1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
/* Copyright 2015 OpenMarket Ltd
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef OLM_SESSION_HH_
#define OLM_SESSION_HH_
#include "olm/ratchet.hh"
namespace olm {
struct Account;
enum struct MessageType {
PRE_KEY = 0,
MESSAGE = 1,
};
struct Session {
Session();
Ratchet ratchet;
ErrorCode last_error;
bool received_message;
Curve25519PublicKey alice_identity_key;
Curve25519PublicKey alice_base_key;
Curve25519PublicKey bob_one_time_key;
/** The number of random bytes that are needed to create a new outbound
* session. This will be 64 bytes since two ephemeral keys are needed. */
std::size_t new_outbound_session_random_length();
/** Start a new outbound session. Returns std::size_t(-1) on failure. On
* failure last_error will be set with an error code. The last_error will be
* NOT_ENOUGH_RANDOM if the number of random bytes was too small. */
std::size_t new_outbound_session(
Account const & local_account,
Curve25519PublicKey const & identity_key,
Curve25519PublicKey const & one_time_key,
std::uint8_t const * random, std::size_t random_length
);
/** Start a new inbound session from a pre-key message.
* Returns std::size_t(-1) on failure. On failure last_error will be set
* with an error code. The last_error will be BAD_MESSAGE_FORMAT if
* the message headers could not be decoded. */
std::size_t new_inbound_session(
Account & local_account,
Curve25519PublicKey const * their_identity_key,
std::uint8_t const * pre_key_message, std::size_t message_length
);
/** The number of bytes written by session_id() */
std::size_t session_id_length();
/** An identifier for this session. Generated by hashing the public keys
* used to create the session. Returns the length of the session id on
* success or std::size_t(-1) on failure. On failure last_error will be set
* with an error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if
* the id buffer was too small. */
std::size_t session_id(
std::uint8_t * id, std::size_t id_length
);
/** True if this session can be used to decode an inbound pre-key message.
* This can be used to test whether a pre-key message should be decoded
* with an existing session or if a new session will need to be created.
* Returns true if the session is the same. Returns false if either the
* session does not match or the pre-key message could not be decoded.
*/
bool matches_inbound_session(
Curve25519PublicKey const * their_identity_key,
std::uint8_t const * pre_key_message, std::size_t message_length
);
/** Whether the next message will be a pre-key message or a normal message.
* An outbound session will send pre-key messages until it receives a
* message with a ratchet key. */
MessageType encrypt_message_type();
std::size_t encrypt_message_length(
std::size_t plaintext_length
);
/** The number of bytes of random data the encrypt method will need to
* encrypt a message. This will be 32 bytes if the session needs to
* generate a new ephemeral key, or will be 0 bytes otherwise. */
std::size_t encrypt_random_length();
/** Encrypt some plain-text. Returns the length of the encrypted message
* or std::size_t(-1) on failure. On failure last_error will be set with
* an error code. The last_error will be NOT_ENOUGH_RANDOM if the number
* of random bytes is too small. The last_error will be
* OUTPUT_BUFFER_TOO_SMALL if the output buffer is too small. */
std::size_t encrypt(
std::uint8_t const * plaintext, std::size_t plaintext_length,
std::uint8_t const * random, std::size_t random_length,
std::uint8_t * message, std::size_t message_length
);
/** An upper bound on the number of bytes of plain-text the decrypt method
* will write for a given input message length. */
std::size_t decrypt_max_plaintext_length(
MessageType message_type,
std::uint8_t const * message, std::size_t message_length
);
/** Decrypt a message. Returns the length of the decrypted plain-text or
* std::size_t(-1) on failure. On failure last_error will be set with an
* error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if the
* plain-text buffer is too small. The last_error will be
* BAD_MESSAGE_VERSION if the message was encrypted with an unsupported
* version of the protocol. The last_error will be BAD_MESSAGE_FORMAT if
* the message headers could not be decoded. The last_error will be
* BAD_MESSAGE_MAC if the message could not be verified */
std::size_t decrypt(
MessageType message_type,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t * plaintext, std::size_t max_plaintext_length
);
};
std::size_t pickle_length(
Session const & value
);
std::uint8_t * pickle(
std::uint8_t * pos,
Session const & value
);
std::uint8_t const * unpickle(
std::uint8_t const * pos, std::uint8_t const * end,
Session & value
);
} // namespace olm
#endif /* OLM_SESSION_HH_ */
|