Don't think this matters since there's no PkEncryption /
PkDecryption object being passed, but for the sake of consistency

From 4a82d31e8cb808a04956fc847ed0ec0ff322b956 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubert@uhoreg.ca>
Date: Wed, 3 Jan 2018 21:37:43 -0500
Subject: [PATCH] fix some typos in JavaScript library

Signed-off-by: Hubert Chathi <hubert@uhoreg.ca>

olm_import_inbound_group_session, which reads the format written by
olm_export_inbound_group_session to initialise a group session.

A pair of functions which allow you to export the megolm keys for an inbound
group session, so that an application can save/restore them.

These would have helped avoid the recent FRV.

Make sure we null-terminate encrypted strings before passing them to
UTF8ToString.

This used to work when we allocated the buffer on the stack, because it turns
out that allocate() zeroinits the returned memory. malloc(), of course, does
not.

Avoid leaving copies of the plaintext sitting around in the emscripten heap.

Messages can be very large, so we don't really want to allocate them on the
stack. Switch to using the heap for them, and try to clean up some of the
string handling while we're at it.

Read settings from OLM_OPTIONS to allow apps to configure some options. In
particular, this is useful for setting the heap size.

If we get an exception during load, don't define half of window.Olm (which
confuses apps).

This is a partial fix to https://github.com/vector-im/riot-web/issues/2726.

Applications can use the index to detect replays of the same message.

Remove redundant args from some js funcs, and fix a comment typo

Fix a couple of places where we were using the wrong method to get the last
error.

Repeat the fix from b10f90d for megolm messages.

It turns out that the 'length' argument to 'Pointer_stringify' doesn't work if
the input includes characters >= 128.

Rather than try to figure out which methods can return UTF-8, and which always
return plain ascii, replace all uses of Pointer_stringify with a 'length'
argument with the version that expects a NULL-terminated input, and extend the
buffer by a byte to allow space for a null-terminator.

In the case of decrypt, we need to add the null ourself.

Fixes https://github.com/vector-im/vector-web/issues/2078.

I find myself wanting to know if an OlmSession is in the pre-key state or not,
to help debugging at the application level.

... to match the Makefile

Ed25519 private keys, it turns out, have 64 bytes, not 32.

We were previously generating only 32 bytes (which is all that is required to
generate the public key), and then using the public key as the upper 32 bytes
when generating the per-message session key. This meant that everything
appeared to work, but the security of the private key was severely compromised.

By way of fixes:

 * Use the correct algorithm for generating the Ed25519 private key, and store
   all 512 bits of it.

 * Update the account pickle format and refuse to load the old format (since we
   should consider it compromised).

 * Bump the library version, and add a function to retrieve the library
   version, so that applications can verify that they are linked against a
   fixed version of the library.

 * Remove the curve25519_{sign, verify} functions which were unused and of
   dubious quality.

It turns out that the 'length' argument to 'Pointer_stringify' doesn't work if
the input includes characters >= 128.

Rather than try to figure out which methods can return UTF-8, and which always
return plain ascii, replace all uses of Pointer_stringify with a 'length'
argument with the version that expects a NULL-terminated input, and extend the
buffer by a byte to allow space for a null-terminator.

In the case of decrypt, we need to add the null ourself.

Fixes https://github.com/vector-im/vector-web/issues/1719.

It's important that group messages be signed by the sender, rather than by a
secret derived from the shared secret.

To make sure that we don't sneakily use methods which we wouldn't be able to
for remote users, expose an interface object which contains the remote
interface.

message.length counts codepoints; we need bytes.