Merge pull request #71 from matrix-org/js_sanitising
zero buffers in the JavaScript bindings
This commit is contained in:
commit
c4c3055f83
4 changed files with 260 additions and 90 deletions
|
@ -29,9 +29,17 @@ InboundGroupSession.prototype['pickle'] = restore_stack(function(key) {
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
inbound_group_session_method(Module['_olm_pickle_inbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
inbound_group_session_method(Module['_olm_pickle_inbound_group_session'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(pickle_buffer);
|
return Pointer_stringify(pickle_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -40,28 +48,52 @@ InboundGroupSession.prototype['unpickle'] = restore_stack(function(key, pickle)
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_array = array_from_string(pickle);
|
var pickle_array = array_from_string(pickle);
|
||||||
var pickle_buffer = stack(pickle_array);
|
var pickle_buffer = stack(pickle_array);
|
||||||
inbound_group_session_method(Module['_olm_unpickle_inbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
inbound_group_session_method(Module['_olm_unpickle_inbound_group_session'])(
|
||||||
pickle_array.length
|
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
||||||
);
|
pickle_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
InboundGroupSession.prototype['create'] = restore_stack(function(session_key) {
|
InboundGroupSession.prototype['create'] = restore_stack(function(session_key) {
|
||||||
var key_array = array_from_string(session_key);
|
var key_array = array_from_string(session_key);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
|
|
||||||
inbound_group_session_method(Module['_olm_init_inbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length
|
inbound_group_session_method(Module['_olm_init_inbound_group_session'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
InboundGroupSession.prototype['import_session'] = restore_stack(function(session_key) {
|
InboundGroupSession.prototype['import_session'] = restore_stack(function(session_key) {
|
||||||
var key_array = array_from_string(session_key);
|
var key_array = array_from_string(session_key);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
|
|
||||||
inbound_group_session_method(Module['_olm_import_inbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length
|
inbound_group_session_method(Module['_olm_import_inbound_group_session'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
InboundGroupSession.prototype['decrypt'] = restore_stack(function(
|
InboundGroupSession.prototype['decrypt'] = restore_stack(function(
|
||||||
|
@ -140,7 +172,9 @@ InboundGroupSession.prototype['export_session'] = restore_stack(function(message
|
||||||
outbound_group_session_method(Module['_olm_export_inbound_group_session'])(
|
outbound_group_session_method(Module['_olm_export_inbound_group_session'])(
|
||||||
this.ptr, key, key_length, message_index
|
this.ptr, key, key_length, message_index
|
||||||
);
|
);
|
||||||
return Pointer_stringify(key);
|
var key_str = Pointer_stringify(key);
|
||||||
|
bzero(key, key_length); // clear out a copy of the key
|
||||||
|
return key_str;
|
||||||
});
|
});
|
||||||
|
|
||||||
olm_exports['InboundGroupSession'] = InboundGroupSession;
|
olm_exports['InboundGroupSession'] = InboundGroupSession;
|
||||||
|
|
|
@ -29,9 +29,17 @@ OutboundGroupSession.prototype['pickle'] = restore_stack(function(key) {
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
outbound_group_session_method(Module['_olm_pickle_outbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
outbound_group_session_method(Module['_olm_pickle_outbound_group_session'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(pickle_buffer);
|
return Pointer_stringify(pickle_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -40,10 +48,18 @@ OutboundGroupSession.prototype['unpickle'] = restore_stack(function(key, pickle)
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_array = array_from_string(pickle);
|
var pickle_array = array_from_string(pickle);
|
||||||
var pickle_buffer = stack(pickle_array);
|
var pickle_buffer = stack(pickle_array);
|
||||||
outbound_group_session_method(Module['_olm_unpickle_outbound_group_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
outbound_group_session_method(Module['_olm_unpickle_outbound_group_session'])(
|
||||||
pickle_array.length
|
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
||||||
);
|
pickle_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
OutboundGroupSession.prototype['create'] = restore_stack(function() {
|
OutboundGroupSession.prototype['create'] = restore_stack(function() {
|
||||||
|
@ -116,7 +132,9 @@ OutboundGroupSession.prototype['session_key'] = restore_stack(function() {
|
||||||
outbound_group_session_method(Module['_olm_outbound_group_session_key'])(
|
outbound_group_session_method(Module['_olm_outbound_group_session_key'])(
|
||||||
this.ptr, key, key_length
|
this.ptr, key, key_length
|
||||||
);
|
);
|
||||||
return Pointer_stringify(key);
|
var key_str = Pointer_stringify(key);
|
||||||
|
bzero(key, key_length); // clear out our copy of the key
|
||||||
|
return key_str;
|
||||||
});
|
});
|
||||||
|
|
||||||
OutboundGroupSession.prototype['message_index'] = function() {
|
OutboundGroupSession.prototype['message_index'] = function() {
|
||||||
|
|
|
@ -33,15 +33,15 @@ PkEncryption.prototype['set_recipient_key'] = restore_stack(function(key) {
|
||||||
PkEncryption.prototype['encrypt'] = restore_stack(function(
|
PkEncryption.prototype['encrypt'] = restore_stack(function(
|
||||||
plaintext
|
plaintext
|
||||||
) {
|
) {
|
||||||
var plaintext_buffer, ciphertext_buffer, plaintext_length;
|
var plaintext_buffer, ciphertext_buffer, plaintext_length, random, random_length;
|
||||||
try {
|
try {
|
||||||
plaintext_length = lengthBytesUTF8(plaintext)
|
plaintext_length = lengthBytesUTF8(plaintext)
|
||||||
plaintext_buffer = malloc(plaintext_length + 1);
|
plaintext_buffer = malloc(plaintext_length + 1);
|
||||||
stringToUTF8(plaintext, plaintext_buffer, plaintext_length + 1);
|
stringToUTF8(plaintext, plaintext_buffer, plaintext_length + 1);
|
||||||
var random_length = pk_encryption_method(
|
random_length = pk_encryption_method(
|
||||||
Module['_olm_pk_encrypt_random_length']
|
Module['_olm_pk_encrypt_random_length']
|
||||||
)();
|
)();
|
||||||
var random = random_stack(random_length);
|
random = random_stack(random_length);
|
||||||
var ciphertext_length = pk_encryption_method(
|
var ciphertext_length = pk_encryption_method(
|
||||||
Module['_olm_pk_ciphertext_length']
|
Module['_olm_pk_ciphertext_length']
|
||||||
)(this.ptr, plaintext_length);
|
)(this.ptr, plaintext_length);
|
||||||
|
@ -82,6 +82,10 @@ PkEncryption.prototype['encrypt'] = restore_stack(function(
|
||||||
"ephemeral": Pointer_stringify(ephemeral_buffer)
|
"ephemeral": Pointer_stringify(ephemeral_buffer)
|
||||||
};
|
};
|
||||||
} finally {
|
} finally {
|
||||||
|
if (random !== undefined) {
|
||||||
|
// clear out the random buffer, since it is key data
|
||||||
|
bzero(random, random_length);
|
||||||
|
}
|
||||||
if (plaintext_buffer !== undefined) {
|
if (plaintext_buffer !== undefined) {
|
||||||
// don't leave a copy of the plaintext in the heap.
|
// don't leave a copy of the plaintext in the heap.
|
||||||
bzero(plaintext_buffer, plaintext_length + 1);
|
bzero(plaintext_buffer, plaintext_length + 1);
|
||||||
|
@ -126,11 +130,16 @@ PkDecryption.prototype['init_with_private_key'] = restore_stack(function (privat
|
||||||
Module['_olm_pk_key_length']
|
Module['_olm_pk_key_length']
|
||||||
)();
|
)();
|
||||||
var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH);
|
var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
pk_decryption_method(Module['_olm_pk_key_from_private'])(
|
try {
|
||||||
this.ptr,
|
pk_decryption_method(Module['_olm_pk_key_from_private'])(
|
||||||
pubkey_buffer, pubkey_length,
|
this.ptr,
|
||||||
private_key_buffer, private_key.length
|
pubkey_buffer, pubkey_length,
|
||||||
);
|
private_key_buffer, private_key.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out our copy of the private key
|
||||||
|
bzero(private_key_buffer, private_key.length);
|
||||||
|
}
|
||||||
return Pointer_stringify(pubkey_buffer);
|
return Pointer_stringify(pubkey_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -143,11 +152,16 @@ PkDecryption.prototype['generate_key'] = restore_stack(function () {
|
||||||
Module['_olm_pk_key_length']
|
Module['_olm_pk_key_length']
|
||||||
)();
|
)();
|
||||||
var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH);
|
var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
pk_decryption_method(Module['_olm_pk_key_from_private'])(
|
try {
|
||||||
this.ptr,
|
pk_decryption_method(Module['_olm_pk_key_from_private'])(
|
||||||
pubkey_buffer, pubkey_length,
|
this.ptr,
|
||||||
random_buffer, random_length
|
pubkey_buffer, pubkey_length,
|
||||||
);
|
random_buffer, random_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out the random buffer (= private key)
|
||||||
|
bzero(random_buffer, random_length);
|
||||||
|
}
|
||||||
return Pointer_stringify(pubkey_buffer);
|
return Pointer_stringify(pubkey_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -160,7 +174,14 @@ PkDecryption.prototype['get_private_key'] = restore_stack(function () {
|
||||||
this.ptr,
|
this.ptr,
|
||||||
privkey_buffer, privkey_length
|
privkey_buffer, privkey_length
|
||||||
);
|
);
|
||||||
return new Uint8Array(Module['HEAPU8'].buffer, privkey_buffer, privkey_length);
|
// The inner Uint8Array creates a view of the buffer. The outer Uint8Array
|
||||||
|
// copies it to a new array to return, since the original buffer will get
|
||||||
|
// deallocated from the stack and could get overwritten.
|
||||||
|
var key_arr = new Uint8Array(
|
||||||
|
new Uint8Array(Module['HEAPU8'].buffer, privkey_buffer, privkey_length)
|
||||||
|
);
|
||||||
|
bzero(privkey_buffer, privkey_length); // clear out our copy of the key
|
||||||
|
return key_arr;
|
||||||
});
|
});
|
||||||
|
|
||||||
PkDecryption.prototype['pickle'] = restore_stack(function (key) {
|
PkDecryption.prototype['pickle'] = restore_stack(function (key) {
|
||||||
|
@ -170,9 +191,17 @@ PkDecryption.prototype['pickle'] = restore_stack(function (key) {
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
pk_decryption_method(Module['_olm_pickle_pk_decryption'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
pk_decryption_method(Module['_olm_pickle_pk_decryption'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(pickle_buffer);
|
return Pointer_stringify(pickle_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -185,10 +214,18 @@ PkDecryption.prototype['unpickle'] = restore_stack(function (key, pickle) {
|
||||||
Module["_olm_pk_key_length"]
|
Module["_olm_pk_key_length"]
|
||||||
)();
|
)();
|
||||||
var ephemeral_buffer = stack(ephemeral_length + NULL_BYTE_PADDING_LENGTH);
|
var ephemeral_buffer = stack(ephemeral_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
pk_decryption_method(Module['_olm_unpickle_pk_decryption'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
pk_decryption_method(Module['_olm_unpickle_pk_decryption'])(
|
||||||
pickle_array.length, ephemeral_buffer, ephemeral_length
|
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
||||||
);
|
pickle_array.length, ephemeral_buffer, ephemeral_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(ephemeral_buffer);
|
