From f0acf6582f88ca66b3fabf7d622278da51a94c10 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 2 Sep 2016 15:13:24 +0100 Subject: [PATCH] Convert Ed25519 and Curve25519 functions to plain C --- include/olm/account.hh | 10 +++--- include/olm/crypto.h | 79 ++++++++++++++++++++++++++++++++++++++++-- include/olm/crypto.hh | 61 -------------------------------- include/olm/pickle.hh | 24 ++++++------- include/olm/ratchet.hh | 10 +++--- include/olm/session.hh | 14 ++++---- include/olm/utility.hh | 6 ++-- src/account.cpp | 28 +++++++-------- src/crypto.cpp | 42 ++++++++++++---------- src/olm.cpp | 10 +++--- src/pickle.cpp | 54 +++++++++++++++++------------ src/ratchet.cpp | 15 ++++---- src/session.cpp | 41 +++++++++++----------- src/utility.cpp | 4 +-- tests/test_crypto.cpp | 36 +++++++++---------- tests/test_ratchet.cpp | 10 +++--- tests/test_session.cpp | 4 +-- 17 files changed, 239 insertions(+), 209 deletions(-) diff --git a/include/olm/account.hh b/include/olm/account.hh index 6ea0d19..4b7b190 100644 --- a/include/olm/account.hh +++ b/include/olm/account.hh @@ -25,14 +25,14 @@ namespace olm { struct IdentityKeys { - Ed25519KeyPair ed25519_key; - Curve25519KeyPair curve25519_key; + _olm_ed25519_key_pair ed25519_key; + _olm_curve25519_key_pair curve25519_key; }; struct OneTimeKey { std::uint32_t id; bool published; - Curve25519KeyPair key; + _olm_curve25519_key_pair key; }; @@ -128,12 +128,12 @@ struct Account { /** Lookup a one time key with the given public key */ OneTimeKey const * lookup_key( - Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ); /** Remove a one time key with the given public key */ std::size_t remove_key( - Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ); }; diff --git a/include/olm/crypto.h b/include/olm/crypto.h index 325080e..9fc3842 100644 --- a/include/olm/crypto.h +++ b/include/olm/crypto.h @@ -57,9 +57,35 @@ extern "C" { /** length of an aes256 initialisation vector */ #define AES256_IV_LENGTH 16 +struct _olm_curve25519_public_key { + uint8_t public_key[CURVE25519_KEY_LENGTH]; +}; -/** Computes SHA-256 of the input. The output buffer must be a least 32 - * bytes long. */ +struct _olm_curve25519_private_key { + uint8_t private_key[CURVE25519_KEY_LENGTH]; +}; + +struct _olm_curve25519_key_pair { + struct _olm_curve25519_public_key public_key; + struct _olm_curve25519_private_key private_key; +}; + +struct _olm_ed25519_public_key { + uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]; +}; + +struct _olm_ed25519_private_key { + uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]; +}; + +struct _olm_ed25519_key_pair { + struct _olm_ed25519_public_key public_key; + struct _olm_ed25519_private_key private_key; +}; + + +/** Computes SHA-256 of the input. The output buffer must be a least + * SHA256_OUTPUT_LENGTH (32) bytes long. */ void _olm_crypto_sha256( uint8_t const * input, size_t input_length, uint8_t * output @@ -68,7 +94,7 @@ void _olm_crypto_sha256( /** HMAC: Keyed-Hashing for Message Authentication * http://tools.ietf.org/html/rfc2104 * Computes HMAC-SHA-256 of the input for the key. The output buffer must - * be at least 32 bytes long. */ + * be at least SHA256_OUTPUT_LENGTH (32) bytes long. */ void _olm_crypto_hmac_sha256( uint8_t const * key, size_t key_length, uint8_t const * input, size_t input_length, @@ -87,6 +113,53 @@ void _olm_crypto_hkdf_sha256( ); +/** Generate a curve25519 key pair + * random_32_bytes should be CURVE25519_RANDOM_LENGTH (32) bytes long. + */ +void _olm_crypto_curve25519_generate_key( + uint8_t const * random_32_bytes, + struct _olm_curve25519_key_pair *output +); + + +/** Create a shared secret using our private key and their public key. + * The output buffer must be at least CURVE25519_SHARED_SECRET_LENGTH (32) bytes long. + */ +void _olm_crypto_curve25519_shared_secret( + const struct _olm_curve25519_key_pair *our_key, + const struct _olm_curve25519_public_key *their_key, + uint8_t * output +); + +/** Generate an ed25519 key pair + * random_32_bytes should be ED25519_RANDOM_LENGTH (32) bytes long. + */ +void _olm_crypto_ed25519_generate_key( + uint8_t const * random_bytes, + struct _olm_ed25519_key_pair *output +); + +/** Signs the message using our private key. + * + * The output buffer