Properly clear olm keys

7aed28e7 · Nicolas Werner · 1e97d319 · 7aed28e7 · 7aed28e7
Commit 7aed28e7 authored 4 years ago by Nicolas Werner
--- a/include/mtxclient/crypto/client.hpp
+++ b/include/mtxclient/crypto/client.hpp
@@ -31,79 +31,80 @@ namespace crypto {
 //! Data representation used to interact with libolm.
 using BinaryBuf = std::vector<uint8_t>;

-enum class OlmErrorCode {
-	UNKNOWN_ERROR = - 1,
-	SUCCESS,
-	NOT_ENOUGH_RANDOM,
-	OUTPUT_BUFFER_TOO_SMALL,
-	BAD_MESSAGE_VERSION,
-	BAD_MESSAGE_FORMAT,
-	BAD_MESSAGE_MAC,
-	BAD_MESSAGE_KEY_ID,
-	INVALID_BASE64,
-	BAD_ACCOUNT_KEY,
-	UNKNOWN_PICKLE_VERSION,
-	CORRUPTED_PICKLE,
-	BAD_SESSION_KEY,
-	UNKNOWN_MESSAGE_INDEX,
-	BAD_LEGACY_ACCOUNT_PICKLE,
-	BAD_SIGNATURE,
-	OLM_INPUT_BUFFER_TOO_SMALL,
-	OLM_SAS_THEIR_KEY_NOT_SET
+enum class OlmErrorCode
+{
+        UNKNOWN_ERROR = -1,
+        SUCCESS,
+        NOT_ENOUGH_RANDOM,
+        OUTPUT_BUFFER_TOO_SMALL,
+        BAD_MESSAGE_VERSION,
+        BAD_MESSAGE_FORMAT,
+        BAD_MESSAGE_MAC,
+        BAD_MESSAGE_KEY_ID,
+        INVALID_BASE64,
+        BAD_ACCOUNT_KEY,
+        UNKNOWN_PICKLE_VERSION,
+        CORRUPTED_PICKLE,
+        BAD_SESSION_KEY,
+        UNKNOWN_MESSAGE_INDEX,
+        BAD_LEGACY_ACCOUNT_PICKLE,
+        BAD_SIGNATURE,
+        OLM_INPUT_BUFFER_TOO_SMALL,
+        OLM_SAS_THEIR_KEY_NOT_SET
 };

 //! Errors returned by the olm library
 class olm_exception : public std::exception
 {
-	public:
-		olm_exception(std::string func, OlmSession *s)
-			: olm_exception(std::move(func), std::string(olm_session_last_error(s)))
-		{}
+public:
+        olm_exception(std::string func, OlmSession *s)
+          : olm_exception(std::move(func), std::string(olm_session_last_error(s)))
+        {}

-		olm_exception(std::string func, OlmAccount *acc)
-			: olm_exception(std::move(func), std::string(olm_account_last_error(acc)))
-		{}
+        olm_exception(std::string func, OlmAccount *acc)
+          : olm_exception(std::move(func), std::string(olm_account_last_error(acc)))
+        {}

-		olm_exception(std::string func, OlmUtility *util)
-			: olm_exception(std::move(func), std::string(olm_utility_last_error(util)))
-		{}
+        olm_exception(std::string func, OlmUtility *util)
+          : olm_exception(std::move(func), std::string(olm_utility_last_error(util)))
+        {}

-		olm_exception(std::string func, OlmPkDecryption *s)
-			: olm_exception(std::move(func), std::string(olm_pk_decryption_last_error(s)))
-		{}
+        olm_exception(std::string func, OlmPkDecryption *s)
+          : olm_exception(std::move(func), std::string(olm_pk_decryption_last_error(s)))
+        {}

-		olm_exception(std::string func, OlmPkSigning *s)
-			: olm_exception(std::move(func), std::string(olm_pk_signing_last_error(s)))
-		{}
+        olm_exception(std::string func, OlmPkSigning *s)
+          : olm_exception(std::move(func), std::string(olm_pk_signing_last_error(s)))
+        {}

