session.hh 5.65 KB
Newer Older
Mark Haines's avatar
Mark Haines committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
/* Copyright 2015 OpenMarket Ltd
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
15
16
#ifndef OLM_SESSION_HH_
#define OLM_SESSION_HH_
17

18
#include "olm/ratchet.hh"
19

20
namespace olm {
21

22
23
class Account;

24
enum struct MessageType {
Mark Haines's avatar
Mark Haines committed
25
    PRE_KEY = 0,
26
27
28
29
    MESSAGE = 1,
};

struct Session {
30
31
32
33
34
35

    Session();

    Ratchet ratchet;
    ErrorCode last_error;

36
    bool received_message;
37

38
    Curve25519PublicKey alice_identity_key;
39
    Curve25519PublicKey alice_base_key;
40
    Curve25519PublicKey bob_one_time_key;
41

42
43
    /** The number of random bytes that are needed to create a new outbound
     * session. This will be 64 bytes since two ephemeral keys are needed. */
44
    std::size_t new_outbound_session_random_length();
45

46
47
48
    /** Start a new outbound session. Returns std::size_t(-1) on failure. On
     * failure last_error will be set with an error code. The last_error will be
     * NOT_ENOUGH_RANDOM if the number of random bytes was too small. */
49
    std::size_t new_outbound_session(
50
        Account const & local_account,
51
        Curve25519PublicKey const & identity_key,
52
        Curve25519PublicKey const & one_time_key,
53
54
55
        std::uint8_t const * random, std::size_t random_length
    );

56
57
58
59
    /** Start a new inbound session from a pre-key message.
     * Returns std::size_t(-1) on failure. On failure last_error will be set
     * with an error code. The last_error will be BAD_MESSAGE_FORMAT if
     * the message headers could not be decoded. */
60
    std::size_t new_inbound_session(
61
        Account & local_account,
62
        Curve25519PublicKey const * their_identity_key,
63
        std::uint8_t const * pre_key_message, std::size_t message_length
64
65
    );

66
    /** The number of bytes written by session_id() */
67
68
    std::size_t session_id_length();

69
70
71
72
73
    /** An identifier for this session. Generated by hashing the public keys
     * used to create the session. Returns the length of the session id on
     * success or std::size_t(-1) on failure. On failure last_error will be set
     * with an error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if
     * the id buffer was too small. */
74
75
76
77
    std::size_t session_id(
        std::uint8_t * id, std::size_t id_length
    );

78
79
80
81
82
83
    /** True if this session can be used to decode an inbound pre-key message.
     * This can be used to test whether a pre-key message should be decoded
     * with an existing session or if a new session will need to be created.
     * Returns true if the session is the same. Returns false if either the
     * session does not match or the pre-key message could not be decoded.
     */
84
    bool matches_inbound_session(
85
        Curve25519PublicKey const * their_identity_key,
86
        std::uint8_t const * pre_key_message, std::size_t message_length
87
88
    );

89
90
91
    /** Whether the next message will be a pre-key message or a normal message.
     * An outbound session will send pre-key messages until it receives a
     * message with a ratchet key. */
92
93
94
95
96
97
    MessageType encrypt_message_type();

    std::size_t encrypt_message_length(
        std::size_t plaintext_length
    );

98
99
100
    /** The number of bytes of random data the encrypt method will need to
     * encrypt a message. This will be 32 bytes if the session needs to
     * generate a new ephemeral key, or will be 0 bytes otherwise. */
101
102
    std::size_t encrypt_random_length();

103
104
105
106
107
    /** Encrypt some plain-text. Returns the length of the encrypted message
      * or std::size_t(-1) on failure. On failure last_error will be set with
      * an error code. The last_error will be NOT_ENOUGH_RANDOM if the number
      * of random bytes is too small. The last_error will be
      * OUTPUT_BUFFER_TOO_SMALL if the output buffer is too small. */
108
109
110
111
112
113
    std::size_t encrypt(
        std::uint8_t const * plaintext, std::size_t plaintext_length,
        std::uint8_t const * random, std::size_t random_length,
        std::uint8_t * message, std::size_t message_length
    );

114
115
    /** An upper bound on the number of bytes of plain-text the decrypt method
     * will write for a given input message length. */
116
117
118
119
120
    std::size_t decrypt_max_plaintext_length(
        MessageType message_type,
        std::uint8_t const * message, std::size_t message_length
    );

121
122
123
124
125
126
127
128
    /** Decrypt a message. Returns the length of the decrypted plain-text or
     * std::size_t(-1) on failure. On failure last_error will be set with an
     * error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if the
     * plain-text buffer is too small. The last_error will be
     * BAD_MESSAGE_VERSION if the message was encrypted with an unsupported
     * version of the protocol. The last_error will be BAD_MESSAGE_FORMAT if
     * the message headers could not be decoded. The last_error will be
     * BAD_MESSAGE_MAC if the message could not be verified */
129
130
131
132
133
134
135
136
    std::size_t decrypt(
        MessageType message_type,
        std::uint8_t const * message, std::size_t message_length,
        std::uint8_t * plaintext, std::size_t max_plaintext_length
    );
};


137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
std::size_t pickle_length(
    Session const & value
);


std::uint8_t * pickle(
    std::uint8_t * pos,
    Session const & value
);


std::uint8_t const * unpickle(
    std::uint8_t const * pos, std::uint8_t const * end,
    Session & value
);


154
} // namespace olm
155

156
#endif /* OLM_SESSION_HH_ */