From c9369a4383714c8656fc0ee72965e46476a56691 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 26 Mar 2019 14:30:19 +0100 Subject: E2E: SAS Verification (olm) Fix / missing free() on some errors Added doc regarding string encoding for keys cleaning --- .../src/main/java/org/matrix/olm/OlmException.java | 5 + .../src/main/java/org/matrix/olm/OlmSAS.java | 140 +++++++++++++++++++++ 2 files changed, 145 insertions(+) create mode 100644 android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java (limited to 'android/olm-sdk/src/main/java/org/matrix/olm') diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java index 532f318..5b4a85a 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java @@ -76,6 +76,11 @@ public class OlmException extends IOException { public static final int EXCEPTION_CODE_PK_SIGNING_INIT_WITH_SEED = 802; public static final int EXCEPTION_CODE_PK_SIGNING_SIGN = 803; + public static final int EXCEPTION_CODE_SAS_CREATION = 900; + public static final int EXCEPTION_CODE_SAS_ERROR = 901; + public static final int EXCEPTION_CODE_SAS_MISSING_THEIR_PKEY = 902; + public static final int EXCEPTION_CODE_SAS_GENERATE_SHORT_CODE = 903; + // exception human readable messages public static final String EXCEPTION_MSG_INVALID_PARAMS_DESERIALIZATION = "invalid de-serialized parameters"; diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java new file mode 100644 index 0000000..2869aa4 --- /dev/null +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java @@ -0,0 +1,140 @@ +/* + * Copyright 2019 New Vector Ltd + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.matrix.olm; + +import android.util.Log; + +import java.io.UnsupportedEncodingException; + +public class OlmSAS { + + private static final String LOG_TAG = OlmSAS.class.getName(); + /** + * Session Id returned by JNI. + * This value uniquely identifies the native SAS instance. + **/ + private transient long mNativeId; + + private String theirPublicKey = null; + + public OlmSAS() throws OlmException { + try { + mNativeId = createNewSASJni(); + } catch (Exception e) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_CREATION, e.getMessage()); + } + } + + /** + * Gets the Public Key encoded in Base64 with no padding + */ + public String getPublicKey() throws OlmException { + try { + byte[] buffer = getPubKeyJni(); + + if (null != buffer) { + return new String(buffer, "UTF-8"); + } + } catch (Exception e) { + Log.e(LOG_TAG, "## sessionIdentifier(): " + e.getMessage()); + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); + } + + return null; + } + + /** + * Sets the public key of other user. + * + * @param otherPkey other user public key (base64 encoded with no padding) + * @throws OlmException + */ + public void setTheirPublicKey(String otherPkey) throws OlmException { + try { + setTheirPubKey(otherPkey.getBytes("UTF-8")); + } catch (UnsupportedEncodingException e) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); + } + this.theirPublicKey = otherPkey; + } + + + /** + * Generate bytes to use for the short authentication string. + * + * @param info info extra information to mix in when generating the bytes, as + * per the Matrix spec. + * @param byteNumber The size of the short code to generate + * @return The generated shortcode + * @throws OlmException + */ + public byte[] generateShortCode(String info, int byteNumber) throws OlmException { + if (theirPublicKey == null || theirPublicKey.isEmpty()) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_MISSING_THEIR_PKEY, "call setTheirPublicKey first"); + } + try { + byte[] shortBuffer = generateShortCodeJni(info.getBytes("UTF-8"), byteNumber); + return shortBuffer; + } catch (Exception e) { + Log.e(LOG_TAG, "## sessionIdentifier(): " + e.getMessage()); + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_GENERATE_SHORT_CODE, e.getMessage()); + } + } + + + public byte[] calculateMac(String message, String info) throws OlmException { + try { + return calculateMacJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + } catch (UnsupportedEncodingException e) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); + } + } + + /** + * Create an OLM session in native side.
+ * Do not forget to call {@link #releaseSASJni()} when JAVA side is done. + * + * @return native account instance identifier or throw an exception. + */ + private native long createNewSASJni(); + + /** + * Destroy the corresponding OLM session native object.
+ * This method must ALWAYS be called when this JAVA instance + * is destroyed (ie. garbage collected) to prevent memory leak in native side. + * See {@link #createNewSASJni()}. + */ + private native void releaseSASJni(); + + private native byte[] getPubKeyJni(); + + private native void setTheirPubKey(byte[] pubKey); + + private native byte[] generateShortCodeJni(byte[] info, int byteNumber); + + private native byte[] calculateMacJni(byte[] message, byte[] info); + + /** + * Release native session and invalid its JAVA reference counter part.
+ * Public API for {@link #releaseSASJni()}. + */ + public void releaseSas() { + if (0 != mNativeId) { + releaseSASJni(); + } + mNativeId = 0; + } +} -- cgit v1.2.3 From 16a28f297c8d8f782131575c02854904b424eb82 Mon Sep 17 00:00:00 2001 From: Valere Date: Thu, 4 Apr 2019 09:00:08 +0200 Subject: Added macLongKdf support --- android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'android/olm-sdk/src/main/java/org/matrix/olm') diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java index 2869aa4..70cfb8c 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java @@ -103,6 +103,14 @@ public class OlmSAS { } } + public byte[] calculateMacLongKdf(String message, String info) throws OlmException { + try { + return calculateMacLongKdfJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + } catch (UnsupportedEncodingException e) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); + } + } + /** * Create an OLM session in native side.
* Do not forget to call {@link #releaseSASJni()} when JAVA side is done. @@ -127,6 +135,8 @@ public class OlmSAS { private native byte[] calculateMacJni(byte[] message, byte[] info); + private native byte[] calculateMacLongKdfJni(byte[] message, byte[] info); + /** * Release native session and invalid its JAVA reference counter part.
* Public API for {@link #releaseSASJni()}. -- cgit v1.2.3 From eb7347bb524b830c1458d64411cd56fc58ad5b91 Mon Sep 17 00:00:00 2001 From: Valere Date: Wed, 10 Apr 2019 11:26:58 +0200 Subject: Return string instead of byte array for b64 encoded data --- android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'android/olm-sdk/src/main/java/org/matrix/olm') diff --git a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java index 70cfb8c..4bd1579 100644 --- a/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java +++ b/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java @@ -86,8 +86,7 @@ public class OlmSAS { throw new OlmException(OlmException.EXCEPTION_CODE_SAS_MISSING_THEIR_PKEY, "call setTheirPublicKey first"); } try { - byte[] shortBuffer = generateShortCodeJni(info.getBytes("UTF-8"), byteNumber); - return shortBuffer; + return generateShortCodeJni(info.getBytes("UTF-8"), byteNumber); } catch (Exception e) { Log.e(LOG_TAG, "## sessionIdentifier(): " + e.getMessage()); throw new OlmException(OlmException.EXCEPTION_CODE_SAS_GENERATE_SHORT_CODE, e.getMessage()); @@ -95,20 +94,24 @@ public class OlmSAS { } - public byte[] calculateMac(String message, String info) throws OlmException { + public String calculateMac(String message, String info) throws OlmException { try { - return calculateMacJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + byte[] bytes = calculateMacJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + if (bytes != null) return new String(bytes, "UTF-8"); } catch (UnsupportedEncodingException e) { throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); } + return null; } - public byte[] calculateMacLongKdf(String message, String info) throws OlmException { + public String calculateMacLongKdf(String message, String info) throws OlmException { try { - return calculateMacLongKdfJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + byte[] bytes = calculateMacLongKdfJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + if (bytes != null) return new String(bytes, "UTF-8"); } catch (UnsupportedEncodingException e) { throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); } + return null; } /** -- cgit v1.2.3