mirrors
/
olm
mirror of https://git.matrix.org/git/olm.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #14 from matrix-org/rav/convert_crypto_to_c 

Convert crypto.hh into C-compatible interface
logging_enabled
Richard van der Hoff 2016-09-05 10:42:09 +01:00 committed by GitHub
parent 2aad4cfa86 69f269ffaf
commit 057ab15c1a
18 changed files with 307 additions and 309 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/olm/account.hh
View File

@ -16,7 +16,7 @@
#define OLM_ACCOUNT_HH_
#include "olm/list.hh"
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include "olm/error.h"
#include <cstdint>
@ -25,14 +25,14 @@ namespace olm {
struct IdentityKeys {
Ed25519KeyPair ed25519_key;
Curve25519KeyPair curve25519_key;
_olm_ed25519_key_pair ed25519_key;
_olm_curve25519_key_pair curve25519_key;
};
struct OneTimeKey {
std::uint32_t id;
bool published;
Curve25519KeyPair key;
_olm_curve25519_key_pair key;
};
@ -128,12 +128,12 @@ struct Account {
/** Lookup a one time key with the given public key */
OneTimeKey const * lookup_key(
Curve25519PublicKey const & public_key
_olm_curve25519_public_key const & public_key
);
/** Remove a one time key with the given public key */
std::size_t remove_key(
Curve25519PublicKey const & public_key
_olm_curve25519_public_key const & public_key
);
};

114
include/olm/crypto.h
View File

@ -57,9 +57,70 @@ extern "C" {
/** length of an aes256 initialisation vector */
#define AES256_IV_LENGTH 16
struct _olm_aes256_key {
uint8_t key[AES256_KEY_LENGTH];
};
/** Computes SHA-256 of the input. The output buffer must be a least 32
* bytes long. */
struct _olm_aes256_iv {
uint8_t iv[AES256_IV_LENGTH];
};
struct _olm_curve25519_public_key {
uint8_t public_key[CURVE25519_KEY_LENGTH];
};
struct _olm_curve25519_private_key {
uint8_t private_key[CURVE25519_KEY_LENGTH];
};
struct _olm_curve25519_key_pair {
struct _olm_curve25519_public_key public_key;
struct _olm_curve25519_private_key private_key;
};
struct _olm_ed25519_public_key {
uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH];
};
struct _olm_ed25519_private_key {
uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH];
};
struct _olm_ed25519_key_pair {
struct _olm_ed25519_public_key public_key;
struct _olm_ed25519_private_key private_key;
};
/** The length of output the aes_encrypt_cbc function will write */
size_t _olm_crypto_aes_encrypt_cbc_length(
size_t input_length
);
/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
* The output buffer must be big enough to hold the output including padding */
void _olm_crypto_aes_encrypt_cbc(
const struct _olm_aes256_key *key,
const struct _olm_aes256_iv *iv,
const uint8_t *input, size_t input_length,
uint8_t *output
);
/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
* least the same size as the input buffer. Returns the length of the plaintext
* without padding on success or std::size_t(-1) if the padding is invalid.
*/
size_t _olm_crypto_aes_decrypt_cbc(
const struct _olm_aes256_key *key,
const struct _olm_aes256_iv *iv,
uint8_t const * input, size_t input_length,
uint8_t * output
);
/** Computes SHA-256 of the input. The output buffer must be a least
* SHA256_OUTPUT_LENGTH (32) bytes long. */
void _olm_crypto_sha256(
uint8_t const * input, size_t input_length,
uint8_t * output
@ -68,7 +129,7 @@ void _olm_crypto_sha256(
/** HMAC: Keyed-Hashing for Message Authentication
* http://tools.ietf.org/html/rfc2104
* Computes HMAC-SHA-256 of the input for the key. The output buffer must
* be at least 32 bytes long. */
* be at least SHA256_OUTPUT_LENGTH (32) bytes long. */
void _olm_crypto_hmac_sha256(
uint8_t const * key, size_t key_length,
uint8_t const * input, size_t input_length,
@ -87,6 +148,53 @@ void _olm_crypto_hkdf_sha256(
);
/** Generate a curve25519 key pair
* random_32_bytes should be CURVE25519_RANDOM_LENGTH (32) bytes long.
*/
void _olm_crypto_curve25519_generate_key(
uint8_t const * random_32_bytes,
struct _olm_curve25519_key_pair *output
);
/** Create a shared secret using our private key and their public key.
* The output buffer must be at least CURVE25519_SHARED_SECRET_LENGTH (32) bytes long.
*/
void _olm_crypto_curve25519_shared_secret(
const struct _olm_curve25519_key_pair *our_key,
const struct _olm_curve25519_public_key *their_key,
uint8_t * output
);
/** Generate an ed25519 key pair
* random_32_bytes should be ED25519_RANDOM_LENGTH (32) bytes long.
*/
void _olm_crypto_ed25519_generate_key(
uint8_t const * random_bytes,
struct _olm_ed25519_key_pair *output
);
/** Signs the message using our private key.
*
* The output buffer must be at least ED25519_SIGNATURE_LENGTH (64) bytes
* long. */
void _olm_crypto_ed25519_sign(
const struct _olm_ed25519_key_pair *our_key,
const uint8_t * message, size_t message_length,
uint8_t * output
);
/** Verify an ed25519 signature
* The signature input buffer must be ED25519_SIGNATURE_LENGTH (64) bytes long.
* Returns non-zero if the signature is valid. */
int _olm_crypto_ed25519_verify(
const struct _olm_ed25519_public_key *their_key,
const uint8_t * message, size_t message_length,
const uint8_t * signature
);
#ifdef __cplusplus
} // extern "C"
#endif

130
include/olm/crypto.hh
View File

@ -1,130 +0,0 @@
/* Copyright 2015 OpenMarket Ltd
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef OLM_CRYPTO_HH_
#define OLM_CRYPTO_HH_
#include <cstdint>
#include <cstddef>
// eventually all of this needs to move into crypto.h, and everything should
// use that. For now, include crypto.h here.
#include "olm/crypto.h"
namespace olm {
struct Curve25519PublicKey {
std::uint8_t public_key[CURVE25519_KEY_LENGTH];
};
struct Curve25519KeyPair : public Curve25519PublicKey {
std::uint8_t private_key[CURVE25519_KEY_LENGTH];
};
struct Ed25519PublicKey {
std::uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH];
};
struct Ed25519KeyPair : public Ed25519PublicKey {
std::uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH];
};
/** Generate a curve25519 key pair from 32 random bytes. */
void curve25519_generate_key(
std::uint8_t const * random_32_bytes,
Curve25519KeyPair & key_pair
);
/** Create a shared secret using our private key and their public key.
* The output buffer must be at least 32 bytes long. */
void curve25519_shared_secret(
Curve25519KeyPair const & our_key,
Curve25519PublicKey const & their_key,
std::uint8_t * output
);
/** Generate a curve25519 key pair from 32 random bytes. */
void ed25519_generate_key(
std::uint8_t const * random_32_bytes,
Ed25519KeyPair & key_pair
);
/** Signs the message using our private key.
* The output buffer must be at least 64 bytes long. */
void ed25519_sign(
Ed25519KeyPair const & our_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t * output
);
/** Verify their message using their public key.
* The signature input buffer must be 64 bytes long.
* Returns true if the signature is valid. */
bool ed25519_verify(
Ed25519PublicKey const & their_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature
);
struct Aes256Key {
std::uint8_t key[AES256_KEY_LENGTH];
};
struct Aes256Iv {
std::uint8_t iv[AES256_IV_LENGTH];
};
/** The length of output the aes_encrypt_cbc function will write */
std::size_t aes_encrypt_cbc_length(
std::size_t input_length
);
/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
* The output buffer must be big enough to hold the output including padding */
void aes_encrypt_cbc(
Aes256Key const & key,
Aes256Iv const & iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
);
/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
* least the same size as the input buffer. Returns the length of the plaintext
* without padding on success or std::size_t(-1) if the padding is invalid.
*/
std::size_t aes_decrypt_cbc(
Aes256Key const & key,
Aes256Iv const & iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
);
} // namespace olm
#endif /* OLM_CRYPTO_HH_ */

26
include/olm/pickle.hh
View File

@ -16,7 +16,7 @@
#define OLM_PICKLE_HH_
#include "olm/list.hh"
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include <cstring>
#include <cstdint>
@ -109,70 +109,70 @@ std::uint8_t const * unpickle_bytes(
std::size_t pickle_length(
const Curve25519PublicKey & value
const _olm_curve25519_public_key & value
);
std::uint8_t * pickle(
std::uint8_t * pos,
const Curve25519PublicKey & value
const _olm_curve25519_public_key & value
);
std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
Curve25519PublicKey & value
_olm_curve25519_public_key & value
);
std::size_t pickle_length(
const Curve25519KeyPair & value
const _olm_curve25519_key_pair & value
);
std::uint8_t * pickle(
std::uint8_t * pos,
const Curve25519KeyPair & value
const _olm_curve25519_key_pair & value
);
std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
Curve25519KeyPair & value
_olm_curve25519_key_pair & value
);
std::size_t pickle_length(
const Ed25519PublicKey & value
const _olm_ed25519_public_key & value
);
std::uint8_t * pickle(
std::uint8_t * pos,
const Ed25519PublicKey & value
const _olm_ed25519_public_key & value
);
std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
Ed25519PublicKey & value
_olm_ed25519_public_key & value
);
std::size_t pickle_length(
const Ed25519KeyPair & value
const _olm_ed25519_key_pair & value
);
std::uint8_t * pickle(
std::uint8_t * pos,
const Ed25519KeyPair & value
const _olm_ed25519_key_pair & value
);
std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
Ed25519KeyPair & value
_olm_ed25519_key_pair & value
);
} // namespace olm

14
include/olm/ratchet.hh
View File

@ -13,7 +13,9 @@
* limitations under the License.
*/
#include "olm/crypto.hh"
#include <cstdint>
#include "olm/crypto.h"
#include "olm/list.hh"
#include "olm/error.h"
@ -41,19 +43,19 @@ struct MessageKey {
struct SenderChain {
Curve25519KeyPair ratchet_key;
_olm_curve25519_key_pair ratchet_key;
ChainKey chain_key;
};
struct ReceiverChain {
Curve25519PublicKey ratchet_key;
_olm_curve25519_public_key ratchet_key;
ChainKey chain_key;
};
struct SkippedMessageKey {
Curve25519PublicKey ratchet_key;
_olm_curve25519_public_key ratchet_key;
MessageKey message_key;
};
@ -108,14 +110,14 @@ struct Ratchet {
* remote's first ratchet key */
void initialise_as_bob(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
Curve25519PublicKey const & their_ratchet_key
_olm_curve25519_public_key const & their_ratchet_key
);
/** Initialise the session using a shared secret and the public/private key
* pair for the first ratchet key */
void initialise_as_alice(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
Curve25519KeyPair const & our_ratchet_key
_olm_curve25519_key_pair const & our_ratchet_key
);
/** The number of bytes of output the encrypt method will write for

