From f0acf6582f88ca66b3fabf7d622278da51a94c10 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 2 Sep 2016 15:13:24 +0100 Subject: Convert Ed25519 and Curve25519 functions to plain C --- include/olm/account.hh | 10 +++---- include/olm/crypto.h | 79 ++++++++++++++++++++++++++++++++++++++++++++++++-- include/olm/crypto.hh | 61 -------------------------------------- include/olm/pickle.hh | 24 +++++++-------- include/olm/ratchet.hh | 10 +++---- include/olm/session.hh | 14 ++++----- include/olm/utility.hh | 6 ++-- 7 files changed, 108 insertions(+), 96 deletions(-) (limited to 'include') diff --git a/include/olm/account.hh b/include/olm/account.hh index 6ea0d19..4b7b190 100644 --- a/include/olm/account.hh +++ b/include/olm/account.hh @@ -25,14 +25,14 @@ namespace olm { struct IdentityKeys { - Ed25519KeyPair ed25519_key; - Curve25519KeyPair curve25519_key; + _olm_ed25519_key_pair ed25519_key; + _olm_curve25519_key_pair curve25519_key; }; struct OneTimeKey { std::uint32_t id; bool published; - Curve25519KeyPair key; + _olm_curve25519_key_pair key; }; @@ -128,12 +128,12 @@ struct Account { /** Lookup a one time key with the given public key */ OneTimeKey const * lookup_key( - Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ); /** Remove a one time key with the given public key */ std::size_t remove_key( - Curve25519PublicKey const & public_key + _olm_curve25519_public_key const & public_key ); }; diff --git a/include/olm/crypto.h b/include/olm/crypto.h index 325080e..9fc3842 100644 --- a/include/olm/crypto.h +++ b/include/olm/crypto.h @@ -57,9 +57,35 @@ extern "C" { /** length of an aes256 initialisation vector */ #define AES256_IV_LENGTH 16 +struct _olm_curve25519_public_key { + uint8_t public_key[CURVE25519_KEY_LENGTH]; +}; -/** Computes SHA-256 of the input. The output buffer must be a least 32 - * bytes long. */ +struct _olm_curve25519_private_key { + uint8_t private_key[CURVE25519_KEY_LENGTH]; +}; + +struct _olm_curve25519_key_pair { + struct _olm_curve25519_public_key public_key; + struct _olm_curve25519_private_key private_key; +}; + +struct _olm_ed25519_public_key { + uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]; +}; + +struct _olm_ed25519_private_key { + uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]; +}; + +struct _olm_ed25519_key_pair { + struct _olm_ed25519_public_key public_key; + struct _olm_ed25519_private_key private_key; +}; + + +/** Computes SHA-256 of the input. The output buffer must be a least + * SHA256_OUTPUT_LENGTH (32) bytes long. */ void _olm_crypto_sha256( uint8_t const * input, size_t input_length, uint8_t * output @@ -68,7 +94,7 @@ void _olm_crypto_sha256( /** HMAC: Keyed-Hashing for Message Authentication * http://tools.ietf.org/html/rfc2104 * Computes HMAC-SHA-256 of the input for the key. The output buffer must - * be at least 32 bytes long. */ + * be at least SHA256_OUTPUT_LENGTH (32) bytes long. */ void _olm_crypto_hmac_sha256( uint8_t const * key, size_t key_length, uint8_t const * input, size_t input_length, @@ -87,6 +113,53 @@ void _olm_crypto_hkdf_sha256( ); +/** Generate a curve25519 key pair + * random_32_bytes should be CURVE25519_RANDOM_LENGTH (32) bytes long. + */ +void _olm_crypto_curve25519_generate_key( + uint8_t const * random_32_bytes, + struct _olm_curve25519_key_pair *output +); + + +/** Create a shared secret using our private key and their public key. + * The output buffer must be at least CURVE25519_SHARED_SECRET_LENGTH (32) bytes long. + */ +void _olm_crypto_curve25519_shared_secret( + const struct _olm_curve25519_key_pair *our_key, + const struct _olm_curve25519_public_key *their_key, + uint8_t * output +); + +/** Generate an ed25519 key pair + * random_32_bytes should be ED25519_RANDOM_LENGTH (32) bytes long. + */ +void _olm_crypto_ed25519_generate_key( + uint8_t const * random_bytes, + struct _olm_ed25519_key_pair *output +); + +/** Signs the message using our private key. + * + * The output buffer must be at least ED25519_SIGNATURE_LENGTH (64) bytes + * long. */ +void _olm_crypto_ed25519_sign( + const struct _olm_ed25519_key_pair *our_key, + const uint8_t * message, size_t message_length, + uint8_t * output +); + +/** Verify an ed25519 signature + * The signature input buffer must be ED25519_SIGNATURE_LENGTH (64) bytes long. + * Returns non-zero if the signature is valid. */ +int _olm_crypto_ed25519_verify( + const struct _olm_ed25519_public_key *their_key, + const uint8_t * message, size_t message_length, + const uint8_t * signature +); + + + #ifdef __cplusplus } // extern "C" #endif diff --git a/include/olm/crypto.hh b/include/olm/crypto.hh index 13fd7e9..e3098cc 100644 --- a/include/olm/crypto.hh +++ b/include/olm/crypto.hh @@ -25,67 +25,6 @@ namespace olm { -struct Curve25519PublicKey { - std::uint8_t public_key[CURVE25519_KEY_LENGTH]; -}; - - -struct Curve25519KeyPair : public Curve25519PublicKey { - std::uint8_t private_key[CURVE25519_KEY_LENGTH]; -}; - - -struct Ed25519PublicKey { - std::uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]; -}; - - -struct Ed25519KeyPair : public Ed25519PublicKey { - std::uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]; -}; - - -/** Generate a curve25519 key pair from 32 random bytes. */ -void curve25519_generate_key( - std::uint8_t const * random_32_bytes, - Curve25519KeyPair & key_pair -); - - -/** Create a shared secret using our private key and their public key. - * The output buffer must be at least 32 bytes long. */ -void curve25519_shared_secret( - Curve25519KeyPair const & our_key, - Curve25519PublicKey const & their_key, - std::uint8_t * output -); - - -/** Generate a curve25519 key pair from 32 random bytes. */ -void ed25519_generate_key( - std::uint8_t const * random_32_bytes, - Ed25519KeyPair & key_pair -); - - -/** Signs the message using our private key. - * The output buffer must be at least 64 bytes long. */ -void ed25519_sign( - Ed25519KeyPair const & our_key, - std::uint8_t const * message, std::size_t message_length, - std::uint8_t * output -); - - -/** Verify their message using their public key. - * The signature input buffer must be 64 bytes long. - * Returns true if the signature is valid. */ -bool ed25519_verify( - Ed25519PublicKey const & their_key, - std::uint8_t const * message, std::size_t message_length, - std::uint8_t const * signature -); - struct Aes256Key { std::uint8_t key[AES256_KEY_LENGTH]; diff --git a/include/olm/pickle.hh b/include/olm/pickle.hh index 13e6b01..c0b6ebf 100644 --- a/include/olm/pickle.hh +++ b/include/olm/pickle.hh @@ -109,70 +109,70 @@ std::uint8_t const * unpickle_bytes( std::size_t pickle_length( - const Curve25519PublicKey & value + const _olm_curve25519_public_key & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Curve25519PublicKey & value + const _olm_curve25519_public_key & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Curve25519PublicKey & value + _olm_curve25519_public_key & value ); std::size_t pickle_length( - const Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Curve25519KeyPair & value + const _olm_curve25519_key_pair & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Curve25519KeyPair & value + _olm_curve25519_key_pair & value ); std::size_t pickle_length( - const Ed25519PublicKey & value + const _olm_ed25519_public_key & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Ed25519PublicKey & value + const _olm_ed25519_public_key & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Ed25519PublicKey & value + _olm_ed25519_public_key & value ); std::size_t pickle_length( - const Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ); std::uint8_t * pickle( std::uint8_t * pos, - const Ed25519KeyPair & value + const _olm_ed25519_key_pair & value ); std::uint8_t const * unpickle( std::uint8_t const * pos, std::uint8_t const * end, - Ed25519KeyPair & value + _olm_ed25519_key_pair & value ); } // namespace olm diff --git a/include/olm/ratchet.hh b/include/olm/ratchet.hh index e91d634..cdcba6b 100644 --- a/include/olm/ratchet.hh +++ b/include/olm/ratchet.hh @@ -41,19 +41,19 @@ struct MessageKey { struct SenderChain { - Curve25519KeyPair ratchet_key; + _olm_curve25519_key_pair ratchet_key; ChainKey chain_key; }; struct ReceiverChain { - Curve25519PublicKey ratchet_key; + _olm_curve25519_public_key ratchet_key; ChainKey chain_key; }; struct SkippedMessageKey { - Curve25519PublicKey ratchet_key; + _olm_curve25519_public_key ratchet_key; MessageKey message_key; }; @@ -108,14 +108,14 @@ struct Ratchet { * remote's first ratchet key */ void initialise_as_bob( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - Curve25519PublicKey const & their_ratchet_key + _olm_curve25519_public_key const & their_ratchet_key ); /** Initialise the session using a shared secret and the public/private key * pair for the first ratchet key */ void initialise_as_alice( std::uint8_t const * shared_secret, std::size_t shared_secret_length, - Curve25519KeyPair const & our_ratchet_key + _olm_curve25519_key_pair const & our_ratchet_key ); /** The number of bytes of output the encrypt method will write for diff --git a/include/olm/session.hh b/include/olm/session.hh index 5b91cb1..9d44816 100644 --- a/include/olm/session.hh +++ b/include/olm/session.hh @@ -35,9 +35,9 @@ struct Session { bool received_message; - Curve25519PublicKey alice_identity_key; - Curve25519PublicKey alice_base_key; - Curve25519PublicKey bob_one_time_key; + _olm_curve25519_public_key alice_identity_key; + _olm_curve25519_public_key alice_base_key; + _olm_curve25519_public_key bob_one_time_key; /** The number of random bytes that are needed to create a new outbound * session. This will be 64 bytes since two ephemeral keys are needed. */ @@ -48,8 +48,8 @@ struct Session { * NOT_ENOUGH_RANDOM if the number of random bytes was too small. */ std::size_t new_outbound_session( Account const & local_account, - Curve25519PublicKey const & identity_key, - Curve25519PublicKey const & one_time_key, + _olm_curve25519_public_key const & identity_key, + _olm_curve25519_public_key const & one_time_key, std::uint8_t const * random, std::size_t random_length ); @@ -59,7 +59,7 @@ struct Session { * the message headers could not be decoded. */ std::size_t new_inbound_session( Account & local_account, - Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * pre_key_message, std::size_t message_length ); @@ -82,7 +82,7 @@ struct Session { * session does not match or the pre-key message could not be decoded. */ bool matches_inbound_session( - Curve25519PublicKey const * their_identity_key, + _olm_curve25519_public_key const * their_identity_key, std::uint8_t const * pre_key_message, std::size_t message_length ); diff --git a/include/olm/utility.hh b/include/olm/utility.hh index 1339fe5..d650abc 100644 --- a/include/olm/utility.hh +++ b/include/olm/utility.hh @@ -21,9 +21,9 @@ #include #include -namespace olm { +struct _olm_ed25519_public_key; -struct Ed25519PublicKey; +namespace olm { struct Utility { @@ -48,7 +48,7 @@ struct Utility { * last_error will be set with an error code. If the signature was too short * or was not a valid signature then last_error will be BAD_MESSAGE_MAC. */ std::size_t ed25519_verify( - Ed25519PublicKey const & key, + _olm_ed25519_public_key const & key, std::uint8_t const * message, std::size_t message_length, std::uint8_t const * signature, std::size_t signature_length ); -- cgit v1.2.3