diff options
76 files changed, 3746 insertions, 1513 deletions
diff --git a/.DS_Store b/.DS_Store Binary files differdeleted file mode 100644 index 5008ddf..0000000 --- a/.DS_Store +++ /dev/null @@ -161,6 +161,7 @@ $(RELEASE_TARGET): $(RELEASE_OBJECTS) $(OLM_LDFLAGS) \ $(OUTPUT_OPTION) $(RELEASE_OBJECTS) ln -sf libolm.$(SO).$(VERSION) $(BUILD_DIR)/libolm.$(SO).$(MAJOR) + ln -sf libolm.$(SO).$(VERSION) $(BUILD_DIR)/libolm.$(SO) debug: $(DEBUG_TARGET) .PHONY: debug diff --git a/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmPkTest.java b/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmPkTest.java index 04b2217..1577f3b 100644 --- a/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmPkTest.java +++ b/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmPkTest.java @@ -19,6 +19,8 @@ package org.matrix.olm; import android.support.test.runner.AndroidJUnit4; import android.util.Log; +import java.util.Arrays; + import org.junit.BeforeClass; import org.junit.FixMethodOrder; import org.junit.Test; @@ -91,4 +93,46 @@ public class OlmPkTest { assertTrue(mOlmPkEncryption.isReleased()); assertTrue(mOlmPkDecryption.isReleased()); } + + @Test + public void test02PrivateKey() { + try { + mOlmPkDecryption = new OlmPkDecryption(); + } catch (OlmException e) { + e.printStackTrace(); + assertTrue("OlmPkEncryption failed " + e.getMessage(), false); + } + + assertNotNull(mOlmPkDecryption); + + byte[] privateKey = { + (byte)0x77, (byte)0x07, (byte)0x6D, (byte)0x0A, + (byte)0x73, (byte)0x18, (byte)0xA5, (byte)0x7D, + (byte)0x3C, (byte)0x16, (byte)0xC1, (byte)0x72, + (byte)0x51, (byte)0xB2, (byte)0x66, (byte)0x45, + (byte)0xDF, (byte)0x4C, (byte)0x2F, (byte)0x87, + (byte)0xEB, (byte)0xC0, (byte)0x99, (byte)0x2A, + (byte)0xB1, (byte)0x77, (byte)0xFB, (byte)0xA5, + (byte)0x1D, (byte)0xB9, (byte)0x2C, (byte)0x2A + }; + + try { + mOlmPkDecryption.setPrivateKey(privateKey); + } catch (OlmException e) { + assertTrue("Exception in setPrivateKey, Exception code=" + e.getExceptionCode(), false); + } + + byte[] privateKeyCopy = null; + + try { + privateKeyCopy = mOlmPkDecryption.privateKey(); + } catch (OlmException e) { + assertTrue("Exception in privateKey, Exception code=" + e.getExceptionCode(), false); + } + + assertTrue(Arrays.equals(privateKey, privateKeyCopy)); + + mOlmPkDecryption.releaseDecryption(); + assertTrue(mOlmPkDecryption.isReleased()); + } } diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmAccount.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmAccount.java index 26c3e60..98a3c5b 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmAccount.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmAccount.java @@ -26,6 +26,7 @@ import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.Serializable; +import java.util.Arrays; import java.util.Map; /** @@ -290,9 +291,9 @@ public class OlmAccount extends CommonSerializeUtils implements Serializable { String result = null; if (null != aMessage) { + byte[] utf8String = null; try { - byte[] utf8String = aMessage.getBytes("UTF-8"); - + utf8String = aMessage.getBytes("UTF-8"); if (null != utf8String) { byte[] signedMessage = signMessageJni(utf8String); @@ -302,6 +303,10 @@ public class OlmAccount extends CommonSerializeUtils implements Serializable { } } catch (Exception e) { throw new OlmException(OlmException.EXCEPTION_CODE_ACCOUNT_SIGN_MESSAGE, e.getMessage()); + } finally { + if (null != utf8String) { + Arrays.fill(utf8String, (byte) 0); + } } } diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java index 31b5729..5b534d5 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java @@ -68,6 +68,8 @@ public class OlmException extends IOException { public static final int EXCEPTION_CODE_PK_DECRYPTION_CREATION = 700; public static final int EXCEPTION_CODE_PK_DECRYPTION_GENERATE_KEY = 701; public static final int EXCEPTION_CODE_PK_DECRYPTION_DECRYPT = 702; + public static final int EXCEPTION_CODE_PK_DECRYPTION_SET_PRIVATE_KEY = 703; + public static final int EXCEPTION_CODE_PK_DECRYPTION_PRIVATE_KEY = 704; // exception human readable messages public static final String EXCEPTION_MSG_INVALID_PARAMS_DESERIALIZATION = "invalid de-serialized parameters"; diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java index b41c67a..2fc81ef 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java @@ -77,10 +77,16 @@ public class OlmInboundGroupSession extends CommonSerializeUtils implements Seri Log.e(LOG_TAG, "## initInboundGroupSession(): invalid session key"); throw new OlmException(OlmException.EXCEPTION_CODE_INIT_INBOUND_GROUP_SESSION, "invalid session key"); } else { + byte[] sessionBuffer = null; try { + sessionBuffer = aSessionKey.getBytes("UTF-8"); mNativeId = createNewSessionJni(aSessionKey.getBytes("UTF-8"), isImported); } catch (Exception e) { throw new OlmException(OlmException.EXCEPTION_CODE_INIT_INBOUND_GROUP_SESSION, e.getMessage()); + } finally { + if (null != sessionBuffer) { + Arrays.fill(sessionBuffer, (byte) 0); + } } } } @@ -216,6 +222,7 @@ public class OlmInboundGroupSession extends CommonSerializeUtils implements Seri if (null != bytesBuffer) { result = new String(bytesBuffer, "UTF-8"); + Arrays.fill(bytesBuffer, (byte) 0); } } catch (Exception e) { Log.e(LOG_TAG, "## export() failed " + e.getMessage()); diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java index e4d4a44..55732fe 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java @@ -142,7 +142,10 @@ public class OlmOutboundGroupSession extends CommonSerializeUtils implements Ser */ public String sessionKey() throws OlmException { try { - return new String(sessionKeyJni(), "UTF-8"); + byte[] sessionKeyBuffer = sessionKeyJni(); + String ret = new String(sessionKeyBuffer, "UTF-8"); + Arrays.fill(sessionKeyBuffer, (byte) 0); + return ret; } catch (Exception e) { Log.e(LOG_TAG, "## sessionKey() failed " + e.getMessage()); throw new OlmException(OlmException.EXCEPTION_CODE_OUTBOUND_GROUP_SESSION_KEY, e.getMessage()); diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java index ea838f1..6522f70 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkDecryption.java @@ -51,6 +51,18 @@ public class OlmPkDecryption { return (0 == mNativeId); } + public String setPrivateKey(byte[] privateKey) throws OlmException { + try { + byte[] key = setPrivateKeyJni(privateKey); + return new String(key, "UTF-8"); + } catch (Exception e) { + Log.e(LOG_TAG, "## setPrivateKey(): failed " + e.getMessage()); + throw new OlmException(OlmException.EXCEPTION_CODE_PK_DECRYPTION_SET_PRIVATE_KEY, e.getMessage()); + } + } + + private native byte[] setPrivateKeyJni(byte[] privateKey); + public String generateKey() throws OlmException { try { byte[] key = generateKeyJni(); @@ -63,19 +75,31 @@ public class OlmPkDecryption { private native byte[] generateKeyJni(); + public byte[] privateKey() throws OlmException { + try { + return privateKeyJni(); + } catch (Exception e) { + Log.e(LOG_TAG, "## privateKey(): failed " + e.getMessage()); + throw new OlmException(OlmException.EXCEPTION_CODE_PK_DECRYPTION_PRIVATE_KEY, e.getMessage()); + } + } + + private native byte[] privateKeyJni(); + public String decrypt(OlmPkMessage aMessage) throws OlmException { if (null == aMessage) { return null; } + byte[] plaintextBuffer = decryptJni(aMessage); try { - byte[] plaintextBuffer = decryptJni(aMessage); String plaintext = new String(plaintextBuffer, "UTF-8"); - Arrays.fill(plaintextBuffer, (byte) 0); return plaintext; } catch (Exception e) { Log.e(LOG_TAG, "## pkDecrypt(): failed " + e.getMessage()); throw new OlmException(OlmException.EXCEPTION_CODE_PK_DECRYPTION_DECRYPT, e.getMessage()); + } finally { + Arrays.fill(plaintextBuffer, (byte) 0); } } diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java index a2ccf2e..01666fd 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmPkEncryption.java @@ -73,10 +73,10 @@ public class OlmPkEncryption { OlmPkMessage encryptedMsgRetValue = new OlmPkMessage(); + byte[] plaintextBuffer = null; try { - byte[] plaintextBuffer = aPlaintext.getBytes("UTF-8"); + plaintextBuffer = aPlaintext.getBytes("UTF-8"); byte[] ciphertextBuffer = encryptJni(plaintextBuffer, encryptedMsgRetValue); - Arrays.fill(plaintextBuffer, (byte) 0); if (null != ciphertextBuffer) { encryptedMsgRetValue.mCipherText = new String(ciphertextBuffer, "UTF-8"); @@ -84,6 +84,10 @@ public class OlmPkEncryption { } catch (Exception e) { Log.e(LOG_TAG, "## pkEncrypt(): failed " + e.getMessage()); throw new OlmException(OlmException.EXCEPTION_CODE_PK_ENCRYPTION_ENCRYPT, e.getMessage()); + } finally { + if (null != plaintextBuffer) { + Arrays.fill(plaintextBuffer, (byte) 0); + } } return encryptedMsgRetValue; diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java index bf9ef90..250cfb1 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java @@ -23,6 +23,7 @@ import android.util.Log; import org.json.JSONObject; import java.security.SecureRandom; +import java.util.Arrays; import java.util.HashMap; import java.util.Iterator; import java.util.Map; @@ -81,17 +82,23 @@ public class OlmUtility { */ public void verifyEd25519Signature(String aSignature, String aFingerprintKey, String aMessage) throws OlmException { String errorMessage; + byte[] messageBuffer = null; try { if (TextUtils.isEmpty(aSignature) || TextUtils.isEmpty(aFingerprintKey) || TextUtils.isEmpty(aMessage)) { Log.e(LOG_TAG, "## verifyEd25519Signature(): invalid input parameters"); errorMessage = "JAVA sanity check failure - invalid input parameters"; } else { - errorMessage = verifyEd25519SignatureJni(aSignature.getBytes("UTF-8"), aFingerprintKey.getBytes("UTF-8"), aMessage.getBytes("UTF-8")); + messageBuffer = aMessage.getBytes("UTF-8"); + errorMessage = verifyEd25519SignatureJni(aSignature.getBytes("UTF-8"), aFingerprintKey.getBytes("UTF-8"), messageBuffer); } } catch (Exception e) { Log.e(LOG_TAG, "## verifyEd25519Signature(): failed " + e.getMessage()); errorMessage = e.getMessage(); + } finally { + if (messageBuffer != null) { + Arrays.fill(messageBuffer, (byte) 0); + } } if (!TextUtils.isEmpty(errorMessage)) { @@ -119,10 +126,16 @@ public class OlmUtility { String hashRetValue = null; if (null != aMessageToHash) { + byte[] messageBuffer = null; try { - hashRetValue = new String(sha256Jni(aMessageToHash.getBytes("UTF-8")), "UTF-8"); + messageBuffer = aMessageToHash.getBytes("UTF-8"); + hashRetValue = new String(sha256Jni(messageBuffer), "UTF-8"); } catch (Exception e) { Log.e(LOG_TAG, "## sha256(): failed " + e.getMessage()); + } finally { + if (null != messageBuffer) { + Arrays.fill(messageBuffer, (byte) 0); + } } } diff --git a/android/olm-sdk/src/main/jni/olm_account.cpp b/android/olm-sdk/src/main/jni/olm_account.cpp index 40081ac..00b1460 100644 --- a/android/olm-sdk/src/main/jni/olm_account.cpp +++ b/android/olm-sdk/src/main/jni/olm_account.cpp @@ -528,6 +528,7 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi const char* errorMessage = NULL; jbyteArray pickledDataRetValue = 0; jbyte* keyPtr = NULL; + jboolean keyIsCopied = JNI_FALSE; OlmAccount* accountPtr = NULL; LOGD("## serializeJni(): IN"); @@ -542,7 +543,7 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi LOGE(" ## serializeJni(): failure - invalid account ptr"); errorMessage = "invalid account ptr"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, NULL))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyIsCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -586,6 +587,9 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi // free alloc if (keyPtr) { + if (keyIsCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -610,6 +614,7 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, OlmAccount* accountPtr = NULL; jbyte* keyPtr = NULL; + jboolean keyIsCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -629,7 +634,7 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, LOGE(" ## deserializeJni(): failure - account failure OOM"); errorMessage = "account failure OOM"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyIsCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -665,6 +670,9 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, // free alloc if (keyPtr) { + if (keyIsCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -684,4 +692,4 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, } return (jlong)(intptr_t)accountPtr; -}
\ No newline at end of file +} diff --git a/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp b/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp index 114b7cd..ae9ecf1 100644 --- a/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp @@ -62,6 +62,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * const char* errorMessage = NULL; OlmInboundGroupSession* sessionPtr = NULL; jbyte* sessionKeyPtr = NULL; + jboolean sessionWasCopied = JNI_FALSE; size_t sessionSize = olm_inbound_group_session_size(); LOGD("## createNewSessionJni(): inbound group session IN"); @@ -81,7 +82,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * LOGE(" ## createNewSessionJni(): failure - invalid aSessionKey"); errorMessage = "invalid aSessionKey"; } - else if (!(sessionKeyPtr = env->GetByteArrayElements(aSessionKeyBuffer, 0))) + else if (!(sessionKeyPtr = env->GetByteArrayElements(aSessionKeyBuffer, &sessionWasCopied))) { LOGE(" ## createNewSessionJni(): failure - session key JNI allocation OOM"); errorMessage = "Session key JNI allocation OOM"; @@ -119,6 +120,9 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * if (sessionKeyPtr) { + if (sessionWasCopied) { + memset(sessionKeyPtr, 0, (size_t)env->GetArrayLength(aSessionKeyBuffer)); + } env->ReleaseByteArrayElements(aSessionKeyBuffer, sessionKeyPtr, JNI_ABORT); } @@ -474,6 +478,7 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en jbyteArray pickledDataRet = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmInboundGroupSession* sessionPtr = getInboundGroupSessionInstanceId(env, thiz); LOGD("## inbound group session serializeJni(): IN"); @@ -488,7 +493,7 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -533,6 +538,9 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -558,6 +566,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, OlmInboundGroupSession* sessionPtr = NULL; size_t sessionSize = olm_inbound_group_session_size(); jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -582,7 +591,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -620,6 +629,9 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp index b11c474..a22122a 100644 --- a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp @@ -387,6 +387,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e jbyteArray returnValue = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmOutboundGroupSession* sessionPtr = NULL; LOGD("## outbound group session serializeJni(): IN"); @@ -401,7 +402,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -446,6 +447,9 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -471,6 +475,7 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, OlmOutboundGroupSession* sessionPtr = NULL; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -495,7 +500,7 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "invalid serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -532,6 +537,9 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_pk.cpp b/android/olm-sdk/src/main/jni/olm_pk.cpp index 12528de..eff57a5 100644 --- a/android/olm-sdk/src/main/jni/olm_pk.cpp +++ b/android/olm-sdk/src/main/jni/olm_pk.cpp @@ -364,9 +364,82 @@ JNIEXPORT void OLM_PK_DECRYPTION_FUNC_DEF(releasePkDecryptionJni)(JNIEnv *env, j } } +JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(setPrivateKeyJni)(JNIEnv *env, jobject thiz, jbyteArray key) +{ + jbyteArray publicKeyRet = 0; + jbyte *keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; + + const char* errorMessage = NULL; + + OlmPkDecryption* decryptionPtr = getPkDecryptionInstanceId(env, thiz); + + if (!decryptionPtr) + { + LOGE(" ## pkSetPrivateKeyJni(): failure - invalid Decryption ptr=NULL"); + } + else if (!key) + { + LOGE(" ## pkSetPrivateKeyJni(): failure - invalid key"); + errorMessage = "invalid key"; + } + else if (!(keyPtr = env->GetByteArrayElements(key, &keyWasCopied))) + { + LOGE(" ## pkSetPrivateKeyJni(): failure - key JNI allocation OOM"); + errorMessage = "key JNI allocation OOM"; + } + else + { + size_t publicKeyLength = olm_pk_key_length(); + uint8_t *publicKeyPtr = NULL; + size_t keyLength = (size_t)env->GetArrayLength(key); + if (!(publicKeyPtr = (uint8_t*)malloc(publicKeyLength))) + { + LOGE("## pkSetPrivateKeyJni(): failure - public key JNI allocation OOM"); + errorMessage = "public key JNI allocation OOM"; + } + else + { + size_t returnValue = olm_pk_key_from_private( + decryptionPtr, + publicKeyPtr, publicKeyLength, + keyPtr, keyLength + ); + if (returnValue == olm_error()) + { + errorMessage = olm_pk_decryption_last_error(decryptionPtr); + LOGE(" ## pkSetPrivateKeyJni(): failure - olm_pk_key_from_private Msg=%s", errorMessage); + } + else + { + publicKeyRet = env->NewByteArray(publicKeyLength); + env->SetByteArrayRegion( + publicKeyRet, 0, publicKeyLength, (jbyte*)publicKeyPtr + ); + } + } + } + + if (keyPtr) + { + if (keyWasCopied) + { + memset(keyPtr, 0, (size_t)env->GetArrayLength(key)); + } + env->ReleaseByteArrayElements(key, keyPtr, JNI_ABORT); + } + + if (errorMessage) + { + env->ThrowNew(env->FindClass("java/lang/Exception"), errorMessage); + } + + return publicKeyRet; +} + JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, jobject thiz) { - size_t randomLength = olm_pk_generate_key_random_length(); + size_t randomLength = olm_pk_private_key_length(); uint8_t *randomBuffPtr = NULL; jbyteArray publicKeyRet = 0; @@ -393,7 +466,7 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, job } else { - if (olm_pk_generate_key(decryptionPtr, publicKeyPtr, publicKeyLength, randomBuffPtr, randomLength) == olm_error()) + if (olm_pk_key_from_private(decryptionPtr, publicKeyPtr, publicKeyLength, randomBuffPtr, randomLength) == olm_error()) { errorMessage = olm_pk_decryption_last_error(decryptionPtr); LOGE("## pkGenerateKeyJni(): failure - olm_pk_generate_key Msg=%s", errorMessage); @@ -414,16 +487,61 @@ JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, job if (errorMessage) { - // release the allocated data - if (decryptionPtr) + env->ThrowNew(env->FindClass("java/lang/Exception"), errorMessage); + } + + return publicKeyRet; +} + +JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(privateKeyJni)(JNIEnv *env, jobject thiz) +{ + jbyteArray privateKeyRet = 0; + + const char* errorMessage = NULL; + + OlmPkDecryption* decryptionPtr = getPkDecryptionInstanceId(env, thiz); + + if (!decryptionPtr) + { + LOGE(" ## pkPrivateKeyJni(): failure - invalid Decryption ptr=NULL"); + } + else + { + size_t privateKeyLength = olm_pk_private_key_length(); + uint8_t *privateKeyPtr = NULL; + if (!(privateKeyPtr = (uint8_t*)malloc(privateKeyLength))) { - olm_clear_pk_decryption(decryptionPtr); - free(decryptionPtr); + LOGE("## pkPrivateKeyJni(): failure - private key JNI allocation OOM"); + errorMessage = "private key JNI allocation OOM"; + } + else + { + size_t returnValue = olm_pk_get_private_key( + decryptionPtr, + privateKeyPtr, privateKeyLength + ); + if (returnValue == olm_error()) + { + errorMessage = olm_pk_decryption_last_error(decryptionPtr); + LOGE(" ## pkPrivateKeyJni(): failure - olm_pk_get_private_key Msg=%s", errorMessage); + } + else + { + privateKeyRet = env->NewByteArray(privateKeyLength); + env->SetByteArrayRegion( + privateKeyRet, 0, privateKeyLength, (jbyte*)privateKeyPtr + ); + memset(privateKeyPtr, 0, privateKeyLength); + } } + } + + if (errorMessage) + { env->ThrowNew(env->FindClass("java/lang/Exception"), errorMessage); } - return publicKeyRet; + return privateKeyRet; } JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)( diff --git a/android/olm-sdk/src/main/jni/olm_pk.h b/android/olm-sdk/src/main/jni/olm_pk.h index 984c5f8..5f45462 100644 --- a/android/olm-sdk/src/main/jni/olm_pk.h +++ b/android/olm-sdk/src/main/jni/olm_pk.h @@ -35,7 +35,9 @@ JNIEXPORT jbyteArray OLM_PK_ENCRYPTION_FUNC_DEF(encryptJni)(JNIEnv *env, jobject JNIEXPORT jlong OLM_PK_DECRYPTION_FUNC_DEF(createNewPkDecryptionJni)(JNIEnv *env, jobject thiz); JNIEXPORT void OLM_PK_DECRYPTION_FUNC_DEF(releasePkDecryptionJni)(JNIEnv *env, jobject thiz); +JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(setPrivateKeyJni)(JNIEnv *env, jobject thiz, jbyteArray key); JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(generateKeyJni)(JNIEnv *env, jobject thiz); +JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(privateKeyJni)(JNIEnv *env, jobject thiz); JNIEXPORT jbyteArray OLM_PK_DECRYPTION_FUNC_DEF(decryptJni)(JNIEnv *env, jobject thiz, jobject aEncryptedMsg); #ifdef __cplusplus diff --git a/android/olm-sdk/src/main/jni/olm_session.cpp b/android/olm-sdk/src/main/jni/olm_session.cpp index b9db286..15ad4fe 100644 --- a/android/olm-sdk/src/main/jni/olm_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_session.cpp @@ -810,6 +810,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi jbyteArray returnValue = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmSession* sessionPtr = getSessionInstanceId(env, thiz); LOGD("## serializeJni(): IN"); @@ -824,7 +825,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "ikeyPtr JNI allocation OOM"; @@ -869,6 +870,9 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -892,6 +896,7 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, const char* errorMessage = NULL; OlmSession* sessionPtr = initializeSessionMemory(); jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -911,7 +916,7 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -947,6 +952,9 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_utility.cpp b/android/olm-sdk/src/main/jni/olm_utility.cpp index f6fe719..da27eda 100644 --- a/android/olm-sdk/src/main/jni/olm_utility.cpp +++ b/android/olm-sdk/src/main/jni/olm_utility.cpp @@ -90,6 +90,7 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j jbyte* signaturePtr = NULL; jbyte* keyPtr = NULL; jbyte* messagePtr = NULL; + jboolean messageWasCopied = JNI_FALSE; LOGD("## verifyEd25519SignatureJni(): IN"); @@ -109,7 +110,7 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j { LOGE(" ## verifyEd25519SignatureJni(): failure - key JNI allocation OOM"); } - else if (!(messagePtr = env->GetByteArrayElements(aMessageBuffer, 0))) + else if (!(messagePtr = env->GetByteArrayElements(aMessageBuffer, &messageWasCopied))) { LOGE(" ## verifyEd25519SignatureJni(): failure - message JNI allocation OOM"); } @@ -152,6 +153,9 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j if (messagePtr) { + if (messageWasCopied) { + memset(messagePtr, 0, (size_t)env->GetArrayLength(aMessageBuffer)); + } env->ReleaseByteArrayElements(aMessageBuffer, messagePtr, JNI_ABORT); } @@ -171,6 +175,7 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, OlmUtility* utilityPtr = getUtilityInstanceId(env, thiz); jbyte* messagePtr = NULL; + jboolean messageWasCopied = JNI_FALSE; LOGD("## sha256Jni(): IN"); @@ -182,7 +187,7 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, { LOGE(" ## sha256Jni(): failure - invalid message parameters "); } - else if(!(messagePtr = env->GetByteArrayElements(aMessageToHashBuffer, 0))) + else if(!(messagePtr = env->GetByteArrayElements(aMessageToHashBuffer, &messageWasCopied))) { LOGE(" ## sha256Jni(): failure - message JNI allocation OOM"); } @@ -221,8 +226,11 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, if (messagePtr) { + if (messageWasCopied) { + memset(messagePtr, 0, (size_t)env->GetArrayLength(aMessageToHashBuffer)); + } env->ReleaseByteArrayElements(aMessageToHashBuffer, messagePtr, JNI_ABORT); } return sha256Ret; -}
\ No newline at end of file +} diff --git a/fuzzers/README.rst b/fuzzers/README.rst index d052303..b6f5f9c 100644 --- a/fuzzers/README.rst +++ b/fuzzers/README.rst @@ -19,8 +19,7 @@ Usage notes: make fuzzers 3. Some of the tests (eg ``fuzz_decrypt`` and ``fuzz_group_decrypt``) require a - session file. You can use the ones generated by the python test script - (``python/test.sh``). + session file. You can create one by pickling an Olm session. 4. Make some work directories: diff --git a/include/olm/olm.h b/include/olm/olm.h index 793aa30..0722d79 100644 --- a/include/olm/olm.h +++ b/include/olm/olm.h @@ -320,13 +320,13 @@ int olm_session_has_received_message( /** Checks if the PRE_KEY message is for this in-bound session. This can happen * if multiple messages are sent to this account before this account sends a - * message in reply. Returns 1 if the session matches. Returns 0 if the session - * does not match. Returns olm_error() on failure. If the base64 - * couldn't be decoded then olm_session_last_error will be "INVALID_BASE64". - * If the message was for an unsupported protocol version then - * olm_session_last_error() will be "BAD_MESSAGE_VERSION". If the message - * couldn't be decoded then then olm_session_last_error() will be - * "BAD_MESSAGE_FORMAT". */ + * message in reply. The one_time_key_message buffer is destroyed. Returns 1 if + * the session matches. Returns 0 if the session does not match. Returns + * olm_error() on failure. If the base64 couldn't be decoded then + * olm_session_last_error will be "INVALID_BASE64". If the message was for an + * unsupported protocol version then olm_session_last_error() will be + * "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then + * olm_session_last_error() will be "BAD_MESSAGE_FORMAT". */ size_t olm_matches_inbound_session( OlmSession * session, void * one_time_key_message, size_t message_length @@ -334,13 +334,13 @@ size_t olm_matches_inbound_session( /** Checks if the PRE_KEY message is for this in-bound session. This can happen * if multiple messages are sent to this account before this account sends a - * message in reply. Returns 1 if the session matches. Returns 0 if the session - * does not match. Returns olm_error() on failure. If the base64 - * couldn't be decoded then olm_session_last_error will be "INVALID_BASE64". - * If the message was for an unsupported protocol version then - * olm_session_last_error() will be "BAD_MESSAGE_VERSION". If the message - * couldn't be decoded then then olm_session_last_error() will be - * "BAD_MESSAGE_FORMAT". */ + * message in reply. The one_time_key_message buffer is destroyed. Returns 1 if + * the session matches. Returns 0 if the session does not match. Returns + * olm_error() on failure. If the base64 couldn't be decoded then + * olm_session_last_error will be "INVALID_BASE64". If the message was for an + * unsupported protocol version then olm_session_last_error() will be + * "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then + * olm_session_last_error() will be "BAD_MESSAGE_FORMAT". */ size_t olm_matches_inbound_session_from( OlmSession * session, void const * their_identity_key, size_t their_identity_key_length, diff --git a/include/olm/pk.h b/include/olm/pk.h index 4278fca..c46baa0 100644 --- a/include/olm/pk.h +++ b/include/olm/pk.h @@ -114,7 +114,7 @@ size_t olm_clear_pk_decryption( /** Get the number of bytes required to store an olm private key */ -size_t olm_pk_private_key_length(); +size_t olm_pk_private_key_length(void); /** DEPRECATED: Use olm_pk_private_key_length() */ diff --git a/javascript/.gitignore b/javascript/.gitignore index 3437f73..1533e1b 100644 --- a/javascript/.gitignore +++ b/javascript/.gitignore @@ -2,5 +2,6 @@ /node_modules /npm-debug.log /olm.js +/olm_legacy.js /olm.wasm /reports diff --git a/javascript/olm_inbound_group_session.js b/javascript/olm_inbound_group_session.js index 7d9e401..dd8e493 100644 --- a/javascript/olm_inbound_group_session.js +++ b/javascript/olm_inbound_group_session.js @@ -29,9 +29,17 @@ InboundGroupSession.prototype['pickle'] = restore_stack(function(key) { )(this.ptr); var key_buffer = stack(key_array); var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH); - inbound_group_session_method(Module['_olm_pickle_inbound_group_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length - ); + try { + inbound_group_session_method(Module['_olm_pickle_inbound_group_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(pickle_buffer); }); @@ -40,28 +48,52 @@ InboundGroupSession.prototype['unpickle'] = restore_stack(function(key, pickle) var key_buffer = stack(key_array); var pickle_array = array_from_string(pickle); var pickle_buffer = stack(pickle_array); - inbound_group_session_method(Module['_olm_unpickle_inbound_group_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, - pickle_array.length - ); + try { + inbound_group_session_method(Module['_olm_unpickle_inbound_group_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, + pickle_array.length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); InboundGroupSession.prototype['create'] = restore_stack(function(session_key) { var key_array = array_from_string(session_key); var key_buffer = stack(key_array); - inbound_group_session_method(Module['_olm_init_inbound_group_session'])( - this.ptr, key_buffer, key_array.length - ); + try { + inbound_group_session_method(Module['_olm_init_inbound_group_session'])( + this.ptr, key_buffer, key_array.length + ); + } finally { + // clear out copies of the key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); InboundGroupSession.prototype['import_session'] = restore_stack(function(session_key) { var key_array = array_from_string(session_key); var key_buffer = stack(key_array); - inbound_group_session_method(Module['_olm_import_inbound_group_session'])( - this.ptr, key_buffer, key_array.length - ); + try { + inbound_group_session_method(Module['_olm_import_inbound_group_session'])( + this.ptr, key_buffer, key_array.length + ); + } finally { + // clear out copies of the key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); InboundGroupSession.prototype['decrypt'] = restore_stack(function( @@ -140,7 +172,9 @@ InboundGroupSession.prototype['export_session'] = restore_stack(function(message outbound_group_session_method(Module['_olm_export_inbound_group_session'])( this.ptr, key, key_length, message_index ); - return Pointer_stringify(key); + var key_str = Pointer_stringify(key); + bzero(key, key_length); // clear out a copy of the key + return key_str; }); olm_exports['InboundGroupSession'] = InboundGroupSession; diff --git a/javascript/olm_outbound_group_session.js b/javascript/olm_outbound_group_session.js index e232883..f1ccd3d 100644 --- a/javascript/olm_outbound_group_session.js +++ b/javascript/olm_outbound_group_session.js @@ -29,9 +29,17 @@ OutboundGroupSession.prototype['pickle'] = restore_stack(function(key) { )(this.ptr); var key_buffer = stack(key_array); var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH); - outbound_group_session_method(Module['_olm_pickle_outbound_group_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length - ); + try { + outbound_group_session_method(Module['_olm_pickle_outbound_group_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(pickle_buffer); }); @@ -40,10 +48,18 @@ OutboundGroupSession.prototype['unpickle'] = restore_stack(function(key, pickle) var key_buffer = stack(key_array); var pickle_array = array_from_string(pickle); var pickle_buffer = stack(pickle_array); - outbound_group_session_method(Module['_olm_unpickle_outbound_group_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, - pickle_array.length - ); + try { + outbound_group_session_method(Module['_olm_unpickle_outbound_group_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, + pickle_array.length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); OutboundGroupSession.prototype['create'] = restore_stack(function() { @@ -116,7 +132,9 @@ OutboundGroupSession.prototype['session_key'] = restore_stack(function() { outbound_group_session_method(Module['_olm_outbound_group_session_key'])( this.ptr, key, key_length ); - return Pointer_stringify(key); + var key_str = Pointer_stringify(key); + bzero(key, key_length); // clear out our copy of the key + return key_str; }); OutboundGroupSession.prototype['message_index'] = function() { diff --git a/javascript/olm_pk.js b/javascript/olm_pk.js index 4f730dd..81dbad4 100644 --- a/javascript/olm_pk.js +++ b/javascript/olm_pk.js @@ -33,15 +33,15 @@ PkEncryption.prototype['set_recipient_key'] = restore_stack(function(key) { PkEncryption.prototype['encrypt'] = restore_stack(function( plaintext ) { - var plaintext_buffer, ciphertext_buffer, plaintext_length; + var plaintext_buffer, ciphertext_buffer, plaintext_length, random, random_length; try { plaintext_length = lengthBytesUTF8(plaintext) plaintext_buffer = malloc(plaintext_length + 1); stringToUTF8(plaintext, plaintext_buffer, plaintext_length + 1); - var random_length = pk_encryption_method( + random_length = pk_encryption_method( Module['_olm_pk_encrypt_random_length'] )(); - var random = random_stack(random_length); + random = random_stack(random_length); var ciphertext_length = pk_encryption_method( Module['_olm_pk_ciphertext_length'] )(this.ptr, plaintext_length); @@ -82,6 +82,10 @@ PkEncryption.prototype['encrypt'] = restore_stack(function( "ephemeral": Pointer_stringify(ephemeral_buffer) }; } finally { + if (random !== undefined) { + // clear out the random buffer, since it is key data + bzero(random, random_length); + } if (plaintext_buffer !== undefined) { // don't leave a copy of the plaintext in the heap. bzero(plaintext_buffer, plaintext_length + 1); @@ -126,11 +130,16 @@ PkDecryption.prototype['init_with_private_key'] = restore_stack(function (privat Module['_olm_pk_key_length'] )(); var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH); - pk_decryption_method(Module['_olm_pk_key_from_private'])( - this.ptr, - pubkey_buffer, pubkey_length, - private_key_buffer, private_key.length - ); + try { + pk_decryption_method(Module['_olm_pk_key_from_private'])( + this.ptr, + pubkey_buffer, pubkey_length, + private_key_buffer, private_key.length + ); + } finally { + // clear out our copy of the private key + bzero(private_key_buffer, private_key.length); + } return Pointer_stringify(pubkey_buffer); }); @@ -143,11 +152,16 @@ PkDecryption.prototype['generate_key'] = restore_stack(function () { Module['_olm_pk_key_length'] )(); var pubkey_buffer = stack(pubkey_length + NULL_BYTE_PADDING_LENGTH); - pk_decryption_method(Module['_olm_pk_key_from_private'])( - this.ptr, - pubkey_buffer, pubkey_length, - random_buffer, random_length - ); + try { + pk_decryption_method(Module['_olm_pk_key_from_private'])( + this.ptr, + pubkey_buffer, pubkey_length, + random_buffer, random_length + ); + } finally { + // clear out the random buffer (= private key) + bzero(random_buffer, random_length); + } return Pointer_stringify(pubkey_buffer); }); @@ -160,7 +174,14 @@ PkDecryption.prototype['get_private_key'] = restore_stack(function () { this.ptr, privkey_buffer, privkey_length ); - return new Uint8Array(Module['HEAPU8'].buffer, privkey_buffer, privkey_length); + // The inner Uint8Array creates a view of the buffer. The outer Uint8Array + // copies it to a new array to return, since the original buffer will get + // deallocated from the stack and could get overwritten. + var key_arr = new Uint8Array( + new Uint8Array(Module['HEAPU8'].buffer, privkey_buffer, privkey_length) + ); + bzero(privkey_buffer, privkey_length); // clear out our copy of the key + return key_arr; }); PkDecryption.prototype['pickle'] = restore_stack(function (key) { @@ -170,9 +191,17 @@ PkDecryption.prototype['pickle'] = restore_stack(function (key) { )(this.ptr); var key_buffer = stack(key_array); var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH); - pk_decryption_method(Module['_olm_pickle_pk_decryption'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length - ); + try { + pk_decryption_method(Module['_olm_pickle_pk_decryption'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(pickle_buffer); }); @@ -185,10 +214,18 @@ PkDecryption.prototype['unpickle'] = restore_stack(function (key, pickle) { Module["_olm_pk_key_length"] )(); var ephemeral_buffer = stack(ephemeral_length + NULL_BYTE_PADDING_LENGTH); - pk_decryption_method(Module['_olm_unpickle_pk_decryption'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, - pickle_array.length, ephemeral_buffer, ephemeral_length - ); + try { + pk_decryption_method(Module['_olm_unpickle_pk_decryption'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, + pickle_array.length, ephemeral_buffer, ephemeral_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(ephemeral_buffer); }); diff --git a/javascript/olm_post.js b/javascript/olm_post.js index 21ea890..8c06fff 100644 --- a/javascript/olm_post.js +++ b/javascript/olm_post.js @@ -91,11 +91,19 @@ Account.prototype['sign'] = restore_stack(function(message) { var message_array = array_from_string(message); var message_buffer = stack(message_array); var signature_buffer = stack(signature_length + NULL_BYTE_PADDING_LENGTH); - account_method(Module['_olm_account_sign'])( - this.ptr, - message_buffer, message_array.length, - signature_buffer, signature_length - ); + try { + account_method(Module['_olm_account_sign'])( + this.ptr, + message_buffer, message_array.length, + signature_buffer, signature_length + ); + } finally { + // clear out copies of the message, which may be plaintext + bzero(message_buffer, message_array.length); + for (var i = 0; i < message_array.length; i++) { + message_array[i] = 0; + } + } return Pointer_stringify(signature_buffer); }); @@ -145,9 +153,17 @@ Account.prototype['pickle'] = restore_stack(function(key) { )(this.ptr); var key_buffer = stack(key_array); var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH); - account_method(Module['_olm_pickle_account'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length - ); + try { + account_method(Module['_olm_pickle_account'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(pickle_buffer); }); @@ -156,10 +172,18 @@ Account.prototype['unpickle'] = restore_stack(function(key, pickle) { var key_buffer = stack(key_array); var pickle_array = array_from_string(pickle); var pickle_buffer = stack(pickle_array); - account_method(Module['_olm_unpickle_account'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, - pickle_array.length - ); + try { + account_method(Module['_olm_unpickle_account'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, + pickle_array.length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); function Session() { @@ -193,9 +217,17 @@ Session.prototype['pickle'] = restore_stack(function(key) { )(this.ptr); var key_buffer = stack(key_array); var pickle_buffer = stack(pickle_length + NULL_BYTE_PADDING_LENGTH); - session_method(Module['_olm_pickle_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length - ); + try { + session_method(Module['_olm_pickle_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, pickle_length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } return Pointer_stringify(pickle_buffer); }); @@ -204,10 +236,18 @@ Session.prototype['unpickle'] = restore_stack(function(key, pickle) { var key_buffer = stack(key_array); var pickle_array = array_from_string(pickle); var pickle_buffer = stack(pickle_array); - session_method(Module['_olm_unpickle_session'])( - this.ptr, key_buffer, key_array.length, pickle_buffer, - pickle_array.length - ); + try { + session_method(Module['_olm_unpickle_session'])( + this.ptr, key_buffer, key_array.length, pickle_buffer, + pickle_array.length + ); + } finally { + // clear out copies of the pickle key + bzero(key_buffer, key_array.length) + for (var i = 0; i < key_array.length; i++) { + key_array[i] = 0; + } + } }); Session.prototype['create_outbound'] = restore_stack(function( @@ -221,12 +261,17 @@ Session.prototype['create_outbound'] = restore_stack(function( var one_time_key_array = array_from_string(their_one_time_key); var identity_key_buffer = stack(identity_key_array); var one_time_key_buffer = stack(one_time_key_array); - session_method(Module['_olm_create_outbound_session'])( - this.ptr, account.ptr, - identity_key_buffer, identity_key_array.length, - one_time_key_buffer, one_time_key_array.length, - random, random_length - ); + try { + session_method(Module['_olm_create_outbound_session'])( + this.ptr, account.ptr, + identity_key_buffer, identity_key_array.length, + one_time_key_buffer, one_time_key_array.length, + random, random_length + ); + } finally { + // clear the random buffer, which is key data + bzero(random, random_length); + } }); Session.prototype['create_inbound'] = restore_stack(function( @@ -234,9 +279,17 @@ Session.prototype['create_inbound'] = restore_stack(function( ) { var message_array = array_from_string(one_time_key_message); var message_buffer = stack(message_array); - session_method(Module['_olm_create_inbound_session'])( - this.ptr, account.ptr, message_buffer, message_array.length - ); + try { + session_method(Module['_olm_create_inbound_session'])( + this.ptr, account.ptr, message_buffer, message_array.length + ); + } finally { + // clear out copies of the key + bzero(message_buffer, message_array.length); + for (var i = 0; i < message_array.length; i++) { + message_array[i] = 0; + } + } }); Session.prototype['create_inbound_from'] = restore_stack(function( @@ -246,11 +299,19 @@ Session.prototype['create_inbound_from'] = restore_stack(function( var identity_key_buffer = stack(identity_key_array); var message_array = array_from_string(one_time_key_message); var message_buffer = stack(message_array); - session_method(Module['_olm_create_inbound_session_from'])( - this.ptr, account.ptr, - identity_key_buffer, identity_key_array.length, - message_buffer, message_array.length - ); + try { + session_method(Module['_olm_create_inbound_session_from'])( + this.ptr, account.ptr, + identity_key_buffer, identity_key_array.length, + message_buffer, message_array.length + ); + } finally { + // clear out copies of the key + bzero(message_buffer, message_array.length); + for (var i = 0; i < message_array.length; i++) { + message_array[i] = 0; + } + } }); Session.prototype['session_id'] = restore_stack(function() { @@ -296,9 +357,9 @@ Session.prototype['matches_inbound_from'] = restore_stack(function( Session.prototype['encrypt'] = restore_stack(function( plaintext ) { - var plaintext_buffer, message_buffer, plaintext_length; + var plaintext_buffer, message_buffer, plaintext_length, random, random_length; try { - var random_length = session_method( + random_length = session_method( Module['_olm_encrypt_random_length'] )(this.ptr); var message_type = session_method( @@ -310,7 +371,7 @@ Session.prototype['encrypt'] = restore_stack(function( Module['_olm_encrypt_message_length'] )(this.ptr, plaintext_length); - var random = random_stack(random_length); + random = random_stack(random_length); // need to allow space for the terminator (which stringToUTF8 always // writes), hence + 1. @@ -338,6 +399,10 @@ Session.prototype['encrypt'] = restore_stack(function( "body": UTF8ToString(message_buffer), }; } finally { + if (random !== undefined) { + // clear out the random buffer, since it is the private key + bzero(random, random_length); + } if (plaintext_buffer !