From 26d9934fc84f3da742e4c38f37ee50a9ddb5237b Mon Sep 17 00:00:00 2001 From: pedroGitt Date: Tue, 18 Oct 2016 19:02:18 +0200 Subject: Fix verifyEd25519Signature() API to properly return the error message in case signature verification failed - update unit tests --- .../java/org/matrix/olm/OlmUtilityTest.java | 14 ++++++++++-- .../src/main/java/org/matrix/olm/OlmUtility.java | 25 +++++++++++++++------- 2 files changed, 29 insertions(+), 10 deletions(-) (limited to 'java/android') diff --git a/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java b/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java index 5175424..b500cdf 100644 --- a/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java +++ b/java/android/OlmLibSdk/olm-sdk/src/androidTest/java/org/matrix/olm/OlmUtilityTest.java @@ -45,7 +45,7 @@ public class OlmUtilityTest { @Test public void test01VerifyEd25519Signing() { String fingerPrintKey = null; - String errorMsg = new String(); + StringBuffer errorMsg = new StringBuffer(); String message = "{\"key1\":\"value1\",\"key2\":\"value2\"};"; // create account @@ -67,10 +67,20 @@ public class OlmUtilityTest { assertTrue("Exception MSg="+e.getMessage(), false); } - // instance utility + // instantiate utility object OlmUtility utility = new OlmUtility(); + + // verify signature + errorMsg.append("init with anything"); boolean isVerified = utility.verifyEd25519Signature(messageSignature, fingerPrintKey, message, errorMsg); assertTrue(isVerified); + assertTrue(String.valueOf(errorMsg).isEmpty()); + + // check a bad signature is detected and the error message is not empty + messageSignature = "Bad signature Bad signature Bad signature.."; + isVerified = utility.verifyEd25519Signature(messageSignature, fingerPrintKey, message, errorMsg); + assertFalse(isVerified); + assertFalse(String.valueOf(errorMsg).isEmpty()); utility.releaseUtility(); } diff --git a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java index e2a085d..a6e9c4f 100644 --- a/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java +++ b/java/android/OlmLibSdk/olm-sdk/src/main/java/org/matrix/olm/OlmUtility.java @@ -71,14 +71,14 @@ public class OlmUtility implements Serializable { * If the key was too small, aError is set to "OLM.INVALID_BASE64". * If the signature was invalid, aError is set to "OLM.BAD_MESSAGE_MAC".
* @param aSignature the base64-encoded message signature to be checked. - * @param aFingerprintKey the ed25519 key - * @param aMessage the message which was signed + * @param aFingerprintKey the ed25519 key (fingerprint key) + * @param aMessage the signed message * @param aError error message description * @return true if the signature is verified, false otherwise */ - public boolean verifyEd25519Signature(String aSignature, String aFingerprintKey, String aMessage, String aError) { + public boolean verifyEd25519Signature(String aSignature, String aFingerprintKey, String aMessage, StringBuffer aError) { boolean retCode = false; - OlmUtility retObj=null; + String errorRetValue = null; if(null == aError) { Log.e(LOG_TAG, "## verifyEd25519Signature(): invalid input error parameter"); @@ -86,17 +86,26 @@ public class OlmUtility implements Serializable { else if(TextUtils.isEmpty(aSignature) || TextUtils.isEmpty(aFingerprintKey) || TextUtils.isEmpty(aMessage)){ Log.e(LOG_TAG, "## verifyEd25519Signature(): invalid input parameters"); } else { - String errorRetValue = verifyEd25519SignatureJni(aSignature,aFingerprintKey, aMessage); - if(null == errorRetValue) { - aError=""; + aError.setLength(0); + + if( null == (errorRetValue = verifyEd25519SignatureJni(aSignature,aFingerprintKey, aMessage))) { retCode = true; } else { - aError = errorRetValue; + aError.append(errorRetValue); } } return retCode; } + + /** + * Verify an ed25519 signature. + * Return a human readable error message in case of verification failure. + * @param aSignature the base64-encoded message signature to be checked. + * @param aFingerprintKey the ed25519 key + * @param aMessage the signed message + * @return null if validation succeed, the error message string if operation failed + */ private native String verifyEd25519SignatureJni(String aSignature, String aFingerprintKey, String aMessage); -- cgit v1.2.3