openmls 0.8.1

A Rust implementation of the Messaging Layer Security (MLS) protocol, as defined in RFC 9420.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278

use crate::component::{ComponentData, ComponentId};
use serde::{Deserialize, Serialize};
use std::collections::BTreeMap;
use tls_codec::{TlsDeserialize, TlsDeserializeBytes, TlsSerialize, TlsSize, VLBytes};

#[derive(thiserror::Error, Debug)]
enum BuildAppDataDictionaryError {
    #[error("entries not in order")]
    EntriesNotInOrder,
    #[error("duplicate entries")]
    DuplicateEntries,
}

/// Serializable app data dictionary in the [`AppDataDictionaryExtension`].
///
/// This struct contains a list of [`ComponentData`] entries.
/// Entries are in order, and there is at most one entry per [`ComponentId`].
/// These properties are checked upon creation, as well as upon deserialization.
#[derive(PartialEq, Eq, Clone, Debug, Default, Serialize, Deserialize)]
pub struct AppDataDictionary {
    // NOTE: A BTreeMap is used here to ensure that the data is ordered by keys,
    // and unique. Since this also goes into the actual MLS Extension message, you could argue that
    // this should be a Vec<ComponentData>. However, inserting in the middle is much easier (and
    // cheaper) with the BTreeMap. The one thing that is a bit slower now is the `len` method,
    // which iterates over all keys.
    component_data: BTreeMap<ComponentId, ComponentData>,
}

impl AppDataDictionary {
    /// Initialize a new, empty [`AppDataDictionary`].
    pub fn new() -> Self {
        Self {
            component_data: BTreeMap::new(),
        }
    }
    /// Returns an iterator over the [`ComponentData`] entries,
    /// ordered by [`ComponentId`].
    pub fn entries(&self) -> impl Iterator<Item = &ComponentData> {
        self.component_data.values()
    }

    /// Returns the data that is currently stored in the [`AppDataDictionary`].
    pub fn to_entries(self) -> Vec<ComponentData> {
        self.entries().cloned().collect()
    }

    /// Returns the number of entries in the dictionary.
    pub fn len(&self) -> usize {
        self.component_data.len()
    }

    /// Returns whether the dictionary has entries.
    pub fn is_empty(&self) -> bool {
        self.component_data.is_empty()
    }

    /// Get a reference to an entry in the dictionary.
    pub fn get(&self, component_id: &ComponentId) -> Option<&[u8]> {
        self.component_data
            .get(component_id)
            .map(|component_data| component_data.data())
    }

    /// Insert an entry into the dictionary. If an entry for this [`ComponentId`] already exists,
    /// replace the old entry and return it.
    pub fn insert(&mut self, component_id: ComponentId, data: Vec<u8>) -> Option<VLBytes> {
        self.component_data
            .insert(
                component_id,
                ComponentData::from_parts(component_id, data.into()),
            )
            .map(|component_data| component_data.into_data())
    }

    /// Returns `true` if the dictionary contains an entry for the specified [`ComponentId`].
    pub fn contains(&self, component_id: &ComponentId) -> bool {
        self.component_data.contains_key(component_id)
    }

    /// Remove an entry from the dictionary by [`ComponentId`]. If this entry exists,
    /// return it.
    pub fn remove(&mut self, component_id: &ComponentId) -> Option<VLBytes> {
        self.component_data
            .remove(component_id)
            .map(|component_data| component_data.into_data())
    }

    /// Creates an [`AppDataDictionary`] from an `impl IntoIterator<Item = ComponentData>`.
    ///
    /// Ensures that the list is ordered by [`ComponentId`], and that there is at most one entry per [`ComponentId`].
    /// <https://datatracker.ietf.org/doc/html/draft-ietf-mls-extensions#section-4.6-5>
    fn try_from_data(
        data: impl IntoIterator<Item = ComponentData>,
    ) -> Result<Self, BuildAppDataDictionaryError> {
        let mut map = BTreeMap::<ComponentId, ComponentData>::new();

        for component_data in data {
            let (component_id, data) = component_data.into_parts();
            // Check for duplicates
            if map.contains_key(&component_id) {
                return Err(BuildAppDataDictionaryError::DuplicateEntries);
            }

            // Check the ordering
            // The component id must be greater than all previous component ids
            if let Some((max, _)) = map.last_key_value() {
                if *max > component_id {
                    return Err(BuildAppDataDictionaryError::EntriesNotInOrder);
                }
            }
            // Update the last component id
            let _ = map.insert(component_id, ComponentData::from_parts(component_id, data));
        }

        Ok(Self {
            component_data: map,
        })
    }
}

impl tls_codec::Size for AppDataDictionary {
    fn tls_serialized_len(&self) -> usize {
        // get length without copying
        let data: Vec<&ComponentData> = self.entries().collect();
        data.tls_serialized_len()
    }
}

impl tls_codec::Serialize for AppDataDictionary {
    fn tls_serialize<W: std::io::Write>(&self, writer: &mut W) -> Result<usize, tls_codec::Error> {
        // serialize without copying
        let data: Vec<&ComponentData> = self.entries().collect();
        data.tls_serialize(writer)
    }
}

impl tls_codec::Deserialize for AppDataDictionary {
    /// Deserialize from bytes.
    ///
    /// This function also ensures that the [`ComponentData`] entries are in order by
    /// [`ComponentId`], and there is at most one entry per [`ComponentId`].
    fn tls_deserialize<R: std::io::Read>(bytes: &mut R) -> Result<Self, tls_codec::Error> {
        // First deserialize as vector of ComponentData
        let data = Vec::<ComponentData>::tls_deserialize(bytes)?;

