Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
O
Olm
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Nheko Reborn
Olm
Commits
b3496b0a
Commit
b3496b0a
authored
10 years ago
by
Mark Haines
Browse files
Options
Downloads
Patches
Plain Diff
More comments
parent
65bb5d4e
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
include/axolotl/axolotl.hh
+41
-2
41 additions, 2 deletions
include/axolotl/axolotl.hh
include/axolotl/crypto.hh
+19
-2
19 additions, 2 deletions
include/axolotl/crypto.hh
with
60 additions
and
4 deletions
include/axolotl/axolotl.hh
+
41
−
2
View file @
b3496b0a
...
...
@@ -83,41 +83,80 @@ struct Session {
KdfInfo
const
&
kdf_info
);
/** A
pair of string to feed into the KDF
identifing the application */
/** A
some strings
identifing the application
to feed into the KDF.
*/
KdfInfo
kdf_info
;
/** The last error that happened encypting or decrypting a message */
/** The last error that happened encypting or decrypting a message. */
ErrorCode
last_error
;
/** The root key is used to generate chain keys from the ephemeral keys.
* A new root_key derived each time a chain key is derived. */
SharedKey
root_key
;
/** The sender chain is used to send messages. Each time a new ephemeral
* key is received from the remote server we generate a new sender chain
* with a new empheral key when we next send a message. */
List
<
SenderChain
,
1
>
sender_chain
;
/** The receiver chain is used to decrypt recieved messages. We store the
* last few chains so we can decrypt any out of order messages we haven't
* received yet. */
List
<
ReceiverChain
,
MAX_RECEIVER_CHAINS
>
receiver_chains
;
/** List of message keys we've skipped over when advancing the receiver
* chain. */
List
<
SkippedMessageKey
,
MAX_SKIPPED_MESSAGE_KEYS
>
skipped_message_keys
;
/** Initialise the session using a shared secret and the public part of the
* remote's first ratchet key */
void
initialise_as_bob
(
std
::
uint8_t
const
*
shared_secret
,
std
::
size_t
shared_secret_length
,
Curve25519PublicKey
const
&
their_ratchet_key
);
/** Intialise the session using a shared secret and the public/private key
* pair for the first ratchet key */
void
initialise_as_alice
(
std
::
uint8_t
const
*
shared_secret
,
std
::
size_t
shared_secret_length
,
Curve25519KeyPair
const
&
our_ratchet_key
);
/** The maximum number of bytes of output the encrypt method will write for
* a given message length. */
std
::
size_t
encrypt_max_output_length
(
std
::
size_t
plaintext_length
);
/** The number of bytes of random data the encrypt method will need to
* encrypt a message. This will be 32 bytes if the session needs to
* generate a new ephemeral key, or will be 0 bytes otherwise.*/
std
::
size_t
encrypt_random_length
();
/** Encrypt some plaintext. Returns the length of the encrypted message
* or std::size_t(-1) on failure. On failure last_error will be set with
* an error code. The last_error will be NOT_ENOUGH_RANDOM if the number
* of random bytes is too small. The last_error will be
* OUTPUT_BUFFER_TOO_SMALL if the output buffer is too small. */
std
::
size_t
encrypt
(
std
::
uint8_t
const
*
plaintext
,
std
::
size_t
plaintext_length
,
std
::
uint8_t
const
*
random
,
std
::
size_t
random_length
,
std
::
uint8_t
*
output
,
std
::
size_t
max_output_length
);
/** An upper bound on the number of bytes of plaintext the decrypt method
* will write for a given input message length. */
std
::
size_t
decrypt_max_plaintext_length
(
std
::
size_t
input_length
);
/** Decrypt a message. Returns the length of the decrypted plaintext or
* std::size_t(-1) on failure. On failure last_error will be set with an
* error code. The last_error will be OUTPUT_BUFFER_TOO_SMALL if the
* plaintext buffer is too small. The last_error will be
* BAD_MESSAGE_VERSION if the message was encrypted with an unsupported
* version of the protocol. The last_error will be BAD_MESSAGE_FORMAT if
* the message headers could not be decoded. The last_error will be
* BAD_MESSAGE_MAC if the message could not be verified */
std
::
size_t
decrypt
(
std
::
uint8_t
const
*
input
,
std
::
size_t
input_length
,
std
::
uint8_t
*
plaintext
,
std
::
size_t
max_plaintext_length
...
...
This diff is collapsed.
Click to expand it.
include/axolotl/crypto.hh
+
19
−
2
View file @
b3496b0a
...
...
@@ -28,7 +28,7 @@ struct Curve25519KeyPair : public Curve25519PublicKey {
std
::
uint8_t
private_key
[
32
];
};
/** Generate a curve25519 key pair from 32 random bytes. */
void
generate_key
(
std
::
uint8_t
const
*
random_32_bytes
,
Curve25519KeyPair
&
key_pair
...
...
@@ -37,7 +37,8 @@ void generate_key(
const
std
::
size_t
CURVE25519_SHARED_SECRET_LENGTH
=
32
;
/** Create a shared secret using our private key and their public key.
* The output buffer must be at least 32 bytes long. */
void
curve25519_shared_secret
(
Curve25519KeyPair
const
&
our_key
,
Curve25519PublicKey
const
&
their_key
,
...
...
@@ -57,11 +58,14 @@ struct Aes256Iv {
};
/** The length of output the aes_encrypt_cbc function will write */
std
::
size_t
aes_encrypt_cbc_length
(
std
::
size_t
input_length
);
/** Encrypts the input using AES256 in CBC mode with PKCS#7 padding.
* The output buffer must be big enough to hold the output including padding */
void
aes_encrypt_cbc
(
Aes256Key
const
&
key
,
Aes256Iv
const
&
iv
,
...
...
@@ -70,6 +74,10 @@ void aes_encrypt_cbc(
);
/** Decrypts the input using AES256 in CBC mode. The output buffer must be at
* least the same size as the input buffer. Returns the length of the plaintext
* without padding on success or std::size_t(-1) if the padding is invalid.
*/
std
::
size_t
aes_decrypt_cbc
(
Aes256Key
const
&
key
,
Aes256Iv
const
&
iv
,
...
...
@@ -78,6 +86,8 @@ std::size_t aes_decrypt_cbc(
);
/** Computes SHA-256 of the input. The output buffer must be a least 32
* bytes long. */
void
sha256
(
std
::
uint8_t
const
*
input
,
std
::
size_t
input_length
,
std
::
uint8_t
*
output
...
...
@@ -87,6 +97,10 @@ void sha256(
const
std
::
size_t
HMAC_SHA256_OUTPUT_LENGTH
=
32
;
/** HMAC: Keyed-Hashing for Message Authentication
* http://tools.ietf.org/html/rfc2104
* Computes HMAC-SHA-256 of the input for the key. The output buffer must
* be at least 32 bytes long. */
void
hmac_sha256
(
std
::
uint8_t
const
*
key
,
std
::
size_t
key_length
,
std
::
uint8_t
const
*
input
,
std
::
size_t
input_length
,
...
...
@@ -94,6 +108,9 @@ void hmac_sha256(
);
/** HMAC-based Key Derivation Function (HKDF)
* https://tools.ietf.org/html/rfc5869
* Derives key material from the input bytes. */
void
hkdf_sha256
(
std
::
uint8_t
const
*
input
,
std
::
size_t
input_length
,
std
::
uint8_t
const
*
info
,
std
::
size_t
info_length
,
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment