This repository is part of the source code of Wire. You can find more information at wire.com or by contacting opensource@wire.com.
You can find the published source code at github.com/wireapp/wire.
For licensing information, see the attached LICENSE file and the list of third-party licenses at wire.com/legal/licenses/.
No license is granted to the Wire trademark and its associated logos, all of which will continue to be owned exclusively by Wire Swiss GmbH. Any use of the Wire trademark and/or its associated logos is expressly prohibited without the express prior written consent of Wire Swiss GmbH.
- CoreCrypto: Abstracts MLS & Proteus in a unified API
- CoreCryptoFFI: FFI bindings for iOS, Android and WASM
- Keystore: Encrypted Keystore powered by SQLCipher on all platforms except WASM. WASM uses an IndexedDB-backed, encrypted store with AES256-GCM
- MlsProvider: RustCrypto + Keystore MLS provider
See ARCHITECTURE.md
Install Android SDK and Build-Tools for API level 30+
[!important] If you are building on macOS you'll need to setup
$ANDROID_SDK_ROOT
path variable manually:export ANDROID_SDK_ROOT=~/Android/Sdk
Install android rust targets:
rustup target add x86_64-linux-android aarch64-linux-android armv7-linux-androideabi i686-linux-android
Build:
cd crypto-ffi
cargo make android
cd bindings
./gradlew android:build
Install Xcode & its command-line tools: https://developer.apple.com/xcode/.
Install iOS rust targets:
rustup target add aarch64-apple-ios x86_64-apple-ios aarch64-apple-ios-sim
Build:
cd crypto-ffi
cargo make ios
# Additionally, if you want to export a .XCFramework:
cargo make ios-create-xcframework
Install macOS rust targets:
rustup target add x86_64-apple-darwin aarch64-apple-darwin
[!note] If cross-compiling from macOS, you'll need to install https://github.com/messense/homebrew-macos-cross-toolchains.
Install Linux targets:
rustup target add x86_64-unknown-linux-gnu
Make sure you have all prerequisites:
- Install wasm-pack
- Install the
wasm32-unknown-unknown
toolchain:rustup target add wasm32-unknown-unknown
- Install node.js (recommended way is via Volta)
- Install Bun (follow the instructions on Bun's website)
Build:
cd crypto-ffi
cargo make wasm
Build bindings for Android, JVM, iOS and WASM
cd crypto-ffi
# builds bindings and targets for the JVM (macOS / Linux)
cargo make jvm
# builds bindings and targets for Android
cargo make android
# builds iOS framework
cargo make ios-create-xcframework
# builds wasm binary & TS bindings
cargo make wasm
# Install cargo-nextest if you haven't done so, it yields some substantial speedup
cargo install cargo-nextest
cargo nextest run
[!warning] This takes quite a while.
cargo nextest run --features test-all-cipher
- Take the steps to compile for Kotlin/Android
- Then:
cd crypto-ffi/bindings
./gradlew test
No E2E testing is available as of now on Swift.
- Take the steps to compile for WASM/Web
- Then:
cd crypto-ffi
bun test
There are benches implemented in crypto/benches
for several operations on mls groups with varying sizes or proteus.
Parameters like minimum or maximum group sizes and step sizes are defined in crypto/benches/utils/mod.rs
.
To execute the benches, e.g. for creating commits, run
cargo bench --bench=commit -- --quick
where commit
is the name of the bench specified in crypto/Cargo.toml
, and the corresponding file in crypto/benches
.
In case you're interested in higher accuracy, and willing to trade it for execution speed, omit the --quick
flag.
If you need reporting plots, remove the .without_plots()
call in crypto/benches/utils/mod.rs
.
The reports generated by criterion will be located in target/criterion
.
- The
main
branch is only updated when making a release and should always point to the latest release. - The
develop
branch is used as the everyday development branch. - No merge commits. Always rebase on top of
develop
. - Use conventional commits -- those are picked up by the changelog generator.
- If there is a JIRA ticket related to the change, you should mention it in either the PR title or the commit(s),
with the following format:
[TICKET_ID]
. - Sign your commits and tags.
- Remove branches from the remote once you don't need them anymore.
The versioning scheme used is SemVer AKA Semantic Versioning.
- Make a release branch started from
develop
(git checkout -b release/X.Y.Z
) - Run
cargo xtask release bump [major|minor|patch|rc|pre] --dry-run
, check if it's the expected result - If all seems fine, re-run the previous command without the
--dry-run
argument. This will bump the versions of:- all workspace member crates
package.json
crypto-ffi/bindings/gradle.properties
- Edit
CHANGELOG.tpl
with the contents of the release.- Copy the git-conventional block from the previous release to your new release, modify the version tag
- Remove the
unreleased=true
from the previous release - Try to write some human concise documentation so that client teams understand the changes at a glance
- Run
cargo xtask documentation changelog
to generate the correspondingCHANGELOG.md
- Make sure the changes look reasonable and complete; you can use this commit as a reference.
- Push your
release/X.Y.Z
branch and create a PR for it - Get it reviewed, then merge it into
develop
and remove the release branch from the remote. - Now, pull your local develop
git checkout develop && git pull
- Update the
main
branch:git checkout main && git pull && git merge --ff-only develop
- Create the release tag:
git tag -s vX.Y.Z
- Push the branch and the new tag:
git push origin main && git push --tags
- Voilà!
Publishing Android / JVM bindings happens automatically by a github workflow when a release tag is pushed.
If you would like to publish the bindings to a local maven cache, run:
cd crypto-ffi/bindings/android
./gradlew :jvm:publishToMavenLocal
./gradlew :android:publishToMavenLocal
Publishing JS / WASM bindings happens automatically by a github workflow when a release tag is pushed.
If you would like to publish to @wireapp/core-crypto
manually, log into NPM and
just run npm publish
.