Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package olm for openSUSE:Factory checked in at 2022-08-03 21:16:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/olm (Old) and /work/SRC/openSUSE:Factory/.olm.new.1533 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "olm" Wed Aug 3 21:16:39 2022 rev:7 rq:992403 version:3.2.12 Changes: -------- --- /work/SRC/openSUSE:Factory/olm/olm.changes 2022-01-31 22:58:24.841140382 +0100 +++ /work/SRC/openSUSE:Factory/.olm.new.1533/olm.changes 2022-08-03 21:16:55.603478086 +0200 @@ -1,0 +2,7 @@ +Sun Jul 31 12:00:00 UTC 2022 - [email protected] + +- Update to 3.2.12 + * Expose "olm_sas_calculate_mac_fixed_base64" in python bindings + * Fix Python type hints + +------------------------------------------------------------------- Old: ---- olm-3.2.10.tar.bz2 New: ---- olm-3.2.12.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ olm.spec ++++++ --- /var/tmp/diff_new_pack.j8zVv8/_old 2022-08-03 21:16:56.095479377 +0200 +++ /var/tmp/diff_new_pack.j8zVv8/_new 2022-08-03 21:16:56.103479398 +0200 @@ -24,7 +24,7 @@ %global descriptor An implementation of the Double Ratchet cryptographic ratchet \ in C and C++, including an implementation of the Megolm cryptographic ratchet Name: %{origname} -Version: 3.2.10 +Version: 3.2.12 Release: 0 Summary: Double Ratchet cryptographic library License: Apache-2.0 ++++++ olm-3.2.10.tar.bz2 -> olm-3.2.12.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/.gitignore new/olm-3.2.12/.gitignore --- old/olm-3.2.10/.gitignore 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/.gitignore 2022-05-30 19:55:34.000000000 +0200 @@ -15,6 +15,7 @@ .ccls-cache/ /python/.eggs /python/install-temp +/result # Xcode build/ @@ -36,4 +37,7 @@ *.dSYM.zip *.dSYM Pods/ -*.xcworkspace \ No newline at end of file +*.xcworkspace + +# JetBrains tools +.idea/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/CHANGELOG.rst new/olm-3.2.12/CHANGELOG.rst --- old/olm-3.2.10/CHANGELOG.rst 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/CHANGELOG.rst 2022-05-30 19:55:34.000000000 +0200 @@ -1,5 +1,27 @@ +Changes in `3.2.12 <https://gitlab.matrix.org/matrix-org/olm/tags/3.2.12>`_ +=========================================================================== + +This release includes the following changes since 3.2.11: + +* Expose olm_sas_calculate_mac_fixed_base64 in the bindings. +* Allow memory to grow in wasm. Thanks to benkuly for the suggestion. +* Fix Python type hints. +* Some Python build fixes. +* Initial work on a Nix flake for building and testing. + +Changes in `3.2.11 <https://gitlab.matrix.org/matrix-org/olm/tags/3.2.11>`_ +=========================================================================== + +This release includes the following changes since 3.2.10: + +* Fix building documentation. Thanks to Jonas Smedegaard. The documents + written in Markdown are now converted to HTML using Pandoc. +* Add methods for getting unpublished fallback key in Objective-C binding. +* Add public pickle/unpickle methods to Java binding. +* Add wrapper for olm_session_describe to Java binding. Thanks to Alex Baker. + Changes in `3.2.10 <https://gitlab.matrix.org/matrix-org/olm/tags/3.2.10>`_ -========================================================================= +=========================================================================== This release includes no change since 3.2.9, but is created to be able to publish again the Android library on MavenCentral. @@ -113,11 +135,13 @@ This release includes the following changes since 3.1.4: * Build improvements: + * Fix CMake handling when installing in a non-standard location. Thanks to Alexey Rusakov. * Add support in the Makefile for creating a WASM-ready archive. Thanks to stoically. * Improve support for LLVM is Makefile. Thanks to caywin25 for reporting. + * Add a TypeScript definition file. * Some documentation and example fixes. * Add list of bindings to the README. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/CMakeLists.txt new/olm-3.2.12/CMakeLists.txt --- old/olm-3.2.10/CMakeLists.txt 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/CMakeLists.txt 2022-05-30 19:55:34.000000000 +0200 @@ -1,6 +1,6 @@ cmake_minimum_required(VERSION 3.4) -project(olm VERSION 3.2.10 LANGUAGES CXX C) +project(olm VERSION 3.2.12 LANGUAGES CXX C) option(OLM_TESTS "Build tests" ON) option(BUILD_SHARED_LIBS "Build as a shared library" ON) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/Makefile new/olm-3.2.12/Makefile --- old/olm-3.2.10/Makefile 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/Makefile 2022-05-30 19:55:34.000000000 +0200 @@ -5,7 +5,7 @@ PREFIX ?= /usr/local BUILD_DIR := build RELEASE_OPTIMIZE_FLAGS ?= -O3 -DEBUG_OPTIMIZE_FLAGS ?= -g -O0 +DEBUG_OPTIMIZE_FLAGS ?= -g -O0 -U_FORTIFY_SOURCE JS_OPTIMIZE_FLAGS ?= -O3 FUZZER_OPTIMIZE_FLAGS ?= -O3 CC = gcc @@ -104,7 +104,7 @@ # (This can't be changed by the app with wasm since it's baked into the wasm). # (emscripten also mandates at least 16MB of memory for asm.js now, so # we don't use this for the legacy build.) -EMCCFLAGS_WASM += -s TOTAL_STACK=65536 -s TOTAL_MEMORY=262144 +EMCCFLAGS_WASM += -s TOTAL_STACK=65536 -s TOTAL_MEMORY=262144 -s ALLOW_MEMORY_GROWTH EMCCFLAGS_ASMJS += -s WASM=0 @@ -401,6 +401,9 @@ %.html: %.rst rst2html $< $@ +%.html: %.md + pandoc --from markdown --to html5 --standalone --lua-filter gitlab-math.lua --katex -o $@ $< + ### dependencies -include $(RELEASE_OBJECTS:.o=.d) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/OLMKit.podspec new/olm-3.2.12/OLMKit.podspec --- old/olm-3.2.10/OLMKit.podspec 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/OLMKit.podspec 2022-05-30 19:55:34.000000000 +0200 @@ -3,7 +3,7 @@ # The libolm version MAJOR = 3 MINOR = 2 - PATCH = 10 + PATCH = 12 s.name = "OLMKit" s.version = "#{MAJOR}.#{MINOR}.#{PATCH}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/Package.swift new/olm-3.2.12/Package.swift --- old/olm-3.2.10/Package.swift 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/Package.swift 2022-05-30 19:55:34.000000000 +0200 @@ -2,7 +2,7 @@ import PackageDescription -let major = 3, minor = 2, patch = 10 +let major = 3, minor = 2, patch = 12 let package = Package( name: "Olm", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/README.md new/olm-3.2.12/README.md --- old/olm-3.2.10/README.md 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/README.md 2022-05-30 19:55:34.000000000 +0200 @@ -54,7 +54,7 @@ ```bash cd android -./gradlew clean assembleRelease +./gradlew clean build ``` To build the Xcode workspace for Objective-C bindings, run: @@ -65,7 +65,7 @@ open OLMKit.xcworkspace ``` -To build the Python bindings, first build olm as a shared library as above, and +To build the Python 3 bindings, first build olm as a shared library as above, and then run: ```bash @@ -73,9 +73,6 @@ make ``` -to make both the Python 2 and Python 3 bindings. To make only one version, use -``make olm-python2`` or ``make olm-python3`` instead of just ``make``. - ### Using make instead of cmake **WARNING:** Using cmake is the preferred method for building the olm library; @@ -119,6 +116,8 @@ - [nim-olm](https://codeberg.org/BarrOff/nim-olm) (MIT) Nim bindings - [olm-sys](https://gitlab.gnome.org/BrainBlasted/olm-sys) (Apache-2.0) Rust bindings +- [Trixnity](https://gitlab.com/benkuly/trixnity) (AGPLv3) Kotlin SDK for + Matrix, including Olm bindings Note that bindings may have a different license from libolm, and are *not* endorsed by the Matrix.org Foundation C.I.C. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/gradle.properties new/olm-3.2.12/android/gradle.properties --- old/olm-3.2.10/android/gradle.properties 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/gradle.properties 2022-05-30 19:55:34.000000000 +0200 @@ -26,7 +26,7 @@ # Ref: https://github.com/vanniktech/gradle-maven-publish-plugin GROUP=org.matrix.android POM_ARTIFACT_ID=olm -VERSION_NAME=3.2.10 +VERSION_NAME=3.2.12 POM_PACKAGING=aar diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmSessionTest.java new/olm-3.2.12/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmSessionTest.java --- old/olm-3.2.10/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmSessionTest.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/androidTest/java/org/matrix/olm/OlmSessionTest.java 2022-05-30 19:55:34.000000000 +0200 @@ -1011,4 +1011,75 @@ assertTrue(bobSession.isReleased()); } + @Test + public void test07AliceBobSessionDescribe() { + // creates alice & bob accounts + OlmAccount aliceAccount = null; + OlmAccount bobAccount = null; + try { + aliceAccount = new OlmAccount(); + bobAccount = new OlmAccount(); + } catch (OlmException e) { + fail(e.getMessage()); + } + + // test accounts creation + assertTrue(0 != bobAccount.getOlmAccountId()); + assertTrue(0 != aliceAccount.getOlmAccountId()); + + // CREATE ALICE SESSION + + OlmSession aliceSession = null; + try { + aliceSession = new OlmSession(); + } catch (OlmException e) { + fail("Exception Msg=" + e.getMessage()); + } + assertTrue(0 != aliceSession.getOlmSessionId()); + + // CREATE ALICE SESSION + OlmSession bobSession = null; + try { + bobSession = new OlmSession(); + } catch (OlmException e) { + e.printStackTrace(); + fail(e.getMessage()); + } + assertTrue(0 != bobSession.getOlmSessionId()); + + String aliceSessionDescribe = null; + try { + aliceSessionDescribe = aliceSession.sessionDescribe(); + } catch (Exception e) { + fail(e.getMessage()); + } + + assertNotNull(aliceSessionDescribe); + + String bobSessionDescribe = null; + try { + bobSessionDescribe = bobSession.sessionDescribe(); + } catch (Exception e) { + fail(e.getMessage()); + } + assertNotNull(bobSessionDescribe); + + // must be the same for both ends of the conversation + assertEquals(aliceSessionDescribe, bobSessionDescribe); + + assertEquals( + "sender chain index: 0 receiver chain indices: skipped message keys:", + aliceSessionDescribe + ); + + aliceAccount.releaseAccount(); + bobAccount.releaseAccount(); + assertTrue(aliceAccount.isReleased()); + assertTrue(bobAccount.isReleased()); + + bobSession.releaseSession(); + aliceSession.releaseSession(); + assertTrue(bobSession.isReleased()); + assertTrue(aliceSession.isReleased()); + } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java --- old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmException.java 2022-05-30 19:55:34.000000000 +0200 @@ -60,6 +60,7 @@ public static final int EXCEPTION_CODE_SESSION_ENCRYPT_MESSAGE = 404; public static final int EXCEPTION_CODE_SESSION_DECRYPT_MESSAGE = 405; public static final int EXCEPTION_CODE_SESSION_SESSION_IDENTIFIER = 406; + public static final int EXCEPTION_CODE_SESSION_SESSION_DESCRIBE = 407; public static final int EXCEPTION_CODE_UTILITY_CREATION = 500; public static final int EXCEPTION_CODE_UTILITY_VERIFY_SIGNATURE = 501; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java --- old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmInboundGroupSession.java 2022-05-30 19:55:34.000000000 +0200 @@ -369,4 +369,29 @@ * @return the deserialized session **/ private native long deserializeJni(byte[] aSerializedData, byte[] aKey); + + /** + * Return a pickled inbound group session as a bytes buffer.