return Pointer_stringify(ephemeral_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -91,11 +91,19 @@ Account.prototype['sign'] = restore_stack(function(message) {
|
||||||
var message_array = array_from_string(message);
|
var message_array = array_from_string(message);
|
||||||
var message_buffer = stack(message_array);
|
var message_buffer = stack(message_array);
|
||||||
var signature_buffer = stack(signature_length + NULL_BYTE_PADDING_LENGTH);
|
var signature_buffer = stack(signature_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
account_method(Module['_olm_account_sign'])(
|
try {
|
||||||
this.ptr,
|
account_method(Module['_olm_account_sign'])(
|
||||||
message_buffer, message_array.length,
|
this.ptr,
|
||||||
signature_buffer, signature_length
|
message_buffer, message_array.length,
|
||||||
);
|
signature_buffer, signature_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the message, which may be plaintext
|
||||||
|
bzero(message_buffer, message_array.length);
|
||||||
|
for (var i = 0; i < message_array.length; i++) {
|
||||||
|
message_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(signature_buffer);
|
return Pointer_stringify(signature_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -145,9 +153,17 @@ Account.prototype['pickle'] = restore_stack(function(key) {
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
account_method(Module['_olm_pickle_account'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
account_method(Module['_olm_pickle_account'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(pickle_buffer);
|
return Pointer_stringify(pickle_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -156,10 +172,18 @@ Account.prototype['unpickle'] = restore_stack(function(key, pickle) {
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_array = array_from_string(pickle);
|
var pickle_array = array_from_string(pickle);
|
||||||
var pickle_buffer = stack(pickle_array);
|
var pickle_buffer = stack(pickle_array);
|
||||||
account_method(Module['_olm_unpickle_account'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
account_method(Module['_olm_unpickle_account'])(
|
||||||
pickle_array.length
|
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
||||||
);
|
pickle_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
function Session() {
|
function Session() {
|
||||||
|
@ -193,9 +217,17 @@ Session.prototype['pickle'] = restore_stack(function(key) {
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
session_method(Module['_olm_pickle_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
session_method(Module['_olm_pickle_session'])(
|
||||||
);
|
this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(pickle_buffer);
|
return Pointer_stringify(pickle_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -204,10 +236,18 @@ Session.prototype['unpickle'] = restore_stack(function(key, pickle) {
|
||||||
var key_buffer = stack(key_array);
|
var key_buffer = stack(key_array);
|
||||||
var pickle_array = array_from_string(pickle);
|
var pickle_array = array_from_string(pickle);
|
||||||
var pickle_buffer = stack(pickle_array);
|
var pickle_buffer = stack(pickle_array);
|
||||||
session_method(Module['_olm_unpickle_session'])(
|
try {
|
||||||
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
session_method(Module['_olm_unpickle_session'])(
|
||||||
pickle_array.length
|
this.ptr, key_buffer, key_array.length, pickle_buffer,
|
||||||
);
|
pickle_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the pickle key
|
||||||
|
bzero(key_buffer, key_array.length)
|
||||||
|
for (var i = 0; i < key_array.length; i++) {
|
||||||
|
key_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Session.prototype['create_outbound'] = restore_stack(function(
|
Session.prototype['create_outbound'] = restore_stack(function(
|
||||||
|
@ -221,12 +261,17 @@ Session.prototype['create_outbound'] = restore_stack(function(
|
||||||
var one_time_key_array = array_from_string(their_one_time_key);
|
var one_time_key_array = array_from_string(their_one_time_key);
|
||||||
var identity_key_buffer = stack(identity_key_array);
|
var identity_key_buffer = stack(identity_key_array);
|
||||||
var one_time_key_buffer = stack(one_time_key_array);
|
var one_time_key_buffer = stack(one_time_key_array);
