Merge pull request #14 from matrix-org/rav/convert_crypto_to_c

Convert crypto.hh into C-compatible interface

include/olm/account.hh

@@ -16,7 +16,7 @@
 #define OLM_ACCOUNT_HH_
 
 #include "olm/list.hh"
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 #include "olm/error.h"
 
 #include <cstdint>
@@ -25,14 +25,14 @@ namespace olm {
 
 
 struct IdentityKeys {
-    Ed25519KeyPair ed25519_key;
+    _olm_ed25519_key_pair ed25519_key;
-    Curve25519KeyPair curve25519_key;
+    _olm_curve25519_key_pair curve25519_key;
 };
 
 struct OneTimeKey {
     std::uint32_t id;
     bool published;
-    Curve25519KeyPair key;
+    _olm_curve25519_key_pair key;
 };
 
 
@@ -128,12 +128,12 @@ struct Account {
 
     /** Lookup a one time key with the given public key */
     OneTimeKey const * lookup_key(
-        Curve25519PublicKey const & public_key
+        _olm_curve25519_public_key const & public_key
     );
 
     /** Remove a one time key with the given public key */
     std::size_t remove_key(
-        Curve25519PublicKey const & public_key
+        _olm_curve25519_public_key const & public_key
     );
 };
 

include/olm/crypto.h

@@ -57,9 +57,70 @@ extern "C" {
 /** length of an aes256 initialisation vector */
 #define AES256_IV_LENGTH 16
 
+struct _olm_aes256_key {
+    uint8_t key[AES256_KEY_LENGTH];
+};
 
-/** Computes SHA-256 of the input. The output buffer must be a least 32
+struct _olm_aes256_iv {
- * bytes long. */
+    uint8_t iv[AES256_IV_LENGTH];
+};
+
+
+struct _olm_curve25519_public_key {
+    uint8_t public_key[CURVE25519_KEY_LENGTH];
+};
+
+struct _olm_curve25519_private_key {
+    uint8_t private_key[CURVE25519_KEY_LENGTH];
+};
+
+struct _olm_curve25519_key_pair {
+    struct _olm_curve25519_public_key public_key;
+    struct _olm_curve25519_private_key private_key;
+};
+
+struct _olm_ed25519_public_key {
+    uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH];
+};
+
+struct _olm_ed25519_private_key {
+    uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH];
+};
+
+struct _olm_ed25519_key_pair {
+    struct _olm_ed25519_public_key public_key;
+    struct _olm_ed25519_private_key private_key;
+};
+
+
+/** The length of output the aes_encrypt_cbc function will write */
+size_t _olm_crypto_aes_encrypt_cbc_length(
+    size_t input_length
+);
+
+/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
+ * The output buffer must be big enough to hold the output including padding */
+void _olm_crypto_aes_encrypt_cbc(
+    const struct _olm_aes256_key *key,
+    const struct _olm_aes256_iv *iv,
+    const uint8_t *input, size_t input_length,
+    uint8_t *output
+);
+
+/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
+ * least the same size as the input buffer. Returns the length of the plaintext
+ * without padding on success or std::size_t(-1) if the padding is invalid.
+ */
+size_t _olm_crypto_aes_decrypt_cbc(
+    const struct _olm_aes256_key *key,
+    const struct _olm_aes256_iv *iv,
+    uint8_t const * input, size_t input_length,
+    uint8_t * output
+);
+
+
+/** Computes SHA-256 of the input. The output buffer must be a least
+ * SHA256_OUTPUT_LENGTH (32) bytes long. */
 void _olm_crypto_sha256(
     uint8_t const * input, size_t input_length,
     uint8_t * output
@@ -68,7 +129,7 @@ void _olm_crypto_sha256(
 /** HMAC: Keyed-Hashing for Message Authentication
  * http://tools.ietf.org/html/rfc2104
  * Computes HMAC-SHA-256 of the input for the key. The output buffer must
- * be at least 32 bytes long. */
+ * be at least SHA256_OUTPUT_LENGTH (32) bytes long. */
 void _olm_crypto_hmac_sha256(
     uint8_t const * key, size_t key_length,
     uint8_t const * input, size_t input_length,
@@ -87,6 +148,53 @@ void _olm_crypto_hkdf_sha256(
 );
 
 
+/** Generate a curve25519 key pair
+ * random_32_bytes should be CURVE25519_RANDOM_LENGTH (32) bytes long.
+ */
+void _olm_crypto_curve25519_generate_key(
+    uint8_t const * random_32_bytes,
+    struct _olm_curve25519_key_pair *output
+);
+
+
+/** Create a shared secret using our private key and their public key.
+ * The output buffer must be at least CURVE25519_SHARED_SECRET_LENGTH (32) bytes long.
+ */
+void _olm_crypto_curve25519_shared_secret(
+    const struct _olm_curve25519_key_pair *our_key,
+    const struct _olm_curve25519_public_key *their_key,
+    uint8_t * output
+);
+
+/** Generate an ed25519 key pair
+ * random_32_bytes should be ED25519_RANDOM_LENGTH (32) bytes long.
+ */
+void _olm_crypto_ed25519_generate_key(
+    uint8_t const * random_bytes,
+    struct _olm_ed25519_key_pair *output
+);
+
+/** Signs the message using our private key.
+ *
+ * The output buffer must be at least ED25519_SIGNATURE_LENGTH (64) bytes
+ * long. */
+void _olm_crypto_ed25519_sign(
+    const struct _olm_ed25519_key_pair *our_key,
+    const uint8_t * message, size_t message_length,
+    uint8_t * output
+);
+
+/** Verify an ed25519 signature
+ * The signature input buffer must be ED25519_SIGNATURE_LENGTH (64) bytes long.
+ * Returns non-zero if the signature is valid. */
+int _olm_crypto_ed25519_verify(
+    const struct _olm_ed25519_public_key *their_key,
+    const uint8_t * message, size_t message_length,
+    const uint8_t * signature
+);
+
+
+
 #ifdef __cplusplus
 } // extern "C"
 #endif

