You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
Hubert Chathi ad76fc1570 allow multiple arguments to be passed when linking Python library 3 days ago
.circleci ...in the right dir 4 years ago
android release 3.2.13 2 months ago
cmake Add CMake support 4 years ago
docs fix(megolm spec): Correct the version for the session export format. 3 months ago
fuzzing Fix unpickling error handling. 1 year ago
include improve handling of olm_session_describe when buffer is too short 1 year ago
javascript Improve Typescript typing 5 days ago
lib switch to doctest for unit testing 12 months ago
python allow multiple arguments to be passed when linking Python library 3 days ago
src improve handling of olm_session_describe when buffer is too short 1 year ago
tests switch to doctest for unit testing 12 months ago
tracing switch from /usr/bin/python to /usr/bin/env python. this doesn't help folks whose python path points at python3 (e.g. Arch linux) though, but I see no choice than they have to change the shebangs, as we do on Synapse. For instance, OSX doesn't have a python2 symlink, otherwise we'd use /usr/bin/env python2 shebang. 7 years ago
xcode exposed olm_sas_calculate_mac_fixed_base64 in the bindings 8 months ago
.editorconfig Add .editorconfig. 1 year ago
.gitignore Fix type hints on the PkDecryption class 7 months ago
.gitlab-ci.yml keep testing logs 1 year ago
CHANGELOG.rst release 3.2.13 2 months ago
CMakeLists.txt release 3.2.13 2 months ago
CONTRIBUTING.md Convert CONTRIBUTING.rst to markdown 4 years ago
LICENSE Copyright notices and a license 8 years ago
Makefile fix compatibility with newer versions of emscripten 2 months ago
OLMKit.podspec release 3.2.13 2 months ago
Package.swift release 3.2.13 2 months ago
README.md add documentation for installation, and other doc improvements 1 week ago
Windows64.cmake add support file for cross-compiling Windows library 1 year ago
common.mk release 3.2.13 2 months ago
exports.py fix JavaScript build 1 year ago
flake.lock update nix info 2 months ago
flake.nix update nix info 2 months ago
gitlab-math.lua fix doc building. Thanks to Jonas Smedegaard. 11 months ago
jenkins.sh python: Remove the python bindings. 4 years ago
lib_exports.sh Add lib_exports.sh for printing list of exported functions. 1 year ago
libolm.version make functions const where possible 1 year ago
olm.pc.in pkgconfig improvements 2 months ago
version_script.ver Use a version script to restrict symbols in the .so 7 years ago

README.md

Olm

An implementation of the Double Ratchet cryptographic ratchet described by https://whispersystems.org/docs/specifications/doubleratchet/, written in C and C++11 and exposed as a C API.

The specification of the Olm ratchet can be found in docs/olm.md.

This library also includes an implementation of the Megolm cryptographic ratchet, as specified in docs/megolm.md.

Installing

Linux and other Unix-like systems

Your distribution may have pre-compiled packages available. If not, or if you need a newer version, you will need to compile from source. See the "Building" section below for more details.

macOS

The easiest way to install on macOS is via Homebrew. If you do not have Homebrew installed, follow the instructions at https://brew.sh/ to install it.

You can then install libolm by running

brew install libolm

If you also need the Python packages, you can run

pip3 install python-olm --global-option="build_ext" --global-option="--include-dirs="`brew --prefix libolm`"/include" --global-option="--library-dirs="`brew --prefix libolm`"/lib"

Note that this will install an older version of the Python bindings, which may be missing some functions. If you need the latest version, you will need to build from source.

Windows

You will need to build from source. See the "Building" section below for more details.

Bindings

JavaScript

You can use pre-built npm packages, available at https://gitlab.matrix.org/matrix-org/olm/-/packages?type=npm.

Python

Pre-built packages for Python are available for certain architectures at https://gitlab.matrix.org/matrix-org/olm/-/packages?type=PyPI. They can be installed by running

pip install python-olm --extra-index-url https://gitlab.matrix.org/api/v4/projects/27/packages/pypi/simple

Currently, we try to provide packages for all supported versions of Python on x86-64, i686, and aarch64, but we cannot guarantee that packages for all versions will be available on all architectures.

Android

Pre-built Android bindings are available at https://gitlab.matrix.org/matrix-org/olm/-/packages?type=Maven.

Building

To build olm as a shared library run:

cmake . -Bbuild
cmake --build build

To run the tests, run:

cd build/tests
ctest .

To build olm as a static library (which still needs libstdc++ dynamically) run:

cmake . -Bbuild -DBUILD_SHARED_LIBS=NO
cmake --build build

The library can also be used as a dependency with CMake using:

find_package(Olm::Olm REQUIRED)
target_link_libraries(my_exe Olm::Olm)

Bindings

JavaScript

The recommended way to build the JavaScript bindings is using Nix. With Nix, you can run

nix build .\#javascript

to build the bindings.

If you do not have Nix you can, install emscripten from https://emscripten.org/ and then run:

make js

Emscripten can also be run via Docker, in which case, you need to pass through the EMCC_CLOSURE_ARGS environment variable.

Android

To build the android project for Android bindings, run:

cd android
./gradlew clean build

Objective-C

To build the Xcode workspace for Objective-C bindings, run:

cd xcode
pod install
open OLMKit.xcworkspace

Python

To build the Python 3 bindings, first build olm as a library as above, and then run:

cd python
make

Using make instead of cmake

WARNING: Using cmake is the preferred method for building the olm library; the Makefile may be removed in the future or have functionality removed. In addition, the Makefile may make certain assumptions about your system and is not as well tested.

To build olm as a dynamic library, run:

make

To run the tests, run:

make test

To build olm as a static library, run:

make static

Bindings

libolm can be used in different environments using bindings. In addition to the JavaScript, Python, Java (Android), and Objective-C bindings included in this repository, some bindings are (in alphabetical order):

Note that bindings may have a different license from libolm, and are not endorsed by the Matrix.org Foundation C.I.C.

Release process

First: bump version numbers in common.mk, CMakeLists.txt, javascript/package.json, python/olm/__version__.py, OLMKit.podspec, Package.swift, and android/gradle.properties.

Also, ensure the changelog is up to date, and that everything is committed to git.

It's probably sensible to do the above on a release branch (release-vx.y.z by convention), and merge back to master once the release is complete.

make clean

# build and test C library
make test

# build and test JS wrapper
make js
(cd javascript && \
     npm run test && \
     sha256sum olm.js olm_legacy.js olm.wasm > checksums.txt && \
     gpg -b -a -u F75FDC22C1DE8453 checksums.txt && \
     npm publish)

VERSION=x.y.z
git tag $VERSION -s
git push --tags

# OLMKit CocoaPod release
# Make sure the version OLMKit.podspec is the same as the git tag
# (this must be checked before git tagging)
pod spec lint OLMKit.podspec --use-libraries --allow-warnings
pod trunk push OLMKit.podspec --use-libraries --allow-warnings
# Check the pod has been successully published with:
pod search OLMKit

Python and JavaScript packages are published to the registry at https://gitlab.matrix.org/matrix-org/olm/-/packages. The GitLab documentation contains instructions on how to set up twine (Python) and npm (JavaScript) to upload to the registry.

To publish the Android library to MavenCentral (you will need some secrets), in the /android folder:

  • Run the command ./gradlew clean build publish --no-daemon --no-parallel --stacktrace. The generated AAR must be approx 500 kb.
  • Connect to https://s01.oss.sonatype.org
  • Click on Staging Repositories and check the the files have been uploaded
  • Click on close
  • Wait (check Activity tab until step "Repository closed" is displayed)
  • Click on release. The staging repository will disappear
  • Check that the release is available in https://repo1.maven.org/maven2/org/matrix/android/olm-sdk/ (it can take a few minutes)

Design

Olm is designed to be easy port to different platforms and to be easy to write bindings for.

It was originally implemented in C++, with a plain-C layer providing the public API. As development has progressed, it has become clear that C++ gives little advantage, and new functionality is being added in C, with C++ parts being rewritten as the need ariases.

Error Handling

All C functions in the API for olm return olm_error() on error. This makes it easy to check for error conditions within the language bindings.

Random Numbers

Olm doesn't generate random numbers itself. Instead the caller must provide the random data. This makes it easier to port the library to different platforms since the caller can use whatever cryptographic random number generator their platform provides.

Memory

Olm avoids calling malloc or allocating memory on the heap itself. Instead the library calculates how much memory will be needed to hold the output and the caller supplies a buffer of the appropriate size.

Output Encoding

Binary output is encoded as base64 so that languages that prefer unicode strings will find it easier to handle the output.

Dependencies

Olm uses pure C implementations of the cryptographic primitives used by the ratchet. While this decreases the performance it makes it much easier to compile the library for different architectures.

Contributing

Please see CONTRIBUTING.md when making contributions to the library.

Security assessment

Olm 1.3.0 was independently assessed by NCC Group's Cryptography Services Practive in September 2016 to check for security issues: you can read all about it at https://www.nccgroup.com/globalassets/our-research/us/public-reports/2016/november/ncc_group_olm_cryptogrpahic_review_2016_11_01.pdf and https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last/

Security issues

If you think you found a security issue in libolm, any of its bindings or the Olm/Megolm protocols, please follow our Security Disclosure Policy to report.

Bug reports

For non-sensitive bugs, please file bug reports at https://github.com/matrix-org/olm/issues.

What's an olm?

It's a really cool species of European troglodytic salamander. http://www.postojnska-jama.eu/en/come-and-visit-us/vivarium-proteus/

The software may be subject to the U.S. export control laws and regulations and by downloading the software the user certifies that he/she/it is authorized to do so in accordance with those export control laws and regulations.