14
include/olm/session.hh
View File

@ -35,9 +35,9 @@ struct Session {
bool received_message;
Curve25519PublicKey alice_identity_key;
Curve25519PublicKey alice_base_key;
Curve25519PublicKey bob_one_time_key;
_olm_curve25519_public_key alice_identity_key;
_olm_curve25519_public_key alice_base_key;
_olm_curve25519_public_key bob_one_time_key;
/** The number of random bytes that are needed to create a new outbound
* session. This will be 64 bytes since two ephemeral keys are needed. */
@ -48,8 +48,8 @@ struct Session {
* NOT_ENOUGH_RANDOM if the number of random bytes was too small. */
std::size_t new_outbound_session(
Account const & local_account,
Curve25519PublicKey const & identity_key,
Curve25519PublicKey const & one_time_key,
_olm_curve25519_public_key const & identity_key,
_olm_curve25519_public_key const & one_time_key,
std::uint8_t const * random, std::size_t random_length
);
@ -59,7 +59,7 @@ struct Session {
* the message headers could not be decoded. */
std::size_t new_inbound_session(
Account & local_account,
Curve25519PublicKey const * their_identity_key,
_olm_curve25519_public_key const * their_identity_key,
std::uint8_t const * pre_key_message, std::size_t message_length
);
@ -82,7 +82,7 @@ struct Session {
* session does not match or the pre-key message could not be decoded.
*/
bool matches_inbound_session(
Curve25519PublicKey const * their_identity_key,
_olm_curve25519_public_key const * their_identity_key,
std::uint8_t const * pre_key_message, std::size_t message_length
);

6
include/olm/utility.hh
View File

@ -21,9 +21,9 @@
#include <cstddef>
#include <cstdint>
namespace olm {
struct _olm_ed25519_public_key;
struct Ed25519PublicKey;
namespace olm {
struct Utility {
@ -48,7 +48,7 @@ struct Utility {
* last_error will be set with an error code. If the signature was too short
* or was not a valid signature then last_error will be BAD_MESSAGE_MAC. */
std::size_t ed25519_verify(
Ed25519PublicKey const & key,
_olm_ed25519_public_key const & key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature, std::size_t signature_length
);

28
src/account.cpp
View File

@ -24,10 +24,10 @@ olm::Account::Account(
olm::OneTimeKey const * olm::Account::lookup_key(
olm::Curve25519PublicKey const & public_key
_olm_curve25519_public_key const & public_key
) {
for (olm::OneTimeKey const & key : one_time_keys) {
if (olm::array_equal(key.key.public_key, public_key.public_key)) {
if (olm::array_equal(key.key.public_key.public_key, public_key.public_key)) {
return &key;
}
}
@ -35,11 +35,11 @@ olm::OneTimeKey const * olm::Account::lookup_key(
}
std::size_t olm::Account::remove_key(
olm::Curve25519PublicKey const & public_key
_olm_curve25519_public_key const & public_key
) {
OneTimeKey * i;
for (i = one_time_keys.begin(); i != one_time_keys.end(); ++i) {
if (olm::array_equal(i->key.public_key, public_key.public_key)) {
if (olm::array_equal(i->key.public_key.public_key, public_key.public_key)) {
std::uint32_t id = i->id;
one_time_keys.erase(i);
return id;
@ -60,9 +60,9 @@ std::size_t olm::Account::new_account(
return std::size_t(-1);
}
olm::ed25519_generate_key(random, identity_keys.ed25519_key);
_olm_crypto_ed25519_generate_key(random, &identity_keys.ed25519_key);
random += ED25519_RANDOM_LENGTH;
olm::curve25519_generate_key(random, identity_keys.curve25519_key);
_olm_crypto_curve25519_generate_key(random, &identity_keys.curve25519_key);
return 0;
}
@ -118,16 +118,16 @@ std::size_t olm::Account::get_identity_json(
pos = write_string(pos, KEY_JSON_CURVE25519);
*(pos++) = '\"';
pos = olm::encode_base64(
identity_keys.curve25519_key.public_key,
sizeof(identity_keys.curve25519_key.public_key),
identity_keys.curve25519_key.public_key.public_key,
sizeof(identity_keys.curve25519_key.public_key.public_key),
pos
);
*(pos++) = '\"'; *(pos++) = ',';
pos = write_string(pos, KEY_JSON_ED25519);
*(pos++) = '\"';
pos = olm::encode_base64(
identity_keys.ed25519_key.public_key,
sizeof(identity_keys.ed25519_key.public_key),
identity_keys.ed25519_key.public_key.public_key,
sizeof(identity_keys.ed25519_key.public_key.public_key),
pos
);
*(pos++) = '\"'; *(pos++) = '}';
@ -149,8 +149,8 @@ std::size_t olm::Account::sign(
last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL;
return std::size_t(-1);
}
olm::ed25519_sign(
identity_keys.ed25519_key, message, message_length, signature
_olm_crypto_ed25519_sign(
&identity_keys.ed25519_key, message, message_length, signature
);
return this->signature_length();
}
@ -202,7 +202,7 @@ std::size_t olm::Account::get_one_time_keys_json(
pos = olm::encode_base64(key_id, sizeof(key_id), pos);
*(pos++) = '\"'; *(pos++) = ':'; *(pos++) = '\"';
pos = olm::encode_base64(
key.key.public_key, sizeof(key.key.public_key), pos
key.key.public_key.public_key, sizeof(key.key.public_key.public_key), pos
);
*(pos++) = '\"';
sep = ',';
@ -253,7 +253,7 @@ std::size_t olm::Account::generate_one_time_keys(
OneTimeKey & key = *one_time_keys.insert(one_time_keys.begin());
key.id = ++next_one_time_key_id;
key.published = false;
olm::curve25519_generate_key(random, key.key);
_olm_crypto_curve25519_generate_key(random, &key.key);
random += CURVE25519_RANDOM_LENGTH;
}
return number_of_keys;

