Merge pull request #13 from matrix-org/rav/split_out_key_lengths

Create new constants for key lengths, etc
This commit is contained in:
Richard van der Hoff 2016-09-05 10:36:43 +01:00 committed by GitHub
commit 9d16d82089
11 changed files with 103 additions and 68 deletions

View file

@ -27,7 +27,36 @@
extern "C" { extern "C" {
#endif #endif
const size_t SHA256_OUTPUT_LENGTH = 32; /** length of a sha256 hash */
#define SHA256_OUTPUT_LENGTH 32
/** length of a public or private Curve25519 key */
#define CURVE25519_KEY_LENGTH 32
/** length of the shared secret created by a Curve25519 ECDH operation */
#define CURVE25519_SHARED_SECRET_LENGTH 32
/** amount of random data required to create a Curve25519 keypair */
#define CURVE25519_RANDOM_LENGTH CURVE25519_KEY_LENGTH
/** length of a public Ed25519 key */
#define ED25519_PUBLIC_KEY_LENGTH 32
/** length of a private Ed25519 key */
#define ED25519_PRIVATE_KEY_LENGTH 64
/** amount of random data required to create a Ed25519 keypair */
#define ED25519_RANDOM_LENGTH 32
/** length of an Ed25519 signature */
#define ED25519_SIGNATURE_LENGTH 64
/** length of an aes256 key */
#define AES256_KEY_LENGTH 32
/** length of an aes256 initialisation vector */
#define AES256_IV_LENGTH 16
/** Computes SHA-256 of the input. The output buffer must be a least 32 /** Computes SHA-256 of the input. The output buffer must be a least 32
* bytes long. */ * bytes long. */

View file

@ -25,23 +25,18 @@
namespace olm { namespace olm {
static const std::size_t ED25519_PRIVATE_KEY_LENGTH = 64;
static const std::size_t KEY_LENGTH = 32;
static const std::size_t SIGNATURE_LENGTH = 64;
static const std::size_t IV_LENGTH = 16;
struct Curve25519PublicKey { struct Curve25519PublicKey {
std::uint8_t public_key[KEY_LENGTH]; std::uint8_t public_key[CURVE25519_KEY_LENGTH];
}; };
struct Curve25519KeyPair : public Curve25519PublicKey { struct Curve25519KeyPair : public Curve25519PublicKey {
std::uint8_t private_key[KEY_LENGTH]; std::uint8_t private_key[CURVE25519_KEY_LENGTH];
}; };
struct Ed25519PublicKey { struct Ed25519PublicKey {
std::uint8_t public_key[KEY_LENGTH]; std::uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH];
}; };
@ -93,12 +88,12 @@ bool ed25519_verify(
struct Aes256Key { struct Aes256Key {
std::uint8_t key[KEY_LENGTH]; std::uint8_t key[AES256_KEY_LENGTH];
}; };
struct Aes256Iv { struct Aes256Iv {
std::uint8_t iv[IV_LENGTH]; std::uint8_t iv[AES256_IV_LENGTH];
}; };

View file

@ -21,8 +21,13 @@ struct _olm_cipher;
namespace olm { namespace olm {
typedef std::uint8_t SharedKey[olm::KEY_LENGTH]; /** length of a shared key: the root key R(i), chain key C(i,j), and message key
* M(i,j)). They are all only used to stuff into HMACs, so could be any length
* for that. The chain key and message key are both derived from SHA256
* operations, so their length is determined by that. */
const std::size_t OLM_SHARED_KEY_LENGTH = SHA256_OUTPUT_LENGTH;
typedef std::uint8_t SharedKey[OLM_SHARED_KEY_LENGTH];
struct ChainKey { struct ChainKey {
std::uint32_t index; std::uint32_t index;

View file

@ -49,7 +49,7 @@ std::size_t olm::Account::remove_key(
} }
std::size_t olm::Account::new_account_random_length() { std::size_t olm::Account::new_account_random_length() {
return 2 * olm::KEY_LENGTH; return ED25519_RANDOM_LENGTH + CURVE25519_RANDOM_LENGTH;
} }
std::size_t olm::Account::new_account( std::size_t olm::Account::new_account(
@ -61,7 +61,7 @@ std::size_t olm::Account::new_account(
} }
olm::ed25519_generate_key(random, identity_keys.ed25519_key); olm::ed25519_generate_key(random, identity_keys.ed25519_key);
random += KEY_LENGTH; random += ED25519_RANDOM_LENGTH;
olm::curve25519_generate_key(random, identity_keys.curve25519_key); olm::curve25519_generate_key(random, identity_keys.curve25519_key);
return 0; return 0;
@ -137,7 +137,7 @@ std::size_t olm::Account::get_identity_json(
std::size_t olm::Account::signature_length( std::size_t olm::Account::signature_length(
) { ) {
return olm::SIGNATURE_LENGTH; return ED25519_SIGNATURE_LENGTH;
} }
@ -238,7 +238,7 @@ std::size_t olm::Account::max_number_of_one_time_keys(
std::size_t olm::Account::generate_one_time_keys_random_length( std::size_t olm::Account::generate_one_time_keys_random_length(
std::size_t number_of_keys std::size_t number_of_keys
) { ) {
return olm::KEY_LENGTH * number_of_keys; return CURVE25519_RANDOM_LENGTH * number_of_keys;
} }
std::size_t olm::Account::generate_one_time_keys( std::size_t olm::Account::generate_one_time_keys(
@ -254,7 +254,7 @@ std::size_t olm::Account::generate_one_time_keys(
key.id = ++next_one_time_key_id; key.id = ++next_one_time_key_id;
key.published = false; key.published = false;
olm::curve25519_generate_key(random, key.key); olm::curve25519_generate_key(random, key.key);
random += olm::KEY_LENGTH; random += CURVE25519_RANDOM_LENGTH;
} }
return number_of_keys; return number_of_keys;
} }

View file

@ -17,11 +17,13 @@
#include "olm/memory.hh" #include "olm/memory.hh"
#include <cstring> #include <cstring>
const std::size_t HMAC_KEY_LENGTH = 32;
namespace { namespace {
struct DerivedKeys { struct DerivedKeys {
olm::Aes256Key aes_key; olm::Aes256Key aes_key;
std::uint8_t mac_key[olm::KEY_LENGTH]; std::uint8_t mac_key[HMAC_KEY_LENGTH];
olm::Aes256Iv aes_iv; olm::Aes256Iv aes_iv;
}; };
@ -31,7 +33,9 @@ static void derive_keys(
std::uint8_t const * key, std::size_t key_length, std::uint8_t const * key, std::size_t key_length,
DerivedKeys & keys DerivedKeys & keys
) { ) {
std::uint8_t derived_secrets[2 * olm::KEY_LENGTH + olm::IV_LENGTH]; std::uint8_t derived_secrets[
AES256_KEY_LENGTH + HMAC_KEY_LENGTH + AES256_IV_LENGTH
];
_olm_crypto_hkdf_sha256( _olm_crypto_hkdf_sha256(
key, key_length, key, key_length,
nullptr, 0, nullptr, 0,
@ -81,7 +85,7 @@ size_t aes_sha_256_cipher_encrypt(
); );
_olm_crypto_hmac_sha256( _olm_crypto_hmac_sha256(
keys.mac_key, olm::KEY_LENGTH, output, output_length - MAC_LENGTH, mac keys.mac_key, HMAC_KEY_LENGTH, output, output_length - MAC_LENGTH, mac
); );
std::memcpy(output + output_length - MAC_LENGTH, mac, MAC_LENGTH); std::memcpy(output + output_length - MAC_LENGTH, mac, MAC_LENGTH);
@ -113,7 +117,7 @@ size_t aes_sha_256_cipher_decrypt(
derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys); derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys);
_olm_crypto_hmac_sha256( _olm_crypto_hmac_sha256(
keys.mac_key, olm::KEY_LENGTH, input, input_length - MAC_LENGTH, mac keys.mac_key, HMAC_KEY_LENGTH, input, input_length - MAC_LENGTH, mac
); );
std::uint8_t const * input_mac = input + input_length - MAC_LENGTH; std::uint8_t const * input_mac = input + input_length - MAC_LENGTH;

View file

@ -31,7 +31,7 @@ namespace {
static const std::uint8_t CURVE25519_BASEPOINT[32] = {9}; static const std::uint8_t CURVE25519_BASEPOINT[32] = {9};
static const std::size_t AES_KEY_SCHEDULE_LENGTH = 60; static const std::size_t AES_KEY_SCHEDULE_LENGTH = 60;
static const std::size_t AES_KEY_BITS = 8 * olm::KEY_LENGTH; static const std::size_t AES_KEY_BITS = 8 * AES256_KEY_LENGTH;
static const std::size_t AES_BLOCK_LENGTH = 16; static const std::size_t AES_BLOCK_LENGTH = 16;
static const std::size_t SHA256_BLOCK_LENGTH = 64; static const std::size_t SHA256_BLOCK_LENGTH = 64;
static const std::uint8_t HKDF_DEFAULT_SALT[32] = {}; static const std::uint8_t HKDF_DEFAULT_SALT[32] = {};
@ -104,7 +104,7 @@ void olm::curve25519_generate_key(
std::uint8_t const * random_32_bytes, std::uint8_t const * random_32_bytes,
olm::Curve25519KeyPair & key_pair olm::Curve25519KeyPair & key_pair
) { ) {
std::memcpy(key_pair.private_key, random_32_bytes, KEY_LENGTH); std::memcpy(key_pair.private_key, random_32_bytes, CURVE25519_KEY_LENGTH);
::curve25519_donna( ::curve25519_donna(
key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT
); );

View file

@ -436,8 +436,8 @@ size_t olm_create_outbound_session(
std::size_t id_key_length = their_identity_key_length; std::size_t id_key_length = their_identity_key_length;
std::size_t ot_key_length = their_one_time_key_length; std::size_t ot_key_length = their_one_time_key_length;
if (olm::decode_base64_length(id_key_length) != olm::KEY_LENGTH if (olm::decode_base64_length(id_key_length) != CURVE25519_KEY_LENGTH
|| olm::decode_base64_length(ot_key_length) != olm::KEY_LENGTH || olm::decode_base64_length(ot_key_length) != CURVE25519_KEY_LENGTH
) { ) {
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1); return std::size_t(-1);
@ -483,7 +483,7 @@ size_t olm_create_inbound_session_from(
std::uint8_t const * id_key = from_c(their_identity_key); std::uint8_t const * id_key = from_c(their_identity_key);
std::size_t id_key_length = their_identity_key_length; std::size_t id_key_length = their_identity_key_length;
if (olm::decode_base64_length(id_key_length) != olm::KEY_LENGTH) { if (olm::decode_base64_length(id_key_length) != CURVE25519_KEY_LENGTH) {
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1); return std::size_t(-1);
} }
@ -554,7 +554,7 @@ size_t olm_matches_inbound_session_from(
std::uint8_t const * id_key = from_c(their_identity_key); std::uint8_t const * id_key = from_c(their_identity_key);
std::size_t id_key_length = their_identity_key_length; std::size_t id_key_length = their_identity_key_length;
if (olm::decode_base64_length(id_key_length) != olm::KEY_LENGTH) { if (olm::decode_base64_length(id_key_length) != CURVE25519_KEY_LENGTH) {
from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64; from_c(session)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1); return std::size_t(-1);
} }
@ -710,7 +710,7 @@ size_t olm_ed25519_verify(
void const * message, size_t message_length, void const * message, size_t message_length,
void * signature, size_t signature_length void * signature, size_t signature_length
) { ) {
if (olm::decode_base64_length(key_length) != olm::KEY_LENGTH) { if (olm::decode_base64_length(key_length) != CURVE25519_KEY_LENGTH) {
from_c(utility)->last_error = OlmErrorCode::OLM_INVALID_BASE64; from_c(utility)->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1); return std::size_t(-1);
} }

View file

@ -49,7 +49,7 @@ static void create_chain_key(
) { ) {
olm::SharedKey secret; olm::SharedKey secret;
olm::curve25519_shared_secret(our_key, their_key, secret); olm::curve25519_shared_secret(our_key, their_key, secret);
std::uint8_t derived_secrets[2 * olm::KEY_LENGTH]; std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256( _olm_crypto_hkdf_sha256(
secret, sizeof(secret), secret, sizeof(secret),
root_key, sizeof(root_key), root_key, sizeof(root_key),
@ -191,7 +191,7 @@ void olm::Ratchet::initialise_as_bob(
std::uint8_t const * shared_secret, std::size_t shared_secret_length, std::uint8_t const * shared_secret, std::size_t shared_secret_length,
olm::Curve25519PublicKey const & their_ratchet_key olm::Curve25519PublicKey const & their_ratchet_key
) { ) {
std::uint8_t derived_secrets[2 * olm::KEY_LENGTH]; std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256( _olm_crypto_hkdf_sha256(
shared_secret, shared_secret_length, shared_secret, shared_secret_length,
nullptr, 0, nullptr, 0,
@ -212,7 +212,7 @@ void olm::Ratchet::initialise_as_alice(
std::uint8_t const * shared_secret, std::size_t shared_secret_length, std::uint8_t const * shared_secret, std::size_t shared_secret_length,
olm::Curve25519KeyPair const & our_ratchet_key olm::Curve25519KeyPair const & our_ratchet_key
) { ) {
std::uint8_t derived_secrets[2 * olm::KEY_LENGTH]; std::uint8_t derived_secrets[2 * olm::OLM_SHARED_KEY_LENGTH];
_olm_crypto_hkdf_sha256( _olm_crypto_hkdf_sha256(
shared_secret, shared_secret_length, shared_secret, shared_secret_length,
nullptr, 0, nullptr, 0,
@ -234,7 +234,7 @@ namespace olm {
static std::size_t pickle_length( static std::size_t pickle_length(
const olm::SharedKey & value const olm::SharedKey & value
) { ) {
return olm::KEY_LENGTH; return olm::OLM_SHARED_KEY_LENGTH;
} }
@ -242,7 +242,7 @@ static std::uint8_t * pickle(
std::uint8_t * pos, std::uint8_t * pos,
const olm::SharedKey & value const olm::SharedKey & value
) { ) {
return olm::pickle_bytes(pos, value, olm::KEY_LENGTH); return olm::pickle_bytes(pos, value, olm::OLM_SHARED_KEY_LENGTH);
} }
@ -250,7 +250,7 @@ static std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end, std::uint8_t const * pos, std::uint8_t const * end,
olm::SharedKey & value olm::SharedKey & value
) { ) {
return olm::unpickle_bytes(pos, end, value, olm::KEY_LENGTH); return olm::unpickle_bytes(pos, end, value, olm::OLM_SHARED_KEY_LENGTH);
} }
@ -359,7 +359,7 @@ std::size_t olm::pickle_length(
olm::Ratchet const & value olm::Ratchet const & value
) { ) {
std::size_t length = 0; std::size_t length = 0;