must be at least ED25519_SIGNATURE_LENGTH (64) bytes + * long. */ +void _olm_crypto_ed25519_sign( + const struct _olm_ed25519_key_pair *our_key, + const uint8_t * message, size_t message_length, + uint8_t * output +); + +/** Verify an ed25519 signature + * The signature input buffer must be ED25519_SIGNATURE_LENGTH (64) bytes long. + * Returns non-zero if the signature is valid. */ +int _olm_crypto_ed25519_verify( + const struct _olm_ed25519_public_key *their_key, + const uint8_t * message, size_t message_length, + const uint8_t * signature +); + + + #ifdef __cplusplus } // extern "C" #endif diff --git a/include/olm/crypto.hh b/include/olm/crypto.hh index 13fd7e9..e3098cc 100644 --- a/include/olm/crypto.hh +++ b/include/olm/crypto.hh @@ -25,67 +25,6 @@ namespace olm { -struct Curve25519PublicKey { - std::uint8_t public_key[CURVE25519_KEY_LENGTH]; -}; - - -struct Curve25519KeyPair : public Curve25519PublicKey { - std::uint8_t private_key[CURVE25519_KEY_LENGTH]; -}; - - -struct Ed25519PublicKey { - std::uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]; -}; - - -struct Ed25519KeyPair : public Ed25519PublicKey { - std::uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]; -}; - - -/** Generate a curve25519 key pair from 32 random bytes. */ -void curve25519_generate_key( - std::uint8_t const * random_32_bytes, - Curve25519KeyPair & key_pair -); - - -/** Create a shared secret using our private key and their public key. - * The output buffer must be at least 32 bytes long. */ -void curve25519_shared_secret( - Curve25519KeyPair const & our_key, - Curve25519PublicKey const & their_key, - std::uint8_t * output -); - - -/** Generate a curve25519 key pair from 32 random bytes. */ -void ed25519_generate_key( - std::uint8_t const * random_32_bytes, - Ed25519KeyPair & key_pair -); - - -/** Signs the message using our private key. - * The output buffer must be at least 64 bytes long. */ -void ed25519_sign( - Ed25519KeyPair const & our_key, - std::uint8_t const * message, std::size_t message_length, - std::uint8_t * output -); - - -/** Verify their message using their public key. - * The signature input buffer must be 64 bytes long. - * Returns true if the signature is valid. */ -bool ed25519_verify( - Ed25519PublicKey const & their_key, - std::uint8_t const * message, std::size_t message_length, - std::uint8_t const * signature -); - struct Aes256Key { std::uint8_t key[AES256_KEY_LENGTH]; diff --git a/include/olm/pickle.hh b/include/olm/pickle.hh index 13e6b01..c0b6ebf 100644 --- a/include/olm/pickle.hh +++ b/include/olm/pickle.hh @@ -109,70 +109,70 @@ std::uint8_t const * unpickle_bytes( std::size_t pickle_length( - const Curve25519PublicKey & value + const _olm_curve25519_public_key & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Curve25519PublicKey & value + const _olm_curve25519_public_key & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Curve25519PublicKey & value + _olm_curve25519_public_key & value ); std::size_t pickle_length( - const Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Curve25519KeyPair & value + _olm_curve25519_key_pair & value ); std::size_t pickle_length( - const Ed25519PublicKey & value + const _olm_ed25519_public_key & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Ed25519PublicKey & value + const _olm_ed25519_public_key & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Ed25519PublicKey & value + _olm_ed25519_public_key & value ); std::size_t pickle_length( - const Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Ed25519KeyPair & value + _olm_ed25519_key_pair & value ); } // namespace olm diff --git a/include/olm/ratchet.hh b/include/olm/ratchet.hh index e91d634..cdcba6b 100644 --- a/include/olm/ratchet.hh +++ b/include/olm/ratchet.hh @@ -41,19 +41,19 @@ struct MessageKey { struct SenderChain { - Curve25519KeyPair ratchet_key; + _olm_curve25519_key_pair ratchet_key; ChainKey chain_key; }; struct ReceiverChain { - Curve25519PublicKey ratchet_key; + _olm_curve25519_public_key ratchet_key; ChainKey chain_key; }; struct SkippedMessageKey { - Curve25519PublicKey ratchet_key; + _olm_curve25519_public_key ratchet_key; MessageKey message_key; }; @@ -108,14 +108,14 @@ struct Ratchet { * remote's first ratchet key */ void initialise_as_bob( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - Curve25519PublicKey const & their_ratchet_key + _olm_curve25519_public_key const & their_ratchet_key ); /** Initialise the session using a shared secret and the public/private key * pair for the first ratchet key */ void initialise_as_alice( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - Curve25519KeyPair const & our_ratchet_key + _olm_curve25519_key_pair const & our_ratchet_key ); /** The number of bytes of output the encrypt method will write for diff --git a/include/olm/session.hh b/include/olm/session.hh index 5b91cb1..9d44816 100644 --- a/include/olm/session.hh +++ b/include/olm/session.hh @@ -35,9 +35,9 @@ struct Session { bool received_message; - Curve25519PublicKey alice_identity_key; - Curve25519PublicKey alice_base_key; - Curve25519PublicKey bob_one_time_key; + _olm_curve25519_public_key alice_identity_key; + _olm_curve25519_public_key alice_base_key; + _olm_curve25519_public_key bob_one_time_key; /** The number of random bytes that are needed to create a new outbound * session. This will be 64 bytes since two ephemeral keys are needed. */ @@ -48,8 +48,8 @@ struct Session { * NOT_ENOUGH_RANDOM if the number of random bytes was too small. */ std::size_t new_outbound_session( Account const & local_account, - Curve25519PublicKey const & identity_key, - Curve25519PublicKey const & one_time_key, + _olm_curve25519_public_key const & identity_key, + _olm_curve25519_public_key const & one_time_key, std::uint8_t const * random, std::size_t random_length ); @@ -59,7 +59,7 @@ struct Session { * the message headers could not be decoded. */ std::size_t new_inbound_session( Account & local_account, - Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * pre_key_message, std::size_t message_length ); @@ -82,7 +82,7 @@ struct Session { * session does not match or the pre-key message could not be decoded. */ bool matches_inbound_session( - Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * pre_key_message, std::size_t message_length ); diff --git a/include/olm/utility.hh b/include/olm/utility.hh index 1339fe5..d650abc 100644 --- a/include/olm/utility.hh +++ b/include/olm/utility.hh @@ -21,9 +21,9 @@ #include #include -namespace olm { +struct _olm_ed25519_public_key; -struct Ed25519PublicKey; +namespace olm { struct Utility { @@ -48,7 +48,7 @@ struct Utility { * last_error will be set with an error code. If the signature was too short * or was not a valid signature then last_error will be BAD_MESSAGE_MAC. */ std::size_t ed25519_verify( - Ed25519PublicKey const & key, + _olm_ed25519_public_key const & key, std::uint8_t const * message, std::size_t message_length, std::uint8_t const * signature, std::size_t signature_length ); diff --git a/src/account.cpp b/src/account.cpp index 9512068..c77f95c 100644 --- a/src/account.cpp +++ b/src/account.cpp @@ -24,10 +24,10 @@ olm::Account::Account( olm::OneTimeKey const * olm::Account::lookup_key( - olm::Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ) { for (olm::OneTimeKey const & key : one_time_keys) { - if (olm::array_equal(key.key.public_key, public_key.public_key)) { + if (olm::array_equal(key.key.public_key.public_key, public_key.public_key)) { return &key; } } @@ -35,11 +35,11 @@ olm::OneTimeKey const * olm::Account::lookup_key( } std::size_t olm::Account::remove_key( - olm::Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ) { OneTimeKey * i; for (i = one_time_keys.begin(); i != one_time_keys.end(); ++i) { - if (olm::array_equal(i->key.public_key, public_key.public_key)) { + if (olm::array_equal(i->key.public_key.public_key, public_key.public_key)) { std::uint32_t id = i->id; one_time_keys.erase(i); return id; @@ -60,9 +60,9 @@ std::size_t olm::Account::new_account( return std::size_t(-1); } - olm::ed25519_generate_key(random, identity_keys.ed25519_key); + _olm_crypto_ed25519_generate_key(random, &identity_keys.ed25519_key); random += ED25519_RANDOM_LENGTH; - olm::curve25519_generate_key(random, identity_keys.curve25519_key); + _olm_crypto_curve25519_generate_key(random, &identity_keys.curve25519_key); return 0; } @@ -118,16 +118,16 @@ std::size_t olm::Account::get_identity_json( pos = write_string(pos, KEY_JSON_CURVE25519); *(pos++) = '\"'; pos = olm::encode_base64( - identity_keys.curve25519_key.public_key, - sizeof(identity_keys.curve25519_key.public_key), + identity_keys.curve25519_key.public_key.public_key, + sizeof(identity_keys.curve25519_key.public_key.public_key), pos ); *(pos++) = '\"'; *(pos++) = ','; pos = write_string(pos, KEY_JSON_ED25519); *(pos++) = '\"'; pos = olm::encode_base64( - identity_keys.ed25519_key.public_key, - sizeof(identity_keys.ed25519_key.public_key), + identity_keys.ed25519_key.public_key.public_key, + sizeof(identity_keys.ed25519_key.public_key.public_key), pos ); *(pos++) = '\"'; *(pos++) = '}'; @@ -149,8 +149,8 @@ std::size_t olm::Account::sign( last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL; return std::size_t(-1); } - olm::ed25519_sign( - identity_keys.ed25519_key, message, message_length, signature + _olm_crypto_ed25519_sign( + &identity_keys.ed25519_key, message, message_length, signature ); return this->signature_length(); } @@ -202,7 +202,7 @@ std::size_t olm::Account::get_one_time_keys_json( pos = olm::encode_base64(key_id, sizeof(key_id), pos); *(pos++) = '\"'; *(pos++) = ':'; *(pos++) = '\"'; pos = olm::encode_base64( - key.key.public_key, sizeof(key.key.public_key), pos + key.key.public_key.public_key, sizeof(key.key.public_key.public_key), pos ); *(pos++) = '\"'; sep = ','; @@ -253,7 +253,7 @@ std::size_t olm::Account::generate_one_time_keys( OneTimeKey & key = *one_time_keys.insert(one_time_keys.begin()); key.id = ++next_one_time_key_id; key.published = false; - olm::curve25519_generate_key(random, key.key); + _olm_crypto_curve25519_generate_key(random, &key.key); random += CURVE25519_RANDOM_LENGTH; } return number_of_keys; diff --git a/src/crypto.cpp b/src/crypto.cpp index 0b08c54..89d9d72 100644 --- a/src/crypto.cpp +++ b/src/crypto.cpp @@ -100,59 +100,65 @@ inline static void hmac_sha256_final( } // namespace -void olm::curve25519_generate_key( - std::uint8_t const * random_32_bytes, - olm::Curve25519KeyPair & key_pair +void _olm_crypto_curve25519_generate_key( + uint8_t const * random_32_bytes, + struct _olm_curve25519_key_pair *key_pair ) { - std::memcpy(key_pair.private_key, random_32_bytes, CURVE25519_KEY_LENGTH); + std::memcpy( + key_pair->private_key.private_key, random_32_bytes, + CURVE25519_KEY_LENGTH + ); ::curve25519_donna( - key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT + key_pair->public_key.public_key, + key_pair->private_key.private_key, + CURVE25519_BASEPOINT ); } -void olm::curve25519_shared_secret( - olm::Curve25519KeyPair const & our_key, - olm::Curve25519PublicKey const & their_key, +void _olm_crypto_curve25519_shared_secret( + const struct _olm_curve25519_key_pair *our_key, + const struct _olm_curve25519_public_key * their_key, std::uint8_t * output ) { - ::curve25519_donna(output, our_key.private_key, their_key.public_key); + ::curve25519_donna(output, our_key->private_key.private_key, their_key->public_key); } -void olm::ed25519_generate_key( +void _olm_crypto_ed25519_generate_key( std::uint8_t const * random_32_bytes, - olm::Ed25519KeyPair & key_pair + struct _olm_ed25519_key_pair *key_pair ) { ::ed25519_create_keypair( - key_pair.public_key, key_pair.private_key, + key_pair->public_key.public_key, key_pair->private_key.private_key, random_32_bytes ); } -void olm::ed25519_sign( - olm::Ed25519KeyPair const & our_key, +void _olm_crypto_ed25519_sign( + const struct _olm_ed25519_key_pair *our_key, std::uint8_t const * message, std::size_t message_length, std::uint8_t * output ) { ::ed25519_sign( output, message, message_length, - our_key.public_key, our_key.private_key + our_key->public_key.public_key, + our_key->private_key.private_key ); } -bool olm::ed25519_verify( - olm::Ed25519PublicKey const & their_key, +int _olm_crypto_ed25519_verify( + const struct _olm_ed25519_public_key *their_key, std::uint8_t const * message, std::size_t message_length, std::uint8_t const * signature ) { return 0 != ::ed25519_verify( signature, message, message_length, - their_key.public_key + their_key->public_key ); } diff --git a/src/olm.cpp b/src/olm.cpp index 3fe9c5e..d3af19c 100644 --- a/src/olm.cpp +++ b/src/olm.cpp @@ -442,8 +442,8 @@ size_t olm_create_outbound_session( from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; return std::size_t(-1); } - olm::Curve25519PublicKey identity_key; - olm::Curve25519PublicKey one_time_key; + _olm_curve25519_public_key identity_key; + _olm_curve25519_public_key one_time_key; olm::decode_base64(id_key, id_key_length, identity_key.public_key); olm::decode_base64(ot_key, ot_key_length, one_time_key.public_key); @@ -487,7 +487,7 @@ size_t olm_create_inbound_session_from( from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; return std::size_t(-1); } - olm::Curve25519PublicKey identity_key; + _olm_curve25519_public_key identity_key; olm::decode_base64(id_key, id_key_length, identity_key.public_key); std::size_t raw_length = b64_input( @@ -564,7 +564,7 @@ size_t olm_matches_inbound_session_from( from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; return std::size_t(-1); } - olm::Curve25519PublicKey identity_key; + _olm_curve25519_public_key identity_key; olm::decode_base64(id_key, id_key_length, identity_key.public_key); std::size_t raw_length = b64_input( @@ -720,7 +720,7 @@ size_t olm_ed25519_verify( from_c(utility)->last_error = OlmErrorCode::OLM_INVALID_BASE64; return std::size_t(-1); } - olm::Ed25519PublicKey verify_key; + _olm_ed25519_public_key verify_key; olm::decode_base64(from_c(key), key_length, verify_key.public_key); std::size_t raw_signature_length = b64_input( from_c(signature), signature_length, from_c(utility)->last_error diff --git a/src/pickle.cpp b/src/pickle.cpp index fc3e2b4..e9708b7 100644 --- a/src/pickle.cpp +++ b/src/pickle.cpp @@ -71,7 +71,7 @@ std::uint8_t const * olm::unpickle_bytes( std::size_t olm::pickle_length( - const olm::Curve25519PublicKey & value + const _olm_curve25519_public_key & value ) { return sizeof(value.public_key); } @@ -79,7 +79,7 @@ std::size_t olm::pickle_length( std::uint8_t * olm::pickle( std::uint8_t * pos, - const olm::Curve25519PublicKey & value + const _olm_curve25519_public_key & value ) { pos = olm::pickle_bytes( pos, value.public_key, sizeof(value.public_key) @@ -90,7 +90,7 @@ std::uint8_t * olm::pickle( std::uint8_t const * olm::unpickle( std::uint8_t const * pos, std::uint8_t const * end, - olm::Curve25519PublicKey & value + _olm_curve25519_public_key & value ) { pos = olm::unpickle_bytes( pos, end, value.public_key, sizeof(value.public_key) @@ -101,21 +101,24 @@ std::uint8_t const * olm::unpickle( std::size_t olm::pickle_length( - const olm::Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ) { - return sizeof(value.public_key) + sizeof(value.private_key); + return sizeof(value.public_key.public_key) + + sizeof(value.private_key.private_key); } std::uint8_t * olm::pickle( std::uint8_t * pos, - const olm::Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ) { pos = olm::pickle_bytes( - pos, value.public_key, sizeof(value.public_key) + pos, value.public_key.public_key, + sizeof(value.public_key.public_key) ); pos = olm::pickle_bytes( - pos, value.private_key, sizeof(value.private_key) + pos, value.private_key.private_key, + sizeof(value.private_key.private_key) ); return pos; } @@ -123,19 +126,21 @@ std::uint8_t * olm::pickle( std::uint8_t const * olm::unpickle( std::uint8_t const * pos, std::uint8_t const * end, - olm::Curve25519KeyPair & value + _olm_curve25519_key_pair & value ) { pos = olm::unpickle_bytes( - pos, end, value.public_key, sizeof(value.public_key) + pos, end, value.public_key.public_key, + sizeof(value.public_key.public_key) ); pos = olm::unpickle_bytes( - pos, end, value.private_key, sizeof(value.private_key) + pos, end, value.private_key.private_key, + sizeof(value.private_key.private_key) ); return pos; } std::size_t olm::pickle_length( - const olm::Ed25519PublicKey & value + const _olm_ed25519_public_key & value ) { return sizeof(value.public_key); } @@ -143,7 +148,7 @@ std::size_t olm::pickle_length( std::uint8_t * olm::pickle( std::uint8_t * pos, - const olm::Ed25519PublicKey & value + const _olm_ed25519_public_key & value ) { pos = olm::pickle_bytes( pos, value.public_key, sizeof(value.public_key) @@ -154,7 +159,7 @@ std::uint8_t * olm::pickle( std::uint8_t const * olm::unpickle( std::uint8_t const * pos, std::uint8_t const * end, - olm::Ed25519PublicKey & value + _olm_ed25519_public_key & value ) { pos = olm::unpickle_bytes( pos, end, value.public_key, sizeof(value.public_key) @@ -165,21 +170,24 @@ std::uint8_t const * olm::unpickle( std::size_t olm::pickle_length( - const olm::Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ) { - return sizeof(value.public_key) + sizeof(value.private_key); + return sizeof(value.public_key.public_key) + + sizeof(value.private_key.private_key); } std::uint8_t * olm::pickle( std::uint8_t * pos, - const olm::Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ) { pos = olm::pickle_bytes( - pos, value.public_key, sizeof(value.public_key) + pos, value.public_key.public_key, + sizeof(value.public_key.public_key) ); pos = olm::pickle_bytes( - pos, value.private_key, sizeof(value.private_key) + pos, value.private_key.private_key, + sizeof(value.private_key.private_key) ); return pos; } @@ -187,13 +195,15 @@ std::uint8_t * olm::pickle( std::uint8_t const * olm::unpickle( std::uint8_t const * pos, std::uint8_t const * end, - olm::Ed25519KeyPair & value + _olm_ed25519_key_pair & value ) { pos = olm::unpickle_bytes( - pos, end, value.public_key, sizeof(value.public_key) + pos, end, value.public_key.public_key, + sizeof(value.public_key.public_key) ); pos = olm::unpickle_bytes( - pos, end, value.private_key, sizeof(value.private_key) + pos, end, value.private_key.private_key, + sizeof(value.private_key.private_key) ); return pos; } diff --git a/src/ratchet.cpp b/src/ratchet.cpp index 57cb385..279c4c0 100644 --- a/src/ratchet.cpp +++ b/src/ratchet.cpp @@ -41,14 +41,14 @@ static const std::size_t MAX_MESSAGE_GAP = 2000; */ static void create_chain_key( olm::SharedKey const & root_key, - olm::Curve25519KeyPair const & our_key, - olm::Curve25519PublicKey const & their_key, + _olm_curve25519_key_pair const & our_key, + _olm_curve25519_public_key const & their_key, olm::KdfInfo const & info, olm::SharedKey & new_root_key, olm::ChainKey & new_chain_key ) { olm::SharedKey secret; - olm::curve25519_shared_secret(our_key, their_key, secret); + _olm_crypto_curve25519_shared_secret(&our_key, &their_key, secret); std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH]; _olm_crypto_hkdf_sha256( secret, sizeof(secret), @@ -189,7 +189,7 @@ olm::Ratchet::Ratchet( void olm::Ratchet::initialise_as_bob( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - olm::Curve25519PublicKey const & their_ratchet_key + _olm_curve25519_public_key const & their_ratchet_key ) { std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH]; _olm_crypto_hkdf_sha256( @@ -210,7 +210,7 @@ void olm::Ratchet::initialise_as_bob( void olm::Ratchet::initialise_as_alice( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - olm::Curve25519KeyPair const & our_ratchet_key + _olm_curve25519_key_pair const & our_ratchet_key ) { std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH]; _olm_crypto_hkdf_sha256( @@ -437,7 +437,7 @@ std::size_t olm::Ratchet::encrypt( if (sender_chain.empty()) { sender_chain.insert(); - olm::curve25519_generate_key(random, sender_chain[0].ratchet_key); + _olm_crypto_curve25519_generate_key(random, &sender_chain[0].ratchet_key); create_chain_key( root_key, sender_chain[0].ratchet_key, @@ -456,7 +456,8 @@ std::size_t olm::Ratchet::encrypt( plaintext_length ); std::uint32_t counter = keys.index; - Curve25519PublicKey const & ratchet_key = sender_chain[0].ratchet_key; + _olm_curve25519_public_key const & ratchet_key = + sender_chain[0].ratchet_key.public_key; olm::MessageWriter writer; diff --git a/src/session.cpp b/src/session.cpp index 7bde5d1..72e2be8 100644 --- a/src/session.cpp +++ b/src/session.cpp @@ -55,8 +55,8 @@ std::size_t olm::Session::new_outbound_session_random_length() { std::size_t olm::Session::new_outbound_session( olm::Account const & local_account, - olm::Curve25519PublicKey const & identity_key, - olm::Curve25519PublicKey const & one_time_key, + _olm_curve25519_public_key const & identity_key, + _olm_curve25519_public_key const & one_time_key, std::uint8_t const * random, std::size_t random_length ) { if (random_length < new_outbound_session_random_length()) { @@ -64,29 +64,30 @@ std::size_t olm::Session::new_outbound_session( return std::size_t(-1); } - olm::Curve25519KeyPair base_key; - olm::curve25519_generate_key(random, base_key); + _olm_curve25519_key_pair base_key; + _olm_crypto_curve25519_generate_key(random, &base_key); - olm::Curve25519KeyPair ratchet_key; - olm::curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, ratchet_key); + _olm_curve25519_key_pair ratchet_key; + _olm_crypto_curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, &ratchet_key); - olm::Curve25519KeyPair const & alice_identity_key_pair = ( + _olm_curve25519_key_pair const & alice_identity_key_pair = ( local_account.identity_keys.curve25519_key ); received_message = false; - alice_identity_key = alice_identity_key_pair; - alice_base_key = base_key; + alice_identity_key = alice_identity_key_pair.public_key; + alice_base_key = base_key.public_key; bob_one_time_key = one_time_key; // Calculate the shared secret S via triple DH std::uint8_t secret[3 * CURVE25519_SHARED_SECRET_LENGTH]; std::uint8_t * pos = secret; - olm::curve25519_shared_secret(alice_identity_key_pair, one_time_key, pos); + + _olm_crypto_curve25519_shared_secret(&alice_identity_key_pair, &one_time_key, pos); pos += CURVE25519_SHARED_SECRET_LENGTH; - olm::curve25519_shared_secret(base_key, identity_key, pos); + _olm_crypto_curve25519_shared_secret(&base_key, &identity_key, pos); pos += CURVE25519_SHARED_SECRET_LENGTH; - olm::curve25519_shared_secret(base_key, one_time_key, pos); + _olm_crypto_curve25519_shared_secret(&base_key, &one_time_key, pos); ratchet.initialise_as_alice(secret, sizeof(secret), ratchet_key); @@ -120,7 +121,7 @@ static bool check_message_fields( std::size_t olm::Session::new_inbound_session( olm::Account & local_account, - olm::Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * one_time_key_message, std::size_t message_length ) { olm::PreKeyMessageReader reader; @@ -157,7 +158,7 @@ std::size_t olm::Session::new_inbound_session( return std::size_t(-1); } - olm::Curve25519PublicKey ratchet_key; + _olm_curve25519_public_key ratchet_key; olm::load_array(ratchet_key.public_key, message_reader.ratchet_key); olm::OneTimeKey const * our_one_time_key = local_account.lookup_key( @@ -169,19 +170,19 @@ std::size_t olm::Session::new_inbound_session( return std::size_t(-1); } - olm::Curve25519KeyPair const & bob_identity_key = ( + _olm_curve25519_key_pair const & bob_identity_key = ( local_account.identity_keys.curve25519_key ); - olm::Curve25519KeyPair const & bob_one_time_key = our_one_time_key->key; + _olm_curve25519_key_pair const & bob_one_time_key = our_one_time_key->key; // Calculate the shared secret S via triple DH std::uint8_t secret[CURVE25519_SHARED_SECRET_LENGTH * 3]; std::uint8_t * pos = secret; - olm::curve25519_shared_secret(bob_one_time_key, alice_identity_key, pos); + _olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_identity_key, pos); pos += CURVE25519_SHARED_SECRET_LENGTH; - olm::curve25519_shared_secret(bob_identity_key, alice_base_key, pos); + _olm_crypto_curve25519_shared_secret(&bob_identity_key, &alice_base_key, pos); pos += CURVE25519_SHARED_SECRET_LENGTH; - olm::curve25519_shared_secret(bob_one_time_key, alice_base_key, pos); + _olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_base_key, pos); ratchet.initialise_as_bob(secret, sizeof(secret), ratchet_key); @@ -214,7 +215,7 @@ std::size_t olm::Session::session_id( bool olm::Session::matches_inbound_session( - olm::Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * one_time_key_message, std::size_t message_length ) { olm::PreKeyMessageReader reader; diff --git a/src/utility.cpp b/src/utility.cpp index e33351c..43d8e16 100644 --- a/src/utility.cpp +++ b/src/utility.cpp @@ -41,7 +41,7 @@ size_t olm::Utility::sha256( size_t olm::Utility::ed25519_verify( - Ed25519PublicKey const & key, + _olm_ed25519_public_key const & key, std::uint8_t const * message, std::size_t message_length, std::uint8_t const * signature, std::size_t signature_length ) { @@ -49,7 +49,7 @@ size_t olm::Utility::ed25519_verify( last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC; return std::size_t(-1); } - if (!olm::ed25519_verify(key, message, message_length, signature)) { + if (!_olm_crypto_ed25519_verify(&key, message, message_length, signature)) { last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC; return std::size_t(-1); } diff --git a/tests/test_crypto.cpp b/tests/test_crypto.cpp index 56abdcd..12715d0 100644 --- a/tests/test_crypto.cpp +++ b/tests/test_crypto.cpp @@ -58,25 +58,25 @@ std::uint8_t expected_agreement[32] = { 0x76, 0xF0, 0x9B, 0x3C, 0x1E, 0x16, 0x17, 0x42 }; -olm::Curve25519KeyPair alice_pair; -olm::curve25519_generate_key(alice_private, alice_pair); +_olm_curve25519_key_pair alice_pair; +_olm_crypto_curve25519_generate_key(alice_private, &alice_pair); -assert_equals(alice_private, alice_pair.private_key, 32); -assert_equals(alice_public, alice_pair.public_key, 32); +assert_equals(alice_private, alice_pair.private_key.private_key, 32); +assert_equals(alice_public, alice_pair.public_key.public_key, 32); -olm::Curve25519KeyPair bob_pair; -olm::curve25519_generate_key(bob_private, bob_pair); +_olm_curve25519_key_pair bob_pair; +_olm_crypto_curve25519_generate_key(bob_private, &bob_pair); -assert_equals(bob_private, bob_pair.private_key, 32); -assert_equals(bob_public, bob_pair.public_key, 32); +assert_equals(bob_private, bob_pair.private_key.private_key, 32); +assert_equals(bob_public, bob_pair.public_key.public_key, 32); std::uint8_t actual_agreement[CURVE25519_SHARED_SECRET_LENGTH] = {}; -olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement); +_olm_crypto_curve25519_shared_secret(&alice_pair, &bob_pair.public_key, actual_agreement); assert_equals(expected_agreement, actual_agreement, 32); -olm::curve25519_shared_secret(bob_pair, alice_pair, actual_agreement); +_olm_crypto_curve25519_shared_secret(&bob_pair, &alice_pair.public_key, actual_agreement); assert_equals(expected_agreement, actual_agreement, 32); @@ -90,22 +90,22 @@ std::uint8_t private_key[33] = "This key is a string of 32 bytes"; std::uint8_t message[] = "Hello, World"; std::size_t message_length = sizeof(message) - 1; -olm::Ed25519KeyPair key_pair; -olm::ed25519_generate_key(private_key, key_pair); +_olm_ed25519_key_pair key_pair; +_olm_crypto_ed25519_generate_key(private_key, &key_pair); std::uint8_t signature[64]; -olm::ed25519_sign( - key_pair, message, message_length, signature +_olm_crypto_ed25519_sign( + &key_pair, message, message_length, signature ); -bool result = olm::ed25519_verify( - key_pair, message, message_length, signature +bool result = _olm_crypto_ed25519_verify( + &key_pair.public_key, message, message_length, signature ); assert_equals(true, result); message[0] = 'n'; -result = olm::ed25519_verify( - key_pair, message, message_length, signature +result = _olm_crypto_ed25519_verify( + &key_pair.public_key, message, message_length, signature ); assert_equals(false, result); } diff --git a/tests/test_ratchet.cpp b/tests/test_ratchet.cpp index 2f8412e..fb60ba9 100644 --- a/tests/test_ratchet.cpp +++ b/tests/test_ratchet.cpp @@ -32,8 +32,8 @@ _olm_cipher_aes_sha_256 cipher0 = OLM_CIPHER_INIT_AES_SHA_256(message_info); _olm_cipher *cipher = OLM_CIPHER_BASE(&cipher0); std::uint8_t random_bytes[] = "0123456789ABDEF0123456789ABCDEF"; -olm::Curve25519KeyPair alice_key; -olm::curve25519_generate_key(random_bytes, alice_key); +_olm_curve25519_key_pair alice_key; +_olm_crypto_curve25519_generate_key(random_bytes, &alice_key); std::uint8_t shared_secret[] = "A secret"; @@ -44,7 +44,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext[] = "Message"; std::size_t plaintext_length = sizeof(plaintext) - 1; @@ -113,7 +113,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext_1[] = "First Message"; std::size_t plaintext_1_length = sizeof(plaintext_1) - 1; @@ -185,7 +185,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext[] = "These 15 bytes"; assert_equals(std::size_t(15), sizeof(plaintext)); diff --git a/tests/test_session.cpp b/tests/test_session.cpp index c4c5b2a..e2c3199 100644 --- a/tests/test_session.cpp +++ b/tests/test_session.cpp @@ -33,12 +33,12 @@ void check_session(const olm::Session &session) { assert_equals( decode_hex("f77a03eaa9b301fa7d2a5aa6b50286906de12cc96044f526dbbcb12839ad7003"), - session.ratchet.sender_chain[0].ratchet_key.public_key, 32 + session.ratchet.sender_chain[0].ratchet_key.public_key.public_key, 32 ); assert_equals( decode_hex("d945c6ed4c7c277117adf11fb133a7936d287afe97c0b3ac989644b4490d4f31"), - session.ratchet.sender_chain[0].ratchet_key.private_key, 32 + session.ratchet.sender_chain[0].ratchet_key.private_key.private_key, 32 ); assert_equals(