From 3609227c6ee4214d561ac7affff9a7e99bc658de Mon Sep 17 00:00:00 2001 From: manuroe Date: Wed, 13 Mar 2019 14:52:02 +0100 Subject: [PATCH 1/6] Fix arg name in comments (cherry picked from commit c0a53ebaeda420f636698b99c393868d2bf8f905) --- include/olm/sas.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/olm/sas.h b/include/olm/sas.h index ec90ae7..9d2ae3e 100644 --- a/include/olm/sas.h +++ b/include/olm/sas.h @@ -93,7 +93,7 @@ size_t olm_sas_get_pubkey( * * @param[in] sas the SAS object. * @param[in] their_key the other user's public key. - * @param[in] their_key_size the size of the `their_key` buffer. + * @param[in] their_key_length the size of the `their_key` buffer. * * @return `olm_error()` on failure. If the `their_key` buffer is too small, * then `olm_sas_last_error()` will be `INPUT_BUFFER_TOO_SMALL`. From 5de295da3e5f9ae7e4de6cfe009e2d0ad4e6a08b Mon Sep 17 00:00:00 2001 From: manuroe Date: Wed, 13 Mar 2019 14:54:04 +0100 Subject: [PATCH 2/6] OLMKit: add Short Authentication String verification (cherry picked from commit 3e954ca2729d3333ea853c878602d1696f616573) --- xcode/OLMKit.xcodeproj/project.pbxproj | 4 + xcode/OLMKit/OLMKit.h | 1 + xcode/OLMKit/OLMSAS.h | 59 +++++++++++ xcode/OLMKit/OLMSAS.m | 140 +++++++++++++++++++++++++ xcode/OLMKitTests/OLMKitSASTests.m | 69 ++++++++++++ xcode/Podfile.lock | 14 +-- 6 files changed, 280 insertions(+), 7 deletions(-) create mode 100644 xcode/OLMKit/OLMSAS.h create mode 100644 xcode/OLMKit/OLMSAS.m create mode 100644 xcode/OLMKitTests/OLMKitSASTests.m diff --git a/xcode/OLMKit.xcodeproj/project.pbxproj b/xcode/OLMKit.xcodeproj/project.pbxproj index 7ea3d5b..821a204 100644 --- a/xcode/OLMKit.xcodeproj/project.pbxproj +++ b/xcode/OLMKit.xcodeproj/project.pbxproj @@ -12,6 +12,7 @@ 3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 3274F6061D9A633A005282E4 /* OLMKitTests.m */; }; 3274F6131D9A698E005282E4 /* OLMKit.h in Headers */ = {isa = PBXBuildFile; fileRef = 3274F6121D9A698E005282E4 /* OLMKit.h */; }; 32A151311DABDD4300400192 /* OLMKitGroupTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 32A151301DABDD4300400192 /* OLMKitGroupTests.m */; }; + 32F143AF2236B4100077CF37 /* OLMKitSASTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 32F143AE2236B4100077CF37 /* OLMKitSASTests.m */; }; 7DBAD311AEA85CF6DB80DCFA /* libPods-OLMKitTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 7123FABE917D0FB140E036B7 /* libPods-OLMKitTests.a */; }; D667051A0BA47E17CCC4E5D7 /* libPods-OLMKit.a in Frameworks */ = {isa = PBXBuildFile; fileRef = F2F22FE8F173AF845B882805 /* libPods-OLMKit.a */; }; /* End PBXBuildFile section */ @@ -36,6 +37,7 @@ 3274F6081D9A633A005282E4 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 3274F6121D9A698E005282E4 /* OLMKit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OLMKit.h; sourceTree = ""; }; 32A151301DABDD4300400192 /* OLMKitGroupTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OLMKitGroupTests.m; sourceTree = ""; }; + 32F143AE2236B4100077CF37 /* OLMKitSASTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = OLMKitSASTests.m; sourceTree = ""; }; 7123FABE917D0FB140E036B7 /* libPods-OLMKitTests.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libPods-OLMKitTests.a"; sourceTree = BUILT_PRODUCTS_DIR; }; 875BA7A520258EA15A31DD82 /* Pods-OLMKitTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-OLMKitTests.debug.xcconfig"; path = "Pods/Target Support Files/Pods-OLMKitTests/Pods-OLMKitTests.debug.xcconfig"; sourceTree = ""; }; D48E486DAE1F59F4F7EA8C25 /* Pods-OLMKitTests.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-OLMKitTests.release.xcconfig"; path = "Pods/Target Support Files/Pods-OLMKitTests/Pods-OLMKitTests.release.xcconfig"; sourceTree = ""; }; @@ -107,6 +109,7 @@ 3274F6051D9A633A005282E4 /* OLMKitTests */ = { isa = PBXGroup; children = ( + 32F143AE2236B4100077CF37 /* OLMKitSASTests.m */, 3244277C2175EF700023EDF1 /* OLMKitPkTests.m */, 3274F6061D9A633A005282E4 /* OLMKitTests.m */, 32A151301DABDD4300400192 /* OLMKitGroupTests.m */, @@ -282,6 +285,7 @@ buildActionMask = 2147483647; files = ( 3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */, + 32F143AF2236B4100077CF37 /* OLMKitSASTests.m in Sources */, 3244277D2175EF700023EDF1 /* OLMKitPkTests.m in Sources */, 32A151311DABDD4300400192 /* OLMKitGroupTests.m in Sources */, ); diff --git a/xcode/OLMKit/OLMKit.h b/xcode/OLMKit/OLMKit.h index 6f79399..2ed6ebd 100644 --- a/xcode/OLMKit/OLMKit.h +++ b/xcode/OLMKit/OLMKit.h @@ -28,6 +28,7 @@ #import #import #import +#import @interface OLMKit : NSObject diff --git a/xcode/OLMKit/OLMSAS.h b/xcode/OLMKit/OLMSAS.h new file mode 100644 index 0000000..454c8e0 --- /dev/null +++ b/xcode/OLMKit/OLMSAS.h @@ -0,0 +1,59 @@ +/* + Copyright 2019 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import + +NS_ASSUME_NONNULL_BEGIN + +/** + Short Authentication String verification utility class. + */ +@interface OLMSAS : NSObject + +/** + Get the public key of the SAS object. + */ +- (NSString * _Nullable)publicKey; + +/** + Set the public key of other user. + + @param theirPublicKey the other user's public key. + @return error the error if any. + */ +- (NSError* _Nullable)setTheirPublicKey:(NSString*)theirPublicKey; + +/** + Generate bytes to use for the short authentication string. + + @param info extra information to mix in when generating the bytes, as per the Matrix spec. + @param length the size of the output buffer. For hex-based SAS as in the Matrix spec, this will be 5. + @return generated bytes + */ +- (NSData *)generateBytes:(NSString*)info length:(NSUInteger)length; + +/** + Generate a message authentication code (MAC) based on the shared secret. + + @param input the message to produce the authentication code for. + @param info extra information to mix in when generating the MAC, as per the Matrix spec. + @param error the error if any. + @return the MAC. + */ +- (NSString *)calculateMac:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; // TODO: NSError? + +@end + +NS_ASSUME_NONNULL_END diff --git a/xcode/OLMKit/OLMSAS.m b/xcode/OLMKit/OLMSAS.m new file mode 100644 index 0000000..d95f948 --- /dev/null +++ b/xcode/OLMKit/OLMSAS.m @@ -0,0 +1,140 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "OLMSAS.h" + +#include "olm/olm.h" +#include "olm/sas.h" +#include "OLMUtility.h" + +@interface OLMSAS () { + void *olmSASbuffer; + OlmSAS *olmSAS; +} +@end + +@implementation OLMSAS + +- (void)dealloc { + olm_clear_sas(olmSAS); + free(olmSASbuffer); +} + +- (instancetype)init { + self = [super init]; + if (self) { + olmSASbuffer = malloc(olm_sas_size()); + olmSAS = olm_sas(olmSASbuffer); + + size_t randomLength = olm_create_sas_random_length(olmSAS); + NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength]; + if (!random) { + return nil; + } + + olm_create_sas(olmSAS, random.mutableBytes, randomLength); + + [random resetBytesInRange:NSMakeRange(0, randomLength)]; + } + return self; +} + +- (NSString * _Nullable)publicKey { + size_t publicKeyLength = olm_sas_pubkey_length(olmSAS); + NSMutableData *publicKeyData = [NSMutableData dataWithLength:publicKeyLength]; + if (!publicKeyData) { + return nil; + } + + size_t result = olm_sas_get_pubkey(olmSAS, publicKeyData.mutableBytes, publicKeyLength); + if (result == olm_error()) { + const char *olm_error = olm_sas_last_error(olmSAS); + NSLog(@"[OLMSAS] publicKey: olm_sas_get_pubkey error: %s", olm_error); + return nil; + } + + NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding]; + return publicKey; +} + +- (NSError * _Nullable)setTheirPublicKey:(NSString*)theirPublicKey { + NSMutableData *theirPublicKeyData = [theirPublicKey dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; + + size_t result = olm_sas_set_their_key(olmSAS, theirPublicKeyData.mutableBytes, theirPublicKeyData.length); + if (result == olm_error()) { + const char *olm_error = olm_sas_last_error(olmSAS); + NSLog(@"[OLMSAS] setTheirPublicKey: olm_sas_set_their_key error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (olm_error && errorString) { + return [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_set_their_key error: %@", errorString] + }]; + } + } + + return nil; +} + +- (NSData *)generateBytes:(NSString *)info length:(NSUInteger)length { + NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding]; + + NSMutableData *bytes = [NSMutableData dataWithLength:length]; + if (!bytes) { + return nil; + } + + olm_sas_generate_bytes(olmSAS, infoData.bytes, infoData.length, bytes.mutableBytes, length); + return bytes; +} + +- (NSString *)calculateMac:(NSString *)input info:(NSString *)info error:(NSError *__autoreleasing _Nullable *)error { + NSMutableData *inputData = [input dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; + NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding]; + + size_t macLength = olm_sas_mac_length(olmSAS); + NSMutableData *macData = [NSMutableData dataWithLength:macLength]; + if (!macData) { + return nil; + } + + size_t result = olm_sas_calculate_mac(olmSAS, + inputData.mutableBytes, inputData.length, + infoData.bytes, infoData.length, + macData.mutableBytes, macLength); + if (result == olm_error()) { + const char *olm_error = olm_sas_last_error(olmSAS); + NSLog(@"[OLMSAS] calculateMac: olm_sas_calculate_mac error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_calculate_mac error: %@", errorString] + }]; + } + return nil; + } + + NSString *mac = [[NSString alloc] initWithData:macData encoding:NSUTF8StringEncoding]; + return mac; +} + +@end diff --git a/xcode/OLMKitTests/OLMKitSASTests.m b/xcode/OLMKitTests/OLMKitSASTests.m new file mode 100644 index 0000000..08a2490 --- /dev/null +++ b/xcode/OLMKitTests/OLMKitSASTests.m @@ -0,0 +1,69 @@ +/* + Copyright 2019 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import +#import + +@interface OLMKitSASTests : XCTestCase { + OLMSAS *alice; + OLMSAS *bob; +} + +@end + +@implementation OLMKitSASTests + +- (void)setUp { + alice = [OLMSAS new]; + bob = [OLMSAS new]; +} + +- (void)tearDown { + alice = nil; + bob = nil; +} + +- (void)testSASRandomness +{ + XCTAssertNotEqualObjects(alice.publicKey, bob.publicKey); +} + +- (void)testSASBytesMatch { + [alice setTheirPublicKey:bob.publicKey]; + [bob setTheirPublicKey:alice.publicKey]; + + NSString *sas = @"SAS"; + NSUInteger length = 5; + + XCTAssertEqualObjects([alice generateBytes:sas length:length], + [bob generateBytes:sas length:length]); +} + +- (void)testMACsMatch { + [alice setTheirPublicKey:bob.publicKey]; + [bob setTheirPublicKey:alice.publicKey]; + + NSString *string = @"test"; + NSString *info = @"MAC"; + + NSError *aliceError, *bobError; + XCTAssertEqualObjects([alice calculateMac:string info:info error:&aliceError], + [bob calculateMac:string info:info error:&bobError]); + XCTAssertNil(aliceError); + XCTAssertNil(bobError); +} + +@end diff --git a/xcode/Podfile.lock b/xcode/Podfile.lock index e9099c4..678923e 100644 --- a/xcode/Podfile.lock +++ b/xcode/Podfile.lock @@ -1,9 +1,9 @@ PODS: - - OLMKit (2.3.0): - - OLMKit/olmc (= 2.3.0) - - OLMKit/olmcpp (= 2.3.0) - - OLMKit/olmc (2.3.0) - - OLMKit/olmcpp (2.3.0) + - OLMKit (3.0.0): + - OLMKit/olmc (= 3.0.0) + - OLMKit/olmcpp (= 3.0.0) + - OLMKit/olmc (3.0.0) + - OLMKit/olmcpp (3.0.0) DEPENDENCIES: - OLMKit (from `../OLMKit.podspec`) @@ -13,8 +13,8 @@ EXTERNAL SOURCES: :path: "../OLMKit.podspec" SPEC CHECKSUMS: - OLMKit: 6af55a19917c35f86df5198c213979ecdf8ba76e + OLMKit: 88eda69110489f817d59bcb4353b7c247570aa4f PODFILE CHECKSUM: 4e261dae61d833ec5585ced2473023b98909fd35 -COCOAPODS: 1.6.0.beta.2 +COCOAPODS: 1.6.0 From 4057f59453d0276a7dbfeee284892c46786c156b Mon Sep 17 00:00:00 2001 From: manuroe Date: Mon, 8 Apr 2019 18:48:09 +0200 Subject: [PATCH 3/6] OLMKit: SAS: Added macLongKdf support (cherry picked from commit 934d516eb35c488ee197e1bab78a4c81e3c8241d) --- xcode/OLMKit/OLMSAS.h | 13 +++++++++++- xcode/OLMKit/OLMSAS.m | 34 ++++++++++++++++++++++++++++++ xcode/OLMKitTests/OLMKitSASTests.m | 17 +++++++++++++++ 3 files changed, 63 insertions(+), 1 deletion(-) diff --git a/xcode/OLMKit/OLMSAS.h b/xcode/OLMKit/OLMSAS.h index 454c8e0..3785b03 100644 --- a/xcode/OLMKit/OLMSAS.h +++ b/xcode/OLMKit/OLMSAS.h @@ -52,7 +52,18 @@ NS_ASSUME_NONNULL_BEGIN @param error the error if any. @return the MAC. */ -- (NSString *)calculateMac:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; // TODO: NSError? +- (NSString *)calculateMac:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; + +/** + Generate a message authentication code (MAC) based on the shared secret. + For compatibility with an old version of olm.js. + + @param input the message to produce the authentication code for. + @param info extra information to mix in when generating the MAC, as per the Matrix spec. + @param error the error if any. + @return the MAC. + */ +- (NSString *)calculateMacLongKdf:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; @end diff --git a/xcode/OLMKit/OLMSAS.m b/xcode/OLMKit/OLMSAS.m index d95f948..fed370b 100644 --- a/xcode/OLMKit/OLMSAS.m +++ b/xcode/OLMKit/OLMSAS.m @@ -137,4 +137,38 @@ return mac; } +- (NSString *)calculateMacLongKdf:(NSString *)input info:(NSString *)info error:(NSError *__autoreleasing _Nullable *)error { + NSMutableData *inputData = [input dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; + NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding]; + + size_t macLength = olm_sas_mac_length(olmSAS); + NSMutableData *macData = [NSMutableData dataWithLength:macLength]; + if (!macData) { + return nil; + } + + size_t result = olm_sas_calculate_mac_long_kdf(olmSAS, + inputData.mutableBytes, inputData.length, + infoData.bytes, infoData.length, + macData.mutableBytes, macLength); + if (result == olm_error()) { + const char *olm_error = olm_sas_last_error(olmSAS); + NSLog(@"[OLMSAS] calculateMacLongKdf: olm_sas_calculate_mac error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_calculate_mac_long_kdf error: %@", errorString] + }]; + } + return nil; + } + + NSString *mac = [[NSString alloc] initWithData:macData encoding:NSUTF8StringEncoding]; + return mac; +} + @end diff --git a/xcode/OLMKitTests/OLMKitSASTests.m b/xcode/OLMKitTests/OLMKitSASTests.m index 08a2490..e250a67 100644 --- a/xcode/OLMKitTests/OLMKitSASTests.m +++ b/xcode/OLMKitTests/OLMKitSASTests.m @@ -66,4 +66,21 @@ XCTAssertNil(bobError); } +- (void)testMACLongKdfsMatch { + [alice setTheirPublicKey:bob.publicKey]; + [bob setTheirPublicKey:alice.publicKey]; + + NSString *string = @"test"; + NSString *info = @"MAC"; + + NSError *aliceError, *bobError; + XCTAssertEqualObjects([alice calculateMacLongKdf:string info:info error:&aliceError], + [bob calculateMacLongKdf:string info:info error:&bobError]); + XCTAssertNotEqualObjects([alice calculateMacLongKdf:string info:info error:&aliceError], + [bob calculateMac:string info:info error:&bobError]); + XCTAssertNil(aliceError); + XCTAssertNil(bobError); +} + + @end From 809793c9bad785653657e21d4a7eb6282e3c17ee Mon Sep 17 00:00:00 2001 From: manuroe Date: Wed, 10 Apr 2019 23:15:27 +0200 Subject: [PATCH 4/6] OLMKit: SAS: Add PK signing (cherry picked from commit ff31d489c68d5d9e597bd55a6f6a64f3fe4c7ecc) --- xcode/OLMKit/OLMKit.h | 1 + xcode/OLMKit/OLMPkSigning.h | 49 ++++++++++++ xcode/OLMKit/OLMPkSigning.m | 123 ++++++++++++++++++++++++++++++ xcode/OLMKitTests/OLMKitPkTests.m | 35 +++++++++ 4 files changed, 208 insertions(+) create mode 100644 xcode/OLMKit/OLMPkSigning.h create mode 100644 xcode/OLMKit/OLMPkSigning.m diff --git a/xcode/OLMKit/OLMKit.h b/xcode/OLMKit/OLMKit.h index 2ed6ebd..54496a0 100644 --- a/xcode/OLMKit/OLMKit.h +++ b/xcode/OLMKit/OLMKit.h @@ -28,6 +28,7 @@ #import #import #import +#import #import @interface OLMKit : NSObject diff --git a/xcode/OLMKit/OLMPkSigning.h b/xcode/OLMKit/OLMPkSigning.h new file mode 100644 index 0000000..09724e1 --- /dev/null +++ b/xcode/OLMKit/OLMPkSigning.h @@ -0,0 +1,49 @@ +/* + Copyright 2019 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import + +NS_ASSUME_NONNULL_BEGIN + +@interface OLMPkSigning : NSObject + +/** + Initialise the signing object with a public/private keypair from a seed. + + @param seed the seed. + @param error the error if any. + @return the public key + */ +- (NSString *)doInitWithSeed:(NSData*)seed error:(NSError* _Nullable *)error; + +/** + Sign a message. + + @param message the message to sign. + @param error the error if any. + @return the signature. + */ +- (NSString *)sign:(NSString*)message error:(NSError* _Nullable *)error; + +/** + Generate a seed. + + @return the generated seed. + */ ++ (NSData *)generateSeed; + +@end + +NS_ASSUME_NONNULL_END diff --git a/xcode/OLMKit/OLMPkSigning.m b/xcode/OLMKit/OLMPkSigning.m new file mode 100644 index 0000000..e3f1a61 --- /dev/null +++ b/xcode/OLMKit/OLMPkSigning.m @@ -0,0 +1,123 @@ +/* + Copyright 2019 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "OLMPkSigning.h" + +#include "olm/olm.h" +#include "olm/pk.h" +#include "OLMUtility.h" + +@interface OLMPkSigning () +{ + OlmPkSigning *sign; +} +@end + +@implementation OLMPkSigning + +- (void)dealloc { + olm_clear_pk_signing(sign); + free(sign); +} + + +- (instancetype)init { + self = [super init]; + if (self) { + sign = (OlmPkSigning *)malloc(olm_pk_signing_size()); + olm_pk_signing(sign); + } + return self; +} + +- (NSString *)doInitWithSeed:(NSData *)seed error:(NSError *__autoreleasing _Nullable *)error { + size_t publicKeyLength = olm_pk_signing_public_key_length(); + NSMutableData *publicKeyData = [NSMutableData dataWithLength:publicKeyLength]; + if (!publicKeyData) { + return nil; + } + + NSMutableData *mutableSeed = [NSMutableData dataWithData:seed]; + + size_t result = olm_pk_signing_key_from_seed(sign, + publicKeyData.mutableBytes, publicKeyLength, + mutableSeed.mutableBytes, mutableSeed.length); + if (result == olm_error()) { + const char *olm_error = olm_pk_signing_last_error(sign); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + NSLog(@"[OLMPkSigning] doInitWithSeed: olm_pk_signing_key_from_seed error: %@", errorString); + + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_pk_signing_key_from_seed error: %@", errorString] + }]; + } + + return nil; + } + + NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding]; + return publicKey; +} + +- (NSString *)sign:(NSString *)message error:(NSError *__autoreleasing _Nullable *)error { + NSData *messageData = [message dataUsingEncoding:NSUTF8StringEncoding]; + + size_t signatureLength = olm_pk_signature_length(); + NSMutableData *signatureData = [NSMutableData dataWithLength:signatureLength]; + if (!signatureData) { + return nil; + } + + size_t result = olm_pk_sign(sign, + messageData.bytes, messageData.length, + signatureData.mutableBytes, signatureLength); + if (result == olm_error()) { + const char *olm_error = olm_pk_signing_last_error(sign); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + NSLog(@"[OLMPkSigning] sign: olm_pk_sign error: %@", errorString); + + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_pk_sign error: %@", errorString] + }]; + } + + return nil; + } + + NSString *signature = [[NSString alloc] initWithData:signatureData encoding:NSUTF8StringEncoding]; + return signature; +} + ++ (NSData *)generateSeed { + size_t seedLength = olm_pk_signing_seed_length(); + NSMutableData *seed = [OLMUtility randomBytesOfLength:seedLength]; + if (!seed) { + return nil; + } + + return seed; +} + +@end diff --git a/xcode/OLMKitTests/OLMKitPkTests.m b/xcode/OLMKitTests/OLMKitPkTests.m index 04d2e30..7a09130 100644 --- a/xcode/OLMKitTests/OLMKitPkTests.m +++ b/xcode/OLMKitTests/OLMKitPkTests.m @@ -104,4 +104,39 @@ XCTAssertEqualObjects(decrypted, TEST_TEXT); } +- (void)testSignAndVerify { + + UInt8 seedBytes[] = { + 0x77, 0x07, 0x6D, 0x0A, 0x73, 0x18, 0xA5, 0x7D, + 0x3C, 0x16, 0xC1, 0x72, 0x51, 0xB2, 0x66, 0x45, + 0xDF, 0x4C, 0x2F, 0x87, 0xEB, 0xC0, 0x99, 0x2A, + 0xB1, 0x77, 0xFB, 0xA5, 0x1D, 0xB9, 0x2C, 0x2A + }; + + NSData *seed = [NSData dataWithBytes:seedBytes length:sizeof(seedBytes)]; + + NSString *TEST_TEXT = @"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness."; + + OLMPkSigning *signing = [OLMPkSigning new]; + + NSError *error; + NSString *pubKey = [signing doInitWithSeed:seed error:&error]; + XCTAssertNotNil(pubKey); + XCTAssertNil(error); + + NSString *sig = [signing sign:TEST_TEXT error:&error]; + XCTAssertNotNil(sig); + XCTAssertNil(error); + + OLMUtility *util = [OLMUtility new]; + BOOL verify = [util verifyEd25519Signature:sig key:pubKey message:[TEST_TEXT dataUsingEncoding:NSUTF8StringEncoding] error:&error]; + XCTAssertTrue(verify); + XCTAssertNil(error); + + NSString *badSig = [sig stringByReplacingCharactersInRange:NSMakeRange(0, 1) withString:@"p"]; + verify = [util verifyEd25519Signature:badSig key:pubKey message:[TEST_TEXT dataUsingEncoding:NSUTF8StringEncoding] error:&error]; + XCTAssertFalse(verify); + XCTAssertNotNil(error); +} + @end From 89357b6a495ce7b6625db206d416ed428b613804 Mon Sep 17 00:00:00 2001 From: manuroe Date: Wed, 10 Apr 2019 23:16:22 +0200 Subject: [PATCH 5/6] OLMKit: OlmPkEncryption: Fix typos in sanity checks (cherry picked from commit add1bd6e4250012dcfa30a40d763dba82f53c254) --- xcode/OLMKit/OLMPkEncryption.m | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xcode/OLMKit/OLMPkEncryption.m b/xcode/OLMKit/OLMPkEncryption.m index c2e3d04..34ad57c 100644 --- a/xcode/OLMKit/OLMPkEncryption.m +++ b/xcode/OLMKit/OLMPkEncryption.m @@ -65,13 +65,13 @@ size_t macLength = olm_pk_mac_length(session); NSMutableData *macData = [NSMutableData dataWithLength:macLength]; - if (!ciphertext) { + if (!macData) { return nil; } size_t ephemeralKeyLength = olm_pk_key_length(); NSMutableData *ephemeralKeyData = [NSMutableData dataWithLength:ephemeralKeyLength]; - if (!ciphertext) { + if (!ephemeralKeyData) { return nil; } From 5147349feabe93d4cfd3d45e94002c1bb8f87923 Mon Sep 17 00:00:00 2001 From: manuroe Date: Fri, 12 Apr 2019 11:17:53 +0200 Subject: [PATCH 6/6] OLMKit: OMLPkSigning: Zero mutableSeed --- xcode/OLMKit/OLMPkSigning.m | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xcode/OLMKit/OLMPkSigning.m b/xcode/OLMKit/OLMPkSigning.m index e3f1a61..d5c7d09 100644 --- a/xcode/OLMKit/OLMPkSigning.m +++ b/xcode/OLMKit/OLMPkSigning.m @@ -72,6 +72,8 @@ return nil; } + [mutableSeed resetBytesInRange:NSMakeRange(0, mutableSeed.length)]; + NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding]; return publicKey; }