From f0acf6582f88ca66b3fabf7d622278da51a94c10 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 2 Sep 2016 15:13:24 +0100 Subject: Convert Ed25519 and Curve25519 functions to plain C --- tests/test_crypto.cpp | 36 ++++++++++++++++++------------------ tests/test_ratchet.cpp | 10 +++++----- tests/test_session.cpp | 4 ++-- 3 files changed, 25 insertions(+), 25 deletions(-) (limited to 'tests') diff --git a/tests/test_crypto.cpp b/tests/test_crypto.cpp index 56abdcd..12715d0 100644 --- a/tests/test_crypto.cpp +++ b/tests/test_crypto.cpp @@ -58,25 +58,25 @@ std::uint8_t expected_agreement[32] = { 0x76, 0xF0, 0x9B, 0x3C, 0x1E, 0x16, 0x17, 0x42 }; -olm::Curve25519KeyPair alice_pair; -olm::curve25519_generate_key(alice_private, alice_pair); +_olm_curve25519_key_pair alice_pair; +_olm_crypto_curve25519_generate_key(alice_private, &alice_pair); -assert_equals(alice_private, alice_pair.private_key, 32); -assert_equals(alice_public, alice_pair.public_key, 32); +assert_equals(alice_private, alice_pair.private_key.private_key, 32); +assert_equals(alice_public, alice_pair.public_key.public_key, 32); -olm::Curve25519KeyPair bob_pair; -olm::curve25519_generate_key(bob_private, bob_pair); +_olm_curve25519_key_pair bob_pair; +_olm_crypto_curve25519_generate_key(bob_private, &bob_pair); -assert_equals(bob_private, bob_pair.private_key, 32); -assert_equals(bob_public, bob_pair.public_key, 32); +assert_equals(bob_private, bob_pair.private_key.private_key, 32); +assert_equals(bob_public, bob_pair.public_key.public_key, 32); std::uint8_t actual_agreement[CURVE25519_SHARED_SECRET_LENGTH] = {}; -olm::curve25519_shared_secret(alice_pair, bob_pair, actual_agreement); +_olm_crypto_curve25519_shared_secret(&alice_pair, &bob_pair.public_key, actual_agreement); assert_equals(expected_agreement, actual_agreement, 32); -olm::curve25519_shared_secret(bob_pair, alice_pair, actual_agreement); +_olm_crypto_curve25519_shared_secret(&bob_pair, &alice_pair.public_key, actual_agreement); assert_equals(expected_agreement, actual_agreement, 32); @@ -90,22 +90,22 @@ std::uint8_t private_key[33] = "This key is a string of 32 bytes"; std::uint8_t message[] = "Hello, World"; std::size_t message_length = sizeof(message) - 1; -olm::Ed25519KeyPair key_pair; -olm::ed25519_generate_key(private_key, key_pair); +_olm_ed25519_key_pair key_pair; +_olm_crypto_ed25519_generate_key(private_key, &key_pair); std::uint8_t signature[64]; -olm::ed25519_sign( - key_pair, message, message_length, signature +_olm_crypto_ed25519_sign( + &key_pair, message, message_length, signature ); -bool result = olm::ed25519_verify( - key_pair, message, message_length, signature +bool result = _olm_crypto_ed25519_verify( + &key_pair.public_key, message, message_length, signature ); assert_equals(true, result); message[0] = 'n'; -result = olm::ed25519_verify( - key_pair, message, message_length, signature +result = _olm_crypto_ed25519_verify( + &key_pair.public_key, message, message_length, signature ); assert_equals(false, result); } diff --git a/tests/test_ratchet.cpp b/tests/test_ratchet.cpp index 2f8412e..fb60ba9 100644 --- a/tests/test_ratchet.cpp +++ b/tests/test_ratchet.cpp @@ -32,8 +32,8 @@ _olm_cipher_aes_sha_256 cipher0 = OLM_CIPHER_INIT_AES_SHA_256(message_info); _olm_cipher *cipher = OLM_CIPHER_BASE(&cipher0); std::uint8_t random_bytes[] = "0123456789ABDEF0123456789ABCDEF"; -olm::Curve25519KeyPair alice_key; -olm::curve25519_generate_key(random_bytes, alice_key); +_olm_curve25519_key_pair alice_key; +_olm_crypto_curve25519_generate_key(random_bytes, &alice_key); std::uint8_t shared_secret[] = "A secret"; @@ -44,7 +44,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext[] = "Message"; std::size_t plaintext_length = sizeof(plaintext) - 1; @@ -113,7 +113,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext_1[] = "First Message"; std::size_t plaintext_1_length = sizeof(plaintext_1) - 1; @@ -185,7 +185,7 @@ olm::Ratchet alice(kdf_info, cipher); olm::Ratchet bob(kdf_info, cipher); alice.initialise_as_alice(shared_secret, sizeof(shared_secret) - 1, alice_key); -bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key); +bob.initialise_as_bob(shared_secret, sizeof(shared_secret) - 1, alice_key.public_key); std::uint8_t plaintext[] = "These 15 bytes"; assert_equals(std::size_t(15), sizeof(plaintext)); diff --git a/tests/test_session.cpp b/tests/test_session.cpp index c4c5b2a..e2c3199 100644 --- a/tests/test_session.cpp +++ b/tests/test_session.cpp @@ -33,12 +33,12 @@ void check_session(const olm::Session &session) { assert_equals( decode_hex("f77a03eaa9b301fa7d2a5aa6b50286906de12cc96044f526dbbcb12839ad7003"), - session.ratchet.sender_chain[0].ratchet_key.public_key, 32 + session.ratchet.sender_chain[0].ratchet_key.public_key.public_key, 32 ); assert_equals( decode_hex("d945c6ed4c7c277117adf11fb133a7936d287afe97c0b3ac989644b4490d4f31"), - session.ratchet.sender_chain[0].ratchet_key.private_key, 32 + session.ratchet.sender_chain[0].ratchet_key.private_key.private_key, 32 ); assert_equals( -- cgit v1.2.3-70-g09d2 From 69f269ffaf88515f6d5c0b34178bf0096cf5773b Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 2 Sep 2016 15:35:04 +0100 Subject: Convert AES functions to plain C --- include/olm/account.hh | 2 +- include/olm/crypto.h | 35 +++++++++++++++++++++++++ include/olm/crypto.hh | 69 -------------------------------------------------- include/olm/pickle.hh | 2 +- include/olm/ratchet.hh | 4 ++- src/cipher.cpp | 16 ++++++------ src/crypto.cpp | 24 +++++++++--------- src/session.cpp | 2 +- src/utility.cpp | 2 +- tests/test_crypto.cpp | 12 ++++----- 10 files changed, 68 insertions(+), 100 deletions(-) delete mode 100644 include/olm/crypto.hh (limited to 'tests') diff --git a/include/olm/account.hh b/include/olm/account.hh index 4b7b190..7e58ca3 100644 --- a/include/olm/account.hh +++ b/include/olm/account.hh @@ -16,7 +16,7 @@ #define OLM_ACCOUNT_HH_ #include "olm/list.hh" -#include "olm/crypto.hh" +#include "olm/crypto.h" #include "olm/error.h" #include diff --git a/include/olm/crypto.h b/include/olm/crypto.h index 9fc3842..dbf78ed 100644 --- a/include/olm/crypto.h +++ b/include/olm/crypto.h @@ -57,6 +57,15 @@ extern "C" { /** length of an aes256 initialisation vector */ #define AES256_IV_LENGTH 16 +struct _olm_aes256_key { + uint8_t key[AES256_KEY_LENGTH]; +}; + +struct _olm_aes256_iv { + uint8_t iv[AES256_IV_LENGTH]; +}; + + struct _olm_curve25519_public_key { uint8_t public_key[CURVE25519_KEY_LENGTH]; }; @@ -84,6 +93,32 @@ struct _olm_ed25519_key_pair { }; +/** The length of output the aes_encrypt_cbc function will write */ +size_t _olm_crypto_aes_encrypt_cbc_length( + size_t input_length +); + +/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding. + * The output buffer must be big enough to hold the output including padding */ +void _olm_crypto_aes_encrypt_cbc( + const struct _olm_aes256_key *key, + const struct _olm_aes256_iv *iv, + const uint8_t *input, size_t input_length, + uint8_t *output +); + +/** Decrypts the input using AES256 in CBC mode. The output buffer must be at + * least the same size as the input buffer. Returns the length of the plaintext + * without padding on success or std::size_t(-1) if the padding is invalid. + */ +size_t _olm_crypto_aes_decrypt_cbc( + const struct _olm_aes256_key *key, + const struct _olm_aes256_iv *iv, + uint8_t const * input, size_t input_length, + uint8_t * output +); + + /** Computes SHA-256 of the input. The output buffer must be a least * SHA256_OUTPUT_LENGTH (32) bytes long. */ void _olm_crypto_sha256( diff --git a/include/olm/crypto.hh