aboutsummaryrefslogtreecommitdiff
path: root/android/olm-sdk
diff options
context:
space:
mode:
authorHubert Chathi <hubert@uhoreg.ca>2018-10-12 17:02:51 -0400
committerHubert Chathi <hubert@uhoreg.ca>2018-10-12 17:02:51 -0400
commit5cf074d3372f1e189fe410a075013adefabb1aa5 (patch)
treea72a96fafab69e62b5083cbe1933b4e34e9a72d5 /android/olm-sdk
parentac071d9c0d69e4330a06f171e3bddc713ecd97d6 (diff)
parentaf86a9a8b899eeb3c1c464cb0c54218acd788fa6 (diff)
Merge branch 'master' into poljar
Diffstat (limited to 'android/olm-sdk')
-rw-r--r--android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java5
-rw-r--r--android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java6
-rw-r--r--android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java7
-rw-r--r--android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java6
-rw-r--r--android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java11
-rw-r--r--android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp7
-rw-r--r--android/olm-sdk/src/main/jni/olm_pk.cpp63
-rw-r--r--android/olm-sdk/src/main/jni/olm_session.cpp12
8 files changed, 91 insertions, 26 deletions
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java
index 8c2d7b0..b41c67a 100644
--- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java
+++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java
@@ -25,6 +25,8 @@ import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
+import java.util.Arrays;
+
/**
* Class used to create an inbound <a href="http://matrix.org/docs/guides/e2e_implementation.html#handling-an-m-room-key-event">Megolm session</a>.<br>
* Counter part of the outbound group session {@link OlmOutboundGroupSession}, this class decrypts the messages sent by the outbound side.
@@ -236,7 +238,7 @@ public class OlmInboundGroupSession extends CommonSerializeUtils implements Seri
* In case of error, null is returned and an error message description is provided in aErrorMsg.
* @param aEncryptedMsg the message to be decrypted
* @return the decrypted message information
- * @exception OlmException teh failure reason
+ * @exception OlmException the failure reason
*/
public DecryptMessageResult decryptMessage(String aEncryptedMsg) throws OlmException {
DecryptMessageResult result = new DecryptMessageResult();
@@ -246,6 +248,7 @@ public class OlmInboundGroupSession extends CommonSerializeUtils implements Seri
if (null != decryptedMessageBuffer) {
result.mDecryptedMessage = new String(decryptedMessageBuffer, "UTF-8");
+ Arrays.fill(decryptedMessageBuffer, (byte) 0);
}
} catch (Exception e) {
Log.e(LOG_TAG, "## decryptMessage() failed " + e.getMessage());
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java
index 0481824..e4d4a44 100644
--- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java
+++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java
@@ -26,6 +26,8 @@ import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
+import java.util.Arrays;
+
/**
* Class used to create an outbound a <a href="http://matrix.org/docs/guides/e2e_implementation.html#starting-a-megolm-session">Megolm session</a>.<br>
* To send a first message in an encrypted room, the client should start a new outbound Megolm session.
@@ -166,7 +168,9 @@ public class OlmOutboundGroupSession extends CommonSerializeUtils implements Ser
if (!TextUtils.isEmpty(aClearMsg)) {
try {
- byte[] encryptedBuffer = encryptMessageJni(aClearMsg.getBytes("UTF-8"));
+ byte[] clearMsgBuffer = aClearMsg.getBytes("UTF-8");
+ byte[] encryptedBuffer = encryptMessageJni(clearMsgBuffer);
+ Arrays.fill(clearMsgBuffer, (byte) 0);
if (null != encryptedBuffer) {
retValue = new String(encryptedBuffer , "UTF-8");
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java
index 03d055a..ea838f1 100644
--- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java
+++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java
@@ -18,6 +18,8 @@ package org.matrix.olm;
import android.util.Log;
+import java.util.Arrays;
+
public class OlmPkDecryption {
private static final String LOG_TAG = "OlmPkDecryption";
@@ -67,7 +69,10 @@ public class OlmPkDecryption {
}
try {
- return new String(decryptJni(aMessage), "UTF-8");
+ byte[] plaintextBuffer = decryptJni(aMessage);
+ String plaintext = new String(plaintextBuffer, "UTF-8");
+ Arrays.fill(plaintextBuffer, (byte) 0);
+ return plaintext;
} catch (Exception e) {
Log.e(LOG_TAG, "## pkDecrypt(): failed " + e.getMessage());
throw new OlmException(OlmException.EXCEPTION_CODE_PK_DECRYPTION_DECRYPT, e.getMessage());
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java
index 9bd429d..a2ccf2e 100644
--- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java
+++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java
@@ -18,6 +18,8 @@ package org.matrix.olm;
import android.util.Log;
+import java.util.Arrays;
+
public class OlmPkEncryption {
private static final String LOG_TAG = "OlmPkEncryption";
@@ -72,7 +74,9 @@ public class OlmPkEncryption {
OlmPkMessage encryptedMsgRetValue = new OlmPkMessage();
try {
- byte[] ciphertextBuffer = encryptJni(aPlaintext.getBytes("UTF-8"), encryptedMsgRetValue);
+ byte[] plaintextBuffer = aPlaintext.getBytes("UTF-8");
+ byte[] ciphertextBuffer = encryptJni(plaintextBuffer, encryptedMsgRetValue);
+ Arrays.fill(plaintextBuffer, (byte) 0);
if (null != ciphertextBuffer) {
encryptedMsgRetValue.mCipherText = new String(ciphertextBuffer, "UTF-8");
diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java
index da2e963..3c5ce49 100644
--- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java
+++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java
@@ -25,6 +25,8 @@ import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
+import java.util.Arrays;
+
/**
* Session class used to create Olm sessions in conjunction with {@link OlmAccount} class.<br>
* Olm session is used to encrypt data between devices, especially to create Olm group sessions (see {@link OlmOutboundGroupSession} and {@link OlmInboundGroupSession}).<br>
@@ -295,7 +297,9 @@ public class OlmSession extends CommonSerializeUtils implements Serializable {
OlmMessage encryptedMsgRetValue = new OlmMessage();
try {
- byte[] encryptedMessageBuffer = encryptMessageJni(aClearMsg.getBytes("UTF-8"), encryptedMsgRetValue);
+ byte[] clearMsgBuffer = aClearMsg.getBytes("UTF-8");
+ byte[] encryptedMessageBuffer = encryptMessageJni(clearMsgBuffer, encryptedMsgRetValue);
+ Arrays.fill(clearMsgBuffer, (byte) 0);
if (null != encryptedMessageBuffer) {
encryptedMsgRetValue.mCipherText = new String(encryptedMessageBuffer, "UTF-8");
@@ -330,7 +334,10 @@ public class OlmSession extends CommonSerializeUtils implements Serializable {
}
try {
- return new String(decryptMessageJni(aEncryptedMsg), "UTF-8");
+ byte[] plaintextBuffer = decryptMessageJni(aEncryptedMsg);
+ String plaintext = new String(plaintextBuffer, "UTF-8");
+ Arrays.fill(plaintextBuffer, (byte) 0);
+ return plaintext;
} catch (Exception e) {
Log.e(LOG_TAG, "## decryptMessage(): failed " + e.getMessage());
throw new OlmException(OlmException.EXCEPTION_CODE_SESSION_DECRYPT_MESSAGE, e.getMessage());
diff --git a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp
index a821709..b11c474 100644
--- a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp
+++ b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp
@@ -297,6 +297,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(encryptMessageJni)(JNIE
OlmOutboundGroupSession *sessionPtr = NULL;
jbyte* clearMsgPtr = NULL;
+ jboolean clearMsgIsCopied = JNI_FALSE;
if (!(sessionPtr = (OlmOutboundGroupSession*)getOutboundGroupSessionInstanceId(env,thiz)))
{
@@ -308,7 +309,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(encryptMessageJni)(JNIE
LOGE(" ## encryptMessageJni(): failure - invalid clear message");
errorMessage = "invalid clear message";
}
- else if (!(clearMsgPtr = env->GetByteArrayElements(aClearMsgBuffer, NULL)))
+ else if (!(clearMsgPtr = env->GetByteArrayElements(aClearMsgBuffer, &clearMsgIsCopied)))
{
LOGE(" ## encryptMessageJni(): failure - clear message JNI allocation OOM");
errorMessage = "clear message JNI allocation OOM";
@@ -359,6 +360,10 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(encryptMessageJni)(JNIE
// free alloc
if (clearMsgPtr)
{
+ if (clearMsgIsCopied)
+ {
+ memset(clearMsgPtr, 0, (size_t)env->GetArrayLength(aClearMsgBuffer));
+ }
env->ReleaseByteArrayElements(aClearMsgBuffer, clearMsgPtr, JNI_ABORT);
}
diff --git a/android/olm-sdk/src/main/jni/olm_pk.cpp b/android/olm-sdk/src/main/jni/olm_pk.cpp
index 2e936c6..12528de 100644
--- a/android/olm-sdk/src/main/jni/olm_pk.cpp
+++ b/android/olm-sdk/src/main/jni/olm_pk.cpp
@@ -29,7 +29,10 @@ OlmPkEncryption * initializePkEncryptionMemory()
{
// init encryption object
encryptionPtr = olm_pk_encryption(encryptionPtr);
- LOGD("## initializePkEncryptionMemory(): success - OLM encryption size=%lu",static_cast<long unsigned int>(encryptionSize));
+ LOGD(
+ "## initializePkEncryptionMemory(): success - OLM encryption size=%lu",
+ static_cast<long unsigned int>(encryptionSize)
+ );
}
else
{
@@ -53,7 +56,10 @@ JNIEXPORT jlong OLM_PK_ENCRYPTION_FUNC_DEF(createNewPkEncryptionJni)(JNIEnv *env
else
{
LOGD("## createNewPkEncryptionJni(): success - OLM encryption created");
- LOGD("## createNewPkEncryptionJni(): encryptionPtr=%p (jlong)(intptr_t)encryptionPtr=%lld", encryptionPtr, (jlong)(intptr_t)encryptionPtr);
+ LOGD(
+ "## createNewPkEncryptionJni(): encryptionPtr=%p (jlong)(intptr_t)encryptionPtr=%lld",
+ encryptionPtr, (jlong)(intptr_t)encryptionPtr
+ );
}
if (errorMessage)
@@ -93,8 +99,9 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(releasePkEncryptionJni)(JNIEnv *env, j
}
}
-JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobject thiz, jbyteArray aKeyBuffer)
-{
+JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(
+ JNIEnv *env, jobject thiz, jbyteArray aKeyBuffer
+) {
const char *errorMessage = NULL;
jbyte *keyPtr = NULL;
@@ -116,10 +123,13 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobje
}
else
{
- if(olm_pk_encryption_set_recipient_key(encryptionPtr, keyPtr, (size_t)env->GetArrayLength(aKeyBuffer)) == olm_error())
+ if (olm_pk_encryption_set_recipient_key(encryptionPtr, keyPtr, (size_t)env->GetArrayLength(aKeyBuffer)) == olm_error())
{
errorMessage = olm_pk_encryption_last_error(encryptionPtr);
- LOGE(" ## pkSetRecipientKeyJni(): failure - olm_pk_encryption_set_recipient_key Msg=%s", errorMessage);
+ LOGE(
+ " ## pkSetRecipientKeyJni(): failure - olm_pk_encryption_set_recipient_key Msg=%s",
+ errorMessage
+ );
}
}
@@ -134,11 +144,13 @@ JNIEXPORT void OLM_PK_ENCRYPTION_FUNC_DEF(setRecipientKeyJni)(JNIEnv *env, jobje
}
}
-JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject thiz, jbyteArray aPlaintextBuffer, jobject aEncryptedMsg)
-{
+JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(
+ JNIEnv *env, jobject thiz, jbyteArray aPlaintextBuffer, jobject aEncryptedMsg
+) {
jbyteArray encryptedMsgRet = 0;
const char* errorMessage = NULL;
jbyte *plaintextPtr = NULL;
+ jboolean plaintextIsCopied = JNI_FALSE;
OlmPkEncryption *encryptionPtr = getPkEncryptionInstanceId(env, thiz);
jclass encryptedMsgJClass = 0;
@@ -154,15 +166,15 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject
LOGE(" ## pkEncryptJni(): failure - invalid clear message");
errorMessage = "invalid clear message";
}
- else if (!(plaintextPtr = env->GetByteArrayElements(aPlaintextBuffer, 0)))
+ else if (!(plaintextPtr = env->GetByteArrayElements(aPlaintextBuffer, &plaintextIsCopied)))
{
LOGE(" ## pkEncryptJni(): failure - plaintext JNI allocation OOM");
errorMessage = "plaintext JNI allocation OOM";
}
else if (!(encryptedMsgJClass = env->GetObjectClass(aEncryptedMsg)))
{
- LOGE(" ## pkEncryptJni(): failure - unable to get crypted message class");
- errorMessage = "unable to get crypted message class";
+ LOGE(" ## pkEncryptJni(): failure - unable to get encrypted message class");
+ errorMessage = "unable to get encrypted message class";
}
else if (!(macFieldId = env->GetFieldID(encryptedMsgJClass, "mMac", "Ljava/lang/String;")))
{
@@ -226,7 +238,9 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject
else
{
encryptedMsgRet = env->NewByteArray(ciphertextLength);
- env->SetByteArrayRegion(encryptedMsgRet, 0, ciphertextLength, (jbyte*)ciphertextPtr);
+ env->SetByteArrayRegion(
+ encryptedMsgRet, 0, ciphertextLength, (jbyte*)ciphertextPtr
+ );
jstring macStr = env->NewStringUTF((char*)macPtr);
env->SetObjectField(aEncryptedMsg, macFieldId, macStr);
@@ -256,6 +270,10 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject
if (plaintextPtr)
{
+ if (plaintextIsCopied)
+ {
+ memset(plaintextPtr, 0, (size_t)env->GetArrayLength(aPlaintextBuffer));
+ }
env->ReleaseByteArrayElements(aPlaintextBuffer, plaintextPtr, JNI_ABORT);
}
@@ -276,7 +294,10 @@ OlmPkDecryption * initializePkDecryptionMemory()
{
// init decryption object
decryptionPtr = olm_pk_decryption(decryptionPtr);
- LOGD("## initializePkDecryptionMemory(): success - OLM decryption size=%lu",static_cast<long unsigned int>(decryptionSize));
+ LOGD(
+ "## initializePkDecryptionMemory(): success - OLM decryption size=%lu",
+ static_cast<long unsigned int>(decryptionSize)
+ );
}
else
{
@@ -300,7 +321,10 @@ JNIEXPORT jlong OLM_PK_DECRYPTION_FUNC_DEF(createNewPkDecryptionJni)(JNIEnv *env
else
{
LOGD("## createNewPkDecryptionJni(): success - OLM decryption created");
- LOGD("## createNewPkDecryptionJni(): decryptionPtr=%p (jlong)(intptr_t)decryptionPtr=%lld", decryptionPtr, (jlong)(intptr_t)decryptionPtr);
+ LOGD(
+ "## createNewPkDecryptionJni(): decryptionPtr=%p (jlong)(intptr_t)decryptionPtr=%lld",
+ decryptionPtr, (jlong)(intptr_t)decryptionPtr
+ );
}
if (errorMessage)
@@ -402,8 +426,9 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, job
return publicKeyRet;
}
-JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject thiz, jobject aEncryptedMsg)
-{
+JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(
+ JNIEnv *env, jobject thiz, jobject aEncryptedMsg
+) {
const char* errorMessage = NULL;
OlmPkDecryption *decryptionPtr = getPkDecryptionInstanceId(env, thiz);
@@ -528,7 +553,10 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject
{
decryptedMsgRet = env->NewByteArray(plaintextLength);
env->SetByteArrayRegion(decryptedMsgRet, 0, plaintextLength, (jbyte*)plaintextPtr);
- LOGD("## pkDecryptJni(): success returnedLg=%lu OK", static_cast<long unsigned int>(plaintextLength));
+ LOGD(
+ "## pkDecryptJni(): success returnedLg=%lu OK",
+ static_cast<long unsigned int>(plaintextLength)
+ );
}
}
@@ -538,6 +566,7 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject
}
if (plaintextPtr)
{
+ memset(plaintextPtr, 0, maxPlaintextLength);
free(plaintextPtr);
}
}
diff --git a/android/olm-sdk/src/main/jni/olm_session.cpp b/android/olm-sdk/src/main/jni/olm_session.cpp
index 5ca49db..b9db286 100644
--- a/android/olm-sdk/src/main/jni/olm_session.cpp
+++ b/android/olm-sdk/src/main/jni/olm_session.cpp
@@ -472,6 +472,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(encryptMessageJni)(JNIEnv *env, jobjec
OlmSession *sessionPtr = getSessionInstanceId(env, thiz);
jbyte *clearMsgPtr = NULL;
+ jboolean clearMsgIsCopied = JNI_FALSE;
jclass encryptedMsgJClass = 0;
jfieldID typeMsgFieldId;
@@ -490,8 +491,9 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(encryptMessageJni)(JNIEnv *env, jobjec
else if (!aEncryptedMsg)
{
LOGE("## encryptMessageJni(): failure - invalid encrypted message");
+ errorMessage = "invalid encrypted message";
}
- else if (!(clearMsgPtr = env->GetByteArrayElements(aClearMsgBuffer, 0)))
+ else if (!(clearMsgPtr = env->GetByteArrayElements(aClearMsgBuffer, &clearMsgIsCopied)))
{
LOGE("## encryptMessageJni(): failure - clear message JNI allocation OOM");
errorMessage = "clear message JNI allocation OOM";
@@ -580,6 +582,10 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(encryptMessageJni)(JNIEnv *env, jobjec
// free alloc
if (clearMsgPtr)
{
+ if (clearMsgIsCopied)
+ {
+ memset(clearMsgPtr, 0, (size_t)env->GetArrayLength(aClearMsgBuffer));
+ }
env->ReleaseByteArrayElements(aClearMsgBuffer, clearMsgPtr, JNI_ABORT);
}
@@ -702,6 +708,8 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(decryptMessageJni)(JNIEnv *env, jobjec
LOGD(" ## decryptMessageJni(): UTF-8 Conversion - decrypted returnedLg=%lu OK",static_cast<long unsigned int>(plaintextLength));
}
+
+ memset(plainTextMsgPtr, 0, maxPlainTextLength);
}
}
@@ -958,4 +966,4 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz,
}
return (jlong)(intptr_t)sessionPtr;
-} \ No newline at end of file
+}