Clear the random buffers once they've been used. Add methods for clearing the account and session object once they've been used
This commit is contained in:
parent
5ad929104e
commit
2e49a6f41e
2 changed files with 53 additions and 11 deletions
|
@ -61,6 +61,16 @@ const char * olm_session_last_error(
|
||||||
OlmSession * session
|
OlmSession * session
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/** Clears the memory used to back this account */
|
||||||
|
size_t olm_clear_account(
|
||||||
|
OlmSession * account
|
||||||
|
);
|
||||||
|
|
||||||
|
/** Clears the memory used to back this session */
|
||||||
|
size_t olm_clear_session(
|
||||||
|
OlmSession * session
|
||||||
|
);
|
||||||
|
|
||||||
/** Returns the number of bytes needed to store an account */
|
/** Returns the number of bytes needed to store an account */
|
||||||
size_t olm_pickle_account_length(
|
size_t olm_pickle_account_length(
|
||||||
OlmAccount * account
|
OlmAccount * account
|
||||||
|
@ -127,7 +137,7 @@ size_t olm_create_account_random_length(
|
||||||
* "NOT_ENOUGH_RANDOM" */
|
* "NOT_ENOUGH_RANDOM" */
|
||||||
size_t olm_create_account(
|
size_t olm_create_account(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
);
|
);
|
||||||
|
|
||||||
/** The size of the output buffer needed to hold the identity keys */
|
/** The size of the output buffer needed to hold the identity keys */
|
||||||
|
@ -197,7 +207,7 @@ size_t olm_account_generate_one_time_keys_random_length(
|
||||||
size_t olm_account_generate_one_time_keys(
|
size_t olm_account_generate_one_time_keys(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
size_t number_of_keys,
|
size_t number_of_keys,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
);
|
);
|
||||||
|
|
||||||
/** The number of random bytes needed to create an outbound session */
|
/** The number of random bytes needed to create an outbound session */
|
||||||
|
@ -215,7 +225,7 @@ size_t olm_create_outbound_session(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
void const * their_identity_key, size_t their_identity_key_length,
|
void const * their_identity_key, size_t their_identity_key_length,
|
||||||
void const * their_one_time_key, size_t their_one_time_key_length,
|
void const * their_one_time_key, size_t their_one_time_key_length,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
);
|
);
|
||||||
|
|
||||||
/** Create a new in-bound session for sending/receiving messages from an
|
/** Create a new in-bound session for sending/receiving messages from an
|
||||||
|
@ -282,7 +292,7 @@ size_t olm_encrypt_message_length(
|
||||||
size_t olm_encrypt(
|
size_t olm_encrypt(
|
||||||
OlmSession * session,
|
OlmSession * session,
|
||||||
void const * plaintext, size_t plaintext_length,
|
void const * plaintext, size_t plaintext_length,
|
||||||
void const * random, size_t random_length,
|
void * random, size_t random_length,
|
||||||
void * message, size_t message_length
|
void * message, size_t message_length
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
46
src/olm.cpp
46
src/olm.cpp
|
@ -17,6 +17,7 @@
|
||||||
#include "olm/account.hh"
|
#include "olm/account.hh"
|
||||||
#include "olm/base64.hh"
|
#include "olm/base64.hh"
|
||||||
#include "olm/cipher.hh"
|
#include "olm/cipher.hh"
|
||||||
|
#include "olm/memory.hh"
|
||||||
|
|
||||||
#include <new>
|
#include <new>
|
||||||
#include <cstring>
|
#include <cstring>
|
||||||
|
@ -213,6 +214,7 @@ size_t olm_session_size() {
|
||||||
OlmAccount * olm_account(
|
OlmAccount * olm_account(
|
||||||
void * memory
|
void * memory
|
||||||
) {
|
) {
|
||||||
|
olm::unset(memory, sizeof(olm::Account));
|
||||||
return to_c(new(memory) olm::Account());
|
return to_c(new(memory) olm::Account());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -220,10 +222,33 @@ OlmAccount * olm_account(
|
||||||
OlmSession * olm_session(
|
OlmSession * olm_session(
|
||||||
void * memory
|
void * memory
|
||||||
) {
|
) {
|
||||||
|
olm::unset(memory, sizeof(olm::Session));
|
||||||
return to_c(new(memory) olm::Session());
|
return to_c(new(memory) olm::Session());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
size_t olm_clear_account(
|
||||||
|
OlmSession * account
|
||||||
|
) {
|
||||||
|
/* Clear the memory backing the account */
|
||||||
|
olm::unset(account, sizeof(olm::Account));
|
||||||
|
/* Initialise a fresh account object in case someone tries to use it */
|
||||||
|
new(account) olm::Account();
|
||||||
|
return sizeof(olm::Account);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
size_t olm_clear_session(
|
||||||
|
OlmSession * session
|
||||||
|
) {
|
||||||
|
/* Clear the memory backing the session */
|
||||||
|
olm::unset(session, sizeof(olm::Session));
|
||||||
|
/* Initialise a fresh session object in case someone tries to use it */
|
||||||
|
new(session) olm::Session();
|
||||||
|
return sizeof(olm::Session);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
size_t olm_pickle_account_length(
|
size_t olm_pickle_account_length(
|
||||||
OlmAccount * account
|
OlmAccount * account
|
||||||
) {
|
) {
|
||||||
|
@ -336,9 +361,11 @@ size_t olm_create_account_random_length(
|
||||||
|
|
||||||
size_t olm_create_account(
|
size_t olm_create_account(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
) {
|
) {
|
||||||
return from_c(account)->new_account(from_c(random), random_length);
|
size_t result = from_c(account)->new_account(from_c(random), random_length);
|
||||||
|
olm::unset(random, random_length);
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -427,12 +454,14 @@ size_t olm_account_generate_one_time_keys_random_length(
|
||||||
size_t olm_account_generate_one_time_keys(
|
size_t olm_account_generate_one_time_keys(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
size_t number_of_keys,
|
size_t number_of_keys,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
) {
|
) {
|
||||||
return from_c(account)->generate_one_time_keys(
|
size_t result = from_c(account)->generate_one_time_keys(
|
||||||
number_of_keys,
|
number_of_keys,
|
||||||
from_c(random), random_length
|
from_c(random), random_length
|
||||||
);
|
);
|
||||||
|
olm::unset(random, random_length);
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -448,7 +477,7 @@ size_t olm_create_outbound_session(
|
||||||
OlmAccount * account,
|
OlmAccount * account,
|
||||||
void const * their_identity_key, size_t their_identity_key_length,
|
void const * their_identity_key, size_t their_identity_key_length,
|
||||||
void const * their_one_time_key, size_t their_one_time_key_length,
|
void const * their_one_time_key, size_t their_one_time_key_length,
|
||||||
void const * random, size_t random_length
|
void * random, size_t random_length
|
||||||
) {
|
) {
|
||||||
if (olm::decode_base64_length(their_identity_key_length) != 32
|
if (olm::decode_base64_length(their_identity_key_length) != 32
|
||||||
|| olm::decode_base64_length(their_one_time_key_length) != 32
|
|| olm::decode_base64_length(their_one_time_key_length) != 32
|
||||||
|
@ -468,10 +497,12 @@ size_t olm_create_outbound_session(
|
||||||
one_time_key.public_key
|
one_time_key.public_key
|
||||||
);
|
);
|
||||||
|
|
||||||
return from_c(session)->new_outbound_session(
|
size_t result = from_c(session)->new_outbound_session(
|
||||||
*from_c(account), identity_key, one_time_key,
|
*from_c(account), identity_key, one_time_key,
|
||||||
from_c(random), random_length
|
from_c(random), random_length
|
||||||
);
|
);
|
||||||
|
olm::unset(random, random_length);
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -550,7 +581,7 @@ size_t olm_encrypt_message_length(
|
||||||
size_t olm_encrypt(
|
size_t olm_encrypt(
|
||||||
OlmSession * session,
|
OlmSession * session,
|
||||||
void const * plaintext, size_t plaintext_length,
|
void const * plaintext, size_t plaintext_length,
|
||||||
void const * random, size_t random_length,
|
void * random, size_t random_length,
|
||||||
void * message, size_t message_length
|
void * message, size_t message_length
|
||||||
) {
|
) {
|
||||||
std::size_t raw_length = from_c(session)->encrypt_message_length(
|
std::size_t raw_length = from_c(session)->encrypt_message_length(
|
||||||
|
@ -566,6 +597,7 @@ size_t olm_encrypt(
|
||||||
from_c(random), random_length,
|
from_c(random), random_length,
|
||||||
b64_output_pos(from_c(message), raw_length), raw_length
|
b64_output_pos(from_c(message), raw_length), raw_length
|
||||||
);
|
);
|
||||||
|
olm::unset(random, random_length);
|
||||||
return b64_output(from_c(message), raw_length);
|
return b64_output(from_c(message), raw_length);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue