OLMKit: add Short Authentication String verification

		3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 3274F6061D9A633A005282E4 /* OLMKitTests.m */; };

		3274F6131D9A698E005282E4 /* OLMKit.h in Headers */ = {isa = PBXBuildFile; fileRef = 3274F6121D9A698E005282E4 /* OLMKit.h */; };

		32A151311DABDD4300400192 /* OLMKitGroupTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 32A151301DABDD4300400192 /* OLMKitGroupTests.m */; };

		32F143AF2236B4100077CF37 /* OLMKitSASTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 32F143AE2236B4100077CF37 /* OLMKitSASTests.m */; };

		7DBAD311AEA85CF6DB80DCFA /* libPods-OLMKitTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 7123FABE917D0FB140E036B7 /* libPods-OLMKitTests.a */; };

		D667051A0BA47E17CCC4E5D7 /* libPods-OLMKit.a in Frameworks */ = {isa = PBXBuildFile; fileRef = F2F22FE8F173AF845B882805 /* libPods-OLMKit.a */; };

/* End PBXBuildFile section */

		3274F6081D9A633A005282E4 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };

		3274F6121D9A698E005282E4 /* OLMKit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OLMKit.h; sourceTree = "<group>"; };

		32A151301DABDD4300400192 /* OLMKitGroupTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OLMKitGroupTests.m; sourceTree = "<group>"; };

		32F143AE2236B4100077CF37 /* OLMKitSASTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = OLMKitSASTests.m; sourceTree = "<group>"; };

		7123FABE917D0FB140E036B7 /* libPods-OLMKitTests.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-OLMKitTests.a"; sourceTree = BUILT_PRODUCTS_DIR; };

		875BA7A520258EA15A31DD82 /* Pods-OLMKitTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-OLMKitTests.debug.xcconfig"; path = "Pods/Target Support Files/Pods-OLMKitTests/Pods-OLMKitTests.debug.xcconfig"; sourceTree = "<group>"; };

		D48E486DAE1F59F4F7EA8C25 /* Pods-OLMKitTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-OLMKitTests.release.xcconfig"; path = "Pods/Target Support Files/Pods-OLMKitTests/Pods-OLMKitTests.release.xcconfig"; sourceTree = "<group>"; };

		3274F6051D9A633A005282E4 /* OLMKitTests */ = {

			isa = PBXGroup;

			children = (

				32F143AE2236B4100077CF37 /* OLMKitSASTests.m */,

				3244277C2175EF700023EDF1 /* OLMKitPkTests.m */,

				3274F6061D9A633A005282E4 /* OLMKitTests.m */,

				32A151301DABDD4300400192 /* OLMKitGroupTests.m */,

			buildActionMask = 2147483647;

			files = (

				3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */,

				32F143AF2236B4100077CF37 /* OLMKitSASTests.m in Sources */,

				3244277D2175EF700023EDF1 /* OLMKitPkTests.m in Sources */,

				32A151311DABDD4300400192 /* OLMKitGroupTests.m in Sources */,

			);

#import <OLMKit/OLMOutboundGroupSession.h>

#import <OLMKit/OLMPkEncryption.h>

#import <OLMKit/OLMPkDecryption.h>

#import <OLMKit/OLMSAS.h>

@interface OLMKit : NSObject

/*

 Copyright 2019 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");

 you may not use this file except in compliance with the License.

 You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software

 distributed under the License is distributed on an "AS IS" BASIS,

 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 See the License for the specific language governing permissions and

 limitations under the License.

 */

#import <Foundation/Foundation.h>

NS_ASSUME_NONNULL_BEGIN

/**

 Short Authentication String verification utility class.

 */

@interface OLMSAS : NSObject

/**

 Get the public key of the SAS object.

 */

- (NSString * _Nullable)publicKey;

/**

 Set the public key of other user.

 @param theirPublicKey the other user's public key.

 @return error the error if any.

 */

- (NSError* _Nullable)setTheirPublicKey:(NSString*)theirPublicKey;

/**

 Generate bytes to use for the short authentication string.

 @param info extra information to mix in when generating the bytes, as per the Matrix spec.

 @param length the size of the output buffer. For hex-based SAS as in the Matrix spec, this will be 5.

 @return generated bytes

 */

- (NSData *)generateBytes:(NSString*)info length:(NSUInteger)length;

/**

 Generate a message authentication code (MAC) based on the shared secret.

 @param input the message to produce the authentication code for.

 @param info extra information to mix in when generating the MAC, as per the Matrix spec.

 @param error the error if any.

 @return the MAC.

 */

- (NSString *)calculateMac:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; // TODO: NSError?

@end

NS_ASSUME_NONNULL_END

/*

 Copyright 2018 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");

 you may not use this file except in compliance with the License.

 You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software

 distributed under the License is distributed on an "AS IS" BASIS,

 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 See the License for the specific language governing permissions and

 limitations under the License.

 */

#import "OLMSAS.h"

#include "olm/olm.h"

#include "olm/sas.h"

#include "OLMUtility.h"

@interface OLMSAS () {

    void *olmSASbuffer;

    OlmSAS *olmSAS;

}

@end

@implementation OLMSAS

- (void)dealloc {

    olm_clear_sas(olmSAS);

    free(olmSASbuffer);

}

- (instancetype)init {

    self = [super init];

    if (self) {

        olmSASbuffer = malloc(olm_sas_size());

        olmSAS = olm_sas(olmSASbuffer);

        size_t randomLength = olm_create_sas_random_length(olmSAS);

        NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength];

        if (!random) {

            return nil;

        }

        olm_create_sas(olmSAS, random.mutableBytes, randomLength);

        [random resetBytesInRange:NSMakeRange(0, randomLength)];

    }

    return self;

}

- (NSString * _Nullable)publicKey {

    size_t publicKeyLength = olm_sas_pubkey_length(olmSAS);

    NSMutableData *publicKeyData = [NSMutableData dataWithLength:publicKeyLength];

    if (!publicKeyData) {

        return nil;

    }

    size_t result = olm_sas_get_pubkey(olmSAS, publicKeyData.mutableBytes, publicKeyLength);

    if (result == olm_error()) {

        const char *olm_error = olm_sas_last_error(olmSAS);

        NSLog(@"[OLMSAS] publicKey: olm_sas_get_pubkey error: %s", olm_error);

        return nil;

    }

    NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding];

    return publicKey;

}

- (NSError * _Nullable)setTheirPublicKey:(NSString*)theirPublicKey {

    NSMutableData *theirPublicKeyData = [theirPublicKey dataUsingEncoding:NSUTF8StringEncoding].mutableCopy;

    size_t result = olm_sas_set_their_key(olmSAS, theirPublicKeyData.mutableBytes, theirPublicKeyData.length);

    if (result == olm_error()) {

        const char *olm_error = olm_sas_last_error(olmSAS);

        NSLog(@"[OLMSAS] setTheirPublicKey: olm_sas_set_their_key error: %s", olm_error);

        NSString *errorString = [NSString stringWithUTF8String:olm_error];

        if (olm_error && errorString) {

            return [NSError errorWithDomain:OLMErrorDomain

                                       code:0

                                   userInfo:@{

                                              NSLocalizedDescriptionKey: errorString,

                                              NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_set_their_key error: %@", errorString]

                                              }];

        }

    }

    return nil;

}

- (NSData *)generateBytes:(NSString *)info length:(NSUInteger)length {

    NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding];

    NSMutableData *bytes = [NSMutableData dataWithLength:length];

    if (!bytes) {

        return nil;

    }

    olm_sas_generate_bytes(olmSAS, infoData.bytes, infoData.length, bytes.mutableBytes, length);

    return bytes;

}

- (NSString *)calculateMac:(NSString *)input info:(NSString *)info error:(NSError *__autoreleasing  _Nullable *)error {

    NSMutableData *inputData = [input dataUsingEncoding:NSUTF8StringEncoding].mutableCopy;

    NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding];

    size_t macLength = olm_sas_mac_length(olmSAS);

    NSMutableData *macData = [NSMutableData dataWithLength:macLength];

    if (!macData) {

        return nil;

    }

    size_t result = olm_sas_calculate_mac(olmSAS,

                                          inputData.mutableBytes, inputData.length,

                                          infoData.bytes, infoData.length,

                                          macData.mutableBytes, macLength);

    if (result == olm_error()) {

        const char *olm_error = olm_sas_last_error(olmSAS);

        NSLog(@"[OLMSAS] calculateMac: olm_sas_calculate_mac error: %s", olm_error);

        NSString *errorString = [NSString stringWithUTF8String:olm_error];

        if (error && olm_error && errorString) {

            *error = [NSError errorWithDomain:OLMErrorDomain

                                         code:0

                                     userInfo:@{

                                                NSLocalizedDescriptionKey: errorString,

                                                NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_calculate_mac error: %@", errorString]

                                                }];

        }

        return nil;

    }

    NSString *mac = [[NSString alloc] initWithData:macData encoding:NSUTF8StringEncoding];

    return mac;

}

@end

/*

 Copyright 2019 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");

 you may not use this file except in compliance with the License.

 You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software

 distributed under the License is distributed on an "AS IS" BASIS,

 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 See the License for the specific language governing permissions and

 limitations under the License.

 */

#import <XCTest/XCTest.h>

#import <OLMKit/OLMKit.h>

@interface OLMKitSASTests : XCTestCase {

    OLMSAS *alice;

    OLMSAS *bob;

}

@end

@implementation OLMKitSASTests

- (void)setUp {

    alice = [OLMSAS new];

    bob = [OLMSAS new];

}

- (void)tearDown {

    alice = nil;

    bob = nil;

}

- (void)testSASRandomness

{

    XCTAssertNotEqualObjects(alice.publicKey, bob.publicKey);

}

- (void)testSASBytesMatch {

    [alice setTheirPublicKey:bob.publicKey];

    [bob setTheirPublicKey:alice.publicKey];

    NSString *sas = @"SAS";

    NSUInteger length = 5;

    XCTAssertEqualObjects([alice generateBytes:sas length:length],

                          [bob generateBytes:sas length:length]);

}

- (void)testMACsMatch {

    [alice setTheirPublicKey:bob.publicKey];

    [bob setTheirPublicKey:alice.publicKey];

    NSString *string = @"test";

    NSString *info = @"MAC";

    NSError *aliceError, *bobError;

    XCTAssertEqualObjects([alice calculateMac:string info:info error:&aliceError],

                          [bob calculateMac:string info:info error:&bobError]);

    XCTAssertNil(aliceError);

    XCTAssertNil(bobError);

}

@end