length += olm::KEY_LENGTH; length += olm::OLM_SHARED_KEY_LENGTH;
length += olm::pickle_length(value.sender_chain); length += olm::pickle_length(value.sender_chain);
length += olm::pickle_length(value.receiver_chains); length += olm::pickle_length(value.receiver_chains);
length += olm::pickle_length(value.skipped_message_keys); length += olm::pickle_length(value.skipped_message_keys);
@ -409,13 +409,13 @@ std::size_t olm::Ratchet::encrypt_output_length(
plaintext_length plaintext_length
); );
return olm::encode_message_length( return olm::encode_message_length(
counter, olm::KEY_LENGTH, padded, ratchet_cipher->ops->mac_length(ratchet_cipher) counter, CURVE25519_KEY_LENGTH, padded, ratchet_cipher->ops->mac_length(ratchet_cipher)
); );
} }
std::size_t olm::Ratchet::encrypt_random_length() { std::size_t olm::Ratchet::encrypt_random_length() {
return sender_chain.empty() ? olm::KEY_LENGTH : 0; return sender_chain.empty() ? CURVE25519_RANDOM_LENGTH : 0;
} }
@ -461,7 +461,8 @@ std::size_t olm::Ratchet::encrypt(
olm::MessageWriter writer; olm::MessageWriter writer;
olm::encode_message( olm::encode_message(
writer, PROTOCOL_VERSION, counter, olm::KEY_LENGTH, ciphertext_length, writer, PROTOCOL_VERSION, counter, CURVE25519_KEY_LENGTH,
ciphertext_length,
output output
); );
@ -529,7 +530,7 @@ std::size_t olm::Ratchet::decrypt(
return std::size_t(-1); return std::size_t(-1);
} }
if (reader.ratchet_key_length != olm::KEY_LENGTH) { if (reader.ratchet_key_length != CURVE25519_KEY_LENGTH) {
last_error = OlmErrorCode::OLM_BAD_MESSAGE_FORMAT; last_error = OlmErrorCode::OLM_BAD_MESSAGE_FORMAT;
return std::size_t(-1); return std::size_t(-1);
} }
@ -539,7 +540,7 @@ std::size_t olm::Ratchet::decrypt(
for (olm::ReceiverChain & receiver_chain : receiver_chains) { for (olm::ReceiverChain & receiver_chain : receiver_chains) {
if (0 == std::memcmp( if (0 == std::memcmp(
receiver_chain.ratchet_key.public_key, reader.ratchet_key, receiver_chain.ratchet_key.public_key, reader.ratchet_key,
olm::KEY_LENGTH CURVE25519_KEY_LENGTH
)) { )) {
chain = &receiver_chain; chain = &receiver_chain;
break; break;
@ -559,7 +560,7 @@ std::size_t olm::Ratchet::decrypt(
if (reader.counter == skipped.message_key.index if (reader.counter == skipped.message_key.index
&& 0 == std::memcmp( && 0 == std::memcmp(
skipped.ratchet_key.public_key, reader.ratchet_key, skipped.ratchet_key.public_key, reader.ratchet_key,
olm::KEY_LENGTH CURVE25519_KEY_LENGTH
) )
) { ) {
/* Found the key for this message. Check the MAC. */ /* Found the key for this message. Check the MAC. */

