use visibility annotation rather than version file with CMake

2021-09-16 13:41:11 -04:00 · 2021-09-16 13:41:11 -04:00 · 72b8bf5334
commit 72b8bf5334
parent 904e80b75f
15 changed files with 264 additions and 177 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -21,6 +21,9 @@ if(NOT CMAKE_BUILD_TYPE)
    set(CMAKE_BUILD_TYPE Release)
 endif()
 set(CMAKE_CXX_VISIBILITY_PRESET hidden)
 set(CMAKE_VISIBILITY_INLINES_HIDDEN 1)
 add_library(olm
    src/account.cpp
    src/base64.cpp
@ -49,8 +52,9 @@ add_library(olm
 add_library(Olm::Olm ALIAS olm)
 # restrict the exported symbols
-set(CMAKE_SHARED_LINKER_FLAGS ${CMAKE_SHARED_LINKER_FLAGS} -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/libolm.version)
+include(GenerateExportHeader)
-set_target_properties(olm PROPERTIES LINK_DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/libolm.version)
+generate_export_header(olm
  EXPORT_FILE_NAME ${CMAKE_CURRENT_SOURCE_DIR}/include/olm/olm_export.h)
 target_include_directories(olm
    PUBLIC
--- a/include/olm/base64.h
+++ b/include/olm/base64.h
@ -22,6 +22,10 @@
 #include <stddef.h>
 #include <stdint.h>
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -30,7 +34,7 @@ extern "C" {
 /**
 * The number of bytes of unpadded base64 needed to encode a length of input.
 */
-size_t _olm_encode_base64_length(
+OLM_EXPORT size_t _olm_encode_base64_length(
    size_t input_length
 );
@ -42,7 +46,7 @@ size_t _olm_encode_base64_length(
 *
 * Returns number of bytes encoded
 */
-size_t _olm_encode_base64(
+OLM_EXPORT size_t _olm_encode_base64(
    uint8_t const * input, size_t input_length,
    uint8_t * output
 );
@ -51,7 +55,7 @@ size_t _olm_encode_base64(
 * The number of bytes of raw data a length of unpadded base64 will encode to.
 * Returns size_t(-1) if the length is not a valid length for base64.
 */
-size_t _olm_decode_base64_length(
+OLM_EXPORT size_t _olm_decode_base64_length(
    size_t input_length
 );
@ -63,7 +67,7 @@ size_t _olm_decode_base64_length(
 *
 * Returns number of bytes decoded
 */
-size_t _olm_decode_base64(
+OLM_EXPORT size_t _olm_decode_base64(
    uint8_t const * input, size_t input_length,
    uint8_t * output
 );
--- a/include/olm/base64.hh
+++ b/include/olm/base64.hh
@ -18,12 +18,16 @@
 #include <cstddef>
 #include <cstdint>
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 namespace olm {
 /**
 * The number of bytes of unpadded base64 needed to encode a length of input.
 */
-std::size_t encode_base64_length(
+OLM_EXPORT std::size_t encode_base64_length(
    std::size_t input_length
 );
@ -33,7 +37,7 @@ std::size_t encode_base64_length(
 * The input can overlap with the last three quarters of the output buffer.
 * That is, the input pointer may be output + output_length - input_length.
 */
-std::uint8_t * encode_base64(
+OLM_EXPORT std::uint8_t * encode_base64(
    std::uint8_t const * input, std::size_t input_length,
    std::uint8_t * output
 );
@ -42,7 +46,7 @@ std::uint8_t * encode_base64(
 * The number of bytes of raw data a length of unpadded base64 will encode to.
 * Returns std::size_t(-1) if the length is not a valid length for base64.
 */
-std::size_t decode_base64_length(
+OLM_EXPORT std::size_t decode_base64_length(
    std::size_t input_length
 );
@ -56,7 +60,7 @@ std::size_t decode_base64_length(
 * input length supplied is not a valid length for base64, returns
 * std::size_t(-1) and does not decode.
 */
-std::size_t decode_base64(
+OLM_EXPORT std::size_t decode_base64(
    std::uint8_t const * input, std::size_t input_length,
    std::uint8_t * output
 );
--- a/include/olm/cipher.h
+++ b/include/olm/cipher.h
@ -19,6 +19,10 @@
 #include <stdint.h>
 #include <stdlib.h>
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -111,7 +115,7 @@ struct _olm_cipher_aes_sha_256 {
    size_t kdf_info_length;
 };
-extern const struct _olm_cipher_ops _olm_cipher_aes_sha_256_ops;
+OLM_EXPORT extern const struct _olm_cipher_ops _olm_cipher_aes_sha_256_ops;
 /**
 * get an initializer for an instance of struct _olm_cipher_aes_sha_256.
--- a/include/olm/crypto.h
+++ b/include/olm/crypto.h
@ -20,6 +20,10 @@
 #ifndef OLM_CRYPTO_H_
 #define OLM_CRYPTO_H_
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 #include <stdint.h>
 #include <stdlib.h>
@ -94,13 +98,13 @@ struct _olm_ed25519_key_pair {
 /** The length of output the aes_encrypt_cbc function will write */
-size_t _olm_crypto_aes_encrypt_cbc_length(
+OLM_EXPORT size_t _olm_crypto_aes_encrypt_cbc_length(
    size_t input_length
 );
 /** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
 * The output buffer must be big enough to hold the output including padding */
-void _olm_crypto_aes_encrypt_cbc(
+OLM_EXPORT void _olm_crypto_aes_encrypt_cbc(
    const struct _olm_aes256_key *key,
    const struct _olm_aes256_iv *iv,
    const uint8_t *input, size_t input_length,
@ -111,7 +115,7 @@ void _olm_crypto_aes_encrypt_cbc(
 * least the same size as the input buffer. Returns the length of the plaintext
 * without padding on success or std::size_t(-1) if the padding is invalid.
 */
-size_t _olm_crypto_aes_decrypt_cbc(
+OLM_EXPORT size_t _olm_crypto_aes_decrypt_cbc(
    const struct _olm_aes256_key *key,
    const struct _olm_aes256_iv *iv,
    uint8_t const * input, size_t input_length,
@ -121,7 +125,7 @@ size_t _olm_crypto_aes_decrypt_cbc(
 /** Computes SHA-256 of the input. The output buffer must be a least
 * SHA256_OUTPUT_LENGTH (32) bytes long. */
-void _olm_crypto_sha256(
+OLM_EXPORT void _olm_crypto_sha256(
    uint8_t const * input, size_t input_length,
    uint8_t * output
 );
@ -130,7 +134,7 @@ void _olm_crypto_sha256(
 * http://tools.ietf.org/html/rfc2104
 * Computes HMAC-SHA-256 of the input for the key. The output buffer must
 * be at least SHA256_OUTPUT_LENGTH (32) bytes long. */
-void _olm_crypto_hmac_sha256(
+OLM_EXPORT void _olm_crypto_hmac_sha256(
    uint8_t const * key, size_t key_length,
    uint8_t const * input, size_t input_length,
    uint8_t * output
@ -140,7 +144,7 @@ void _olm_crypto_hmac_sha256(
 /** HMAC-based Key Derivation Function (HKDF)
 * https://tools.ietf.org/html/rfc5869
 * Derives key material from the input bytes. */
-void _olm_crypto_hkdf_sha256(
+OLM_EXPORT void _olm_crypto_hkdf_sha256(
    uint8_t const * input, size_t input_length,
    uint8_t const * info, size_t info_length,
    uint8_t const * salt, size_t salt_length,
@ -151,7 +155,7 @@ void _olm_crypto_hkdf_sha256(
 /** Generate a curve25519 key pair
 * random_32_bytes should be CURVE25519_RANDOM_LENGTH (32) bytes long.
 */
-void _olm_crypto_curve25519_generate_key(
+OLM_EXPORT void _olm_crypto_curve25519_generate_key(
    uint8_t const * random_32_bytes,
    struct _olm_curve25519_key_pair *output
 );
@ -160,7 +164,7 @@ void _olm_crypto_curve25519_generate_key(
 /** Create a shared secret using our private key and their public key.
 * The output buffer must be at least CURVE25519_SHARED_SECRET_LENGTH (32) bytes long.
 */
-void _olm_crypto_curve25519_shared_secret(
+OLM_EXPORT void _olm_crypto_curve25519_shared_secret(
    const struct _olm_curve25519_key_pair *our_key,
    const struct _olm_curve25519_public_key *their_key,
    uint8_t * output
@ -169,7 +173,7 @@ void _olm_crypto_curve25519_shared_secret(
 /** Generate an ed25519 key pair
 * random_32_bytes should be ED25519_RANDOM_LENGTH (32) bytes long.
 */
-void _olm_crypto_ed25519_generate_key(
+OLM_EXPORT void _olm_crypto_ed25519_generate_key(
    uint8_t const * random_bytes,
    struct _olm_ed25519_key_pair *output
 );
@ -178,7 +182,7 @@ void _olm_crypto_ed25519_generate_key(
 *
 * The output buffer must be at least ED25519_SIGNATURE_LENGTH (64) bytes
 * long. */
-void _olm_crypto_ed25519_sign(
+OLM_EXPORT void _olm_crypto_ed25519_sign(
    const struct _olm_ed25519_key_pair *our_key,
    const uint8_t * message, size_t message_length,
    uint8_t * output
@ -187,7 +191,7 @@ void _olm_crypto_ed25519_sign(
 /** Verify an ed25519 signature
 * The signature input buffer must be ED25519_SIGNATURE_LENGTH (64) bytes long.
 * Returns non-zero if the signature is valid. */
-int _olm_crypto_ed25519_verify(
+OLM_EXPORT int _olm_crypto_ed25519_verify(
    const struct _olm_ed25519_public_key *their_key,
    const uint8_t * message, size_t message_length,
    const uint8_t * signature
--- a/include/olm/inbound_group_session.h
+++ b/include/olm/inbound_group_session.h
@ -20,6 +20,8 @@
 #include "olm/error.h"
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -27,38 +29,38 @@ extern "C" {
 typedef struct OlmInboundGroupSession OlmInboundGroupSession;
 /** get the size of an inbound group session, in bytes. */
-size_t olm_inbound_group_session_size(void);
+OLM_EXPORT size_t olm_inbound_group_session_size(void);
 /**
 * Initialise an inbound group session object using the supplied memory
 * The supplied memory should be at least olm_inbound_group_session_size()
 * bytes.
 */
-OlmInboundGroupSession * olm_inbound_group_session(
+OLM_EXPORT OlmInboundGroupSession * olm_inbound_group_session(
    void *memory
 );
 /**
 * A null terminated string describing the most recent error to happen to a
 * group session */
-const char *olm_inbound_group_session_last_error(
+OLM_EXPORT const char *olm_inbound_group_session_last_error(
    const OlmInboundGroupSession *session
 );
 /**
 * An error code describing the most recent error to happen to a group
 * session */
-enum OlmErrorCode olm_inbound_group_session_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_inbound_group_session_last_error_code(
    const OlmInboundGroupSession *session
 );
 /** Clears the memory used to back this group session */
-size_t olm_clear_inbound_group_session(
+OLM_EXPORT size_t olm_clear_inbound_group_session(
    OlmInboundGroupSession *session
 );
 /** Returns the number of bytes needed to store an inbound group session */
-size_t olm_pickle_inbound_group_session_length(
+OLM_EXPORT size_t olm_pickle_inbound_group_session_length(
    const OlmInboundGroupSession *session
 );
@ -70,7 +72,7 @@ size_t olm_pickle_inbound_group_session_length(
 * is smaller than olm_pickle_inbound_group_session_length() then
 * olm_inbound_group_session_last_error() will be "OUTPUT_BUFFER_TOO_SMALL"
 */
-size_t olm_pickle_inbound_group_session(
+OLM_EXPORT size_t olm_pickle_inbound_group_session(
    OlmInboundGroupSession *session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -86,7 +88,7 @@ size_t olm_pickle_inbound_group_session(
 * olm_inbound_group_session_last_error() will be "INVALID_BASE64". The input
 * pickled buffer is destroyed
 */
-size_t olm_unpickle_inbound_group_session(
+OLM_EXPORT size_t olm_unpickle_inbound_group_session(
    OlmInboundGroupSession *session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -103,7 +105,7 @@ size_t olm_unpickle_inbound_group_session(
 *  * OLM_INVALID_BASE64  if the session_key is not valid base64
 *  * OLM_BAD_SESSION_KEY if the session_key is invalid
 */
-size_t olm_init_inbound_group_session(
+OLM_EXPORT size_t olm_init_inbound_group_session(
    OlmInboundGroupSession *session,
    /* base64-encoded keys */
    uint8_t const * session_key, size_t session_key_length
@ -118,7 +120,7 @@ size_t olm_init_inbound_group_session(
 *  * OLM_INVALID_BASE64  if the session_key is not valid base64
 *  * OLM_BAD_SESSION_KEY if the session_key is invalid
 */
-size_t olm_import_inbound_group_session(
+OLM_EXPORT size_t olm_import_inbound_group_session(
    OlmInboundGroupSession *session,
    /* base64-encoded keys; note that it will be overwritten with the base64-decoded
       data. */
@ -135,7 +137,7 @@ size_t olm_import_inbound_group_session(
 *
 * Returns olm_error() on failure.
 */
-size_t olm_group_decrypt_max_plaintext_length(
+OLM_EXPORT size_t olm_group_decrypt_max_plaintext_length(
    OlmInboundGroupSession *session,
    uint8_t * message, size_t message_length
 );
@ -159,7 +161,7 @@ size_t olm_group_decrypt_max_plaintext_length(
 *     message's index (ie, it was sent before the session key was shared with
 *     us)
 */
-size_t olm_group_decrypt(
+OLM_EXPORT size_t olm_group_decrypt(
    OlmInboundGroupSession *session,
    /* input; note that it will be overwritten with the base64-decoded
@ -175,7 +177,7 @@ size_t olm_group_decrypt(
 /**
 * Get the number of bytes returned by olm_inbound_group_session_id()
 */
-size_t olm_inbound_group_session_id_length(
+OLM_EXPORT size_t olm_inbound_group_session_id_length(
    const OlmInboundGroupSession *session
 );
@ -187,7 +189,7 @@ size_t olm_inbound_group_session_id_length(
 * last_error will be OUTPUT_BUFFER_TOO_SMALL if the id buffer was too
 * small.
 */
-size_t olm_inbound_group_session_id(
+OLM_EXPORT size_t olm_inbound_group_session_id(
    OlmInboundGroupSession *session,
    uint8_t * id, size_t id_length
 );
@ -195,7 +197,7 @@ size_t olm_inbound_group_session_id(
 /**
 * Get the first message index we know how to decrypt.
 */
-uint32_t olm_inbound_group_session_first_known_index(
+OLM_EXPORT uint32_t olm_inbound_group_session_first_known_index(
    const OlmInboundGroupSession *session
 );
@ -208,14 +210,14 @@ uint32_t olm_inbound_group_session_first_known_index(
 *
 * This is mainly intended for the unit tests, currently.
 */
-int olm_inbound_group_session_is_verified(
+OLM_EXPORT int olm_inbound_group_session_is_verified(
    const OlmInboundGroupSession *session
 );
 /**
 * Get the number of bytes returned by olm_export_inbound_group_session()
 */
-size_t olm_export_inbound_group_session_length(
+OLM_EXPORT size_t olm_export_inbound_group_session_length(
    const OlmInboundGroupSession *session
 );
@ -231,7 +233,7 @@ size_t olm_export_inbound_group_session_length(
 *     given index (ie, it was sent before the session key was shared with
 *     us)
 */
-size_t olm_export_inbound_group_session(
+OLM_EXPORT size_t olm_export_inbound_group_session(
    OlmInboundGroupSession *session,
    uint8_t * key, size_t key_length, uint32_t message_index
 );
--- a/include/olm/message.h
+++ b/include/olm/message.h
@ -27,6 +27,10 @@
 #include <stdint.h>
 #include <stddef.h>
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -34,7 +38,7 @@ extern "C" {
 /**
 * The length of the buffer needed to hold a group message.
 */
-size_t _olm_encode_group_message_length(
+OLM_EXPORT size_t _olm_encode_group_message_length(
    uint32_t chain_index,
    size_t ciphertext_length,
    size_t mac_length,
@ -55,7 +59,7 @@ size_t _olm_encode_group_message_length(
 *
 * Returns the size of the message, up to the MAC.
 */
-size_t _olm_encode_group_message(
+OLM_EXPORT size_t _olm_encode_group_message(
    uint8_t version,
    uint32_t message_index,
    size_t ciphertext_length,
@ -76,7 +80,7 @@ struct _OlmDecodeGroupMessageResults {
 /**
 * Reads the message headers from the input buffer.
 */
-void _olm_decode_group_message(
+OLM_EXPORT void _olm_decode_group_message(
    const uint8_t *input, size_t input_length,
    size_t mac_length, size_t signature_length,
--- a/include/olm/message.hh
+++ b/include/olm/message.hh
@ -27,13 +27,16 @@
 #include <cstddef>
 #include <cstdint>
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 namespace olm {
 /**
 * The length of the buffer needed to hold a message.
 */
-std::size_t encode_message_length(
+OLM_EXPORT std::size_t encode_message_length(
    std::uint32_t counter,
    std::size_t ratchet_key_length,
    std::size_t ciphertext_length,
@ -61,7 +64,7 @@ struct MessageReader {
 * Writes the message headers into the output buffer.
 * Populates the writer struct with pointers into the output buffer.
 */
-void encode_message(
+OLM_EXPORT void encode_message(
    MessageWriter & writer,
    std::uint8_t version,
    std::uint32_t counter,
@ -75,7 +78,7 @@ void encode_message(
 * Reads the message headers from the input buffer.
 * Populates the reader struct with pointers into the input buffer.
 */
-void decode_message(
+OLM_EXPORT void decode_message(
    MessageReader & reader,
    std::uint8_t const * input, std::size_t input_length,
    std::size_t mac_length
--- a/include/olm/olm.h
+++ b/include/olm/olm.h
@ -23,6 +23,8 @@
 #include "olm/inbound_group_session.h"
 #include "olm/outbound_group_session.h"
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -37,93 +39,93 @@ typedef struct OlmUtility OlmUtility;
 /** Get the version number of the library.
 * Arguments will be updated if non-null.
 */
-void olm_get_library_version(uint8_t *major, uint8_t *minor, uint8_t *patch);
+OLM_EXPORT void olm_get_library_version(uint8_t *major, uint8_t *minor, uint8_t *patch);
 /** The size of an account object in bytes */
-size_t olm_account_size(void);
+OLM_EXPORT size_t olm_account_size(void);
 /** The size of a session object in bytes */
-size_t olm_session_size(void);
+OLM_EXPORT size_t olm_session_size(void);
 /** The size of a utility object in bytes */
-size_t olm_utility_size(void);
+OLM_EXPORT size_t olm_utility_size(void);
 /** Initialise an account object using the supplied memory
 *  The supplied memory must be at least olm_account_size() bytes */
-OlmAccount * olm_account(
+OLM_EXPORT OlmAccount * olm_account(
    void * memory
 );
 /** Initialise a session object using the supplied memory
 *  The supplied memory must be at least olm_session_size() bytes */
-OlmSession * olm_session(
+OLM_EXPORT OlmSession * olm_session(
    void * memory
 );
 /** Initialise a utility object using the supplied memory
 *  The supplied memory must be at least olm_utility_size() bytes */
-OlmUtility * olm_utility(
+OLM_EXPORT OlmUtility * olm_utility(
    void * memory
 );
 /** The value that olm will return from a function if there was an error */
-size_t olm_error(void);
+OLM_EXPORT size_t olm_error(void);
 /** A null terminated string describing the most recent error to happen to an
 * account */
-const char * olm_account_last_error(
+OLM_EXPORT const char * olm_account_last_error(
    OlmAccount const * account
 );
 /** An error code describing the most recent error to happen to an account */
-enum OlmErrorCode olm_account_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_account_last_error_code(
    OlmAccount const * account
 );
 /** A null terminated string describing the most recent error to happen to a
 * session */
-const char * olm_session_last_error(
+OLM_EXPORT const char * olm_session_last_error(
    OlmSession const * session
 );
 /** An error code describing the most recent error to happen to a session */
-enum OlmErrorCode olm_session_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_session_last_error_code(
    OlmSession const * session
 );
 /** A null terminated string describing the most recent error to happen to a
 * utility */
-const char * olm_utility_last_error(
+OLM_EXPORT const char * olm_utility_last_error(
    OlmUtility const * utility
 );
 /** An error code describing the most recent error to happen to a utility */
-enum OlmErrorCode olm_utility_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_utility_last_error_code(
    OlmUtility const * utility
 );
 /** Clears the memory used to back this account */
-size_t olm_clear_account(
+OLM_EXPORT size_t olm_clear_account(
    OlmAccount * account
 );
 /** Clears the memory used to back this session */
-size_t olm_clear_session(
+OLM_EXPORT size_t olm_clear_session(
    OlmSession * session
 );
 /** Clears the memory used to back this utility */
-size_t olm_clear_utility(
+OLM_EXPORT size_t olm_clear_utility(
    OlmUtility * utility
 );
 /** Returns the number of bytes needed to store an account */
-size_t olm_pickle_account_length(
+OLM_EXPORT size_t olm_pickle_account_length(
    OlmAccount const * account
 );
 /** Returns the number of bytes needed to store a session */
-size_t olm_pickle_session_length(
+OLM_EXPORT size_t olm_pickle_session_length(
    OlmSession const * session
 );
@ -132,7 +134,7 @@ size_t olm_pickle_session_length(
 * Returns olm_error() on failure. If the pickle output buffer
 * is smaller than olm_pickle_account_length() then
 * olm_account_last_error() will be "OUTPUT_BUFFER_TOO_SMALL" */
-size_t olm_pickle_account(
+OLM_EXPORT size_t olm_pickle_account(
    OlmAccount * account,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -143,7 +145,7 @@ size_t olm_pickle_account(
 * Returns olm_error() on failure. If the pickle output buffer
 * is smaller than olm_pickle_session_length() then
 * olm_session_last_error() will be "OUTPUT_BUFFER_TOO_SMALL" */
-size_t olm_pickle_session(
+OLM_EXPORT size_t olm_pickle_session(
    OlmSession * session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -155,7 +157,7 @@ size_t olm_pickle_session(
 * will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded then
 * olm_account_last_error() will be "INVALID_BASE64". The input pickled
 * buffer is destroyed */
-size_t olm_unpickle_account(
+OLM_EXPORT size_t olm_unpickle_account(
    OlmAccount * account,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -167,27 +169,27 @@ size_t olm_unpickle_account(
 * will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded then
 * olm_session_last_error() will be "INVALID_BASE64". The input pickled
 * buffer is destroyed */
-size_t olm_unpickle_session(
+OLM_EXPORT size_t olm_unpickle_session(
    OlmSession * session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
 );
 /** The number of random bytes needed to create an account.*/
-size_t olm_create_account_random_length(
+OLM_EXPORT size_t olm_create_account_random_length(
    OlmAccount const * account
 );
 /** Creates a new account. Returns olm_error() on failure. If there weren't
 * enough random bytes then olm_account_last_error() will be
 * "NOT_ENOUGH_RANDOM" */
-size_t olm_create_account(
+OLM_EXPORT size_t olm_create_account(
    OlmAccount * account,
    void * random, size_t random_length
 );
 /** The size of the output buffer needed to hold the identity keys */
-size_t olm_account_identity_keys_length(
+OLM_EXPORT size_t olm_account_identity_keys_length(
    OlmAccount const * account
 );
@ -195,28 +197,28 @@ size_t olm_account_identity_keys_length(
 * identity_keys output buffer. Returns olm_error() on failure. If the
 * identity_keys buffer was too small then olm_account_last_error() will be
 * "OUTPUT_BUFFER_TOO_SMALL". */
-size_t olm_account_identity_keys(
+OLM_EXPORT size_t olm_account_identity_keys(
    OlmAccount * account,
    void * identity_keys, size_t identity_key_length
 );
 /** The length of an ed25519 signature encoded as base64. */
-size_t olm_account_signature_length(
+OLM_EXPORT size_t olm_account_signature_length(
    OlmAccount const * account
 );
 /** Signs a message with the ed25519 key for this account. Returns olm_error()
 * on failure. If the signature buffer was too small then
 * olm_account_last_error() will be "OUTPUT_BUFFER_TOO_SMALL" */
-size_t olm_account_sign(
+OLM_EXPORT size_t olm_account_sign(
    OlmAccount * account,
    void const * message, size_t message_length,
    void * signature, size_t signature_length
 );
 /** The size of the output buffer needed to hold the one time keys */
-size_t olm_account_one_time_keys_length(
+OLM_EXPORT size_t olm_account_one_time_keys_length(
    OlmAccount const * account
 );
@ -238,24 +240,24 @@ size_t olm_account_one_time_keys_length(
 * <p>
 * If the one_time_keys buffer was too small then olm_account_last_error()
 * will be "OUTPUT_BUFFER_TOO_SMALL". */
-size_t olm_account_one_time_keys(
+OLM_EXPORT size_t olm_account_one_time_keys(
    OlmAccount * account,
    void * one_time_keys, size_t one_time_keys_length
 );
 /** Marks the current set of one time keys as being published. */
-size_t olm_account_mark_keys_as_published(
+OLM_EXPORT size_t olm_account_mark_keys_as_published(
    OlmAccount * account
 );
 /** The largest number of one time keys this account can store. */
-size_t olm_account_max_number_of_one_time_keys(
+OLM_EXPORT size_t olm_account_max_number_of_one_time_keys(
    OlmAccount const * account
 );
 /** The number of random bytes needed to generate a given number of new one
 * time keys. */
-size_t olm_account_generate_one_time_keys_random_length(
+OLM_EXPORT size_t olm_account_generate_one_time_keys_random_length(
    OlmAccount const * account,
    size_t number_of_keys
 );
@ -264,39 +266,39 @@ size_t olm_account_generate_one_time_keys_random_length(
 * by this account exceeds max_number_of_one_time_keys() then the old keys are
 * discarded. Returns olm_error() on error. If the number of random bytes is
 * too small then olm_account_last_error() will be "NOT_ENOUGH_RANDOM". */
-size_t olm_account_generate_one_time_keys(
+OLM_EXPORT size_t olm_account_generate_one_time_keys(
    OlmAccount * account,
    size_t number_of_keys,
    void * random, size_t random_length
 );
 /** The number of random bytes needed to generate a fallback key. */
-size_t olm_account_generate_fallback_key_random_length(
+OLM_EXPORT size_t olm_account_generate_fallback_key_random_length(
    OlmAccount const * account
 );
 /** Generates a new fallback key. Only one previous fallback key is
 * stored. Returns olm_error() on error. If the number of random bytes is too
 * small then olm_account_last_error() will be "NOT_ENOUGH_RANDOM". */
-size_t olm_account_generate_fallback_key(
+OLM_EXPORT size_t olm_account_generate_fallback_key(
    OlmAccount * account,
    void * random, size_t random_length
 );
 /** The number of bytes needed to hold the fallback key as returned by
 * olm_account_fallback_key. */
-size_t olm_account_fallback_key_length(
+OLM_EXPORT size_t olm_account_fallback_key_length(
    OlmAccount const * account
 );
-size_t olm_account_fallback_key(
+OLM_EXPORT size_t olm_account_fallback_key(
    OlmAccount * account,
    void * fallback_key, size_t fallback_key_size
 );
 /** The number of random bytes needed to create an outbound session */
-size_t olm_create_outbound_session_random_length(
+OLM_EXPORT size_t olm_create_outbound_session_random_length(
    OlmSession const * session
 );
@ -305,7 +307,7 @@ size_t olm_create_outbound_session_random_length(
 * decoded as base64 then olm_session_last_error() will be "INVALID_BASE64"
 * If there weren't enough random bytes then olm_session_last_error() will
 * be "NOT_ENOUGH_RANDOM". */
-size_t olm_create_outbound_session(
+OLM_EXPORT size_t olm_create_outbound_session(
    OlmSession * session,
    OlmAccount const * account,
    void const * their_identity_key, size_t their_identity_key_length,
@ -321,7 +323,7 @@ size_t olm_create_outbound_session(
 * couldn't be decoded then olm_session_last_error() will be
 * "BAD_MESSAGE_FORMAT". If the message refers to an unknown one time
 * key then olm_session_last_error() will be "BAD_MESSAGE_KEY_ID". */
-size_t olm_create_inbound_session(
+OLM_EXPORT size_t olm_create_inbound_session(
    OlmSession * session,
    OlmAccount * account,
    void * one_time_key_message, size_t message_length
@ -330,7 +332,7 @@ size_t olm_create_inbound_session(
 /** Same as olm_create_inbound_session, but ensures that the identity key
 * in the pre-key message matches the expected identity key, supplied via the
 * `their_identity_key` parameter. Fails early if there is no match. */
-size_t olm_create_inbound_session_from(
+OLM_EXPORT size_t olm_create_inbound_session_from(
    OlmSession * session,
    OlmAccount * account,
    void const * their_identity_key, size_t their_identity_key_length,
@ -338,19 +340,19 @@ size_t olm_create_inbound_session_from(
 );
 /** The length of the buffer needed to return the id for this session. */
-size_t olm_session_id_length(
+OLM_EXPORT size_t olm_session_id_length(
    OlmSession const * session
 );
 /** An identifier for this session. Will be the same for both ends of the
 * conversation. If the id buffer is too small then olm_session_last_error()
 * will be "OUTPUT_BUFFER_TOO_SMALL". */
-size_t olm_session_id(
+OLM_EXPORT size_t olm_session_id(
    OlmSession * session,
    void * id, size_t id_length
 );
-int olm_session_has_received_message(
+OLM_EXPORT int olm_session_has_received_message(
    OlmSession const *session
 );
@ -358,7 +360,7 @@ int olm_session_has_received_message(
 * Write a null-terminated string describing the internal state of an olm
 * session to the buffer provided for debugging and logging purposes.
 */
-void olm_session_describe(OlmSession * session, char *buf, size_t buflen);
+OLM_EXPORT void olm_session_describe(OlmSession * session, char *buf, size_t buflen);
 /** Checks if the PRE_KEY message is for this in-bound session. This can happen
 * if multiple messages are sent to this account before this account sends a
@ -369,7 +371,7 @@ void olm_session_describe(OlmSession * session, char *buf, size_t buflen);
 * unsupported protocol version then olm_session_last_error() will be
 * "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then
 * olm_session_last_error() will be "BAD_MESSAGE_FORMAT". */
-size_t olm_matches_inbound_session(
+OLM_EXPORT size_t olm_matches_inbound_session(
    OlmSession * session,
    void * one_time_key_message, size_t message_length
 );
@ -383,7 +385,7 @@ size_t olm_matches_inbound_session(
 * unsupported protocol version then olm_session_last_error() will be
 * "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then
 * olm_session_last_error() will be "BAD_MESSAGE_FORMAT". */
-size_t olm_matches_inbound_session_from(
+OLM_EXPORT size_t olm_matches_inbound_session_from(
    OlmSession * session,
    void const * their_identity_key, size_t their_identity_key_length,
    void * one_time_key_message, size_t message_length
@ -392,7 +394,7 @@ size_t olm_matches_inbound_session_from(
 /** Removes the one time keys that the session used from the account. Returns
 * olm_error() on failure. If the account doesn't have any matching one time
 * keys then olm_account_last_error() will be "BAD_MESSAGE_KEY_ID". */
-size_t olm_remove_one_time_keys(
+OLM_EXPORT size_t olm_remove_one_time_keys(
    OlmAccount * account,
    OlmSession * session
 );
@ -401,18 +403,18 @@ size_t olm_remove_one_time_keys(
 * OLM_MESSAGE_TYPE_PRE_KEY if the message will be a PRE_KEY message.
 * Returns OLM_MESSAGE_TYPE_MESSAGE if the message will be a normal message.
 * Returns olm_error on failure. */
-size_t olm_encrypt_message_type(
+OLM_EXPORT size_t olm_encrypt_message_type(
    OlmSession const * session
 );
 /** The number of random bytes needed to encrypt the next message. */
-size_t olm_encrypt_random_length(
+OLM_EXPORT size_t olm_encrypt_random_length(
    OlmSession const * session
 );
 /** The size of the next message in bytes for the given number of plain-text
 * bytes. */
-size_t olm_encrypt_message_length(
+OLM_EXPORT size_t olm_encrypt_message_length(
    OlmSession const * session,
    size_t plaintext_length
 );
@ -423,7 +425,7 @@ size_t olm_encrypt_message_length(
 * olm_session_last_error() will be "OUTPUT_BUFFER_TOO_SMALL". If there
 * weren't enough random bytes then olm_session_last_error() will be
 * "NOT_ENOUGH_RANDOM". */
-size_t olm_encrypt(
+OLM_EXPORT size_t olm_encrypt(
    OlmSession * session,
    void const * plaintext, size_t plaintext_length,
    void * random, size_t random_length,
@ -438,7 +440,7 @@ size_t olm_encrypt(
 * protocol then olm_session_last_error() will be "BAD_MESSAGE_VERSION".
 * If the message couldn't be decoded then olm_session_last_error() will be
 * "BAD_MESSAGE_FORMAT". */
-size_t olm_decrypt_max_plaintext_length(
+OLM_EXPORT size_t olm_decrypt_max_plaintext_length(
    OlmSession * session,
    size_t message_type,
    void * message, size_t message_length
@ -455,7 +457,7 @@ size_t olm_decrypt_max_plaintext_length(
 * olm_session_last_error() will be BAD_MESSAGE_FORMAT".
 * If the MAC on the message was invalid then olm_session_last_error() will
 * be "BAD_MESSAGE_MAC". */
-size_t olm_decrypt(
+OLM_EXPORT size_t olm_decrypt(
    OlmSession * session,
    size_t message_type,
    void * message, size_t message_length,
@ -463,14 +465,14 @@ size_t olm_decrypt(
 );
 /** The length of the buffer needed to hold the SHA-256 hash. */
-size_t olm_sha256_length(
+OLM_EXPORT size_t olm_sha256_length(
   OlmUtility const * utility
 );
 /** Calculates the SHA-256 hash of the input and encodes it as base64. If the
 * output buffer is smaller than olm_sha256_length() then
 * olm_utility_last_error() will be "OUTPUT_BUFFER_TOO_SMALL". */
-size_t olm_sha256(
+OLM_EXPORT size_t olm_sha256(
    OlmUtility * utility,
    void const * input, size_t input_length,
    void * output, size_t output_length
@ -479,7 +481,7 @@ size_t olm_sha256(
 /** Verify an ed25519 signature. If the key was too small then
 * olm_utility_last_error() will be "INVALID_BASE64". If the signature was invalid
 * then olm_utility_last_error() will be "BAD_MESSAGE_MAC". */
-size_t olm_ed25519_verify(
+OLM_EXPORT size_t olm_ed25519_verify(
    OlmUtility * utility,
    void const * key, size_t key_length,
    void const * message, size_t message_length,
--- a/include/olm/olm_export.h
+++ b/include/olm/olm_export.h
@ -0,0 +1,42 @@
 #ifndef OLM_EXPORT_H
 #define OLM_EXPORT_H
 #ifdef OLM_STATIC_DEFINE
 #  define OLM_EXPORT
 #  define OLM_NO_EXPORT
 #else
 #  ifndef OLM_EXPORT
 #    ifdef olm_EXPORTS
        /* We are building this library */
 #      define OLM_EXPORT __attribute__((visibility("default")))
 #    else
        /* We are using this library */
 #      define OLM_EXPORT __attribute__((visibility("default")))
 #    endif
 #  endif
 #  ifndef OLM_NO_EXPORT
 #    define OLM_NO_EXPORT __attribute__((visibility("hidden")))
 #  endif
 #endif
 #ifndef OLM_DEPRECATED
 #  define OLM_DEPRECATED __attribute__ ((__deprecated__))
 #endif
 #ifndef OLM_DEPRECATED_EXPORT
 #  define OLM_DEPRECATED_EXPORT OLM_EXPORT OLM_DEPRECATED
 #endif
 #ifndef OLM_DEPRECATED_NO_EXPORT
 #  define OLM_DEPRECATED_NO_EXPORT OLM_NO_EXPORT OLM_DEPRECATED
 #endif
 #if 0 /* DEFINE_NO_DEPRECATED */
 #  ifndef OLM_NO_DEPRECATED
 #    define OLM_NO_DEPRECATED
 #  endif
 #endif
 #endif /* OLM_EXPORT_H */
--- a/include/olm/outbound_group_session.h
+++ b/include/olm/outbound_group_session.h
@ -20,6 +20,8 @@
 #include "olm/error.h"
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -27,38 +29,38 @@ extern "C" {
 typedef struct OlmOutboundGroupSession OlmOutboundGroupSession;
 /** get the size of an outbound group session, in bytes. */
-size_t olm_outbound_group_session_size(void);
+OLM_EXPORT size_t olm_outbound_group_session_size(void);
 /**
 * Initialise an outbound group session object using the supplied memory
 * The supplied memory should be at least olm_outbound_group_session_size()
 * bytes.
 */
-OlmOutboundGroupSession * olm_outbound_group_session(
+OLM_EXPORT OlmOutboundGroupSession * olm_outbound_group_session(
    void *memory
 );
 /**
 * A null terminated string describing the most recent error to happen to a
 * group session */
-const char *olm_outbound_group_session_last_error(
+OLM_EXPORT const char *olm_outbound_group_session_last_error(
    const OlmOutboundGroupSession *session
 );
 /**
 * An error code describing the most recent error to happen to a group
 * session */
-enum OlmErrorCode olm_outbound_group_session_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_outbound_group_session_last_error_code(
    const OlmOutboundGroupSession *session
 );
 /** Clears the memory used to back this group session */
-size_t olm_clear_outbound_group_session(
+OLM_EXPORT size_t olm_clear_outbound_group_session(
    OlmOutboundGroupSession *session
 );
 /** Returns the number of bytes needed to store an outbound group session */
-size_t olm_pickle_outbound_group_session_length(
+OLM_EXPORT size_t olm_pickle_outbound_group_session_length(
    const OlmOutboundGroupSession *session
 );
@ -70,7 +72,7 @@ size_t olm_pickle_outbound_group_session_length(
 * is smaller than olm_pickle_outbound_group_session_length() then
 * olm_outbound_group_session_last_error() will be "OUTPUT_BUFFER_TOO_SMALL"
 */
-size_t olm_pickle_outbound_group_session(
+OLM_EXPORT size_t olm_pickle_outbound_group_session(
    OlmOutboundGroupSession *session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -86,7 +88,7 @@ size_t olm_pickle_outbound_group_session(
 * olm_outbound_group_session_last_error() will be "INVALID_BASE64". The input
 * pickled buffer is destroyed
 */
-size_t olm_unpickle_outbound_group_session(
+OLM_EXPORT size_t olm_unpickle_outbound_group_session(
    OlmOutboundGroupSession *session,
    void const * key, size_t key_length,
    void * pickled, size_t pickled_length
@ -94,7 +96,7 @@ size_t olm_unpickle_outbound_group_session(
 /** The number of random bytes needed to create an outbound group session */
-size_t olm_init_outbound_group_session_random_length(
+OLM_EXPORT size_t olm_init_outbound_group_session_random_length(
    const OlmOutboundGroupSession *session
 );
@ -103,7 +105,7 @@ size_t olm_init_outbound_group_session_random_length(
 * failure last_error will be set with an error code. The last_error will be
 * NOT_ENOUGH_RANDOM if the number of random bytes was too small.
 */
-size_t olm_init_outbound_group_session(
+OLM_EXPORT size_t olm_init_outbound_group_session(
    OlmOutboundGroupSession *session,
    uint8_t *random, size_t random_length
 );
@ -111,7 +113,7 @@ size_t olm_init_outbound_group_session(
 /**
 * The number of bytes that will be created by encrypting a message
 */
-size_t olm_group_encrypt_message_length(
+OLM_EXPORT size_t olm_group_encrypt_message_length(
    OlmOutboundGroupSession *session,
    size_t plaintext_length
 );
@ -122,7 +124,7 @@ size_t olm_group_encrypt_message_length(
 * error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if the output
 * buffer is too small.
 */
-size_t olm_group_encrypt(
+OLM_EXPORT size_t olm_group_encrypt(
    OlmOutboundGroupSession *session,
    uint8_t const * plaintext, size_t plaintext_length,
    uint8_t * message, size_t message_length
@ -132,7 +134,7 @@ size_t olm_group_encrypt(
 /**
 * Get the number of bytes returned by olm_outbound_group_session_id()
 */
-size_t olm_outbound_group_session_id_length(
+OLM_EXPORT size_t olm_outbound_group_session_id_length(
    const OlmOutboundGroupSession *session
 );
@ -144,7 +146,7 @@ size_t olm_outbound_group_session_id_length(
 * last_error will be OUTPUT_BUFFER_TOO_SMALL if the id buffer was too
 * small.
 */
-size_t olm_outbound_group_session_id(
+OLM_EXPORT size_t olm_outbound_group_session_id(
    OlmOutboundGroupSession *session,
    uint8_t * id, size_t id_length
 );
@ -155,14 +157,14 @@ size_t olm_outbound_group_session_id(
 * Each message is sent with an increasing index; this returns the index for
 * the next message.
 */
-uint32_t olm_outbound_group_session_message_index(
+OLM_EXPORT uint32_t olm_outbound_group_session_message_index(
    OlmOutboundGroupSession *session
 );
 /**
 * Get the number of bytes returned by olm_outbound_group_session_key()
 */
-size_t olm_outbound_group_session_key_length(
+OLM_EXPORT size_t olm_outbound_group_session_key_length(
    const OlmOutboundGroupSession *session
 );
@ -176,7 +178,7 @@ size_t olm_outbound_group_session_key_length(
 * failure. On failure last_error will be set with an error code. The
 * last_error will be OUTPUT_BUFFER_TOO_SMALL if the buffer was too small.
 */
-size_t olm_outbound_group_session_key(
+OLM_EXPORT size_t olm_outbound_group_session_key(
    OlmOutboundGroupSession *session,
    uint8_t * key, size_t key_length
 );
--- a/include/olm/pk.h
+++ b/include/olm/pk.h
@ -21,6 +21,8 @@
 #include "olm/error.h"
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -28,54 +30,54 @@ extern "C" {
 typedef struct OlmPkEncryption OlmPkEncryption;
 /* The size of an encryption object in bytes */
-size_t olm_pk_encryption_size(void);
+OLM_EXPORT size_t olm_pk_encryption_size(void);
 /** Initialise an encryption object using the supplied memory
 *  The supplied memory must be at least olm_pk_encryption_size() bytes */
-OlmPkEncryption *olm_pk_encryption(
+OLM_EXPORT OlmPkEncryption *olm_pk_encryption(
    void * memory
 );
 /** A null terminated string describing the most recent error to happen to an
 * encryption object */
-const char * olm_pk_encryption_last_error(
+OLM_EXPORT const char * olm_pk_encryption_last_error(
    const OlmPkEncryption * encryption
 );
 /** An error code describing the most recent error to happen to an encryption
 * object */
-enum OlmErrorCode olm_pk_encryption_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_pk_encryption_last_error_code(
    const OlmPkEncryption * encryption
 );
 /** Clears the memory used to back this encryption object */
-size_t olm_clear_pk_encryption(
+OLM_EXPORT size_t olm_clear_pk_encryption(
    OlmPkEncryption *encryption
 );
 /** Set the recipient's public key for encrypting to */
-size_t olm_pk_encryption_set_recipient_key(
+OLM_EXPORT size_t olm_pk_encryption_set_recipient_key(
    OlmPkEncryption *encryption,
    void const *public_key, size_t public_key_length
 );
 /** Get the length of the ciphertext that will correspond to a plaintext of the
 * given length. */
-size_t olm_pk_ciphertext_length(
+OLM_EXPORT size_t olm_pk_ciphertext_length(
    const OlmPkEncryption *encryption,
    size_t plaintext_length
 );
 /** Get the length of the message authentication code. */
-size_t olm_pk_mac_length(
+OLM_EXPORT size_t olm_pk_mac_length(
    const OlmPkEncryption *encryption
 );
 /** Get the length of a public or ephemeral key */
-size_t olm_pk_key_length(void);
+OLM_EXPORT size_t olm_pk_key_length(void);
 /** The number of random bytes needed to encrypt a message. */
-size_t olm_pk_encrypt_random_length(
+OLM_EXPORT size_t olm_pk_encrypt_random_length(
    const OlmPkEncryption *encryption
 );
@ -89,7 +91,7 @@ size_t olm_pk_encrypt_random_length(
 * ephemeral_key buffers were too small then olm_pk_encryption_last_error()
 * will be "OUTPUT_BUFFER_TOO_SMALL". If there weren't enough random bytes then
 * olm_pk_encryption_last_error() will be "OLM_INPUT_BUFFER_TOO_SMALL". */
-size_t olm_pk_encrypt(
+OLM_EXPORT size_t olm_pk_encrypt(
    OlmPkEncryption *encryption,
    void const * plaintext, size_t plaintext_length,
    void * ciphertext, size_t ciphertext_length,
@ -101,38 +103,38 @@ size_t olm_pk_encrypt(
 typedef struct OlmPkDecryption OlmPkDecryption;
 /* The size of a decryption object in bytes */
-size_t olm_pk_decryption_size(void);
+OLM_EXPORT size_t olm_pk_decryption_size(void);
 /** Initialise a decryption object using the supplied memory
 *  The supplied memory must be at least olm_pk_decryption_size() bytes */
-OlmPkDecryption *olm_pk_decryption(
+OLM_EXPORT OlmPkDecryption *olm_pk_decryption(
    void * memory
 );
 /** A null terminated string describing the most recent error to happen to a
 * decription object */
-const char * olm_pk_decryption_last_error(
+OLM_EXPORT const char * olm_pk_decryption_last_error(
    const OlmPkDecryption * decryption
 );
 /** An error code describing the most recent error to happen to a decription
 * object */
-enum OlmErrorCode olm_pk_decryption_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_pk_decryption_last_error_code(
    const OlmPkDecryption * decryption
 );
 /** Clears the memory used to back this decryption object */
-size_t olm_clear_pk_decryption(
+OLM_EXPORT size_t olm_clear_pk_decryption(
    OlmPkDecryption *decryption
 );
 /** Get the number of bytes required to store an olm private key
 */
-size_t olm_pk_private_key_length(void);
+OLM_EXPORT size_t olm_pk_private_key_length(void);
 /** DEPRECATED: Use olm_pk_private_key_length()
 */
-size_t olm_pk_generate_key_random_length(void);
+OLM_EXPORT size_t olm_pk_generate_key_random_length(void);
 /** Initialise the key from the private part of a key as returned by
 * olm_pk_get_private_key(). The associated public key will be written to the
@ -144,7 +146,7 @@ size_t olm_pk_generate_key_random_length(void);
 * Note that the pubkey is a base64 encoded string, but the private key is
 * an unencoded byte array
 */
-size_t olm_pk_key_from_private(
+OLM_EXPORT size_t olm_pk_key_from_private(
    OlmPkDecryption * decryption,
    void * pubkey, size_t pubkey_length,
    const void * privkey, size_t privkey_length
@ -152,14 +154,14 @@ size_t olm_pk_key_from_private(
 /** DEPRECATED: Use olm_pk_key_from_private
 */
-size_t olm_pk_generate_key(
+OLM_EXPORT size_t olm_pk_generate_key(
    OlmPkDecryption * decryption,
    void * pubkey, size_t pubkey_length,
    const void * privkey, size_t privkey_length
 );
 /** Returns the number of bytes needed to store a decryption object. */
-size_t olm_pickle_pk_decryption_length(
+OLM_EXPORT size_t olm_pickle_pk_decryption_length(
    const OlmPkDecryption * decryption
 );
@ -168,7 +170,7 @@ size_t olm_pickle_pk_decryption_length(
 * Returns olm_error() on failure. If the pickle output buffer
 * is smaller than olm_pickle_pk_decryption_length() then
 * olm_pk_decryption_last_error() will be "OUTPUT_BUFFER_TOO_SMALL" */
-size_t olm_pickle_pk_decryption(
+OLM_EXPORT size_t olm_pickle_pk_decryption(
    OlmPkDecryption * decryption,
    void const * key, size_t key_length,
    void *pickled, size_t pickled_length
@ -181,7 +183,7 @@ size_t olm_pickle_pk_decryption(
 * will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded then
 * olm_pk_decryption_last_error() will be "INVALID_BASE64". The input pickled
 * buffer is destroyed */
-size_t olm_unpickle_pk_decryption(
+OLM_EXPORT size_t olm_unpickle_pk_decryption(
    OlmPkDecryption * decryption,
    void const * key, size_t key_length,
    void *pickled, size_t pickled_length,
@ -190,7 +192,7 @@ size_t olm_unpickle_pk_decryption(
 /** Get the length of the plaintext that will correspond to a ciphertext of the
 * given length. */
-size_t olm_pk_max_plaintext_length(
+OLM_EXPORT size_t olm_pk_max_plaintext_length(
    const OlmPkDecryption * decryption,
    size_t ciphertext_length
 );
@ -200,7 +202,7 @@ size_t olm_pk_max_plaintext_length(
 * arguments. Returns the length of the plaintext on success. Returns
 * olm_error() on failure. If the plaintext buffer is too small then
 * olm_pk_encryption_last_error() will be "OUTPUT_BUFFER_TOO_SMALL". */
-size_t olm_pk_decrypt(
+OLM_EXPORT size_t olm_pk_decrypt(
    OlmPkDecryption * decryption,
    void const * ephemeral_key, size_t ephemeral_key_length,
    void const * mac, size_t mac_length,
@ -216,7 +218,7 @@ size_t olm_pk_decrypt(
 * and olm_pk_encryption_last_error() will be "OUTPUT_BUFFER_TOO_SMALL".
 * Returns the number of bytes written.
 */
-size_t olm_pk_get_private_key(
+OLM_EXPORT size_t olm_pk_get_private_key(
    OlmPkDecryption * decryption,
    void *private_key, size_t private_key_length
 );
@ -224,28 +226,28 @@ size_t olm_pk_get_private_key(
 typedef struct OlmPkSigning OlmPkSigning;
 /* The size of a signing object in bytes */
-size_t olm_pk_signing_size(void);
+OLM_EXPORT size_t olm_pk_signing_size(void);
 /** Initialise a signing object using the supplied memory
 *  The supplied memory must be at least olm_pk_signing_size() bytes */
-OlmPkSigning *olm_pk_signing(
+OLM_EXPORT OlmPkSigning *olm_pk_signing(
    void * memory
 );
 /** A null terminated string describing the most recent error to happen to a
 * signing object */
-const char * olm_pk_signing_last_error(
+OLM_EXPORT const char * olm_pk_signing_last_error(
    const OlmPkSigning * sign
 );
 /** A null terminated string describing the most recent error to happen to a
 * signing object */
-enum OlmErrorCode olm_pk_signing_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_pk_signing_last_error_code(
    const OlmPkSigning * sign
 );
 /** Clears the memory used to back this signing object */
-size_t olm_clear_pk_signing(
+OLM_EXPORT size_t olm_clear_pk_signing(
    OlmPkSigning *sign
 );
@ -257,7 +259,7 @@ size_t olm_clear_pk_signing(
 * buffer is too small then olm_pk_signing_last_error() will be
 * "INPUT_BUFFER_TOO_SMALL".
 */
-size_t olm_pk_signing_key_from_seed(
+OLM_EXPORT size_t olm_pk_signing_key_from_seed(
    OlmPkSigning * sign,
    void * pubkey, size_t pubkey_length,
    const void * seed, size_t seed_length
@ -266,24 +268,24 @@ size_t olm_pk_signing_key_from_seed(
 /**
 * The size required for the seed for initialising a signing object.
