2015-02-26 17:56:25 +01:00
|
|
|
/* Copyright 2015 OpenMarket Ltd
|
|
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
*
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
*/
|
2015-06-27 01:15:23 +02:00
|
|
|
#include "olm/message.hh"
|
2015-02-25 12:20:12 +01:00
|
|
|
|
2016-04-26 12:44:32 +02:00
|
|
|
#include "olm/memory.hh"
|
|
|
|
|
|
2015-02-25 12:20:12 +01:00
|
|
|
namespace {
|
|
|
|
|
|
|
|
|
|
template<typename T>
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::size_t varint_length(
|
2015-02-25 12:20:12 +01:00
|
|
|
T value
|
|
|
|
|
) {
|
|
|
|
|
std::size_t result = 1;
|
2015-06-23 18:47:48 +02:00
|
|
|
while (value >= 128U) {
|
2015-02-25 12:20:12 +01:00
|
|
|
++result;
|
|
|
|
|
value >>= 7;
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
template<typename T>
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t * varint_encode(
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint8_t * output,
|
|
|
|
|
T value
|
|
|
|
|
) {
|
2015-06-23 18:47:48 +02:00
|
|
|
while (value >= 128U) {
|
2015-02-25 12:20:12 +01:00
|
|
|
*(output++) = (0x7F & value) | 0x80;
|
2015-06-23 18:47:48 +02:00
|
|
|
value >>= 7;
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
|
|
|
|
(*output++) = value;
|
|
|
|
|
return output;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
template<typename T>
|
2015-08-18 18:09:55 +02:00
|
|
|
static T varint_decode(
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint8_t const * varint_start,
|
|
|
|
|
std::uint8_t const * varint_end
|
|
|
|
|
) {
|
|
|
|
|
T value = 0;
|
2015-08-07 19:25:21 +02:00
|
|
|
if (varint_end == varint_start) {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2015-02-25 12:20:12 +01:00
|
|
|
do {
|
|
|
|
|
value <<= 7;
|
|
|
|
|
value |= 0x7F & *(--varint_end);
|
|
|
|
|
} while (varint_end != varint_start);
|
|
|
|
|
return value;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t const * varint_skip(
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint8_t const * input,
|
|
|
|
|
std::uint8_t const * input_end
|
|
|
|
|
) {
|
|
|
|
|
while (input != input_end) {
|
|
|
|
|
std::uint8_t tmp = *(input++);
|
|
|
|
|
if ((tmp & 0x80) == 0) {
|
|
|
|
|
return input;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return input;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::size_t varstring_length(
|
2015-02-25 12:20:12 +01:00
|
|
|
std::size_t string_length
|
|
|
|
|
) {
|
|
|
|
|
return varint_length(string_length) + string_length;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static std::size_t const VERSION_LENGTH = 1;
|
|
|
|
|
static std::uint8_t const RATCHET_KEY_TAG = 012;
|
|
|
|
|
static std::uint8_t const COUNTER_TAG = 020;
|
|
|
|
|
static std::uint8_t const CIPHERTEXT_TAG = 042;
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t * encode(
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t * pos,
|
|
|
|
|
std::uint8_t tag,
|
|
|
|
|
std::uint32_t value
|
|
|
|
|
) {
|
|
|
|
|
*(pos++) = tag;
|
|
|
|
|
return varint_encode(pos, value);
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t * encode(
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t * pos,
|
|
|
|
|
std::uint8_t tag,
|
|
|
|
|
std::uint8_t * & value, std::size_t value_length
|
|
|
|
|
) {
|
|
|
|
|
*(pos++) = tag;
|
|
|
|
|
pos = varint_encode(pos, value_length);
|
|
|
|
|
value = pos;
|
|
|
|
|
return pos + value_length;
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t const * decode(
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t const * pos, std::uint8_t const * end,
|
|
|
|
|
std::uint8_t tag,
|
|
|
|
|
std::uint32_t & value, bool & has_value
|
|
|
|
|
) {
|
|
|
|
|
if (pos != end && *pos == tag) {
|
|
|
|
|
++pos;
|
|
|
|
|
std::uint8_t const * value_start = pos;
|
|
|
|
|
pos = varint_skip(pos, end);
|
|
|
|
|
value = varint_decode<std::uint32_t>(value_start, pos);
|
|
|
|
|
has_value = true;
|
|
|
|
|
}
|
|
|
|
|
return pos;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t const * decode(
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t const * pos, std::uint8_t const * end,
|
|
|
|
|
std::uint8_t tag,
|
|
|
|
|
std::uint8_t const * & value, std::size_t & value_length
|
|
|
|
|
) {
|
|
|
|
|
if (pos != end && *pos == tag) {
|
|
|
|
|
++pos;
|
|
|
|
|
std::uint8_t const * len_start = pos;
|
|
|
|
|
pos = varint_skip(pos, end);
|
|
|
|
|
std::size_t len = varint_decode<std::size_t>(len_start, pos);
|
2016-05-23 20:37:49 +02:00
|
|
|
if (len > std::size_t(end - pos)) return end;
|
2015-06-11 16:57:45 +02:00
|
|
|
value = pos;
|
|
|
|
|
value_length = len;
|
|
|
|
|
pos += len;
|
|
|
|
|
}
|
|
|
|
|
return pos;
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-18 18:09:55 +02:00
|
|
|
static std::uint8_t const * skip_unknown(
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t const * pos, std::uint8_t const * end
|
|
|
|
|
) {
|
|
|
|
|
if (pos != end) {
|
|
|
|
|
uint8_t tag = *pos;
|
2015-06-23 16:15:18 +02:00
|
|
|
if ((tag & 0x7) == 0) {
|
2015-06-11 16:57:45 +02:00
|
|
|
pos = varint_skip(pos, end);
|
|
|
|
|
pos = varint_skip(pos, end);
|
2015-06-23 16:15:18 +02:00
|
|
|
} else if ((tag & 0x7) == 2) {
|
2015-06-11 16:57:45 +02:00
|
|
|
pos = varint_skip(pos, end);
|
|
|
|
|
std::uint8_t const * len_start = pos;
|
|
|
|
|
pos = varint_skip(pos, end);
|
|
|
|
|
std::size_t len = varint_decode<std::size_t>(len_start, pos);
|
2016-05-23 20:37:49 +02:00
|
|
|
if (len > std::size_t(end - pos)) return end;
|
2015-06-11 16:57:45 +02:00
|
|
|
pos += len;
|
|
|
|
|
} else {
|
|
|
|
|
return end;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return pos;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-25 12:20:12 +01:00
|
|
|
} // namespace
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
std::size_t olm::encode_message_length(
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint32_t counter,
|
|
|
|
|
std::size_t ratchet_key_length,
|
|
|
|
|
std::size_t ciphertext_length,
|
|
|
|
|
std::size_t mac_length
|
|
|
|
|
) {
|
|
|
|
|
std::size_t length = VERSION_LENGTH;
|
|
|
|
|
length += 1 + varstring_length(ratchet_key_length);
|
|
|
|
|
length += 1 + varint_length(counter);
|
|
|
|
|
length += 1 + varstring_length(ciphertext_length);
|
2015-06-11 15:20:35 +02:00
|
|
|
length += mac_length;
|
|
|
|
|
return length;
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
void olm::encode_message(