|
||||||
session_method(Module['_olm_create_outbound_session'])(
|
try {
|
||||||
this.ptr, account.ptr,
|
session_method(Module['_olm_create_outbound_session'])(
|
||||||
identity_key_buffer, identity_key_array.length,
|
this.ptr, account.ptr,
|
||||||
one_time_key_buffer, one_time_key_array.length,
|
identity_key_buffer, identity_key_array.length,
|
||||||
random, random_length
|
one_time_key_buffer, one_time_key_array.length,
|
||||||
);
|
random, random_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear the random buffer, which is key data
|
||||||
|
bzero(random, random_length);
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Session.prototype['create_inbound'] = restore_stack(function(
|
Session.prototype['create_inbound'] = restore_stack(function(
|
||||||
|
@ -234,9 +279,17 @@ Session.prototype['create_inbound'] = restore_stack(function(
|
||||||
) {
|
) {
|
||||||
var message_array = array_from_string(one_time_key_message);
|
var message_array = array_from_string(one_time_key_message);
|
||||||
var message_buffer = stack(message_array);
|
var message_buffer = stack(message_array);
|
||||||
session_method(Module['_olm_create_inbound_session'])(
|
try {
|
||||||
this.ptr, account.ptr, message_buffer, message_array.length
|
session_method(Module['_olm_create_inbound_session'])(
|
||||||
);
|
this.ptr, account.ptr, message_buffer, message_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the key
|
||||||
|
bzero(message_buffer, message_array.length);
|
||||||
|
for (var i = 0; i < message_array.length; i++) {
|
||||||
|
message_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Session.prototype['create_inbound_from'] = restore_stack(function(
|
Session.prototype['create_inbound_from'] = restore_stack(function(
|
||||||
|
@ -246,11 +299,19 @@ Session.prototype['create_inbound_from'] = restore_stack(function(
|
||||||
var identity_key_buffer = stack(identity_key_array);
|
var identity_key_buffer = stack(identity_key_array);
|
||||||
var message_array = array_from_string(one_time_key_message);
|
var message_array = array_from_string(one_time_key_message);
|
||||||
var message_buffer = stack(message_array);
|
var message_buffer = stack(message_array);
|
||||||
session_method(Module['_olm_create_inbound_session_from'])(
|
try {
|
||||||
this.ptr, account.ptr,
|
session_method(Module['_olm_create_inbound_session_from'])(
|
||||||
identity_key_buffer, identity_key_array.length,
|
this.ptr, account.ptr,
|
||||||
message_buffer, message_array.length
|
identity_key_buffer, identity_key_array.length,
|
||||||
);
|
message_buffer, message_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the key
|
||||||
|
bzero(message_buffer, message_array.length);
|
||||||
|
for (var i = 0; i < message_array.length; i++) {
|
||||||
|
message_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Session.prototype['session_id'] = restore_stack(function() {
|
Session.prototype['session_id'] = restore_stack(function() {
|
||||||
|
@ -296,9 +357,9 @@ Session.prototype['matches_inbound_from'] = restore_stack(function(
|
||||||
Session.prototype['encrypt'] = restore_stack(function(
|
Session.prototype['encrypt'] = restore_stack(function(
|
||||||
plaintext
|
plaintext
|
||||||
) {
|
) {
|
||||||
var plaintext_buffer, message_buffer, plaintext_length;
|
var plaintext_buffer, message_buffer, plaintext_length, random, random_length;
|
||||||
try {
|
try {
|
||||||
var random_length = session_method(
|
random_length = session_method(
|
||||||
Module['_olm_encrypt_random_length']
|
Module['_olm_encrypt_random_length']
|
||||||
)(this.ptr);
|
)(this.ptr);
|
||||||
var message_type = session_method(
|
var message_type = session_method(
|
||||||
|
@ -310,7 +371,7 @@ Session.prototype['encrypt'] = restore_stack(function(
|
||||||
Module['_olm_encrypt_message_length']
|
Module['_olm_encrypt_message_length']
|
||||||
)(this.ptr, plaintext_length);
|
)(this.ptr, plaintext_length);
|
||||||
|
|
||||||
var random = random_stack(random_length);
|
random = random_stack(random_length);
|
||||||
|
|
||||||
// need to allow space for the terminator (which stringToUTF8 always
|
// need to allow space for the terminator (which stringToUTF8 always
|
||||||
// writes), hence + 1.
|
// writes), hence + 1.
|
||||||
|
@ -338,6 +399,10 @@ Session.prototype['encrypt'] = restore_stack(function(
|
||||||
"body": UTF8ToString(message_buffer),
|
"body": UTF8ToString(message_buffer),
|
||||||
};
|
};
|
||||||
} finally {
|
} finally {
|
||||||
|
if (random !== undefined) {
|
||||||
|
// clear out the random buffer, since it is the private key
|
||||||
|
bzero(random, random_length);
|
||||||
|
}
|
||||||
if (plaintext_buffer !== undefined) {
|
if (plaintext_buffer !== undefined) {
|
||||||
// don't leave a copy of the plaintext in the heap.
|
// don't leave a copy of the plaintext in the heap.
|
||||||
bzero(plaintext_buffer, plaintext_length + 1);
|
bzero(plaintext_buffer, plaintext_length + 1);
|
||||||
|
@ -423,11 +488,19 @@ Utility.prototype['sha256'] = restore_stack(function(input) {
|
||||||
var input_array = array_from_string(input);
|
var input_array = array_from_string(input);
|
||||||
var input_buffer = stack(input_array);
|
var input_buffer = stack(input_array);
|
||||||
var output_buffer = stack(output_length + NULL_BYTE_PADDING_LENGTH);
|
var output_buffer = stack(output_length + NULL_BYTE_PADDING_LENGTH);
|
||||||
utility_method(Module['_olm_sha256'])(
|
try {
|
||||||
this.ptr,
|
utility_method(Module['_olm_sha256'])(
|
||||||
input_buffer, input_array.length,
|
this.ptr,
|
||||||
output_buffer, output_length
|
input_buffer, input_array.length,
|
||||||
);
|
output_buffer, output_length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the input buffer, which may be plaintext
|
||||||
|
bzero(input_buffer, input_array.length);
|
||||||
|
for (var i = 0; i < input_array.length; i++) {
|
||||||
|
input_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
return Pointer_stringify(output_buffer);
|
return Pointer_stringify(output_buffer);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -440,12 +513,20 @@ Utility.prototype['ed25519_verify'] = restore_stack(function(
|
||||||
var message_buffer = stack(message_array);
|
var message_buffer = stack(message_array);
|
||||||
var signature_array = array_from_string(signature);
|
var signature_array = array_from_string(signature);
|
||||||
var signature_buffer = stack(signature_array);
|
var signature_buffer = stack(signature_array);
|
||||||
utility_method(Module['_olm_ed25519_verify'])(
|
try {
|
||||||
this.ptr,
|
utility_method(Module['_olm_ed25519_verify'])(
|
||||||
key_buffer, key_array.length,
|
this.ptr,
|
||||||
message_buffer, message_array.length,
|
key_buffer, key_array.length,
|
||||||
signature_buffer, signature_array.length
|
message_buffer, message_array.length,
|
||||||
);
|
signature_buffer, signature_array.length
|
||||||
|
);
|
||||||
|
} finally {
|
||||||
|
// clear out copies of the input buffer, which may be plaintext
|
||||||
|
bzero(message_buffer, message_array.length);
|
||||||
|
for (var i = 0; i < message_array.length; i++) {
|
||||||
|
message_array[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
olm_exports["Account"] = Account;
|
olm_exports["Account"] = Account;
|
||||||
|
|
Loading…
Reference in a new issue