olm/javascript
Richard van der Hoff 0c462cff11 Fix Ed25519 keypair generation
Ed25519 private keys, it turns out, have 64 bytes, not 32.

We were previously generating only 32 bytes (which is all that is required to
generate the public key), and then using the public key as the upper 32 bytes
when generating the per-message session key. This meant that everything
appeared to work, but the security of the private key was severely compromised.

By way of fixes:

 * Use the correct algorithm for generating the Ed25519 private key, and store
   all 512 bits of it.

 * Update the account pickle format and refuse to load the old format (since we
   should consider it compromised).

 * Bump the library version, and add a function to retrieve the library
   version, so that applications can verify that they are linked against a
   fixed version of the library.

 * Remove the curve25519_{sign, verify} functions which were unused and of
   dubious quality.
2016-09-01 13:35:23 +01:00
..
demo Put a signature on sent group messages 2016-05-26 18:01:02 +01:00
.gitignore Make 'npm build' build the js lib 2016-04-26 12:12:08 +01:00
olm_inbound_group_session.js javascript/olm_inbound_group_session.js: fix length arg 2016-05-26 13:57:09 +01:00
olm_outbound_group_session.js Javascript bindings for group sessions 2016-05-25 17:48:01 +01:00
olm_post.js Fix Ed25519 keypair generation 2016-09-01 13:35:23 +01:00
olm_pre.js Fix a console error when importing in a browser 2015-12-02 14:06:01 +00:00
package.json Prepare 1.0.0 release 2016-07-11 12:50:11 +01:00
README.md Javascript bindings for group sessions 2016-05-25 17:48:01 +01:00

Olm

Example:

var alice = new Olm.Account();
var bob = new Olm.Account();
alice.create();
bob.create();
bob.generate_one_time_keys(1);

var bobs_id_keys = JSON.parse(bob.identity_keys());
var bobs_id_key = bobs_id_keys.curve25519;
var bobs_ot_keys = JSON.parse(bob.one_time_keys());
for (key in bobs_ot_keys.curve25519) {
    var bobs_ot_key = bobs_ot_keys.curve25519[key];
}

alice_session = new Olm.Session();
alice_session.create_outbound(alice, bobs_id_key, bobs_ot_key);
alice_message = a_session.encrypt("Hello");

bob_session.create_inbound(bob, bob_message);
var plaintext = bob_session.decrypt(message_1.type, bob_message);
bob.remove_one_time_keys(bob_session);

Group chat:

var outbound_session = new Olm.OutboundGroupSession();
outbound_session.create();

// exchange these over a secure channel
var session_id = group_session.session_id();
var session_key = group_session.session_key();
var message_index = group_session.message_index();

var inbound_session = new Olm.InboundGroupSession();
inbound_session.create(message_index, session_key);

var ciphertext = outbound_session.encrypt("Hello");
var plaintext = inbound_session.decrypt(ciphertext);