|
|
|
|
|
olm::MessageWriter & writer,
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint8_t version,
|
|
|
|
|
std::uint32_t counter,
|
|
|
|
|
std::size_t ratchet_key_length,
|
|
|
|
|
std::size_t ciphertext_length,
|
|
|
|
|
std::uint8_t * output
|
|
|
|
|
) {
|
|
|
|
|
std::uint8_t * pos = output;
|
|
|
|
|
*(pos++) = version;
|
2015-06-11 16:57:45 +02:00
|
|
|
pos = encode(pos, RATCHET_KEY_TAG, writer.ratchet_key, ratchet_key_length);
|
|
|
|
|
pos = encode(pos, COUNTER_TAG, counter);
|
|
|
|
|
pos = encode(pos, CIPHERTEXT_TAG, writer.ciphertext, ciphertext_length);
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
void olm::decode_message(
|
|
|
|
|
olm::MessageReader & reader,
|
2015-02-25 12:20:12 +01:00
|
|
|
std::uint8_t const * input, std::size_t input_length,
|
|
|
|
|
std::size_t mac_length
|
|
|
|
|
) {
|
|
|
|
|
std::uint8_t const * pos = input;
|
|
|
|
|
std::uint8_t const * end = input + input_length - mac_length;
|
2015-06-12 15:09:41 +02:00
|
|
|
std::uint8_t const * unknown = nullptr;
|
2015-06-11 16:57:45 +02:00
|
|
|
|
|
|
|
|
reader.input = input;
|
|
|
|
|
reader.input_length = input_length;
|
|
|
|
|
reader.has_counter = false;
|
2015-06-12 15:09:41 +02:00
|
|
|
reader.ratchet_key = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.ratchet_key_length = 0;
|
2015-06-12 15:09:41 +02:00
|
|
|
reader.ciphertext = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.ciphertext_length = 0;
|
|
|
|
|
|
|
|
|
|
if (pos == end) return;
|
2015-08-07 20:33:48 +02:00
|
|
|
if (input_length < mac_length) return;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.version = *(pos++);
|
2015-06-11 16:57:45 +02:00
|
|
|
|
2015-02-25 12:20:12 +01:00
|
|
|
while (pos != end) {
|
2015-06-11 16:57:45 +02:00
|
|
|
pos = decode(
|
|
|
|
|
pos, end, RATCHET_KEY_TAG,
|
|
|
|
|
reader.ratchet_key, reader.ratchet_key_length
|
|
|
|
|
);
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, COUNTER_TAG,
|
|
|
|
|
reader.counter, reader.has_counter
|
|
|
|
|
);
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, CIPHERTEXT_TAG,
|
|
|
|
|
reader.ciphertext, reader.ciphertext_length
|
|
|
|
|
);
|
|
|
|
|
if (unknown == pos) {
|
2015-06-23 16:15:18 +02:00
|
|
|
pos = skip_unknown(pos, end);
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
2015-06-11 16:57:45 +02:00
|
|
|
unknown = pos;
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
2015-06-11 16:57:45 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace {
|
|
|
|
|
|
2015-07-08 15:53:25 +02:00
|
|
|
static std::uint8_t const ONE_TIME_KEY_ID_TAG = 012;
|
2015-06-11 16:57:45 +02:00
|
|
|
static std::uint8_t const BASE_KEY_TAG = 022;
|
|
|
|
|
static std::uint8_t const IDENTITY_KEY_TAG = 032;
|
|
|
|
|
static std::uint8_t const MESSAGE_TAG = 042;
|
|
|
|
|
|
|
|
|
|
} // namespace
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
std::size_t olm::encode_one_time_key_message_length(
|
2015-07-08 15:53:25 +02:00
|
|
|
std::size_t one_time_key_length,
|
2015-06-11 16:57:45 +02:00
|
|
|
std::size_t identity_key_length,
|
|
|
|
|
std::size_t base_key_length,
|
|
|
|
|
std::size_t message_length
|
|
|
|
|
) {
|
|
|
|
|
std::size_t length = VERSION_LENGTH;