include/olm/crypto.hh

@@ -1,130 +0,0 @@
-/* Copyright 2015 OpenMarket Ltd
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef OLM_CRYPTO_HH_
-#define OLM_CRYPTO_HH_
-
-#include <cstdint>
-#include <cstddef>
-
-// eventually all of this needs to move into crypto.h, and everything should
-// use that. For now, include crypto.h here.
-
-#include "olm/crypto.h"
-
-namespace olm {
-
-struct Curve25519PublicKey {
-    std::uint8_t public_key[CURVE25519_KEY_LENGTH];
-};
-
-
-struct Curve25519KeyPair : public Curve25519PublicKey {
-    std::uint8_t private_key[CURVE25519_KEY_LENGTH];
-};
-
-
-struct Ed25519PublicKey {
-    std::uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH];
-};
-
-
-struct Ed25519KeyPair : public Ed25519PublicKey {
-    std::uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH];
-};
-
-
-/** Generate a curve25519 key pair from 32 random bytes. */
-void curve25519_generate_key(
-    std::uint8_t const * random_32_bytes,
-    Curve25519KeyPair & key_pair
-);
-
-
-/** Create a shared secret using our private key and their public key.
- * The output buffer must be at least 32 bytes long. */
-void curve25519_shared_secret(
-    Curve25519KeyPair const & our_key,
-    Curve25519PublicKey const & their_key,
-    std::uint8_t * output
-);
-
-
-/** Generate a curve25519 key pair from 32 random bytes. */
-void ed25519_generate_key(
-    std::uint8_t const * random_32_bytes,
-    Ed25519KeyPair & key_pair
-);
-
-
-/** Signs the message using our private key.
- * The output buffer must be at least 64 bytes long. */
-void ed25519_sign(
-    Ed25519KeyPair const & our_key,
-    std::uint8_t const * message, std::size_t message_length,
-    std::uint8_t * output
-);
-
-
-/** Verify their message using their public key.
- * The signature input buffer must be 64 bytes long.
- * Returns true if the signature is valid. */
-bool ed25519_verify(
-    Ed25519PublicKey const & their_key,
-    std::uint8_t const * message, std::size_t message_length,
-    std::uint8_t const * signature
-);
-
-
-struct Aes256Key {
-    std::uint8_t key[AES256_KEY_LENGTH];
-};
-
-
-struct Aes256Iv {
-    std::uint8_t iv[AES256_IV_LENGTH];
-};
-
-
-/** The length of output the aes_encrypt_cbc function will write */
-std::size_t aes_encrypt_cbc_length(
-    std::size_t input_length
-);
-
-
-/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
- * The output buffer must be big enough to hold the output including padding */
-void aes_encrypt_cbc(
-    Aes256Key const & key,
-    Aes256Iv const & iv,
-    std::uint8_t const * input, std::size_t input_length,
-    std::uint8_t * output
-);
-
-
-/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
- * least the same size as the input buffer. Returns the length of the plaintext
- * without padding on success or std::size_t(-1) if the padding is invalid.
- */
-std::size_t aes_decrypt_cbc(
-    Aes256Key const & key,
-    Aes256Iv const & iv,
-    std::uint8_t const * input, std::size_t input_length,
-    std::uint8_t * output
-);
-
-
-} // namespace olm
-
-#endif /* OLM_CRYPTO_HH_ */

include/olm/pickle.hh

@@ -16,7 +16,7 @@
 #define OLM_PICKLE_HH_
 
 #include "olm/list.hh"
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 
 #include <cstring>
 #include <cstdint>
@@ -109,70 +109,70 @@ std::uint8_t const * unpickle_bytes(
 
 
 std::size_t pickle_length(
-    const Curve25519PublicKey & value
+    const _olm_curve25519_public_key & value
 );
 
 
 std::uint8_t * pickle(
     std::uint8_t * pos,
-    const Curve25519PublicKey & value
+    const _olm_curve25519_public_key & value
 );
 
 
 std::uint8_t const * unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    Curve25519PublicKey & value
+    _olm_curve25519_public_key & value
 );
 
 
 std::size_t pickle_length(
-    const Curve25519KeyPair & value
+    const _olm_curve25519_key_pair & value
 );
 
 
 std::uint8_t * pickle(
     std::uint8_t * pos,
-    const Curve25519KeyPair & value
+    const _olm_curve25519_key_pair & value
 );
 
 
 std::uint8_t const * unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    Curve25519KeyPair & value
+    _olm_curve25519_key_pair & value
 );
 
 
 std::size_t pickle_length(
-    const Ed25519PublicKey & value
+    const _olm_ed25519_public_key & value
 );
 
 
 std::uint8_t * pickle(
     std::uint8_t * pos,
-    const Ed25519PublicKey & value
+    const _olm_ed25519_public_key & value
 );
 
 
 std::uint8_t const * unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    Ed25519PublicKey & value
+    _olm_ed25519_public_key & value
 );
 
 
 std::size_t pickle_length(
-    const Ed25519KeyPair & value
+    const _olm_ed25519_key_pair & value
 );
 
 
 std::uint8_t * pickle(
     std::uint8_t * pos,
-    const Ed25519KeyPair & value
+    const _olm_ed25519_key_pair & value
 );
 
 
 std::uint8_t const * unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    Ed25519KeyPair & value
+    _olm_ed25519_key_pair & value
 );
 
 } // namespace olm

include/olm/ratchet.hh

@@ -13,7 +13,9 @@
  * limitations under the License.
  */
 
-#include "olm/crypto.hh"
+#include <cstdint>
+
+#include "olm/crypto.h"
 #include "olm/list.hh"
 #include "olm/error.h"
 
@@ -41,19 +43,19 @@ struct MessageKey {
 
 
 struct SenderChain {
-    Curve25519KeyPair ratchet_key;
+    _olm_curve25519_key_pair ratchet_key;
     ChainKey chain_key;
 };
 
 
 struct ReceiverChain {
-    Curve25519PublicKey ratchet_key;
+    _olm_curve25519_public_key ratchet_key;
     ChainKey chain_key;
 };
 
 
 struct SkippedMessageKey {
-    Curve25519PublicKey ratchet_key;
+    _olm_curve25519_public_key ratchet_key;
     MessageKey message_key;
 };
 
@@ -108,14 +110,14 @@ struct Ratchet {
      * remote's first ratchet key */
     void initialise_as_bob(
         std::uint8_t const * shared_secret, std::size_t shared_secret_length,
-        Curve25519PublicKey const & their_ratchet_key
+        _olm_curve25519_public_key const & their_ratchet_key
     );
 
     /** Initialise the session using a shared secret and the public/private key
      * pair for the first ratchet key */
     void initialise_as_alice(
         std::uint8_t const * shared_secret, std::size_t shared_secret_length,
-        Curve25519KeyPair const & our_ratchet_key
+        _olm_curve25519_key_pair const & our_ratchet_key
     );
 
     /** The number of bytes of output the encrypt method will write for

include/olm/session.hh

@@ -35,9 +35,9 @@ struct Session {
 
     bool received_message;
 
-    Curve25519PublicKey alice_identity_key;
+    _olm_curve25519_public_key alice_identity_key;
-    Curve25519PublicKey alice_base_key;
+    _olm_curve25519_public_key alice_base_key;
-    Curve25519PublicKey bob_one_time_key;
+    _olm_curve25519_public_key bob_one_time_key;
 
     /** The number of random bytes that are needed to create a new outbound
      * session. This will be 64 bytes since two ephemeral keys are needed. */
@@ -48,8 +48,8 @@ struct Session {
      * NOT_ENOUGH_RANDOM if the number of random bytes was too small. */
     std::size_t new_outbound_session(
         Account const & local_account,
-        Curve25519PublicKey const & identity_key,
+        _olm_curve25519_public_key const & identity_key,
-        Curve25519PublicKey const & one_time_key,
+        _olm_curve25519_public_key const & one_time_key,
         std::uint8_t const * random, std::size_t random_length
     );
 
@@ -59,7 +59,7 @@ struct Session {
      * the message headers could not be decoded. */
     std::size_t new_inbound_session(
         Account & local_account,
-        Curve25519PublicKey const * their_identity_key,
+        _olm_curve25519_public_key const * their_identity_key,
         std::uint8_t const * pre_key_message, std::size_t message_length
     );
 
@@ -82,7 +82,7 @@ struct Session {
      * session does not match or the pre-key message could not be decoded.
      */
     bool matches_inbound_session(
-        Curve25519PublicKey const * their_identity_key,
+        _olm_curve25519_public_key const * their_identity_key,
         std::uint8_t const * pre_key_message, std::size_t message_length
     );
 

include/olm/utility.hh

@@ -21,9 +21,9 @@
 #include <cstddef>
 #include <cstdint>
 
-namespace olm {
+struct _olm_ed25519_public_key;
 
-struct Ed25519PublicKey;
+namespace olm {
 
 struct Utility {
 
@@ -48,7 +48,7 @@ struct Utility {
      * last_error will be set with an error code. If the signature was too short
      * or was not a valid signature then last_error will be BAD_MESSAGE_MAC. */
     std::size_t ed25519_verify(
-        Ed25519PublicKey const & key,
+        _olm_ed25519_public_key const & key,
         std::uint8_t const * message, std::size_t message_length,
         std::uint8_t const * signature, std::size_t signature_length
     );

src/account.cpp

@@ -24,10 +24,10 @@ olm::Account::Account(
 
 
 olm::OneTimeKey const * olm::Account::lookup_key(
-    olm::Curve25519PublicKey const & public_key
+    _olm_curve25519_public_key const & public_key
 ) {
     for (olm::OneTimeKey const & key : one_time_keys) {
-        if (olm::array_equal(key.key.public_key, public_key.public_key)) {
+        if (olm::array_equal(key.key.public_key.public_key, public_key.public_key)) {
             return &key;
         }
     }
@@ -35,11 +35,11 @@ olm::OneTimeKey const * olm::Account::lookup_key(
 }
 
 std::size_t olm::Account::remove_key(
-    olm::Curve25519PublicKey const & public_key
+    _olm_curve25519_public_key const & public_key
 ) {
     OneTimeKey * i;
     for (i = one_time_keys.begin(); i != one_time_keys.end(); ++i) {
-        if (olm::array_equal(i->key.public_key, public_key.public_key)) {
+        if (olm::array_equal(i->key.public_key.public_key, public_key.public_key)) {
             std::uint32_t id = i->id;
             one_time_keys.erase(i);
             return id;
@@ -60,9 +60,9 @@ std::size_t olm::Account::new_account(
         return std::size_t(-1);
     }
 
-    olm::ed25519_generate_key(random, identity_keys.ed25519_key);
+    _olm_crypto_ed25519_generate_key(random, &identity_keys.ed25519_key);
     random += ED25519_RANDOM_LENGTH;
-    olm::curve25519_generate_key(random, identity_keys.curve25519_key);
+    _olm_crypto_curve25519_generate_key(random, &identity_keys.curve25519_key);
 
     return 0;
 }
@@ -118,16 +118,16 @@ std::size_t olm::Account::get_identity_json(
     pos = write_string(pos, KEY_JSON_CURVE25519);
     *(pos++) = '\"';
     pos = olm::encode_base64(
-        identity_keys.curve25519_key.public_key,
+        identity_keys.curve25519_key.public_key.public_key,
-        sizeof(identity_keys.curve25519_key.public_key),
+        sizeof(identity_keys.curve25519_key.public_key.public_key),
         pos
     );
     *(pos++) = '\"'; *(pos++) = ',';
     pos = write_string(pos, KEY_JSON_ED25519);
     *(pos++) = '\"';
     pos = olm::encode_base64(
-        identity_keys.ed25519_key.public_key,
+        identity_keys.ed25519_key.public_key.public_key,
-        sizeof(identity_keys.ed25519_key.public_key),
+        sizeof(identity_keys.ed25519_key.public_key.public_key),
         pos
     );
     *(pos++) = '\"'; *(pos++) = '}';
@@ -149,8 +149,8 @@ std::size_t olm::Account::sign(
         last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL;
         return std::size_t(-1);
     }
-    olm::ed25519_sign(
+    _olm_crypto_ed25519_sign(
-        identity_keys.ed25519_key, message, message_length, signature
+        &identity_keys.ed25519_key, message, message_length, signature
     );
     return this->signature_length();
 }
@@ -202,7 +202,7 @@ std::size_t olm::Account::get_one_time_keys_json(
         pos = olm::encode_base64(key_id, sizeof(key_id), pos);
         *(pos++) = '\"'; *(pos++) = ':'; *(pos++) = '\"';
         pos = olm::encode_base64(
-            key.key.public_key, sizeof(key.key.public_key), pos
+            key.key.public_key.public_key, sizeof(key.key.public_key.public_key), pos
         );
         *(pos++) = '\"';
         sep = ',';
@@ -253,7 +253,7 @@ std::size_t olm::Account::generate_one_time_keys(
         OneTimeKey & key = *one_time_keys.insert(one_time_keys.begin());
         key.id = ++next_one_time_key_id;
         key.published = false;
-        olm::curve25519_generate_key(random, key.key);
+        _olm_crypto_curve25519_generate_key(random, &key.key);
         random += CURVE25519_RANDOM_LENGTH;
     }
     return number_of_keys;