 */
-size_t olm_pk_signing_seed_length(void);
+OLM_EXPORT size_t olm_pk_signing_seed_length(void);
 /**
 * The size of the public key of a signing object.
 */
-size_t olm_pk_signing_public_key_length(void);
+OLM_EXPORT size_t olm_pk_signing_public_key_length(void);
 /**
 * The size of a signature created by a signing object.
 */
-size_t olm_pk_signature_length(void);
+OLM_EXPORT size_t olm_pk_signature_length(void);
 /**
 * Sign a message. The signature will be written to the signature
 * buffer. Returns olm_error() on failure. If the signature buffer is too
 * small, olm_pk_signing_last_error() will be "OUTPUT_BUFFER_TOO_SMALL".
 */
-size_t olm_pk_sign(
+OLM_EXPORT size_t olm_pk_sign(
    OlmPkSigning *sign,
    uint8_t const * message, size_t message_length,
    uint8_t * signature, size_t signature_length
--- a/include/olm/ratchet.hh
+++ b/include/olm/ratchet.hh
@ -19,6 +19,10 @@
 #include "olm/list.hh"
 #include "olm/error.h"
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 struct _olm_cipher;
 namespace olm {
@ -72,7 +76,7 @@ struct KdfInfo {
 };
-struct Ratchet {
+struct OLM_EXPORT Ratchet {
    Ratchet(
        KdfInfo const & kdf_info,
--- a/include/olm/sas.h
+++ b/include/olm/sas.h
@ -21,6 +21,8 @@
 #include "olm/error.h"
 #include "olm/olm_export.h"
 #ifdef __cplusplus
 extern "C" {
 #endif
@ -35,32 +37,32 @@ typedef struct OlmSAS OlmSAS;
 /** A null terminated string describing the most recent error to happen to an
 * SAS object. */
-const char * olm_sas_last_error(
+OLM_EXPORT const char * olm_sas_last_error(
    const OlmSAS * sas
 );
 /** An error code describing the most recent error to happen to an SAS
 * object. */
-enum OlmErrorCode olm_sas_last_error_code(
+OLM_EXPORT enum OlmErrorCode olm_sas_last_error_code(
    const OlmSAS * sas
 );
 /** The size of an SAS object in bytes. */
-size_t olm_sas_size(void);
+OLM_EXPORT size_t olm_sas_size(void);
 /** Initialize an SAS object using the supplied memory.
 * The supplied memory must be at least `olm_sas_size()` bytes. */
-OlmSAS * olm_sas(
+OLM_EXPORT OlmSAS * olm_sas(
    void * memory
 );
 /** Clears the memory used to back an SAS object. */
-size_t olm_clear_sas(
+OLM_EXPORT size_t olm_clear_sas(
    OlmSAS * sas
 );
 /** The number of random bytes needed to create an SAS object. */
-size_t olm_create_sas_random_length(
+OLM_EXPORT size_t olm_create_sas_random_length(
    const OlmSAS * sas
 );
@ -75,13 +77,13 @@ size_t olm_create_sas_random_length(
 * @return `olm_error()` on failure.  If there weren't enough random bytes then
 * `olm_sas_last_error()` will be `NOT_ENOUGH_RANDOM`.
 */
-size_t olm_create_sas(
+OLM_EXPORT size_t olm_create_sas(
    OlmSAS * sas,
    void * random, size_t random_length
 );
 /** The size of a public key in bytes. */
-size_t olm_sas_pubkey_length(const OlmSAS * sas);
+OLM_EXPORT size_t olm_sas_pubkey_length(const OlmSAS * sas);
 /** Get the public key for the SAS object.
 *
@ -93,7 +95,7 @@ size_t olm_sas_pubkey_length(const OlmSAS * sas);
 * @return `olm_error()` on failure.  If the `pubkey` buffer is too small, then
 * `olm_sas_last_error()` will be `OUTPUT_BUFFER_TOO_SMALL`.
 */
-size_t olm_sas_get_pubkey(
+OLM_EXPORT size_t olm_sas_get_pubkey(
    OlmSAS * sas,
    void * pubkey, size_t pubkey_length
 );
@ -108,7 +110,7 @@ size_t olm_sas_get_pubkey(
 * @return `olm_error()` on failure.  If the `their_key` buffer is too small,
 * then `olm_sas_last_error()` will be `INPUT_BUFFER_TOO_SMALL`.
 */
-size_t olm_sas_set_their_key(
+OLM_EXPORT size_t olm_sas_set_their_key(
    OlmSAS *sas,
    void * their_key, size_t their_key_length
 );
@ -118,7 +120,7 @@ size_t olm_sas_set_their_key(
 * @param[in] sas the SAS object.
 *
 */
-int olm_sas_is_their_key_set(
+OLM_EXPORT int olm_sas_is_their_key_set(
    const OlmSAS *sas
 );
@ -135,7 +137,7 @@ int olm_sas_is_their_key_set(
 * @return `olm_error()` on failure. If their key wasn't set then
 * `olm_sas_last_error()` will be `SAS_THEIR_KEY_NOT_SET`.
 */
-size_t olm_sas_generate_bytes(
+OLM_EXPORT size_t olm_sas_generate_bytes(
    OlmSAS * sas,
    const void * info, size_t info_length,
    void * output, size_t output_length
@ -143,7 +145,7 @@ size_t olm_sas_generate_bytes(
 /** The size of the message authentication code generated by
 * olm_sas_calculate_mac()`. */
-size_t olm_sas_mac_length(
+OLM_EXPORT size_t olm_sas_mac_length(
    const OlmSAS *sas
 );
@ -162,7 +164,7 @@ size_t olm_sas_mac_length(
 * @return `olm_error()` on failure.  If the `mac` buffer is too small, then
 * `olm_sas_last_error()` will be `OUTPUT_BUFFER_TOO_SMALL`.
 */
-size_t olm_sas_calculate_mac(
+OLM_EXPORT size_t olm_sas_calculate_mac(
    OlmSAS * sas,
    const void * input, size_t input_length,
    const void * info, size_t info_length,
@ -171,7 +173,7 @@ size_t olm_sas_calculate_mac(
 // A version of the calculate mac function that produces base64 strings that are
 // compatible with other base64 implementations.
-size_t olm_sas_calculate_mac_fixed_base64(
+OLM_EXPORT size_t olm_sas_calculate_mac_fixed_base64(
    OlmSAS * sas,
    const void * input, size_t input_length,
    const void * info, size_t info_length,
@ -179,7 +181,7 @@ size_t olm_sas_calculate_mac_fixed_base64(
 );
 // for compatibility with an old version of Riot
-size_t olm_sas_calculate_mac_long_kdf(
+OLM_EXPORT size_t olm_sas_calculate_mac_long_kdf(
    OlmSAS * sas,
    const void * input, size_t input_length,
    const void * info, size_t info_length,
--- a/include/olm/session.hh
+++ b/include/olm/session.hh
@ -17,6 +17,10 @@
 #include "olm/ratchet.hh"
 // Note: exports in this file are only for unit tests.  Nobody else should be
 // using this externally
 #include "olm/olm_export.h"
 namespace olm {
 struct Account;
@ -26,7 +30,7 @@ enum struct MessageType {
    MESSAGE = 1,
 };
-struct Session {
+struct OLM_EXPORT Session {
    Session();
@ -153,7 +157,7 @@ std::uint8_t * pickle(
 );
-std::uint8_t const * unpickle(
+OLM_EXPORT std::uint8_t const * unpickle(
    std::uint8_t const * pos, std::uint8_t const * end,
    Session & value
 );