message.cpp 10.3 KB
Newer Older
1
/* Copyright 2015-2016 OpenMarket Ltd
Mark Haines's avatar
Mark Haines committed
2
3
4
5
6
7
8
9
10
11
12
13
14
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
15
#include "olm/message.hh"
Mark Haines's avatar
Mark Haines committed
16

17
18
#include "olm/memory.hh"

Mark Haines's avatar
Mark Haines committed
19
20
21
namespace {

template<typename T>
22
static std::size_t varint_length(
Mark Haines's avatar
Mark Haines committed
23
24
25
    T value
) {
    std::size_t result = 1;
26
    while (value >= 128U) {
Mark Haines's avatar
Mark Haines committed
27
28
29
30
31
32
33
34
        ++result;
        value >>= 7;
    }
    return result;
}


template<typename T>
35
static std::uint8_t * varint_encode(
Mark Haines's avatar
Mark Haines committed
36
37
38
    std::uint8_t * output,
    T value
) {
39
    while (value >= 128U) {
Mark Haines's avatar
Mark Haines committed
40
        *(output++) = (0x7F & value) | 0x80;
41
        value >>= 7;
Mark Haines's avatar
Mark Haines committed
42
43
44
45
46
47
48
    }
    (*output++) = value;
    return output;
}


template<typename T>
49
static T varint_decode(
Mark Haines's avatar
Mark Haines committed
50
51
52
53
    std::uint8_t const * varint_start,
    std::uint8_t const * varint_end
) {
    T value = 0;
54
55
56
    if (varint_end == varint_start) {
        return 0;
    }
Mark Haines's avatar
Mark Haines committed
57
58
59
60
61
62
63
64
    do {
        value <<= 7;
        value |= 0x7F & *(--varint_end);
    } while (varint_end != varint_start);
    return value;
}


65
static std::uint8_t const * varint_skip(
Mark Haines's avatar
Mark Haines committed
66
67
68
69
70
71
72
73
74
75
76
77
78
    std::uint8_t const * input,
    std::uint8_t const * input_end
) {
    while (input != input_end) {
        std::uint8_t tmp = *(input++);
        if ((tmp & 0x80) == 0) {
            return input;
        }
    }
    return input;
}


79
static std::size_t varstring_length(
Mark Haines's avatar
Mark Haines committed
80
81
82
83
84
85
86
87
88
89
    std::size_t string_length
) {
    return varint_length(string_length) + string_length;
}

static std::size_t const VERSION_LENGTH = 1;
static std::uint8_t const RATCHET_KEY_TAG = 012;
static std::uint8_t const COUNTER_TAG = 020;
static std::uint8_t const CIPHERTEXT_TAG = 042;

90
static std::uint8_t * encode(
91
92
93
94
95
96
97
98
    std::uint8_t * pos,
    std::uint8_t tag,
    std::uint32_t value
) {
    *(pos++) = tag;
    return varint_encode(pos, value);
}

99
static std::uint8_t * encode(
100
101
102
103
104
105
106
107
108
109
    std::uint8_t * pos,
    std::uint8_t tag,
    std::uint8_t * & value, std::size_t value_length
) {
    *(pos++) = tag;
    pos = varint_encode(pos, value_length);
    value = pos;
    return pos + value_length;
}

110
static std::uint8_t const * decode(
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
    std::uint8_t const * pos, std::uint8_t const * end,
    std::uint8_t tag,
    std::uint32_t & value, bool & has_value
) {
    if (pos != end && *pos == tag) {
        ++pos;
        std::uint8_t const * value_start = pos;
        pos = varint_skip(pos, end);
        value = varint_decode<std::uint32_t>(value_start, pos);
        has_value = true;
    }
    return pos;
}


126
static std::uint8_t const * decode(
127
128
129
130
131
132
133
134
135
    std::uint8_t const * pos, std::uint8_t const * end,
    std::uint8_t tag,
    std::uint8_t const * & value, std::size_t & value_length
) {
    if (pos != end && *pos == tag) {
        ++pos;
        std::uint8_t const * len_start = pos;
        pos = varint_skip(pos, end);
        std::size_t len = varint_decode<std::size_t>(len_start, pos);
136
        if (len > std::size_t(end - pos)) return end;
137
138
139
140
141
142
143
        value = pos;
        value_length = len;
        pos += len;
    }
    return pos;
}

144
static std::uint8_t const * skip_unknown(
145
146
147
148
    std::uint8_t const * pos, std::uint8_t const * end
) {
    if (pos != end) {
        uint8_t tag = *pos;
149
        if ((tag & 0x7) == 0) {
150
151
            pos = varint_skip(pos, end);
            pos = varint_skip(pos, end);
152
        } else if ((tag & 0x7) == 2) {
153
154
155
156
            pos = varint_skip(pos, end);
            std::uint8_t const * len_start = pos;
            pos = varint_skip(pos, end);
            std::size_t len = varint_decode<std::size_t>(len_start, pos);
157
            if (len > std::size_t(end - pos)) return end;
158
159
160
161
162
163
164
165
            pos += len;
        } else {
            return end;
        }
    }
    return pos;
}

Mark Haines's avatar
Mark Haines committed
166
167
168
} // namespace


169
std::size_t olm::encode_message_length(
Mark Haines's avatar
Mark Haines committed
170
171
172
173
174
175
176
177
178
    std::uint32_t counter,
    std::size_t ratchet_key_length,
    std::size_t ciphertext_length,
    std::size_t mac_length
) {
    std::size_t length = VERSION_LENGTH;
    length += 1 + varstring_length(ratchet_key_length);
    length += 1 + varint_length(counter);
    length += 1 + varstring_length(ciphertext_length);
179
180
    length += mac_length;
    return length;
Mark Haines's avatar
Mark Haines committed
181
182
183
}


184
185
void olm::encode_message(
    olm::MessageWriter & writer,
Mark Haines's avatar
Mark Haines committed
186
187
188
189
190
191
192
193
    std::uint8_t version,
    std::uint32_t counter,
    std::size_t ratchet_key_length,
    std::size_t ciphertext_length,
    std::uint8_t * output
) {
    std::uint8_t * pos = output;
    *(pos++) = version;
194
195
196
    pos = encode(pos, RATCHET_KEY_TAG, writer.ratchet_key, ratchet_key_length);
    pos = encode(pos, COUNTER_TAG, counter);
    pos = encode(pos, CIPHERTEXT_TAG, writer.ciphertext, ciphertext_length);
Mark Haines's avatar
Mark Haines committed
197
198
199
}


200
201
void olm::decode_message(
    olm::MessageReader & reader,
Mark Haines's avatar
Mark Haines committed
202
203
204
205
206
    std::uint8_t const * input, std::size_t input_length,
    std::size_t mac_length
) {
    std::uint8_t const * pos = input;
    std::uint8_t const * end = input + input_length - mac_length;
207
    std::uint8_t const * unknown = nullptr;
208
209
210
211

    reader.input = input;
    reader.input_length = input_length;
    reader.has_counter = false;
212
    reader.ratchet_key = nullptr;
213
    reader.ratchet_key_length = 0;
214
    reader.ciphertext = nullptr;
215
216
217
    reader.ciphertext_length = 0;

    if (pos == end) return;
218
    if (input_length < mac_length) return;
219
    reader.version = *(pos++);
220

Mark Haines's avatar
Mark Haines committed
221
    while (pos != end) {
222
223
224
225
226
227
228
229
230
231
232
233
234
        pos = decode(
            pos, end, RATCHET_KEY_TAG,
            reader.ratchet_key, reader.ratchet_key_length
        );
        pos = decode(
            pos, end, COUNTER_TAG,
            reader.counter, reader.has_counter
        );
        pos = decode(
            pos, end, CIPHERTEXT_TAG,
            reader.ciphertext, reader.ciphertext_length
        );
        if (unknown == pos) {
235
            pos = skip_unknown(pos, end);
Mark Haines's avatar
Mark Haines committed
236
        }
237
        unknown = pos;
Mark Haines's avatar
Mark Haines committed
238
    }
239
240
241
242
243
}


namespace {

244
static std::uint8_t const ONE_TIME_KEY_ID_TAG = 012;
245
246
247
248
249
250
251
static std::uint8_t const BASE_KEY_TAG = 022;
static std::uint8_t const IDENTITY_KEY_TAG = 032;
static std::uint8_t const MESSAGE_TAG = 042;

} // namespace


252
std::size_t olm::encode_one_time_key_message_length(
253
    std::size_t one_time_key_length,
254
255
256
257
258
    std::size_t identity_key_length,
    std::size_t base_key_length,
    std::size_t message_length
) {
    std::size_t length = VERSION_LENGTH;
259
    length += 1 + varstring_length(one_time_key_length);
260
261
262
263
264
265
266
    length += 1 + varstring_length(identity_key_length);
    length += 1 + varstring_length(base_key_length);
    length += 1 + varstring_length(message_length);
    return length;
}


267
268
void olm::encode_one_time_key_message(
    olm::PreKeyMessageWriter & writer,
269
270
271
    std::uint8_t version,
    std::size_t identity_key_length,
    std::size_t base_key_length,
272
    std::size_t one_time_key_length,
273
274
275
276
277
    std::size_t message_length,
    std::uint8_t * output
) {
    std::uint8_t * pos = output;
    *(pos++) = version;
278
    pos = encode(pos, ONE_TIME_KEY_ID_TAG, writer.one_time_key, one_time_key_length);
279
280
281
282
283
284
    pos = encode(pos, BASE_KEY_TAG, writer.base_key, base_key_length);
    pos = encode(pos, IDENTITY_KEY_TAG, writer.identity_key, identity_key_length);
    pos = encode(pos, MESSAGE_TAG, writer.message, message_length);
}


285
void olm::decode_one_time_key_message(
286
287
288
289
290
    PreKeyMessageReader & reader,
    std::uint8_t const * input, std::size_t input_length
) {
    std::uint8_t const * pos = input;
    std::uint8_t const * end = input + input_length;
291
    std::uint8_t const * unknown = nullptr;
292

293
    reader.one_time_key = nullptr;
294
    reader.one_time_key_length = 0;
295
    reader.identity_key = nullptr;
296
    reader.identity_key_length = 0;
297
    reader.base_key = nullptr;
298
    reader.base_key_length = 0;
299
    reader.message = nullptr;
300
301
302
303
    reader.message_length = 0;

    if (pos == end) return;
    reader.version = *(pos++);
304
305
306
307

    while (pos != end) {
        pos = decode(
            pos, end, ONE_TIME_KEY_ID_TAG,
308
            reader.one_time_key, reader.one_time_key_length
309
310
311
312
313
314
315
316
317
318
319
320
321
322
        );
        pos = decode(
            pos, end, BASE_KEY_TAG,
            reader.base_key, reader.base_key_length
        );
        pos = decode(
            pos, end, IDENTITY_KEY_TAG,
            reader.identity_key, reader.identity_key_length
        );
        pos = decode(
            pos, end, MESSAGE_TAG,
            reader.message, reader.message_length
        );
        if (unknown == pos) {
323
            pos = skip_unknown(pos, end);
324
325
        }
        unknown = pos;
Mark Haines's avatar
Mark Haines committed
326
327
    }
}
328
329
330



331
332
static const std::uint8_t GROUP_MESSAGE_INDEX_TAG = 010;
static const std::uint8_t GROUP_CIPHERTEXT_TAG = 022;
333
334

size_t _olm_encode_group_message_length(
335
    uint32_t message_index,
336
337
338
339
    size_t ciphertext_length,
    size_t mac_length
) {
    size_t length = VERSION_LENGTH;
340
    length += 1 + varint_length(message_index);
341
342
343
344
345
346
    length += 1 + varstring_length(ciphertext_length);
    length += mac_length;
    return length;
}


347
size_t _olm_encode_group_message(
348
    uint8_t version,
349
    uint32_t message_index,
350
351
352
353
354
355
356
    size_t ciphertext_length,
    uint8_t *output,
    uint8_t **ciphertext_ptr
) {
    std::uint8_t * pos = output;

    *(pos++) = version;
357
358
    pos = encode(pos, GROUP_MESSAGE_INDEX_TAG, message_index);
    pos = encode(pos, GROUP_CIPHERTEXT_TAG, *ciphertext_ptr, ciphertext_length);
359
    return pos-output;
360
}
361
362
363
364
365
366
367
368
369
370

void _olm_decode_group_message(
    const uint8_t *input, size_t input_length,
    size_t mac_length,
    struct _OlmDecodeGroupMessageResults *results
) {
    std::uint8_t const * pos = input;
    std::uint8_t const * end = input + input_length - mac_length;
    std::uint8_t const * unknown = nullptr;

371
372
    bool has_message_index = false;
    results->message_index = 0;
373
374
375
376
377
378
379
380
381
    results->ciphertext = nullptr;
    results->ciphertext_length = 0;

    if (pos == end) return;
    if (input_length < mac_length) return;
    results->version = *(pos++);

    while (pos != end) {
        pos = decode(
382
383
            pos, end, GROUP_MESSAGE_INDEX_TAG,
            results->message_index, has_message_index
384
385
        );
        pos = decode(
386
            pos, end, GROUP_CIPHERTEXT_TAG,
387
388
389
390
391
392
393
394
            results->ciphertext, results->ciphertext_length
        );
        if (unknown == pos) {
            pos = skip_unknown(pos, end);
        }
        unknown = pos;
    }

395
    results->has_message_index = (int)has_message_index;
396
}