Commit 2ef1f6f4 authored by Saúl Ibarra Corretgé's avatar Saúl Ibarra Corretgé Committed by Hubert Chathi
Browse files

SAS: add olm_sas_is_their_key_set

Also make olm_sas_generate_bytes fail if their key wasn't set.
parent 4bae4134
......@@ -53,10 +53,10 @@ enum OlmErrorCode {
OLM_INPUT_BUFFER_TOO_SMALL = 15,
// Not an error code, just here to pad out the enum past 16 because
// otherwise the compiler warns about a redunant check. If you're
// adding an error code, replace this one!
OLM_ERROR_NOT_INVENTED_YET = 16,
/**
* SAS doesn't have their key set.
*/
OLM_SAS_THEIR_KEY_NOT_SET = 16,
/* remember to update the list of string constants in error.c when updating
* this list. */
......
......@@ -105,6 +105,15 @@ size_t olm_sas_set_their_key(
void * their_key, size_t their_key_length
);
/** Checks if their key was set.
*
* @param[in] sas the SAS object.
*
*/
int olm_sas_is_their_key_set(
OlmSAS *sas
);
/** Generate bytes to use for the short authentication string.
*
* @param[in] sas the SAS object.
......@@ -114,6 +123,9 @@ size_t olm_sas_set_their_key(
* @param[out] output the output buffer.
* @param[in] output_length the size of the output buffer. For hex-based SAS
* as in the Matrix spec, this will be 5.
*
* @return `olm_error()` on failure. If their key wasn't set then
* `olm_sas_last_error()` will be `SAS_THEIR_KEY_NOT_SET`.
*/
size_t olm_sas_generate_bytes(
OlmSAS * sas,
......
......@@ -42,6 +42,12 @@ SAS.prototype['set_their_key'] = restore_stack(function(their_key) {
);
});
SAS.prototype['is_their_key_set'] = restore_stack(function() {
return sas_method(Module['_olm_sas_is_their_key_set'])(
this.ptr
) ? true : false;
});
SAS.prototype['generate_bytes'] = restore_stack(function(info, length) {
var info_array = array_from_string(info);
var info_buffer = stack(info_array);
......
......@@ -50,4 +50,13 @@ describe("sas", function() {
bob.set_their_key(alice.get_pubkey());
expect(alice.calculate_mac("test", "MAC").toString()).toEqual(bob.calculate_mac("test", "MAC").toString());
});
it('should fail to generate bytes if their key is not set', function () {
expect(alice.is_their_key_set()).toBeFalsy();
expect(() => {
alice.generate_bytes("SAS", 5);
}).toThrow();
alice.set_their_key(bob.get_pubkey());
expect(alice.is_their_key_set()).toBeTruthy();
});
});
......@@ -32,6 +32,7 @@ static const char * ERRORS[] = {
"BAD_LEGACY_ACCOUNT_PICKLE",
"BAD_SIGNATURE",
"OLM_INPUT_BUFFER_TOO_SMALL",
"OLM_SAS_THEIR_KEY_NOT_SET"
};
const char * _olm_error_to_string(enum OlmErrorCode error)
......
......@@ -23,6 +23,7 @@ struct OlmSAS {
enum OlmErrorCode last_error;
struct _olm_curve25519_key_pair curve25519_key;
uint8_t secret[CURVE25519_SHARED_SECRET_LENGTH];
int their_key_set;
};
const char * olm_sas_last_error(
......@@ -95,14 +96,25 @@ size_t olm_sas_set_their_key(
}
_olm_decode_base64(their_key, their_key_length, their_key);
_olm_crypto_curve25519_shared_secret(&sas->curve25519_key, their_key, sas->secret);
sas->their_key_set = 1;
return 0;
}
int olm_sas_is_their_key_set(
OlmSAS *sas
) {
return sas->their_key_set;
}
size_t olm_sas_generate_bytes(
OlmSAS * sas,
const void * info, size_t info_length,
void * output, size_t output_length
) {
if (!sas->their_key_set) {
sas->last_error = OLM_SAS_THEIR_KEY_NOT_SET;
return (size_t)-1;
}
_olm_crypto_hkdf_sha256(
sas->secret, sizeof(sas->secret),
NULL, 0,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment