message.cpp 10.5 KB
Newer Older
1
/* Copyright 2015-2016 OpenMarket Ltd
Mark Haines's avatar
Mark Haines committed
2
3
4
5
6
7
8
9
10
11
12
13
14
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
15
#include "olm/message.hh"
Mark Haines's avatar
Mark Haines committed
16

17
18
#include "olm/memory.hh"

Mark Haines's avatar
Mark Haines committed
19
20
21
namespace {

template<typename T>
22
static std::size_t varint_length(
Mark Haines's avatar
Mark Haines committed
23
24
25
    T value
) {
    std::size_t result = 1;
26
    while (value >= 128U) {
Mark Haines's avatar
Mark Haines committed
27
28
29
30
31
32
33
34
        ++result;
        value >>= 7;
    }
    return result;
}


template<typename T>
35
static std::uint8_t * varint_encode(
Mark Haines's avatar
Mark Haines committed
36
37
38
    std::uint8_t * output,
    T value
) {
39
    while (value >= 128U) {
Mark Haines's avatar
Mark Haines committed
40
        *(output++) = (0x7F & value) | 0x80;
41
        value >>= 7;
Mark Haines's avatar
Mark Haines committed
42
43
44
45
46
47
48
    }
    (*output++) = value;
    return output;
}


template<typename T>
49
static T varint_decode(
Mark Haines's avatar
Mark Haines committed
50
51
52
53
    std::uint8_t const * varint_start,
    std::uint8_t const * varint_end
) {
    T value = 0;
54
55
56
    if (varint_end == varint_start) {
        return 0;
    }
Mark Haines's avatar
Mark Haines committed
57
58
59
60
61
62
63
64
    do {
        value <<= 7;
        value |= 0x7F & *(--varint_end);
    } while (varint_end != varint_start);
    return value;
}


65
static std::uint8_t const * varint_skip(
Mark Haines's avatar
Mark Haines committed
66
67
68
69
70
71
72
73
74
75
76
77
78
    std::uint8_t const * input,
    std::uint8_t const * input_end
) {
    while (input != input_end) {
        std::uint8_t tmp = *(input++);
        if ((tmp & 0x80) == 0) {
            return input;
        }
    }
    return input;
}


79
static std::size_t varstring_length(
Mark Haines's avatar
Mark Haines committed
80
81
82
83
84
85
86
87
88
89
    std::size_t string_length
) {
    return varint_length(string_length) + string_length;
}

static std::size_t const VERSION_LENGTH = 1;
static std::uint8_t const RATCHET_KEY_TAG = 012;
static std::uint8_t const COUNTER_TAG = 020;
static std::uint8_t const CIPHERTEXT_TAG = 042;

90
static std::uint8_t * encode(
91
92
93
94
95
96
97
98
    std::uint8_t * pos,
    std::uint8_t tag,
    std::uint32_t value
) {
    *(pos++) = tag;
    return varint_encode(pos, value);
}

99
static std::uint8_t * encode(
100
101
102
103
104
105
106
107
108
109
    std::uint8_t * pos,
    std::uint8_t tag,
    std::uint8_t * & value, std::size_t value_length
) {
    *(pos++) = tag;
    pos = varint_encode(pos, value_length);
    value = pos;
    return pos + value_length;
}

110
static std::uint8_t const * decode(
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
    std::uint8_t const * pos, std::uint8_t const * end,
    std::uint8_t tag,
    std::uint32_t & value, bool & has_value
) {
    if (pos != end && *pos == tag) {
        ++pos;
        std::uint8_t const * value_start = pos;
        pos = varint_skip(pos, end);
        value = varint_decode<std::uint32_t>(value_start, pos);
        has_value = true;
    }
    return pos;
}


126
static std::uint8_t const * decode(
127
128
129
130
131
132
133
134
135
    std::uint8_t const * pos, std::uint8_t const * end,
    std::uint8_t tag,
    std::uint8_t const * & value, std::size_t & value_length
) {
    if (pos != end && *pos == tag) {
        ++pos;
        std::uint8_t const * len_start = pos;
        pos = varint_skip(pos, end);
        std::size_t len = varint_decode<std::size_t>(len_start, pos);
136
        if (len > std::size_t(end - pos)) return end;
137
138
139
140
141
142
143
        value = pos;
        value_length = len;
        pos += len;
    }
    return pos;
}

