Richard van der Hoff
fae8dacab5
Add a comment explaining Mark's latest fix
2016-05-25 15:44:39 +01:00
Mark Haines
19a7fb5df5
Fix an integer wrap around bug and add a couple more tests
2016-05-25 15:00:05 +01:00
Richard van der Hoff
01ea3d4b9a
Fix handling of integer wraparound in megolm.c
2016-05-24 17:52:35 +01:00
Richard van der Hoff
1f31427139
megolm_advance_to: Remove excessive optimisation
...
There was some slightly overcomplex logic designed to save a couple of hash
operations when R(0) and R(1) were advanced, but the extra code was hard to
understand and didn't save much.
2016-05-24 17:38:43 +01:00
Richard van der Hoff
ef8d24f483
megolm.c: rewrite counter update
...
We no longer need to keep track of intermediate values of the counter, which
means we can update it much more easily.
2016-05-24 17:33:41 +01:00
Richard van der Hoff
f3c0dd76d7
megolm.c: Remove spurious arguments to rehash_part
...
These were left over from when rehash_part did a bunch of logging.
2016-05-24 17:03:42 +01:00
Richard van der Hoff
1b15465c42
Separate base64ing from the rest of msg encoding
...
Factor the actual message encoding/decoding and encrypting/decrypting out to
separate functions from the top-level functions which do the base64-wrangling.
This is particularly helpful in the 'outbound' code-path where the offsets
required to allow room to base64-encode make the flow hard to see when it's all inline.
2016-05-24 16:23:19 +01:00
Richard van der Hoff
a919a149fb
Update megolm_cipher as a global struct
...
Initialise megolm_cipher via the preprocessor macro, instead of with a
function.
2016-05-24 14:54:01 +01:00
Richard van der Hoff
15cb4ec0c0
Build the crypto libs as C99
...
Some of the crypto libs rely on UINT64_C, which in glibc 2.17 and earlier was
not defined for C++ code (see
https://sourceware.org/bugzilla/show_bug.cgi?id=15366 ).
2016-05-24 14:41:49 +01:00
Richard van der Hoff
fa1e9446ac
Use _olm_unset instead of memset
...
memset is at risk of being optimised away, so use _olm_unset instead.
2016-05-24 13:40:21 +01:00
Richard van der Hoff
173cbe112c
Avoid relying on uint -> int casting behaviour
...
The behaviour when casting from a uint32_t which has overflowed (so has the top
bit set) to int32_t is implementation-defined, so let's avoid relying on it.
2016-05-24 13:40:21 +01:00
Richard van der Hoff
fc4756ddf1
Fix up some names, and protobuf tags
...
Make names (of session_key and message_index) more consistent.
Use our own protobuf tags rather than trying to piggyback on the one-to-one
structure.
2016-05-24 13:40:21 +01:00
Richard van der Hoff
a073d12d83
Support for pickling inbound group sessions
2016-05-24 13:40:21 +01:00
Richard van der Hoff
39ad75314b
Implement decrypting inbound group messages
...
Includes creation of inbound sessions, etc
2016-05-24 13:39:34 +01:00
Richard van der Hoff
8b1514c0a6
Implement functions to get the state of outbound session
...
We need to be able to inspect an outbound session so that we can tell our peer
how to set up an inbound session.
2016-05-24 13:39:34 +01:00
Richard van der Hoff
c058554132
Implement pickling/unpickling for outbound group sessions
2016-05-24 13:39:34 +01:00
Richard van der Hoff
caaed796ad
Implementation of an outbound group session
2016-05-24 13:39:34 +01:00
Richard van der Hoff
68d3c7bfa9
Implementation of the megolm ratchet
2016-05-24 13:39:34 +01:00
Richard van der Hoff
42a300fc62
Factor out pickle_encoding from olm.cpp
...
We don't need to have all of the top-level pickling functions in olm.cpp;
factor out the utilities to support it to pickle_encoding.cpp (and make sure
that they have plain-C bindings).
2016-05-24 13:39:32 +01:00
Richard van der Hoff
256bce10fc
Factor out olm_error_to_string to a separate file
...
I want to be able to use this functionality from elsewhere, so factor it out to
its own file.
2016-05-24 13:35:28 +01:00
Richard van der Hoff
2e7800cf65
Merge branch 'rav/c_bindings'
2016-05-24 13:33:33 +01:00
Richard van der Hoff
2fd28a6682
Rewrite _olm_cipher_aes_sha_256 initialisation
...
Replace the init-static-var dance with some preprocessor macros
2016-05-24 12:06:47 +01:00
Richard van der Hoff
d4a3c8dbaa
Remove 'destruct' from cipher_ops
...
We never delete a cipher, and the destruct op is empty, so it's a bit pointless
2016-05-24 09:56:01 +01:00
Mark Haines
b1c5732fc8
Fix bug in bounds check when parsing
2016-05-23 19:37:58 +01:00
Richard van der Hoff
444ef1f706
Prefix for internal symbols
...
Give a load of internal symbols "_olm_" prefixes. This better delineates the
public and private interfaces in the module, and helps avoid internal symbols
leaking out and possibly being abused.
2016-05-23 18:55:06 +01:00
Richard van der Hoff
c57b2b71c5
C bindings for base64 functions
2016-05-23 18:55:06 +01:00
Richard van der Hoff
a1855b99b9
C binding for olm::unset
2016-05-23 18:55:05 +01:00
Richard van der Hoff
07b33acee5
C bindings for pickle functions
2016-05-23 18:55:05 +01:00
Richard van der Hoff
294cf482ea
Convert cipher.hh to plain C
2016-05-23 18:55:05 +01:00
Richard van der Hoff
f9139dfa6a
Convert error.hh to plain C
2016-05-23 18:55:05 +01:00
Richard van der Hoff
e533b0dc8e
Give SHA256 functions C bindings
2016-05-23 18:55:05 +01:00
Richard van der Hoff
4f1bb49d20
Rename olm.hh to olm.h
2016-05-23 18:55:05 +01:00
Richard van der Hoff
182f33f8ae
Complete fixes for olm_*_last_error
...
Should have been in the previous commit :/
2016-05-23 18:54:18 +01:00
Richard van der Hoff
f69577ad99
fix range check in olm_*_last_errror
2016-05-23 18:53:14 +01:00
Richard van der Hoff
c8c5f35bb4
crypto.cpp: Fix comments
...
These seem to be the wrong way around.
2016-05-20 15:37:33 +01:00
Richard van der Hoff
acae4e8438
Remove functions which return strings
...
We don't want anything which does dynamic memory allocation in the library.
2016-05-20 15:07:10 +01:00
Richard van der Hoff
3965320a9c
Remove logging functionality
...
Concerns have been raised that including logging functionality makes it harder
to audit the implementation to ensure that no secret information is leaked. We
are therefore removing it from the master branch.
2016-05-16 11:13:54 +01:00
Richard van der Hoff
b3db0e6ee1
translate logging.cpp to C
2016-05-16 11:05:57 +01:00
Richard van der Hoff
48cb5f925d
Add olm::log_enabled_for
2016-05-16 11:04:26 +01:00
Richard van der Hoff
11dbf2aab3
Fix a bunch of compiler warnings, and turn on warnings.
2016-04-26 18:10:13 +01:00
Richard van der Hoff
9848f84452
Add some logging to help understand what's going on
2016-04-26 17:55:26 +01:00
Richard van der Hoff
e7a2af1ede
Add a basic logging implementation
2016-04-26 12:30:18 +01:00
Richard van der Hoff
25953b350b
Use header files where possible
...
This fixes an incorrect re-declaration of ed25519_sign.
Implement header files for some of the other library bits so that we don't need
to declare functions in crypto.cpp.
2015-12-03 17:08:04 +00:00
Mark Haines
b318055185
Replace hard coded references to the 32-byte key length with a constant, add utilities for copying data to and from fixed sized arrays
2015-08-19 17:32:06 +01:00
Mark Haines
159faa1e2b
Make the internal functions static, remove some unused internal functions
2015-08-18 17:09:55 +01:00
Mark Haines
158f7ee891
Fix crash where the message length was shorter than the length of the mac
2015-08-07 19:33:48 +01:00
Mark Haines
a4b2927884
Initialise the length fields of the reader struct in decode_message, even if the message is invalid, fixes a crash where the message was too short
2015-08-07 18:58:42 +01:00
Mark Haines
76ecd85c2c
Fix a crash when decoding messages that are too short
2015-08-07 18:25:21 +01:00
Mark Haines
39c1f3b355
Add methods for computing sha256 hashes and validating ed25519 signatures
2015-07-24 14:29:52 +01:00
Mark Haines
3468886e27
Add method getting a session id. Update the python and javascript bindings
2015-07-16 11:45:20 +01:00
Mark Haines
89d9b972a6
Add versions of olm_session_create_inbound and olm_session_matches_inbound which take the curve25519 identity key of the remote device we think the message is from as an additional argument
2015-07-16 10:45:10 +01:00
Mark Haines
137aa31e95
olm_account_last_error and olm_clear_account should take an Account not a Session
2015-07-15 13:24:26 +01:00
Mark Haines
a59fbdfe7f
Add a test for pickling and unpickling sessions, fix off by one error when unpickling sessions
2015-07-14 11:32:11 +01:00
Mark Haines
2e49a6f41e
Clear the random buffers once they've been used. Add methods for clearing the account and session object once they've been used
2015-07-10 18:29:14 +01:00
Mark Haines
5ad929104e
Version the pickled objects and check for errors when unpickling them
2015-07-10 18:00:18 +01:00
Mark Haines
b6e248c9a5
Output simpler JSON for the account keys, don't sign the JSON but instead provide a olm_account_sign method so that the user of the library can sign the JSON themselves
2015-07-10 11:57:53 +01:00
Mark Haines
373acefde7
Add c bindings for the methods for managing one time keys
2015-07-09 18:35:54 +01:00
Mark Haines
5634be0507
Add methods for generating new one time keys and for tracking which one time keys have been published
2015-07-09 16:09:16 +01:00
Mark Haines
0e988237f6
Don't pass a key id when creating a new outbound session
2015-07-08 16:04:18 +01:00
Mark Haines
532dc0d4e7
Change the JSON format for one time keys to include what algorithm they are for
2015-07-08 15:30:34 +01:00
Mark Haines
dceae043b3
Remove the RemoteKey type since it wasn't being used
2015-07-08 14:57:55 +01:00
Mark Haines
5291ec78b5
Send the public part of the one time key rather than passing an identifier
2015-07-08 14:53:25 +01:00
Mark Haines
974e0984bd
Update the javascript bindings and demo to match the format of the identity key JSON
2015-07-08 11:16:00 +01:00
Mark Haines
3a382aec59
Encode the account keys as a signed JSON object
2015-07-07 16:42:03 +01:00
Mark Haines
2a873fd4e1
Add functions for creating and verifying ed25519 signatures
2015-07-07 09:50:32 +01:00
Mark Haines
a30a64d179
Rename generate_key to curve25519_generate_key
2015-07-07 09:03:12 +01:00
Mark Haines
f1cd5613f6
Remove the last resort one time key
2015-07-07 09:01:38 +01:00
Mark Haines
667e415c74
Removed SignedKey class
2015-07-07 08:56:18 +01:00
Matthew Hodgson
09d4125ff1
Rename axolotlpp as olm to avoid confusion with Axolotl-the-spec and Axolotl-the-OWS-libraries at moxie's request
2015-06-27 01:15:23 +02:00
Mark Haines
f10c04d62d
reduce the number of one time keys that get generated when we create an account
2015-06-23 17:49:04 +01:00
Mark Haines
8bf32c3248
Fix bug encoding integers larger than 128
2015-06-23 17:47:48 +01:00
Mark Haines
10e7e8123d
Add missing include, fix bug in handling unknown message fields
2015-06-23 15:15:18 +01:00
Mark Haines
39a0873309
This field isn't being used anywhere so don't bother including it in the messages
2015-06-23 10:03:41 +01:00
Mark Haines
043bc43716
Copyright Notices
2015-06-22 17:50:56 +01:00
Mark Haines
492dc1ab58
Add API docs for the axolotl.hh methods
2015-06-22 17:44:56 +01:00
Mark Haines
408530adf9
Add API for removing used one time keys
2015-06-22 11:02:42 +01:00
Mark Haines
76f49cf177
Add a test for the axolotl API
2015-06-16 15:15:40 +01:00
Mark Haines
4abead9e9e
Add c interface which wraps the cpp classes
2015-06-15 17:49:20 +01:00
Mark Haines
7cdde73560
Add base64 encoders and decoders
2015-06-15 17:48:09 +01:00
Mark Haines
026e4394bb
Implement creating a new account
2015-06-15 17:47:22 +01:00
Mark Haines
6fe3b7eb73
Move utils for pickling into a separate file
2015-06-12 16:15:37 +01:00
Mark Haines
28541dd82a
Implement the session key exchange
2015-06-22 14:30:46 +01:00
Mark Haines
6ecea67718
Implement the session key exchange
2015-06-12 14:09:41 +01:00
Mark Haines
08a7e44a96
Pass the message body to decrypt_max_plaintext_length so we can get a more accurate estimate, rename encrypt_max_output_length to encrypt_output_length and change the api to return the exact number of bytes needed to hold the message
2015-06-12 09:08:15 +01:00
Mark Haines
793b9b910a
Start writing the interfaces for session and the account objects
2015-06-11 18:03:22 +01:00
Mark Haines
bcb05d1a99
rename Session to Ratchet
2015-06-11 16:10:55 +01:00
Mark Haines
e44c82a7b4
Add encoder and decoder for PreKey messages
2015-06-11 15:57:45 +01:00
Mark Haines
816435a860
Move AES specific details behind a cipher interface
2015-06-11 14:20:35 +01:00
Mark Haines
a08d706366
Add methods for pickling and unpickling sessions
2015-06-09 18:03:01 +01:00
Mark Haines
8123ce6209
Constant time comparison for mac
2015-03-03 15:08:56 +00:00
Mark Haines
2f2e0340ae
const on right hand side
2015-03-03 15:08:26 +00:00
Mark Haines
a0e9065f1f
Rename the ratchet source and include files from axolotl to ratchet
2015-03-03 11:50:17 +00:00
Mark Haines
315caaba7e
Add functions for signing and verifying messages using curve25519 keys
2015-03-03 11:18:07 +00:00
Mark Haines
c7419e7cdf
Try to ensure the compiler cannot optimise away attempts to erase secrets from memory
2015-02-27 16:11:30 +00:00
Mark Haines
d142eb64dd
Copyright notices and a license
2015-02-26 16:56:25 +00:00
Mark Haines
09d8e84c7c
Implement the axlotl ratchet
2015-02-26 16:30:19 +00:00
Mark Haines
186df91246
Start implementing the ratchet
2015-02-25 17:33:23 +00:00
Mark Haines
a4e5bf9772
Don't bother passing through the mac_length, the caller already knows it since they supplied it
2015-02-25 17:33:00 +00:00
Mark Haines
ba446e7a12
Add a message encoder/decoder
2015-02-25 11:20:12 +00:00
Mark Haines
8df4d9e9b5
Tweak AES cbc to add pcks7 padding bytes
2015-02-25 08:35:53 +00:00