16
src/cipher.cpp
View File

@ -13,7 +13,7 @@
* limitations under the License.
*/
#include "olm/cipher.h"
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include "olm/memory.hh"
#include <cstring>
@ -22,9 +22,9 @@ const std::size_t HMAC_KEY_LENGTH = 32;
namespace {
struct DerivedKeys {
olm::Aes256Key aes_key;
_olm_aes256_key aes_key;
std::uint8_t mac_key[HMAC_KEY_LENGTH];
olm::Aes256Iv aes_iv;
_olm_aes256_iv aes_iv;
};
@ -58,7 +58,7 @@ size_t aes_sha_256_cipher_mac_length(const struct _olm_cipher *cipher) {
size_t aes_sha_256_cipher_encrypt_ciphertext_length(
const struct _olm_cipher *cipher, size_t plaintext_length
) {
return olm::aes_encrypt_cbc_length(plaintext_length);
return _olm_crypto_aes_encrypt_cbc_length(plaintext_length);
}
size_t aes_sha_256_cipher_encrypt(
@ -80,8 +80,8 @@ size_t aes_sha_256_cipher_encrypt(
derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys);
olm::aes_encrypt_cbc(
keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext
_olm_crypto_aes_encrypt_cbc(
&keys.aes_key, &keys.aes_iv, plaintext, plaintext_length, ciphertext
);
_olm_crypto_hmac_sha256(
@ -126,8 +126,8 @@ size_t aes_sha_256_cipher_decrypt(
return std::size_t(-1);
}
std::size_t plaintext_length = olm::aes_decrypt_cbc(
keys.aes_key, keys.aes_iv, ciphertext, ciphertext_length, plaintext
std::size_t plaintext_length = _olm_crypto_aes_decrypt_cbc(
&keys.aes_key, &keys.aes_iv, ciphertext, ciphertext_length, plaintext
);
olm::unset(keys);

66
src/crypto.cpp
View File

@ -12,7 +12,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include "olm/memory.hh"
#include <cstring>
@ -100,80 +100,86 @@ inline static void hmac_sha256_final(
} // namespace
void olm::curve25519_generate_key(
std::uint8_t const * random_32_bytes,
olm::Curve25519KeyPair & key_pair
void _olm_crypto_curve25519_generate_key(
uint8_t const * random_32_bytes,
struct _olm_curve25519_key_pair *key_pair
) {
std::memcpy(key_pair.private_key, random_32_bytes, CURVE25519_KEY_LENGTH);
std::memcpy(
key_pair->private_key.private_key, random_32_bytes,
CURVE25519_KEY_LENGTH
);
::curve25519_donna(
key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT
key_pair->public_key.public_key,
key_pair->private_key.private_key,
CURVE25519_BASEPOINT
);
}
void olm::curve25519_shared_secret(
olm::Curve25519KeyPair const & our_key,
olm::Curve25519PublicKey const & their_key,
void _olm_crypto_curve25519_shared_secret(
const struct _olm_curve25519_key_pair *our_key,
const struct _olm_curve25519_public_key * their_key,
std::uint8_t * output
) {
::curve25519_donna(output, our_key.private_key, their_key.public_key);
::curve25519_donna(output, our_key->private_key.private_key, their_key->public_key);
}
void olm::ed25519_generate_key(
void _olm_crypto_ed25519_generate_key(
std::uint8_t const * random_32_bytes,
olm::Ed25519KeyPair & key_pair
struct _olm_ed25519_key_pair *key_pair
) {
::ed25519_create_keypair(
key_pair.public_key, key_pair.private_key,
key_pair->public_key.public_key, key_pair->private_key.private_key,
random_32_bytes
);
}
void olm::ed25519_sign(
olm::Ed25519KeyPair const & our_key,
void _olm_crypto_ed25519_sign(
const struct _olm_ed25519_key_pair *our_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t * output
) {
::ed25519_sign(
output,
message, message_length,
our_key.public_key, our_key.private_key
our_key->public_key.public_key,
our_key->private_key.private_key
);
}
bool olm::ed25519_verify(
olm::Ed25519PublicKey const & their_key,
int _olm_crypto_ed25519_verify(
const struct _olm_ed25519_public_key *their_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature
) {
return 0 != ::ed25519_verify(
signature,
message, message_length,
their_key.public_key
their_key->public_key
);
}
std::size_t olm::aes_encrypt_cbc_length(
std::size_t _olm_crypto_aes_encrypt_cbc_length(
std::size_t input_length
) {
return input_length + AES_BLOCK_LENGTH - input_length % AES_BLOCK_LENGTH;
}
void olm::aes_encrypt_cbc(
olm::Aes256Key const & key,
olm::Aes256Iv const & iv,
void _olm_crypto_aes_encrypt_cbc(
_olm_aes256_key const *key,
_olm_aes256_iv const *iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
std::uint8_t input_block[AES_BLOCK_LENGTH];
std::memcpy(input_block, iv.iv, AES_BLOCK_LENGTH);
std::memcpy(input_block, iv->iv, AES_BLOCK_LENGTH);
while (input_length >= AES_BLOCK_LENGTH) {
xor_block<AES_BLOCK_LENGTH>(input_block, input);
::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS);
@ -195,17 +201,17 @@ void olm::aes_encrypt_cbc(
}
std::size_t olm::aes_decrypt_cbc(
olm::Aes256Key const & key,
olm::Aes256Iv const & iv,
std::size_t _olm_crypto_aes_decrypt_cbc(
_olm_aes256_key const *key,
_olm_aes256_iv const *iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
std::uint8_t block1[AES_BLOCK_LENGTH];
std::uint8_t block2[AES_BLOCK_LENGTH];
std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH);
std::memcpy(block1, iv->iv, AES_BLOCK_LENGTH);
for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) {
std::memcpy(block2, &input[i], AES_BLOCK_LENGTH);
::aes_decrypt(&input[i], &output[i], key_schedule, AES_KEY_BITS);

10
src/olm.cpp
View File

@ -442,8 +442,8 @@ size_t olm_create_outbound_session(
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1);
}
olm::Curve25519PublicKey identity_key;
olm::Curve25519PublicKey one_time_key;
_olm_curve25519_public_key identity_key;
_olm_curve25519_public_key one_time_key;
olm::decode_base64(id_key, id_key_length, identity_key.public_key);
olm::decode_base64(ot_key, ot_key_length, one_time_key.public_key);
@ -487,7 +487,7 @@ size_t olm_create_inbound_session_from(
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1);
}
olm::Curve25519PublicKey identity_key;
_olm_curve25519_public_key identity_key;
olm::decode_base64(id_key, id_key_length, identity_key.public_key);
std::size_t raw_length = b64_input(
@ -564,7 +564,7 @@ size_t olm_matches_inbound_session_from(
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1);
}
olm::Curve25519PublicKey identity_key;
_olm_curve25519_public_key identity_key;
olm::decode_base64(id_key, id_key_length, identity_key.public_key);
std::size_t raw_length = b64_input(
@ -720,7 +720,7 @@ size_t olm_ed25519_verify(
from_c(utility)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1);
}
olm::Ed25519PublicKey verify_key;
_olm_ed25519_public_key verify_key;
olm::decode_base64(from_c(key), key_length, verify_key.public_key);
std::size_t raw_signature_length = b64_input(
from_c(signature), signature_length, from_c(utility)->last_error

54
src/pickle.cpp
View File

@ -71,7 +71,7 @@ std::uint8_t const * olm::unpickle_bytes(
std::size_t olm::pickle_length(
const olm::Curve25519PublicKey & value
const _olm_curve25519_public_key & value
) {
return sizeof(value.public_key);
}
@ -79,7 +79,7 @@ std::size_t olm::pickle_length(
std::uint8_t * olm::pickle(
std::uint8_t * pos,
const olm::Curve25519PublicKey & value
const _olm_curve25519_public_key & value
) {
pos = olm::pickle_bytes(
pos, value.public_key, sizeof(value.public_key)
@ -90,7 +90,7 @@ std::uint8_t * olm::pickle(
std::uint8_t const * olm::unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
olm::Curve25519PublicKey & value
_olm_curve25519_public_key & value
) {
pos = olm::unpickle_bytes(
pos, end, value.public_key, sizeof(value.public_key)
@ -101,21 +101,24 @@ std::uint8_t const * olm::unpickle(
std::size_t olm::pickle_length(
const olm::Curve25519KeyPair & value
const _olm_curve25519_key_pair & value
) {
return sizeof(value.public_key) + sizeof(value.private_key);
return sizeof(value.public_key.public_key)
+ sizeof(value.private_key.private_key);
}
std::uint8_t * olm::pickle(
std::uint8_t * pos,
const olm::Curve25519KeyPair & value
const _olm_curve25519_key_pair & value
) {
pos = olm::pickle_bytes(
pos, value.public_key, sizeof(value.public_key)
pos, value.public_key.public_key,
sizeof(value.public_key.public_key)
);
pos = olm::pickle_bytes(
pos, value.private_key, sizeof(value.private_key)
pos, value.private_key.private_key,
sizeof(value.private_key.private_key)
);
return pos;
}
@ -123,19 +126,21 @@ std::uint8_t * olm::pickle(
std::uint8_t const * olm::unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
olm::Curve25519KeyPair & value
_olm_curve25519_key_pair & value
) {
pos = olm::unpickle_bytes(
pos, end, value.public_key, sizeof(value.public_key)
pos, end, value.public_key.public_key,
sizeof(value.public_key.public_key)
);
pos = olm::unpickle_bytes(
pos, end, value.private_key, sizeof(value.private_key)
pos, end, value.private_key.private_key,
sizeof(value.private_key.private_key)
);
return pos;
}
std::size_t olm::pickle_length(
const olm::Ed25519PublicKey & value
const _olm_ed25519_public_key & value
) {
return sizeof(value.public_key);
}
@ -143,7 +148,7 @@ std::size_t olm::pickle_length(
std::uint8_t * olm::pickle(
std::uint8_t * pos,
const olm::Ed25519PublicKey & value
const _olm_ed25519_public_key & value
) {
pos = olm::pickle_bytes(
pos, value.public_key, sizeof(value.public_key)
@ -154,7 +159,7 @@ std::uint8_t * olm::pickle(
std::uint8_t const * olm::unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
olm::Ed25519PublicKey & value
_olm_ed25519_public_key & value
) {
pos = olm::unpickle_bytes(
pos, end, value.public_key, sizeof(value.public_key)
@ -165,21 +170,24 @@ std::uint8_t const * olm::unpickle(
std::size_t olm::pickle_length(
const olm::Ed25519KeyPair & value
const _olm_ed25519_key_pair & value
) {
return sizeof(value.public_key) + sizeof(value.private_key);
return sizeof(value.public_key.public_key)
+ sizeof(value.private_key.private_key);
}
std::uint8_t * olm::pickle(
std::uint8_t * pos,
const olm::Ed25519KeyPair & value
const _olm_ed25519_key_pair & value
) {
pos = olm::pickle_bytes(
pos, value.public_key, sizeof(value.public_key)
pos, value.public_key.public_key,
sizeof(value.public_key.public_key)
);
pos = olm::pickle_bytes(
pos, value.private_key, sizeof(value.private_key)
pos, value.private_key.private_key,
sizeof(value.private_key.private_key)
);
return pos;
}
@ -187,13 +195,15 @@ std::uint8_t * olm::pickle(
std::uint8_t const * olm::unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
olm::Ed25519KeyPair & value
_olm_ed25519_key_pair & value
) {
pos = olm::unpickle_bytes(
pos, end, value.public_key, sizeof(value.public_key)
pos, end, value.public_key.public_key,
sizeof(value.public_key.public_key)
);
pos = olm::unpickle_bytes(
pos, end, value.private_key, sizeof(value.private_key)
pos, end, value.private_key.private_key,
sizeof(value.private_key.private_key)
);
return pos;
}

15
src/ratchet.cpp
View File

@ -41,14 +41,14 @@ static const std::size_t MAX_MESSAGE_GAP = 2000;
*/
static void create_chain_key(
olm::SharedKey const & root_key,
olm::Curve25519KeyPair const & our_key,
olm::Curve25519PublicKey const & their_key,
_olm_curve25519_key_pair const & our_key,
_olm_curve25519_public_key const & their_key,
olm::KdfInfo const & info,
olm::SharedKey & new_root_key,
olm::ChainKey & new_chain_key
) {
olm::SharedKey secret;
olm::curve25519_shared_secret(our_key, their_key, secret);
_olm_crypto_curve25519_shared_secret(&our_key, &their_key, secret);
std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256(
secret, sizeof(secret),
@ -189,7 +189,7 @@ olm::Ratchet::Ratchet(
void olm::Ratchet::initialise_as_bob(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
olm::Curve25519PublicKey const & their_ratchet_key
_olm_curve25519_public_key const & their_ratchet_key
) {
std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256(
@ -210,7 +210,7 @@ void olm::Ratchet::initialise_as_bob(
void olm::Ratchet::initialise_as_alice(
std::uint8_t const * shared_secret, std::size_t shared_secret_length,
olm::Curve25519KeyPair const & our_ratchet_key
_olm_curve25519_key_pair const & our_ratchet_key
) {
std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256(
@ -437,7 +437,7 @@ std::size_t olm::Ratchet::encrypt(
if (sender_chain.empty()) {
sender_chain.insert();
olm::curve25519_generate_key(random, sender_chain[0].ratchet_key);
_olm_crypto_curve25519_generate_key(random, &sender_chain[0].ratchet_key);
create_chain_key(
root_key,
sender_chain[0].ratchet_key,
@ -456,7 +456,8 @@ std::size_t olm::Ratchet::encrypt(
plaintext_length
);
std::uint32_t counter = keys.index;
Curve25519PublicKey const & ratchet_key = sender_chain[0].ratchet_key;
_olm_curve25519_public_key const & ratchet_key =
sender_chain[0].ratchet_key.public_key;
olm::MessageWriter writer;

43
src/session.cpp
View File

@ -14,7 +14,7 @@
*/
#include "olm/session.hh"
#include "olm/cipher.h"
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include "olm/account.hh"
#include "olm/memory.hh"
#include "olm/message.hh"
@ -55,8 +55,8 @@ std::size_t olm::Session::new_outbound_session_random_length() {
std::size_t olm::Session::new_outbound_session(
olm::Account const & local_account,
olm::Curve25519PublicKey const & identity_key,
olm::Curve25519PublicKey const & one_time_key,
_olm_curve25519_public_key const & identity_key,
_olm_curve25519_public_key const & one_time_key,
std::uint8_t const * random, std::size_t random_length
) {
if (random_length < new_outbound_session_random_length()) {
@ -64,29 +64,30 @@ std::size_t olm::Session::new_outbound_session(
return std::size_t(-1);
}
olm::Curve25519KeyPair base_key;
olm::curve25519_generate_key(random, base_key);
_olm_curve25519_key_pair base_key;
_olm_crypto_curve25519_generate_key(random, &base_key);
olm::Curve25519KeyPair ratchet_key;
olm::curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, ratchet_key);
_olm_curve25519_key_pair ratchet_key;
_olm_crypto_curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, &ratchet_key);
olm::Curve25519KeyPair const & alice_identity_key_pair = (
_olm_curve25519_key_pair const & alice_identity_key_pair = (
local_account.identity_keys.curve25519_key
);
received_message = false;
alice_identity_key = alice_identity_key_pair;
alice_base_key = base_key;
alice_identity_key = alice_identity_key_pair.public_key;
alice_base_key = base_key.public_key;
bob_one_time_key = one_time_key;
// Calculate the shared secret S via triple DH
std::uint8_t secret[3 * CURVE25519_SHARED_SECRET_LENGTH];
std::uint8_t * pos = secret;
olm::curve25519_shared_secret(alice_identity_key_pair, one_time_key, pos);
_olm_crypto_curve25519_shared_secret(&alice_identity_key_pair, &one_time_key, pos);
pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(base_key, identity_key, pos);
_olm_crypto_curve25519_shared_secret(&base_key, &identity_key, pos);
pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(base_key, one_time_key, pos);
_olm_crypto_curve25519_shared_secret(&base_key, &one_time_key, pos);
ratchet.initialise_as_alice(secret, sizeof(secret), ratchet_key);
@ -120,7 +121,7 @@ static bool check_message_fields(
std::size_t olm::Session::new_inbound_session(
olm::Account & local_account,
olm::Curve25519PublicKey const * their_identity_key,
_olm_curve25519_public_key const * their_identity_key,
std::uint8_t const * one_time_key_message, std::size_t message_length
) {
olm::PreKeyMessageReader reader;
@ -157,7 +158,7 @@ std::size_t olm::Session::new_inbound_session(
return std::size_t(-1);
}
olm::Curve25519PublicKey ratchet_key;
_olm_curve25519_public_key ratchet_key;
olm::load_array(ratchet_key.public_key, message_reader.ratchet_key);
olm::OneTimeKey const * our_one_time_key = local_account.lookup_key(
@ -169,19 +170,19 @@ std::size_t olm::Session::new_inbound_session(
return std::size_t(-1);
}
olm::Curve25519KeyPair const & bob_identity_key = (
_olm_curve25519_key_pair const & bob_identity_key = (
local_account.identity_keys.curve25519_key
);
olm::Curve25519KeyPair const & bob_one_time_key = our_one_time_key->key;
_olm_curve25519_key_pair const & bob_one_time_key = our_one_time_key->key;
// Calculate the shared secret S via triple DH
std::uint8_t secret[CURVE25519_SHARED_SECRET_LENGTH * 3];
std::uint8_t * pos = secret;
olm::curve25519_shared_secret(bob_one_time_key, alice_identity_key, pos);
_olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_identity_key, pos);
pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(bob_identity_key, alice_base_key, pos);
_olm_crypto_curve25519_shared_secret(&bob_identity_key, &alice_base_key, pos);
pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(bob_one_time_key, alice_base_key, pos);
_olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_base_key, pos);
ratchet.initialise_as_bob(secret, sizeof(secret), ratchet_key);
@ -214,7 +215,7 @@ std::size_t olm::Session::session_id(
bool olm::Session::matches_inbound_session(
olm::Curve25519PublicKey const * their_identity_key,
_olm_curve25519_public_key const * their_identity_key,
std::uint8_t const * one_time_key_message, std::size_t message_length
) {
olm::PreKeyMessageReader reader;

6
src/utility.cpp
View File

@ -14,7 +14,7 @@
*/
#include "olm/utility.hh"
#include "olm/crypto.hh"
#include "olm/crypto.h"
olm::Utility::Utility(
@ -41,7 +41,7 @@ size_t olm::Utility::sha256(
size_t olm::Utility::ed25519_verify(
Ed25519PublicKey const & key,
_olm_ed25519_public_key const & key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature, std::size_t signature_length
) {
@ -49,7 +49,7 @@ size_t olm::Utility::ed25519_verify(
last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC;
return std::size_t(-1);
}
if (!olm::ed25519_verify(key, message, message_length, signature)) {
if (!_olm_crypto_ed25519_verify(&key, message, message_length, signature)) {
last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC;
return std::size_t(-1);
}

48
tests/test_crypto.cpp
View File

@ -12,7 +12,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "olm/crypto.hh"
#include "olm/crypto.h"
#include "unittest.hh"
@ -58,25 +58,25 @@ std::uint8_t expected_agreement[32] = {
0x76, 0xF0, 0x9B, 0x3C, 0x1E, 0x16, 0x17, 0x42
};
olm::Curve25519KeyPair alice_pair;
olm::curve25519_generate_key(alice_private, alice_pair);
_olm_curve25519_key_pair alice_pair;
_olm_crypto_curve25519_generate_key(alice_private, &alice_pair);
assert_equals(alice_private, alice_pair.private_key, 32);
assert_equals(alice_public, alice_pair.public_key, 32);
assert_equals(alice_private, alice_pair.private_key.private_key, 32);
assert_equals(alice_public, alice_pair.public_key.public_key, 32);
olm::Curve25519KeyPair bob_pair;
olm::curve25519_generate_key(bob_private, bob_pair);
_olm_curve25519_key_pair bob_pair;
_olm_crypto_curve25519_generate_key(bob_private, &bob_pair);
assert_equals(bob_private, bob_pair.private_key, 32);
assert_equals(bob_public, bob_pair.public_key, 32);
assert_equals(bob_private, bob_pair.private_key.private_key, 32);
assert_equals(bob_public, bob_pair.public_key.public_key, 32);
std::uint8_t actual_agreement[CURVE25519_SHARED_SECRET_LENGTH] = {};
olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement);
_olm_crypto_curve25519_shared_secret(&alice_pair, &bob_pair.public_key, actual_agreement);
assert_equals(expected_agreement, actual_agreement, 32);
olm::curve25519_shared_secret(bob_pair, alice_pair, actual_agreement);
_olm_crypto_curve25519_shared_secret(&bob_pair, &alice_pair.public_key, actual_agreement);
assert_equals(expected_agreement, actual_agreement, 32);
@ -90,22 +90,22 @@ std::uint8_t private_key[33] = "This key is a string of 32 bytes";
std::uint8_t message[] = "Hello, World";
std::size_t message_length = sizeof(message) - 1;
olm::Ed25519KeyPair key_pair;
olm::ed25519_generate_key(private_key, key_pair);
_olm_ed25519_key_pair key_pair;
_olm_crypto_ed25519_generate_key(private_key, &key_pair);
std::uint8_t signature[64];
olm::ed25519_sign(
key_pair, message, message_length, signature
_olm_crypto_ed25519_sign(
&key_pair, message, message_length, signature
);
bool result = olm::ed25519_verify(
key_pair, message, message_length, signature
bool result = _olm_crypto_ed25519_verify(
&key_pair.public_key, message, message_length, signature
);
assert_equals(true, result);
message[0] = 'n';
result = olm::ed25519_verify(
key_pair, message, message_length, signature
result = _olm_crypto_ed25519_verify(
&key_pair.public_key, message, message_length, signature
);
assert_equals(false, result);
}
@ -115,8 +115,8 @@ assert_equals(false, result);
TestCase test_case("AES Test Case 1");
olm::Aes256Key key = {};
olm::Aes256Iv iv = {};
_olm_aes256_key key = {};
_olm_aes256_iv iv = {};
std::uint8_t input[16] = {};
std::uint8_t expected[32] = {
@ -126,16 +126,16 @@ std::uint8_t expected[32] = {
0x4B, 0xAE, 0xDF, 0xFC, 0x3D, 0x21, 0x4C, 0x38
};
std::size_t length = olm::aes_encrypt_cbc_length(sizeof(input));
std::size_t length = _olm_crypto_aes_encrypt_cbc_length(sizeof(input));
assert_equals(std::size_t(32), length);
std::uint8_t actual[32] = {};
olm::aes_encrypt_cbc(key, iv, input, sizeof(input), actual);
_olm_crypto_aes_encrypt_cbc(&key, &iv, input, sizeof(input), actual);
assert_equals(expected, actual, 32);
length = olm::aes_decrypt_cbc(key, iv, expected, sizeof(expected), actual);
length = _olm_crypto_aes_decrypt_cbc(&key, &iv, expected, sizeof(expected), actual);
assert_equals(std::size_t(16), length);
assert_equals(input, actual, length);

10
tests/test_ratchet.cpp
View File

@ -32,8 +32,8 @@ _olm_cipher_aes_sha_256 cipher0 = OLM_CIPHER_INIT_AES_SHA_256(message_info);
_olm_cipher *cipher = OLM_CIPHER_BASE(&cipher0);
std::uint8_t random_bytes[] = "0123456789ABDEF0123456789ABCDEF";
olm::Curve25519KeyPair alice_key;
olm::curve25519_generate_key(random_bytes, alice_key);
_olm_curve25519_key_pair alice_key;
_olm_crypto_curve25519_generate_key(random_bytes, &alice_key);
std::uint8_t shared_secret[] = "A secret";
@ -44,7 +44,7 @@ olm::Ratchet alice(kdf_info, cipher);
olm::Ratchet bob(kdf_info, cipher);
alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
std::uint8_t plaintext[] = "Message";
std::size_t plaintext_length = sizeof(plaintext) - 1;
@ -113,7 +113,7 @@ olm::Ratchet alice(kdf_info, cipher);
olm::Ratchet bob(kdf_info, cipher);
alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
std::uint8_t plaintext_1[] = "First Message";
std::size_t plaintext_1_length = sizeof(plaintext_1) - 1;
@ -185,7 +185,7 @@ olm::Ratchet alice(kdf_info, cipher);
olm::Ratchet bob(kdf_info, cipher);
alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
std::uint8_t plaintext[] = "These 15 bytes";
assert_equals(std::size_t(15), sizeof(plaintext));

4
tests/test_session.cpp
View File

@ -33,12 +33,12 @@ void check_session(const olm::Session &session) {
assert_equals(
decode_hex("f77a03eaa9b301fa7d2a5aa6b50286906de12cc96044f526dbbcb12839ad7003"),
session.ratchet.sender_chain[0].ratchet_key.public_key, 32
session.ratchet.sender_chain[0].ratchet_key.public_key.public_key, 32
);
assert_equals(
decode_hex("d945c6ed4c7c277117adf11fb133a7936d287afe97c0b3ac989644b4490d4f31"),
session.ratchet.sender_chain[0].ratchet_key.private_key, 32
session.ratchet.sender_chain[0].ratchet_key.private_key.private_key, 32
);
assert_equals(