144
static std::uint8_t const * skip_unknown(
145
146
147
148
    std::uint8_t const * pos, std::uint8_t const * end
) {
    if (pos != end) {
        uint8_t tag = *pos;
149
        if ((tag & 0x7) == 0) {
150
151
            pos = varint_skip(pos, end);
            pos = varint_skip(pos, end);
152
        } else if ((tag & 0x7) == 2) {
153
154
155
156
            pos = varint_skip(pos, end);
            std::uint8_t const * len_start = pos;
            pos = varint_skip(pos, end);
            std::size_t len = varint_decode<std::size_t>(len_start, pos);
157
            if (len > std::size_t(end - pos)) return end;
158
159
160
161
162
163
164
165
            pos += len;
        } else {
            return end;
        }
    }
    return pos;
}

Mark Haines's avatar
Mark Haines committed
166
167
168
} // namespace


169
std::size_t olm::encode_message_length(
Mark Haines's avatar
Mark Haines committed
170
171
172
173
174
175
176
177
178
    std::uint32_t counter,
    std::size_t ratchet_key_length,
    std::size_t ciphertext_length,
    std::size_t mac_length
) {
    std::size_t length = VERSION_LENGTH;
    length += 1 + varstring_length(ratchet_key_length);
    length += 1 + varint_length(counter);
    length += 1 + varstring_length(ciphertext_length);
179
180
    length += mac_length;
    return length;
Mark Haines's avatar
Mark Haines committed
181
182
183
}


184
185
void olm::encode_message(
    olm::MessageWriter & writer,
Mark Haines's avatar
Mark Haines committed
186
187
188
189
190
191
192
193
    std::uint8_t version,
    std::uint32_t counter,
    std::size_t ratchet_key_length,
    std::size_t ciphertext_length,
    std::uint8_t * output
) {
    std::uint8_t * pos = output;
    *(pos++) = version;
194
195
196
    pos = encode(pos, RATCHET_KEY_TAG, writer.ratchet_key, ratchet_key_length);
    pos = encode(pos, COUNTER_TAG, counter);
    pos = encode(pos, CIPHERTEXT_TAG, writer.ciphertext, ciphertext_length);
Mark Haines's avatar
Mark Haines committed
197
198
199
}


200
201
void olm::decode_message(
    olm::MessageReader & reader,
Mark Haines's avatar
Mark Haines committed
202
203
204
205
206
    std::uint8_t const * input, std::size_t input_length,
    std::size_t mac_length
) {
    std::uint8_t const * pos = input;
    std::uint8_t const * end = input + input_length - mac_length;
207
    std::uint8_t const * unknown = nullptr;
208
209
210
211

    reader.input = input;
    reader.input_length = input_length;
    reader.has_counter = false;
212
    reader.ratchet_key = nullptr;
213
    reader.ratchet_key_length = 0;
214
    reader.ciphertext = nullptr;
215
216
    reader.ciphertext_length = 0;

217
    if (input_length < mac_length) return;
218
219

    if (pos == end) return;
220
    reader.version = *(pos++);
221

Mark Haines's avatar
Mark Haines committed
222
    while (pos != end) {
223
        unknown = pos;
224
225
226
227
228
229
230
231
232
233
234
235
236
        pos = decode(
            pos, end, RATCHET_KEY_TAG,
            reader.ratchet_key, reader.ratchet_key_length
        );
        pos = decode(
            pos, end, COUNTER_TAG,
            reader.counter, reader.has_counter
        );
        pos = decode(
            pos, end, CIPHERTEXT_TAG,
            reader.ciphertext, reader.ciphertext_length
        );
        if (unknown == pos) {
237
            pos = skip_unknown(pos, end);
Mark Haines's avatar
Mark Haines committed
238
239
        }
    }
240
241
242
243
244
}


namespace {

245
static std::uint8_t const ONE_TIME_KEY_ID_TAG = 012;
246
247
248
249
250
251
252
static std::uint8_t const BASE_KEY_TAG = 022;
static std::uint8_t const IDENTITY_KEY_TAG = 032;
static std::uint8_t const MESSAGE_TAG = 042;

} // namespace


253
std::size_t olm::encode_one_time_key_message_length(
254
    std::size_t one_time_key_length,
255
256
257
258
259
    std::size_t identity_key_length,
    std::size_t base_key_length,
    std::size_t message_length
) {
    std::size_t length = VERSION_LENGTH;
260
    length += 1 + varstring_length(one_time_key_length);
261
262
263
264
265
266
267
    length += 1 + varstring_length(identity_key_length);
    length += 1 + varstring_length(base_key_length);
    length += 1 + varstring_length(message_length);
    return length;
}


268
269
void olm::encode_one_time_key_message(
    olm::PreKeyMessageWriter & writer,
270
271
272
    std::uint8_t version,
    std::size_t identity_key_length,
    std::size_t base_key_length,
273
    std::size_t one_time_key_length,
274
275
276
277
278
    std::size_t message_length,
    std::uint8_t * output
) {
    std::uint8_t * pos = output;
    *(pos++) = version;
279
    pos = encode(pos, ONE_TIME_KEY_ID_TAG, writer.one_time_key, one_time_key_length);
280
281
282
283
284
285
    pos = encode(pos, BASE_KEY_TAG, writer.base_key, base_key_length);
    pos = encode(pos, IDENTITY_KEY_TAG, writer.identity_key, identity_key_length);
    pos = encode(pos, MESSAGE_TAG, writer.message, message_length);
}


286
void olm::decode_one_time_key_message(
287
288
289
290
291
    PreKeyMessageReader & reader,
    std::uint8_t const * input, std::size_t input_length
) {
    std::uint8_t const * pos = input;
    std::uint8_t const * end = input + input_length;
292
    std::uint8_t const * unknown = nullptr;
293

294
    reader.one_time_key = nullptr;
295
    reader.one_time_key_length = 0;
296
    reader.identity_key = nullptr;
297
    reader.identity_key_length = 0;
298
    reader.base_key = nullptr;
299
    reader.base_key_length = 0;
300
    reader.message = nullptr;
301
302
303
304
    reader.message_length = 0;

    if (pos == end) return;
    reader.version = *(pos++);
305
306

    while (pos != end) {
307
        unknown = pos;
308
309
        pos = decode(
            pos, end, ONE_TIME_KEY_ID_TAG,
310
            reader.one_time_key, reader.one_time_key_length
311
312
313
314
315
316
317
318
319
320
321
322
323
324
        );
        pos = decode(
            pos, end, BASE_KEY_TAG,
            reader.base_key, reader.base_key_length
        );
        pos = decode(
            pos, end, IDENTITY_KEY_TAG,
            reader.identity_key, reader.identity_key_length
        );
        pos = decode(
            pos, end, MESSAGE_TAG,
            reader.message, reader.message_length
        );
        if (unknown == pos) {
325
            pos = skip_unknown(pos, end);
326
        }
Mark Haines's avatar
Mark Haines committed
327
328
    }
}
329
330
331



332
333
static const std::uint8_t GROUP_MESSAGE_INDEX_TAG = 010;
static const std::uint8_t GROUP_CIPHERTEXT_TAG = 022;
334
335

size_t _olm_encode_group_message_length(
336
    uint32_t message_index,
337
    size_t ciphertext_length,
Richard van der Hoff's avatar
Richard van der Hoff committed
338
339
    size_t mac_length,
    size_t signature_length
340
341
) {
    size_t length = VERSION_LENGTH;
342
    length += 1 + varint_length(message_index);
343
344
    length += 1 + varstring_length(ciphertext_length);
    length += mac_length;
Richard van der Hoff's avatar
Richard van der Hoff committed
345
    length += signature_length;
346
347
348
349
    return length;
}


350
size_t _olm_encode_group_message(
351
    uint8_t version,
352
    uint32_t message_index,
353
354
355
356
357
358
359
    size_t ciphertext_length,
    uint8_t *output,
    uint8_t **ciphertext_ptr
) {
    std::uint8_t * pos = output;

    *(pos++) = version;
360
361
    pos = encode(pos, GROUP_MESSAGE_INDEX_TAG, message_index);
    pos = encode(pos, GROUP_CIPHERTEXT_TAG, *ciphertext_ptr, ciphertext_length);
362
    return pos-output;
363
}
364
365
366

void _olm_decode_group_message(
    const uint8_t *input, size_t input_length,
Richard van der Hoff's avatar
Richard van der Hoff committed
367
    size_t mac_length, size_t signature_length,
368
369
370
    struct _OlmDecodeGroupMessageResults *results
) {
    std::uint8_t const * pos = input;
Richard van der Hoff's avatar
Richard van der Hoff committed
371
372
    std::size_t trailer_length = mac_length + signature_length;
    std::uint8_t const * end = input + input_length - trailer_length;
373
374
    std::uint8_t const * unknown = nullptr;

375
376
    bool has_message_index = false;
    results->message_index = 0;
377
378
379
    results->ciphertext = nullptr;
    results->ciphertext_length = 0;

Richard van der Hoff's avatar
Richard van der Hoff committed
380
    if (input_length < trailer_length) return;
381
382

    if (pos == end) return;
383
384
385
    results->version = *(pos++);

    while (pos != end) {
386
        unknown = pos;
387
        pos = decode(
388
389
            pos, end, GROUP_MESSAGE_INDEX_TAG,
            results->message_index, has_message_index
390
391
        );
        pos = decode(
392
            pos, end, GROUP_CIPHERTEXT_TAG,
393
394
395
396
397
398
399
            results->ciphertext, results->ciphertext_length
        );
        if (unknown == pos) {
            pos = skip_unknown(pos, end);
        }
    }

400
    results->has_message_index = (int)has_message_index;
401
}