src/cipher.cpp

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 #include "olm/cipher.h"
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 #include "olm/memory.hh"
 #include <cstring>
 
@@ -22,9 +22,9 @@ const std::size_t HMAC_KEY_LENGTH = 32;
 namespace {
 
 struct DerivedKeys {
-    olm::Aes256Key aes_key;
+    _olm_aes256_key aes_key;
     std::uint8_t mac_key[HMAC_KEY_LENGTH];
-    olm::Aes256Iv aes_iv;
+    _olm_aes256_iv aes_iv;
 };
 
 
@@ -58,7 +58,7 @@ size_t aes_sha_256_cipher_mac_length(const struct _olm_cipher *cipher) {
 size_t aes_sha_256_cipher_encrypt_ciphertext_length(
         const struct _olm_cipher *cipher, size_t plaintext_length
 ) {
-    return olm::aes_encrypt_cbc_length(plaintext_length);
+    return _olm_crypto_aes_encrypt_cbc_length(plaintext_length);
 }
 
 size_t aes_sha_256_cipher_encrypt(
@@ -80,8 +80,8 @@ size_t aes_sha_256_cipher_encrypt(
 
     derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys);
 
-    olm::aes_encrypt_cbc(
+    _olm_crypto_aes_encrypt_cbc(
-        keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext
+        &keys.aes_key, &keys.aes_iv, plaintext, plaintext_length, ciphertext
     );
 
     _olm_crypto_hmac_sha256(
@@ -126,8 +126,8 @@ size_t aes_sha_256_cipher_decrypt(
         return std::size_t(-1);
     }
 
-    std::size_t plaintext_length = olm::aes_decrypt_cbc(
+    std::size_t plaintext_length = _olm_crypto_aes_decrypt_cbc(
-        keys.aes_key, keys.aes_iv, ciphertext, ciphertext_length, plaintext
+        &keys.aes_key, &keys.aes_iv, ciphertext, ciphertext_length, plaintext
     );
 
     olm::unset(keys);

src/crypto.cpp

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 #include "olm/memory.hh"
 
 #include <cstring>
@@ -100,80 +100,86 @@ inline static void hmac_sha256_final(
 
 } // namespace
 
-void olm::curve25519_generate_key(
+void _olm_crypto_curve25519_generate_key(
-    std::uint8_t const * random_32_bytes,
+    uint8_t const * random_32_bytes,
-    olm::Curve25519KeyPair & key_pair
+    struct _olm_curve25519_key_pair *key_pair
 ) {
-    std::memcpy(key_pair.private_key, random_32_bytes, CURVE25519_KEY_LENGTH);
+    std::memcpy(
+        key_pair->private_key.private_key, random_32_bytes,
+        CURVE25519_KEY_LENGTH
+    );
     ::curve25519_donna(
-        key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT
+        key_pair->public_key.public_key,
+        key_pair->private_key.private_key,
+        CURVE25519_BASEPOINT
     );
 }
 
 
-void olm::curve25519_shared_secret(
+void _olm_crypto_curve25519_shared_secret(
-    olm::Curve25519KeyPair const & our_key,
+    const struct _olm_curve25519_key_pair *our_key,
-    olm::Curve25519PublicKey const & their_key,
+    const struct _olm_curve25519_public_key * their_key,
     std::uint8_t * output
 ) {
-    ::curve25519_donna(output, our_key.private_key, their_key.public_key);
+    ::curve25519_donna(output, our_key->private_key.private_key, their_key->public_key);
 }
 
 
-void olm::ed25519_generate_key(
+void _olm_crypto_ed25519_generate_key(
     std::uint8_t const * random_32_bytes,
-    olm::Ed25519KeyPair & key_pair
+    struct _olm_ed25519_key_pair *key_pair
 ) {
     ::ed25519_create_keypair(
-        key_pair.public_key, key_pair.private_key,
+        key_pair->public_key.public_key, key_pair->private_key.private_key,
         random_32_bytes
     );
 }
 
 
-void olm::ed25519_sign(
+void _olm_crypto_ed25519_sign(
-    olm::Ed25519KeyPair const & our_key,
+    const struct _olm_ed25519_key_pair *our_key,
     std::uint8_t const * message, std::size_t message_length,
     std::uint8_t * output
 ) {
     ::ed25519_sign(
         output,
         message, message_length,
-        our_key.public_key, our_key.private_key
+        our_key->public_key.public_key,
+        our_key->private_key.private_key
     );
 }
 
 
-bool olm::ed25519_verify(
+int _olm_crypto_ed25519_verify(
-    olm::Ed25519PublicKey const & their_key,
+    const struct _olm_ed25519_public_key *their_key,
     std::uint8_t const * message, std::size_t message_length,
     std::uint8_t const * signature
 ) {
     return 0 != ::ed25519_verify(
         signature,
         message, message_length,
-        their_key.public_key
+        their_key->public_key
     );
 }
 
 
-std::size_t olm::aes_encrypt_cbc_length(
+std::size_t _olm_crypto_aes_encrypt_cbc_length(
     std::size_t input_length
 ) {
     return input_length + AES_BLOCK_LENGTH - input_length % AES_BLOCK_LENGTH;
 }
 
