Python wrapper: support for inbound group sessions

846ab858 · Richard van der Hoff · fc4756dd · 846ab858 · 846ab858 · 846ab858
Commit 846ab858 authored 9 years ago by Richard van der Hoff
--- a/python/olm/__init__.py
+++ b/python/olm/__init__.py
 from .account import Account
 from .session import Session
 from .outbound_group_session import OutboundGroupSession
+from .inbound_group_session import InboundGroupSession
--- a/python/olm/__main__.py
+++ b/python/olm/__main__.py
@@ -210,14 +210,43 @@ def build_arg_parser():
    outbound_group.add_argument("session_file", help="Local group session file")
    outbound_group.set_defaults(func=do_outbound_group)

+    group_credentials = commands.add_parser("group_credentials", help="Export the current outbound group session credentials")
+    group_credentials.add_argument("session_file", help="Local outbound group session file")
+    group_credentials.add_argument("credentials_file", help="File to write credentials to (default stdout)",
+                                   type=argparse.FileType('w'), nargs='?',
+                                   default=sys.stdout)
+    group_credentials.set_defaults(func=do_group_credentials)
+
    group_encrypt = commands.add_parser("group_encrypt", help="Encrypt a group message")
-    group_encrypt.add_argument("session_file", help="Local group session file")
-    group_encrypt.add_argument("plaintext_file", help="Plaintext",
-                               type=argparse.FileType('rb'), default=sys.stdin)
-    group_encrypt.add_argument("message_file", help="Message",
-                               type=argparse.FileType('wb'), default=sys.stdout)
+    group_encrypt.add_argument("session_file", help="Local outbound group session file")
+    group_encrypt.add_argument("plaintext_file", help="Plaintext file (default stdin)",
+                               type=argparse.FileType('rb'), nargs='?',
+                               default=sys.stdin)
+    group_encrypt.add_argument("message_file", help="Message file (default stdout)",
+                               type=argparse.FileType('w'), nargs='?',
+                               default=sys.stdout)
    group_encrypt.set_defaults(func=do_group_encrypt)

+    inbound_group = commands.add_parser(
+        "inbound_group",
+        help=("Create an inbound group session based on credentials from an "+
+              "outbound group session"))
+    inbound_group.add_argument("session_file", help="Local inbound group session file")
+    inbound_group.add_argument("credentials_file",
+                               help="File to read credentials from (default stdin)",
+                               type=argparse.FileType('r'), nargs='?',
+                               default=sys.stdin)
+    inbound_group.set_defaults(func=do_inbound_group)
+
+    group_decrypt = commands.add_parser("group_decrypt", help="Decrypt a group message")
+    group_decrypt.add_argument("session_file", help="Local inbound group session file")
+    group_decrypt.add_argument("message_file", help="Message file (default stdin)",
+                               type=argparse.FileType('r'), nargs='?',
+                               default=sys.stdin)
+    group_decrypt.add_argument("plaintext_file", help="Plaintext file (default stdout)",
+                               type=argparse.FileType('wb'), nargs='?',
+                               default=sys.stdout)
+    group_decrypt.set_defaults(func=do_group_decrypt)
    return parser

 def do_outbound_group(args):
@@ -240,6 +269,43 @@ def do_group_encrypt(args):
        f.write(session.pickle(args.key))
    args.message_file.write(message)

+def do_group_credentials(args):
+    session = OutboundGroupSession()
+    with open(args.session_file, "rb") as f:
+        session.unpickle(args.key, f.read())
+    result = {
+        'message_index': session.message_index(),
+        'session_key': session.session_key(),
+    }
+    json.dump(result, args.credentials_file, indent=4)
+
+def do_inbound_group(args):
+    if os.path.exists(args.session_file):
+        sys.stderr.write("Session %r file already exists\n" % (
+            args.session_file,
+        ))
+        sys.exit(1)
+    credentials = json.load(args.credentials_file)
+    for k in ('message_index', 'session_key'):
+        if not k in credentials:
+            sys.stderr.write("Credentials file is missing %s\n" % k)
+            sys.exit(1);
+
+    session = InboundGroupSession()
+    session.init(credentials['message_index'], credentials['session_key'])
+    with open(args.session_file, "wb") as f:
+        f.write(session.pickle(args.key))
+
+def do_group_decrypt(args):
+    session = InboundGroupSession()
+    with open(args.session_file, "rb") as f:
+        session.unpickle(args.key, f.read())
+    message = args.message_file.read()
+    plaintext = session.decrypt(message)
+    with open(args.session_file, "wb") as f:
+        f.write(session.pickle(args.key))
+    args.plaintext_file.write(plaintext)
+
 if __name__ == '__main__':
    parser = build_arg_parser()
    args = parser.parse_args()

--- a/python/olm/inbound_group_session.py
+++ b/python/olm/inbound_group_session.py
+import json
+
+from ._base import *
+
+lib.olm_inbound_group_session_size.argtypes = []
+lib.olm_inbound_group_session_size.restype = c_size_t
+
+lib.olm_inbound_group_session.argtypes = [c_void_p]
+lib.olm_inbound_group_session.restype = c_void_p
+
+lib.olm_inbound_group_session_last_error.argtypes = [c_void_p]
+lib.olm_inbound_group_session_last_error.restype = c_char_p
+
+def inbound_group_session_errcheck(res, func, args):
+    if res == ERR:
+        raise OlmError("%s: %s" % (
+            func.__name__, lib.olm_inbound_group_session_last_error(args[0])
+        ))
+    return res
+
+
+def inbound_group_session_function(func, *types):
+    func.argtypes = (c_void_p,) + types
+    func.restypes = c_size_t
+    func.errcheck = inbound_group_session_errcheck
+
+
+inbound_group_session_function(
+    lib.olm_pickle_inbound_group_session, c_void_p, c_size_t, c_void_p, c_size_t
+)
+inbound_group_session_function(
+    lib.olm_unpickle_inbound_group_session, c_void_p, c_size_t, c_void_p, c_size_t
+)
+
+inbound_group_session_function(
+    lib.olm_init_inbound_group_session, c_uint32, c_void_p, c_size_t
+)
+
+inbound_group_session_function(
+    lib.olm_group_decrypt_max_plaintext_length, c_void_p, c_size_t
+)
+inbound_group_session_function(
+    lib.olm_group_decrypt,
+    c_void_p, c_size_t, # message
+    c_void_p, c_size_t, # plaintext
+)
+
+class InboundGroupSession(object):
+    def __init__(self):
+        self.buf = create_string_buffer(lib.olm_inbound_group_session_size())
+        self.ptr = lib.olm_inbound_group_session(self.buf)
+
+    def pickle(self, key):
+        key_buffer = create_string_buffer(key)
+        pickle_length = lib.olm_pickle_inbound_group_session_length(self.ptr)
+        pickle_buffer = create_string_buffer(pickle_length)
+        lib.olm_pickle_inbound_group_session(
+            self.ptr, key_buffer, len(key), pickle_buffer, pickle_length
+        )
+        return pickle_buffer.raw
+
+    def unpickle(self, key, pickle):
+        key_buffer = create_string_buffer(key)
+        pickle_buffer = create_string_buffer(pickle)
+        lib.olm_unpickle_inbound_group_session(
+            self.ptr, key_buffer, len(key), pickle_buffer, len(pickle)
+        )
+
+    def init(self, message_index, session_key):
+        key_buffer = create_string_buffer(session_key)
+        lib.olm_init_inbound_group_session(
+            self.ptr, message_index, key_buffer, len(session_key)
+        )
+
+    def decrypt(self, message):
+        message_buffer = create_string_buffer(message)
+        max_plaintext_length = lib.olm_group_decrypt_max_plaintext_length(
+            self.ptr, message_buffer, len(message)
+        )
+        plaintext_buffer = create_string_buffer(max_plaintext_length)
+        message_buffer = create_string_buffer(message)
+        plaintext_length = lib.olm_group_decrypt(
+            self.ptr, message_buffer, len(message),
+            plaintext_buffer, max_plaintext_length
+        )
+        return plaintext_buffer.raw[:plaintext_length]
--- a/python/test_olm.sh
+++ b/python/test_olm.sh
@@ -7,10 +7,11 @@ ALICE_SESSION=alice.session
 ALICE_GROUP_SESSION=alice.group_session
 BOB_ACCOUNT=bob.account
 BOB_SESSION=bob.session
+BOB_GROUP_SESSION=bob.group_session

 rm $ALICE_ACCOUNT $BOB_ACCOUNT
 rm $ALICE_SESSION $BOB_SESSION
-rm $ALICE_GROUP_SESSION
+rm $ALICE_GROUP_SESSION $BOB_GROUP_SESSION

 $OLM create_account $ALICE_ACCOUNT
 $OLM create_account $BOB_ACCOUNT
@@ -27,4 +28,5 @@ echo "Hello world" | $OLM encrypt $ALICE_SESSION - - | $OLM inbound $BOB_ACCOUNT
 ### group sessions

 $OLM outbound_group $ALICE_GROUP_SESSION
-echo "Hello world" | $OLM group_encrypt $ALICE_GROUP_SESSION - -
+$OLM group_credentials $ALICE_GROUP_SESSION | $OLM inbound_group $BOB_GROUP_SESSION
+echo "Hello group" | $OLM group_encrypt $ALICE_GROUP_SESSION - - | $OLM group_decrypt $BOB_GROUP_SESSION