From 0ad32c9896864963d61f8c3723819295991a51d5 Mon Sep 17 00:00:00 2001 From: David Baker Date: Mon, 1 Oct 2018 13:22:04 +0100 Subject: [PATCH 1/4] Call appropriate wrapper function Don't think this matters since there's no PkEncryption / PkDecryption object being passed, but for the sake of consistency --- javascript/olm_pk.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/olm_pk.js b/javascript/olm_pk.js index 2542707..25db29a 100644 --- a/javascript/olm_pk.js +++ b/javascript/olm_pk.js @@ -123,7 +123,7 @@ PkDecryption.prototype['generate_key'] = restore_stack(function () { Module['_olm_pk_generate_key_random_length'] )(); var random_buffer = random_stack(random_length); - var pubkey_length = pk_encryption_method( + var pubkey_length = pk_decryption_method( Module['_olm_pk_key_length'] )(); var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH); From 8520168e0b4c8172847a051e532ca4deaec46a95 Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Mon, 9 Jul 2018 23:21:55 -0400 Subject: [PATCH 2/4] fix some code style issues and typos --- android/olm-sdk/src/main/jni/olm_pk.cpp | 55 ++++++++++++++++------- include/olm/pk.h | 9 ++-- javascript/olm_pk.js | 8 ++-- src/pk.cpp | 58 ++++++++++++++++++------- 4 files changed, 91 insertions(+), 39 deletions(-) diff --git a/android/olm-sdk/src/main/jni/olm_pk.cpp b/android/olm-sdk/src/main/jni/olm_pk.cpp index 2e936c6..5457419 100644 --- a/android/olm-sdk/src/main/jni/olm_pk.cpp +++ b/android/olm-sdk/src/main/jni/olm_pk.cpp @@ -29,7 +29,10 @@ OlmPkEncryption * initializePkEncryptionMemory() { // init encryption object encryptionPtr = olm_pk_encryption(encryptionPtr); - LOGD("## initializePkEncryptionMemory(): success - OLM encryption size=%lu",static_cast(encryptionSize)); + LOGD( + "## initializePkEncryptionMemory(): success - OLM encryption size=%lu", + static_cast(encryptionSize) + ); } else { @@ -53,7 +56,10 @@ JNIEXPORT jlong OLM_PK_ENCRYPTION_FUNC_DEF(createNewPkEncryptionJni)(JNIEnv *env else { LOGD("## createNewPkEncryptionJni(): success - OLM encryption created"); - LOGD("## createNewPkEncryptionJni(): encryptionPtr=%p (jlong)(intptr_t)encryptionPtr=%lld", encryptionPtr, (jlong)(intptr_t)encryptionPtr); + LOGD( + "## createNewPkEncryptionJni(): encryptionPtr=%p (jlong)(intptr_t)encryptionPtr=%lld", + encryptionPtr, (jlong)(intptr_t)encryptionPtr + ); } if (errorMessage) @@ -93,8 +99,9 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(releasePkEncryptionJni)(JNIEnv *env, j } } -JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobject thiz, jbyteArray aKeyBuffer) -{ +JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)( + JNIEnv *env, jobject thiz, jbyteArray aKeyBuffer +) { const char *errorMessage = NULL; jbyte *keyPtr = NULL; @@ -116,10 +123,13 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobje } else { - if(olm_pk_encryption_set_recipient_key(encryptionPtr, keyPtr, (size_t)env->GetArrayLength(aKeyBuffer)) == olm_error()) + if (olm_pk_encryption_set_recipient_key(encryptionPtr, keyPtr, (size_t)env->GetArrayLength(aKeyBuffer)) == olm_error()) { errorMessage = olm_pk_encryption_last_error(encryptionPtr); - LOGE(" ## pkSetRecipientKeyJni(): failure - olm_pk_encryption_set_recipient_key Msg=%s", errorMessage); + LOGE( + " ## pkSetRecipientKeyJni(): failure - olm_pk_encryption_set_recipient_key Msg=%s", + errorMessage + ); } } @@ -134,8 +144,9 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobje } } -JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject thiz, jbyteArray aPlaintextBuffer, jobject aEncryptedMsg) -{ +JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)( + JNIEnv *env, jobject thiz, jbyteArray aPlaintextBuffer, jobject aEncryptedMsg +) { jbyteArray encryptedMsgRet = 0; const char* errorMessage = NULL; jbyte *plaintextPtr = NULL; @@ -161,8 +172,8 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject } else if (!(encryptedMsgJClass = env->GetObjectClass(aEncryptedMsg))) { - LOGE(" ## pkEncryptJni(): failure - unable to get crypted message class"); - errorMessage = "unable to get crypted message class"; + LOGE(" ## pkEncryptJni(): failure - unable to get encrypted message class"); + errorMessage = "unable to get encrypted message class"; } else if (!(macFieldId = env->GetFieldID(encryptedMsgJClass, "mMac", "Ljava/lang/String;"))) { @@ -226,7 +237,9 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject else { encryptedMsgRet = env->NewByteArray(ciphertextLength); - env->SetByteArrayRegion(encryptedMsgRet, 0, ciphertextLength, (jbyte*)ciphertextPtr); + env->SetByteArrayRegion( + encryptedMsgRet, 0, ciphertextLength, (jbyte*)ciphertextPtr + ); jstring macStr = env->NewStringUTF((char*)macPtr); env->SetObjectField(aEncryptedMsg, macFieldId, macStr); @@ -276,7 +289,10 @@ OlmPkDecryption * initializePkDecryptionMemory() { // init decryption object decryptionPtr = olm_pk_decryption(decryptionPtr); - LOGD("## initializePkDecryptionMemory(): success - OLM decryption size=%lu",static_cast(decryptionSize)); + LOGD( + "## initializePkDecryptionMemory(): success - OLM decryption size=%lu", + static_cast(decryptionSize) + ); } else { @@ -300,7 +316,10 @@ JNIEXPORT jlong OLM_PK_DECRYPTION_FUNC_DEF(createNewPkDecryptionJni)(JNIEnv *env else { LOGD("## createNewPkDecryptionJni(): success - OLM decryption created"); - LOGD("## createNewPkDecryptionJni(): decryptionPtr=%p (jlong)(intptr_t)decryptionPtr=%lld", decryptionPtr, (jlong)(intptr_t)decryptionPtr); + LOGD( + "## createNewPkDecryptionJni(): decryptionPtr=%p (jlong)(intptr_t)decryptionPtr=%lld", + decryptionPtr, (jlong)(intptr_t)decryptionPtr + ); } if (errorMessage) @@ -402,8 +421,9 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, job return publicKeyRet; } -JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject thiz, jobject aEncryptedMsg) -{ +JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)( + JNIEnv *env, jobject thiz, jobject aEncryptedMsg +) { const char* errorMessage = NULL; OlmPkDecryption *decryptionPtr = getPkDecryptionInstanceId(env, thiz); @@ -528,7 +548,10 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject { decryptedMsgRet = env->NewByteArray(plaintextLength); env->SetByteArrayRegion(decryptedMsgRet, 0, plaintextLength, (jbyte*)plaintextPtr); - LOGD("## pkDecryptJni(): success returnedLg=%lu OK", static_cast(plaintextLength)); + LOGD( + "## pkDecryptJni(): success returnedLg=%lu OK", + static_cast(plaintextLength) + ); } } diff --git a/include/olm/pk.h b/include/olm/pk.h index 1f3f9ff..07e6077 100644 --- a/include/olm/pk.h +++ b/include/olm/pk.h @@ -111,9 +111,10 @@ size_t olm_clear_pk_decryption( /** The number of random bytes needed to generate a new key. */ size_t olm_pk_generate_key_random_length(void); -/** Generate a new key to use for decrypting messages. The associated public - * key will be written to the pubkey buffer. Returns olm_error() on failure. If - * the pubkey buffer is too small then olm_pk_decryption_last_error() will be +/** Generate a new key pair to use for decrypting messages. The private key is + * stored in the decryption object, and the associated public key will be + * written to the pubkey buffer. Returns olm_error() on failure. If the pubkey + * buffer is too small then olm_pk_decryption_last_error() will be * "OUTPUT_BUFFER_TOO_SMALL". If there weren't enough random bytes then * olm_pk_decryption_last_error() will be "NOT_ENOUGH_RANDOM". */ size_t olm_pk_generate_key( @@ -164,7 +165,7 @@ size_t olm_pk_max_plaintext_length( * the plaintext buffer is too small then olm_pk_encryption_last_error() will * be "OUTPUT_BUFFER_TOO_SMALL". */ size_t olm_pk_decrypt( - OlmPkDecryption * decrytion, + OlmPkDecryption * decryption, void const * ephemeral_key, size_t ephemeral_key_length, void const * mac, size_t mac_length, void * ciphertext, size_t ciphertext_length, diff --git a/javascript/olm_pk.js b/javascript/olm_pk.js index 25db29a..407eaf1 100644 --- a/javascript/olm_pk.js +++ b/javascript/olm_pk.js @@ -51,7 +51,7 @@ PkEncryption.prototype['encrypt'] = restore_stack(function( )(this.ptr); var mac_buffer = stack(mac_length + NULL_BYTE_PADDING_LENGTH); Module['setValue']( - mac_buffer+mac_length, + mac_buffer + mac_length, 0, "i8" ); var ephemeral_length = pk_encryption_method( @@ -59,7 +59,7 @@ PkEncryption.prototype['encrypt'] = restore_stack(function( )(); var ephemeral_buffer = stack(ephemeral_length + NULL_BYTE_PADDING_LENGTH); Module['setValue']( - ephemeral_buffer+ephemeral_length, + ephemeral_buffer + ephemeral_length, 0, "i8" ); pk_encryption_method(Module['_olm_pk_encrypt'])( @@ -73,7 +73,7 @@ PkEncryption.prototype['encrypt'] = restore_stack(function( // UTF8ToString requires a null-terminated argument, so add the // null terminator. Module['setValue']( - ciphertext_buffer+ciphertext_length, + ciphertext_buffer + ciphertext_length, 0, "i8" ); return { @@ -191,7 +191,7 @@ PkDecryption.prototype['decrypt'] = restore_stack(function ( // UTF8ToString requires a null-terminated argument, so add the // null terminator. Module['setValue']( - plaintext_buffer+plaintext_length, + plaintext_buffer + plaintext_length, 0, "i8" ); return Module['UTF8ToString'](plaintext_buffer); diff --git a/src/pk.cpp b/src/pk.cpp index e646dc4..4c5f50e 100644 --- a/src/pk.cpp +++ b/src/pk.cpp @@ -22,15 +22,15 @@ #include "olm/pickle_encoding.h" #include "olm/pickle.hh" -extern "C" { - static const std::size_t MAC_LENGTH = 8; - const struct _olm_cipher_aes_sha_256 olm_pk_cipher_aes_sha256 = +const struct _olm_cipher_aes_sha_256 olm_pk_cipher_aes_sha256 = OLM_CIPHER_INIT_AES_SHA_256(""); const struct _olm_cipher *olm_pk_cipher = OLM_CIPHER_BASE(&olm_pk_cipher_aes_sha256); +extern "C" { + struct OlmPkEncryption { OlmErrorCode last_error; _olm_curve25519_public_key recipient_key; @@ -73,7 +73,11 @@ size_t olm_pk_encryption_set_recipient_key ( OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL; // FIXME: return std::size_t(-1); } - olm::decode_base64((const uint8_t*)key, olm_pk_key_length(), (uint8_t *)encryption->recipient_key.public_key); + olm::decode_base64( + (const uint8_t*)key, + olm_pk_key_length(), + (uint8_t *)encryption->recipient_key.public_key + ); return 0; } @@ -81,7 +85,9 @@ size_t olm_pk_ciphertext_length( OlmPkEncryption *encryption, size_t plaintext_length ) { - return olm::encode_base64_length(_olm_cipher_aes_sha_256_ops.encrypt_ciphertext_length(olm_pk_cipher, plaintext_length)); + return olm::encode_base64_length( + _olm_cipher_aes_sha_256_ops.encrypt_ciphertext_length(olm_pk_cipher, plaintext_length) + ); } size_t olm_pk_mac_length( @@ -106,9 +112,9 @@ size_t olm_pk_encrypt( ) { if (ciphertext_length < olm_pk_ciphertext_length(encryption, plaintext_length) - || mac_length + || mac_length < _olm_cipher_aes_sha_256_ops.mac_length(olm_pk_cipher) - || ephemeral_key_size + || ephemeral_key_size < olm_pk_key_length()) { encryption->last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL; @@ -122,11 +128,16 @@ size_t olm_pk_encrypt( _olm_curve25519_key_pair ephemeral_keypair; _olm_crypto_curve25519_generate_key((uint8_t *) random, &ephemeral_keypair); - olm::encode_base64((const uint8_t *)ephemeral_keypair.public_key.public_key, CURVE25519_KEY_LENGTH, (uint8_t *)ephemeral_key); + olm::encode_base64( + (const uint8_t *)ephemeral_keypair.public_key.public_key, + CURVE25519_KEY_LENGTH, + (uint8_t *)ephemeral_key + ); olm::SharedKey secret; _olm_crypto_curve25519_shared_secret(&ephemeral_keypair, &encryption->recipient_key, secret); - size_t raw_ciphertext_length = _olm_cipher_aes_sha_256_ops.encrypt_ciphertext_length(olm_pk_cipher, plaintext_length); + size_t raw_ciphertext_length = + _olm_cipher_aes_sha_256_ops.encrypt_ciphertext_length(olm_pk_cipher, plaintext_length); uint8_t *ciphertext_pos = (uint8_t *) ciphertext + ciphertext_length - raw_ciphertext_length; uint8_t raw_mac[MAC_LENGTH]; size_t result = _olm_cipher_aes_sha_256_ops.encrypt( @@ -201,7 +212,11 @@ size_t olm_pk_generate_key( } _olm_crypto_curve25519_generate_key((uint8_t *) random, &decryption->key_pair); - olm::encode_base64((const uint8_t *)decryption->key_pair.public_key.public_key, CURVE25519_KEY_LENGTH, (uint8_t *)pubkey); + olm::encode_base64( + (const uint8_t *)decryption->key_pair.public_key.public_key, + CURVE25519_KEY_LENGTH, + (uint8_t *)pubkey + ); return 0; } @@ -267,7 +282,10 @@ size_t olm_pickle_pk_decryption( return std::size_t(-1); } pickle(_olm_enc_output_pos(reinterpret_cast(pickled), raw_length), object); - return _olm_enc_output(reinterpret_cast(key), key_length, reinterpret_cast(pickled), raw_length); + return _olm_enc_output( + reinterpret_cast(key), key_length, + reinterpret_cast(pickled), raw_length + ); } size_t olm_unpickle_pk_decryption( @@ -283,7 +301,8 @@ size_t olm_unpickle_pk_decryption( } std::uint8_t * const pos = reinterpret_cast(pickled); std::size_t raw_length = _olm_enc_input( - reinterpret_cast(key), key_length, pos, pickled_length, &object.last_error + reinterpret_cast(key), key_length, + pos, pickled_length, &object.last_error ); if (raw_length == std::size_t(-1)) { return std::size_t(-1); @@ -300,7 +319,11 @@ size_t olm_unpickle_pk_decryption( return std::size_t(-1); } if (pubkey != NULL) { - olm::encode_base64((const uint8_t *)object.key_pair.public_key.public_key, CURVE25519_KEY_LENGTH, (uint8_t *)pubkey); + olm::encode_base64( + (const uint8_t *)object.key_pair.public_key.public_key, + CURVE25519_KEY_LENGTH, + (uint8_t *)pubkey + ); } return pickled_length; } @@ -309,7 +332,9 @@ size_t olm_pk_max_plaintext_length( OlmPkDecryption * decryption, size_t ciphertext_length ) { - return _olm_cipher_aes_sha_256_ops.decrypt_max_plaintext_length(olm_pk_cipher, olm::decode_base64_length(ciphertext_length)); + return _olm_cipher_aes_sha_256_ops.decrypt_max_plaintext_length( + olm_pk_cipher, olm::decode_base64_length(ciphertext_length) + ); } size_t olm_pk_decrypt( @@ -327,7 +352,10 @@ size_t olm_pk_decrypt( } struct _olm_curve25519_public_key ephemeral; - olm::decode_base64((const