        // Convert to an AppDataDictionary
        AppDataDictionary::try_from_data(data)
            .map_err(|e| tls_codec::Error::DecodingError(e.to_string()))
    }
}

impl tls_codec::DeserializeBytes for AppDataDictionary {
    fn tls_deserialize_bytes(bytes: &[u8]) -> Result<(Self, &[u8]), tls_codec::Error> {
        use tls_codec::{Deserialize, Size};
        let mut bytes_ref = bytes;
        let dictionary = Self::tls_deserialize(&mut bytes_ref)?;

        let remainder = &bytes[dictionary.tls_serialized_len()..];

        Ok((dictionary, remainder))
    }
}

/// App Data Dictionary Extension.
///
/// <https://datatracker.ietf.org/doc/html/draft-ietf-mls-extensions#section-4.6-3>
#[derive(
    PartialEq,
    Eq,
    Clone,
    Debug,
    Default,
    Serialize,
    Deserialize,
    TlsSerialize,
    TlsDeserialize,
    TlsDeserializeBytes,
    TlsSize,
)]
pub struct AppDataDictionaryExtension {
    dictionary: AppDataDictionary,
}

impl AppDataDictionaryExtension {
    /// Return the [`AppDataDictionary`] from this extension.
    pub fn dictionary(&self) -> &AppDataDictionary {
        &self.dictionary
    }
    /// Build a new extension from an [`AppDataDictionary`].
    pub fn new(dictionary: AppDataDictionary) -> Self {
        Self { dictionary }
    }
}

#[cfg(test)]
mod test {
    use super::*;
    use tls_codec::{Deserialize, Serialize};

    #[openmls_test::openmls_test]
    fn test_serialize_deserialize() {
        // build a dictionary with one entry
        let mut dictionary = AppDataDictionary::new();
        let _ = dictionary.insert(0, vec![]);
        let _ = dictionary.insert(0, vec![1, 2, 3]);

        assert_eq!(dictionary.len(), 1);

        // build a dictionary with multiple entries
        let mut dictionary_orig = AppDataDictionary::new();
        let _ = dictionary_orig.insert(5, vec![]);
        let _ = dictionary_orig.insert(0, vec![1, 2, 3]);

        assert_eq!(dictionary_orig.len(), 2);

        // create an extension from the dictionary
        let extension_orig = AppDataDictionaryExtension::new(dictionary_orig.clone());

        // test serialization and deserialization of constructed dictionary
        let bytes = extension_orig.tls_serialize_detached().unwrap();
        let extension_deserialized =
            AppDataDictionaryExtension::tls_deserialize(&mut bytes.as_slice()).unwrap();
        assert_eq!(extension_orig, extension_deserialized);
    }
    #[openmls_test::openmls_test]
    fn test_serialization_empty() {
        // build a dictionary with no entries
        let dictionary_orig = AppDataDictionary::new();

        assert_eq!(dictionary_orig.len(), 0);

        // create an extension from the dictionary
        let extension_orig = AppDataDictionaryExtension::new(dictionary_orig.clone());

        // test serialization and deserialization of constructed dictionary
        let bytes = extension_orig.tls_serialize_detached().unwrap();
        let extension_deserialized =
            AppDataDictionaryExtension::tls_deserialize(&mut bytes.as_slice()).unwrap();
        assert_eq!(extension_orig, extension_deserialized);
    }
    // TODO: replace with FrankenApppDataDictionary
    #[openmls_test::openmls_test]
    fn test_serialization_invalid() {
        // incorrect dictionary with repeat entries
        // serialize the raw content
        let component_data = vec![
            ComponentData::from_parts(5, vec![].into()),
            ComponentData::from_parts(5, vec![1, 2, 3].into()),
            ComponentData::from_parts(9, vec![].into()),
        ];

        let serialized = component_data.tls_serialize_detached().unwrap();
        let err = AppDataDictionary::tls_deserialize_exact(serialized).unwrap_err();
        assert_eq!(
            err,
            tls_codec::Error::DecodingError(
                BuildAppDataDictionaryError::DuplicateEntries.to_string()
            )
        );

        // incorrect dictionary with out-of-order entries
        // serialize the raw content
        let component_data = vec![
            ComponentData::from_parts(5, vec![].into()),
            ComponentData::from_parts(9, vec![].into()),
            ComponentData::from_parts(4, vec![1, 2, 3].into()),
        ];

        let serialized = component_data.tls_serialize_detached().unwrap();
        let err = AppDataDictionary::tls_deserialize_exact(serialized).unwrap_err();
        assert_eq!(
            err,
            tls_codec::Error::DecodingError(
                BuildAppDataDictionaryError::EntriesNotInOrder.to_string()
            )
        );
    }
}