1. 14 Sep, 2016 1 commit
  2. 13 Sep, 2016 10 commits
  3. 06 Sep, 2016 9 commits
  4. 05 Sep, 2016 12 commits
  5. 04 Sep, 2016 2 commits
    • Richard van der Hoff's avatar
      Fix megolm decryption of UTF-8 · 1d4c13c7
      Richard van der Hoff authored
      Repeat the fix from b10f90d for megolm messages.
      
      It turns out that the 'length' argument to 'Pointer_stringify' doesn't work if
      the input includes characters >= 128.
      
      Rather than try to figure out which methods can return UTF-8, and which always
      return plain ascii, replace all uses of Pointer_stringify with a 'length'
      argument with the version that expects a NULL-terminated input, and extend the
      buffer by a byte to allow space for a null-terminator.
      
      In the case of decrypt, we need to add the null ourself.
      
      Fixes https://github.com/vector-im/vector-web/issues/2078.
      1d4c13c7
    • Richard van der Hoff's avatar
      OlmSession.has_received_message · 2e9021c2
      Richard van der Hoff authored
      I find myself wanting to know if an OlmSession is in the pre-key state or not,
      to help debugging at the application level.
      2e9021c2
  6. 02 Sep, 2016 1 commit
    • Richard van der Hoff's avatar
      Create new constants for key lengths, etc · 39212987
      Richard van der Hoff authored
      We were using olm::KEY_LENGTH for everything under the sun which happened to be
      32 bytes long, and making a bunch of assumptions in the process. Create a bunch
      of new constants (as C #defines rather than C++ consts so that I can use them
      in another forthcoming refactor).
      39212987
  7. 01 Sep, 2016 5 commits
    • Richard van der Hoff's avatar
      Bump version in package.json · 0c3f527d
      Richard van der Hoff authored
      ... to match the Makefile
      0c3f527d
    • Richard van der Hoff's avatar
      Merge branch 'rav/ed25519_fix' · e3664ef1
      Richard van der Hoff authored
      e3664ef1
    • Richard van der Hoff's avatar
      Merge branch 'rav/ed25519_fix' · 214e9328
      Richard van der Hoff authored
      214e9328
    • Richard van der Hoff's avatar
      update changelog · f7c428d6
      Richard van der Hoff authored
      pre-1.0.0 was broken too
      f7c428d6
    • Richard van der Hoff's avatar
      Fix Ed25519 keypair generation · 0c462cff
      Richard van der Hoff authored
      Ed25519 private keys, it turns out, have 64 bytes, not 32.
      
      We were previously generating only 32 bytes (which is all that is required to
      generate the public key), and then using the public key as the upper 32 bytes
      when generating the per-message session key. This meant that everything
      appeared to work, but the security of the private key was severely compromised.
      
      By way of fixes:
      
       * Use the correct algorithm for generating the Ed25519 private key, and store
         all 512 bits of it.
      
       * Update the account pickle format and refuse to load the old format (since we
         should consider it compromised).
      
       * Bump the library version, and add a function to retrieve the library
         version, so that applications can verify that they are linked against a
         fixed version of the library.
      
       * Remove the curve25519_{sign, verify} functions which were unused and of
         dubious quality.
      0c462cff