From 26d9934fc84f3da742e4c38f37ee50a9ddb5237b Mon Sep 17 00:00:00 2001
From: pedroGitt <pedro.contreiras@amdocs.com>
Date: Tue, 18 Oct 2016 19:02:18 +0200
Subject: Fix verifyEd25519Signature() API to properly return the error message
 in case signature verification failed - update unit tests

---
 .../java/org/matrix/olm/OlmUtilityTest.java        | 14 ++++++++++--
 .../src/main/java/org/matrix/olm/OlmUtility.java   | 25 +++++++++++++++-------
 2 files changed, 29 insertions(+), 10 deletions(-)

(limited to 'java/android/OlmLibSdk/olm-sdk')

diff --git a/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java b/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java
index 5175424..b500cdf 100644
--- a/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java
+++ b/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java
@@ -45,7 +45,7 @@ public class OlmUtilityTest {
     @Test
     public void test01VerifyEd25519Signing() {
         String fingerPrintKey = null;
-        String errorMsg = new String();
+        StringBuffer errorMsg = new StringBuffer();
         String message = "{\"key1\":\"value1\",\"key2\":\"value2\"};";
 
         // create account
@@ -67,10 +67,20 @@ public class OlmUtilityTest {
             assertTrue("Exception MSg="+e.getMessage(), false);
         }
 
-        // instance utility
+        // instantiate utility object
         OlmUtility utility = new OlmUtility();
+
+        // verify signature
+        errorMsg.append("init with anything");
         boolean isVerified = utility.verifyEd25519Signature(messageSignature, fingerPrintKey, message, errorMsg);
         assertTrue(isVerified);
+        assertTrue(String.valueOf(errorMsg).isEmpty());
+
+        // check a bad signature is detected and the error message is not empty
+        messageSignature = "Bad signature Bad signature Bad signature..";
+        isVerified = utility.verifyEd25519Signature(messageSignature, fingerPrintKey, message, errorMsg);
+        assertFalse(isVerified);
+        assertFalse(String.valueOf(errorMsg).isEmpty());
 
         utility.releaseUtility();
     }
diff --git a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
index e2a085d..a6e9c4f 100644
--- a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
+++ b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java
@@ -71,14 +71,14 @@ public class OlmUtility implements Serializable {
      * If the key was too small, aError is set to "OLM.INVALID_BASE64".
      * If the signature was invalid, aError is set to "OLM.BAD_MESSAGE_MAC".<br>
      * @param aSignature the base64-encoded message signature to be checked.
-     * @param aFingerprintKey the ed25519 key
-     * @param aMessage the message which was signed
+     * @param aFingerprintKey the ed25519 key (fingerprint key)
+     * @param aMessage the signed message
      * @param aError error message description
      * @return true if the signature is verified, false otherwise
      */
-    public boolean verifyEd25519Signature(String aSignature, String aFingerprintKey, String aMessage, String aError) {
+    public boolean verifyEd25519Signature(String aSignature, String aFingerprintKey, String aMessage, StringBuffer aError) {
         boolean retCode = false;
-        OlmUtility retObj=null;
+        String errorRetValue = null;
 
         if(null == aError) {
             Log.e(LOG_TAG, "## verifyEd25519Signature(): invalid input error parameter");
@@ -86,17 +86,26 @@ public class OlmUtility implements Serializable {
         else if(TextUtils.isEmpty(aSignature) || TextUtils.isEmpty(aFingerprintKey) || TextUtils.isEmpty(aMessage)){
             Log.e(LOG_TAG, "## verifyEd25519Signature(): invalid input parameters");
         } else {
-            String errorRetValue = verifyEd25519SignatureJni(aSignature,aFingerprintKey, aMessage);
-            if(null == errorRetValue) {
-                aError="";
+            aError.setLength(0);
+
+            if( null == (errorRetValue = verifyEd25519SignatureJni(aSignature,aFingerprintKey, aMessage))) {
                 retCode = true;
             } else {
-                aError = errorRetValue;
+                aError.append(errorRetValue);
             }
         }
 
         return retCode;
     }
+
+    /**
+     * Verify an ed25519 signature.
+     * Return a human readable error message in case of verification failure.
+     * @param aSignature the base64-encoded message signature to be checked.
+     * @param aFingerprintKey the ed25519 key
+     * @param aMessage the signed message
+     * @return null if validation succeed, the error message string if operation failed
+     */
     private native String verifyEd25519SignatureJni(String aSignature, String aFingerprintKey, String aMessage);
 
 
-- 
cgit v1.2.3-70-g09d2