View file

@ -49,7 +49,7 @@ olm::Session::Session(
std::size_t olm::Session::new_outbound_session_random_length() { std::size_t olm::Session::new_outbound_session_random_length() {
return olm::KEY_LENGTH * 2; return CURVE25519_RANDOM_LENGTH * 2;
} }
@ -68,7 +68,7 @@ std::size_t olm::Session::new_outbound_session(
olm::curve25519_generate_key(random, base_key); olm::curve25519_generate_key(random, base_key);
olm::Curve25519KeyPair ratchet_key; olm::Curve25519KeyPair ratchet_key;
olm::curve25519_generate_key(random + olm::KEY_LENGTH, ratchet_key); olm::curve25519_generate_key(random + CURVE25519_RANDOM_LENGTH, ratchet_key);
olm::Curve25519KeyPair const & alice_identity_key_pair = ( olm::Curve25519KeyPair const & alice_identity_key_pair = (
local_account.identity_keys.curve25519_key local_account.identity_keys.curve25519_key
@ -79,13 +79,13 @@ std::size_t olm::Session::new_outbound_session(
alice_base_key = base_key; alice_base_key = base_key;
bob_one_time_key = one_time_key; bob_one_time_key = one_time_key;
std::uint8_t secret[3 * olm::KEY_LENGTH]; // Calculate the shared secret S via triple DH
std::uint8_t secret[3 * CURVE25519_SHARED_SECRET_LENGTH];
std::uint8_t * pos = secret; std::uint8_t * pos = secret;
olm::curve25519_shared_secret(alice_identity_key_pair, one_time_key, pos); olm::curve25519_shared_secret(alice_identity_key_pair, one_time_key, pos);
pos += olm::KEY_LENGTH; pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(base_key, identity_key, pos); olm::curve25519_shared_secret(base_key, identity_key, pos);
pos += olm::KEY_LENGTH; pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(base_key, one_time_key, pos); olm::curve25519_shared_secret(base_key, one_time_key, pos);
ratchet.initialise_as_alice(secret, sizeof(secret), ratchet_key); ratchet.initialise_as_alice(secret, sizeof(secret), ratchet_key);
@ -105,13 +105,13 @@ static bool check_message_fields(
bool ok = true; bool ok = true;
ok = ok && (have_their_identity_key || reader.identity_key); ok = ok && (have_their_identity_key || reader.identity_key);
if (reader.identity_key) { if (reader.identity_key) {
ok = ok && reader.identity_key_length == olm::KEY_LENGTH; ok = ok && reader.identity_key_length == CURVE25519_KEY_LENGTH;
} }
ok = ok && reader.message; ok = ok && reader.message;
ok = ok && reader.base_key; ok = ok && reader.base_key;
ok = ok && reader.base_key_length == olm::KEY_LENGTH; ok = ok && reader.base_key_length == CURVE25519_KEY_LENGTH;
ok = ok && reader.one_time_key; ok = ok && reader.one_time_key;
ok = ok && reader.one_time_key_length == olm::KEY_LENGTH; ok = ok && reader.one_time_key_length == CURVE25519_KEY_LENGTH;
return ok; return ok;
} }
@ -133,7 +133,7 @@ std::size_t olm::Session::new_inbound_session(
if (reader.identity_key && their_identity_key) { if (reader.identity_key && their_identity_key) {
bool same = 0 == std::memcmp( bool same = 0 == std::memcmp(
their_identity_key->public_key, reader.identity_key, olm::KEY_LENGTH their_identity_key->public_key, reader.identity_key, CURVE25519_KEY_LENGTH
); );
if (!same) { if (!same) {
last_error = OlmErrorCode::OLM_BAD_MESSAGE_KEY_ID; last_error = OlmErrorCode::OLM_BAD_MESSAGE_KEY_ID;
@ -152,7 +152,7 @@ std::size_t olm::Session::new_inbound_session(
); );
if (!message_reader.ratchet_key if (!message_reader.ratchet_key
|| message_reader.ratchet_key_length != olm::KEY_LENGTH) { || message_reader.ratchet_key_length != CURVE25519_KEY_LENGTH) {
last_error = OlmErrorCode::OLM_BAD_MESSAGE_FORMAT; last_error = OlmErrorCode::OLM_BAD_MESSAGE_FORMAT;
return std::size_t(-1); return std::size_t(-1);
} }
@ -174,12 +174,13 @@ std::size_t olm::Session::new_inbound_session(
); );
olm::Curve25519KeyPair const & bob_one_time_key = our_one_time_key->key; olm::Curve25519KeyPair const & bob_one_time_key = our_one_time_key->key;
std::uint8_t secret[olm::KEY_LENGTH * 3]; // Calculate the shared secret S via triple DH
std::uint8_t secret[CURVE25519_SHARED_SECRET_LENGTH * 3];
std::uint8_t * pos = secret; std::uint8_t * pos = secret;