 
-void olm::aes_encrypt_cbc(
+void _olm_crypto_aes_encrypt_cbc(
-    olm::Aes256Key const & key,
+    _olm_aes256_key const *key,
-    olm::Aes256Iv const & iv,
+    _olm_aes256_iv const *iv,
     std::uint8_t const * input, std::size_t input_length,
     std::uint8_t * output
 ) {
     std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
-    ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
+    ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
     std::uint8_t input_block[AES_BLOCK_LENGTH];
-    std::memcpy(input_block, iv.iv, AES_BLOCK_LENGTH);
+    std::memcpy(input_block, iv->iv, AES_BLOCK_LENGTH);
     while (input_length >= AES_BLOCK_LENGTH) {
         xor_block<AES_BLOCK_LENGTH>(input_block, input);
         ::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS);
@@ -195,17 +201,17 @@ void olm::aes_encrypt_cbc(
 }
 
 
-std::size_t olm::aes_decrypt_cbc(
+std::size_t _olm_crypto_aes_decrypt_cbc(
-    olm::Aes256Key const & key,
+    _olm_aes256_key const *key,
-    olm::Aes256Iv const & iv,
+    _olm_aes256_iv const *iv,
     std::uint8_t const * input, std::size_t input_length,
     std::uint8_t * output
 ) {
     std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
-    ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
+    ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
     std::uint8_t block1[AES_BLOCK_LENGTH];
     std::uint8_t block2[AES_BLOCK_LENGTH];
-    std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH);
+    std::memcpy(block1, iv->iv, AES_BLOCK_LENGTH);
     for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) {
         std::memcpy(block2, &input[i], AES_BLOCK_LENGTH);
         ::aes_decrypt(&input[i], &output[i], key_schedule, AES_KEY_BITS);

src/olm.cpp

@@ -442,8 +442,8 @@ size_t olm_create_outbound_session(
         from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
         return std::size_t(-1);
     }
-    olm::Curve25519PublicKey identity_key;
+    _olm_curve25519_public_key identity_key;
-    olm::Curve25519PublicKey one_time_key;
+    _olm_curve25519_public_key one_time_key;
 
     olm::decode_base64(id_key, id_key_length, identity_key.public_key);
     olm::decode_base64(ot_key, ot_key_length, one_time_key.public_key);
@@ -487,7 +487,7 @@ size_t olm_create_inbound_session_from(
         from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
         return std::size_t(-1);
     }
-    olm::Curve25519PublicKey identity_key;
+    _olm_curve25519_public_key identity_key;
     olm::decode_base64(id_key, id_key_length, identity_key.public_key);
 
     std::size_t raw_length = b64_input(
@@ -564,7 +564,7 @@ size_t olm_matches_inbound_session_from(
         from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
         return std::size_t(-1);
     }
-    olm::Curve25519PublicKey identity_key;
+    _olm_curve25519_public_key identity_key;
     olm::decode_base64(id_key, id_key_length, identity_key.public_key);
 
     std::size_t raw_length = b64_input(
@@ -720,7 +720,7 @@ size_t olm_ed25519_verify(
         from_c(utility)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
         return std::size_t(-1);
     }
-    olm::Ed25519PublicKey verify_key;
+    _olm_ed25519_public_key verify_key;
     olm::decode_base64(from_c(key), key_length, verify_key.public_key);
     std::size_t raw_signature_length = b64_input(
         from_c(signature), signature_length, from_c(utility)->last_error

src/pickle.cpp

@@ -71,7 +71,7 @@ std::uint8_t const * olm::unpickle_bytes(
 
 
 std::size_t olm::pickle_length(
-    const olm::Curve25519PublicKey & value
+    const _olm_curve25519_public_key & value
 ) {
     return sizeof(value.public_key);
 }
@@ -79,7 +79,7 @@ std::size_t olm::pickle_length(
 
 std::uint8_t * olm::pickle(
     std::uint8_t * pos,
-    const olm::Curve25519PublicKey & value
+    const _olm_curve25519_public_key & value
 ) {
     pos = olm::pickle_bytes(
         pos, value.public_key, sizeof(value.public_key)
@@ -90,7 +90,7 @@ std::uint8_t * olm::pickle(
 
 std::uint8_t const * olm::unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    olm::Curve25519PublicKey & value
+    _olm_curve25519_public_key & value
 ) {
     pos = olm::unpickle_bytes(
         pos, end, value.public_key, sizeof(value.public_key)
@@ -101,21 +101,24 @@ std::uint8_t const * olm::unpickle(
 
 
 std::size_t olm::pickle_length(
-    const olm::Curve25519KeyPair & value
+    const _olm_curve25519_key_pair & value
 ) {
-    return sizeof(value.public_key) + sizeof(value.private_key);
+    return sizeof(value.public_key.public_key)
+        + sizeof(value.private_key.private_key);
 }
 
 
 std::uint8_t * olm::pickle(
     std::uint8_t * pos,
-    const olm::Curve25519KeyPair & value
+    const _olm_curve25519_key_pair & value
 ) {
     pos = olm::pickle_bytes(
-        pos, value.public_key, sizeof(value.public_key)
+        pos, value.public_key.public_key,
+        sizeof(value.public_key.public_key)
     );
     pos = olm::pickle_bytes(
-        pos, value.private_key, sizeof(value.private_key)
+        pos, value.private_key.private_key,
+        sizeof(value.private_key.private_key)
     );
     return pos;
 }
@@ -123,19 +126,21 @@ std::uint8_t * olm::pickle(
 
 std::uint8_t const * olm::unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    olm::Curve25519KeyPair & value
+    _olm_curve25519_key_pair & value
 ) {
     pos = olm::unpickle_bytes(
-        pos, end, value.public_key, sizeof(value.public_key)
+        pos, end, value.public_key.public_key,
+        sizeof(value.public_key.public_key)
     );
     pos = olm::unpickle_bytes(
-        pos, end, value.private_key, sizeof(value.private_key)
+        pos, end, value.private_key.private_key,
+        sizeof(value.private_key.private_key)
     );
     return pos;
 }
 
 std::size_t olm::pickle_length(
-    const olm::Ed25519PublicKey & value
+    const _olm_ed25519_public_key & value
 ) {
     return sizeof(value.public_key);
 }
@@ -143,7 +148,7 @@ std::size_t olm::pickle_length(
 
 std::uint8_t * olm::pickle(
     std::uint8_t * pos,
-    const olm::Ed25519PublicKey & value
+    const _olm_ed25519_public_key & value
 ) {
     pos = olm::pickle_bytes(
         pos, value.public_key, sizeof(value.public_key)
@@ -154,7 +159,7 @@ std::uint8_t * olm::pickle(
 
 std::uint8_t const * olm::unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    olm::Ed25519PublicKey & value
+    _olm_ed25519_public_key & value
 ) {
     pos = olm::unpickle_bytes(
         pos, end, value.public_key, sizeof(value.public_key)
@@ -165,21 +170,24 @@ std::uint8_t const * olm::unpickle(
 
 
 std::size_t olm::pickle_length(
-    const olm::Ed25519KeyPair & value
+    const _olm_ed25519_key_pair & value
 ) {
-    return sizeof(value.public_key) + sizeof(value.private_key);
+    return sizeof(value.public_key.public_key)
+        + sizeof(value.private_key.private_key);
 }
 
 
 std::uint8_t * olm::pickle(
     std::uint8_t * pos,
-    const olm::Ed25519KeyPair & value
+    const _olm_ed25519_key_pair & value
 ) {
     pos = olm::pickle_bytes(
-        pos, value.public_key, sizeof(value.public_key)
+        pos, value.public_key.public_key,
+        sizeof(value.public_key.public_key)
     );
     pos = olm::pickle_bytes(
-        pos, value.private_key, sizeof(value.private_key)
+        pos, value.private_key.private_key,
+        sizeof(value.private_key.private_key)
     );
     return pos;
 }
@@ -187,13 +195,15 @@ std::uint8_t * olm::pickle(
 
 std::uint8_t const * olm::unpickle(
     std::uint8_t const * pos, std::uint8_t const * end,
-    olm::Ed25519KeyPair & value
+    _olm_ed25519_key_pair & value
 ) {
     pos = olm::unpickle_bytes(
-        pos, end, value.public_key, sizeof(value.public_key)
+        pos, end, value.public_key.public_key,
+        sizeof(value.public_key.public_key)
     );
     pos = olm::unpickle_bytes(
-        pos, end, value.private_key, sizeof(value.private_key)
+        pos, end, value.private_key.private_key,
+        sizeof(value.private_key.private_key)
     );
     return pos;
 }

src/ratchet.cpp

@@ -41,14 +41,14 @@ static const std::size_t MAX_MESSAGE_GAP = 2000;
  */
 static void create_chain_key(
     olm::SharedKey const & root_key,
-    olm::Curve25519KeyPair const & our_key,
+    _olm_curve25519_key_pair const & our_key,
-    olm::Curve25519PublicKey const & their_key,
+    _olm_curve25519_public_key const & their_key,
     olm::KdfInfo const & info,
     olm::SharedKey & new_root_key,
     olm::ChainKey & new_chain_key
 ) {
     olm::SharedKey secret;
-    olm::curve25519_shared_secret(our_key, their_key, secret);
+    _olm_crypto_curve25519_shared_secret(&our_key, &their_key, secret);
     std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
     _olm_crypto_hkdf_sha256(
         secret, sizeof(secret),
@@ -189,7 +189,7 @@ olm::Ratchet::Ratchet(
 
 void olm::Ratchet::initialise_as_bob(
     std::uint8_t const * shared_secret, std::size_t shared_secret_length,
-    olm::Curve25519PublicKey const & their_ratchet_key
+    _olm_curve25519_public_key const & their_ratchet_key
 ) {
     std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
     _olm_crypto_hkdf_sha256(
@@ -210,7 +210,7 @@ void olm::Ratchet::initialise_as_bob(
 
 void olm::Ratchet::initialise_as_alice(
     std::uint8_t const * shared_secret, std::size_t shared_secret_length,
-    olm::Curve25519KeyPair const & our_ratchet_key
+    _olm_curve25519_key_pair const & our_ratchet_key
 ) {
     std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
     _olm_crypto_hkdf_sha256(
@@ -437,7 +437,7 @@ std::size_t olm::Ratchet::encrypt(
 
     if (sender_chain.empty()) {
         sender_chain.insert();
-        olm::curve25519_generate_key(random, sender_chain[0].ratchet_key);
+        _olm_crypto_curve25519_generate_key(random, &sender_chain[0].ratchet_key);
         create_chain_key(
             root_key,
             sender_chain[0].ratchet_key,
@@ -456,7 +456,8 @@ std::size_t olm::Ratchet::encrypt(
         plaintext_length
     );
     std::uint32_t counter = keys.index;
-    Curve25519PublicKey const & ratchet_key = sender_chain[0].ratchet_key;
+    _olm_curve25519_public_key const & ratchet_key =
+        sender_chain[0].ratchet_key.public_key;
 
     olm::MessageWriter writer;
 

src/session.cpp

@@ -14,7 +14,7 @@
  */
 #include "olm/session.hh"
 #include "olm/cipher.h"
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 #include "olm/account.hh"
 #include "olm/memory.hh"
 #include "olm/message.hh"
@@ -55,8 +55,8 @@ std::size_t olm::Session::new_outbound_session_random_length() {
 
 std::size_t olm::Session::new_outbound_session(
     olm::Account const & local_account,
-    olm::Curve25519PublicKey const & identity_key,
+    _olm_curve25519_public_key const & identity_key,
-    olm::Curve25519PublicKey const & one_time_key,
+    _olm_curve25519_public_key const & one_time_key,
     std::uint8_t const * random, std::size_t random_length
 ) {
     if (random_length < new_outbound_session_random_length()) {
@@ -64,29 +64,30 @@ std::size_t olm::Session::new_outbound_session(
         return std::size_t(-1);
     }
 
-    olm::Curve25519KeyPair base_key;
+    _olm_curve25519_key_pair base_key;
-    olm::curve25519_generate_key(random, base_key);
+    _olm_crypto_curve25519_generate_key(random, &base_key);
 
-    olm::Curve25519KeyPair ratchet_key;
+    _olm_curve25519_key_pair ratchet_key;
-    olm::curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, ratchet_key);
+    _olm_crypto_curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, &ratchet_key);
 
-    olm::Curve25519KeyPair const & alice_identity_key_pair = (
+    _olm_curve25519_key_pair const & alice_identity_key_pair = (
         local_account.identity_keys.curve25519_key
     );
 
     received_message = false;
-    alice_identity_key = alice_identity_key_pair;
+    alice_identity_key = alice_identity_key_pair.public_key;
-    alice_base_key = base_key;
+    alice_base_key = base_key.public_key;
     bob_one_time_key = one_time_key;
 
     // Calculate the shared secret S via triple DH
     std::uint8_t secret[3 * CURVE25519_SHARED_SECRET_LENGTH];
     std::uint8_t * pos = secret;
-    olm::curve25519_shared_secret(alice_identity_key_pair, one_time_key, pos);
+
+    _olm_crypto_curve25519_shared_secret(&alice_identity_key_pair, &one_time_key, pos);
     pos += CURVE25519_SHARED_SECRET_LENGTH;
-    olm::curve25519_shared_secret(base_key, identity_key, pos);
+    _olm_crypto_curve25519_shared_secret(&base_key, &identity_key, pos);
     pos += CURVE25519_SHARED_SECRET_LENGTH;
-    olm::curve25519_shared_secret(base_key, one_time_key, pos);
+    _olm_crypto_curve25519_shared_secret(&base_key, &one_time_key, pos);
 
     ratchet.initialise_as_alice(secret, sizeof(secret), ratchet_key);
 
@@ -120,7 +121,7 @@ static bool check_message_fields(
 
 std::size_t olm::Session::new_inbound_session(
     olm::Account & local_account,
-    olm::Curve25519PublicKey const * their_identity_key,
+    _olm_curve25519_public_key const * their_identity_key,
     std::uint8_t const * one_time_key_message, std::size_t message_length
 ) {
     olm::PreKeyMessageReader reader;
@@ -157,7 +158,7 @@ std::size_t olm::Session::new_inbound_session(
         return std::size_t(-1);
     }
 
-    olm::Curve25519PublicKey ratchet_key;
+    _olm_curve25519_public_key ratchet_key;
     olm::load_array(ratchet_key.public_key, message_reader.ratchet_key);
 
     olm::OneTimeKey const * our_one_time_key = local_account.lookup_key(
@@ -169,19 +170,19 @@ std::size_t olm::Session::new_inbound_session(
         return std::size_t(-1);
     }
 
-    olm::Curve25519KeyPair const & bob_identity_key = (
+    _olm_curve25519_key_pair const & bob_identity_key = (
         local_account.identity_keys.curve25519_key
     );
-    olm::Curve25519KeyPair const & bob_one_time_key = our_one_time_key->key;
+    _olm_curve25519_key_pair const & bob_one_time_key = our_one_time_key->key;
 
     // Calculate the shared secret S via triple DH
     std::uint8_t secret[CURVE25519_SHARED_SECRET_LENGTH * 3];
     std::uint8_t * pos = secret;
-    olm::curve25519_shared_secret(bob_one_time_key, alice_identity_key, pos);
+    _olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_identity_key, pos);
     pos += CURVE25519_SHARED_SECRET_LENGTH;
-    olm::curve25519_shared_secret(bob_identity_key, alice_base_key, pos);
+    _olm_crypto_curve25519_shared_secret(&bob_identity_key, &alice_base_key, pos);
     pos += CURVE25519_SHARED_SECRET_LENGTH;
-    olm::curve25519_shared_secret(bob_one_time_key, alice_base_key, pos);
+    _olm_crypto_curve25519_shared_secret(&bob_one_time_key, &alice_base_key, pos);
 
     ratchet.initialise_as_bob(secret, sizeof(secret), ratchet_key);
 
@@ -214,7 +215,7 @@ std::size_t olm::Session::session_id(
 
 
 bool olm::Session::matches_inbound_session(
-    olm::Curve25519PublicKey const * their_identity_key,
+    _olm_curve25519_public_key const * their_identity_key,
     std::uint8_t const * one_time_key_message, std::size_t message_length
 ) {
     olm::PreKeyMessageReader reader;

src/utility.cpp

@@ -14,7 +14,7 @@
  */
 
 #include "olm/utility.hh"
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 
 
 olm::Utility::Utility(
@@ -41,7 +41,7 @@ size_t olm::Utility::sha256(
 
 
 size_t olm::Utility::ed25519_verify(
-    Ed25519PublicKey const & key,
+    _olm_ed25519_public_key const & key,
     std::uint8_t const * message, std::size_t message_length,
     std::uint8_t const * signature, std::size_t signature_length
 ) {
@@ -49,7 +49,7 @@ size_t olm::Utility::ed25519_verify(
         last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC;
         return std::size_t(-1);
     }
-    if (!olm::ed25519_verify(key, message, message_length, signature)) {
+    if (!_olm_crypto_ed25519_verify(&key, message, message_length, signature)) {
         last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC;
         return std::size_t(-1);
     }

tests/test_crypto.cpp

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
 
 #include "unittest.hh"
 
@@ -58,25 +58,25 @@ std::uint8_t expected_agreement[32] = {
     0x76, 0xF0, 0x9B, 0x3C, 0x1E, 0x16, 0x17, 0x42
 };
 
-olm::Curve25519KeyPair alice_pair;
+_olm_curve25519_key_pair alice_pair;
-olm::curve25519_generate_key(alice_private, alice_pair);
+_olm_crypto_curve25519_generate_key(alice_private, &alice_pair);
 
-assert_equals(alice_private, alice_pair.private_key, 32);
+assert_equals(alice_private, alice_pair.private_key.private_key, 32);
-assert_equals(alice_public, alice_pair.public_key, 32);
+assert_equals(alice_public, alice_pair.public_key.public_key, 32);
 
-olm::Curve25519KeyPair bob_pair;
+_olm_curve25519_key_pair bob_pair;
-olm::curve25519_generate_key(bob_private, bob_pair);
+_olm_crypto_curve25519_generate_key(bob_private, &bob_pair);
 
-assert_equals(bob_private, bob_pair.private_key, 32);
+assert_equals(bob_private, bob_pair.private_key.private_key, 32);
-assert_equals(bob_public, bob_pair.public_key, 32);
+assert_equals(bob_public, bob_pair.public_key.public_key, 32);
 
 std::uint8_t actual_agreement[CURVE25519_SHARED_SECRET_LENGTH] = {};
 
-olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement);
+_olm_crypto_curve25519_shared_secret(&alice_pair, &bob_pair.public_key, actual_agreement);
 
 assert_equals(expected_agreement, actual_agreement, 32);
 
-olm::curve25519_shared_secret(bob_pair, alice_pair, actual_agreement);
+_olm_crypto_curve25519_shared_secret(&bob_pair, &alice_pair.public_key, actual_agreement);
 
 assert_equals(expected_agreement, actual_agreement, 32);
 
@@ -90,22 +90,22 @@ std::uint8_t private_key[33] = "This key is a string of 32 bytes";
 std::uint8_t message[] = "Hello, World";
 std::size_t message_length = sizeof(message) - 1;
 
-olm::Ed25519KeyPair key_pair;
+_olm_ed25519_key_pair key_pair;
-olm::ed25519_generate_key(private_key, key_pair);
+_olm_crypto_ed25519_generate_key(private_key, &key_pair);
 
 std::uint8_t signature[64];
-olm::ed25519_sign(
+_olm_crypto_ed25519_sign(
-    key_pair, message, message_length, signature
+    &key_pair, message, message_length, signature
 );
 
-bool result = olm::ed25519_verify(
+bool result = _olm_crypto_ed25519_verify(
-    key_pair, message, message_length, signature
+    &key_pair.public_key, message, message_length, signature
 );
 assert_equals(true, result);
 
 message[0] = 'n';
-result = olm::ed25519_verify(
+result = _olm_crypto_ed25519_verify(
-    key_pair, message, message_length, signature
+    &key_pair.public_key, message, message_length, signature
 );
 assert_equals(false, result);
 }
@@ -115,8 +115,8 @@ assert_equals(false, result);
 
 TestCase test_case("AES Test Case 1");
 
-olm::Aes256Key key = {};
+_olm_aes256_key key = {};
-olm::Aes256Iv iv = {};
+_olm_aes256_iv iv = {};
 std::uint8_t input[16] = {};
 
 std::uint8_t expected[32] = {
@@ -126,16 +126,16 @@ std::uint8_t expected[32] = {
     0x4B, 0xAE, 0xDF, 0xFC, 0x3D, 0x21, 0x4C, 0x38
 };
 
-std::size_t length = olm::aes_encrypt_cbc_length(sizeof(input));
+std::size_t length = _olm_crypto_aes_encrypt_cbc_length(sizeof(input));
 assert_equals(std::size_t(32), length);
 
 
 std::uint8_t actual[32] = {};
 
-olm::aes_encrypt_cbc(key, iv, input, sizeof(input), actual);
+_olm_crypto_aes_encrypt_cbc(&key, &iv, input, sizeof(input), actual);
 assert_equals(expected, actual, 32);
 
-length = olm::aes_decrypt_cbc(key, iv, expected, sizeof(expected), actual);
+length = _olm_crypto_aes_decrypt_cbc(&key, &iv, expected, sizeof(expected), actual);
 assert_equals(std::size_t(16), length);
 assert_equals(input, actual, length);
 

tests/test_ratchet.cpp

@@ -32,8 +32,8 @@ _olm_cipher_aes_sha_256 cipher0 = OLM_CIPHER_INIT_AES_SHA_256(message_info);
 _olm_cipher *cipher = OLM_CIPHER_BASE(&cipher0);
 
 std::uint8_t random_bytes[] = "0123456789ABDEF0123456789ABCDEF";
-olm::Curve25519KeyPair alice_key;
+_olm_curve25519_key_pair alice_key;
-olm::curve25519_generate_key(random_bytes, alice_key);
+_olm_crypto_curve25519_generate_key(random_bytes, &alice_key);
 
 std::uint8_t shared_secret[] = "A secret";
 
@@ -44,7 +44,7 @@ olm::Ratchet alice(kdf_info, cipher);
 olm::Ratchet bob(kdf_info, cipher);
 
 alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
-bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
+bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
 
 std::uint8_t plaintext[] = "Message";
 std::size_t plaintext_length = sizeof(plaintext) - 1;
@@ -113,7 +113,7 @@ olm::Ratchet alice(kdf_info, cipher);
 olm::Ratchet bob(kdf_info, cipher);
 
 alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
-bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
+bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
 
 std::uint8_t plaintext_1[] = "First Message";
 std::size_t plaintext_1_length = sizeof(plaintext_1) - 1;
@@ -185,7 +185,7 @@ olm::Ratchet alice(kdf_info, cipher);
 olm::Ratchet bob(kdf_info, cipher);
 
 alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key);
-bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key);
+bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key);
 
 std::uint8_t plaintext[] = "These 15 bytes";
 assert_equals(std::size_t(15), sizeof(plaintext));

tests/test_session.cpp

@@ -33,12 +33,12 @@ void check_session(const olm::Session &session) {
 
     assert_equals(
         decode_hex("f77a03eaa9b301fa7d2a5aa6b50286906de12cc96044f526dbbcb12839ad7003"),
-        session.ratchet.sender_chain[0].ratchet_key.public_key, 32
+        session.ratchet.sender_chain[0].ratchet_key.public_key.public_key, 32
     );
 
     assert_equals(
         decode_hex("d945c6ed4c7c277117adf11fb133a7936d287afe97c0b3ac989644b4490d4f31"),
-        session.ratchet.sender_chain[0].ratchet_key.private_key, 32
+        session.ratchet.sender_chain[0].ratchet_key.private_key.private_key, 32
     );
 
     assert_equals(