SealdSDK
class SealdSDK@JvmOverloadsconstructor(apiURL: String = "https://api.seald.io/", appId: String, databasePath: String? = null, databaseEncryptionKey: ByteArray? = null, instanceName: String = "SealdSDK", logLevel: Byte = 0, logNoColor: Boolean = true, encryptionSessionCacheTTL: Duration? = Duration.ZERO, keySize: Int = 4096)
This is the main class for the Seald SDK. It represents an instance of the Seald SDK.
Parameters
apiURL | The Seald server for this instance to use. This value is given on your Seald dashboard. |
appId | The ID given by the Seald server to your app. This value is given on your Seald dashboard. |
databasePath | The path where to store the local Seald database. If no path is passed, uses an in-memory only database. |
databaseEncryptionKey | The encryption key with which to encrypt the local Seald database. Required when passing databasePath . This must be the Base64 string encoding of a cryptographically random buffer of 64 bytes. |
instanceName | An arbitrary name to give to this Seald instance. Can be useful for debugging when multiple instances are running in parallel, as it is added to logs. |
logLevel | The minimum level of logs you want. All logs of this level or above will be displayed. -1 : Trace; 0 : Debug; 1 : Info; 2 : Warn; 3 : Error; 4 : Fatal; 5 : Panic; 6 : NoLevel; 7 : Disabled. |
logNoColor | Should be set to false if you want to enable colors in the log output. Defaults to true . |
encryptionSessionCacheTTL | The duration of cache lifetime. null to cache forever. Default to 0 (no cache). |
keySize | The Asymmetric key size for newly generated keys. Defaults to 4096 . Warning: for security, it is extremely not recommended to lower this value. For advanced use only. |
Throws
SealdException |
Constructors
SealdSDK | @JvmOverloads constructor(apiURL: String = "https://api.seald.io/", appId: String, databasePath: String? = null, databaseEncryptionKey: ByteArray? = null, instanceName: String = "SealdSDK", logLevel: Byte = 0, logNoColor: Boolean = true, encryptionSessionCacheTTL: Duration? = Duration.ZERO, keySize: Int = 4096) |
Functions
Name | Summary |
---|---|
addConnector | @JvmOverloads fun addConnector(value: String, connectorType: ConnectorType, preValidationToken: PreValidationToken? = null): Connector Add a connector to the current identity. If no preValidationToken is given, the connector will need to be validated before use. |
addConnectorAsync | @JvmOverloads suspend fun addConnectorAsync(value: String, connectorType: ConnectorType, preValidationToken: PreValidationToken? = null): Connector Add a connector to the current identity. If no preValidationToken is given, the connector will need to be validated before use. |
addGroupMembers | @JvmOverloads fun addGroupMembers(groupId: String, membersToAdd: Array<String>, adminsToSet: Array<String> = emptyArray(), privateKeys: PreGeneratedKeys? = null) Add members to a group. Can only be done by a group administrator. Can also specify which of these newly added group members should also be admins. |
addGroupMembersAsync | @JvmOverloads suspend fun addGroupMembersAsync(groupId: String, membersToAdd: Array<String>, adminsToSet: Array<String> = emptyArray(), privateKeys: PreGeneratedKeys? = null) Add members to a group. Can only be done by a group administrator. Can also specify which of these newly added group members should also be admins. |
checkSigchainHash | @JvmOverloads fun checkSigchainHash(userId: String, expectedHash: String, position: Long = -1): CheckSigchainResponse Verify if a given hash is included in the recipient's sigchain. Use the position option to check the hash of a specific sigchain transaction. |
checkSigchainHashAsync | @JvmOverloads suspend fun checkSigchainHashAsync(userId: String, expectedHash: String, position: Long = -1): CheckSigchainResponse Verify if a given hash is included in the recipient's sigchain. Use the position option to check the hash of a specific sigchain transaction. |
close | fun close() Close the current SDK instance. This frees any lock on the current database. After calling close, the instance cannot be used anymore. |
closeAsync | suspend fun closeAsync() Close the current SDK instance. This frees any lock on the current database. After calling close, the instance cannot be used anymore. |
convertGroupTMRTemporaryKey | @JvmOverloads fun convertGroupTMRTemporaryKey(groupId: String, temporaryKeyId: String, tmrJWT: String, rawOverEncryptionKey: ByteArray, deleteOnConvert: Boolean = false) Convert a group TMR temporary key to become a group member. |
convertGroupTMRTemporaryKeyAsync | @JvmOverloads suspend fun convertGroupTMRTemporaryKeyAsync(groupId: String, temporaryKeyId: String, tmrJWT: String, rawOverEncryptionKey: ByteArray, deleteOnConvert: Boolean = false) Convert a group TMR temporary key to become a group member. |
convertTmrAccesses | @JvmOverloads fun convertTmrAccesses(tmrJWT: String, overEncryptionKey: ByteArray, conversionFilters: TMRAccessesConvertFilters? = null, deleteOnConvert: Boolean = true): ConvertTmrAccessesResponse Convert all TMR Accesses addressed to a given auth factor and matching specified filters to classic message keys. All TMR accesses matching the specified filters must have been encrypted with the same overEncryptionKey . |
convertTmrAccessesAsync | @JvmOverloads suspend fun convertTmrAccessesAsync(tmrJWT: String, overEncryptionKey: ByteArray, conversionFilters: TMRAccessesConvertFilters? = null, deleteOnConvert: Boolean = true): ConvertTmrAccessesResponse Convert all TMR Accesses addressed to a given auth factor and matching specified filters to classic message keys. All TMR accesses matching the specified filters must have been encrypted with the same overEncryptionKey . |
createAccount | @JvmOverloads fun createAccount(signupJWT: String, displayName: String = "", deviceName: String = "", privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)): AccountInfo Create a new Seald SDK account for this Seald SDK instance. This function can only be called if the current SDK instance does not have an account yet. |
createAccountAsync | @JvmOverloads suspend fun createAccountAsync(signupJWT: String, displayName: String = "", deviceName: String = "", privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)): AccountInfo Create a new Seald SDK account for this Seald SDK instance. This function can only be called if the current SDK instance does not have an account yet. |
createEncryptionSession | @JvmOverloads fun createEncryptionSession(recipients: Array<RecipientWithRights>, useCache: Boolean = true): EncryptionSession Create an encryption session, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. Warning : if you want to be able to retrieve the session later, you must put your own UserId in the recipients argument. |
createEncryptionSessionAsync | @JvmOverloads suspend fun createEncryptionSessionAsync(recipients: Array<RecipientWithRights>, useCache: Boolean = true): EncryptionSession Create an encryption session, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. Warning : if you want to be able to retrieve the session later, you must put your own UserId in the recipients argument. |
createGroup | fun createGroup(groupName: String, members: Array<String>, admins: Array<String>, privateKeys: PreGeneratedKeys? = null): String Create a group, and returns the created group's ID. admins must also be members. admins must include yourself. |
createGroupAsync | suspend fun createGroupAsync(groupName: String, members: Array<String>, admins: Array<String>, privateKeys: PreGeneratedKeys? = null): String Create a group, and returns the created group's ID. admins must also be members. admins must include yourself. |
createGroupTMRTemporaryKey | @JvmOverloads fun createGroupTMRTemporaryKey(groupId: String, authFactor: AuthFactor, rawOverEncryptionKey: ByteArray, isAdmin: Boolean = false): GroupTmrTemporaryKey Create a group TMR temporary key, and returns the created GroupTmrTemporaryKey instance. |
createGroupTMRTemporaryKeyAsync | @JvmOverloads suspend fun createGroupTMRTemporaryKeyAsync(groupId: String, authFactor: AuthFactor, rawOverEncryptionKey: ByteArray, isAdmin: Boolean = false): GroupTmrTemporaryKey Create a group TMR temporary key, and returns the created GroupTmrTemporaryKey instance. |
createSubIdentity | @JvmOverloads fun createSubIdentity(deviceName: String = "", privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)): CreateSubIdentityResponse Create a new sub-identity, or new device, for the current user account. After creating this new device, you will probably want to call SealdSDK.massReencrypt, so that the newly created device will be able to decrypt EncryptionSessions previously created for this account. |
createSubIdentityAsync | @JvmOverloads suspend fun createSubIdentityAsync(deviceName: String = "", privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)): CreateSubIdentityResponse Create a new sub-identity, or new device, for the current user account. After creating this new device, you will probably want to call SealdSDK.massReencrypt, so that the newly created device will be able to decrypt EncryptionSessions previously created for this account. |
deleteGroupTMRTemporaryKey | fun deleteGroupTMRTemporaryKey(groupId: String, temporaryKeyId: String) Delete a group TMR temporary key. |
deleteGroupTMRTemporaryKeyAsync | @JvmOverloads suspend fun deleteGroupTMRTemporaryKeyAsync(groupId: String, temporaryKeyId: String) Delete a group TMR temporary key. |
devicesMissingKeys | @JvmOverloads fun devicesMissingKeys(forceLocalAccountUpdate: Boolean = false): Array<DeviceMissingKeys> List which of the devices of the current account are missing keys, so you can call SealdSDK.massReencrypt for them. |
devicesMissingKeysAsync | @JvmOverloads suspend fun devicesMissingKeysAsync(forceLocalAccountUpdate: Boolean = false): Array<DeviceMissingKeys> List which of the devices of the current account are missing keys, so you can call SealdSDK.massReencrypt for them. |
exportIdentity | fun exportIdentity(): ByteArray Export the current device as an identity export. |
exportIdentityAsync | suspend fun exportIdentityAsync(): ByteArray Export the current device as an identity export. |
getConnectorsFromSealdId | fun getConnectorsFromSealdId(sealdId: String): Array<Connector> List all connectors know locally for a given sealdId. |
getConnectorsFromSealdIdAsync | suspend fun getConnectorsFromSealdIdAsync(sealdId: String): Array<Connector> List all connectors know locally for a given sealdId. |
getCurrentAccountInfo | fun getCurrentAccountInfo(): AccountInfo? Return information about the current account, or null if there is none. |
getCurrentAccountInfoAsync | suspend fun getCurrentAccountInfoAsync(): AccountInfo? Return information about the current account, or null if there is none. |
getSealdIdsFromConnectors | fun getSealdIdsFromConnectors(connectorTypeValues: Array<ConnectorTypeValue>): Array<String> Get all the info for the given connectors to look for, updates the local cache of connectors, and returns a slice with the corresponding SealdIds. SealdIds are not de-duped and can appear for multiple connector values. If one of the connectors is not assigned to a Seald user, this will return a ErrorGetSealdIdsUnknownConnector error, with the details of the missing connector. |
getSealdIdsFromConnectorsAsync | suspend fun getSealdIdsFromConnectorsAsync(connectorTypeValues: Array<ConnectorTypeValue>): Array<String> Get all the info for the given connectors to look for, updates the local cache of connectors, and returns a slice with the corresponding SealdIds. SealdIds are not de-duped and can appear for multiple connector values. If one of the connectors is not assigned to a Seald user, this will return a ErrorGetSealdIdsUnknownConnector error, with the details of the missing connector. |
getSigchainHash | @JvmOverloads fun getSigchainHash(userId: String, position: Long = -1): GetSigchainResponse Get a user's sigchain transaction hash at index position . |
getSigchainHashAsync | @JvmOverloads suspend fun getSigchainHashAsync(userId: String, position: Long = -1): GetSigchainResponse Get a user's sigchain transaction hash at index position . |
heartbeat | fun heartbeat() Just call the Seald server, without doing anything. This may be used for example to verify that the current instance has a valid identity. |
heartbeatAsync | suspend fun heartbeatAsync() Just call the Seald server, without doing anything. This may be used for example to verify that the current instance has a valid identity. |
importIdentity | fun importIdentity(identity: ByteArray) Load an identity export into the current SDK instance. This function can only be called if the current SDK instance does not have an account yet. |
importIdentityAsync | suspend fun importIdentityAsync(identity: ByteArray) Load an identity export into the current SDK instance. This function can only be called if the current SDK instance does not have an account yet. |
listConnectors | fun listConnectors(): Array<Connector> List connectors associated to the current account. |
listConnectorsAsync | suspend fun listConnectorsAsync(): Array<Connector> List connectors associated to the current account. |
listGroupTMRTemporaryKeys | @JvmOverloads fun listGroupTMRTemporaryKeys(groupId: String, page: Int = 1, all: Boolean = false): ListedGroupTMRTemporaryKeys List group TMR temporary key. |
listGroupTMRTemporaryKeysAsync | @JvmOverloads suspend fun listGroupTMRTemporaryKeysAsync(groupId: String, page: Int = 1, all: Boolean = false): ListedGroupTMRTemporaryKeys List group TMR temporary keys. |
massReencrypt | @JvmOverloads fun massReencrypt(deviceId: String, options: MassReencryptOptions = MassReencryptOptions()): MassReencryptResponse Retrieve, re-encrypt, and add missing keys for a certain device. |
massReencryptAsync | @JvmOverloads suspend fun massReencryptAsync(deviceId: String, options: MassReencryptOptions = MassReencryptOptions()): MassReencryptResponse Retrieve, re-encrypt, and add missing keys for a certain device. |
prepareRenew | @JvmOverloads fun prepareRenew(privateKeys: PreGeneratedKeys? = null): ByteArray Prepare a private key renewal, so it can be stored on SSKS without risk of loss during the actual renew. |
prepareRenewAsync | @JvmOverloads suspend fun prepareRenewAsync(privateKeys: PreGeneratedKeys? = null): ByteArray Prepare a private key renewal, so it can be stored on SSKS without risk of loss during the actual renew |
pushJWT | fun pushJWT(jwt: String) Push a given JWT to the Seald server, for example to add a connector to the current account. |
pushJWTAsync | suspend fun pushJWTAsync(jwt: String) Push a given JWT to the Seald server, for example to add a connector to the current account. |
removeConnector | fun removeConnector(connectorId: String): Connector Remove a connector belonging to the current account. |
removeConnectorAsync | suspend fun removeConnectorAsync(connectorId: String): Connector Remove a connector belonging to the current account. |
removeGroupMembers | fun removeGroupMembers(groupId: String, membersToRemove: Array<String>, privateKeys: PreGeneratedKeys? = null) Remove members from the group. Can only be done by a group administrator. You should call renewGroupKey after this. |
removeGroupMembersAsync | suspend fun removeGroupMembersAsync(groupId: String, membersToRemove: Array<String>, privateKeys: PreGeneratedKeys? = null) Remove members from the group. Can only be done by a group administrator. You should call renewGroupKey after this. |
renewGroupKey | fun renewGroupKey(groupId: String, privateKeys: PreGeneratedKeys? = null) Renew the group's private key. Can only be done by a group administrator. Should be called after removing members from the group. |
renewGroupKeyAsync | suspend fun renewGroupKeyAsync(groupId: String, privateKeys: PreGeneratedKeys? = null) Renew the group's private key. Can only be done by a group administrator. Should be called after removing members from the group. |
renewKeys | @JvmOverloads fun renewKeys(preparedRenewal: ByteArray? = null, privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)) Renew the keys of the current device, extending their validity. If the current device has expired, you will need to call renewKeys before you are able to do anything else. Warning: if the identity of the current device is stored externally, for example on SSKS, you will want to re-export it and store it again, otherwise the previously stored identity will not be recognized anymore. |
renewKeysAsync | @JvmOverloads suspend fun renewKeysAsync(preparedRenewal: ByteArray? = null, privateKeys: PreGeneratedKeys? = null, expireAfter: Duration = Duration.ofDays(365 * 5)) Renew the keys of the current device, extending their validity. If the current device has expired, you will need to call renewKeys before you are able to do anything else. Warning: if the identity of the current device is stored externally, for example on SSKS, you will want to re-export it and store it again, otherwise the previously stored identity will not be recognized anymore. |
retrieveConnector | fun retrieveConnector(connectorId: String): Connector Retrieve a connector by its connectorId , then updates the local cache of connectors. |
retrieveConnectorAsync | suspend fun retrieveConnectorAsync(connectorId: String): Connector Retrieve a connector by its connectorId , then updates the local cache of connectors. |
retrieveEncryptionSession | @JvmOverloads fun retrieveEncryptionSession(sessionId: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session with the sessionId, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. |
retrieveEncryptionSessionAsync | @JvmOverloads suspend fun retrieveEncryptionSessionAsync(sessionId: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session with the sessionId, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. |
retrieveEncryptionSessionByTmr | @JvmOverloads fun retrieveEncryptionSessionByTmr(tmrJWT: String, sessionId: String, overEncryptionKey: ByteArray, tmrAccessesFilters: TMRAccessesRetrievalFilters? = null, tryIfMultiple: Boolean = true, useCache: Boolean = true): EncryptionSession Retrieve an encryption session with a TMR access JWT, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionByTmrAsync | @JvmOverloads suspend fun retrieveEncryptionSessionByTmrAsync(tmrJWT: String, sessionId: String, overEncryptionKey: ByteArray, tmrAccessesFilters: TMRAccessesRetrievalFilters? = null, tryIfMultiple: Boolean = true, useCache: Boolean = true): EncryptionSession Retrieve an encryption session with a TMR access JWT, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionFromBytes | @JvmOverloads fun retrieveEncryptionSessionFromBytes(fileByteArray: ByteArray, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a ByteArray, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionFromBytesAsync | @JvmOverloads suspend fun retrieveEncryptionSessionFromBytesAsync(fileByteArray: ByteArray, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a ByteArray, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionFromFile | @JvmOverloads fun retrieveEncryptionSessionFromFile(fileUri: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a file URI, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionFromFileAsync | @JvmOverloads suspend fun retrieveEncryptionSessionFromFileAsync(fileUri: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a file URI, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt this file. |
retrieveEncryptionSessionFromMessage | @JvmOverloads fun retrieveEncryptionSessionFromMessage(message: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a seald message, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. |
retrieveEncryptionSessionFromMessageAsync | @JvmOverloads suspend fun retrieveEncryptionSessionFromMessageAsync(message: String, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): EncryptionSession Retrieve an encryption session from a seald message, and returns the associated EncryptionSession instance, with which you can then encrypt / decrypt multiple messages. |
retrieveMultipleEncryptionSessions | @JvmOverloads fun retrieveMultipleEncryptionSessions(sessionIds: Array<String>, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): Array<EncryptionSession> Retrieve multiple encryption sessions with an Array of sessionIds, and return an Array of the associated EncryptionSession instances, with which you can then encrypt / decrypt multiple messages. The returned array of EncryptionSession instances is in the same order as the input array. |
retrieveMultipleEncryptionSessionsAsync | @JvmOverloads suspend fun retrieveMultipleEncryptionSessionsAsync(sessionIds: Array<String>, useCache: Boolean = true, lookupProxyKey: Boolean = false, lookupGroupKey: Boolean = true): Array<EncryptionSession> Retrieve multiple encryption sessions with an Array of sessionIds, and return an Array of the associated EncryptionSession instances, with which you can then encrypt / decrypt multiple messages. The returned array of EncryptionSession instances is in the same order as the input array. |
searchGroupTMRTemporaryKeys | @JvmOverloads fun searchGroupTMRTemporaryKeys(tmrJWT: String, options: SearchGroupTMRTemporaryKeysOpts = SearchGroupTMRTemporaryKeysOpts()): ListedGroupTMRTemporaryKeys Search group TMR temporary keys that can be used with the TMR JWT. |
searchGroupTMRTemporaryKeysAsync | @JvmOverloads suspend fun searchGroupTMRTemporaryKeysAsync(tmrJWT: String, options: SearchGroupTMRTemporaryKeysOpts = SearchGroupTMRTemporaryKeysOpts()): ListedGroupTMRTemporaryKeys Search group TMR temporary keys that can be used with the TMR JWT. |
setGroupAdmins | fun setGroupAdmins(groupId: String, addToAdmins: Array<String> = emptyArray(), removeFromAdmins: Array<String> = emptyArray()) Add some existing group members to the group admins, and/or removes admin status from some existing group admins. Can only be done by a group administrator. |
setGroupAdminsAsync | suspend fun setGroupAdminsAsync(groupId: String, addToAdmins: Array<String> = emptyArray(), removeFromAdmins: Array<String> = emptyArray()) Add some existing group members to the group admins, and/or removes admin status from some existing group admins. Can only be done by a group administrator. |
updateCurrentDevice | fun updateCurrentDevice() Updates the locally known information about the current device. You should never have to call this manually, except if you getting null in AccountInfo.deviceExpires, which can happen if migrating from an older version of the SDK, or if the internal call to updateCurrentDevice failed when calling SealdSDK.importIdentity. |
updateCurrentDeviceAsync | suspend fun updateCurrentDeviceAsync() Updates the locally known information about the current device. You should never have to call this manually, except if you getting null in AccountInfo.deviceExpires, which can happen if migrating from an older version of the SDK, or if the internal call to updateCurrentDevice failed when calling SealdSDK.importIdentity. |
validateConnector | fun validateConnector(connectorId: String, challenge: String): Connector Validate an added connector that was added without a preValidationToken. |
validateConnectorAsync | suspend fun validateConnectorAsync(connectorId: String, challenge: String): Connector Validate an added connector that was added without a preValidationToken. |