olm::curve25519_shared_secret(bob_one_time_key, alice_identity_key, pos); olm::curve25519_shared_secret(bob_one_time_key, alice_identity_key, pos);
pos += olm::KEY_LENGTH; pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(bob_identity_key, alice_base_key, pos); olm::curve25519_shared_secret(bob_identity_key, alice_base_key, pos);
pos += olm::KEY_LENGTH; pos += CURVE25519_SHARED_SECRET_LENGTH;
olm::curve25519_shared_secret(bob_one_time_key, alice_base_key, pos); olm::curve25519_shared_secret(bob_one_time_key, alice_base_key, pos);
ratchet.initialise_as_bob(secret, sizeof(secret), ratchet_key); ratchet.initialise_as_bob(secret, sizeof(secret), ratchet_key);
@ -202,7 +203,7 @@ std::size_t olm::Session::session_id(
last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL; last_error = OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL;
return std::size_t(-1); return std::size_t(-1);
} }
std::uint8_t tmp[olm::KEY_LENGTH * 3]; std::uint8_t tmp[CURVE25519_KEY_LENGTH * 3];
std::uint8_t * pos = tmp; std::uint8_t * pos = tmp;
pos = olm::store_array(pos, alice_identity_key.public_key); pos = olm::store_array(pos, alice_identity_key.public_key);
pos = olm::store_array(pos, alice_base_key.public_key); pos = olm::store_array(pos, alice_base_key.public_key);
@ -226,20 +227,20 @@ bool olm::Session::matches_inbound_session(
bool same = true; bool same = true;
if (reader.identity_key) { if (reader.identity_key) {
same = same && 0 == std::memcmp( same = same && 0 == std::memcmp(
reader.identity_key, alice_identity_key.public_key, olm::KEY_LENGTH reader.identity_key, alice_identity_key.public_key, CURVE25519_KEY_LENGTH
); );
} }
if (their_identity_key) { if (their_identity_key) {
same = same && 0 == std::memcmp( same = same && 0 == std::memcmp(
their_identity_key->public_key, alice_identity_key.public_key, their_identity_key->public_key, alice_identity_key.public_key,
olm::KEY_LENGTH CURVE25519_KEY_LENGTH
); );
} }
same = same && 0 == std::memcmp( same = same && 0 == std::memcmp(
reader.base_key, alice_base_key.public_key, olm::KEY_LENGTH reader.base_key, alice_base_key.public_key, CURVE25519_KEY_LENGTH
); );
same = same && 0 == std::memcmp( same = same && 0 == std::memcmp(
reader.one_time_key, bob_one_time_key.public_key, olm::KEY_LENGTH reader.one_time_key, bob_one_time_key.public_key, CURVE25519_KEY_LENGTH
); );
return same; return same;
} }
@ -266,9 +267,9 @@ std::size_t olm::Session::encrypt_message_length(
} }
return encode_one_time_key_message_length( return encode_one_time_key_message_length(
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
message_length message_length
); );
} }
@ -300,9 +301,9 @@ std::size_t olm::Session::encrypt(
encode_one_time_key_message( encode_one_time_key_message(
writer, writer,
PROTOCOL_VERSION, PROTOCOL_VERSION,
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
olm::KEY_LENGTH, CURVE25519_KEY_LENGTH,
message_body_length, message_body_length,
message message
); );

View file

@ -45,7 +45,7 @@ size_t olm::Utility::ed25519_verify(
std::uint8_t const * message, std::size_t message_length, std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature, std::size_t signature_length std::uint8_t const * signature, std::size_t signature_length
) { ) {
if (signature_length < olm::SIGNATURE_LENGTH) { if (signature_length < ED25519_SIGNATURE_LENGTH) {
last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC; last_error = OlmErrorCode::OLM_BAD_MESSAGE_MAC;
return std::size_t(-1); return std::size_t(-1);
} }

View file

@ -70,7 +70,7 @@ olm::curve25519_generate_key(bob_private, bob_pair);
assert_equals(bob_private, bob_pair.private_key, 32); assert_equals(bob_private, bob_pair.private_key, 32);
assert_equals(bob_public, bob_pair.public_key, 32); assert_equals(bob_public, bob_pair.public_key, 32);
std::uint8_t actual_agreement[olm::KEY_LENGTH] = {}; std::uint8_t actual_agreement[CURVE25519_SHARED_SECRET_LENGTH] = {};
olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement); olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement);