Merge pull request #19 from matrix-org/rav/megolm_signing

Sign megolm messages

2 files changed, 76 insertions, 7 deletions

diff --git a/tests/test_group_session.cpp b/tests/test_group_session.cpp
index 4a82154..7ac91c3 100644
--- a/tests/test_group_session.cpp
+++ b/tests/test_group_session.cpp
@@ -80,7 +80,6 @@ int main() {
     assert_equals(pickle1, pickle2, pickle_length);
 }
 
-
 {
     TestCase test_case("Group message send/receive");
 
@@ -89,6 +88,7 @@ int main() {
         "0123456789ABDEF0123456789ABCDEF"
         "0123456789ABDEF0123456789ABCDEF"
         "0123456789ABDEF0123456789ABCDEF"
+        "0123456789ABDEF0123456789ABCDEF"
         "0123456789ABDEF0123456789ABCDEF";
 
 
@@ -97,7 +97,7 @@ int main() {
     uint8_t memory[size];
     OlmOutboundGroupSession *session = olm_outbound_group_session(memory);
 
-    assert_equals((size_t)132,
+    assert_equals((size_t)164,
                   olm_init_outbound_group_session_random_length(session));
 
     size_t res = olm_init_outbound_group_session(
@@ -109,7 +109,6 @@ int main() {
     uint8_t session_key[session_key_len];
     olm_outbound_group_session_key(session, session_key, session_key_len);
 
-
     /* encode the message */
     uint8_t plaintext[] = "Message";
     size_t plaintext_length = sizeof(plaintext) - 1;
@@ -148,4 +147,73 @@ int main() {
     assert_equals(plaintext, plaintext_buf, res);
 }
 
+{
+    TestCase test_case("Invalid signature group message");
+
+    uint8_t plaintext[] = "Message";
+    size_t plaintext_length = sizeof(plaintext) - 1;
+
+    uint8_t session_key[] =
+        "ATAxMjM0NTY3ODlBQkRFRjAxMjM0NTY3ODlBQkNERUYwMTIzNDU2Nzg5QUJERUYw"
+        "MTIzNDU2Nzg5QUJDREVGMDEyMzQ1Njc4OUFCREVGMDEyMzQ1Njc4OUFCQ0RFRjAx"
+        "MjM0NTY3ODlBQkRFRjAxMjM0NTY3ODlBQkNERUYwMTIzDRt2DUEOrg/H+yUGjDTq"
+        "ryf8H1YF/BZjI04HwOVSZcY";
+
+    uint8_t message[] =
+        "AwgAEhAcbh6UpbByoyZxufQ+h2B+8XHMjhR69G8F4+qjMaFlnIXusJZX3r8LnROR"
+        "G9T3DXFdbVuvIWrLyRfm4i8QRbe8VPwGRFG57B1CtmxanuP8bHtnnYqlwPsD";
+    size_t msglen = sizeof(message)-1;
+
+    /* build the inbound session */
+    size_t size = olm_inbound_group_session_size();
+    uint8_t inbound_session_memory[size];
+    OlmInboundGroupSession *inbound_session =
+        olm_inbound_group_session(inbound_session_memory);
+
+    size_t res = olm_init_inbound_group_session(
+        inbound_session, 0U, session_key, sizeof(session_key)-1
+    );
+    assert_equals((size_t)0, res);
+
+    /* decode the message */
+
+    /* olm_group_decrypt_max_plaintext_length destroys the input so we have to
+       copy it. */
+    uint8_t msgcopy[msglen];
+    memcpy(msgcopy, message, msglen);
+    size = olm_group_decrypt_max_plaintext_length(
+        inbound_session, msgcopy, msglen
+    );
+
+    memcpy(msgcopy, message, msglen);
+    uint8_t plaintext_buf[size];
+    res = olm_group_decrypt(
+        inbound_session, msgcopy, msglen, plaintext_buf, size
+    );
+    assert_equals(plaintext_length, res);
+    assert_equals(plaintext, plaintext_buf, res);
+
+    /* now twiddle the signature */
+    message[msglen-1] = 'E';
+    memcpy(msgcopy, message, msglen);
+    assert_equals(
+        size,
+        olm_group_decrypt_max_plaintext_length(
+            inbound_session, msgcopy, msglen
+        )
+    );
+
+    memcpy(msgcopy, message, msglen);
+    res = olm_group_decrypt(
+        inbound_session, msgcopy, msglen,
+        plaintext_buf, size
+    );
+    assert_equals((size_t)-1, res);
+    assert_equals(
+        std::string("BAD_SIGNATURE"),
+        std::string(olm_inbound_group_session_last_error(inbound_session))
+    );
+}
+
+
 }
diff --git a/tests/test_message.cpp b/tests/test_message.cpp
index 06b36dc..25693f5 100644
--- a/tests/test_message.cpp
+++ b/tests/test_message.cpp
@@ -67,8 +67,8 @@ assert_equals(message2, output, 35);
 
     TestCase test_case("Group message encode test");
 
-    size_t length = _olm_encode_group_message_length(200, 10, 8);
-    size_t expected_length = 1 + (1+2) + (2+10) + 8;
+    size_t length = _olm_encode_group_message_length(200, 10, 8, 64);
+    size_t expected_length = 1 + (1+2) + (2+10) + 8 + 64;
     assert_equals(expected_length, length);
 
     uint8_t output[50];
@@ -99,9 +99,10 @@ assert_equals(message2, output, 35);
         "\x03"
         "\x08\xC8\x01"
         "\x12\x0A" "ciphertext"
-        "hmacsha2";
+        "hmacsha2"
+        "ed25519signature";
 
-    _olm_decode_group_message(message, sizeof(message)-1, 8, &results);
+    _olm_decode_group_message(message, sizeof(message)-1, 8, 16, &results);
     assert_equals(std::uint8_t(3), results.version);
     assert_equals(1, results.has_message_index);
     assert_equals(std::uint32_t(200), results.message_index);