHOR: alice_create_group let mut alice_group = MlsGroup::new( provider, &alice_signature_keys, - &mls_group_config, + &mls_group_create_config, alice_credential.clone(), ) .expect("An unexpected error occurred."); @@ -160,7 +160,7 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signature_keys, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential.clone(), ) @@ -169,6 +169,26 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { // Silence "unused variable" and "does not need to be mutable" warnings. let _ignore_mut_warning = &mut alice_group; + + // ANCHOR: alice_create_group_with_builder + let mut alice_group = MlsGroup::builder() + .padding_size(100) + .sender_ratchet_configuration(SenderRatchetConfiguration::new( + 10, // out_of_order_tolerance + 2000, // maximum_forward_distance + )) + .external_senders(vec![ExternalSender::new( + ds_credential_with_key.signature_key, + ds_credential_with_key.credential, + )]) + .crypto_config(CryptoConfig::with_default_version(ciphersuite)) + .use_ratchet_tree_extension(true) + .build(provider, &alice_signature_keys, alice_credential.clone()) + .expect("An unexpected error occurred."); + // ANCHOR_END: alice_create_group_with_builder + + // Silence "unused variable" and "does not need to be mutable" warnings. + let _ignore_mut_warning = &mut alice_group; } let group_id = alice_group.group_id().clone(); @@ -216,6 +236,17 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { assert_eq!(members[0].credential.identity(), b"Alice"); assert_eq!(members[1].credential.identity(), b"Bob"); + // ANCHOR: mls_group_config_example + let mls_group_config = MlsGroupJoinConfig::builder() + .padding_size(100) + .sender_ratchet_configuration(SenderRatchetConfiguration::new( + 10, // out_of_order_tolerance + 2000, // maximum_forward_distance + )) + .use_ratchet_tree_extension(true) + .build(); + // ANCHOR_END: mls_group_config_example + // ANCHOR: bob_joins_with_welcome let mut bob_group = MlsGroup::new_from_welcome( provider, @@ -479,7 +510,7 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut charlie_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(bob_group.export_ratchet_tree().into()), ) @@ -911,7 +942,7 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { // Bob creates a new group let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome_option .expect("Welcome was not returned") .into_welcome() @@ -1141,7 +1172,7 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome .unwrap() .into_welcome() @@ -1226,7 +1257,7 @@ fn book_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -1271,7 +1302,7 @@ fn test_empty_input_errors(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv ); // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( diff --git a/openmls/tests/test_decryption_key_index.rs b/openmls/tests/test_decryption_key_index.rs index 691fa49205..c3e4752d1e 100644 --- a/openmls/tests/test_decryption_key_index.rs +++ b/openmls/tests/test_decryption_key_index.rs @@ -13,10 +13,10 @@ fn decryption_key_index_computation(ciphersuite: Ciphersuite) { println!("Testing ciphersuite {ciphersuite:?}"); // Some basic setup functions for the MlsGroup. - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); let number_of_clients = 20; let setup = MlsGroupTestSetup::new( - mls_group_config, + mls_group_create_config, number_of_clients, CodecUse::StructMessages, ); diff --git a/openmls/tests/test_external_commit.rs b/openmls/tests/test_external_commit.rs index ec404c6c34..8a0967156d 100644 --- a/openmls/tests/test_external_commit.rs +++ b/openmls/tests/test_external_commit.rs @@ -9,7 +9,7 @@ fn create_alice_group( provider: &impl OpenMlsProvider, use_ratchet_tree_extension: bool, ) -> (MlsGroup, CredentialWithKey, SignatureKeyPair) { - let group_config = MlsGroupConfigBuilder::new() + let group_config = MlsGroupCreateConfig::builder() .use_ratchet_tree_extension(use_ratchet_tree_extension) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -88,9 +88,7 @@ fn test_external_commit(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide &bob_signature_keys, None, verifiable_group_info, - &MlsGroupConfigBuilder::new() - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) - .build(), + &MlsGroupJoinConfig::default(), b"", bob_credential, ) @@ -111,9 +109,7 @@ fn test_external_commit(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide &bob_signature_keys, None, verifiable_group_info_broken, - &MlsGroupConfigBuilder::new() - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) - .build(), + &MlsGroupJoinConfig::default(), b"", bob_credential, ) @@ -155,9 +151,7 @@ fn test_group_info(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { &bob_signature_keys, None, verifiable_group_info, - &MlsGroupConfigBuilder::new() - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) - .build(), + &MlsGroupJoinConfig::default(), b"", bob_credential, ) @@ -208,9 +202,7 @@ fn test_group_info(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { &bob_signature_keys, None, verifiable_group_info, - &MlsGroupConfigBuilder::new() - .crypto_config(CryptoConfig::with_default_version(ciphersuite)) - .build(), + &MlsGroupJoinConfig::default(), b"", bob_credential, ) diff --git a/openmls/tests/test_interop_scenarios.rs b/openmls/tests/test_interop_scenarios.rs index 2602de215c..6e54699445 100644 --- a/openmls/tests/test_interop_scenarios.rs +++ b/openmls/tests/test_interop_scenarios.rs @@ -22,7 +22,7 @@ fn one_to_one_join(ciphersuite: Ciphersuite) { println!("Testing ciphersuite {ciphersuite:?}"); let number_of_clients = 2; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); @@ -74,7 +74,7 @@ fn three_party_join(ciphersuite: Ciphersuite) { let number_of_clients = 3; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); @@ -141,7 +141,7 @@ fn multiple_joins(ciphersuite: Ciphersuite) { let number_of_clients = 3; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); @@ -194,7 +194,7 @@ fn update(ciphersuite: Ciphersuite) { let number_of_clients = 2; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); @@ -242,7 +242,7 @@ fn remove(ciphersuite: Ciphersuite) { let number_of_clients = 2; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); @@ -298,7 +298,7 @@ fn large_group_lifecycle(ciphersuite: Ciphersuite) { // "Large" is 20 for now. let number_of_clients = 20; let setup = MlsGroupTestSetup::new( - MlsGroupConfig::test_default(ciphersuite), + MlsGroupCreateConfig::test_default(ciphersuite), number_of_clients, CodecUse::StructMessages, ); diff --git a/openmls/tests/test_managed_api.rs b/openmls/tests/test_managed_api.rs index 44c8e81914..089f242b09 100644 --- a/openmls/tests/test_managed_api.rs +++ b/openmls/tests/test_managed_api.rs @@ -10,10 +10,10 @@ use openmls::{ #[apply(ciphersuites)] fn test_mls_group_api(ciphersuite: Ciphersuite) { // Some basic setup functions for the MlsGroup. - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); let number_of_clients = 20; let setup = MlsGroupTestSetup::new( - mls_group_config, + mls_group_create_config, number_of_clients, CodecUse::SerializedMessages, ); diff --git a/openmls/tests/test_mls_group.rs b/openmls/tests/test_mls_group.rs index edd25906e0..e7b6db6d47 100644 --- a/openmls/tests/test_mls_group.rs +++ b/openmls/tests/test_mls_group.rs @@ -79,7 +79,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(*wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -88,7 +88,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id.clone(), alice_credential.clone(), ) @@ -133,7 +133,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -349,7 +349,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let mut charlie_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(bob_group.export_ratchet_tree().into()), ) @@ -700,7 +700,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide // Bob creates a new group let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome_option .expect("Welcome was not returned") .into_welcome() @@ -892,7 +892,7 @@ fn mls_group_operations(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvide let mut bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), Some(alice_group.export_ratchet_tree().into()), ) @@ -968,7 +968,7 @@ fn addition_order(ciphersuite: Ciphersuite, provider: &impl OpenMlsProvider) { // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::builder() + let mls_group_config = MlsGroupCreateConfig::builder() .wire_format_policy(*wire_format_policy) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) .build(); @@ -1047,14 +1047,14 @@ fn test_empty_input_errors(ciphersuite: Ciphersuite, provider: &impl OpenMlsProv ciphersuite.signature_algorithm(), ); - // Define the MlsGroup configuration - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + // Define the MlsGroupCreateConfig + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential, ) @@ -1108,7 +1108,7 @@ fn mls_group_ratchet_tree_extension(ciphersuite: Ciphersuite, provider: &impl Op &bob_signer, ); - let mls_group_config = MlsGroupConfig::builder() + let mls_group_create_config = MlsGroupCreateConfig::builder() .wire_format_policy(*wire_format_policy) .use_ratchet_tree_extension(true) .crypto_config(CryptoConfig::with_default_version(ciphersuite)) @@ -1118,7 +1118,7 @@ fn mls_group_ratchet_tree_extension(ciphersuite: Ciphersuite, provider: &impl Op let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id.clone(), alice_credential.clone(), ) @@ -1132,7 +1132,7 @@ fn mls_group_ratchet_tree_extension(ciphersuite: Ciphersuite, provider: &impl Op // === Bob joins using the ratchet tree extension === let _bob_group = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), None, ) @@ -1164,13 +1164,13 @@ fn mls_group_ratchet_tree_extension(ciphersuite: Ciphersuite, provider: &impl Op &bob_signer, ); - let mls_group_config = MlsGroupConfig::test_default(ciphersuite); + let mls_group_create_config = MlsGroupCreateConfig::test_default(ciphersuite); // === Alice creates a group === let mut alice_group = MlsGroup::new_with_group_id( provider, &alice_signer, - &mls_group_config, + &mls_group_create_config, group_id, alice_credential.clone(), ) @@ -1184,7 +1184,7 @@ fn mls_group_ratchet_tree_extension(ciphersuite: Ciphersuite, provider: &impl Op // === Bob tries to join without the ratchet tree extension === let error = MlsGroup::new_from_welcome( provider, - &mls_group_config, + mls_group_create_config.join_config(), welcome.into_welcome().expect("Unexpected message type."), None, )