|
2015-07-08 15:53:25 +02:00
|
|
|
length += 1 + varstring_length(one_time_key_length);
|
2015-06-11 16:57:45 +02:00
|
|
|
length += 1 + varstring_length(identity_key_length);
|
|
|
|
|
length += 1 + varstring_length(base_key_length);
|
|
|
|
|
length += 1 + varstring_length(message_length);
|
|
|
|
|
return length;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
void olm::encode_one_time_key_message(
|
|
|
|
|
olm::PreKeyMessageWriter & writer,
|
2015-06-11 16:57:45 +02:00
|
|
|
std::uint8_t version,
|
|
|
|
|
std::size_t identity_key_length,
|
|
|
|
|
std::size_t base_key_length,
|
2015-07-08 15:53:25 +02:00
|
|
|
std::size_t one_time_key_length,
|
2015-06-11 16:57:45 +02:00
|
|
|
std::size_t message_length,
|
|
|
|
|
std::uint8_t * output
|
|
|
|
|
) {
|
|
|
|
|
std::uint8_t * pos = output;
|
|
|
|
|
*(pos++) = version;
|
2015-07-08 15:53:25 +02:00
|
|
|
pos = encode(pos, ONE_TIME_KEY_ID_TAG, writer.one_time_key, one_time_key_length);
|
2015-06-11 16:57:45 +02:00
|
|
|
pos = encode(pos, BASE_KEY_TAG, writer.base_key, base_key_length);
|
|
|
|
|
pos = encode(pos, IDENTITY_KEY_TAG, writer.identity_key, identity_key_length);
|
|
|
|
|
pos = encode(pos, MESSAGE_TAG, writer.message, message_length);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-06-27 01:15:23 +02:00
|
|
|
void olm::decode_one_time_key_message(
|
2015-06-11 16:57:45 +02:00
|
|
|
PreKeyMessageReader & reader,
|
|
|
|
|
std::uint8_t const * input, std::size_t input_length
|
|
|
|
|
) {
|
|
|
|
|
std::uint8_t const * pos = input;
|
|
|
|
|
std::uint8_t const * end = input + input_length;
|
2015-06-12 15:09:41 +02:00
|
|
|
std::uint8_t const * unknown = nullptr;
|
2015-06-11 16:57:45 +02:00
|
|
|
|
2015-07-08 15:53:25 +02:00
|
|
|
reader.one_time_key = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.one_time_key_length = 0;
|
2015-06-12 15:09:41 +02:00
|
|
|
reader.identity_key = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.identity_key_length = 0;
|
2015-06-12 15:09:41 +02:00
|
|
|
reader.base_key = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.base_key_length = 0;
|
2015-06-12 15:09:41 +02:00
|
|
|
reader.message = nullptr;
|
2015-08-07 19:58:42 +02:00
|
|
|
reader.message_length = 0;
|
|
|
|
|
|
|
|
|
|
if (pos == end) return;
|
|
|
|
|
reader.version = *(pos++);
|
2015-06-11 16:57:45 +02:00
|
|
|
|
|
|
|
|
while (pos != end) {
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, ONE_TIME_KEY_ID_TAG,
|
2015-07-08 15:53:25 +02:00
|
|
|
reader.one_time_key, reader.one_time_key_length
|
2015-06-11 16:57:45 +02:00
|
|
|
);
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, BASE_KEY_TAG,
|
|
|
|
|
reader.base_key, reader.base_key_length
|
|
|
|
|
);
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, IDENTITY_KEY_TAG,
|
|
|
|
|
reader.identity_key, reader.identity_key_length
|
|
|
|
|
);
|
|
|
|
|
pos = decode(
|
|
|
|
|
pos, end, MESSAGE_TAG,
|
|
|
|
|
reader.message, reader.message_length
|
|
|
|
|
);
|
|
|
|
|
if (unknown == pos) {
|
2015-06-23 16:15:18 +02:00
|
|
|
pos = skip_unknown(pos, end);
|
2015-06-11 16:57:45 +02:00
|
|
|
}
|
|
|
|
|
unknown = pos;
|
2015-02-25 12:20:12 +01:00
|
|
|
}
|
|
|
|
|
}
|