-		olm_exception(std::string func, OlmOutboundGroupSession *s)
-			: olm_exception(std::move(func), std::string(olm_outbound_group_session_last_error(s)))
-		{}
+        olm_exception(std::string func, OlmOutboundGroupSession *s)
+          : olm_exception(std::move(func), std::string(olm_outbound_group_session_last_error(s)))
+        {}

-		olm_exception(std::string func, OlmInboundGroupSession *s)
-			: olm_exception(std::move(func), std::string(olm_inbound_group_session_last_error(s)))
-		{}
+        olm_exception(std::string func, OlmInboundGroupSession *s)
+          : olm_exception(std::move(func), std::string(olm_inbound_group_session_last_error(s)))
+        {}

-		olm_exception(std::string func, OlmSAS *s)
-			: olm_exception(std::move(func), std::string(olm_sas_last_error(s)))
-		{}
+        olm_exception(std::string func, OlmSAS *s)
+          : olm_exception(std::move(func), std::string(olm_sas_last_error(s)))
+        {}

-                //! Returns a description of the olm error.
-                const char *what() const noexcept override { return msg_.c_str(); }
+        //! Returns a description of the olm error.
+        const char *what() const noexcept override { return msg_.c_str(); }

-                //! Returns an error code reconstructed from the error string returned by olm
-                OlmErrorCode error_code() const noexcept { return ec_; }
+        //! Returns an error code reconstructed from the error string returned by olm
+        OlmErrorCode error_code() const noexcept { return ec_; }

-        private:
-                olm_exception(std::string &&func, std::string error_string)
-                  : msg_(func + ": " + error_string)
-                  , ec_(ec_from_string(error_string))
-                {}
+private:
+        olm_exception(std::string &&func, std::string error_string)
+          : msg_(func + ": " + error_string)
+          , ec_(ec_from_string(error_string))
+        {}

-		OlmErrorCode ec_from_string(std::string_view);
+        OlmErrorCode ec_from_string(std::string_view);

        std::string msg_;
-	OlmErrorCode ec_ = OlmErrorCode::UNKNOWN_ERROR;
+        OlmErrorCode ec_ = OlmErrorCode::UNKNOWN_ERROR;
 };

 //! Serialize olm objects into strings encrypted using key to persist them on non volatile storage.

--- a/include/mtxclient/crypto/objects.hpp
+++ b/include/mtxclient/crypto/objects.hpp
@@ -28,19 +28,48 @@ namespace crypto {
 /// ```
 struct OlmDeleter
 {
-        void operator()(OlmAccount *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
-        void operator()(OlmUtility *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
+        void operator()(OlmAccount *ptr)
+        {
+                olm_clear_account(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }
+        void operator()(OlmUtility *ptr)
+        {
+                olm_clear_utility(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }

-        void operator()(OlmPkDecryption *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
-        void operator()(OlmPkSigning *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
+        void operator()(OlmPkDecryption *ptr)
+        {
+                olm_clear_pk_decryption(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }
+        void operator()(OlmPkSigning *ptr)
+        {
+                olm_clear_pk_signing(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }

-        void operator()(OlmSession *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
+        void operator()(OlmSession *ptr)
+        {
+                olm_clear_session(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }
        void operator()(OlmOutboundGroupSession *ptr)
        {
+                olm_clear_outbound_group_session(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }
+        void operator()(OlmInboundGroupSession *ptr)
+        {
+                olm_clear_inbound_group_session(ptr);
+                delete[](reinterpret_cast<uint8_t *>(ptr));
+        }
+        void operator()(OlmSAS *ptr)
+        {
+                olm_clear_sas(ptr);
                delete[](reinterpret_cast<uint8_t *>(ptr));
        }
-        void operator()(OlmInboundGroupSession *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
-        void operator()(OlmSAS *ptr) { delete[](reinterpret_cast<uint8_t *>(ptr)); }
 };

 //! Olm type for Short Authentication Strings.