forked from wireapp/core-crypto
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ROADMAP.tasks
115 lines (109 loc) · 5.78 KB
/
ROADMAP.tasks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
CoreCrypto:
Keystore:
☐ Study WASM-related limitations of SQLite-backed storage. @high
* Requires compiling with emscripten for WASM, which artificially inflates the bundle size
* In an ideal world I'd like to target wasm32-unknown-unknown or wasm32-wasi to limit arcane `emcc` magic
* Study feasibility of SQLGlue + OTF encrypted flatbuffers
* 26/01/12: Nope! SQLGlue is async first it seems so that won't do it
* Update 25/01/22:
* OpenSSL is the major culprit of WASI incompatibility - fix in progress when I have time
* SQLite/Cipher makes heavy use of OpenSSL so OSSL is a blocker on that topic
✔ Wrap SQLCipher store @done (22-01-12 19:06)
✔ Add in-memory store capabilities @done (22-01-12 19:09)
✔ MLS @done (22-01-12 19:08)
✔ Store keying material @done (22-01-12 19:07)
✔ Retrieve keying material @done (22-01-12 19:07)
✔ Remove keying material @done (22-01-12 19:07)
✔ impl MLS trait @done (22-01-12 19:07)
✔ Proteus @done (22-01-12 19:08)
✔ Store prekey @done (22-01-12 19:08)
✔ Retrieve prekey @done (22-01-12 19:08)
✔ impl Proteus trait @done (22-01-12 19:08)
✔ Bench @done (22-01-12 19:08)
✔ Test @done (22-01-12 19:08)
MLS Provider:
✔ Crypto primitives: RustCrypto backend @done (22-01-12 19:08)
✔ Keystore: CoreCrypto Keystore @done (22-01-12 19:08)
✔ In-memory mode entrypoint @done (22-01-12 19:09)
CoreCrypto - Rust:
✔ Features @done (22-06-15 10:54)
✔ Client @done (22-06-15 10:54)
✔ Generate Client @done (22-01-12 19:02)
✔ Generate key material (n number keypackages) @done (22-01-17 18:04)
✔ Expose Client abstraction @done (22-06-15 10:54)
✔ Conversation @done (22-06-15 10:54)
✔ Create empty conversation @done (22-01-12 19:02)
✔ Create conversation with others @done (22-06-15 10:54)
✔ Encrypt & serialize message @done (22-01-12 19:02)
✔ Deserialize & decrypt message @done (22-01-12 19:02)
✔ Central @done (22-06-15 10:54)
✔ Init - db + mls groups in-mem store @done (22-01-12 19:02)
✔ Entrypoint for conversation management @done (22-01-12 19:02)
✔ Entrypoint for client management @done (22-06-15 10:54)
✔ Test @done (22-06-15 10:54)
✔ Bench @done (22-06-15 10:54)
CoreCrypto - FFI:
✔ Central @done (22-06-15 10:54)
✔ Client management @done (22-06-15 10:54)
✔ Conversation management @done (22-06-15 10:54)
☐ Bindings
☐ Swift
✔ Compile @done (22-02-21 10:55)
✔ Produce @done (22-01-25 18:19)
☐ Test
✔ Package in a XCFramework @done (22-02-21 10:55)
☐ Package in a Swift package
☐ Kotlin
✔ Compile @done (22-01-28 10:42)
✔ Produce @done (22-01-25 18:19)
☐ Test
✔ JS/TS @done (22-06-15 10:54)
✔ Compile to WASM @done (22-06-15 10:54)
✔ Write TS/JS bindings @done (22-06-15 10:54)
☐ Test w/ Deno
CoreCrypto - MLS Test Distribution Service:
☐ Core
✔ Actix-Web @done (22-01-12 19:20)
✔ graphql_async @done (22-01-12 19:20)
✔ SeaORM @done (22-01-12 19:20)
☐ Redis
☐ Features
☐ Client
✔ Register client with initial keying material @done (22-01-12 19:12)
☐ Get keybundle for client / user
☐ Conversation
☐ Create conversation
☐ Add members to conversation
☐ Prune keying material when used to add someone to a conversation @critical
☐ Send message
☐ Fetch messages
CryptoLib:
☐ Capabilities
☐ Support Proteus
✔ Support MLS @done (22-06-15 10:54)
☐ KeyStore
✔ MUST BE ENCRYPTED (with device key?) @done (22-06-15 10:54)
☐ Candidates
☐ SQLite (rusqlite) + https://github.com/sqlcipher/sqlcipher
- Super stable
☐ GlueSQL?
- Seems alright and has pluggable storage, meaning we can do OTF encrypt/decrypt file storage
- Supports WASM OOB
☐ Abstract actionable container on the plaintext data contained in the messages
☐ Implement Crypto Central that abstract both Proteus and MLS management
☐ Reflect events that happen in the group/sessions to respective contexts in the Crypto Central
☐ MLS
☐ Group events
☐ Generic Proposal
☐ Added to a group (Welcome)
☐ Alteration in group members' composition
☐ Group deleted
☐ Group Rekeying
☐ Proteus
☐ Conversation alterations
☐ New client added to the conversation (bound to its user? Or is that a privacy concern)
☐ Client removed from conversation aka HTTP 412
☐ Manual DH key ratchet started (is there a name for this kind of thing? Off-session ratcheting?)
☐ Facilities to encrypt/decrypt data using protocol-specific context (aka. Crypto Central)
☐ Abstract external parameters (prekeys, group configurations) so that it can be provided transparently, regardless from the protocol, and acted on appropriately
☐ If the keystore is managed in CryptoLib, handle key rotation transparently