aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/axolotl.cpp7
-rw-r--r--src/crypto.cpp13
-rw-r--r--src/ratchet.cpp6
-rw-r--r--src/session.cpp2
-rw-r--r--tests/include/unittest.hh23
-rw-r--r--tests/test_axolotl.cpp135
-rw-r--r--tests/test_base64.cpp1
7 files changed, 178 insertions, 9 deletions
diff --git a/src/axolotl.cpp b/src/axolotl.cpp
index e11e2b0..e835c9b 100644
--- a/src/axolotl.cpp
+++ b/src/axolotl.cpp
@@ -67,7 +67,6 @@ std::size_t enc_output(
std::size_t length = ciphertext_length + PICKLE_CIPHER.mac_length();
std::size_t base64_length = axolotl::encode_base64_length(length);
std::uint8_t * raw_output = output + base64_length - length;
- length -= PICKLE_CIPHER.mac_length();
PICKLE_CIPHER.encrypt(
key, key_length,
raw_output, raw_length,
@@ -395,6 +394,12 @@ size_t axolotl_account_one_time_keys(
}
+size_t axolotl_create_outbound_session_random_length(
+ AxolotlSession * session
+) {
+ return from_c(session)->new_outbound_session_random_length();
+}
+
size_t axolotl_create_outbound_session(
AxolotlSession * session,
AxolotlAccount * account,
diff --git a/src/crypto.cpp b/src/crypto.cpp
index 24a8136..b287919 100644
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -237,15 +237,18 @@ std::size_t axolotl::aes_decrypt_cbc(
) {
std::uint32_t key_schedule[60];
::aes_key_setup(key.key, key_schedule, 256);
+ std::uint8_t block1[AES_BLOCK_LENGTH];
+ std::uint8_t block2[AES_BLOCK_LENGTH];
+ std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH);
for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) {
+ std::memcpy(block2, &input[i], AES_BLOCK_LENGTH);
::aes_decrypt(&input[i], &output[i], key_schedule, 256);
- if (i == 0) {
- xor_block<AES_BLOCK_LENGTH>(&output[i], iv.iv);
- } else {
- xor_block<AES_BLOCK_LENGTH>(&output[i], &input[i - AES_BLOCK_LENGTH]);
- }
+ xor_block<AES_BLOCK_LENGTH>(&output[i], block1);
+ std::memcpy(block1, block2, AES_BLOCK_LENGTH);
}
axolotl::unset(key_schedule);
+ axolotl::unset(block1);
+ axolotl::unset(block2);
std::size_t padding = output[input_length - 1];
return (padding > input_length) ? std::size_t(-1) : (input_length - padding);
}
diff --git a/src/ratchet.cpp b/src/ratchet.cpp
index 24f0ac2..37d2d4e 100644
--- a/src/ratchet.cpp
+++ b/src/ratchet.cpp
@@ -141,12 +141,12 @@ std::size_t verify_mac_and_decrypt_for_new_chain(
/* They shouldn't move to a new chain until we've sent them a message
* acknowledging the last one */
if (session.sender_chain.empty()) {
- return false;
+ return std::size_t(-1);
}
/* Limit the number of hashes we're prepared to compute */
if (reader.counter > MAX_MESSAGE_GAP) {
- return false;
+ return std::size_t(-1);
}
std::memcpy(
new_chain.ratchet_key.public_key, reader.ratchet_key, KEY_LENGTH
@@ -191,6 +191,7 @@ void axolotl::Ratchet::initialise_as_bob(
derived_secrets, sizeof(derived_secrets)
);
receiver_chains.insert();
+ receiver_chains[0].chain_key.index = 0;
std::memcpy(root_key, derived_secrets, 32);
std::memcpy(receiver_chains[0].chain_key.key, derived_secrets + 32, 32);
receiver_chains[0].ratchet_key = their_ratchet_key;
@@ -210,6 +211,7 @@ void axolotl::Ratchet::initialise_as_alice(
derived_secrets, sizeof(derived_secrets)
);
sender_chain.insert();
+ sender_chain[0].chain_key.index = 0;
std::memcpy(root_key, derived_secrets, 32);
std::memcpy(sender_chain[0].chain_key.key, derived_secrets + 32, 32);
sender_chain[0].ratchet_key = our_ratchet_key;
diff --git a/src/session.cpp b/src/session.cpp
index 0582d56..6d93326 100644
--- a/src/session.cpp
+++ b/src/session.cpp
@@ -332,6 +332,8 @@ std::size_t axolotl::Session::decrypt(
if (result == std::size_t(-1)) {
last_error = ratchet.last_error;
ratchet.last_error = axolotl::ErrorCode::SUCCESS;
+ } else {
+ received_message = true;
}
return result;
}
diff --git a/tests/include/unittest.hh b/tests/include/unittest.hh
index 437ea77..7c65f9f 100644
--- a/tests/include/unittest.hh
+++ b/tests/include/unittest.hh
@@ -53,6 +53,25 @@ void assert_equals(
}
}
+template<typename T>
+void assert_not_equals(
+ const char *file,
+ unsigned line,
+ const char *expected_expr,
+ const char *actual_expr,
+ T const & expected,
+ T const & actual
+) {
+ if (expected == actual) {
+ std::cout << "FAILED: " << TEST_CASE << std::endl;
+ std::cout << file << ":" << line << std::endl;
+ std::cout << expected_expr << " == " << actual_expr << std::endl;
+ std::cout << "Unexpected: " << expected << std::endl;
+ std::cout << "Actual: " << actual << std::endl;
+ std::exit(1);
+ }
+}
+
void assert_equals(
const char *file,
@@ -77,6 +96,10 @@ void assert_equals(
__FILE__, __LINE__, #expected, #actual, expected, actual, ##__VA_ARGS__ \
)
+#define assert_not_equals(expected, actual, ...) assert_not_equals( \
+ __FILE__, __LINE__, #expected, #actual, expected, actual, ##__VA_ARGS__ \
+)
+
class TestCase {
public:
TestCase(const char *name) { TEST_CASE = name; }
diff --git a/tests/test_axolotl.cpp b/tests/test_axolotl.cpp
new file mode 100644
index 0000000..7b55a36
--- /dev/null
+++ b/tests/test_axolotl.cpp
@@ -0,0 +1,135 @@
+#include "axolotl/axolotl.hh"
+#include "unittest.hh"
+
+#include <cstddef>
+#include <cstdint>
+#include <cstring>
+
+int main() {
+
+{ /** Pickle account test */
+
+TestCase test_case("Pickle account test");
+
+std::uint8_t account_buffer[::axolotl_account_size()];
+::AxolotlAccount *account = ::axolotl_account(account_buffer);
+std::size_t random_length = ::axolotl_create_account_random_length(account);
+std::uint8_t random[random_length];
+std::memset(random, 4, random_length); /* http://xkcd.com/221/ */
+::axolotl_create_account(account, random, random_length);
+std::size_t pickle_length = ::axolotl_pickle_account_length(account);
+std::uint8_t pickle1[pickle_length];
+::axolotl_pickle_account(account, "secret_key", 10, pickle1, pickle_length);
+std::uint8_t pickle2[pickle_length];
+std::memcpy(pickle2, pickle1, pickle_length);
+
+std::uint8_t account_buffer2[::axolotl_account_size()];
+::AxolotlAccount *account2 = ::axolotl_account(account_buffer2);
+::axolotl_unpickle_account(account2, "secret_key", 10, pickle2, pickle_length);
+assert_equals(pickle_length, ::axolotl_pickle_account_length(account2));
+::axolotl_pickle_account(account2, "secret_key", 10, pickle2, pickle_length);
+
+assert_equals(pickle1, pickle2, pickle_length);
+
+}
+
+{ /** Loopback test */
+
+TestCase test_case("Loopback test");
+
+std::uint8_t a_account_buffer[::axolotl_account_size()];
+::AxolotlAccount *a_account = ::axolotl_account(a_account_buffer);
+std::uint8_t a_random[::axolotl_create_account_random_length(a_account)];
+std::memset(a_random, 4, sizeof(a_random)); /* http://xkcd.com/221/ */
+::axolotl_create_account(a_account, a_random, sizeof(a_random));
+
+std::uint8_t b_account_buffer[::axolotl_account_size()];
+::AxolotlAccount *b_account = ::axolotl_account(b_account_buffer);
+std::uint8_t b_random[::axolotl_create_account_random_length(b_account)];
+std::memset(b_random, 5, sizeof(b_random)); /* http://xkcd.com/221/ */
+::axolotl_create_account(b_account, b_random, sizeof(b_random));
+
+std::uint8_t b_id_keys[::axolotl_account_identity_keys_length(b_account)];
+std::uint8_t b_ot_keys[::axolotl_account_one_time_keys_length(b_account)];
+::axolotl_account_identity_keys(b_account, b_id_keys, sizeof(b_id_keys));
+::axolotl_account_one_time_keys(b_account, b_ot_keys, sizeof(b_ot_keys));
+
+std::uint8_t a_session_buffer[::axolotl_session_size()];
+::AxolotlSession *a_session = ::axolotl_session(a_session_buffer);
+std::uint8_t a_rand[::axolotl_create_outbound_session_random_length(a_session)];
+std::memset(b_random, 6, sizeof(a_rand)); /* http://xkcd.com/221/ */
+assert_not_equals(std::size_t(-1), ::axolotl_create_outbound_session(
+ a_session, a_account,
+ b_id_keys + 14, 43,
+ ::atol((char *)(b_ot_keys + 62)), b_ot_keys + 74, 43,
+ a_rand, sizeof(a_rand)
+));
+
+std::uint8_t plaintext[] = "Hello, World";
+std::uint8_t message_1[::axolotl_encrypt_message_length(a_session, 12)];
+std::uint8_t a_message_random[::axolotl_encrypt_random_length(a_session)];
+assert_equals(std::size_t(0), ::axolotl_encrypt_message_type(a_session));
+assert_not_equals(std::size_t(-1), ::axolotl_encrypt(
+ a_session,
+ plaintext, 12,
+ a_message_random, sizeof(a_message_random),
+ message_1, sizeof(message_1)
+));
+
+
+std::uint8_t tmp_message_1[sizeof(message_1)];
+std::memcpy(tmp_message_1, message_1, sizeof(message_1));
+std::uint8_t b_session_buffer[::axolotl_account_size()];
+::AxolotlSession *b_session = ::axolotl_session(b_session_buffer);
+::axolotl_create_inbound_session(
+ b_session, b_account, tmp_message_1, sizeof(message_1)
+);
+
+std::memcpy(tmp_message_1, message_1, sizeof(message_1));
+std::uint8_t plaintext_1[::axolotl_decrypt_max_plaintext_length(
+ b_session, 0, tmp_message_1, sizeof(message_1)
+)];
+std::memcpy(tmp_message_1, message_1, sizeof(message_1));
+assert_equals(std::size_t(12), ::axolotl_decrypt(
+ b_session, 0,
+ tmp_message_1, sizeof(message_1),
+ plaintext_1, sizeof(plaintext_1)
+));
+
+assert_equals(plaintext, plaintext_1, 12);
+
+std::uint8_t message_2[::axolotl_encrypt_message_length(b_session, 12)];
+std::uint8_t b_message_random[::axolotl_encrypt_random_length(b_session)];
+assert_equals(std::size_t(1), ::axolotl_encrypt_message_type(b_session));
+assert_not_equals(std::size_t(-1), ::axolotl_encrypt(
+ b_session,
+ plaintext, 12,
+ b_message_random, sizeof(b_message_random),
+ message_2, sizeof(message_2)
+));
+
+std::uint8_t tmp_message_2[sizeof(message_2)];
+std::memcpy(tmp_message_2, message_2, sizeof(message_2));
+std::uint8_t plaintext_2[::axolotl_decrypt_max_plaintext_length(
+ a_session, 1, tmp_message_2, sizeof(message_2)
+)];
+std::memcpy(tmp_message_2, message_2, sizeof(message_2));
+assert_equals(std::size_t(12), ::axolotl_decrypt(
+ a_session, 1,
+ tmp_message_2, sizeof(message_2),
+ plaintext_2, sizeof(plaintext_2)
+));
+
+assert_equals(plaintext, plaintext_2, 12);
+
+std::memcpy(tmp_message_2, message_2, sizeof(message_2));
+assert_equals(std::size_t(-1), ::axolotl_decrypt(
+ a_session, 1,
+ tmp_message_2, sizeof(message_2),
+ plaintext_2, sizeof(plaintext_2)
+));
+
+
+}
+
+}
diff --git a/tests/test_base64.cpp b/tests/test_base64.cpp
index 2340656..fbd9e19 100644
--- a/tests/test_base64.cpp
+++ b/tests/test_base64.cpp
@@ -1,4 +1,3 @@
-
#include "axolotl/base64.hh"
#include "unittest.hh"