Richard van der Hoff
e2e398bd94
Add some tests for the Javascript wrappers
...
These would have helped avoid the recent FRV.
2016-12-19 09:43:58 +00:00
Richard van der Hoff
819f0d24db
Merge pull request #40 from matrix-org/rav/fix_encryption
...
Avoid buffer overrun on encryption
2016-12-16 15:01:45 +00:00
Richard van der Hoff
8e554ab5ef
Avoid buffer overrun on encryption
...
Make sure we null-terminate encrypted strings before passing them to
UTF8ToString.
This used to work when we allocated the buffer on the stack, because it turns
out that allocate() zeroinits the returned memory. malloc(), of course, does
not.
2016-12-16 14:42:41 +00:00
Richard van der Hoff
7fd63bcac7
Merge pull request #39 from matrix-org/rav/messages_on_heap
...
Allocate memory for message blobs on the heap
2016-12-15 16:54:39 +00:00
Richard van der Hoff
09b3e1eecd
typo
2016-12-15 16:28:30 +00:00
Richard van der Hoff
8356fa37ad
zero out plaintext buffers
...
Avoid leaving copies of the plaintext sitting around in the emscripten heap.
2016-12-15 13:37:34 +00:00
Richard van der Hoff
2e04868c46
Merge pull request #38 from matrix-org/rav/handle_load_exceptions
...
Better handling of exceptions during loading, and import OLM_OPTIONS
2016-12-14 14:34:39 +00:00
Richard van der Hoff
76610c0a3a
Allocate memory for message blobs on the heap
...
Messages can be very large, so we don't really want to allocate them on the
stack. Switch to using the heap for them, and try to clean up some of the
string handling while we're at it.
2016-12-14 12:05:56 +00:00
Richard van der Hoff
51b141ecb6
Let apps override emscripten settings
...
Read settings from OLM_OPTIONS to allow apps to configure some options. In
particular, this is useful for setting the heap size.
2016-12-14 11:46:12 +00:00
Richard van der Hoff
1bf807bf33
Better handling of exceptions during loading
...
If we get an exception during load, don't define half of window.Olm (which
confuses apps).
This is a partial fix to https://github.com/vector-im/riot-web/issues/2726 .
2016-12-12 16:52:03 +00:00
Richard van der Hoff
f6c05be8c5
Add a document on signing keys
2016-10-27 11:55:48 +01:00
Richard van der Hoff
700596b46a
Update python wrapper to run against libolm.so.2
2016-10-25 14:50:15 +01:00
Richard van der Hoff
2d7b10a160
Merge branch 'release-v2.0.0'
2016-10-25 14:50:03 +01:00
Mark Haines
7e9f3bebb8
Document the return values for olm_matches_inbound_session
2016-10-25 14:42:10 +01:00
Richard van der Hoff
27c7b4a767
Version bump for 2.0.0
2016-10-25 11:35:20 +01:00
Richard van der Hoff
d02c457da5
Changelog: Mention install-headers
2016-10-24 17:22:43 +01:00
Richard van der Hoff
4367afc65e
Prepare changelog for v2.0.0
2016-10-24 16:51:20 +01:00
Richard van der Hoff
64130c1f8b
Fix broken fuzzer compilation
...
fuzz_group_decrypt.cpp got broken by 653790e; fix it up
2016-10-24 16:32:21 +01:00
Richard van der Hoff
05b48086a4
remove redundant svg
2016-10-24 15:52:05 +01:00
Richard van der Hoff
807fec2ebf
double_ratchet.svg
2016-10-24 15:17:27 +01:00
Richard van der Hoff
d8136096c0
Merge pull request #33 from matrix-org/rav/pickle_length
...
Return the base64-encoded length of pickles
2016-10-24 10:43:43 +01:00
Mark Haines
8de0f1fbb3
Merge pull request #32 from matrix-org/markjh/replay
...
Document the potential for message replays and possible mitigations
2016-10-24 10:28:54 +01:00
Richard van der Hoff
a7310c5821
Return the base64-encoded length of pickles
...
make olm_pickle_* return the lengths of the base64-encoded pickles, rather than
the raw pickle. (From the application's POV, the format of the pickle is
opaque: it doesn't even know that it is base64-encoded. So returning the length
of the raw pickle is particularly unhelpful.)
2016-10-24 10:06:06 +01:00
Richard van der Hoff
d1a535861d
Merge branch 'rav/clear_random_bufs'
2016-10-21 17:36:06 +01:00
Richard van der Hoff
21ce3491dd
Clear random buf in olm_init_outbound_group_session
...
All the other methods clear their random inputs. This one needs to do the same,
to reduce the risk of the randomness being used elsewhere and leaking key info.
2016-10-21 17:19:59 +01:00
Mark Haines
884ad02413
Spelling
2016-10-21 17:07:26 +01:00
Mark Haines
092bf880f5
s/they've/they have/
2016-10-21 15:45:33 +01:00
Mark Haines
0a7d4e35cc
Reword and s/message index/ratchet index/
2016-10-21 15:44:53 +01:00
Mark Haines
8c4a11a92d
Document the potential for message replays and possible mitigations
2016-10-21 15:13:20 +01:00
Mark Haines
5a98012c0d
Merge pull request #31 from matrix-org/markjh/groupmessageindex
...
Return the message index when decrypting group messages.
2016-10-21 09:57:42 +01:00
Mark Haines
9a8d2d15d9
Check the message index in the tests
2016-10-20 11:51:56 +01:00
Richard van der Hoff
65b3345317
Merge branch 'master'
2016-10-20 11:43:41 +01:00
Richard van der Hoff
68d98234e1
Merge pull request #30 from matrix-org/rav/misc_docs
...
Add notes on limitations to megolm spec
2016-10-20 11:42:09 +01:00
Mark Haines
3091dc2b1d
Add NULL check for message_index pointer
2016-10-20 11:35:45 +01:00
Mark Haines
653790eacb
Return the message index when decrypting group messages.
...
Applications can use the index to detect replays of the same message.
2016-10-20 09:58:55 +01:00
Richard van der Hoff
5f1b93bd0f
s/ephemeral/one-time/ in olm spec
...
We're standardising on 'one-time keys' as a term for the thing that Bob uploads
for prekey messages.
2016-10-19 19:18:58 +01:00
Richard van der Hoff
df04cd509a
Add notes on limitations to megolm spec
2016-10-19 19:16:23 +01:00
Richard van der Hoff
23fdc0b0f9
Link to the megolm spec
2016-10-19 19:14:18 +01:00
Richard van der Hoff
d48dc81976
Document the unknown key-share attacks and mitigation ( #29 )
2016-10-19 17:27:24 +01:00
Richard van der Hoff
351b26fa6e
Merge pull request #28 from matrix-org/rav/fix_megolm_segfault
...
Fix a buffer bounds check when decoding group messages
2016-10-19 15:21:07 +01:00
Richard van der Hoff
780203b054
Merge pull request #27 from matrix-org/rav/fuzzers_readme
...
Add a README for the fuzzers
2016-10-19 15:20:54 +01:00
Richard van der Hoff
1ff64391ed
Fix a buffer bounds check when decoding group messages
...
Fixes a segfault when a group message had exactly the length of the mac +
signature.
Also tweak skipping of unknown tags to avoid an extra trip around the loop.
2016-10-19 15:03:40 +01:00
Richard van der Hoff
cada801de5
Add a README for the fuzzers
2016-10-19 14:59:50 +01:00
Matthew Hodgson
38acc352a3
fix missing ctypes function signatures
...
These missing signatures were causing OSX to truncate 64-bit pointers
to 32-bit pointers when calling the missing methods, causing segfaults
2016-10-02 02:50:52 +01:00
Matthew Hodgson
68ec41f8ca
s/PCKS/PKCS/
2016-10-02 00:48:06 +01:00
Matthew Hodgson
63800ad8e6
s/PCKS/PKCS/
2016-10-02 00:47:29 +01:00
Matthew Hodgson
6d80d934cd
typo
2016-09-28 18:49:56 +01:00
Richard van der Hoff
8a8d100ee5
Makefile: install-headers is phony
2016-09-23 12:22:34 +01:00
Emmanuel Gil Peyrot
7c9b2f6395
Add a Makefile rule to install the headers
...
Signed-off-by: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
2016-09-23 12:17:44 +01:00
Richard van der Hoff
6ea9fb450e
Merge branch 'rav/megolm_spec'
2016-09-23 11:55:28 +01:00