From 5fbeb3e29b6440a799d9320e871a1d4d509130b8 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 6 Jan 2017 12:55:05 +0000 Subject: Enable exporting inbound group session keys A pair of functions which allow you to export the megolm keys for an inbound group session, so that an application can save/restore them. --- include/olm/inbound_group_session.h | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'include/olm/inbound_group_session.h') diff --git a/include/olm/inbound_group_session.h b/include/olm/inbound_group_session.h index f8a0bc3..d47af8a 100644 --- a/include/olm/inbound_group_session.h +++ b/include/olm/inbound_group_session.h @@ -165,6 +165,37 @@ size_t olm_inbound_group_session_id( uint8_t * id, size_t id_length ); +/** + * Get the first message index we know how to decrypt. + */ +uint32_t olm_inbound_group_session_first_known_index( + const OlmInboundGroupSession *session +); + +/** + * Get the number of bytes returned by olm_export_inbound_group_session() + */ +size_t olm_export_inbound_group_session_length( + const OlmInboundGroupSession *session +); + +/** + * Export the base64-encoded ratchet key for this session, at the given index, + * in a format which can be used by olm_import_inbound_group_session + * + * Returns the length of the ratchet key on success or olm_error() on + * failure. On failure last_error will be set with an error code. The + * last_error will be: + * * OUTPUT_BUFFER_TOO_SMALL if the buffer was too small + * * OLM_UNKNOWN_MESSAGE_INDEX if we do not have a session key corresponding to the + * given index (ie, it was sent before the session key was shared with + * us) + */ +size_t olm_export_inbound_group_session( + OlmInboundGroupSession *session, + uint8_t * key, size_t key_length, uint32_t message_index +); + #ifdef __cplusplus } // extern "C" -- cgit v1.2.3 From a2f0c93a93f6914291954b08a7518b4f17561c11 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 6 Jan 2017 17:40:39 +0000 Subject: Implement importing group session data olm_import_inbound_group_session, which reads the format written by olm_export_inbound_group_session to initialise a group session. --- include/olm/inbound_group_session.h | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'include/olm/inbound_group_session.h') diff --git a/include/olm/inbound_group_session.h b/include/olm/inbound_group_session.h index d47af8a..739a89b 100644 --- a/include/olm/inbound_group_session.h +++ b/include/olm/inbound_group_session.h @@ -85,7 +85,8 @@ size_t olm_unpickle_inbound_group_session( /** - * Start a new inbound group session, based on the parameters supplied. + * Start a new inbound group session, from a key exported from + * olm_outbound_group_session_key * * Returns olm_error() on failure. On failure last_error will be set with an * error code. The last_error will be: @@ -99,6 +100,23 @@ size_t olm_init_inbound_group_session( uint8_t const * session_key, size_t session_key_length ); +/** + * Import an inbound group session, from a previous export. + * + * Returns olm_error() on failure. On failure last_error will be set with an + * error code. The last_error will be: + * + * * OLM_INVALID_BASE64 if the session_key is not valid base64 + * * OLM_BAD_SESSION_KEY if the session_key is invalid + */ +size_t olm_import_inbound_group_session( + OlmInboundGroupSession *session, + /* base64-encoded keys; note that it will be overwritten with the base64-decoded + data. */ + uint8_t const * session_key, size_t session_key_length +); + + /** * Get an upper bound on the number of bytes of plain-text the decrypt method * will write for a given input message length. The actual size could be -- cgit v1.2.3 From c04b770cd3c96aa3a55ff3b6d817ba5b6f6f6922 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 10 Jan 2017 14:11:42 +0000 Subject: Add some tests for inbound session import/export --- include/olm/inbound_group_session.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'include/olm/inbound_group_session.h') diff --git a/include/olm/inbound_group_session.h b/include/olm/inbound_group_session.h index 739a89b..ef01038 100644 --- a/include/olm/inbound_group_session.h +++ b/include/olm/inbound_group_session.h @@ -190,6 +190,19 @@ uint32_t olm_inbound_group_session_first_known_index( const OlmInboundGroupSession *session ); + +/** + * Check if the session has been verified as a valid session. + * + * (A session is verified either because the original session share was signed, + * or because we have subsequently successfully decrypted a message.) + * + * This is mainly intended for the unit tests, currently. + */ +int olm_inbound_group_session_is_verified( + const OlmInboundGroupSession *session +); + /** * Get the number of bytes returned by olm_export_inbound_group_session() */ -- cgit v1.2.3