== undefined) { // don't leave a copy of the plaintext in the heap. bzero(plaintext_buffer, plaintext_length + 1); @@ -423,11 +488,19 @@ Utility.prototype['sha256'] = restore_stack(function(input) { var input_array = array_from_string(input); var input_buffer = stack(input_array); var output_buffer = stack(output_length + NULL_BYTE_PADDING_LENGTH); - utility_method(Module['_olm_sha256'])( - this.ptr, - input_buffer, input_array.length, - output_buffer, output_length - ); + try { + utility_method(Module['_olm_sha256'])( + this.ptr, + input_buffer, input_array.length, + output_buffer, output_length + ); + } finally { + // clear out copies of the input buffer, which may be plaintext + bzero(input_buffer, input_array.length); + for (var i = 0; i < input_array.length; i++) { + input_array[i] = 0; + } + } return Pointer_stringify(output_buffer); }); @@ -440,12 +513,20 @@ Utility.prototype['ed25519_verify'] = restore_stack(function( var message_buffer = stack(message_array); var signature_array = array_from_string(signature); var signature_buffer = stack(signature_array); - utility_method(Module['_olm_ed25519_verify'])( - this.ptr, - key_buffer, key_array.length, - message_buffer, message_array.length, - signature_buffer, signature_array.length - ); + try { + utility_method(Module['_olm_ed25519_verify'])( + this.ptr, + key_buffer, key_array.length, + message_buffer, message_array.length, + signature_buffer, signature_array.length + ); + } finally { + // clear out copies of the input buffer, which may be plaintext + bzero(message_buffer, message_array.length); + for (var i = 0; i < message_array.length; i++) { + message_array[i] = 0; + } + } }); olm_exports["Account"] = Account; @@ -8,14 +8,6 @@ rm -f olm-*.tgz make lib make test -virtualenv env -. env/bin/activate -pip install pyyaml -pip install pep8 - -./python/test_olm.sh -pep8 -v python - . ~/.emsdk_set_env.sh make js (cd javascript && npm install && npm run test) diff --git a/python/.gdb_history b/python/.gdb_history deleted file mode 100644 index 747b80f..0000000 --- a/python/.gdb_history +++ /dev/null @@ -1,225 +0,0 @@ -b _olm_enc_input -r -l -p key -p key_lenght -p key_length -b _olm_enc_input -r -key[12] -p key[12] -p key[11] -key[11]='\0' -p key[11]='\0' -p key[11] -key_length=12 -p key_length=12 -n -c -b _olm_enc_input -r -r -r -b olm_decrypt -r -l -b 677 -c -s -fin -s -s -fin -s -s -fin -s -l -n -l -l -s -s -n -l -n -l -p reader -p *this -n -p chain -p receiver_chains -p receiver_chains.length() -p receiver_chains.size() -p reader -p reader.ratchet_key -r -r -b olm_account_one_time_keys -r -l -s -n -p *this -p one_time_keys -p one_time_keys.length -p one_time_keys.length() -p one_time_keys.len() -p one_time_keys.size() -p one_time_keys.count() -p one_time_keys.data -p one_time_keys._data -p &one_time_keys._data -l -n -q -r -b olm_create_inbound_session -r -b olm_create_inbound_session_from -r -r -r -b olm_create_inbound_session_from -r -b olm_create_inbound_session -b olm_create_inbound_session -r -l -n -l -s -b olm_create_inbound_session -r -l -l -n -s -f -s -fin -s -s -fin -s -l -n -l -l - -l -l -l -n -p our_one_time_key -p *our_one_time_key -l -n -l -n -p bob_one_time_key -p alice_identity_key -p alice_base_key -p bob_identity_key -x alice_identity_key -x &alice_identity_key -x /32x &alice_identity_key -x /32b &alice_identity_key -l -l -l -n -b olm_decrypt -c -l -l -b 'olm::Session::decrypt' -c -l -l -n -l -n -p reader -p reader -5*128 -p 5*128 -p 0xb0 - 0x80 -p 0xb0 - 0x80 + 640 -l -n -s -l -n -p reader -n -l -n -p max_length -p reader.ciphertext_length -l -n -l -p receiver_chains -p &receiver_chains ._data -p &receiver_chains ._data[1] -n -s -s -l -n -p new_chain.index -p reader.counter -n -l -l -n -s -s -n -l -x key -x /16b key -l -l -n -p keys -_olm_crypto_aes_decrypt_cbc&keys.aes_key, &keys.aes_iv, ciphertext, ciphertext_length, plaintext -p _olm_crypto_aes_decrypt_cbc(&keys.aes_key, &keys.aes_iv, ciphertext, ciphertext_length, plaintext) -p plaintext -r -b olm_account_identity_keys -l -r -b olm_unpickle_account -r -l -n -p object.last_error -l -l - -l -b 268 -r -c -s -l -l -p end-pos -x /246b pos -x /246x pos -x /82x pos+164 -x /82x pos+132 -pos -p pos -x /246x pos -r -r -b olm_create_outbound_session -r -n -l -p id_key_length -p ot_key_length -p olm::decode_base64_length(id_key_length) -p olm::decode_base64_length(ot_key_length) -p CURVE25519_KEY_LENGTH diff --git a/python/.gitignore b/python/.gitignore index a3d197d..1ff9f49 100644 --- a/python/.gitignore +++ b/python/.gitignore @@ -1,5 +1,12 @@ +.coverage +.mypy_cache/ +.ropeproject/ +.pytest_cache/ +packages/ +python_olm.egg-info/ +_libolm* +__pycache__ *.pyc -/*.account -/*.session -/*.group_session -/group_message +.hypothesis/ +.tox/ +include/ diff --git a/python/MANIFEST.in b/python/MANIFEST.in new file mode 100644 index 0000000..bfddd4f --- /dev/null +++ b/python/MANIFEST.in @@ -0,0 +1,3 @@ +include olm.h +include Makefile +include olm_build.py diff --git a/python/Makefile b/python/Makefile new file mode 100644 index 0000000..5da703a --- /dev/null +++ b/python/Makefile @@ -0,0 +1,43 @@ +all: olm-python2 olm-python3 + +include/olm/olm.h: ../include/olm/olm.h ../include/olm/inbound_group_session.h ../include/olm/outbound_group_session.h + mkdir -p include/olm + $(CPP) -I dummy -I ../include ../include/olm/olm.h -o include/olm/olm.h +# add memset to the header so that we can use it to clear buffers + echo 'void *memset(void *s, int c, size_t n);' >> include/olm/olm.h + +olm-python2: include/olm/olm.h + DEVELOP=$(DEVELOP) python2 setup.py build + +olm-python3: include/olm/olm.h + DEVELOP=$(DEVELOP) python3 setup.py build + +install: install-python2 install-python3 + +install-python2: olm-python2 + python2 setup.py install --skip-build -O1 --root=$(DESTDIR) + +install-python3: olm-python3 + python3 setup.py install --skip-build -O1 --root=$(DESTDIR) + +test: olm-python2 olm-python3 + rm -rf install-temp + mkdir -p install-temp/2 install-temp/3 + PYTHONPATH=install-temp/2 python2 setup.py install --skip-build --install-lib install-temp/2 --install-script install-temp/bin + PYTHONPATH=install-temp/3 python3 setup.py install --skip-build --install-lib install-temp/3 --install-script install-temp/bin + PYTHONPATH=install-temp/3 python3 -m pytest + PYTHONPATH=install-temp/2 python2 -m pytest + PYTHONPATH=install-temp/3 python3 -m pytest --flake8 --benchmark-disable + PYTHONPATH=install-temp/3 python3 -m pytest --isort --benchmark-disable + PYTHONPATH=install-temp/3 python3 -m pytest --cov --cov-branch --benchmark-disable + rm -rf install-temp + +clean: + rm -rf python_olm.egg-info/ dist/ __pycache__/ + rm -rf *.so _libolm.o + rm -rf packages/ + rm -rf build/ + rm -rf install-temp/ + rm -rf include/ + +.PHONY: all olm-python2 olm-python3 install install-python2 install-python3 clean test diff --git a/python/README.md b/python/README.md new file mode 100644 index 0000000..b928185 --- /dev/null +++ b/python/README.md @@ -0,0 +1,161 @@ +python-olm +========== + +Python bindings for Olm. + +The specification of the Olm cryptographic ratchet which is used for peer to +peer sessions of this library can be found [here][4]. + +The specification of the Megolm cryptographic ratchet which is used for group +sessions of this library can be found [here][5]. + +An example of the implementation of the Olm and Megolm cryptographic protocol +can be found in the Matrix protocol for which the implementation guide can be +found [here][6]. + +The full API reference can be found [here][7]. + +# Accounts + +Accounts create and hold the central identity of the Olm protocol, they consist of a fingerprint and identity +key pair. They also produce one time keys that are used to start peer to peer +encrypted communication channels. + +## Account Creation + +A new account is created with the Account class, it creates a new Olm key pair. +The public parts of the key pair are available using the identity_keys property +of the class. + +```python +>>> alice = Account() +>>> alice.identity_keys +{'curve25519': '2PytGagXercwHjzQETLcMa3JOsaU2qkPIESaqoi59zE', + 'ed25519': 'HHpOuFYdHwoa54GxSttz9YmaTmbuVU3js92UTUjYJgM'} +``` + + +## One Time keys + +One time keys need to be generated before people can start an encrypted peer to +peer channel to an account. + +```python +>>> alice.generate_one_time_keys(1) +>>> alice.one_time_keys +{'curve25519': {'AAAAAQ': 'KiHoW6CIy905UC4V1Frmwr3VW8bTWkBL4uWtWFFllxM'}} +``` + +After the one time keys are published they should be marked as such so they +aren't reused. + +```python +>>> alice.mark_keys_as_published() +>>> alice.one_time_keys +{'curve25519': {}} +``` + +## Pickling + +Accounts should be stored for later reuse, storing an account is done with the +pickle method while the restoring step is done with the from_pickle class +method. + +```python +>>> pickle = alice.pickle() +>>> restored = Account.from_pickle(pickle) +``` + +# Sessions + +Sessions are used to create an encrypted peer to peer communication channel +between two accounts. + +## Session Creation +```python +>>> alice = Account() +>>> bob = Account() +>>> bob.generate_one_time_keys(1) +>>> id_key = bob.identity_keys["curve25519"] +>>> one_time = list(bob.one_time_keys["curve25519"].values())[0] +>>> alice_session = OutboundSession(alice, id_key, one_time) +``` + +## Encryption + +After an outbound session is created an encrypted message can be exchanged: + +```python +>>> message = alice_session.encrypt("It's a secret to everybody") +>>> message.ciphertext +'AwogkL7RoakT9gnjcZMra+y39WXKRmnxBPEaEp6OSueIA0cSIJxGpBoP8YZ+CGweXQ10LujbXMgK88 +xG/JZMQJ5ulK9ZGiC8TYrezNYr3qyIBLlecXr/9wnegvJaSFDmWDVOcf4XfyI/AwogqIZfAklRXGC5b +ZJcZxVxQGgJ8Dz4OQII8k0Dp8msUXwQACIQvagY1dO55Qvnk5PZ2GF+wdKnvj6Zxl2g' +>>> message.message_type +0 +``` + +After the message is transfered, bob can create an InboundSession to decrypt the +message. + +```python +>>> bob_session = InboundSession(bob, message) +>>> bob_session.decrypt(message) +"It's a secret to everybody" +``` + +## Pickling + +Sessions like accounts can be stored for later use the API is the same as for +accounts. + +```python +>>> pickle = session.pickle() +>>> restored = Session.from_pickle(pickle) +``` + +# Group Sessions + +Group Sessions are used to create a one-to-many encrypted communication channel. +The group session key needs to be shared with all participants that should be able +to decrypt the group messages. Another thing to notice is that, since the group +session key is ratcheted every time a message is encrypted, the session key should +be shared before any messages are encrypted. + +## Group Session Creation + +Group sessions aren't bound to an account like peer-to-peer sessions so their +creation is straightforward. + +```python +>>> alice_group = OutboundGroupSession() +>>> bob_inbound_group = InboundGroupSession(alice_group.session_key) +``` + +## Group Encryption + +Group encryption is pretty simple. The important part is to share the session +key with all participants over a secure channel (e.g. peer-to-peer Olm +sessions). + +```python +>>> message = alice_group.encrypt("It's a secret to everybody") +>>> bob_inbound_group.decrypt(message) +("It's a secret to everybody", 0) +``` + +## Pickling + +Pickling works the same way as for peer-to-peer Olm sessions. + +```python +>>> pickle = session.pickle() +>>> restored = InboundGroupSession.from_pickle(pickle) +``` +[1]: https://git.matrix.org/git/olm/about/ +[2]: https://git.matrix.org/git/olm/tree/python?id=f8c61b8f8432d0b0b38d57f513c5048fb42f22ab +[3]: https://cffi.readthedocs.io/en/latest/ +[4]: https://git.matrix.org/git/olm/about/docs/olm.rst +[5]: https://git.matrix.org/git/olm/about/docs/megolm.rst +[6]: https://matrix.org/docs/guides/e2e_implementation.html +[7]: https://poljar.github.io/python-olm/html/index.html diff --git a/python/docs/Makefile b/python/docs/Makefile new file mode 100644 index 0000000..a72f9d9 --- /dev/null +++ b/python/docs/Makefile @@ -0,0 +1,20 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +SPHINXPROJ = olm +SOURCEDIR = . +BUILDDIR = . + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help Makefile + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/python/docs/conf.py b/python/docs/conf.py new file mode 100644 index 0000000..ce2a88d --- /dev/null +++ b/python/docs/conf.py @@ -0,0 +1,165 @@ +# -*- coding: utf-8 -*- +# +# Configuration file for the Sphinx documentation builder. +# +# This file does only contain a selection of the most common options. For a +# full list see the documentation: +# http://www.sphinx-doc.org/en/master/config + +# -- Path setup -------------------------------------------------------------- + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# +import os +import sys + +sys.path.insert(0, os.path.abspath('../')) + + +# -- Project information ----------------------------------------------------- + +project = 'python-olm' +copyright = '2018, Damir Jelić' +author = 'Damir Jelić' + +# The short X.Y version +version = '' +# The full version, including alpha/beta/rc tags +release = '2.2' + + +# -- General configuration --------------------------------------------------- + +# If your documentation needs a minimal Sphinx version, state it here. +# +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'sphinx.ext.autodoc', + 'sphinx.ext.doctest', + 'sphinx.ext.coverage', + 'sphinx.ext.viewcode', + 'sphinx.ext.githubpages', + 'sphinx.ext.napoleon', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The master toctree document. +master_doc = 'index' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# This pattern also affects html_static_path and html_extra_path . +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + + +# -- Options for HTML output ------------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# +html_theme = 'alabaster' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# +# html_theme_options = {} + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Custom sidebar templates, must be a dictionary that maps document names +# to template names. +# +# The default sidebars (for documents that don't match any pattern) are +# defined by theme itself. Builtin themes are using these templates by +# default: ``['localtoc.html', 'relations.html', 'sourcelink.html', +# 'searchbox.html']``. +# +# html_sidebars = {} + + +# -- Options for HTMLHelp output --------------------------------------------- + +# Output file base name for HTML help builder. +htmlhelp_basename = 'olmdoc' + + +# -- Options for LaTeX output ------------------------------------------------ + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # + # 'preamble': '', + + # Latex figure (float) alignment + # + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'olm.tex', 'olm Documentation', + 'Damir Jelić', 'manual'), +] + + +# -- Options for manual page output ------------------------------------------ + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, 'olm', 'olm Documentation', + [author], 1) +] + + +# -- Options for Texinfo output ---------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, 'olm', 'olm Documentation', + author, 'olm', 'One line description of project.', + 'Miscellaneous'), +] + + +# -- Extension configuration ------------------------------------------------- diff --git a/python/docs/index.html b/python/docs/index.html new file mode 100644 index 0000000..9644bbb --- /dev/null +++ b/python/docs/index.html @@ -0,0 +1 @@ +<meta http-equiv="refresh" content="0; url=./html/index.html" /> diff --git a/python/docs/index.rst b/python/docs/index.rst new file mode 100644 index 0000000..39e6657 --- /dev/null +++ b/python/docs/index.rst @@ -0,0 +1,19 @@ +.. olm documentation master file, created by + sphinx-quickstart on Sun Jun 17 15:57:08 2018. + +Welcome to olm's documentation! +=============================== + +.. toctree:: + Olm API reference <olm.rst> + :maxdepth: 2 + :caption: Contents: + + + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`modindex` +* :ref:`search` diff --git a/python/docs/make.bat b/python/docs/make.bat new file mode 100644 index 0000000..1c5b4d8 --- /dev/null +++ b/python/docs/make.bat @@ -0,0 +1,36 @@ +@ECHO OFF + +pushd %~dp0 + +REM Command file for Sphinx documentation + +if "%SPHINXBUILD%" == "" ( + set SPHINXBUILD=sphinx-build +) +set SOURCEDIR=. +set BUILDDIR=_build +set SPHINXPROJ=olm + +if "%1" == "" goto help + +%SPHINXBUILD% >NUL 2>NUL +if errorlevel 9009 ( + echo. + echo.The 'sphinx-build' command was not found. Make sure you have Sphinx + echo.installed, then set the SPHINXBUILD environment variable to point + echo.to the full path of the 'sphinx-build' executable. Alternatively you + echo.may add the Sphinx directory to PATH. + echo. + echo.If you don't have Sphinx installed, grab it from + echo.http://sphinx-doc.org/ + exit /b 1 +) + +%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% +goto end + +:help +%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% + +:end +popd diff --git a/python/docs/olm.rst b/python/docs/olm.rst new file mode 100644 index 0000000..9d8edf0 --- /dev/null +++ b/python/docs/olm.rst @@ -0,0 +1,34 @@ +olm package +=========== + +olm.account module +------------------ + +.. automodule:: olm.account + :members: + :undoc-members: + :show-inheritance: + +olm.group\_session module +------------------------- + +.. automodule:: olm.group_session + :members: + :undoc-members: + :show-inheritance: + +olm.session module +------------------ + +.. automodule:: olm.session + :members: + :undoc-members: + :show-inheritance: + +olm.utility module +------------------ + +.. automodule:: olm.utility + :members: + :undoc-members: + :show-inheritance: diff --git a/python/dummy/README b/python/dummy/README new file mode 100644 index 0000000..61039f3 --- /dev/null +++ b/python/dummy/README @@ -0,0 +1,2 @@ +Dummy header files, so that we can generate the function list for cffi from the +olm header files.
\ No newline at end of file diff --git a/python/dummy/stddef.h b/python/dummy/stddef.h new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/python/dummy/stddef.h diff --git a/python/dummy/stdint.h b/python/dummy/stdint.h new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/python/dummy/stdint.h diff --git a/python/olm/__init__.py b/python/olm/__init__.py index f74cbcb..015c4f8 100644 --- a/python/olm/__init__.py +++ b/python/olm/__init__.py @@ -1,5 +1,38 @@ -from .account import Account -from .session import Session -from .outbound_group_session import OutboundGroupSession -from .inbound_group_session import InboundGroupSession -from .utility import ed25519_verify +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +""" +Olm Python bindings +~~~~~~~~~~~~~~~~~~~~~ +| This package implements python bindings for the libolm C library. +| © Copyright 2015-2017 by OpenMarket Ltd +| © Copyright 2018 by Damir Jelić +""" +from .utility import ed25519_verify, OlmVerifyError +from .account import Account, OlmAccountError +from .session import ( + Session, + InboundSession, + OutboundSession, + OlmSessionError, + OlmMessage, + OlmPreKeyMessage +) +from .group_session import ( + InboundGroupSession, + OutboundGroupSession, + OlmGroupSessionError +) diff --git a/python/olm/__main__.py b/python/olm/__main__.py deleted file mode 100755 index d062459..0000000 --- a/python/olm/__main__.py +++ /dev/null @@ -1,468 +0,0 @@ -#!/usr/bin/env python - -from __future__ import print_function - -import argparse -import json -import os -import sys -import yaml - -from . import * - - -def read_base64_file(filename): - """Read a base64 file, dropping any CR/LF characters""" - with open(filename, "rb") as f: - return f.read().translate(None, "\r\n") - - -def build_arg_parser(): - parser = argparse.ArgumentParser() - parser.add_argument("--key", help="Account encryption key", default="") - commands = parser.add_subparsers() - - create_account = commands.add_parser("create_account", - help="Create a new account") - create_account.add_argument("account_file", help="Local account file") - - def do_create_account(args): - if os.path.exists(args.account_file): - sys.stderr.write("Account %r file already exists" % ( - args.account_file, - )) - sys.exit(1) - account = Account() - account.create() - with open(args.account_file, "wb") as f: - f.write(account.pickle(args.key)) - - create_account.set_defaults(func=do_create_account) - - keys = commands.add_parser("keys", help="List public keys for an account") - keys.add_argument("account_file", help="Local account file") - keys.add_argument("--json", action="store_true", help="Output as JSON") - - def do_keys(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - result = { - "account_keys": account.identity_keys(), - "one_time_keys": account.one_time_keys(), - } - try: - if args.json: - json.dump(result, sys.stdout, indent=4) - else: - yaml.safe_dump(result, sys.stdout, default_flow_style=False) - except: - pass - - keys.set_defaults(func=do_keys) - - def do_id_key(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - print(account.identity_keys()['curve25519']) - - id_key = commands.add_parser( - "identity_key", - help="Get the public part of the identity key for an account", - ) - id_key.add_argument("account_file", help="Local account file") - id_key.set_defaults(func=do_id_key) - - def do_signing_key(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - print(account.identity_keys()['ed25519']) - - signing_key = commands.add_parser( - "signing_key", - help="Get the public part of the signing key for an account", - ) - signing_key.add_argument("account_file", help="Local account file") - signing_key.set_defaults(func=do_signing_key) - - def do_one_time_key(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - keys = account.one_time_keys()['curve25519'].values() - key_num = args.key_num - if key_num < 1 or key_num > len(keys): - print( - "Invalid key number %i: %i keys available" % ( - key_num, len(keys), - ), file=sys.stderr, - ) - sys.exit(1) - print(keys[key_num-1]) - - one_time_key = commands.add_parser( - "one_time_key", - help="Get a one-time key for the account", - ) - one_time_key.add_argument("account_file", help="Local account file") - one_time_key.add_argument("--key-num", "-n", type=int, default=1, - help="Index of key to retrieve (default: 1)") - one_time_key.set_defaults(func=do_one_time_key) - - sign = commands.add_parser("sign", help="Sign a message") - sign.add_argument("account_file", help="Local account file") - sign.add_argument("message_file", help="Message to sign") - sign.add_argument("signature_file", help="Signature to output") - - def do_sign(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - with open_in(args.message_file) as f: - message = f.read() - signature = account.sign(message) - with open_out(args.signature_file) as f: - f.write(signature) - - sign.set_defaults(func=do_sign) - - generate_keys = commands.add_parser("generate_keys", - help="Generate one time keys") - generate_keys.add_argument("account_file", help="Local account file") - generate_keys.add_argument("count", type=int, - help="Number of keys to generate") - - def do_generate_keys(args): - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - account.generate_one_time_keys(args.count) - with open(args.account_file, "wb") as f: - f.write(account.pickle(args.key)) - - generate_keys.set_defaults(func=do_generate_keys) - - outbound = commands.add_parser("outbound", - help="Create an outbound session") - outbound.add_argument("account_file", help="Local account file") - outbound.add_argument("session_file", help="Local session file") - outbound.add_argument("identity_key", help="Remote identity key") - outbound.add_argument("one_time_key", help="Remote one time key") - - def do_outbound(args): - if os.path.exists(args.session_file): - sys.stderr.write("Session %r file already exists" % ( - args.session_file, - )) - sys.exit(1) - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - session = Session() - session.create_outbound( - account, args.identity_key, args.one_time_key - ) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - - outbound.set_defaults(func=do_outbound) - - def open_in(path): - if path == "-": - return sys.stdin - else: - return open(path, "rb") - - def open_out(path): - if path == "-": - return sys.stdout - else: - return open(path, "wb") - - inbound = commands.add_parser("inbound", help="Create an inbound session") - inbound.add_argument("account_file", help="Local account file") - inbound.add_argument("session_file", help="Local session file") - inbound.add_argument("message_file", help="Message", default="-") - inbound.add_argument("plaintext_file", help="Plaintext", default="-") - - def do_inbound(args): - if os.path.exists(args.session_file): - sys.stderr.write("Session %r file already exists" % ( - args.session_file, - )) - sys.exit(1) - account = Account() - account.unpickle(args.key, read_base64_file(args.account_file)) - with open_in(args.message_file) as f: - message_type = f.read(8) - message = f.read() - if message_type != "PRE_KEY ": - sys.stderr.write("Expecting a PRE_KEY message") - sys.exit(1) - session = Session() - session.create_inbound(account, message) - plaintext = session.decrypt(0, message) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - with open_out(args.plaintext_file) as f: - f.write(plaintext) - - inbound.set_defaults(func=do_inbound) - - session_id = commands.add_parser("session_id", help="Session ID") - session_id.add_argument("session_file", help="Local session file") - - def do_session_id(args): - session = Session() - session.unpickle(args.key, read_base64_file(args.session_file)) - sys.stdout.write(session.session_id() + "\n") - - session_id.set_defaults(func=do_session_id) - - encrypt = commands.add_parser("encrypt", help="Encrypt a message") - encrypt.add_argument("session_file", help="Local session file") - encrypt.add_argument("plaintext_file", help="Plaintext", default="-") - encrypt.add_argument("message_file", help="Message", default="-") - - def do_encrypt(args): - session = Session() - session.unpickle(args.key, read_base64_file(args.session_file)) - with open_in(args.plaintext_file) as f: - plaintext = f.read() - message_type, message = session.encrypt(plaintext) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - with open_out(args.message_file) as f: - f.write(["PRE_KEY ", "MESSAGE "][message_type]) - f.write(message) - - encrypt.set_defaults(func=do_encrypt) - - decrypt = commands.add_parser("decrypt", help="Decrypt a message") - decrypt.add_argument("session_file", help="Local session file") - decrypt.add_argument("message_file", help="Message", default="-") - decrypt.add_argument("plaintext_file", help="Plaintext", default="-") - - def do_decrypt(args): - session = Session() - session.unpickle(args.key, read_base64_file(args.session_file)) - with open_in(args.message_file) as f: - message_type = f.read(8) - message = f.read() - if message_type not in {"PRE_KEY ", "MESSAGE "}: - sys.stderr.write("Expecting a PRE_KEY or MESSAGE message") - sys.exit(1) - message_type = 1 if message_type == "MESSAGE " else 0 - plaintext = session.decrypt(message_type, message) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - with open_out(args.plaintext_file) as f: - f.write(plaintext) - - decrypt.set_defaults(func=do_decrypt) - - outbound_group = commands.add_parser( - "outbound_group", - help="Create an outbound group session", - ) - outbound_group.add_argument("session_file", - help="Local group session file") - outbound_group.set_defaults(func=do_outbound_group) - - group_credentials = commands.add_parser( - "group_credentials", - help="Export the current outbound group session credentials", - ) - group_credentials.add_argument( - "session_file", - help="Local outbound group session file", - ) - group_credentials.add_argument( - "credentials_file", - help="File to write credentials to (default stdout)", - type=argparse.FileType('w'), nargs='?', - default=sys.stdout, - ) - group_credentials.set_defaults(func=do_group_credentials) - - group_encrypt = commands.add_parser( - "group_encrypt", - help="Encrypt a group message", - ) - group_encrypt.add_argument("session_file", - help="Local outbound group session file") - group_encrypt.add_argument("plaintext_file", - help="Plaintext file (default stdin)", - type=argparse.FileType('rb'), nargs='?', - default=sys.stdin) - group_encrypt.add_argument("message_file", - help="Message file (default stdout)", - type=argparse.FileType('w'), nargs='?', - default=sys.stdout) - group_encrypt.set_defaults(func=do_group_encrypt) - - inbound_group = commands.add_parser( - "inbound_group", - help=("Create an inbound group session based on credentials from an " + - "outbound group session")) - inbound_group.add_argument("session_file", - help="Local inbound group session file") - inbound_group.add_argument( - "credentials_file", - help="File to read credentials from (default stdin)", - type=argparse.FileType('r'), nargs='?', - default=sys.stdin, - ) - inbound_group.set_defaults(func=do_inbound_group) - - import_inbound_group = commands.add_parser( - "import_inbound_group", - help="Create an inbound group session based an exported inbound group" - ) - import_inbound_group.add_argument("session_file", - help="Local inbound group session file") - import_inbound_group.add_argument( - "export_file", - help="File to read credentials from (default stdin)", - type=argparse.FileType('r'), nargs='?', - default=sys.stdin, - ) - import_inbound_group.set_defaults(func=do_import_inbound_group) - - group_decrypt = commands.add_parser("group_decrypt", - help="Decrypt a group message") - group_decrypt.add_argument("session_file", - help="Local inbound group session file") - group_decrypt.add_argument("message_file", - help="Message file (default stdin)", - type=argparse.FileType('r'), nargs='?', - default=sys.stdin) - group_decrypt.add_argument("plaintext_file", - help="Plaintext file (default stdout)", - type=argparse.FileType('wb'), nargs='?', - default=sys.stdout) - group_decrypt.set_defaults(func=do_group_decrypt) - - export_inbound_group = commands.add_parser( - "export_inbound_group", - help="Export the keys for an inbound group session", - ) - export_inbound_group.add_argument( - "session_file", help="Local inbound group session file", - ) - export_inbound_group.add_argument( - "export_file", help="File to export to (default stdout)", - type=argparse.FileType('w'), nargs='?', - default=sys.stdout, - ) - export_inbound_group.add_argument( - "--message_index", - help=("Index to export session at. Defaults to the earliest known " + - "index"), - type=int, - ) - export_inbound_group.set_defaults(func=do_export_inbound_group) - - ed25519_verify = commands.add_parser("ed25519_verify", - help="Verify an ed25519 signature") - ed25519_verify.add_argument( - "signing_key", - help="Public signing key used to create the signature" - ) - ed25519_verify.add_argument("signature", - help="Signature to be verified") - ed25519_verify.add_argument("message_file", - help="Message file (default stdin)", - type=argparse.FileType('r'), nargs='?', - default=sys.stdin) - ed25519_verify.set_defaults(func=do_verify_ed25519_signature) - return parser - - -def do_outbound_group(args): - if os.path.exists(args.session_file): - sys.stderr.write("Session %r file already exists" % ( - args.session_file, - )) - sys.exit(1) - session = OutboundGroupSession() - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - - -def do_group_encrypt(args): - session = OutboundGroupSession() - session.unpickle(args.key, read_base64_file(args.session_file)) - plaintext = args.plaintext_file.read() - message = session.encrypt(plaintext) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - args.message_file.write(message) - - -def do_group_credentials(args): - session = OutboundGroupSession() - session.unpickle(args.key, read_base64_file(args.session_file)) - result = { - 'message_index': session.message_index(), - 'session_key': session.session_key(), - } - json.dump(result, args.credentials_file, indent=4) - - -def do_inbound_group(args): - if os.path.exists(args.session_file): - sys.stderr.write("Session %r file already exists\n" % ( - args.session_file, - )) - sys.exit(1) - credentials = json.load(args.credentials_file) - for k in ('session_key', ): - if k not in credentials: - sys.stderr.write("Credentials file is missing %s\n" % k) - sys.exit(1) - - session = InboundGroupSession() - session.init(credentials['session_key']) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - - -def do_import_inbound_group(args): - if os.path.exists(args.session_file): - sys.stderr.write("Session %r file already exists\n" % ( - args.session_file, - )) - sys.exit(1) - data = args.export_file.read().translate(None, "\r\n") - - session = InboundGroupSession() - session.import_session(data) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - - -def do_group_decrypt(args): - session = InboundGroupSession() - session.unpickle(args.key, read_base64_file(args.session_file)) - message = args.message_file.read() - plaintext, message_index = session.decrypt(message) - with open(args.session_file, "wb") as f: - f.write(session.pickle(args.key)) - args.plaintext_file.write(plaintext) - - -def do_export_inbound_group(args): - session = InboundGroupSession() - session.unpickle(args.key, read_base64_file(args.session_file)) - index = args.message_index - if index is None: - # default to first known index - index = session.first_known_index() - args.export_file.write(session.export_session(index)) - - -def do_verify_ed25519_signature(args): - message = args.message_file.read() - ed25519_verify(args.signing_key, message, args.signature) - - -if __name__ == '__main__': - parser = build_arg_parser() - args = parser.parse_args() - args.func(args) diff --git a/python/olm/__version__.py b/python/olm/__version__.py new file mode 100644 index 0000000..dccfdd0 --- /dev/null +++ b/python/olm/__version__.py @@ -0,0 +1,9 @@ +__title__ = "python-olm" +__description__ = ("python CFFI bindings for the olm " + "cryptographic ratchet library") +__url__ = "https://github.com/poljar/python-olm" +__version__ = "0.1" +__author__ = "Damir Jelić" +__author_email__ = "poljar@termina.org.uk" +__license__ = "Apache 2.0" +__copyright__ = "Copyright 2018 Damir Jelić" diff --git a/python/olm/_base.py b/python/olm/_base.py deleted file mode 100644 index ad21d6f..0000000 --- a/python/olm/_base.py +++ /dev/null @@ -1,17 +0,0 @@ -import os.path - -from ctypes import * - - -lib = cdll.LoadLibrary(os.path.join( - os.path.dirname(__file__), "..", "..", "build", "libolm.so.2") -) - -lib.olm_error.argtypes = [] -lib.olm_error.restypes = c_size_t - -ERR = lib.olm_error() - - -class OlmError(Exception): - pass diff --git a/python/olm/_compat.py b/python/olm/_compat.py new file mode 100644 index 0000000..91e4d1b --- /dev/null +++ b/python/olm/_compat.py @@ -0,0 +1,46 @@ +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from builtins import bytes, str +from typing import AnyStr + +try: + import secrets + URANDOM = secrets.token_bytes # pragma: no cover +except ImportError: # pragma: no cover + from os import urandom + URANDOM = urandom # type: ignore + + +def to_bytearray(string): + # type: (AnyStr) -> bytes + if isinstance(string, bytes): + return bytearray(string) + elif isinstance(string, str): + return bytearray(string, "utf-8") + + raise TypeError("Invalid type {}".format(type(string))) + + +def to_bytes(string): + # type: (AnyStr) -> bytes + if isinstance(string, bytes): + return string + elif isinstance(string, str): + return bytes(string, "utf-8") + + raise TypeError("Invalid type {}".format(type(string))) diff --git a/python/olm/_finalize.py b/python/olm/_finalize.py new file mode 100644 index 0000000..9f467bc --- /dev/null +++ b/python/olm/_finalize.py @@ -0,0 +1,65 @@ +# The MIT License (MIT) +# Copyright (c) 2010 Benjamin Peterson <benjamin@python.org> + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +# OR OTHER DEALINGS IN THE SOFTWARE. + +"""Finalization with weakrefs + +This is designed for avoiding __del__. +""" +from __future__ import print_function + +import sys +import traceback +import weakref + +__author__ = "Benjamin Peterson <benjamin@python.org>" + + +class OwnerRef(weakref.ref): + """A simple weakref.ref subclass, so attributes can be added.""" + pass + + +def _run_finalizer(ref): + """Internal weakref callback to run finalizers""" + del _finalize_refs[id(ref)] + finalizer = ref.finalizer + item = ref.item + try: + finalizer(item) + except Exception: # pragma: no cover + print("Exception running {}:".format(finalizer), file=sys.stderr) + traceback.print_exc() + + +_finalize_refs = {} + + +def track_for_finalization(owner, item, finalizer): + """Register an object for finalization. + + ``owner`` is the the object which is responsible for ``item``. + ``finalizer`` will be called with ``item`` as its only argument when + ``owner`` is destroyed by the garbage collector. + """ + ref = OwnerRef(owner, _run_finalizer) + ref.item = item + ref.finalizer = finalizer + _finalize_refs[id(ref)] = ref diff --git a/python/olm/account.py b/python/olm/account.py index b103a51..8455655 100644 --- a/python/olm/account.py +++ b/python/olm/account.py @@ -1,136 +1,271 @@ +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""libolm Account module. + +This module contains the account part of the Olm library. It contains a single +Account class which handles the creation of new accounts as well as the storing +and restoring of them. + +Examples: + >>> acc = Account() + >>> account.identity_keys() + >>> account.generate_one_time_keys(1) + +""" + import json -from os import urandom - -from ._base import * - -lib.olm_account_size.argtypes = [] -lib.olm_account_size.restype = c_size_t - -lib.olm_account.argtypes = [c_void_p] -lib.olm_account.restype = c_void_p - -lib.olm_account_last_error.argtypes = [c_void_p] -lib.olm_account_last_error.restype = c_char_p - - -def account_errcheck(res, func, args): - if res == ERR: - raise OlmError("%s: %s" % ( - func.__name__, lib.olm_account_last_error(args[0]) - )) - return res - - -def account_function(func, *types): - func.argtypes = (c_void_p,) + types - func.restypes = c_size_t - func.errcheck = account_errcheck - - -account_function( - lib.olm_pickle_account, c_void_p, c_size_t, c_void_p, c_size_t -) -account_function( - lib.olm_unpickle_account, c_void_p, c_size_t, c_void_p, c_size_t -) -account_function(lib.olm_create_account_random_length) -account_function(lib.olm_create_account, c_void_p, c_size_t) -account_function(lib.olm_account_identity_keys_length) -account_function(lib.olm_account_identity_keys, c_void_p, c_size_t) -account_function(lib.olm_account_signature_length) -account_function(lib.olm_account_sign, c_void_p, c_size_t, c_void_p, c_size_t) -account_function(lib.olm_account_one_time_keys_length) -account_function(lib.olm_account_one_time_keys, c_void_p, c_size_t) -account_function(lib.olm_account_mark_keys_as_published) -account_function(lib.olm_account_max_number_of_one_time_keys) -account_function(lib.olm_pickle_account_length) -account_function( - lib.olm_account_generate_one_time_keys_random_length, - c_size_t -) -account_function( - lib.olm_account_generate_one_time_keys, - c_size_t, - c_void_p, c_size_t -) -account_function( - lib.olm_remove_one_time_keys, - c_void_p # Session -) +# pylint: disable=redefined-builtin,unused-import +from builtins import bytes, super +from typing import AnyStr, Dict, Optional, Type + +from future.utils import bytes_to_native_str + +# pylint: disable=no-name-in-module +from _libolm import ffi, lib # type: ignore + +from ._compat import URANDOM, to_bytearray +from ._finalize import track_for_finalization + +# This is imported only for type checking purposes +if False: + from .session import Session # pragma: no cover + + +def _clear_account(account): + # type: (ffi.cdata) -> None + lib.olm_clear_account(account) + + +class OlmAccountError(Exception): + """libolm Account error exception.""" class Account(object): + """libolm Account class.""" + + def __new__(cls): + # type: (Type[Account]) -> Account + obj = super().__new__(cls) + obj._buf = ffi.new("char[]", lib.olm_account_size()) + obj._account = lib.olm_account(obj._buf) + track_for_finalization(obj, obj._account, _clear_account) + return obj + def __init__(self): - self.buf = create_string_buffer(lib.olm_account_size()) - self.ptr = lib.olm_account(self.buf) - - def create(self): - random_length = lib.olm_create_account_random_length(self.ptr) - random = urandom(random_length) - random_buffer = create_string_buffer(random) - lib.olm_create_account(self.ptr, random_buffer, random_length) - - def pickle(self, key): - key_buffer = create_string_buffer(key) - pickle_length = lib.olm_pickle_account_length(self.ptr) - pickle_buffer = create_string_buffer(pickle_length) - lib.olm_pickle_account( - self.ptr, key_buffer, len(key), pickle_buffer, pickle_length - ) - return pickle_buffer.raw - - def unpickle(self, key, pickle): - key_buffer = create_string_buffer(key) - pickle_buffer = create_string_buffer(pickle) - lib.olm_unpickle_account( - self.ptr, key_buffer, len(key), pickle_buffer, len(pickle) - ) + # type: () -> None + """Create a new Olm account. + + Creates a new account and its matching identity key pair. + + Raises OlmAccountError on failure. If there weren't enough random bytes + for the account creation the error message for the exception will be + NOT_ENOUGH_RANDOM. + """ + # This is needed to silence mypy not knowing the type of _account. + # There has to be a better way for this. + if False: # pragma: no cover + self._account = self._account # type: ffi.cdata + + random_length = lib.olm_create_account_random_length(self._account) + random = URANDOM(random_length) + + self._check_error( + lib.olm_create_account(self._account, ffi.from_buffer(random), + random_length)) + + + def _check_error(self, ret): + # type: (int) -> None + if ret != lib.olm_error(): + return + + last_error = bytes_to_native_str( + ffi.string((lib.olm_account_last_error(self._account)))) + + raise OlmAccountError(last_error) + + def pickle(self, passphrase=""): + # type: (Optional[str]) -> bytes + """Store an Olm account. + + Stores an account as a base64 string. Encrypts the account using the + supplied passphrase. Returns a byte object containing the base64 + encoded string of the pickled account. Raises OlmAccountError on + failure. + + Args: + passphrase(str, optional): The passphrase to be used to encrypt + the account. + """ + byte_key = bytearray(passphrase, "utf-8") if passphrase else b"" + pickle_length = lib.olm_pickle_account_length(self._account) + pickle_buffer = ffi.new("char[]", pickle_length) + + try: + self._check_error( + lib.olm_pickle_account(self._account, + ffi.from_buffer(byte_key), + len(byte_key), + pickle_buffer, + pickle_length)) + finally: + # zero out copies of the passphrase + for i in range(0, len(byte_key)): + byte_key[i] = 0 + + return ffi.unpack(pickle_buffer, pickle_length) + + @classmethod + def from_pickle(cls, pickle, passphrase=""): + # type: (bytes, Optional[str]) -> Account + """Load a previously stored olm account. + + Loads an account from a pickled base64-encoded string and returns an + Account object. Decrypts the account using the supplied passphrase. + Raises OlmAccountError on failure. If the passphrase doesn't match the + one used to encrypt the account then the error message for the + exception will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded + then the error message will be "INVALID_BASE64". + + Args: + pickle(bytes): Base64 encoded byte string containing the pickled + account + passphrase(str, optional): The passphrase used to encrypt the + account. + """ + if not pickle: + raise ValueError("Pickle can't be empty") + + byte_key = bytearray(passphrase, "utf-8") if passphrase else b"" + # copy because unpickle will destroy the buffer + pickle_buffer = ffi.new("char[]", pickle) + + obj = cls.__new__(cls) + + try: + ret = lib.olm_unpickle_account(obj._account, + ffi.from_buffer(byte_key), + len(byte_key), + pickle_buffer, + len(pickle)) + obj._check_error(ret) + finally: + for i in range(0, len(byte_key)): + byte_key[i] = 0 + + return obj + + @property def identity_keys(self): - out_length = lib.olm_account_identity_keys_length(self.ptr) - out_buffer = create_string_buffer(out_length) - lib.olm_account_identity_keys( - self.ptr, - out_buffer, out_length - ) - return json.loads(out_buffer.raw) + # type: () -> Dict[str, str] + """dict: Public part of the identity keys of the account.""" + out_length = lib.olm_account_identity_keys_length(self._account) + out_buffer = ffi.new("char[]", out_length) + + self._check_error( + lib.olm_account_identity_keys(self._account, out_buffer, + out_length)) + return json.loads(ffi.unpack(out_buffer, out_length).decode("utf-8")) def sign(self, message): - out_length = lib.olm_account_signature_length(self.ptr) - message_buffer = create_string_buffer(message) - out_buffer = create_string_buffer(out_length) - lib.olm_account_sign( - self.ptr, message_buffer, len(message), out_buffer, out_length - ) - return out_buffer.raw + # type: (AnyStr) -> str + """Signs a message with this account. - def one_time_keys(self): - out_length = lib.olm_account_one_time_keys_length(self.ptr) - out_buffer = create_string_buffer(out_length) - lib.olm_account_one_time_keys(self.ptr, out_buffer, out_length) - return json.loads(out_buffer.raw) + Signs a message with the private ed25519 identity key of this account. + Returns the signature. + Raises OlmAccountError on failure. - def mark_keys_as_published(self): - lib.olm_account_mark_keys_as_published(self.ptr) + Args: + message(str): The message to sign. + """ + bytes_message = to_bytearray(message) + out_length = lib.olm_account_signature_length(self._account) + out_buffer = ffi.new("char[]", out_length) - def max_number_of_one_time_keys(self): - return lib.olm_account_max_number_of_one_time_keys(self.ptr) + try: + self._check_error( + lib.olm_account_sign(self._account, + ffi.from_buffer(bytes_message), + len(bytes_message), out_buffer, + out_length)) + finally: + # clear out copies of the message, which may be plaintext + if bytes_message is not message: + for i in range(0, len(bytes_message)): + bytes_message[i] = 0 + + return bytes_to_native_str(ffi.unpack(out_buffer, out_length)) + + @property + def max_one_time_keys(self): + # type: () -> int + """int: The maximum number of one-time keys the account can store.""" + return lib.olm_account_max_number_of_one_time_keys(self._account) + + def mark_keys_as_published(self): + # type: () -> None + """Mark the current set of one-time keys as being published.""" + lib.olm_account_mark_keys_as_published(self._account) def generate_one_time_keys(self, count): + # type: (int) -> None + """Generate a number of new one-time keys. + + If the total number of keys stored by this account exceeds + max_one_time_keys() then the old keys are discarded. + Raises OlmAccountError on error. + + Args: + count(int): The number of keys to generate. + """ random_length = lib.olm_account_generate_one_time_keys_random_length( - self.ptr, count - ) - random = urandom(random_length) - random_buffer = create_string_buffer(random) - lib.olm_account_generate_one_time_keys( - self.ptr, count, random_buffer, random_length - ) + self._account, count) + random = URANDOM(random_length) + + self._check_error( + lib.olm_account_generate_one_time_keys( + self._account, count, ffi.from_buffer(random), random_length)) + + @property + def one_time_keys(self): + # type: () -> Dict[str, Dict[str, str]] + """dict: The public part of the one-time keys for this account.""" + out_length = lib.olm_account_one_time_keys_length(self._account) + out_buffer = ffi.new("char[]", out_length) + + self._check_error( + lib.olm_account_one_time_keys(self._account, out_buffer, + out_length)) + + return json.loads(ffi.unpack(out_buffer, out_length).decode("utf-8")) def remove_one_time_keys(self, session): - lib.olm_remove_one_time_keys( - self.ptr, - session.ptr - ) + # type: (Session) -> None + """Remove used one-time keys. + + Removes the one-time keys that the session used from the account. + Raises OlmAccountError on failure. If the account doesn't have any + matching one-time keys then the error message of the exception will be + "BAD_MESSAGE_KEY_ID". - def clear(self): - pass + Args: + session(Session): An Olm Session object that was created with this + account. + """ + self._check_error(lib.olm_remove_one_time_keys(self._account, + session._session)) diff --git a/python/olm/group_session.py b/python/olm/group_session.py new file mode 100644 index 0000000..737d9ef --- /dev/null +++ b/python/olm/group_session.py @@ -0,0 +1,525 @@ +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""libolm Group session module. + +This module contains the group session part of the Olm library. It contains two +classes for creating inbound and outbound group sessions. + +Examples: + >>> outbound = OutboundGroupSession() + >>> InboundGroupSession(outbound.session_key) +""" + +# pylint: disable=redefined-builtin,unused-import +from builtins import bytes, super +from typing import AnyStr, Optional, Tuple, Type + +from future.utils import bytes_to_native_str + +# pylint: disable=no-name-in-module +from _libolm import ffi, lib # type: ignore + +from ._compat import URANDOM, to_bytearray, to_bytes +from ._finalize import track_for_finalization + + +def _clear_inbound_group_session(session): + # type: (ffi.cdata) -> None + lib.olm_clear_inbound_group_session(session) + + +def _clear_outbound_group_session(session): + # type: (ffi.cdata) -> None + lib.olm_clear_outbound_group_session(session) + + +class OlmGroupSessionError(Exception): + """libolm Group session error exception.""" + + +class InboundGroupSession(object): + """Inbound group session for encrypted multiuser communication.""" + + def __new__( + cls, # type: Type[InboundGroupSession] + session_key=None # type: Optional[str] + ): + # type: (...) -> InboundGroupSession + obj = super().__new__(cls) + obj._buf = ffi.new("char[]", lib.olm_inbound_group_session_size()) + obj._session = lib.olm_inbound_group_session(obj._buf) + track_for_finalization(obj, obj._session, _clear_inbound_group_session) + return obj + + def __init__(self, session_key): + # type: (AnyStr) -> None + """Create a new inbound group session. + Start a new inbound group session, from a key exported from + an outbound group session. + + Raises OlmGroupSessionError on failure. The error message of the + exception will be "OLM_INVALID_BASE64" if the session key is not valid + base64 and "OLM_BAD_SESSION_KEY" if the session key is invalid. + """ + if False: # pragma: no cover + self._session = self._session # type: ffi.cdata + + byte_session_key = to_bytearray(session_key) + + try: + ret = lib.olm_init_inbound_group_session( + self._session, + ffi.from_buffer(byte_session_key), len(byte_session_key) + ) + finally: + if byte_session_key is not session_key: + for i in range(0, len(byte_session_key)): + byte_session_key[i] = 0 + self._check_error(ret) + + def pickle(self, passphrase=""): + # type: (Optional[str]) -> bytes + """Store an inbound group session. + + Stores a group session as a base64 string. Encrypts the session using + the supplied passphrase. Returns a byte object containing the base64 + encoded string of the pickled session. + + Args: + passphrase(str, optional): The passphrase to be used to encrypt + the session. + """ + byte_passphrase = bytearray(passphrase, "utf-8") if passphrase else b"" + + pickle_length = lib.olm_pickle_inbound_group_session_length( + self._session) + pickle_buffer = ffi.new("char[]", pickle_length) + + try: + ret = lib.olm_pickle_inbound_group_session( + self._session, + ffi.from_buffer(byte_passphrase), len(byte_passphrase), + pickle_buffer, pickle_length + ) + self._check_error(ret) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_passphrase)): + byte_passphrase[i] = 0 + + return ffi.unpack(pickle_buffer, pickle_length) + + @classmethod + def from_pickle(cls, pickle, passphrase=""): + # type: (bytes, Optional[str]) -> InboundGroupSession + """Load a previously stored inbound group session. + + Loads an inbound group session from a pickled base64 string and returns + an InboundGroupSession object. Decrypts the session using the supplied + passphrase. Raises OlmSessionError on failure. If the passphrase + doesn't match the one used to encrypt the session then the error + message for the exception will be "BAD_ACCOUNT_KEY". If the base64 + couldn't be decoded then the error message will be "INVALID_BASE64". + + Args: + pickle(bytes): Base64 encoded byte string containing the pickled + session + passphrase(str, optional): The passphrase used to encrypt the + session + """ + if not pickle: + raise ValueError("Pickle can't be empty") + + byte_passphrase = bytearray(passphrase, "utf-8") if passphrase else b"" + # copy because unpickle will destroy the buffer + pickle_buffer = ffi.new("char[]", pickle) + + obj = cls.__new__(cls) + + try: + ret = lib.olm_unpickle_inbound_group_session( + obj._session, + ffi.from_buffer(byte_passphrase), + len(byte_passphrase), + pickle_buffer, + len(pickle) + ) + obj._check_error(ret) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_passphrase)): + byte_passphrase[i] = 0 + + return obj + + def _check_error(self, ret): + # type: (int) -> None + if ret != lib.olm_error(): + return + + last_error = bytes_to_native_str(ffi.string( + lib.olm_inbound_group_session_last_error(self._session))) + + raise OlmGroupSessionError(last_error) + + def decrypt(self, ciphertext): + # type: (AnyStr) -> Tuple[str, int] + """Decrypt a message + + Returns a tuple of the decrypted plain-text and the message index of + the decrypted message or raises OlmGroupSessionError on failure. + On failure the error message of the exception will be: + + * OLM_INVALID_BASE64 if the message is not valid base64 + * OLM_BAD_MESSAGE_VERSION if the message was encrypted with an + unsupported version of the protocol + * OLM_BAD_MESSAGE_FORMAT if the message headers could not be + decoded + * OLM_BAD_MESSAGE_MAC if the message could not be verified + * OLM_UNKNOWN_MESSAGE_INDEX if we do not have a session key + corresponding to the message's index (i.e., it was sent before + the session key was shared with us) + + Args: + ciphertext(str): Base64 encoded ciphertext containing the encrypted + message + """ + if not ciphertext: + raise ValueError("Ciphertext can't be empty.") + + byte_ciphertext = to_bytes(ciphertext) + + # copy because max_plaintext_length will destroy the buffer + ciphertext_buffer = ffi.new("char[]", byte_ciphertext) + + max_plaintext_length = lib.olm_group_decrypt_max_plaintext_length( + self._session, ciphertext_buffer, len(byte_ciphertext) + ) + self._check_error(max_plaintext_length) + plaintext_buffer = ffi.new("char[]", max_plaintext_length) + # copy because max_plaintext_length will destroy the buffer + ciphertext_buffer = ffi.new("char[]", byte_ciphertext) + + message_index = ffi.new("uint32_t*") + plaintext_length = lib.olm_group_decrypt( + self._session, ciphertext_buffer, len(byte_ciphertext), + plaintext_buffer, max_plaintext_length, + message_index + ) + + self._check_error(plaintext_length) + + plaintext = bytes_to_native_str(ffi.unpack( + plaintext_buffer, + plaintext_length + )) + + # clear out copies of the plaintext + lib.memset(plaintext_buffer, 0, max_plaintext_length) + + return plaintext, message_index[0] + + @property + def id(self): + # type: () -> str + """str: A base64 encoded identifier for this session.""" + id_length = lib.olm_inbound_group_session_id_length(self._session) + id_buffer = ffi.new("char[]", id_length) + ret = lib.olm_inbound_group_session_id( + self._session, + id_buffer, + id_length + ) + self._check_error(ret) + return bytes_to_native_str(ffi.unpack(id_buffer, id_length)) + + @property + def first_known_index(self): + # type: () -> int + """int: The first message index we know how to decrypt.""" + return lib.olm_inbound_group_session_first_known_index(self._session) + + def export_session(self, message_index): + # type: (int) -> str + """Export an inbound group session + + Export the base64-encoded ratchet key for this session, at the given + index, in a format which can be used by import_session(). + + Raises OlmGroupSessionError on failure. The error message for the + exception will be: + + * OLM_UNKNOWN_MESSAGE_INDEX if we do not have a session key + corresponding to the given index (ie, it was sent before the + session key was shared with us) + + Args: + message_index(int): The message index at which the session should + be exported. + """ + + export_length = lib.olm_export_inbound_group_session_length( + self._session) + + export_buffer = ffi.new("char[]", export_length) + ret = lib.olm_export_inbound_group_session( + self._session, + export_buffer, + export_length, + message_index + ) + self._check_error(ret) + export_str = bytes_to_native_str(ffi.unpack(export_buffer, export_length)) + + # clear out copies of the key + lib.memset(export_buffer, 0, export_length) + + return export_str + + @classmethod + def import_session(cls, session_key): + # type: (AnyStr) -> InboundGroupSession + """Create an InboundGroupSession from an exported session key. + + Creates an InboundGroupSession with an previously exported session key, + raises OlmGroupSessionError on failure. The error message for the + exception will be: + + * OLM_INVALID_BASE64 if the session_key is not valid base64 + * OLM_BAD_SESSION_KEY if the session_key is invalid + + Args: + session_key(str): The exported session key with which the inbound + group session will be created + """ + obj = cls.__new__(cls) + + byte_session_key = to_bytearray(session_key) + + try: + ret = lib.olm_import_inbound_group_session( + obj._session, + ffi.from_buffer(byte_session_key), + len(byte_session_key) + ) + obj._check_error(ret) + finally: + # clear out copies of the key + if byte_session_key is not session_key: + for i in range(0, len(byte_session_key)): + byte_session_key[i] = 0 + + return obj + + +class OutboundGroupSession(object): + """Outbound group session for encrypted multiuser communication.""" + + def __new__(cls): + # type: (Type[OutboundGroupSession]) -> OutboundGroupSession + obj = super().__new__(cls) + obj._buf = ffi.new("char[]", lib.olm_outbound_group_session_size()) + obj._session = lib.olm_outbound_group_session(obj._buf) + track_for_finalization( + obj, + obj._session, + _clear_outbound_group_session + ) + return obj + + def __init__(self): + # type: () -> None + """Create a new outbound group session. + + Start a new outbound group session. Raises OlmGroupSessionError on + failure. + """ + if False: # pragma: no cover + self._session = self._session # type: ffi.cdata + + random_length = lib.olm_init_outbound_group_session_random_length( + self._session + ) + random = URANDOM(random_length) + + ret = lib.olm_init_outbound_group_session( + self._session, ffi.from_buffer(random), random_length + ) + self._check_error(ret) + + def _check_error(self, ret): + # type: (int) -> None + if ret != lib.olm_error(): + return + + last_error = bytes_to_native_str(ffi.string( + lib.olm_outbound_group_session_last_error(self._session) + )) + + raise OlmGroupSessionError(last_error) + + def pickle(self, passphrase=""): + # type: (Optional[str]) -> bytes + """Store an outbound group session. + + Stores a group session as a base64 string. Encrypts the session using + the supplied passphrase. Returns a byte object containing the base64 + encoded string of the pickled session. + + Args: + passphrase(str, optional): The passphrase to be used to encrypt + the session. + """ + byte_passphrase = bytearray(passphrase, "utf-8") if passphrase else b"" + pickle_length = lib.olm_pickle_outbound_group_session_length( + self._session) + pickle_buffer = ffi.new("char[]", pickle_length) + + try: + ret = lib.olm_pickle_outbound_group_session( + self._session, + ffi.from_buffer(byte_passphrase), len(byte_passphrase), + pickle_buffer, pickle_length + ) + self._check_error(ret) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_passphrase)): + byte_passphrase[i] = 0 + + return ffi.unpack(pickle_buffer, pickle_length) + + @classmethod + def from_pickle(cls, pickle, passphrase=""): + # type: (bytes, Optional[str]) -> OutboundGroupSession + """Load a previously stored outbound group session. + + Loads an outbound group session from a pickled base64 string and + returns an OutboundGroupSession object. Decrypts the session using the + supplied passphrase. Raises OlmSessionError on failure. If the + passphrase doesn't match the one used to encrypt the session then the + error message for the exception will be "BAD_ACCOUNT_KEY". If the + base64 couldn't be decoded then the error message will be + "INVALID_BASE64". + + Args: + pickle(bytes): Base64 encoded byte string containing the pickled + session + passphrase(str, optional): The passphrase used to encrypt the + """ + if not pickle: + raise ValueError("Pickle can't be empty") + + byte_passphrase = bytearray(passphrase, "utf-8") if passphrase else b"" + # copy because unpickle will destroy the buffer + pickle_buffer = ffi.new("char[]", pickle) + + obj = cls.__new__(cls) + + try: + ret = lib.olm_unpickle_outbound_group_session( + obj._session, + ffi.from_buffer(byte_passphrase), + len(byte_passphrase), + pickle_buffer, + len(pickle) + ) + obj._check_error(ret) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_passphrase)): + byte_passphrase[i] = 0 + + return obj + + def encrypt(self, plaintext): + # type: (AnyStr) -> str + """Encrypt a message. + + Returns the encrypted ciphertext. + + Args: + plaintext(str): A string that will be encrypted using the group + session. + """ + byte_plaintext = to_bytearray(plaintext) + message_length = lib.olm_group_encrypt_message_length( + self._session, len(byte_plaintext) + ) + + message_buffer = ffi.new("char[]", message_length) + + try: + ret = lib.olm_group_encrypt( + self._session, + ffi.from_buffer(byte_plaintext), len(byte_plaintext), + message_buffer, message_length, + ) + self._check_error(ret) + finally: + # clear out copies of plaintext + if byte_plaintext is not plaintext: + for i in range(0, len(byte_plaintext)): + byte_plaintext[i] = 0 + + return bytes_to_native_str(ffi.unpack(message_buffer, message_length)) + + @property + def id(self): + # type: () -> str + """str: A base64 encoded identifier for this session.""" + id_length = lib.olm_outbound_group_session_id_length(self._session) + id_buffer = ffi.new("char[]", id_length) + + ret = lib.olm_outbound_group_session_id( + self._session, + id_buffer, + id_length + ) + self._check_error(ret) + + return bytes_to_native_str(ffi.unpack(id_buffer, id_length)) + + @property + def message_index(self): + # type: () -> int + """int: The current message index of the session. + + Each message is encrypted with an increasing index. This is the index + for the next message. + """ + return lib.olm_outbound_group_session_message_index(self._session) + + @property + def session_key(self): + # type: () -> str + """The base64-encoded current ratchet key for this session. + + Each message is encrypted with a different ratchet key. This function + returns the ratchet key that will be used for the next message. + """ + key_length = lib.olm_outbound_group_session_key_length(self._session) + key_buffer = ffi.new("char[]", key_length) + + ret = lib.olm_outbound_group_session_key( + self._session, + key_buffer, + key_length + ) + self._check_error(ret) + + return bytes_to_native_str(ffi.unpack(key_buffer, key_length)) diff --git a/python/olm/inbound_group_session.py b/python/olm/inbound_group_session.py deleted file mode 100644 index 286aedb..0000000 --- a/python/olm/inbound_group_session.py +++ /dev/null @@ -1,138 +0,0 @@ -import json - -from ._base import * - -lib.olm_inbound_group_session_size.argtypes = [] -lib.olm_inbound_group_session_size.restype = c_size_t - -lib.olm_inbound_group_session.argtypes = [c_void_p] -lib.olm_inbound_group_session.restype = c_void_p - -lib.olm_inbound_group_session_last_error.argtypes = [c_void_p] -lib.olm_inbound_group_session_last_error.restype = c_char_p - - -def inbound_group_session_errcheck(res, func, args): - if res == ERR: - raise OlmError("%s: %s" % ( - func.__name__, lib.olm_inbound_group_session_last_error(args[0]) - )) - return res - - -def inbound_group_session_function(func, *types): - func.argtypes = (c_void_p,) + types - func.restypes = c_size_t - func.errcheck = inbound_group_session_errcheck - - -inbound_group_session_function( - lib.olm_pickle_inbound_group_session, - c_void_p, c_size_t, c_void_p, c_size_t, -) -inbound_group_session_function( - lib.olm_unpickle_inbound_group_session, - c_void_p, c_size_t, c_void_p, c_size_t, -) - -inbound_group_session_function( - lib.olm_init_inbound_group_session, c_void_p, c_size_t -) - -inbound_group_session_function( - lib.olm_import_inbound_group_session, c_void_p, c_size_t -) - -inbound_group_session_function( - lib.olm_group_decrypt_max_plaintext_length, c_void_p, c_size_t -) -inbound_group_session_function( - lib.olm_group_decrypt, - c_void_p, c_size_t, # message - c_void_p, c_size_t, # plaintext - POINTER(c_uint32), # message_index -) - -inbound_group_session_function( - lib.olm_inbound_group_session_id_length, -) -inbound_group_session_function( - lib.olm_inbound_group_session_id, - c_void_p, c_size_t, -) - -lib.olm_inbound_group_session_first_known_index.argtypes = (c_void_p,) -lib.olm_inbound_group_session_first_known_index.restypes = c_uint32 - -inbound_group_session_function( - lib.olm_export_inbound_group_session_length, -) -inbound_group_session_function( - lib.olm_export_inbound_group_session, c_void_p, c_size_t, c_uint32, -) - - -class InboundGroupSession(object): - def __init__(self): - self.buf = create_string_buffer(lib.olm_inbound_group_session_size()) - self.ptr = lib.olm_inbound_group_session(self.buf) - - def pickle(self, key): - key_buffer = create_string_buffer(key) - pickle_length = lib.olm_pickle_inbound_group_session_length(self.ptr) - pickle_buffer = create_string_buffer(pickle_length) - lib.olm_pickle_inbound_group_session( - self.ptr, key_buffer, len(key), pickle_buffer, pickle_length - ) - return pickle_buffer.raw - - def unpickle(self, key, pickle): - key_buffer = create_string_buffer(key) - pickle_buffer = create_string_buffer(pickle) - lib.olm_unpickle_inbound_group_session( - self.ptr, key_buffer, len(key), pickle_buffer, len(pickle) - ) - - def init(self, session_key): - key_buffer = create_string_buffer(session_key) - lib.olm_init_inbound_group_session( - self.ptr, key_buffer, len(session_key) - ) - - def import_session(self, session_key): - key_buffer = create_string_buffer(session_key) - lib.olm_import_inbound_group_session( - self.ptr, key_buffer, len(session_key) - ) - - def decrypt(self, message): - message_buffer = create_string_buffer(message) - max_plaintext_length = lib.olm_group_decrypt_max_plaintext_length( - self.ptr, message_buffer, len(message) - ) - plaintext_buffer = create_string_buffer(max_plaintext_length) - message_buffer = create_string_buffer(message) - - message_index = c_uint32() - plaintext_length = lib.olm_group_decrypt( - self.ptr, message_buffer, len(message), - plaintext_buffer, max_plaintext_length, - byref(message_index) - ) - return plaintext_buffer.raw[:plaintext_length], message_index.value - - def session_id(self): - id_length = lib.olm_inbound_group_session_id_length(self.ptr) - id_buffer = create_string_buffer(id_length) - lib.olm_inbound_group_session_id(self.ptr, id_buffer, id_length) - return id_buffer.raw - - def first_known_index(self): - return lib.olm_inbound_group_session_first_known_index(self.ptr) - - def export_session(self, message_index): - length = lib.olm_export_inbound_group_session_length(self.ptr) - buffer = create_string_buffer(length) - lib.olm_export_inbound_group_session(self.ptr, buffer, length, - message_index) - return buffer.raw diff --git a/python/olm/outbound_group_session.py b/python/olm/outbound_group_session.py deleted file mode 100644 index 5032b34..0000000 --- a/python/olm/outbound_group_session.py +++ /dev/null @@ -1,134 +0,0 @@ -import json -from os import urandom - -from ._base import * - -lib.olm_outbound_group_session_size.argtypes = [] -lib.olm_outbound_group_session_size.restype = c_size_t - -lib.olm_outbound_group_session.argtypes = [c_void_p] -lib.olm_outbound_group_session.restype = c_void_p - -lib.olm_outbound_group_session_last_error.argtypes = [c_void_p] -lib.olm_outbound_group_session_last_error.restype = c_char_p - - -def outbound_group_session_errcheck(res, func, args): - if res == ERR: - raise OlmError("%s: %s" % ( - func.__name__, lib.olm_outbound_group_session_last_error(args[0]) - )) - return res - - -def outbound_group_session_function(func, *types): - func.argtypes = (c_void_p,) + types - func.restypes = c_size_t - func.errcheck = outbound_group_session_errcheck - - -outbound_group_session_function( - lib.olm_pickle_outbound_group_session, - c_void_p, c_size_t, c_void_p, c_size_t, -) -outbound_group_session_function( - lib.olm_unpickle_outbound_group_session, - c_void_p, c_size_t, c_void_p, c_size_t, -) - -outbound_group_session_function( - lib.olm_init_outbound_group_session_random_length, -) -outbound_group_session_function( - lib.olm_init_outbound_group_session, - c_void_p, c_size_t, -) - -lib.olm_outbound_group_session_message_index.argtypes = [c_void_p] -lib.olm_outbound_group_session_message_index.restype = c_uint32 - -outbound_group_session_function( - lib.olm_group_encrypt_message_length, - c_size_t, -) -outbound_group_session_function( - lib.olm_group_encrypt, - c_void_p, c_size_t, # Plaintext - c_void_p, c_size_t, # Message -) - -outbound_group_session_function( - lib.olm_outbound_group_session_id_length, -) -outbound_group_session_function( - lib.olm_outbound_group_session_id, - c_void_p, c_size_t, -) -outbound_group_session_function( - lib.olm_outbound_group_session_key_length, -) -outbound_group_session_function( - lib.olm_outbound_group_session_key, - c_void_p, c_size_t, -) - - -class OutboundGroupSession(object): - def __init__(self): - self.buf = create_string_buffer(lib.olm_outbound_group_session_size()) - self.ptr = lib.olm_outbound_group_session(self.buf) - - random_length = lib.olm_init_outbound_group_session_random_length( - self.ptr - ) - random = urandom(random_length) - random_buffer = create_string_buffer(random) - lib.olm_init_outbound_group_session( - self.ptr, random_buffer, random_length - ) - - def pickle(self, key): - key_buffer = create_string_buffer(key) - pickle_length = lib.olm_pickle_outbound_group_session_length(self.ptr) - pickle_buffer = create_string_buffer(pickle_length) - lib.olm_pickle_outbound_group_session( - self.ptr, key_buffer, len(key), pickle_buffer, pickle_length - ) - return pickle_buffer.raw - - def unpickle(self, key, pickle): - key_buffer = create_string_buffer(key) - pickle_buffer = create_string_buffer(pickle) - lib.olm_unpickle_outbound_group_session( - self.ptr, key_buffer, len(key), pickle_buffer, len(pickle) - ) - - def encrypt(self, plaintext): - message_length = lib.olm_group_encrypt_message_length( - self.ptr, len(plaintext) - ) - message_buffer = create_string_buffer(message_length) - - plaintext_buffer = create_string_buffer(plaintext) - - lib.olm_group_encrypt( - self.ptr, - plaintext_buffer, len(plaintext), - message_buffer, message_length, - ) - return message_buffer.raw - - def session_id(self): - id_length = lib.olm_outbound_group_session_id_length(self.ptr) - id_buffer = create_string_buffer(id_length) - lib.olm_outbound_group_session_id(self.ptr, id_buffer, id_length) - return id_buffer.raw - - def message_index(self): - return lib.olm_outbound_group_session_message_index(self.ptr) - - def session_key(self): - key_length = lib.olm_outbound_group_session_key_length(self.ptr) - key_buffer = create_string_buffer(key_length) - lib.olm_outbound_group_session_key(self.ptr, key_buffer, key_length) - return key_buffer.raw diff --git a/python/olm/session.py b/python/olm/session.py index 019ea9e..cba9be0 100644 --- a/python/olm/session.py +++ b/python/olm/session.py @@ -1,204 +1,486 @@ -from os import urandom +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""libolm Session module. -from ._base import * +This module contains the Olm Session part of the Olm library. +It is used to establish a peer-to-peer encrypted communication channel between +two Olm accounts. -lib.olm_session_size.argtypes = [] -lib.olm_session_size.restype = c_size_t +Examples: + >>> alice = Account() + >>> bob = Account() + >>> bob.generate_one_time_keys(1) + >>> id_key = bob.identity_keys['curve25519'] + >>> one_time = list(bob.one_time_keys["curve25519"].values())[0] + >>> session = OutboundSession(alice, id_key, one_time) -lib.olm_session.argtypes = [c_void_p] -lib.olm_session.restype = c_void_p +""" -lib.olm_session_last_error.argtypes = [c_void_p] -lib.olm_session_last_error.restype = c_char_p +# pylint: disable=redefined-builtin,unused-import +from builtins import bytes, super +from typing import AnyStr, Optional, Type +from future.utils import bytes_to_native_str -def session_errcheck(res, func, args): - if res == ERR: - raise OlmError("%s: %s" % ( - func.__name__, lib.olm_session_last_error(args[0]) - )) - return res - - -def session_function(func, *types): - func.argtypes = (c_void_p,) + types - func.restypes = c_size_t - func.errcheck = session_errcheck - -session_function(lib.olm_session_last_error) -session_function( - lib.olm_pickle_session, c_void_p, c_size_t, c_void_p, c_size_t -) -session_function( - lib.olm_unpickle_session, c_void_p, c_size_t, c_void_p, c_size_t -) -session_function(lib.olm_create_outbound_session_random_length) -session_function( - lib.olm_create_outbound_session, - c_void_p, # Account - c_void_p, c_size_t, # Identity Key - c_void_p, c_size_t, # One Time Key - c_void_p, c_size_t, # Random -) -session_function( - lib.olm_create_inbound_session, - c_void_p, # Account - c_void_p, c_size_t, # Pre Key Message -) -session_function( - lib.olm_create_inbound_session_from, - c_void_p, # Account - c_void_p, c_size_t, # Identity Key - c_void_p, c_size_t, # Pre Key Message -) -session_function(lib.olm_session_id_length) -session_function(lib.olm_session_id, c_void_p, c_size_t) -session_function(lib.olm_matches_inbound_session, c_void_p, c_size_t) -session_function( - lib.olm_matches_inbound_session_from, - c_void_p, c_size_t, # Identity Key - c_void_p, c_size_t, # Pre Key Message -) -session_function(lib.olm_pickle_session_length) -session_function(lib.olm_encrypt_message_type) -session_function(lib.olm_encrypt_random_length) -session_function(lib.olm_encrypt_message_length, c_size_t) -session_function( - lib.olm_encrypt, - c_void_p, c_size_t, # Plaintext - c_void_p, c_size_t, # Random - c_void_p, c_size_t, # Message -) -session_function( - lib.olm_decrypt_max_plaintext_length, - c_size_t, # Message Type - c_void_p, c_size_t, # Message -) -session_function( - lib.olm_decrypt, - c_size_t, # Message Type - c_void_p, c_size_t, # Message - c_void_p, c_size_t, # Plaintext -) +# pylint: disable=no-name-in-module +from _libolm import ffi, lib # type: ignore + +from ._compat import URANDOM, to_bytearray, to_bytes +from ._finalize import track_for_finalization + +# This is imported only for type checking purposes +if False: + from .account import Account # pragma: no cover + + +class OlmSessionError(Exception): + """libolm Session exception.""" + + +class _OlmMessage(object): + def __init__(self, ciphertext, message_type): + # type: (AnyStr, ffi.cdata) -> None + if not ciphertext: + raise ValueError("Ciphertext can't be empty") + + # I don't know why mypy wants a type annotation here nor why AnyStr + # doesn't work + self.ciphertext = ciphertext # type: ignore + self.message_type = message_type + + def __str__(self): + # type: () -> str + type_to_prefix = { + lib.OLM_MESSAGE_TYPE_PRE_KEY: "PRE_KEY", + lib.OLM_MESSAGE_TYPE_MESSAGE: "MESSAGE" + } + + prefix = type_to_prefix[self.message_type] + return "{} {}".format(prefix, self.ciphertext) + + +class OlmPreKeyMessage(_OlmMessage): + """Olm prekey message class + + Prekey messages are used to establish an Olm session. After the first + message exchange the session switches to normal messages + """ + + def __init__(self, ciphertext): + # type: (AnyStr) -> None + """Create a new Olm prekey message with the supplied ciphertext + + Args: + ciphertext(str): The ciphertext of the prekey message. + """ + _OlmMessage.__init__(self, ciphertext, lib.OLM_MESSAGE_TYPE_PRE_KEY) + + def __repr__(self): + # type: () -> str + return "OlmPreKeyMessage({})".format(self.ciphertext) + + +class OlmMessage(_OlmMessage): + """Olm message class""" + + def __init__(self, ciphertext): + # type: (AnyStr) -> None + """Create a new Olm message with the supplied ciphertext + + Args: + ciphertext(str): The ciphertext of the message. + """ + _OlmMessage.__init__(self, ciphertext, lib.OLM_MESSAGE_TYPE_MESSAGE) + + def __repr__(self): + # type: () -> str + return "OlmMessage({})".format(self.ciphertext) + + +def _clear_session(session): + # type: (ffi.cdata) -> None + lib.olm_clear_session(session) class Session(object): + """libolm Session class. + This is an abstract class that can't be instantiated except when unpickling + a previously pickled InboundSession or OutboundSession object with + from_pickle. + """ + + def __new__(cls): + # type: (Type[Session]) -> Session + + obj = super().__new__(cls) + obj._buf = ffi.new("char[]", lib.olm_session_size()) + obj._session = lib.olm_session(obj._buf) + track_for_finalization(obj, obj._session, _clear_session) + return obj + def __init__(self): - self.buf = create_string_buffer(lib.olm_session_size()) - self.ptr = lib.olm_session(self.buf) - - def pickle(self, key): - key_buffer = create_string_buffer(key) - pickle_length = lib.olm_pickle_session_length(self.ptr) - pickle_buffer = create_string_buffer(pickle_length) - lib.olm_pickle_session( - self.ptr, key_buffer, len(key), pickle_buffer, pickle_length - ) - return pickle_buffer.raw + # type: () -> None + if type(self) is Session: + raise TypeError("Session class may not be instantiated.") - def unpickle(self, key, pickle): - key_buffer = create_string_buffer(key) - pickle_buffer = create_string_buffer(pickle) - lib.olm_unpickle_session( - self.ptr, key_buffer, len(key), pickle_buffer, len(pickle) - ) + if False: + self._session = self._session # type: ffi.cdata - def create_outbound(self, account, identity_key, one_time_key): - r_length = lib.olm_create_outbound_session_random_length(self.ptr) - random = urandom(r_length) - random_buffer = create_string_buffer(random) - identity_key_buffer = create_string_buffer(identity_key) - one_time_key_buffer = create_string_buffer(one_time_key) - lib.olm_create_outbound_session( - self.ptr, - account.ptr, - identity_key_buffer, len(identity_key), - one_time_key_buffer, len(one_time_key), - random_buffer, r_length - ) + def _check_error(self, ret): + # type: (int) -> None + if ret != lib.olm_error(): + return - def create_inbound(self, account, one_time_key_message): - one_time_key_message_buffer = create_string_buffer( - one_time_key_message - ) - lib.olm_create_inbound_session( - self.ptr, - account.ptr, - one_time_key_message_buffer, len(one_time_key_message) - ) + last_error = bytes_to_native_str( + ffi.string(lib.olm_session_last_error(self._session))) - def create_inbound_from(self, account, identity_key, one_time_key_message): - identity_key_buffer = create_string_buffer(identity_key) - one_time_key_message_buffer = create_string_buffer( - one_time_key_message - ) - lib.olm_create_inbound_session_from( - self.ptr, - account.ptr, - identity_key_buffer, len(identity_key), - one_time_key_message_buffer, len(one_time_key_message) - ) + raise OlmSessionError(last_error) - def session_id(self): - id_length = lib.olm_session_id_length(self.ptr) - id_buffer = create_string_buffer(id_length) - lib.olm_session_id(self.ptr, id_buffer, id_length) - return id_buffer.raw + def pickle(self, passphrase=""): + # type: (Optional[str]) -> bytes + """Store an Olm session. - def matches_inbound(self, one_time_key_message): - one_time_key_message_buffer = create_string_buffer( - one_time_key_message, - ) - return bool(lib.olm_matches_inbound_session( - self.ptr, - one_time_key_message_buffer, len(one_time_key_message) - )) + Stores a session as a base64 string. Encrypts the session using the + supplied passphrase. Returns a byte object containing the base64 + encoded string of the pickled session. Raises OlmSessionError on + failure. - def matches_inbound_from(self, identity_key, one_time_key_message): - identity_key_buffer = create_string_buffer(identity_key) - one_time_key_message_buffer = create_string_buffer( - one_time_key_message, - ) - return bool(lib.olm_matches_inbound_session( - self.ptr, - identity_key_buffer, len(identity_key), - one_time_key_message_buffer, len(one_time_key_message) - )) + Args: + passphrase(str, optional): The passphrase to be used to encrypt + the session. + """ + byte_key = bytearray(passphrase, "utf-8") if passphrase else b"" + + pickle_length = lib.olm_pickle_session_length(self._session) + pickle_buffer = ffi.new("char[]", pickle_length) + + try: + self._check_error( + lib.olm_pickle_session(self._session, + ffi.from_buffer(byte_key), + len(byte_key), + pickle_buffer, pickle_length)) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_key)): + byte_key[i] = 0 + + return ffi.unpack(pickle_buffer, pickle_length) + + @classmethod + def from_pickle(cls, pickle, passphrase=""): + # type: (bytes, Optional[str]) -> Session + """Load a previously stored Olm session. + + Loads a session from a pickled base64 string and returns a Session + object. Decrypts the session using the supplied passphrase. Raises + OlmSessionError on failure. If the passphrase doesn't match the one + used to encrypt the session then the error message for the + exception will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded + then the error message will be "INVALID_BASE64". + + Args: + pickle(bytes): Base64 encoded byte string containing the pickled + session + passphrase(str, optional): The passphrase used to encrypt the + session. + """ + if not pickle: + raise ValueError("Pickle can't be empty") + + byte_key = bytearray(passphrase, "utf-8") if passphrase else b"" + # copy because unpickle will destroy the buffer + pickle_buffer = ffi.new("char[]", pickle) + + session = cls.__new__(cls) + + try: + ret = lib.olm_unpickle_session(session._session, + ffi.from_buffer(byte_key), + len(byte_key), + pickle_buffer, + len(pickle)) + session._check_error(ret) + finally: + # clear out copies of the passphrase + for i in range(0, len(byte_key)): + byte_key[i] = 0 + + return session def encrypt(self, plaintext): - r_length = lib.olm_encrypt_random_length(self.ptr) - random = urandom(r_length) - random_buffer = create_string_buffer(random) + # type: (AnyStr) -> _OlmMessage + """Encrypts a message using the session. Returns the ciphertext as a + base64 encoded string on success. Raises OlmSessionError on failure. - message_type = lib.olm_encrypt_message_type(self.ptr) - message_length = lib.olm_encrypt_message_length( - self.ptr, len(plaintext) - ) - message_buffer = create_string_buffer(message_length) + Args: + plaintext(str): The plaintext message that will be encrypted. + """ + byte_plaintext = to_bytearray(plaintext) - plaintext_buffer = create_string_buffer(plaintext) + r_length = lib.olm_encrypt_random_length(self._session) + random = URANDOM(r_length) - lib.olm_encrypt( - self.ptr, - plaintext_buffer, len(plaintext), - random_buffer, r_length, - message_buffer, message_length, - ) - return message_type, message_buffer.raw + try: + message_type = lib.olm_encrypt_message_type(self._session) + + self._check_error(message_type) + + ciphertext_length = lib.olm_encrypt_message_length( + self._session, len(byte_plaintext) + ) + ciphertext_buffer = ffi.new("char[]", ciphertext_length) + + self._check_error(lib.olm_encrypt( + self._session, + ffi.from_buffer(byte_plaintext), len(byte_plaintext), + ffi.from_buffer(random), r_length, + ciphertext_buffer, ciphertext_length, + )) + finally: + # clear out copies of plaintext + if byte_plaintext is not plaintext: + for i in range(0, len(byte_plaintext)): + byte_plaintext[i] = 0 + + if message_type == lib.OLM_MESSAGE_TYPE_PRE_KEY: + return OlmPreKeyMessage( + bytes_to_native_str(ffi.unpack( + ciphertext_buffer, + ciphertext_length + ))) + elif message_type == lib.OLM_MESSAGE_TYPE_MESSAGE: + return OlmMessage( + bytes_to_native_str(ffi.unpack( + ciphertext_buffer, + ciphertext_length + ))) + else: # pragma: no cover + raise ValueError("Unknown message type") + + def decrypt(self, message): + # type: (_OlmMessage) -> str + """Decrypts a message using the session. Returns the plaintext string + on success. Raises OlmSessionError on failure. If the base64 couldn't + be decoded then the error message will be "INVALID_BASE64". If the + message is for an unsupported version of the protocol the error message + will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then + the error message will be "BAD_MESSAGE_FORMAT". If the MAC on the + message was invalid then the error message will be "BAD_MESSAGE_MAC". + + Args: + message(OlmMessage): The Olm message that will be decrypted. It can + be either an OlmPreKeyMessage or an OlmMessage. + """ + if not message.ciphertext: + raise ValueError("Ciphertext can't be empty") + + byte_ciphertext = to_bytes(message.ciphertext) + # make a copy the ciphertext buffer, because + # olm_decrypt_max_plaintext_length wants to destroy something + ciphertext_buffer = ffi.new("char[]", byte_ciphertext) - def decrypt(self, message_type, message): - message_buffer = create_string_buffer(message) max_plaintext_length = lib.olm_decrypt_max_plaintext_length( - self.ptr, message_type, message_buffer, len(message) + self._session, message.message_type, ciphertext_buffer, + len(byte_ciphertext) ) - plaintext_buffer = create_string_buffer(max_plaintext_length) - message_buffer = create_string_buffer(message) + self._check_error(max_plaintext_length) + plaintext_buffer = ffi.new("char[]", max_plaintext_length) + + # make a copy the ciphertext buffer, because + # olm_decrypt_max_plaintext_length wants to destroy something + ciphertext_buffer = ffi.new("char[]", byte_ciphertext) plaintext_length = lib.olm_decrypt( - self.ptr, message_type, message_buffer, len(message), + self._session, message.message_type, + ciphertext_buffer, len(byte_ciphertext), plaintext_buffer, max_plaintext_length ) - return plaintext_buffer.raw[:plaintext_length] + self._check_error(plaintext_length) + plaintext = bytes_to_native_str( + ffi.unpack(plaintext_buffer, plaintext_length)) + + # clear out copies of the plaintext + lib.memset(plaintext_buffer, 0, max_plaintext_length) + + return plaintext + + @property + def id(self): + # type: () -> str + """str: An identifier for this session. Will be the same for both + ends of the conversation. + """ + id_length = lib.olm_session_id_length(self._session) + id_buffer = ffi.new("char[]", id_length) + + self._check_error( + lib.olm_session_id(self._session, id_buffer, id_length) + ) + return bytes_to_native_str(ffi.unpack(id_buffer, id_length)) + + def matches(self, message, identity_key=None): + # type: (OlmPreKeyMessage, Optional[AnyStr]) -> bool + """Checks if the PRE_KEY message is for this in-bound session. + This can happen if multiple messages are sent to this session before + this session sends a message in reply. Returns True if the session + matches. Returns False if the session does not match. Raises + OlmSessionError on failure. If the base64 couldn't be decoded then the + error message will be "INVALID_BASE64". If the message was for an + unsupported protocol version then the error message will be + "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then the + error message will be * "BAD_MESSAGE_FORMAT". + + Args: + message(OlmPreKeyMessage): The Olm prekey message that will checked + if it is intended for this session. + identity_key(str, optional): The identity key of the sender. To + check if the message was also sent using this identity key. + """ + if not isinstance(message, OlmPreKeyMessage): + raise TypeError("Matches can only be called with prekey messages.") + + if not message.ciphertext: + raise ValueError("Ciphertext can't be empty") + + ret = None + + byte_ciphertext = to_bytes(message.ciphertext) + # make a copy, because olm_matches_inbound_session(_from) will distroy + # it + message_buffer = ffi.new("char[]", byte_ciphertext) + + if identity_key: + byte_id_key = to_bytes(identity_key) + + ret = lib.olm_matches_inbound_session_from( + self._session, + ffi.from_buffer(byte_id_key), len(byte_id_key), + message_buffer, len(byte_ciphertext) + ) + + else: + ret = lib.olm_matches_inbound_session( + self._session, + message_buffer, len(byte_ciphertext)) - def clear(self): - pass + self._check_error(ret) + + return bool(ret) + + +class InboundSession(Session): + """Inbound Olm session for p2p encrypted communication. + """ + + def __new__(cls, account, message, identity_key=None): + # type: (Account, OlmPreKeyMessage, Optional[AnyStr]) -> Session + return super().__new__(cls) + + def __init__(self, account, message, identity_key=None): + # type: (Account, OlmPreKeyMessage, Optional[AnyStr]) -> None + """Create a new inbound Olm session. + + Create a new in-bound session for sending/receiving messages from an + incoming prekey message. Raises OlmSessionError on failure. If the + base64 couldn't be decoded then error message will be "INVALID_BASE64". + If the message was for an unsupported protocol version then + the errror message will be "BAD_MESSAGE_VERSION". If the message + couldn't be decoded then then the error message will be + "BAD_MESSAGE_FORMAT". If the message refers to an unknown one-time + key then the error message will be "BAD_MESSAGE_KEY_ID". + + Args: + account(Account): The Olm Account that will be used to create this + session. + message(OlmPreKeyMessage): The Olm prekey message that will checked + that will be used to create this session. + identity_key(str, optional): The identity key of the sender. To + check if the message was also sent using this identity key. + """ + if not message.ciphertext: + raise ValueError("Ciphertext can't be empty") + + super().__init__() + byte_ciphertext = to_bytes(message.ciphertext) + message_buffer = ffi.new("char[]", byte_ciphertext) + + if identity_key: + byte_id_key = to_bytes(identity_key) + identity_key_buffer = ffi.new("char[]", byte_id_key) + self._check_error(lib.olm_create_inbound_session_from( + self._session, + account._account, + identity_key_buffer, len(byte_id_key), + message_buffer, len(byte_ciphertext) + )) + else: + self._check_error(lib.olm_create_inbound_session( + self._session, + account._account, + message_buffer, len(byte_ciphertext) + )) + + +class OutboundSession(Session): + """Outbound Olm session for p2p encrypted communication.""" + + def __new__(cls, account, identity_key, one_time_key): + # type: (Account, AnyStr, AnyStr) -> Session + return super().__new__(cls) + + def __init__(self, account, identity_key, one_time_key): + # type: (Account, AnyStr, AnyStr) -> None + """Create a new outbound Olm session. + + Creates a new outbound session for sending messages to a given + identity key and one-time key. + + Raises OlmSessionError on failure. If the keys couldn't be decoded as + base64 then the error message will be "INVALID_BASE64". + + Args: + account(Account): The Olm Account that will be used to create this + session. + identity_key(str): The identity key of the person with whom we want + to start the session. + one_time_key(str): A one-time key from the person with whom we want + to start the session. + """ + if not identity_key: + raise ValueError("Identity key can't be empty") + + if not one_time_key: + raise ValueError("One-time key can't be empty") + + super().__init__() + + byte_id_key = to_bytes(identity_key) + byte_one_time = to_bytes(one_time_key) + + session_random_length = lib.olm_create_outbound_session_random_length( + self._session) + + random = URANDOM(session_random_length) + + self._check_error(lib.olm_create_outbound_session( + self._session, + account._account, + ffi.from_buffer(byte_id_key), len(byte_id_key), + ffi.from_buffer(byte_one_time), len(byte_one_time), + ffi.from_buffer(random), session_random_length + )) diff --git a/python/olm/utility.py b/python/olm/utility.py index dac0225..0a64128 100644 --- a/python/olm/utility.py +++ b/python/olm/utility.py @@ -1,56 +1,110 @@ -from ._base import lib, c_void_p, c_size_t, c_char_p, \ - create_string_buffer, ERR, OlmError +# -*- coding: utf-8 -*- +# libolm python bindings +# Copyright © 2015-2017 OpenMarket Ltd +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""libolm Utility module. -lib.olm_utility_size.argtypes = [] -lib.olm_utility_size.restype = c_size_t +This module contains utilities for olm. +It only contains the ed25519_verify function for signature verification. -lib.olm_utility.argtypes = [c_void_p] -lib.olm_utility.restype = c_void_p +Examples: + >>> alice = Account() -lib.olm_utility_last_error.argtypes = [c_void_p] -lib.olm_utility_last_error.restype = c_char_p + >>> message = "Test" + >>> signature = alice.sign(message) + >>> signing_key = alice.identity_keys["ed25519"] + >>> ed25519_verify(signing_key, message, signature) -def utility_errcheck(res, func, args): - if res == ERR: - raise OlmError("%s: %s" % ( - func.__name__, lib.olm_utility_last_error(args[0]) - )) - return res +""" +# pylint: disable=redefined-builtin,unused-import +from typing import AnyStr, Type -def utility_function(func, *types): - func.argtypes = (c_void_p,) + types - func.restypes = c_size_t - func.errcheck = utility_errcheck +# pylint: disable=no-name-in-module +from _libolm import ffi, lib # type: ignore -utility_function( - lib.olm_ed25519_verify, - c_void_p, c_size_t, # key, key_length - c_void_p, c_size_t, # message, message_length - c_void_p, c_size_t, # signature, signature_length -) +from ._compat import to_bytearray, to_bytes +from ._finalize import track_for_finalization -class Utility(object): - def __init__(self): - self.buf = create_string_buffer(lib.olm_utility_size()) - self.ptr = lib.olm_utility(self.buf) +def _clear_utility(utility): # pragma: no cover + # type: (ffi.cdata) -> None + lib.olm_clear_utility(utility) -_utility = None + +class OlmVerifyError(Exception): + """libolm signature verification exception.""" + + +class _Utility(object): + # pylint: disable=too-few-public-methods + """libolm Utility class.""" + + _buf = None + _utility = None + + @classmethod + def _allocate(cls): + # type: (Type[_Utility]) -> None + cls._buf = ffi.new("char[]", lib.olm_utility_size()) + cls._utility = lib.olm_utility(cls._buf) + track_for_finalization(cls, cls._utility, _clear_utility) + + @classmethod + def _check_error(cls, ret): + # type: (int) -> None + if ret != lib.olm_error(): + return + + raise OlmVerifyError("{}".format( + ffi.string(lib.olm_utility_last_error( + cls._utility)).decode("utf-8"))) + + @classmethod + def _ed25519_verify(cls, key, message, signature): + # type: (Type[_Utility], AnyStr, AnyStr, AnyStr) -> None + if not cls._utility: + cls._allocate() + + byte_key = to_bytes(key) + byte_message = to_bytearray(message) + byte_signature = to_bytes(signature) + + try: + cls._check_error( + lib.olm_ed25519_verify(cls._utility, byte_key, len(byte_key), + ffi.from_buffer(byte_message), + len(byte_message), + byte_signature, len(byte_signature))) + finally: + # clear out copies of the message, which may be a plaintext + if byte_message is not message: + for i in range(0, len(byte_message)): + byte_message[i] = 0 def ed25519_verify(key, message, signature): - """ Verify an ed25519 signature. Raises an OlmError if verification fails. + # type: (AnyStr, AnyStr, AnyStr) -> None + """Verify an ed25519 signature. + + Raises an OlmVerifyError if verification fails. + Args: - key(bytes): The ed25519 public key used for signing. - message(bytes): The signed message. + key(str): The ed25519 public key used for signing. + message(str): The signed message. signature(bytes): The message signature. """ - global _utility - if not _utility: - _utility = Utility() - lib.olm_ed25519_verify(_utility.ptr, - key, len(key), - message, len(message), - signature, len(signature)) + return _Utility._ed25519_verify(key, message, signature) diff --git a/python/olm_build.py b/python/olm_build.py new file mode 100644 index 0000000..ee836d8 --- /dev/null +++ b/python/olm_build.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- + +# libolm python bindings +# Copyright © 2018 Damir Jelić <poljar@termina.org.uk> +# +# Permission to use, copy, modify, and/or distribute this software for +# any purpose with or without fee is hereby granted, provided that the +# above copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER +# RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF +# CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +from __future__ import unicode_literals + +import os + +from cffi import FFI + +ffibuilder = FFI() +PATH = os.path.dirname(__file__) + +DEVELOP = os.environ.get("DEVELOP") + +compile_args = ["-I../include"] +link_args = ["-L../build"] + +if DEVELOP and DEVELOP.lower() in ["yes", "true", "1"]: + link_args.append('-Wl,-rpath=../build') + + +ffibuilder.set_source( + "_libolm", + r""" + #include <olm/olm.h> + #include <olm/inbound_group_session.h> + #include <olm/outbound_group_session.h> + """, + libraries=["olm"], + extra_compile_args=compile_args, + extra_link_args=link_args) + +with open(os.path.join(PATH, "include/olm/olm.h")) as f: + ffibuilder.cdef(f.read(), override=True) + +if __name__ == "__main__": + ffibuilder.compile(verbose=True) diff --git a/python/requirements.txt b/python/requirements.txt new file mode 100644 index 0000000..c627b85 --- /dev/null +++ b/python/requirements.txt @@ -0,0 +1,3 @@ +future +cffi +typing diff --git a/python/setup.cfg b/python/setup.cfg new file mode 100644 index 0000000..d10b7e4 --- /dev/null +++ b/python/setup.cfg @@ -0,0 +1,8 @@ +[tool:pytest] +testpaths = tests +flake8-ignore = + olm/*.py F401 + tests/*.py W503 + +[coverage:run] +omit=olm/__version__.py diff --git a/python/setup.py b/python/setup.py new file mode 100644 index 0000000..4b0deb1 --- /dev/null +++ b/python/setup.py @@ -0,0 +1,27 @@ +# -*- coding: utf-8 -*- + +import os +from codecs import open + +from setuptools import setup + +here = os.path.abspath(os.path.dirname(__file__)) + +about = {} +with open(os.path.join(here, "olm", "__version__.py"), "r", "utf-8") as f: + exec(f.read(), about) + +setup( + name=about["__title__"], + version=about["__version__"], + description=about["__description__"], + author=about["__author__"], + author_email=about["__author_email__"], + url=about["__url__"], + license=about["__license__"], + packages=["olm"], + setup_requires=["cffi>=1.0.0"], + cffi_modules=["olm_build.py:ffibuilder"], + install_requires=["cffi>=1.0.0", "future", "typing"], + zip_safe=False +) diff --git a/python/test-requirements.txt b/python/test-requirements.txt new file mode 100644 index 0000000..eb89250 --- /dev/null +++ b/python/test-requirements.txt @@ -0,0 +1,7 @@ +pytest +hypothesis +pytest-flake8 +pytest-isort +pytest-cov +pytest-benchmark +aspectlib diff --git a/python/test_olm.sh b/python/test_olm.sh deleted file mode 100755 index 1554720..0000000 --- a/python/test_olm.sh +++ /dev/null @@ -1,46 +0,0 @@ -#! /bin/bash - -set -e - -cd `dirname $0` - -OLM="python -m olm" - -ALICE_ACCOUNT=alice.account -ALICE_SESSION=alice.session -ALICE_GROUP_SESSION=alice.group_session -BOB_ACCOUNT=bob.account -BOB_SESSION=bob.session -BOB_GROUP_SESSION=bob.group_session -CHARLIE_GROUP_SESSION=charlie.group_session - -rm -f $ALICE_ACCOUNT $BOB_ACCOUNT -rm -f $ALICE_SESSION $BOB_SESSION -rm -f $ALICE_GROUP_SESSION $BOB_GROUP_SESSION $CHARLIE_GROUP_SESSION - -$OLM create_account $ALICE_ACCOUNT -$OLM create_account $BOB_ACCOUNT -$OLM generate_keys $BOB_ACCOUNT 1 - -BOB_IDENTITY_KEY="$($OLM identity_key $BOB_ACCOUNT)" -BOB_ONE_TIME_KEY="$($OLM one_time_key $BOB_ACCOUNT)" - -$OLM outbound $ALICE_ACCOUNT $ALICE_SESSION "$BOB_IDENTITY_KEY" "$BOB_ONE_TIME_KEY" - -echo "Hello world" | $OLM encrypt $ALICE_SESSION - - | $OLM inbound $BOB_ACCOUNT $BOB_SESSION - - - - -### group sessions - -$OLM outbound_group $ALICE_GROUP_SESSION -$OLM group_credentials $ALICE_GROUP_SESSION | $OLM inbound_group $BOB_GROUP_SESSION -echo "Hello group" | $OLM group_encrypt $ALICE_GROUP_SESSION - group_message -$OLM group_decrypt $BOB_GROUP_SESSION group_message - -$OLM export_inbound_group $BOB_GROUP_SESSION | $OLM import_inbound_group $CHARLIE_GROUP_SESSION -$OLM group_decrypt $CHARLIE_GROUP_SESSION group_message - -### Sign/verify -ALICE_SIGNING_KEY="$($OLM signing_key $ALICE_ACCOUNT)" -sig="$(echo "Test message" | $OLM sign $ALICE_ACCOUNT - -)" -echo "Test message" | $OLM ed25519_verify $ALICE_SIGNING_KEY $sig - diff --git a/python/tests/account_test.py b/python/tests/account_test.py new file mode 100644 index 0000000..4fef72c --- /dev/null +++ b/python/tests/account_test.py @@ -0,0 +1,100 @@ +from builtins import int + +import pytest +from hypothesis import given +from hypothesis.strategies import text + +from olm import Account, OlmAccountError, OlmVerifyError, ed25519_verify +from olm._compat import to_bytes + + +class TestClass(object): + def test_to_bytes(self): + assert isinstance(to_bytes("a"), bytes) + assert isinstance(to_bytes(u"a"), bytes) + assert isinstance(to_bytes(b"a"), bytes) + assert isinstance(to_bytes(r"a"), bytes) + with pytest.raises(TypeError): + to_bytes(0) + + def test_account_creation(self): + alice = Account() + assert alice.identity_keys + assert len(alice.identity_keys) == 2 + + def test_account_pickle(self): + alice = Account() + pickle = alice.pickle() + assert (alice.identity_keys == Account.from_pickle(pickle) + .identity_keys) + + def test_invalid_unpickle(self): + with pytest.raises(ValueError): + Account.from_pickle(b"") + + def test_passphrase_pickle(self): + alice = Account() + passphrase = "It's a secret to everybody" + pickle = alice.pickle(passphrase) + assert (alice.identity_keys == Account.from_pickle( + pickle, passphrase).identity_keys) + + def test_wrong_passphrase_pickle(self): + alice = Account() + passphrase = "It's a secret to everybody" + pickle = alice.pickle(passphrase) + + with pytest.raises(OlmAccountError): + Account.from_pickle(pickle, "") + + def test_one_time_keys(self): + alice = Account() + alice.generate_one_time_keys(10) + one_time_keys = alice.one_time_keys + assert one_time_keys + assert len(one_time_keys["curve25519"]) == 10 + + def test_max_one_time_keys(self): + alice = Account() + assert isinstance(alice.max_one_time_keys, int) + + def test_publish_one_time_keys(self): + alice = Account() + alice.generate_one_time_keys(10) + one_time_keys = alice.one_time_keys + + assert one_time_keys + assert len(one_time_keys["curve25519"]) == 10 + + alice.mark_keys_as_published() + assert not alice.one_time_keys["curve25519"] + + def test_clear(self): + alice = Account() + del alice + + @given(text()) + def test_valid_signature(self, message): + alice = Account() + + signature = alice.sign(message) + signing_key = alice.identity_keys["ed25519"] + + assert signature + assert signing_key + + ed25519_verify(signing_key, message, signature) + + @given(text()) + def test_invalid_signature(self, message): + alice = Account() + bob = Account() + + signature = alice.sign(message) + signing_key = bob.identity_keys["ed25519"] + + assert signature + assert signing_key + + with pytest.raises(OlmVerifyError): + ed25519_verify(signing_key, message, signature) diff --git a/python/tests/group_session_test.py b/python/tests/group_session_test.py new file mode 100644 index 0000000..c17e84f --- /dev/null +++ b/python/tests/group_session_test.py @@ -0,0 +1,114 @@ +import pytest + +from olm import InboundGroupSession, OlmGroupSessionError, OutboundGroupSession + + +class TestClass(object): + def test_session_create(self): + OutboundGroupSession() + + def test_session_id(self): + session = OutboundGroupSession() + assert isinstance(session.id, str) + + def test_session_index(self): + session = OutboundGroupSession() + assert isinstance(session.message_index, int) + assert session.message_index == 0 + + def test_outbound_pickle(self): + session = OutboundGroupSession() + pickle = session.pickle() + + assert (session.id == OutboundGroupSession.from_pickle( + pickle).id) + + def test_invalid_unpickle(self): + with pytest.raises(ValueError): + OutboundGroupSession.from_pickle(b"") + + with pytest.raises(ValueError): + InboundGroupSession.from_pickle(b"") + + def test_inbound_create(self): + outbound = OutboundGroupSession() + InboundGroupSession(outbound.session_key) + + def test_invalid_decrypt(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + + with pytest.raises(ValueError): + inbound.decrypt("") + + def test_inbound_pickle(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + pickle = inbound.pickle() + InboundGroupSession.from_pickle(pickle) + + def test_inbound_export(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + imported = InboundGroupSession.import_session( + inbound.export_session(inbound.first_known_index) + ) + assert "Test", 0 == imported.decrypt(outbound.encrypt("Test")) + + def test_first_index(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + index = inbound.first_known_index + assert isinstance(index, int) + + def test_encrypt(self, benchmark): + benchmark.weave(OutboundGroupSession.encrypt, lazy=True) + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + assert "Test", 0 == inbound.decrypt(outbound.encrypt("Test")) + + def test_decrypt(self, benchmark): + benchmark.weave(InboundGroupSession.decrypt, lazy=True) + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + assert "Test", 0 == inbound.decrypt(outbound.encrypt("Test")) + + def test_decrypt_twice(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + outbound.encrypt("Test 1") + message, index = inbound.decrypt(outbound.encrypt("Test 2")) + assert isinstance(index, int) + assert ("Test 2", 1) == (message, index) + + def test_decrypt_failure(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + eve_outbound = OutboundGroupSession() + with pytest.raises(OlmGroupSessionError): + inbound.decrypt(eve_outbound.encrypt("Test")) + + def test_id(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + assert outbound.id == inbound.id + + def test_inbound_fail(self): + with pytest.raises(TypeError): + InboundGroupSession() + + def test_oubtound_pickle_fail(self): + outbound = OutboundGroupSession() + pickle = outbound.pickle("Test") + + with pytest.raises(OlmGroupSessionError): + OutboundGroupSession.from_pickle(pickle) + + def test_outbound_clear(self): + session = OutboundGroupSession() + del session + + def test_inbound_clear(self): + outbound = OutboundGroupSession() + inbound = InboundGroupSession(outbound.session_key) + del inbound diff --git a/python/tests/session_test.py b/python/tests/session_test.py new file mode 100644 index 0000000..ab1c38b --- /dev/null +++ b/python/tests/session_test.py @@ -0,0 +1,143 @@ +import pytest + +from olm import (Account, InboundSession, OlmMessage, OlmPreKeyMessage, + OlmSessionError, OutboundSession, Session) + + +class TestClass(object): + def _create_session(self): + alice = Account() + bob = Account() + bob.generate_one_time_keys(1) + id_key = bob.identity_keys["curve25519"] + one_time = list(bob.one_time_keys["curve25519"].values())[0] + session = OutboundSession(alice, id_key, one_time) + return alice, bob, session + + def test_session_create(self): + _, _, session_1 = self._create_session() + _, _, session_2 = self._create_session() + assert session_1 + assert session_2 + assert session_1.id != session_2.id + assert isinstance(session_1.id, str) + + def test_session_clear(self): + _, _, session = self._create_session() + del session + + def test_invalid_session_create(self): + with pytest.raises(TypeError): + Session() + + def test_session_pickle(self): + alice, bob, session = self._create_session() + Session.from_pickle(session.pickle()).id == session.id + + def test_session_invalid_pickle(self): + with pytest.raises(ValueError): + Session.from_pickle(b"") + + def test_wrong_passphrase_pickle(self): + alice, bob, session = self._create_session() + passphrase = "It's a secret to everybody" + pickle = alice.pickle(passphrase) + + with pytest.raises(OlmSessionError): + Session.from_pickle(pickle, "") + + def test_encrypt(self): + plaintext = "It's a secret to everybody" + alice, bob, session = self._create_session() + message = session.encrypt(plaintext) + + assert (repr(message) + == "OlmPreKeyMessage({})".format(message.ciphertext)) + + assert (str(message) + == "PRE_KEY {}".format(message.ciphertext)) + + bob_session = InboundSession(bob, message) + assert plaintext == bob_session.decrypt(message) + + def test_empty_message(self): + with pytest.raises(ValueError): + OlmPreKeyMessage("") + empty = OlmPreKeyMessage("x") + empty.ciphertext = "" + alice, bob, session = self._create_session() + + with pytest.raises(ValueError): + session.decrypt(empty) + + def test_inbound_with_id(self): + plaintext = "It's a secret to everybody" + alice, bob, session = self._create_session() + message = session.encrypt(plaintext) + alice_id = alice.identity_keys["curve25519"] + bob_session = InboundSession(bob, message, alice_id) + assert plaintext == bob_session.decrypt(message) + + def test_two_messages(self): + plaintext = "It's a secret to everybody" + alice, bob, session = self._create_session() + message = session.encrypt(plaintext) + alice_id = alice.identity_keys["curve25519"] + bob_session = InboundSession(bob, message, alice_id) + bob.remove_one_time_keys(bob_session) + assert plaintext == bob_session.decrypt(message) + + bob_plaintext = "Grumble, Grumble" + bob_message = bob_session.encrypt(bob_plaintext) + + assert (repr(bob_message) + == "OlmMessage({})".format(bob_message.ciphertext)) + + assert bob_plaintext == session.decrypt(bob_message) + + def test_matches(self): + plaintext = "It's a secret to everybody" + alice, bob, session = self._create_session() + message = session.encrypt(plaintext) + alice_id = alice.identity_keys["curve25519"] + bob_session = InboundSession(bob, message, alice_id) + assert plaintext == bob_session.decrypt(message) + + message_2nd = session.encrypt("Hey! Listen!") + + assert bob_session.matches(message_2nd) is True + assert bob_session.matches(message_2nd, alice_id) is True + + def test_invalid(self): + alice, bob, session = self._create_session() + message = OlmMessage("x") + + with pytest.raises(TypeError): + session.matches(message) + + message = OlmPreKeyMessage("x") + message.ciphertext = "" + + with pytest.raises(ValueError): + session.matches(message) + + with pytest.raises(ValueError): + InboundSession(bob, message) + + with pytest.raises(ValueError): + OutboundSession(alice, "", "x") + + with pytest.raises(ValueError): + OutboundSession(alice, "x", "") + + def test_doesnt_match(self): + plaintext = "It's a secret to everybody" + alice, bob, session = self._create_session() + message = session.encrypt(plaintext) + alice_id = alice.identity_keys["curve25519"] + bob_session = InboundSession(bob, message, alice_id) + + _, _, new_session = self._create_session() + + new_message = new_session.encrypt(plaintext) + assert bob_session.matches(new_message) is False diff --git a/python/tox.ini b/python/tox.ini new file mode 100644 index 0000000..e3a0188 --- /dev/null +++ b/python/tox.ini @@ -0,0 +1,43 @@ +# content of: tox.ini , put in same dir as setup.py +[tox] +envlist = py27,py36,pypy,{py2,py3}-cov,coverage +[testenv] +basepython = + py27: python2.7 + py36: python3.6 + pypy: pypy + py2: python2.7 + py3: python3.6 + +deps = -rrequirements.txt + -rtest-requirements.txt + +passenv = TOXENV CI TRAVIS TRAVIS_* +commands = pytest --benchmark-disable +usedevelop = True + +[testenv:py2-cov] +commands = + pytest --cov-report term-missing --cov=olm --benchmark-disable --cov-branch +setenv = + COVERAGE_FILE=.coverage.py2 + +[testenv:py3-cov] +commands = + py.test --cov=olm --cov-report term-missing --benchmark-disable --cov-branch +setenv = + COVERAGE_FILE=.coverage.py3 + +[testenv:coverage] +basepython = python3.6 +commands = + coverage erase + coverage combine + coverage xml + coverage report --show-missing + codecov -e TOXENV +deps = + coverage + codecov>=1.4.0 +setenv = + COVERAGE_FILE=.coverage @@ -70,7 +70,7 @@ size_t olm_pk_encryption_set_recipient_key ( ) { if (key_length < olm_pk_key_length()) { encryption->last_error = - OlmErrorCode::OLM_OUTPUT_BUFFER_TOO_SMALL; // FIXME: + OlmErrorCode::OLM_INPUT_BUFFER_TOO_SMALL; return std::size_t(-1); } olm::decode_base64( diff --git a/xcode/OLMKit.xcodeproj/project.pbxproj b/xcode/OLMKit.xcodeproj/project.pbxproj index ded14f1..7ea3d5b 100644 --- a/xcode/OLMKit.xcodeproj/project.pbxproj +++ b/xcode/OLMKit.xcodeproj/project.pbxproj @@ -7,6 +7,7 @@ objects = { /* Begin PBXBuildFile section */ + 3244277D2175EF700023EDF1 /* OLMKitPkTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 3244277C2175EF700023EDF1 /* OLMKitPkTests.m */; }; 3274F6021D9A633A005282E4 /* OLMKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 3274F5F81D9A633A005282E4 /* OLMKit.framework */; }; 3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 3274F6061D9A633A005282E4 /* OLMKitTests.m */; }; 3274F6131D9A698E005282E4 /* OLMKit.h in Headers */ = {isa = PBXBuildFile; fileRef = 3274F6121D9A698E005282E4 /* OLMKit.h */; }; @@ -27,6 +28,7 @@ /* Begin PBXFileReference section */ 1B226B371526F2782C9D6372 /* Pods-OLMKit.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-OLMKit.release.xcconfig"; path = "Pods/Target Support Files/Pods-OLMKit/Pods-OLMKit.release.xcconfig"; sourceTree = "<group>"; }; + 3244277C2175EF700023EDF1 /* OLMKitPkTests.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = OLMKitPkTests.m; sourceTree = "<group>"; }; 3274F5F81D9A633A005282E4 /* OLMKit.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = OLMKit.framework; sourceTree = BUILT_PRODUCTS_DIR; }; 3274F5FC1D9A633A005282E4 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; }; 3274F6011D9A633A005282E4 /* OLMKitTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = OLMKitTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; }; @@ -105,6 +107,7 @@ 3274F6051D9A633A005282E4 /* OLMKitTests */ = { isa = PBXGroup; children = ( + 3244277C2175EF700023EDF1 /* OLMKitPkTests.m */, 3274F6061D9A633A005282E4 /* OLMKitTests.m */, 32A151301DABDD4300400192 /* OLMKitGroupTests.m */, 3274F6081D9A633A005282E4 /* Info.plist */, @@ -279,6 +282,7 @@ buildActionMask = 2147483647; files = ( 3274F6071D9A633A005282E4 /* OLMKitTests.m in Sources */, + 3244277D2175EF700023EDF1 /* OLMKitPkTests.m in Sources */, 32A151311DABDD4300400192 /* OLMKitGroupTests.m in Sources */, ); runOnlyForDeploymentPostprocessing = 0; diff --git a/xcode/OLMKit/OLMAccount.m b/xcode/OLMKit/OLMAccount.m index 058b389..9e48c2d 100644 --- a/xcode/OLMKit/OLMAccount.m +++ b/xcode/OLMKit/OLMAccount.m @@ -193,6 +193,7 @@ } NSMutableData *pickle = [serializedData dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; size_t result = olm_unpickle_account(_account, key.bytes, key.length, pickle.mutableBytes, pickle.length); + [pickle resetBytesInRange:NSMakeRange(0, pickle.length)]; if (result == olm_error()) { const char *olm_error = olm_account_last_error(_account); NSString *errorString = [NSString stringWithUTF8String:olm_error]; @@ -219,6 +220,7 @@ return nil; } NSString *pickleString = [[NSString alloc] initWithData:pickled encoding:NSUTF8StringEncoding]; + [pickled resetBytesInRange:NSMakeRange(0, pickled.length)]; return pickleString; } diff --git a/xcode/OLMKit/OLMInboundGroupSession.m b/xcode/OLMKit/OLMInboundGroupSession.m index 68750ec..9e57741 100644 --- a/xcode/OLMKit/OLMInboundGroupSession.m +++ b/xcode/OLMKit/OLMInboundGroupSession.m @@ -227,6 +227,7 @@ } NSMutableData *pickle = [serializedData dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; size_t result = olm_unpickle_inbound_group_session(session, key.bytes, key.length, pickle.mutableBytes, pickle.length); + [pickle resetBytesInRange:NSMakeRange(0, pickle.length)]; if (result == olm_error()) { const char *olm_error = olm_inbound_group_session_last_error(session); NSString *errorString = [NSString stringWithUTF8String:olm_error]; @@ -253,6 +254,7 @@ return nil; } NSString *pickleString = [[NSString alloc] initWithData:pickled encoding:NSUTF8StringEncoding]; + [pickled resetBytesInRange:NSMakeRange(0, pickled.length)]; return pickleString; } diff --git a/xcode/OLMKit/OLMKit.h b/xcode/OLMKit/OLMKit.h index 455d11b..6f79399 100644 --- a/xcode/OLMKit/OLMKit.h +++ b/xcode/OLMKit/OLMKit.h @@ -26,6 +26,8 @@ #import <OLMKit/OLMUtility.h> #import <OLMKit/OLMInboundGroupSession.h> #import <OLMKit/OLMOutboundGroupSession.h> +#import <OLMKit/OLMPkEncryption.h> +#import <OLMKit/OLMPkDecryption.h> @interface OLMKit : NSObject diff --git a/xcode/OLMKit/OLMOutboundGroupSession.m b/xcode/OLMKit/OLMOutboundGroupSession.m index a3421fd..a0a7cc6 100644 --- a/xcode/OLMKit/OLMOutboundGroupSession.m +++ b/xcode/OLMKit/OLMOutboundGroupSession.m @@ -148,6 +148,7 @@ } NSMutableData *pickle = [serializedData dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; size_t result = olm_unpickle_outbound_group_session(session, key.bytes, key.length, pickle.mutableBytes, pickle.length); + [pickle resetBytesInRange:NSMakeRange(0, pickle.length)]; if (result == olm_error()) { const char *olm_error = olm_outbound_group_session_last_error(session); NSString *errorString = [NSString stringWithUTF8String:olm_error]; @@ -174,6 +175,7 @@ return nil; } NSString *pickleString = [[NSString alloc] initWithData:pickled encoding:NSUTF8StringEncoding]; + [pickled resetBytesInRange:NSMakeRange(0, pickled.length)]; return pickleString; } diff --git a/xcode/OLMKit/OLMPKEncryption.h b/xcode/OLMKit/OLMPKEncryption.h new file mode 100644 index 0000000..a55d5bc --- /dev/null +++ b/xcode/OLMKit/OLMPKEncryption.h @@ -0,0 +1,42 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0OLMPKEncryption + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import <Foundation/Foundation.h> + +#import "OLMPkMessage.h" + +NS_ASSUME_NONNULL_BEGIN + +@interface OLMPkEncryption : NSObject + +/** + Set the recipient's public key for encrypting to. + + @param recipientKey the recipient's public key. + */ +- (void)setRecipientKey:(NSString*)recipientKey; + +/** + Encrypt a plaintext for the recipient. + + @param message the message to encrypt. + @param error the error if any. + @return the encrypted message. + */ +- (OLMPkMessage *)encryptMessage:(NSString*)message error:(NSError* _Nullable *)error; + +@end + +NS_ASSUME_NONNULL_END diff --git a/xcode/OLMKit/OLMPKEncryption.m b/xcode/OLMKit/OLMPKEncryption.m new file mode 100644 index 0000000..c2e3d04 --- /dev/null +++ b/xcode/OLMKit/OLMPKEncryption.m @@ -0,0 +1,111 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "OLMPkEncryption.h" + +#include "olm/olm.h" +#include "olm/pk.h" +#include "OLMUtility.h" + +@interface OLMPkEncryption () +{ + OlmPkEncryption *session; +} +@end + +@implementation OLMPkEncryption + +- (void)dealloc { + olm_clear_pk_encryption(session); + free(session); +} + + +- (instancetype)init { + self = [super init]; + if (self) { + session = (OlmPkEncryption *)malloc(olm_pk_encryption_size()); + olm_pk_encryption(session); + } + return self; +} + +- (void)setRecipientKey:(NSString*)recipientKey { + NSData *recipientKeyData = [recipientKey dataUsingEncoding:NSUTF8StringEncoding]; + olm_pk_encryption_set_recipient_key(session, recipientKeyData.bytes, recipientKeyData.length); +} + +- (OLMPkMessage *)encryptMessage:(NSString *)message error:(NSError *__autoreleasing _Nullable *)error { + NSData *plaintextData = [message dataUsingEncoding:NSUTF8StringEncoding]; + + size_t randomLength = olm_pk_encrypt_random_length(session); + NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength]; + if (!random) { + return nil; + } + + size_t ciphertextLength = olm_pk_ciphertext_length(session, plaintextData.length); + NSMutableData *ciphertext = [NSMutableData dataWithLength:ciphertextLength]; + if (!ciphertext) { + return nil; + } + + size_t macLength = olm_pk_mac_length(session); + NSMutableData *macData = [NSMutableData dataWithLength:macLength]; + if (!ciphertext) { + return nil; + } + + size_t ephemeralKeyLength = olm_pk_key_length(); + NSMutableData *ephemeralKeyData = [NSMutableData dataWithLength:ephemeralKeyLength]; + if (!ciphertext) { + return nil; + } + + size_t result = olm_pk_encrypt(session, + plaintextData.bytes, plaintextData.length, + ciphertext.mutableBytes, ciphertext.length, + macData.mutableBytes, macLength, + ephemeralKeyData.mutableBytes, ephemeralKeyLength, + random.mutableBytes, randomLength); + if (result == olm_error()) { + const char *olm_error = olm_pk_encryption_last_error(session); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + NSLog(@"[OLMPkEncryption] encryptMessage: olm_group_encrypt error: %@", errorString); + + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_group_encrypt error: %@", errorString] + }]; + } + + return nil; + } + + OLMPkMessage *encryptedMessage = [[OLMPkMessage alloc] + initWithCiphertext:[[NSString alloc] initWithData:ciphertext encoding:NSUTF8StringEncoding] + mac:[[NSString alloc] initWithData:macData encoding:NSUTF8StringEncoding] + ephemeralKey:[[NSString alloc] initWithData:ephemeralKeyData encoding:NSUTF8StringEncoding]]; + + + return encryptedMessage; +} + +@end diff --git a/xcode/OLMKit/OLMPkDecryption.h b/xcode/OLMKit/OLMPkDecryption.h new file mode 100644 index 0000000..8715a99 --- /dev/null +++ b/xcode/OLMKit/OLMPkDecryption.h @@ -0,0 +1,64 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import <Foundation/Foundation.h> + +#import "OLMSerializable.h" +#import "OLMPkMessage.h" + +NS_ASSUME_NONNULL_BEGIN + +@interface OLMPkDecryption : NSObject <OLMSerializable, NSSecureCoding> + +/** + Initialise the key from the private part of a key as returned by `privateKey`. + + Note that the pubkey is a base64 encoded string, but the private key is + an unencoded byte array. + + @param privateKey the private key part. + @param error the error if any. + @return the associated public key. + */ +- (NSString *)setPrivateKey:(NSData*)privateKey error:(NSError* _Nullable *)error; + +/** + Generate a new key to use for decrypting messages. + + @param error the error if any. + @return the public part of the generated key. + */ +- (NSString *)generateKey:(NSError* _Nullable *)error; + +/** + Get the private key. + + @return the private key; + */ +- (NSData *)privateKey; + +/** + Decrypt a ciphertext. + + @param message the cipher message to decrypt. + @param error the error if any. + @return the decrypted message. + */ +- (NSString *)decryptMessage:(OLMPkMessage*)message error:(NSError* _Nullable *)error; + +@end + +NS_ASSUME_NONNULL_END diff --git a/xcode/OLMKit/OLMPkDecryption.m b/xcode/OLMKit/OLMPkDecryption.m new file mode 100644 index 0000000..75fe5f2 --- /dev/null +++ b/xcode/OLMKit/OLMPkDecryption.m @@ -0,0 +1,295 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "OLMPkDecryption.h" + +#include "olm/olm.h" +#include "olm/pk.h" +#include "OLMUtility.h" + +@interface OLMPkDecryption () +{ + OlmPkDecryption *session; +} +@end + +@implementation OLMPkDecryption + +- (void)dealloc { + olm_clear_pk_decryption(session); + free(session); +} + +- (instancetype)init { + self = [super init]; + if (self) { + session = (OlmPkDecryption *)malloc(olm_pk_decryption_size()); + olm_pk_decryption(session); + } + return self; +} + +- (NSString *)setPrivateKey:(NSData *)privateKey error:(NSError *__autoreleasing _Nullable *)error { + size_t publicKeyLength = olm_pk_key_length(); + NSMutableData *publicKeyData = [NSMutableData dataWithLength:publicKeyLength]; + if (!publicKeyData) { + return nil; + } + + size_t result = olm_pk_key_from_private(session, + publicKeyData.mutableBytes, publicKeyLength, + (void*)privateKey.bytes, privateKey.length); + if (result == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + NSLog(@"[OLMPkDecryption] setPrivateKey: olm_pk_key_from_private error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_pk_key_from_private error: %@", errorString] + }]; + } + return nil; + } + + NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding]; + return publicKey; +} + +- (NSString *)generateKey:(NSError *__autoreleasing _Nullable *)error { + size_t randomLength = olm_pk_private_key_length(); + NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength]; + if (!random) { + return nil; + } + + size_t publicKeyLength = olm_pk_key_length(); + NSMutableData *publicKeyData = [NSMutableData dataWithLength:publicKeyLength]; + if (!publicKeyData) { + return nil; + } + + size_t result = olm_pk_key_from_private(session, + publicKeyData.mutableBytes, publicKeyData.length, + random.mutableBytes, randomLength); + [random resetBytesInRange:NSMakeRange(0, randomLength)]; + if (result == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + NSLog(@"[OLMPkDecryption] generateKey: olm_pk_key_from_private error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_pk_key_from_private error: %@", errorString] + }]; + } + return nil; + } + + NSString *publicKey = [[NSString alloc] initWithData:publicKeyData encoding:NSUTF8StringEncoding]; + return publicKey; +} + +- (NSData *)privateKey { + size_t privateKeyLength = olm_pk_private_key_length(); + NSMutableData *privateKeyData = [NSMutableData dataWithLength:privateKeyLength]; + if (!privateKeyData) { + return nil; + } + + size_t result = olm_pk_get_private_key(session, + privateKeyData.mutableBytes, privateKeyLength); + if (result == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + NSLog(@"[OLMPkDecryption] privateKey: olm_pk_get_private_key error: %s", olm_error); + return nil; + } + + NSData *privateKey = [privateKeyData copy]; + [privateKeyData resetBytesInRange:NSMakeRange(0, privateKeyData.length)]; + + return privateKey; +} + +-(NSString *)decryptMessage:(OLMPkMessage *)message error:(NSError *__autoreleasing _Nullable *)error { + NSData *messageData = [message.ciphertext dataUsingEncoding:NSUTF8StringEncoding]; + NSData *macData = [message.mac dataUsingEncoding:NSUTF8StringEncoding]; + NSData *ephemeralKeyData = [message.ephemeralKey dataUsingEncoding:NSUTF8StringEncoding]; + if (!messageData || !macData || !ephemeralKeyData) { + return nil; + } + + NSMutableData *mutMessage = messageData.mutableCopy; + size_t maxPlaintextLength = olm_pk_max_plaintext_length(session, mutMessage.length); + if (maxPlaintextLength == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + NSLog(@"[OLMPkDecryption] decryptMessage: olm_pk_max_plaintext_length error: %@", errorString); + + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_pk_max_plaintext_length error: %@", errorString] + }]; + } + + return nil; + } + + mutMessage = messageData.mutableCopy; + NSMutableData *plaintextData = [NSMutableData dataWithLength:maxPlaintextLength]; + size_t plaintextLength = olm_pk_decrypt(session, + ephemeralKeyData.bytes, ephemeralKeyData.length, + macData.bytes, macData.length, + mutMessage.mutableBytes, mutMessage.length, + plaintextData.mutableBytes, plaintextData.length); + if (plaintextLength == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + NSLog(@"[OLMPkDecryption] decryptMessage: olm_pk_decrypt error: %@", errorString); + + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_decrypt error: %@", errorString] + }]; + } + + return nil; + } + + plaintextData.length = plaintextLength; + NSString *plaintext = [[NSString alloc] initWithData:plaintextData encoding:NSUTF8StringEncoding]; + [plaintextData resetBytesInRange:NSMakeRange(0, plaintextData.length)]; + return plaintext; +} + +#pragma mark OLMSerializable + +/** Initializes from encrypted serialized data. Will throw error if invalid key or invalid base64. */ +- (instancetype) initWithSerializedData:(NSString *)serializedData key:(NSData *)key error:(NSError *__autoreleasing *)error { + self = [self init]; + if (!self) { + return nil; + } + + NSParameterAssert(key.length > 0); + NSParameterAssert(serializedData.length > 0); + if (key.length == 0 || serializedData.length == 0) { + if (error) { + *error = [NSError errorWithDomain:OLMErrorDomain code:0 userInfo:@{NSLocalizedDescriptionKey: @"Bad length."}]; + } + return nil; + } + + size_t ephemeralLength = olm_pk_key_length(); + NSMutableData *ephemeralBuffer = [NSMutableData dataWithLength:ephemeralLength]; + + NSMutableData *pickle = [serializedData dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; + size_t result = olm_unpickle_pk_decryption(session, + key.bytes, key.length, + pickle.mutableBytes, pickle.length, + ephemeralBuffer.mutableBytes, ephemeralLength); + [pickle resetBytesInRange:NSMakeRange(0, pickle.length)]; + if (result == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain code:0 userInfo:@{NSLocalizedDescriptionKey: errorString}]; + } + return nil; + } + return self; +} + +/** Serializes and encrypts object data, outputs base64 blob */ +- (NSString*) serializeDataWithKey:(NSData*)key error:(NSError**)error { + NSParameterAssert(key.length > 0); + size_t length = olm_pickle_pk_decryption_length(session); + NSMutableData *pickled = [NSMutableData dataWithLength:length]; + + size_t result = olm_pickle_pk_decryption(session, + key.bytes, key.length, + pickled.mutableBytes, pickled.length); + if (result == olm_error()) { + const char *olm_error = olm_pk_decryption_last_error(session); + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain code:0 userInfo:@{NSLocalizedDescriptionKey: errorString}]; + } + return nil; + } + + NSString *pickleString = [[NSString alloc] initWithData:pickled encoding:NSUTF8StringEncoding]; + [pickled resetBytesInRange:NSMakeRange(0, pickled.length)]; + + return pickleString; +} + +#pragma mark NSSecureCoding + ++ (BOOL) supportsSecureCoding { + return YES; +} + +#pragma mark NSCoding + +- (id)initWithCoder:(NSCoder *)decoder { + NSString *version = [decoder decodeObjectOfClass:[NSString class] forKey:@"version"]; + + NSError *error = nil; + + if ([version isEqualToString:@"1"]) { + NSString *pickle = [decoder decodeObjectOfClass:[NSString class] forKey:@"pickle"]; + NSData *key = [decoder decodeObjectOfClass:[NSData class] forKey:@"key"]; + + self = [self initWithSerializedData:pickle key:key error:&error]; + } + + NSParameterAssert(error == nil); + NSParameterAssert(self != nil); + if (!self) { + return nil; + } + + return self; +} + +- (void)encodeWithCoder:(NSCoder *)encoder { + NSData *key = [OLMUtility randomBytesOfLength:32]; + NSError *error = nil; + + NSString *pickle = [self serializeDataWithKey:key error:&error]; + NSParameterAssert(pickle.length > 0 && error == nil); + + [encoder encodeObject:pickle forKey:@"pickle"]; + [encoder encodeObject:key forKey:@"key"]; + [encoder encodeObject:@"1" forKey:@"version"]; +} + +@end diff --git a/xcode/OLMKit/OLMPkMessage.h b/xcode/OLMKit/OLMPkMessage.h new file mode 100644 index 0000000..1559fca --- /dev/null +++ b/xcode/OLMKit/OLMPkMessage.h @@ -0,0 +1,31 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import <Foundation/Foundation.h> + +NS_ASSUME_NONNULL_BEGIN + +@interface OLMPkMessage : NSObject + +@property (nonatomic, copy, readonly) NSString *ciphertext; +@property (nonatomic, copy, readonly,) NSString *mac; +@property (nonatomic, copy, readonly) NSString *ephemeralKey; + +- (instancetype) initWithCiphertext:(NSString*)ciphertext mac:(NSString*)mac ephemeralKey:(NSString*)ephemeralKey; + +@end + +NS_ASSUME_NONNULL_END diff --git a/xcode/OLMKit/OLMPkMessage.m b/xcode/OLMKit/OLMPkMessage.m new file mode 100644 index 0000000..0f24512 --- /dev/null +++ b/xcode/OLMKit/OLMPkMessage.m @@ -0,0 +1,32 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import "OLMPkMessage.h" + +@implementation OLMPkMessage + +- (instancetype)initWithCiphertext:(NSString *)ciphertext mac:(NSString *)mac ephemeralKey:(NSString *)ephemeralKey { + self = [super init]; + if (!self) { + return nil; + } + _ciphertext = [ciphertext copy]; + _mac = [mac copy]; + _ephemeralKey = [ephemeralKey copy]; + return self; +} + +@end diff --git a/xcode/OLMKit/OLMSession.m b/xcode/OLMKit/OLMSession.m index 8c29113..fc58a08 100644 --- a/xcode/OLMKit/OLMSession.m +++ b/xcode/OLMKit/OLMSession.m @@ -309,6 +309,7 @@ } NSMutableData *pickle = [serializedData dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; size_t result = olm_unpickle_session(_session, key.bytes, key.length, pickle.mutableBytes, pickle.length); + [pickle resetBytesInRange:NSMakeRange(0, pickle.length)]; if (result == olm_error()) { const char *olm_error = olm_session_last_error(_session); NSString *errorString = [NSString stringWithUTF8String:olm_error]; @@ -335,6 +336,7 @@ return nil; } NSString *pickleString = [[NSString alloc] initWithData:pickled encoding:NSUTF8StringEncoding]; + [pickled resetBytesInRange:NSMakeRange(0, pickled.length)]; return pickleString; } diff --git a/xcode/OLMKitTests/OLMKitPkTests.m b/xcode/OLMKitTests/OLMKitPkTests.m new file mode 100644 index 0000000..04d2e30 --- /dev/null +++ b/xcode/OLMKitTests/OLMKitPkTests.m @@ -0,0 +1,107 @@ +/* + Copyright 2018 New Vector Ltd + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +#import <XCTest/XCTest.h> +#import <OLMKit/OLMKit.h> + +/** + Tests are inspired from js tests. + */ +@interface OLMKitPkTests : XCTestCase { + OLMPkEncryption *encryption; + OLMPkDecryption *decryption; +} + +@end + +@implementation OLMKitPkTests + +- (void)setUp { + encryption = [OLMPkEncryption new]; + decryption = [OLMPkDecryption new]; +} + +- (void)tearDown { + encryption = nil; + decryption = nil; +} + +- (void)testImportExportKeys { + UInt8 alicePrivateBytes[] = { + 0x77, 0x07, 0x6D, 0x0A, 0x73, 0x18, 0xA5, 0x7D, + 0x3C, 0x16, 0xC1, 0x72, 0x51, 0xB2, 0x66, 0x45, + 0xDF, 0x4C, 0x2F, 0x87, 0xEB, 0xC0, 0x99, 0x2A, + 0xB1, 0x77, 0xFB, 0xA5, 0x1D, 0xB9, 0x2C, 0x2A + }; + + NSData *alicePrivate = [NSData dataWithBytes:alicePrivateBytes length:sizeof(alicePrivateBytes)]; + + NSError *error; + NSString *alicePublic = [decryption setPrivateKey:alicePrivate error:&error]; + XCTAssertNil(error); + XCTAssertEqualObjects(alicePublic, @"hSDwCYkwp1R0i33ctD73Wg2/Og0mOBr066SpjqqbTmo"); + + NSData *alicePrivateOut = decryption.privateKey; + XCTAssertNil(error); + XCTAssertEqualObjects(alicePrivateOut, alicePrivate); +} + +- (void)testEncryptAndDecrypt { + + NSString *pubKey = [decryption generateKey:nil]; + NSLog(@"Ephemeral Key: %@", pubKey); + XCTAssertNotNil(pubKey); + + NSString *TEST_TEXT = @"têst1"; + NSError *error; + [encryption setRecipientKey:pubKey]; + OLMPkMessage *message = [encryption encryptMessage:TEST_TEXT error:&error]; + NSLog(@"message: %@ %@ %@", message.ciphertext, message.mac, message.ephemeralKey); + XCTAssertNil(error); + XCTAssertNotNil(message); + XCTAssertNotNil(message.ciphertext); + XCTAssertNotNil(message.mac); + XCTAssertNotNil(message.ephemeralKey); + + NSString *decrypted = [decryption decryptMessage:message error:&error]; + XCTAssertNil(error); + XCTAssertEqualObjects(decrypted, TEST_TEXT); + + TEST_TEXT = @"hot beverage: ☕"; + [encryption setRecipientKey:pubKey]; + message = [encryption encryptMessage:TEST_TEXT error:&error]; + decrypted = [decryption decryptMessage:message error:&error]; + XCTAssertEqualObjects(decrypted, TEST_TEXT); +} + +- (void)testOLMPkDecryptionSerialization { + NSString *TEST_TEXT = @"têst1"; + NSString *pubKey = [decryption generateKey:nil]; + [encryption setRecipientKey:pubKey]; + OLMPkMessage *encrypted = [encryption encryptMessage:TEST_TEXT error:nil]; + + + NSData *pickle = [NSKeyedArchiver archivedDataWithRootObject:decryption]; + decryption = nil; + + OLMPkDecryption *newDecryption = [NSKeyedUnarchiver unarchiveObjectWithData:pickle]; + + NSError *error; + NSString *decrypted = [newDecryption decryptMessage:encrypted error:&error]; + XCTAssertEqualObjects(decrypted, TEST_TEXT); +} + +@end |