add a test for fallback keys, and clear memory when we forget the old fallback

This commit is contained in:
Hubert Chathi 2021-11-22 17:16:37 -05:00
parent 29e0287ef3
commit 631f050554
2 changed files with 212 additions and 0 deletions

View file

@ -402,6 +402,7 @@ void olm::Account::forget_old_fallback_key(
) { ) {
if (num_fallback_keys >= 2) { if (num_fallback_keys >= 2) {
num_fallback_keys = 1; num_fallback_keys = 1;
olm::unset(&prev_fallback_key, sizeof(prev_fallback_key));
} }
} }

View file

@ -432,6 +432,217 @@ for (unsigned i = 0; i < 8; ++i) {
} }
} }
{ /** Fallback key test */
TestCase test_case("Fallback key test");
MockRandom mock_random_a('A', 0x00);
MockRandom mock_random_b('B', 0x80);
// create a and b acconuts
std::vector<std::uint8_t> a_account_buffer(::olm_account_size());
::OlmAccount *a_account = ::olm_account(a_account_buffer.data());
std::vector<std::uint8_t> a_random(::olm_create_account_random_length(a_account));
mock_random_a(a_random.data(), a_random.size());
::olm_create_account(a_account, a_random.data(), a_random.size());
std::vector<std::uint8_t> b_account_buffer(::olm_account_size());
::OlmAccount *b_account = ::olm_account(b_account_buffer.data());
std::vector<std::uint8_t> b_random(::olm_create_account_random_length(b_account));
mock_random_b(b_random.data(), b_random.size());
::olm_create_account(b_account, b_random.data(), b_random.size());
std::vector<std::uint8_t> a_id_keys(::olm_account_identity_keys_length(a_account));
::olm_account_identity_keys(a_account, a_id_keys.data(), a_id_keys.size());
std::vector<std::uint8_t> b_id_keys(::olm_account_identity_keys_length(b_account));
// create and fetch a fallback key for b
std::vector<std::uint8_t> f_random(::olm_account_generate_fallback_key_random_length(
b_account
));
mock_random_b(f_random.data(), f_random.size());
::olm_account_generate_fallback_key(b_account, f_random.data(), f_random.size());
std::vector<std::uint8_t> b_fb_key(::olm_account_unpublished_fallback_key_length(b_account));
::olm_account_identity_keys(b_account, b_id_keys.data(), b_id_keys.size());
::olm_account_unpublished_fallback_key(b_account, b_fb_key.data(), b_fb_key.size());
// start a new olm session and encrypt a message
std::vector<std::uint8_t> a_session1_buffer(::olm_session_size());
::OlmSession *a_session1 = ::olm_session(a_session1_buffer.data());
std::vector<std::uint8_t> a_rand(::olm_create_outbound_session_random_length(a_session1));
mock_random_a(a_rand.data(), a_rand.size());
assert_not_equals(std::size_t(-1), ::olm_create_outbound_session(
a_session1, a_account,
b_id_keys.data() + 15, 43, // B's curve25519 identity key
b_fb_key.data() + 25, 43, // B's curve25519 one time key
a_rand.data(), a_rand.size()
));
std::uint8_t plaintext[] = "Hello, World";
std::vector<std::uint8_t> message_1(::olm_encrypt_message_length(a_session1, 12));
std::vector<std::uint8_t> a_message_random(::olm_encrypt_random_length(a_session1));
mock_random_a(a_message_random.data(), a_message_random.size());
assert_equals(std::size_t(0), ::olm_encrypt_message_type(a_session1));
assert_not_equals(std::size_t(-1), ::olm_encrypt(
a_session1,
plaintext, 12,
a_message_random.data(), a_message_random.size(),
message_1.data(), message_1.size()
));
std::vector<std::uint8_t> tmp_message_1(message_1);
std::vector<std::uint8_t> b_session1_buffer(::olm_session_size());
::OlmSession *b_session1 = ::olm_session(b_session1_buffer.data());
::olm_create_inbound_session(
b_session1, b_account, tmp_message_1.data(), message_1.size()
);
// Check that the inbound session matches the message it was created from.
std::memcpy(tmp_message_1.data(), message_1.data(), message_1.size());
assert_equals(std::size_t(1), ::olm_matches_inbound_session(
b_session1,
tmp_message_1.data(), message_1.size()
));
// Check that the inbound session matches the key this message is supposed
// to be from.
std::memcpy(tmp_message_1.data(), message_1.data(), message_1.size());
assert_equals(std::size_t(1), ::olm_matches_inbound_session_from(
b_session1,
a_id_keys.data() + 15, 43, // A's curve125519 identity key.
tmp_message_1.data(), message_1.size()
));
// Check that the inbound session isn't from a different user.
std::memcpy(tmp_message_1.data(), message_1.data(), message_1.size());
assert_equals(std::size_t(0), ::olm_matches_inbound_session_from(
b_session1,
b_id_keys.data() + 15, 43, // B's curve25519 identity key.
tmp_message_1.data(), message_1.size()
));
// Check that we can decrypt the message.
std::memcpy(tmp_message_1.data(), message_1.data(), message_1.size());
std::vector<std::uint8_t> plaintext_1(::olm_decrypt_max_plaintext_length(
b_session1, 0, tmp_message_1.data(), message_1.size()
));
std::memcpy(tmp_message_1.data(), message_1.data(), message_1.size());
assert_equals(std::size_t(12), ::olm_decrypt(
b_session1, 0,
tmp_message_1.data(), message_1.size(),
plaintext_1.data(), plaintext_1.size()
));
assert_equals(plaintext, plaintext_1.data(), 12);
// create a new fallback key for B (the old fallback should still be usable)
mock_random_b(f_random.data(), f_random.size());
::olm_account_generate_fallback_key(b_account, f_random.data(), f_random.size());
// start another session and encrypt a message
std::vector<std::uint8_t> a_session2_buffer(::olm_session_size());
::OlmSession *a_session2 = ::olm_session(a_session2_buffer.data());
mock_random_a(a_rand.data(), a_rand.size());
assert_not_equals(std::size_t(-1), ::olm_create_outbound_session(
a_session2, a_account,
b_id_keys.data() + 15, 43, // B's curve25519 identity key
b_fb_key.data() + 25, 43, // B's curve25519 one time key
a_rand.data(), a_rand.size()
));
std::vector<std::uint8_t> message_2(::olm_encrypt_message_length(a_session2, 12));
mock_random_a(a_message_random.data(), a_message_random.size());
assert_equals(std::size_t(0), ::olm_encrypt_message_type(a_session2));
assert_not_equals(std::size_t(-1), ::olm_encrypt(
a_session2,
plaintext, 12,
a_message_random.data(), a_message_random.size(),
message_2.data(), message_2.size()
));
std::vector<std::uint8_t> tmp_message_2(message_2);
std::vector<std::uint8_t> b_session2_buffer(::olm_session_size());
::OlmSession *b_session2 = ::olm_session(b_session2_buffer.data());
assert_not_equals(std::size_t(-1), ::olm_create_inbound_session(
b_session2, b_account, tmp_message_2.data(), message_2.size()
));
// Check that the inbound session matches the message it was created from.
std::memcpy(tmp_message_2.data(), message_2.data(), message_2.size());
assert_equals(std::size_t(1), ::olm_matches_inbound_session(
b_session2,
tmp_message_2.data(), message_2.size()
));
// Check that the inbound session matches the key this message is supposed
// to be from.
std::memcpy(tmp_message_2.data(), message_2.data(), message_2.size());
assert_equals(std::size_t(1), ::olm_matches_inbound_session_from(
b_session2,
a_id_keys.data() + 15, 43, // A's curve125519 identity key.
tmp_message_2.data(), message_2.size()
));
// Check that the inbound session isn't from a different user.
std::memcpy(tmp_message_2.data(), message_2.data(), message_2.size());
assert_equals(std::size_t(0), ::olm_matches_inbound_session_from(
b_session2,
b_id_keys.data() + 15, 43, // B's curve25519 identity key.
tmp_message_2.data(), message_2.size()
));
// Check that we can decrypt the message.
std::memcpy(tmp_message_2.data(), message_2.data(), message_2.size());
std::vector<std::uint8_t> plaintext_2(::olm_decrypt_max_plaintext_length(
b_session2, 0, tmp_message_2.data(), message_2.size()
));
std::memcpy(tmp_message_2.data(), message_2.data(), message_2.size());
assert_equals(std::size_t(12), ::olm_decrypt(
b_session2, 0,
tmp_message_2.data(), message_2.size(),
plaintext_2.data(), plaintext_2.size()
));
assert_equals(plaintext, plaintext_2.data(), 12);
// forget the old fallback key -- creating a new session should fail
::olm_account_forget_old_fallback_key(b_account);
std::vector<std::uint8_t> a_session3_buffer(::olm_session_size());
::OlmSession *a_session3 = ::olm_session(a_session3_buffer.data());
mock_random_a(a_rand.data(), a_rand.size());
assert_not_equals(std::size_t(-1), ::olm_create_outbound_session(
a_session3, a_account,
b_id_keys.data() + 15, 43, // B's curve25519 identity key
b_fb_key.data() + 25, 43, // B's curve25519 one time key
a_rand.data(), a_rand.size()
));
std::vector<std::uint8_t> message_3(::olm_encrypt_message_length(a_session3, 12));
mock_random_a(a_message_random.data(), a_message_random.size());
assert_equals(std::size_t(0), ::olm_encrypt_message_type(a_session3));
assert_not_equals(std::size_t(-1), ::olm_encrypt(
a_session3,
plaintext, 12,
a_message_random.data(), a_message_random.size(),
message_3.data(), message_3.size()
));
std::vector<std::uint8_t> tmp_message_3(message_3);
std::vector<std::uint8_t> b_session3_buffer(::olm_session_size());
::OlmSession *b_session3 = ::olm_session(b_session3_buffer.data());
assert_equals(std::size_t(-1), ::olm_create_inbound_session(
b_session3, b_account, tmp_message_3.data(), message_3.size()
));
assert_equals(
std::string("BAD_MESSAGE_KEY_ID"),
std::string(::olm_session_last_error(b_session3))
);
}
{ {
TestCase test_case("Old account (v3) unpickle test"); TestCase test_case("Old account (v3) unpickle test");