timoreo/olm
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
338 commits 42 branches 39 tags 4.5 MiB
Commit graph

338 commits

This branch
This branch
All branches
Author SHA1 Message Date
Richard van der Hoff
819f0d24db Merge pull request #40 from matrix-org/rav/fix_encryption 
Avoid buffer overrun on encryption
 2016-12-16 15:01:45 +00:00
Richard van der Hoff
8e554ab5ef Avoid buffer overrun on encryption 
Make sure we null-terminate encrypted strings before passing them to
UTF8ToString.

This used to work when we allocated the buffer on the stack, because it turns
out that allocate() zeroinits the returned memory. malloc(), of course, does
not.
 2016-12-16 14:42:41 +00:00
Richard van der Hoff
7fd63bcac7 Merge pull request #39 from matrix-org/rav/messages_on_heap 
Allocate memory for message blobs on the heap
 2016-12-15 16:54:39 +00:00
Richard van der Hoff
09b3e1eecd typo 2016-12-15 16:28:30 +00:00
Richard van der Hoff
8356fa37ad zero out plaintext buffers 
Avoid leaving copies of the plaintext sitting around in the emscripten heap.
 2016-12-15 13:37:34 +00:00
Richard van der Hoff
2e04868c46 Merge pull request #38 from matrix-org/rav/handle_load_exceptions 
Better handling of exceptions during loading, and import OLM_OPTIONS
 2016-12-14 14:34:39 +00:00
Richard van der Hoff
76610c0a3a Allocate memory for message blobs on the heap 
Messages can be very large, so we don't really want to allocate them on the
stack. Switch to using the heap for them, and try to clean up some of the
string handling while we're at it.
 2016-12-14 12:05:56 +00:00
Richard van der Hoff
51b141ecb6 Let apps override emscripten settings 
Read settings from OLM_OPTIONS to allow apps to configure some options. In
particular, this is useful for setting the heap size.
 2016-12-14 11:46:12 +00:00
Richard van der Hoff
1bf807bf33 Better handling of exceptions during loading 
If we get an exception during load, don't define half of window.Olm (which
confuses apps).

This is a partial fix to https://github.com/vector-im/riot-web/issues/2726.
 2016-12-12 16:52:03 +00:00
Richard van der Hoff
f6c05be8c5 Add a document on signing keys 2016-10-27 11:55:48 +01:00
Richard van der Hoff
700596b46a Update python wrapper to run against libolm.so.2 2016-10-25 14:50:15 +01:00
Richard van der Hoff
2d7b10a160 Merge branch 'release-v2.0.0' 2016-10-25 14:50:03 +01:00
Mark Haines
7e9f3bebb8 Document the return values for olm_matches_inbound_session 2016-10-25 14:42:10 +01:00
Richard van der Hoff
27c7b4a767 Version bump for 2.0.0 2016-10-25 11:35:20 +01:00
Richard van der Hoff
d02c457da5 Changelog: Mention install-headers 2016-10-24 17:22:43 +01:00
Richard van der Hoff
4367afc65e Prepare changelog for v2.0.0 2016-10-24 16:51:20 +01:00
Richard van der Hoff
64130c1f8b Fix broken fuzzer compilation 
fuzz_group_decrypt.cpp got broken by 653790e; fix it up
 2016-10-24 16:32:21 +01:00
Richard van der Hoff
05b48086a4 remove redundant svg 2016-10-24 15:52:05 +01:00
Richard van der Hoff
807fec2ebf double_ratchet.svg 2016-10-24 15:17:27 +01:00
Richard van der Hoff
d8136096c0 Merge pull request #33 from matrix-org/rav/pickle_length 
Return the base64-encoded length of pickles
 2016-10-24 10:43:43 +01:00
Mark Haines
8de0f1fbb3 Merge pull request #32 from matrix-org/markjh/replay 
Document the potential for message replays and possible mitigations
 2016-10-24 10:28:54 +01:00
Richard van der Hoff
a7310c5821 Return the base64-encoded length of pickles 
make olm_pickle_* return the lengths of the base64-encoded pickles, rather than
the raw pickle. (From the application's POV, the format of the pickle is
opaque: it doesn't even know that it is base64-encoded. So returning the length
of the raw pickle is particularly unhelpful.)
 2016-10-24 10:06:06 +01:00
Richard van der Hoff
d1a535861d Merge branch 'rav/clear_random_bufs' 2016-10-21 17:36:06 +01:00
Richard van der Hoff
21ce3491dd Clear random buf in olm_init_outbound_group_session 
All the other methods clear their random inputs. This one needs to do the same,
to reduce the risk of the randomness being used elsewhere and leaking key info.
 2016-10-21 17:19:59 +01:00
Mark Haines
884ad02413 Spelling 2016-10-21 17:07:26 +01:00
Mark Haines
092bf880f5 s/they've/they have/ 2016-10-21 15:45:33 +01:00
Mark Haines
0a7d4e35cc Reword and s/message index/ratchet index/ 2016-10-21 15:44:53 +01:00
Mark Haines
8c4a11a92d Document the potential for message replays and possible mitigations 2016-10-21 15:13:20 +01:00
Mark Haines
5a98012c0d Merge pull request #31 from matrix-org/markjh/groupmessageindex 
Return the message index when decrypting group messages.
 2016-10-21 09:57:42 +01:00
Mark Haines
9a8d2d15d9 Check the message index in the tests 2016-10-20 11:51:56 +01:00
Richard van der Hoff
65b3345317 Merge branch 'master' 2016-10-20 11:43:41 +01:00
Richard van der Hoff
68d98234e1 Merge pull request #30 from matrix-org/rav/misc_docs 
Add notes on limitations to megolm spec
 2016-10-20 11:42:09 +01:00
Mark Haines
3091dc2b1d Add NULL check for message_index pointer 2016-10-20 11:35:45 +01:00
Mark Haines
653790eacb Return the message index when decrypting group messages. 
Applications can use the index to detect replays of the same message.
 2016-10-20 09:58:55 +01:00
Richard van der Hoff
5f1b93bd0f s/ephemeral/one-time/ in olm spec 
We're standardising on 'one-time keys' as a term for the thing that Bob uploads
for prekey messages.
 2016-10-19 19:18:58 +01:00
Richard van der Hoff
df04cd509a Add notes on limitations to megolm spec 2016-10-19 19:16:23 +01:00
Richard van der Hoff
23fdc0b0f9 Link to the megolm spec 2016-10-19 19:14:18 +01:00
Richard van der Hoff
d48dc81976 Document the unknown key-share attacks and mitigation (#29) 2016-10-19 17:27:24 +01:00
Richard van der Hoff
351b26fa6e Merge pull request #28 from matrix-org/rav/fix_megolm_segfault 
Fix a buffer bounds check when decoding group messages
 2016-10-19 15:21:07 +01:00
Richard van der Hoff
780203b054 Merge pull request #27 from matrix-org/rav/fuzzers_readme 
Add a README for the fuzzers
 2016-10-19 15:20:54 +01:00
Richard van der Hoff
1ff64391ed Fix a buffer bounds check when decoding group messages 
Fixes a segfault when a group message had exactly the length of the mac +
signature.

Also tweak skipping of unknown tags to avoid an extra trip around the loop.
 2016-10-19 15:03:40 +01:00
Richard van der Hoff
cada801de5 Add a README for the fuzzers 2016-10-19 14:59:50 +01:00
Matthew Hodgson
38acc352a3 fix missing ctypes function signatures 
These missing signatures were causing OSX to truncate 64-bit pointers
to 32-bit pointers when calling the missing methods, causing segfaults
 2016-10-02 02:50:52 +01:00
Matthew Hodgson
68ec41f8ca s/PCKS/PKCS/ 2016-10-02 00:48:06 +01:00
Matthew Hodgson
63800ad8e6 s/PCKS/PKCS/ 2016-10-02 00:47:29 +01:00
Matthew Hodgson
6d80d934cd typo 2016-09-28 18:49:56 +01:00
Richard van der Hoff
8a8d100ee5 Makefile: install-headers is phony 2016-09-23 12:22:34 +01:00
Emmanuel Gil Peyrot
7c9b2f6395 Add a Makefile rule to install the headers 
Signed-off-by: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
 2016-09-23 12:17:44 +01:00
Richard van der Hoff
6ea9fb450e Merge branch 'rav/megolm_spec' 2016-09-23 11:55:28 +01:00
Richard van der Hoff
4049261867 megolm.rst: link to protobuf spec 2016-09-23 11:54:35 +01:00