b/include/olm/crypto.hh deleted file mode 100644 index e3098cc..0000000 --- a/include/olm/crypto.hh +++ /dev/null @@ -1,69 +0,0 @@ -/* Copyright 2015 OpenMarket Ltd - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef OLM_CRYPTO_HH_ -#define OLM_CRYPTO_HH_ - -#include -#include - -// eventually all of this needs to move into crypto.h, and everything should -// use that. For now, include crypto.h here. - -#include "olm/crypto.h" - -namespace olm { - - -struct Aes256Key { - std::uint8_t key[AES256_KEY_LENGTH]; -}; - - -struct Aes256Iv { - std::uint8_t iv[AES256_IV_LENGTH]; -}; - - -/** The length of output the aes_encrypt_cbc function will write */ -std::size_t aes_encrypt_cbc_length( - std::size_t input_length -); - - -/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding. - * The output buffer must be big enough to hold the output including padding */ -void aes_encrypt_cbc( - Aes256Key const & key, - Aes256Iv const & iv, - std::uint8_t const * input, std::size_t input_length, - std::uint8_t * output -); - - -/** Decrypts the input using AES256 in CBC mode. The output buffer must be at - * least the same size as the input buffer. Returns the length of the plaintext - * without padding on success or std::size_t(-1) if the padding is invalid. - */ -std::size_t aes_decrypt_cbc( - Aes256Key const & key, - Aes256Iv const & iv, - std::uint8_t const * input, std::size_t input_length, - std::uint8_t * output -); - - -} // namespace olm - -#endif /* OLM_CRYPTO_HH_ */ diff --git a/include/olm/pickle.hh b/include/olm/pickle.hh index c0b6ebf..a09b8a1 100644 --- a/include/olm/pickle.hh +++ b/include/olm/pickle.hh @@ -16,7 +16,7 @@ #define OLM_PICKLE_HH_ #include "olm/list.hh" -#include "olm/crypto.hh" +#include "olm/crypto.h" #include #include diff --git a/include/olm/ratchet.hh b/include/olm/ratchet.hh index cdcba6b..2e87e35 100644 --- a/include/olm/ratchet.hh +++ b/include/olm/ratchet.hh @@ -13,7 +13,9 @@ * limitations under the License. */ -#include "olm/crypto.hh" +#include + +#include "olm/crypto.h" #include "olm/list.hh" #include "olm/error.h" diff --git a/src/cipher.cpp b/src/cipher.cpp index 8e3d7a5..6b53690 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -13,7 +13,7 @@ * limitations under the License. */ #include "olm/cipher.h" -#include "olm/crypto.hh" +#include "olm/crypto.h" #include "olm/memory.hh" #include @@ -22,9 +22,9 @@ const std::size_t HMAC_KEY_LENGTH = 32; namespace { struct DerivedKeys { - olm::Aes256Key aes_key; + _olm_aes256_key aes_key; std::uint8_t mac_key[HMAC_KEY_LENGTH]; - olm::Aes256Iv aes_iv; + _olm_aes256_iv aes_iv; }; @@ -58,7 +58,7 @@ size_t aes_sha_256_cipher_mac_length(const struct _olm_cipher *cipher) { size_t aes_sha_256_cipher_encrypt_ciphertext_length( const struct _olm_cipher *cipher, size_t plaintext_length ) { - return olm::aes_encrypt_cbc_length(plaintext_length); + return _olm_crypto_aes_encrypt_cbc_length(plaintext_length); } size_t aes_sha_256_cipher_encrypt( @@ -80,8 +80,8 @@ size_t aes_sha_256_cipher_encrypt( derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys); - olm::aes_encrypt_cbc( - keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext + _olm_crypto_aes_encrypt_cbc( + &keys.aes_key, &keys.aes_iv, plaintext, plaintext_length, ciphertext ); _olm_crypto_hmac_sha256( @@ -126,8 +126,8 @@ size_t aes_sha_256_cipher_decrypt( return std::size_t(-1); } - std::size_t plaintext_length = olm::aes_decrypt_cbc( - keys.aes_key, keys.aes_iv, ciphertext, ciphertext_length, plaintext + std::size_t plaintext_length = _olm_crypto_aes_decrypt_cbc( + &keys.aes_key, &keys.aes_iv, ciphertext, ciphertext_length, plaintext ); olm::unset(keys); diff --git a/src/crypto.cpp b/src/crypto.cpp index 89d9d72..5095c79 100644 --- a/src/crypto.cpp +++ b/src/crypto.cpp @@ -12,7 +12,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "olm/crypto.hh" +#include "olm/crypto.h" #include "olm/memory.hh" #include @@ -163,23 +163,23 @@ int _olm_crypto_ed25519_verify( } -std::size_t olm::aes_encrypt_cbc_length( +std::size_t _olm_crypto_aes_encrypt_cbc_length( std::size_t input_length ) { return input_length + AES_BLOCK_LENGTH - input_length % AES_BLOCK_LENGTH; } -void olm::aes_encrypt_cbc( - olm::Aes256Key const & key, - olm::Aes256Iv const & iv, +void _olm_crypto_aes_encrypt_cbc( + _olm_aes256_key const *key, + _olm_aes256_iv const *iv, std::uint8_t const * input, std::size_t input_length, std::uint8_t * output ) { std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH]; - ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS); + ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS); std::uint8_t input_block[AES_BLOCK_LENGTH]; - std::memcpy(input_block, iv.iv, AES_BLOCK_LENGTH); + std::memcpy(input_block, iv->iv, AES_BLOCK_LENGTH); while (input_length >= AES_BLOCK_LENGTH) { xor_block(input_block, input); ::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS); @@ -201,17 +201,17 @@ void olm::aes_encrypt_cbc( } -std::size_t olm::aes_decrypt_cbc( - olm::Aes256Key const & key, - olm::Aes256Iv const & iv, +std::size_t _olm_crypto_aes_decrypt_cbc( + _olm_aes256_key const *key, + _olm_aes256_iv const *iv, std::uint8_t const * input, std::size_t input_length, std::uint8_t * output ) { std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH]; - ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS); + ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS); std::uint8_t block1[AES_BLOCK_LENGTH]; std::uint8_t block2[AES_BLOCK_LENGTH]; - std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH); + std::memcpy(block1, iv->iv, AES_BLOCK_LENGTH); for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) { std::memcpy(block2, &input[i], AES_BLOCK_LENGTH); ::aes_decrypt(&input[i], &output[i], key_schedule, AES_KEY_BITS); diff --git a/src/session.cpp b/src/session.cpp index 72e2be8..f1bc5a7 100644 --- a/src/session.cpp +++ b/src/session.cpp @@ -14,7 +14,7 @@ */ #include "olm/session.hh" #include "olm/cipher.h" -#include "olm/crypto.hh" +#include "olm/crypto.h" #include "olm/account.hh" #include "olm/memory.hh" #include "olm/message.hh" diff --git a/src/utility.cpp b/src/utility.cpp index 43d8e16..e9688de 100644 --- a/src/utility.cpp +++ b/src/utility.cpp @@ -14,7 +14,7 @@ */ #include "olm/utility.hh" -#include "olm/crypto.hh" +#include "olm/crypto.h" olm::Utility::Utility( diff --git a/tests/test_crypto.cpp b/tests/test_crypto.cpp index 12715d0..7dad892 100644 --- a/tests/test_crypto.cpp +++ b/tests/test_crypto.cpp @@ -12,7 +12,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "olm/crypto.hh" +#include "olm/crypto.h" #include "unittest.hh" @@ -115,8 +115,8 @@ assert_equals(false, result); TestCase test_case("AES Test Case 1"); -olm::Aes256Key key = {}; -olm::Aes256Iv iv = {}; +_olm_aes256_key key = {}; +_olm_aes256_iv iv = {}; std::uint8_t input[16] = {}; std::uint8_t expected[32] = { @@ -126,16 +126,16 @@ std::uint8_t expected[32] = { 0x4B, 0xAE, 0xDF, 0xFC, 0x3D, 0x21, 0x4C, 0x38 }; -std::size_t length = olm::aes_encrypt_cbc_length(sizeof(input)); +std::size_t length = _olm_crypto_aes_encrypt_cbc_length(sizeof(input)); assert_equals(std::size_t(32), length); std::uint8_t actual[32] = {}; -olm::aes_encrypt_cbc(key, iv, input, sizeof(input), actual); +_olm_crypto_aes_encrypt_cbc(&key, &iv, input, sizeof(input), actual); assert_equals(expected, actual, 32); -length = olm::aes_decrypt_cbc(key, iv, expected, sizeof(expected), actual); +length = _olm_crypto_aes_decrypt_cbc(&key, &iv, expected, sizeof(expected), actual); assert_equals(std::size_t(16), length); assert_equals(input, actual, length); -- cgit v1.2.3-70-g09d2