Commit graph

880 commits

Author SHA1 Message Date
Denis Kasak
b90f9ee7d3 Fix typo in docstring (repeated word). 2021-06-04 22:24:15 +00:00
Denis Kasak
6ed8d687e8 Document olm_create_inbound_session_from properly.
The old docstring was the same as olm_create_inbound_session and didn't
explain the difference between them.
2021-06-04 22:24:15 +00:00
Denis Kasak
3e6592e445 Compile ASAN and MSAN versions of fuzzer harnesses too. 2021-06-02 14:02:19 +02:00
Denis Kasak
56df2613f3 Switch to afl-clang-fast(++).
This type of instrumentation is much faster (several times over) and
supports much more features than afl-gcc/afl-g++, though it requires
a LLVM/clang installation.
2021-06-02 14:02:19 +02:00
Hubert Chathi
64afab9364 prepare for release 2021-06-01 13:44:45 -04:00
Benoit Marty
995def932e Fix issue with Jitpack build 2021-05-28 18:12:50 +02:00
Hubert Chathi
d856c441b6 use Python 3 2021-05-24 10:32:57 -04:00
Hubert Chathi
22bc1155ed prepare for release 2021-05-24 10:29:24 -04:00
Hubert Chathi
891a5f22c8 fix path 2021-05-24 10:27:28 -04:00
Denis Kasak
ccc0d122ee olm_pk_decrypt: Ensure inputs are of correct length. 2021-05-24 15:50:14 +02:00
Denis Kasak
2f35e0bc61 olm_sas_set_their_key: Fail early on invalid base64. 2021-05-24 15:50:14 +02:00
Denis Kasak
e82f2601b0 Fail decoding base64 of invalid length.
olm::decode_base64 now returns the length of the raw decoded data on
success. When given input with an invalid base64 length, it fails early
(before decoding any input) and returns -1.

This also makes the C function _olm_decode_base64 an actual binding of
olm::decode_base64 instead of a wrapper with slightly different
behaviour.
2021-05-24 15:50:14 +02:00
Denis Kasak
a5efc08ef3 olm: Also initialize all fields when decoding Olm messages.
As a precaution.
2021-05-11 13:32:23 +02:00
Denis Kasak
c325db02fc megolm: Fix use of uninitialized value in group message decoding.
_olm_decode_group_message should initialize all fields of the results
struct before returning. This is because its caller
_decrypt_max_plaintext_length relies on it having initialized these
fields.

Luckily, this only allows one to subvert the version check in
_decrypt_max_plaintext_length, but not the following check that the
ciphertext field is non-null because that field *is* initialized.
2021-05-11 13:23:19 +02:00
Denis Kasak
0a7b6da9a0 Slightly refactor/comment the harness for clarity. 2021-05-10 21:04:44 +00:00
Denis Kasak
8d1cfd207a Fix a fuzzing harness double free when input is of size 0.
Consider the case when the input is size 0. In this case, `count` and
`buffer_pos` will be 0 as well. The `realloc` call in the `count == 0`
branch will then effectively become a free.

However, `realloc` can sometimes return `NULL` when a 0 is passed for
the size. The current code assumes that this only happens on a memory
allocation error and breaks out of the loop. This then becomes a double
free because the buffer is freed a second time, causing an abort.

The intent of the `realloc` is probably to downsize the buffer to fit
the data exactly in order to make incorrect memory access more obvious.
This commit skips this downsizing if the size of the input data is 0.
2021-05-10 21:04:44 +00:00
Arun Babu Neelicattu
15f65283c7 make: Replace deprecated emcc configuration
EXTRA_EXPORTED_RUNTIME_METHODS is deprecated. Replace with
EXPORTED_RUNTIME_METHODS.
2021-05-10 20:40:42 +00:00
Arun Babu Neelicattu
0684eb4564 ci: add initial build pipeline 2021-05-10 20:40:42 +00:00
Arun Babu Neelicattu
b0a05976ea python: remove tox basepython configuration 2021-05-10 20:40:42 +00:00
Hubert Chathi
18ad6cb067 Merge branch 'fix-ncc-audit-url' into 'master'
Fix URL to the NCC Group audit.

See merge request matrix-org/olm!22
2021-05-04 21:58:35 +00:00
Hubert Chathi
d7c3971f9a update release instructions 2021-05-04 17:54:05 -04:00
Denis Kasak
c95677611c Fix URL to the NCC Group audit.
The original URL is now redirecting to a generic listing page and there
are no links to the actual Olm audit paper there.
2021-05-04 15:09:29 +02:00
Lukas Lihotzki
7f53dedca6 Declare olm_sas_calculate_mac_fixed_base64 in header
Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
2021-04-27 16:18:33 -04:00
Hubert Chathi
3b3f2c71dc Merge branch 'bma/upgrade_gradle' into 'master'
Update gradle wrapper and build tools

See merge request matrix-org/olm!20
2021-04-16 20:17:51 +00:00
Benoit Marty
f1d8efd821 Simplify assertions using suggestion from IDE 2021-04-16 21:57:57 +02:00
Benoit Marty
1694f15ffb Fix test compilation and run test with success
Using command `./gradlew connectedAndroidTest` on an API 21 emulator
2021-04-16 21:50:13 +02:00
Benoit Marty
4d2522a65c Update gradle wrapper and build tools
BuildConfig.VERSION_NAME is not available anymore when building library
Also replace JCenter by MavenCentral
2021-04-16 21:08:55 +02:00
Hubert Chathi
dbbf467075 Merge branch 'manu/swift_package_manager' into 'master'
Xcode: Add support of Swift Package Manager

See merge request matrix-org/olm!19
2021-04-06 18:22:51 +00:00
manuroe
26bd2fc35d Swift package: Update instructions 2021-04-06 17:18:50 +02:00
manuroe
09fbb9e966 Xcode: Add support of Swift Package Manager
Made by Johennes at https://github.com/matrix-org/olm/issues/51#issuecomment-809128833
2021-04-02 19:16:11 +02:00
Hubert Chathi
f16377822f Add LibreJS license tag 2021-03-31 16:11:41 -04:00
Matthew Hodgson
09384b4d45 spell ephemeral correctly... 2021-03-18 01:29:23 +00:00
Hubert Chathi
bcb89bcc24 add Common Lisp bindings 2021-03-02 16:13:39 -05:00
Hubert Chathi
3745ea57bb bump version number and add changelog 2021-02-22 17:06:13 -05:00
Hubert Chathi
0bb0f85e18 don't use variables that haven't been set yet 2021-02-22 16:54:35 -05:00
Hubert Chathi
21ba95ade5 create and install a pkg-config file on Unix-like systems 2021-02-22 16:54:26 -05:00
Hubert Chathi
cabefb17dc rename npm package to @matrix-org/olm
to be published via our gitlab repository
2021-02-22 15:41:29 -05:00
Hubert Chathi
a07e27cfa5 Merge branch 'sas-base64-fix' into 'master'
sas: Fix the base64 encoding of the MAC.

See merge request matrix-org/olm!16
2021-02-19 22:18:28 +00:00
Hubert Chathi
23e0486007 Merge branch 'manu/olmkit_pickling_v2' into 'master'
OLMKit:  New pickle version using a pickle key provided externally

See merge request matrix-org/olm!17
2021-02-19 19:23:21 +00:00
manuroe
4be7cc367b OLMKit: Forgot to implement pickle v2 for OLMSession 2021-02-19 12:00:03 +01:00
manuroe
b69b56d0bb OLMKit: New pickle version using a pickle key provided externally
Improve ObjC wrappers so that they can use a pickle key provided by the olm lib user.

This new behavior is optional to not break existing usage.

It is retro compatible and use pickle versioning already in place. 
Existing key will be unpickled with pickle v1 and pickled with pickle v2 if an external pickle key is provided.
2021-02-19 09:23:36 +01:00
Damir Jelić
f46577a06a sas: Introduce a new calculate mac function to fix the base64 issue
Since it's important to keep backwards compatibility introduce a new
function to calculate the MAC using a SAS object.

Modifying the existing functions would break compatibility with older
releases of libolm.
2021-02-02 16:58:28 +01:00
Damir Jelić
4e927eb1cf sas: Fix the base64 encoding of the MAC.
When calculating the MAC for a message using olm_sas_calculate_mac() and
olm_sas_calculate_mac_long_kdf() the resulting MAC will be base64
encoded using _olm_encode_base64().

The _olm_encode_base64() method requires an input buffer and output
buffer to be passed alongside the input length. The method is called
with the same buffer, containing the MAC, for the input buffer as well
as for the output buffer. This results in an incorrectly base64 encoded
MAC.

For example the byte array:
    [121, 105, 187, 19, 37, 94, 119, 248, 224, 34, 94, 29, 157, 5,
     15, 230, 246, 115, 236, 217, 80, 78, 56, 200, 80, 200, 82, 158,
     168, 179, 10, 230]

will be encoded as  eWm7NyVeVmXgbVhnYlZobllsWm9ibGxzV205aWJHeHo
instead of as       eWm7EyVed/jgIl4dnQUP5vZz7NlQTjjIUMhSnqizCuY

Notice the different value at the 10th character.

The correct result can be independently checked using Python for
example:

>>> from base64 import b64encode
>>> mac = [121, 105, 187, 19, 37, 94, 119, 248, 224, 34, 94, 29, 157, \
           5, 15, 230, 246, 115, 236, 217, 80, 78, 56, 200, 80, 200, \
           82, 158, 168, 179, 10, 230]
>>> b64encode(bytearray(mac)).rstrip(b"=")
>>> b'eWm7EyVed/jgIl4dnQUP5vZz7NlQTjjIUMhSnqizCuY'

This happens because the encode_base64() method that is used does not support
in-place encoding in the general case. This is because the remainder for a 32
bit input will always be 2 (32 % 6 == 2).

The remainder will be used over here:
c01164f001/src/base64.cpp (L74)

The logic that gets executed if a remainder exists depends on the original input
values, since those already got in-place encoded the whole block will behave
differently if the input buffer is the same as the output buffer.
2021-01-31 12:56:32 +01:00
Hubert Chathi
c01164f001 add link to nim binding 2021-01-14 12:40:52 -05:00
Tobias Furuholm
541a2bf6fd Fix length calculation of fallback key json 2020-11-24 13:47:27 -05:00
Richard van der Hoff
b9771dae61 DH ratchet sequence diagram 2020-11-23 18:33:26 +00:00
Richard van der Hoff
11d34f79af update double-ratchet diagrams 2020-11-23 18:33:26 +00:00
Hubert Chathi
1fd8d2978f fix typo 2020-11-23 13:17:08 -05:00
Hubert Chathi
64b8bc11cb use the right version in the changelog 2020-10-29 16:35:17 -04:00
Hubert Chathi
8efa0ec17d Use current source directory in CMake. Thanks to Gorgurov Alexey. 2020-10-29 16:26:06 -04:00