Commit graph

79 commits

Author SHA1 Message Date
David Baker
e521ee84c5 Add an export for the length of a private key 2018-10-02 19:21:05 +01:00
David Baker
0346145a81 Work with PkDecryption keys by their private keys
Change interface to allow the app to get the private part of the
key and instantiate a decryption object from just the private part
of the key.

Changes the function generating a key from random bytes to be
initialising a key with a private key (because it's exactly the
same thing). Exports & imports private key parts as ArrayBuffer at
JS level rather than base64 assuming we are moving that way in
general.
2018-10-02 12:02:56 +01:00
David Baker
c4a3918686 Support passing olm options into init() 2018-09-26 16:38:39 +01:00
David Baker
dfbe8a4796 Return same promise if init() called many times
So we only init the library once.
2018-09-25 17:48:17 +01:00
David Baker
263b94428a Another day, another interface
Change the interface again, hopefully this time a bit more normal.
Now we wrap the emscripten module completely and just expose the
high level objects.

The olm library export is now imported as normal (ie. returns
a module rather than a function returning a module) but has an
`init` method which *must* be called. This returns a promise
which resolves when the module is ready. It also rejects if the
module failed to set up, unlike before (and unlike the
promise-not-a-promise that emscripten returns).

Generally catch failures to init the module.
2018-09-25 17:13:29 +01:00
David Baker
f29d8cdd7b Also ship the wasm file 2018-09-21 16:39:04 +01:00
David Baker
5e87db615a Make OLM_OPTIONS work again
The closure compiler was just renaming the variable so it never
would have picked them up. Make it an extern so it knows what to do.
2018-09-21 16:35:17 +01:00
David Baker
122867c45c WebAssembly support!
Quite a lot going on in this PR:
 * Updates to support recent emscripten, switching to WASM which is now the default
 * Use emscripten's MODULARIZE option rather than wrapping it ourself, since doing
   so in pre-post js doesn't work anymore.
 * Most changes are moving the emscripten runtime functions to top-level
   calls rather than in the Module object.
 * Get rid of duplicated NULL_BYTE_PADDING_LENGTH
 * Fix ciphertext_length used without being declared
 * Fix things that caused the closure compiler to error, eg. using
   OLM_OPTIONS without a declaration.
 * Wait until module is inited to do OLM_ERROR = olm_error()

The main BREAKING CHANGE here is that the module now needs to initialise
asyncronously (because it has to load the wasm file). require()ing olm
now gives a function which needs to be called to create an instance.
The resulting object has a promise-like then() method that can be used
to detect when the module is ready. (We could use MODULARIZE_INSTANCE
to return the module directly as before, rather than the function,
but then we don't get the .then() method).
2018-09-21 16:01:51 +01:00
Hubert Chathi
98e8ee1b0d prepare 2.3.0 2018-07-04 15:24:44 -04:00
Hubert Chathi
f709b062bb add functions for pickling/unpickling a decryption object 2018-06-28 17:10:36 -04:00
Hubert Chathi
3ed0ec226c add termination 2018-06-28 17:03:46 -04:00
Hubert Chathi
552da6eafe use the correct method to get the random length 2018-06-27 17:36:55 -04:00
Hubert Chathi
128d45cc83 add initial implementation of basic private key encryption functionality 2018-06-27 16:38:45 -04:00
Hubert Chathi
3f5b9dd6d7 patch for libolm: fix some typos in JavaScript library
From 4a82d31e8cb808a04956fc847ed0ec0ff322b956 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubert@uhoreg.ca>
Date: Wed, 3 Jan 2018 21:37:43 -0500
Subject: [PATCH] fix some typos in JavaScript library

Signed-off-by: Hubert Chathi <hubert@uhoreg.ca>
2018-01-09 15:57:47 +00:00
Richard van der Hoff
77eaaa3d5f prepare v2.2.2 2017-03-01 16:21:37 +00:00
Richard van der Hoff
b185229c2b Prep v2.2.1 2017-01-18 18:16:32 +00:00
Richard van der Hoff
150c360e82 Bump version numbers to 2.2.0 2017-01-18 16:03:02 +00:00
Richard van der Hoff
a2f0c93a93 Implement importing group session data
olm_import_inbound_group_session, which reads the format written by
olm_export_inbound_group_session to initialise a group session.
2017-01-09 17:45:46 +00:00
Richard van der Hoff
5fbeb3e29b Enable exporting inbound group session keys
A pair of functions which allow you to export the megolm keys for an inbound
group session, so that an application can save/restore them.
2017-01-06 16:41:56 +00:00
Richard van der Hoff
86b64b653a Bump version numbers throughout 2016-12-22 15:03:00 +00:00
Richard van der Hoff
e2e398bd94 Add some tests for the Javascript wrappers
These would have helped avoid the recent FRV.
2016-12-19 09:43:58 +00:00
Richard van der Hoff
8e554ab5ef Avoid buffer overrun on encryption
Make sure we null-terminate encrypted strings before passing them to
UTF8ToString.

This used to work when we allocated the buffer on the stack, because it turns
out that allocate() zeroinits the returned memory. malloc(), of course, does
not.
2016-12-16 14:42:41 +00:00
Richard van der Hoff
7fd63bcac7 Merge pull request #39 from matrix-org/rav/messages_on_heap
Allocate memory for message blobs on the heap
2016-12-15 16:54:39 +00:00
Richard van der Hoff
09b3e1eecd typo 2016-12-15 16:28:30 +00:00
Richard van der Hoff
8356fa37ad zero out plaintext buffers
Avoid leaving copies of the plaintext sitting around in the emscripten heap.
2016-12-15 13:37:34 +00:00
Richard van der Hoff
76610c0a3a Allocate memory for message blobs on the heap
Messages can be very large, so we don't really want to allocate them on the
stack. Switch to using the heap for them, and try to clean up some of the
string handling while we're at it.
2016-12-14 12:05:56 +00:00
Richard van der Hoff
51b141ecb6 Let apps override emscripten settings
Read settings from OLM_OPTIONS to allow apps to configure some options. In
particular, this is useful for setting the heap size.
2016-12-14 11:46:12 +00:00
Richard van der Hoff
1bf807bf33 Better handling of exceptions during loading
If we get an exception during load, don't define half of window.Olm (which
confuses apps).

This is a partial fix to https://github.com/vector-im/riot-web/issues/2726.
2016-12-12 16:52:03 +00:00
Richard van der Hoff
27c7b4a767 Version bump for 2.0.0 2016-10-25 11:35:20 +01:00
Mark Haines
653790eacb Return the message index when decrypting group messages.
Applications can use the index to detect replays of the same message.
2016-10-20 09:58:55 +01:00
Mark Haines
ec7d968623 Changelog and version bump for 1.3.0 2016-09-14 13:55:54 +01:00
Mark Haines
6dfa64342a Fix the group javascript demo 2016-09-14 11:10:05 +01:00
Mark Haines
f274adfe24 Merge remote-tracking branch 'matrix/master' 2016-09-13 17:55:21 +01:00
Mark Haines
d7bc00c81d Merge pull request #23 from matrix-org/markjh/remove_message_index
Remove the messsage index from olm_init_inbound_group_session
2016-09-13 17:54:14 +01:00
Mark Haines
a628ef41bd Remove the messsage index from olm_init_inbound_group_session since it is read from the session_key 2016-09-13 17:51:02 +01:00
Mark Haines
6971f54fea Add a olm_inbound_group_session_id method 2016-09-13 17:02:36 +01:00
Matthew Hodgson
576c6ad292 call double ratchet what it is 2016-09-06 22:46:58 +01:00
Richard van der Hoff
49ca6aca98 Bump version numbers to 1.2.0 2016-09-06 22:26:24 +01:00
Richard van der Hoff
50cd2b2a43 Clean up some typos
Remove redundant args from some js funcs, and fix a comment typo
2016-09-06 14:06:43 +01:00
Richard van der Hoff
c2b51207ee Fix error handling for group sessions
Fix a couple of places where we were using the wrong method to get the last
error.
2016-09-05 19:42:04 +01:00
Richard van der Hoff
2aad4cfa86 Merge pull request #15 from matrix-org/rav/has_received_message
OlmSession.has_received_message
2016-09-05 10:38:41 +01:00
Richard van der Hoff
1d4c13c798 Fix megolm decryption of UTF-8
Repeat the fix from b10f90d for megolm messages.

It turns out that the 'length' argument to 'Pointer_stringify' doesn't work if
the input includes characters >= 128.

Rather than try to figure out which methods can return UTF-8, and which always
return plain ascii, replace all uses of Pointer_stringify with a 'length'
argument with the version that expects a NULL-terminated input, and extend the
buffer by a byte to allow space for a null-terminator.

In the case of decrypt, we need to add the null ourself.

Fixes https://github.com/vector-im/vector-web/issues/2078.
2016-09-05 00:49:36 +01:00
Richard van der Hoff
2e9021c2e7 OlmSession.has_received_message
I find myself wanting to know if an OlmSession is in the pre-key state or not,
to help debugging at the application level.
2016-09-04 23:41:10 +01:00
Richard van der Hoff
0c3f527dfd Bump version in package.json
... to match the Makefile
2016-09-01 14:31:34 +01:00
Richard van der Hoff
0c462cff11 Fix Ed25519 keypair generation
Ed25519 private keys, it turns out, have 64 bytes, not 32.

We were previously generating only 32 bytes (which is all that is required to
generate the public key), and then using the public key as the upper 32 bytes
when generating the per-message session key. This meant that everything
appeared to work, but the security of the private key was severely compromised.

By way of fixes:

 * Use the correct algorithm for generating the Ed25519 private key, and store
   all 512 bits of it.

 * Update the account pickle format and refuse to load the old format (since we
   should consider it compromised).

 * Bump the library version, and add a function to retrieve the library
   version, so that applications can verify that they are linked against a
   fixed version of the library.

 * Remove the curve25519_{sign, verify} functions which were unused and of
   dubious quality.
2016-09-01 13:35:23 +01:00
Richard van der Hoff
f3b9c3bbbb Prepare 1.0.0 release 2016-07-11 12:50:11 +01:00
Richard van der Hoff
939aa747dd JS: make sure returned strings are null-terminated
It turns out that the 'length' argument to 'Pointer_stringify' doesn't work if
the input includes characters >= 128.

Rather than try to figure out which methods can return UTF-8, and which always
return plain ascii, replace all uses of Pointer_stringify with a 'length'
argument with the version that expects a NULL-terminated input, and extend the
buffer by a byte to allow space for a null-terminator.

In the case of decrypt, we need to add the null ourself.

Fixes https://github.com/vector-im/vector-web/issues/1719.
2016-07-06 22:32:51 +01:00
Richard van der Hoff
803672931a Put a signature on sent group messages
It's important that group messages be signed by the sender, rather than by a
secret derived from the shared secret.
2016-05-26 18:01:02 +01:00
Richard van der Hoff
7c5ab63fd8 js group demo: use a remoteOps object
To make sure that we don't sneakily use methods which we wouldn't be able to
for remote users, expose an interface object which contains the remote
interface.
2016-05-26 17:14:33 +01:00
Richard van der Hoff
389a181ea8 javascript/olm_inbound_group_session.js: fix length arg
message.length counts codepoints; we need bytes.
2016-05-26 13:57:09 +01:00