uint8_t*)ephemeral_key, ephemeral_key_length, (uint8_t *)ephemeral.public_key); + olm::decode_base64( + (const uint8_t*)ephemeral_key, ephemeral_key_length, + (uint8_t *)ephemeral.public_key + ); olm::SharedKey secret; _olm_crypto_curve25519_shared_secret(&decryption->key_pair, &ephemeral, secret); uint8_t raw_mac[MAC_LENGTH]; From bad14db8dadac46fef2c1c7094c92831b4bed0fb Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Mon, 9 Jul 2018 23:35:40 -0400 Subject: [PATCH 3/4] remove unneeded polyfill --- javascript/test/pk.spec.js | 8 -------- 1 file changed, 8 deletions(-) diff --git a/javascript/test/pk.spec.js b/javascript/test/pk.spec.js index aec90ac..0b27470 100644 --- a/javascript/test/pk.spec.js +++ b/javascript/test/pk.spec.js @@ -18,14 +18,6 @@ limitations under the License. var Olm = require('../olm'); -if (!Object.keys) { - Object.keys = function(o) { - var k=[], p; - for (p in o) if (Object.prototype.hasOwnProperty.call(o,p)) k.push(p); - return k; - } -} - describe("pk", function() { var encryption, decryption; From 173339ae9accddd184bc83f2c23c5ffae3b08d00 Mon Sep 17 00:00:00 2001 From: Hubert Chathi Date: Thu, 12 Jul 2018 17:54:03 -0400 Subject: [PATCH 4/4] add more comments describing the pk encrypt/decrypt functions --- include/olm/pk.h | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/include/olm/pk.h b/include/olm/pk.h index 07e6077..8804d1f 100644 --- a/include/olm/pk.h +++ b/include/olm/pk.h @@ -72,11 +72,15 @@ size_t olm_pk_encrypt_random_length( ); /** Encrypt a plaintext for the recipient set using - * olm_pk_encryption_set_recipient_key. Returns olm_error() on failure. If the - * ciphertext, mac, or ephemeral_key buffers were too small then - * olm_pk_encryption_last_error() will be "OUTPUT_BUFFER_TOO_SMALL". If there - * weren't enough random bytes then olm_pk_encryption_last_error() will be - * "NOT_ENOUGH_RANDOM". */ + * olm_pk_encryption_set_recipient_key. Writes to the ciphertext, mac, and + * ephemeral_key buffers, whose values should be sent to the recipient. mac is + * a Message Authentication Code to ensure that the data is received and + * decrypted properly. ephemeral_key is the public part of the ephemeral key + * used (together with the recipient's key) to generate a symmetric encryption + * key. Returns olm_error() on failure. If the ciphertext, mac, or + * ephemeral_key buffers were too small then olm_pk_encryption_last_error() + * will be "OUTPUT_BUFFER_TOO_SMALL". If there weren't enough random bytes then + * olm_pk_encryption_last_error() will be "NOT_ENOUGH_RANDOM". */ size_t olm_pk_encrypt( OlmPkEncryption *encryption, void const * plaintext, size_t plaintext_length, @@ -160,10 +164,11 @@ size_t olm_pk_max_plaintext_length( size_t ciphertext_length ); -/** Decrypt a ciphertext. The input ciphertext buffer is destroyed. Returns - * the length of the plaintext on success. Returns olm_error() on failure. If - * the plaintext buffer is too small then olm_pk_encryption_last_error() will - * be "OUTPUT_BUFFER_TOO_SMALL". */ +/** Decrypt a ciphertext. The input ciphertext buffer is destroyed. See the + * olm_pk_encrypt function for descriptions of the ephemeral_key and mac + * arguments. Returns the length of the plaintext on success. Returns + * olm_error() on failure. If the plaintext buffer is too small then + * olm_pk_encryption_last_error() will be "OUTPUT_BUFFER_TOO_SMALL". */ size_t olm_pk_decrypt( OlmPkDecryption * decryption, void const * ephemeral_key, size_t ephemeral_key_length,