Commit 5d1b66c3 authored by manuroe's avatar manuroe
Browse files

Merge remote-tracking branch 'origin/master' into olmkit

parents 62f52806 f6c05be8
......@@ -58,6 +58,7 @@ session_function(
c_void_p, c_size_t, # Identity Key
c_void_p, c_size_t, # Pre Key Message
)
session_function(lib.olm_pickle_session_length)
session_function(lib.olm_encrypt_message_type)
session_function(lib.olm_encrypt_random_length)
session_function(lib.olm_encrypt_message_length, c_size_t)
......
......@@ -263,7 +263,8 @@ size_t olm_group_decrypt_max_plaintext_length(
static size_t _decrypt(
OlmInboundGroupSession *session,
uint8_t * message, size_t message_length,
uint8_t * plaintext, size_t max_plaintext_length
uint8_t * plaintext, size_t max_plaintext_length,
uint32_t * message_index
) {
struct _OlmDecodeGroupMessageResults decoded_results;
size_t max_length, r;
......@@ -286,6 +287,10 @@ static size_t _decrypt(
return (size_t)-1;
}
if (message_index != NULL) {
*message_index = decoded_results.message_index;
}
/* verify the signature. We could do this before decoding the message, but
* we allow for the possibility of future protocol versions which use a
* different signing mechanism; we would rather throw "BAD_MESSAGE_VERSION"
......@@ -349,7 +354,8 @@ static size_t _decrypt(
size_t olm_group_decrypt(
OlmInboundGroupSession *session,
uint8_t * message, size_t message_length,
uint8_t * plaintext, size_t max_plaintext_length
uint8_t * plaintext, size_t max_plaintext_length,
uint32_t * message_index
) {
size_t raw_message_length;
......@@ -361,7 +367,8 @@ size_t olm_group_decrypt(
return _decrypt(
session, message, raw_message_length,
plaintext, max_plaintext_length
plaintext, max_plaintext_length,
message_index
);
}
......
......@@ -214,11 +214,13 @@ void olm::decode_message(
reader.ciphertext = nullptr;
reader.ciphertext_length = 0;
if (pos == end) return;
if (input_length < mac_length) return;
if (pos == end) return;
reader.version = *(pos++);
while (pos != end) {
unknown = pos;
pos = decode(
pos, end, RATCHET_KEY_TAG,
reader.ratchet_key, reader.ratchet_key_length
......@@ -234,7 +236,6 @@ void olm::decode_message(
if (unknown == pos) {
pos = skip_unknown(pos, end);
}
unknown = pos;
}
}
......@@ -303,6 +304,7 @@ void olm::decode_one_time_key_message(
reader.version = *(pos++);
while (pos != end) {
unknown = pos;
pos = decode(
pos, end, ONE_TIME_KEY_ID_TAG,
reader.one_time_key, reader.one_time_key_length
......@@ -322,7 +324,6 @@ void olm::decode_one_time_key_message(
if (unknown == pos) {
pos = skip_unknown(pos, end);
}
unknown = pos;
}
}
......@@ -377,9 +378,12 @@ void _olm_decode_group_message(
results->ciphertext_length = 0;
if (input_length < trailer_length) return;
if (pos == end) return;
results->version = *(pos++);
while (pos != end) {
unknown = pos;
pos = decode(
pos, end, GROUP_MESSAGE_INDEX_TAG,
results->message_index, has_message_index
......@@ -391,7 +395,6 @@ void _olm_decode_group_message(
if (unknown == pos) {
pos = skip_unknown(pos, end);
}
unknown = pos;
}
results->has_message_index = (int)has_message_index;
......
......@@ -154,20 +154,23 @@ size_t olm_init_outbound_group_session_random_length(
size_t olm_init_outbound_group_session(
OlmOutboundGroupSession *session,
uint8_t const * random, size_t random_length
uint8_t *random, size_t random_length
) {
const uint8_t *random_ptr = random;
if (random_length < olm_init_outbound_group_session_random_length(session)) {
/* Insufficient random data for new session */
session->last_error = OLM_NOT_ENOUGH_RANDOM;
return (size_t)-1;
}
megolm_init(&(session->ratchet), random, 0);
random += MEGOLM_RATCHET_LENGTH;
megolm_init(&(session->ratchet), random_ptr, 0);
random_ptr += MEGOLM_RATCHET_LENGTH;
_olm_crypto_ed25519_generate_key(random, &(session->signing_key));
random += ED25519_RANDOM_LENGTH;
_olm_crypto_ed25519_generate_key(random_ptr, &(session->signing_key));
random_ptr += ED25519_RANDOM_LENGTH;
_olm_unset(random, random_length);
return 0;
}
......
......@@ -60,7 +60,7 @@ size_t _olm_enc_output(
raw_output, length
);
_olm_encode_base64(raw_output, length, output);
return raw_length;
return base64_length;
}
......
......@@ -28,23 +28,26 @@ int main() {
size_t pickle_length = olm_pickle_outbound_group_session_length(session);
uint8_t pickle1[pickle_length];
olm_pickle_outbound_group_session(session,
"secret_key", 10,
pickle1, pickle_length);
size_t res = olm_pickle_outbound_group_session(
session, "secret_key", 10, pickle1, pickle_length
);
assert_equals(pickle_length, res);
uint8_t pickle2[pickle_length];
memcpy(pickle2, pickle1, pickle_length);
uint8_t buffer2[size];
OlmOutboundGroupSession *session2 = olm_outbound_group_session(buffer2);
size_t res = olm_unpickle_outbound_group_session(session2,
"secret_key", 10,
pickle2, pickle_length);
res = olm_unpickle_outbound_group_session(
session2, "secret_key", 10, pickle2, pickle_length
);
assert_not_equals((size_t)-1, res);
assert_equals(pickle_length,
olm_pickle_outbound_group_session_length(session2));
olm_pickle_outbound_group_session(session2,
"secret_key", 10,
pickle2, pickle_length);
res = olm_pickle_outbound_group_session(
session2, "secret_key", 10, pickle2, pickle_length
);
assert_equals(pickle_length, res);
assert_equals(pickle1, pickle2, pickle_length);
}
......@@ -59,23 +62,25 @@ int main() {
size_t pickle_length = olm_pickle_inbound_group_session_length(session);
uint8_t pickle1[pickle_length];
olm_pickle_inbound_group_session(session,
"secret_key", 10,
pickle1, pickle_length);
size_t res = olm_pickle_inbound_group_session(
session, "secret_key", 10, pickle1, pickle_length
);
assert_equals(pickle_length, res);
uint8_t pickle2[pickle_length];
memcpy(pickle2, pickle1, pickle_length);
uint8_t buffer2[size];
OlmInboundGroupSession *session2 = olm_inbound_group_session(buffer2);
size_t res = olm_unpickle_inbound_group_session(session2,
"secret_key", 10,
pickle2, pickle_length);
res = olm_unpickle_inbound_group_session(
session2, "secret_key", 10, pickle2, pickle_length
);
assert_not_equals((size_t)-1, res);
assert_equals(pickle_length,
olm_pickle_inbound_group_session_length(session2));
olm_pickle_inbound_group_session(session2,
"secret_key", 10,
pickle2, pickle_length);
res = olm_pickle_inbound_group_session(
session2, "secret_key", 10, pickle2, pickle_length
);
assert_equals(pickle1, pickle2, pickle_length);
}
......@@ -161,10 +166,12 @@ int main() {
memcpy(msgcopy, msg, msglen);
size = olm_group_decrypt_max_plaintext_length(inbound_session, msgcopy, msglen);
uint8_t plaintext_buf[size];
uint32_t message_index;
res = olm_group_decrypt(inbound_session, msg, msglen,
plaintext_buf, size);
plaintext_buf, size, &message_index);
assert_equals(plaintext_length, res);
assert_equals(plaintext, plaintext_buf, res);
assert_equals(message_index, uint32_t(0));
}
{
......@@ -208,9 +215,11 @@ int main() {
memcpy(msgcopy, message, msglen);
uint8_t plaintext_buf[size];
uint32_t message_index;
res = olm_group_decrypt(
inbound_session, msgcopy, msglen, plaintext_buf, size
inbound_session, msgcopy, msglen, plaintext_buf, size, &message_index
);
assert_equals(message_index, uint32_t(0));
assert_equals(plaintext_length, res);
assert_equals(plaintext, plaintext_buf, res);
......@@ -227,7 +236,7 @@ int main() {
memcpy(msgcopy, message, msglen);
res = olm_group_decrypt(
inbound_session, msgcopy, msglen,
plaintext_buf, size
plaintext_buf, size, &message_index
);
assert_equals((size_t)-1, res);
assert_equals(
......
......@@ -49,7 +49,9 @@ mock_random(ot_random, sizeof(ot_random));
std::size_t pickle_length = ::olm_pickle_account_length(account);
std::uint8_t pickle1[pickle_length];
::olm_pickle_account(account, "secret_key", 10, pickle1, pickle_length);
std::size_t res = ::olm_pickle_account(account, "secret_key", 10, pickle1, pickle_length);
assert_equals(pickle_length, res);
std::uint8_t pickle2[pickle_length];
std::memcpy(pickle2, pickle1, pickle_length);
......@@ -59,10 +61,10 @@ assert_not_equals(std::size_t(-1), ::olm_unpickle_account(
account2, "secret_key", 10, pickle2, pickle_length
));
assert_equals(pickle_length, ::olm_pickle_account_length(account2));
::olm_pickle_account(account2, "secret_key", 10, pickle2, pickle_length);
res = ::olm_pickle_account(account2, "secret_key", 10, pickle2, pickle_length);
assert_equals(pickle_length, res);
assert_equals(pickle1, pickle2, pickle_length);
}
......@@ -122,7 +124,9 @@ mock_random(random2, sizeof(random2));
std::size_t pickle_length = ::olm_pickle_session_length(session);
std::uint8_t pickle1[pickle_length];
::olm_pickle_session(session, "secret_key", 10, pickle1, pickle_length);
std::size_t res = ::olm_pickle_session(session, "secret_key", 10, pickle1, pickle_length);
assert_equals(pickle_length, res);
std::uint8_t pickle2[pickle_length];
std::memcpy(pickle2, pickle1, pickle_length);
......@@ -132,10 +136,10 @@ assert_not_equals(std::size_t(-1), ::olm_unpickle_session(
session2, "secret_key", 10, pickle2, pickle_length
));
assert_equals(pickle_length, ::olm_pickle_session_length(session2));
::olm_pickle_session(session2, "secret_key", 10, pickle2, pickle_length);
res = ::olm_pickle_session(session2, "secret_key", 10, pickle2, pickle_length);
assert_equals(pickle_length, res);
assert_equals(pickle1, pickle2, pickle_length);
}
{ /** Loopback test */
......@@ -161,6 +165,9 @@ std::uint8_t o_random[::olm_account_generate_one_time_keys_random_length(
mock_random_b(o_random, sizeof(o_random));
::olm_account_generate_one_time_keys(b_account, 42, o_random, sizeof(o_random));
std::uint8_t a_id_keys[::olm_account_identity_keys_length(a_account)];
::olm_account_identity_keys(a_account, a_id_keys, sizeof(a_id_keys));
std::uint8_t b_id_keys[::olm_account_identity_keys_length(b_account)];
std::uint8_t b_ot_keys[::olm_account_one_time_keys_length(b_account)];
::olm_account_identity_keys(b_account, b_id_keys, sizeof(b_id_keys));
......@@ -172,8 +179,8 @@ std::uint8_t a_rand[::olm_create_outbound_session_random_length(a_session)];
mock_random_a(a_rand, sizeof(a_rand));
assert_not_equals(std::size_t(-1), ::olm_create_outbound_session(
a_session, a_account,
b_id_keys + 15, 43,
b_ot_keys + 25, 43,
b_id_keys + 15, 43, // B's curve25519 identity key
b_ot_keys + 25, 43, // B's curve25519 one time key
a_rand, sizeof(a_rand)
));
......@@ -198,6 +205,31 @@ std::uint8_t b_session_buffer[::olm_account_size()];
b_session, b_account, tmp_message_1, sizeof(message_1)
);
// Check that the inbound session matches the message it was created from.
std::memcpy(tmp_message_1, message_1, sizeof(message_1));
assert_equals(std::size_t(1), ::olm_matches_inbound_session(
b_session,
tmp_message_1, sizeof(message_1)
));
// Check that the inbound session matches the key this message is supposed
// to be from.
std::memcpy(tmp_message_1, message_1, sizeof(message_1));
assert_equals(std::size_t(1), ::olm_matches_inbound_session_from(
b_session,
a_id_keys + 15, 43, // A's curve125519 identity key.
tmp_message_1, sizeof(message_1)
));
// Check that the inbound session isn't from a different user.
std::memcpy(tmp_message_1, message_1, sizeof(message_1));
assert_equals(std::size_t(0), ::olm_matches_inbound_session_from(
b_session,
b_id_keys + 15, 43, // B's curve25519 identity key.
tmp_message_1, sizeof(message_1)
));
// Check that we can decrypt the message.
std::memcpy(tmp_message_1, message_1, sizeof(message_1));
std::uint8_t plaintext_1[::olm_decrypt_max_plaintext_length(
b_session, 0, tmp_message_1, sizeof(message_1)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment