||1 month ago|
|.circleci||5 years ago|
|android||1 month ago|
|cmake||5 years ago|
|docs||9 months ago|
|fuzzing||2 years ago|
|include||2 years ago|
|lib||1 year ago|
|nix||3 months ago|
|python||1 month ago|
|src||2 years ago|
|tests||1 year ago|
|tracing||8 years ago|
|xcode||1 year ago|
|.editorconfig||2 years ago|
|.gitignore||1 year ago|
|.gitlab-ci.yml||2 years ago|
|CHANGELOG.rst||1 month ago|
|CMakeLists.txt||1 month ago|
|CONTRIBUTING.md||4 years ago|
|LICENSE||8 years ago|
|Makefile||1 month ago|
|OLMKit.podspec||1 month ago|
|Package.swift||1 month ago|
|README.md||1 month ago|
|Windows64.cmake||6 months ago|
|common.mk||1 month ago|
|exports.py||2 years ago|
|flake.lock||8 months ago|
|flake.nix||3 months ago|
|gitlab-math.lua||1 year ago|
|jenkins.sh||5 years ago|
|lib_exports.sh||2 years ago|
|libolm.version||2 years ago|
|olm.pc.in||8 months ago|
|version_script.ver||7 years ago|
An implementation of the Double Ratchet cryptographic ratchet described by https://whispersystems.org/docs/specifications/doubleratchet/, written in C and C++11 and exposed as a C API.
The specification of the Olm ratchet can be found in docs/olm.md.
This library also includes an implementation of the Megolm cryptographic ratchet, as specified in docs/megolm.md.
Linux and other Unix-like systems
Your distribution may have pre-compiled packages available. If not, or if you need a newer version, you will need to compile from source. See the "Building" section below for more details.
The easiest way to install on macOS is via Homebrew. If you do not have Homebrew installed, follow the instructions at https://brew.sh/ to install it.
You can then install libolm by running
brew install libolm
If you also need the Python packages, you can run
pip3 install python-olm --global-option="build_ext" --global-option="--include-dirs="`brew --prefix libolm`"/include" --global-option="--library-dirs="`brew --prefix libolm`"/lib"
Note that this will install an older version of the Python bindings, which may be missing some functions. If you need the latest version, you will need to build from source.
You will need to build from source. See the "Building" section below for more details.
You can use pre-built npm packages, available at https://gitlab.matrix.org/matrix-org/olm/-/packages?type=npm.
A Python source package and pre-built packages for certain architectures from https://pypi.org/project/python-olm/. If a pre-built package is not available for your architecture, you will need:
- cmake (recommended) or GNU make
- a C/C++ compiler
to build the source package.
You can then run
pip install python-olm.
Currently, we try to provide packages for all supported versions of Python on x86-64, i686, and aarch64, but we cannot guarantee that packages for all versions will be available on all architectures.
Pre-built Android bindings are available at https://gitlab.matrix.org/matrix-org/olm/-/packages?type=Maven.
To build olm as a shared library run:
cmake . -Bbuild cmake --build build
To run the tests, run:
cd build/tests ctest .
To build olm as a static library (which still needs libstdc++ dynamically) run:
cmake . -Bbuild -DBUILD_SHARED_LIBS=NO cmake --build build
The library can also be used as a dependency with CMake using:
find_package(Olm::Olm REQUIRED) target_link_libraries(my_exe Olm::Olm)
to build the bindings.
If you do not have Nix you can, install emscripten from https://emscripten.org/ and then run:
Emscripten can also be run via Docker, in which case, you need to pass through the EMCC_CLOSURE_ARGS environment variable.
To build the android project for Android bindings, run:
cd android ./gradlew clean build
To build the Xcode workspace for Objective-C bindings, run:
cd xcode pod install open OLMKit.xcworkspace
To build the Python 3 bindings, first build olm as a library as above, and then run:
cd python make
Using make instead of cmake
WARNING: Using cmake is the preferred method for building the olm library; the Makefile may be removed in the future or have functionality removed. In addition, the Makefile may make certain assumptions about your system and is not as well tested.
To build olm as a dynamic library, run:
To run the tests, run:
To build olm as a static library, run:
- cl-megolm (MIT) Common Lisp bindings
- dart-olm (AGPLv3) Dart bindings
- Dhole/go-olm (Apache-2.0) Go bindings
- jOlm (Apache-2.0) Java bindings
- libQtOlm (GPLv3) Qt bindings
- matrix-kt (Apache-2.0) Kotlin library for Matrix, including Olm methods
- maunium.net/go/mautrix/crypto/olm (Apache-2.0) fork of Dhole/go-olm
- nim-olm (MIT) Nim bindings
- olm-sys (Apache-2.0) Rust bindings
- Trixnity (Apache-2.0) Kotlin SDK for Matrix, including Olm bindings
Note that bindings may have a different license from libolm, and are not endorsed by the Matrix.org Foundation C.I.C.
First: bump version numbers in
Also, ensure the changelog is up to date, and that everything is committed to git.
It's probably sensible to do the above on a release branch (
by convention), and merge back to master once the release is complete.
To publish the Android library to MavenCentral (you will need some secrets), in the /android folder:
- Run the command
./gradlew clean build publish --no-daemon --no-parallel --stacktrace. The generated AAR must be approx 500 kb.
- Connect to https://s01.oss.sonatype.org
- Click on Staging Repositories and check the the files have been uploaded
- Click on close
- Wait (check Activity tab until step "Repository closed" is displayed)
- Click on release. The staging repository will disappear
- Check that the release is available in https://repo1.maven.org/maven2/org/matrix/android/olm-sdk/ (it can take a few minutes)
Olm is designed to be easy port to different platforms and to be easy to write bindings for.
It was originally implemented in C++, with a plain-C layer providing the public API. As development has progressed, it has become clear that C++ gives little advantage, and new functionality is being added in C, with C++ parts being rewritten as the need ariases.
All C functions in the API for olm return
olm_error() on error.
This makes it easy to check for error conditions within the language bindings.
Olm doesn't generate random numbers itself. Instead the caller must provide the random data. This makes it easier to port the library to different platforms since the caller can use whatever cryptographic random number generator their platform provides.
Olm avoids calling malloc or allocating memory on the heap itself. Instead the library calculates how much memory will be needed to hold the output and the caller supplies a buffer of the appropriate size.
Binary output is encoded as base64 so that languages that prefer unicode strings will find it easier to handle the output.
Olm uses pure C implementations of the cryptographic primitives used by the ratchet. While this decreases the performance it makes it much easier to compile the library for different architectures.
Please see CONTRIBUTING.md when making contributions to the library.
Olm 1.3.0 was independently assessed by NCC Group's Cryptography Services Practive in September 2016 to check for security issues: you can read all about it at https://www.nccgroup.com/globalassets/our-research/us/public-reports/2016/november/ncc_group_olm_cryptogrpahic_review_2016_11_01.pdf and https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last/
If you think you found a security issue in libolm, any of its bindings or the Olm/Megolm protocols, please follow our Security Disclosure Policy to report.
For non-sensitive bugs, please file bug reports at https://github.com/matrix-org/olm/issues.
What's an olm?
It's a really cool species of European troglodytic salamander. http://www.postojnska-jama.eu/en/come-and-visit-us/vivarium-proteus/
The software may be subject to the U.S. export control laws and regulations and by downloading the software the user certifies that he/she/it is authorized to do so in accordance with those export control laws and regulations.