Commit Graph

27 Commits (a02f3d9f824ac4d2fc333c5c0cf83ff4317c60f6)

Author SHA1 Message Date
Denis Kasak a02f3d9f82 fix: Properly check error conditions for int-returning functions.
OpenSSL functions returning an int like `EVP_PKEY_derive_init` return
non-positive (0 or negative) integers on an error condition, so we need
to check for both.

See e.g. https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_derive.html
2021-12-14 21:57:34 +01:00
Denis Kasak b82dab50c9 feature: Remove support for crypto-algorithms and LibreSSL.
This cuts support for old cryptographic primitives, leaving only OpenSSL
support. ed25519 crypto still uses a vendored ed25519-donna
implementation.
2021-12-14 21:47:11 +01:00
Lukas Lihotzki b989f35daf Use OpenSSL instead of bundled curve25519-donna if enabled
This change primarily increases runtime performance. The tests added together
are speed up by about 50%. Additionally, binary size decreases by about 15%.

LibreSSL can't be used because it doesn't provide a function to get
the public key for an existing private key in its openssl/curve25519.h.

Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
2021-12-14 16:53:24 +01:00
Lukas Lihotzki c7039f5e99 Optionally use OpenSSL or LibreSSL instead of bundled crypto-algorithms
crypto-algorithms "have no resistence to side-channel attacks and should not
be used in contexts that need cryptographically secure implementations" (see
lib/crypto-algorithms/README.md), so using OpenSSL or LibreSSL is preferable.

This does solve https://github.com/matrix-org/olm/issues/3 for some platforms,
without breaking other platforms without these libraries (like web).

Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
2021-12-14 16:53:24 +01:00
Richard van der Hoff 69f269ffaf Convert AES functions to plain C 2016-09-05 10:40:39 +01:00
Richard van der Hoff f0acf6582f Convert Ed25519 and Curve25519 functions to plain C 2016-09-05 10:40:39 +01:00
Richard van der Hoff 39212987bd Create new constants for key lengths, etc
We were using olm::KEY_LENGTH for everything under the sun which happened to be
32 bytes long, and making a bunch of assumptions in the process. Create a bunch
of new constants (as C #defines rather than C++ consts so that I can use them
in another forthcoming refactor).
2016-09-02 15:11:14 +01:00
Richard van der Hoff 0c462cff11 Fix Ed25519 keypair generation
Ed25519 private keys, it turns out, have 64 bytes, not 32.

We were previously generating only 32 bytes (which is all that is required to
generate the public key), and then using the public key as the upper 32 bytes
when generating the per-message session key. This meant that everything
appeared to work, but the security of the private key was severely compromised.

By way of fixes:

 * Use the correct algorithm for generating the Ed25519 private key, and store
   all 512 bits of it.

 * Update the account pickle format and refuse to load the old format (since we
   should consider it compromised).

 * Bump the library version, and add a function to retrieve the library
   version, so that applications can verify that they are linked against a
   fixed version of the library.

 * Remove the curve25519_{sign, verify} functions which were unused and of
   dubious quality.
2016-09-01 13:35:23 +01:00
Richard van der Hoff 444ef1f706 Prefix for internal symbols
Give a load of internal symbols "_olm_" prefixes. This better delineates the
public and private interfaces in the module, and helps avoid internal symbols
leaking out and possibly being abused.
2016-05-23 18:55:06 +01:00
Richard van der Hoff e533b0dc8e Give SHA256 functions C bindings 2016-05-23 18:55:05 +01:00
Richard van der Hoff c8c5f35bb4 crypto.cpp: Fix comments
These seem to be the wrong way around.
2016-05-20 15:37:33 +01:00
Richard van der Hoff acae4e8438 Remove functions which return strings
We don't want anything which does dynamic memory allocation in the library.
2016-05-20 15:07:10 +01:00
Richard van der Hoff 9848f84452 Add some logging to help understand what's going on 2016-04-26 17:55:26 +01:00
Richard van der Hoff 25953b350b Use header files where possible
This fixes an incorrect re-declaration of ed25519_sign.

Implement header files for some of the other library bits so that we don't need
to declare functions in crypto.cpp.
2015-12-03 17:08:04 +00:00
Mark Haines b318055185 Replace hard coded references to the 32-byte key length with a constant, add utilities for copying data to and from fixed sized arrays 2015-08-19 17:32:06 +01:00
Mark Haines 159faa1e2b Make the internal functions static, remove some unused internal functions 2015-08-18 17:09:55 +01:00
Mark Haines 2a873fd4e1 Add functions for creating and verifying ed25519 signatures 2015-07-07 09:50:32 +01:00
Mark Haines a30a64d179 Rename generate_key to curve25519_generate_key 2015-07-07 09:03:12 +01:00
Matthew Hodgson 09d4125ff1 Rename axolotlpp as olm to avoid confusion with Axolotl-the-spec and Axolotl-the-OWS-libraries at moxie's request 2015-06-27 01:15:23 +02:00
Mark Haines 76f49cf177 Add a test for the axolotl API 2015-06-16 15:15:40 +01:00
Mark Haines 315caaba7e Add functions for signing and verifying messages using curve25519 keys 2015-03-03 11:18:07 +00:00
Mark Haines c7419e7cdf Try to ensure the compiler cannot optimise away attempts to erase secrets from memory 2015-02-27 16:11:30 +00:00
Mark Haines d142eb64dd Copyright notices and a license 2015-02-26 16:56:25 +00:00
Mark Haines 09d8e84c7c Implement the axlotl ratchet 2015-02-26 16:30:19 +00:00
Mark Haines 8df4d9e9b5 Tweak AES cbc to add pcks7 padding bytes 2015-02-25 08:35:53 +00:00
Mark Haines b2f865182d Finish and test crypto primitives 2015-02-21 01:36:15 +00:00
Mark Haines 44d0c09205 initial commit: start implementing the crypto primitives 2015-02-20 21:32:56 +00:00