core-crypto
9.3.3.4-kmpindexedUnified MLS and Proteus cryptography API with FFI bindings, encrypted keystore, RustCrypto MLS provider, testing, benchmarks and release tooling.
Unified MLS and Proteus cryptography API with FFI bindings, encrypted keystore, RustCrypto MLS provider, testing, benchmarks and release tooling.
This repository is part of the source code of Wire. You can find more information at wire.com or by contacting opensource@wire.com.
You can find the published source code at github.com/wireapp/wire.
For licensing information, see the attached LICENSE file and the list of third-party licenses at wire.com/legal/licenses/.
No license is granted to the Wire trademark and its associated logos, all of which will continue to be owned exclusively by Wire Swiss GmbH. Any use of the Wire trademark and/or its associated logos is expressly prohibited without the express prior written consent of Wire Swiss GmbH.
See ARCHITECTURE.md
If you're using macOS, you'll also need to install GNU sed:
brew install gnu-sed make
and add aliases to your shell configuration file: alias sed=gsed, aliase make=gmake (e.g. to ~/.zshenv if you're using zsh).
pre-commit frameworkpre-commit install to initialize the pre-commit hooksInstall Android SDK and Build-Tools for API level 30+
[!IMPORTANT] If you are building on macOS you'll need to setup
$ANDROID_SDK_ROOTpath variable manually:export ANDROID_SDK_ROOT=~/Android/Sdk
Install the Android NDK. Make sure to set the
ANDROID_NDK_HOME variable to point to the NDK installation.
Install android rust targets:
rustup target add x86_64-linux-android aarch64-linux-android armv7-linux-androideabi
Build:
make android
Install Xcode & its command-line tools: https://developer.apple.com/xcode/.
Install iOS rust targets:
rustup target add aarch64-apple-ios aarch64-apple-ios-sim
Build:
make ios
# Additionally, if you want to export a .XCFramework:
make ios-create-xcframework
Install macOS rust targets:
rustup target add aarch64-apple-darwin
[!NOTE] If cross-compiling from macOS, you'll need to install https://github.com/messense/homebrew-macos-cross-toolchains.
Install Linux targets:
rustup target add x86_64-unknown-linux-gnu
Make sure you have all prerequisites:
wasm32-unknown-unknown toolchain: rustup target add wasm32-unknown-unknownBuild:
make ts
Build bindings for Android, JVM, iOS and WASM
# builds bindings and targets for the JVM (macOS / Linux)
make jvm
# builds bindings and targets for Android
make android
# builds iOS framework
make ios-create-xcframework
# builds wasm binary & TS bindings
make ts
# Install cargo-nextest if you haven't done so, it yields some substantial speedup
cargo install cargo-nextest
cargo nextest run
If you haven't already, install the target and wasm-pack:
rustup target add wasm32-unknown-unknown
cargo install wasm-pack
If you want to test for chrome, get chromedriver or the webdriver for the browser you want to test for, respectively.
Then, to run tests for a crate in the workspace do
wasm-pack test --headless --chrome ./<crate-folder-to-test>
[!WARNING] This takes quite a while.
cargo nextest run --features test-all-cipher
make jvm-test
make android-test
No E2E testing is available as of now on Swift.
make ts-test
Note the CC_TEST_LOG_LEVEL environment variable. At 1 it emits browser console logs; at 2 it also emits CoreCrypto logs.
There are benches implemented in crypto/benches for several operations on mls groups with varying sizes or proteus.
Parameters like minimum or maximum group sizes and step sizes are defined in crypto/benches/utils/mod.rs.
To execute the benches, e.g. for creating commits, run
cargo bench --bench=commit -- --quick
where commit is the name of the bench specified in crypto/Cargo.toml, and the corresponding file in crypto/benches.
In case you're interested in higher accuracy, and willing to trade it for execution speed, omit the flag.
If you need reporting plots, remove the call in .
The reports generated by criterion will be located in .
The versioning scheme used is SemVer AKA Semantic Versioning.
Publishing Android / JVM bindings happens automatically by a github workflow when a release tag is pushed.
If you would like to publish the bindings to a local Maven cache, run:
cd crypto-ffi/bindings
./gradlew :jvm:publishToMavenLocal
./gradlew :android:publishToMavenLocal
Publishing JS / WASM bindings happens automatically by a github workflow when a release tag is pushed.
If you would like to publish to @wireapp/core-crypto manually, log into NPM and
just run bun publish.
--quick.without_plots()target/criterionmain branch is used as the everyday development branch.main.release/<series>, e.g. release/1.x, release/2.x.main.git merge-base main release/2.x must be a commit pointed to by tag v2.0.0.[TICKET_ID].main to prepare for release (git checkout -b prepare-release/X.Y.Z)sh scripts/update-versions.sh X.Y.Z to update the versions of
package.jsoncrypto-ffi/bindings/gradle.properties
Make sure the result of the script run is correct.git cliff --bump --unreleased
and add it to the top of CHANGELOG.md.
Make sure the version number generated by git cliff matches the release version.## v1.0.2 - 2024-08-16
### Highlights
- foo
- bar
- baz
x.x.x with X.Y.Z.prepare-release/X.Y.Z branch and create a PR for itmain and remove the prepare-release/X.Y.Z branch from the remotemain: git checkout main && git pullgit tag -s vX.Y.Zgit push origin tag vX.Y.ZCHANGELOG.mdCHANGELOG.md from the release commit itselfCHANGELOG.md and get them into main4.x and newer, docs upload happens automatically.
If you released from the series 3.x or older, you need to trigger docs upload manually:
Run workflow buttonUse workflow from dropdown, choose release/5.x, in Tag to checkout provide your release tagSurfaced from shared tags and platforms — no rankings paid for.