<br> + * The session is serialized and encrypted with aKey. + * In case of failure, an error human readable + * description is provide in aErrorMsg. + * @param aKey encryption key + * @param aErrorMsg error message description + * @return the pickled inbound group session as bytes buffer + */ + public byte[] pickle(byte[] aKey, StringBuffer aErrorMsg) { + return serialize(aKey, aErrorMsg); + } + + /** + * Loads an inbound group session from a pickled bytes buffer.<br> + * See {@link #serialize(byte[], StringBuffer)} + * @param aSerializedData bytes buffer + * @param aKey key used to encrypted + * @exception Exception the exception + */ + public void unpickle(byte[] aSerializedData, byte[] aKey) throws Exception { + deserialize(aSerializedData, aKey); + } + } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java --- old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmOutboundGroupSession.java 2022-05-30 19:55:34.000000000 +0200 @@ -293,4 +293,28 @@ **/ private native long deserializeJni(byte[] aSerializedData, byte[] aKey); + /** + * Return a pickled outbound group session as a bytes buffer.<br> + * The session is serialized and encrypted with aKey. + * In case of failure, an error human readable + * description is provide in aErrorMsg. + * @param aKey encryption key + * @param aErrorMsg error message description + * @return the pickled outbound group session as bytes buffer + */ + public byte[] pickle(byte[] aKey, StringBuffer aErrorMsg) { + return serialize(aKey, aErrorMsg); + } + + /** + * Loads an outbound group session from a pickled bytes buffer.<br> + * See {@link #serialize(byte[], StringBuffer)} + * @param aSerializedData bytes buffer + * @param aKey key used to encrypted + * @exception Exception the exception + */ + public void unpickle(byte[] aSerializedData, byte[] aKey) throws Exception { + deserialize(aSerializedData, aKey); + } + } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java --- old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmSAS.java 2022-05-30 19:55:34.000000000 +0200 @@ -106,6 +106,16 @@ return null; } + public String calculateMacFixedBase64(String message, String info) throws OlmException { + try { + byte[] bytes = calculateMacFixedBase64Jni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); + if (bytes != null) return new String(bytes, "UTF-8"); + } catch (UnsupportedEncodingException e) { + throw new OlmException(OlmException.EXCEPTION_CODE_SAS_ERROR, e.getMessage()); + } + return null; + } + public String calculateMacLongKdf(String message, String info) throws OlmException { try { byte[] bytes = calculateMacLongKdfJni(message.getBytes("UTF-8"), info.getBytes("UTF-8")); @@ -140,6 +150,8 @@ private native byte[] calculateMacJni(byte[] message, byte[] info); + private native byte[] calculateMacFixedBase64Jni(byte[] message, byte[] info); + private native byte[] calculateMacLongKdfJni(byte[] message, byte[] info); /** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java --- old/olm-3.2.10/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/java/org/matrix/olm/OlmSession.java 2022-05-30 19:55:34.000000000 +0200 @@ -223,6 +223,23 @@ */ private native byte[] getSessionIdentifierJni(); + public String sessionDescribe() throws OlmException { + try { + byte[] buffer = olmSessionDescribeJni(); + + if (null != buffer) { + return new String(buffer, "UTF-8"); + } + } catch (Exception e) { + Log.e(LOG_TAG, "## sessionDescribe(): " + e.getMessage()); + throw new OlmException(OlmException.EXCEPTION_CODE_SESSION_SESSION_DESCRIBE, e.getMessage()); + } + + return null; + } + + private native byte[] olmSessionDescribeJni(); + /** * Checks if the PRE_KEY({@link OlmMessage#MESSAGE_TYPE_PRE_KEY}) message is for this in-bound session.<br> * This API may be used to process a "m.room.encrypted" event when type = 1 (PRE_KEY). @@ -448,5 +465,30 @@ * @return the deserialized session **/ private native long deserializeJni(byte[] aSerializedData, byte[] aKey); + + /** + * Return a pickled session as a bytes buffer.<br> + * The session is serialized and encrypted with aKey. + * In case of failure, an error human readable + * description is provide in aErrorMsg. + * @param aKey encryption key + * @param aErrorMsg error message description + * @return the pickled session as bytes buffer + */ + public byte[] pickle(byte[] aKey, StringBuffer aErrorMsg) { + return serialize(aKey, aErrorMsg); + } + + /** + * Loads a session from a pickled bytes buffer.<br> + * See {@link #serialize(byte[], StringBuffer)} + * @param aSerializedData bytes buffer + * @param aKey key used to encrypted + * @exception Exception the exception + */ + public void unpickle(byte[] aSerializedData, byte[] aKey) throws Exception { + deserialize(aSerializedData, aKey); + } + } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_sas.cpp new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_sas.cpp --- old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_sas.cpp 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_sas.cpp 2022-05-30 19:55:34.000000000 +0200 @@ -309,6 +309,86 @@ return returnValue; } +JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(calculateMacFixedBase64Jni)(JNIEnv *env, jobject thiz,jbyteArray messageBuffer,jbyteArray infoBuffer) { + LOGD("## calculateMacFixedBase64Jni(): IN"); + const char* errorMessage = NULL; + jbyteArray returnValue = 0; + OlmSAS* sasPtr = getOlmSasInstanceId(env, thiz); + + jbyte *messagePtr = NULL; + jboolean messageWasCopied = JNI_FALSE; + + jbyte *infoPtr = NULL; + jboolean infoWasCopied = JNI_FALSE; + + if (!sasPtr) + { + LOGE("## calculateMacFixedBase64Jni(): failure - invalid SAS ptr=NULL"); + errorMessage = "invalid SAS ptr=NULL"; + } else if(!messageBuffer) { + LOGE("## calculateMacFixedBase64Jni(): failure - invalid message"); + errorMessage = "invalid info"; + } + else if (!(messagePtr = env->GetByteArrayElements(messageBuffer, &messageWasCopied))) + { + LOGE(" ## calculateMacFixedBase64Jni(): failure - message JNI allocation OOM"); + errorMessage = "message JNI allocation OOM"; + } + else if (!(infoPtr = env->GetByteArrayElements(infoBuffer, &infoWasCopied))) + { + LOGE(" ## calculateMacFixedBase64Jni(): failure - info JNI allocation OOM"); + errorMessage = "info JNI allocation OOM"; + } else { + + size_t infoLength = (size_t)env->GetArrayLength(infoBuffer); + size_t messageLength = (size_t)env->GetArrayLength(messageBuffer); + size_t macLength = olm_sas_mac_length(sasPtr); + + void *macPtr = malloc(macLength*sizeof(uint8_t)); + + size_t result = olm_sas_calculate_mac_fixed_base64(sasPtr,messagePtr,messageLength,infoPtr,infoLength,macPtr,macLength); + if (result == olm_error()) + { + errorMessage = (const char *)olm_sas_last_error(sasPtr); + LOGE("## calculateMacFixedBase64Jni(): failure - error calculating SAS mac Msg=%s", errorMessage); + } + else + { + returnValue = env->NewByteArray(macLength); + env->SetByteArrayRegion(returnValue, 0 , macLength, (jbyte*)macPtr); + } + + if (macPtr) { + free(macPtr); + } + } + + // free alloc + if (infoPtr) + { + if (infoWasCopied) + { + memset(infoPtr, 0, (size_t)env->GetArrayLength(infoBuffer)); + } + env->ReleaseByteArrayElements(infoBuffer, infoPtr, JNI_ABORT); + } + if (messagePtr) + { + if (messageWasCopied) + { + memset(messagePtr, 0, (size_t)env->GetArrayLength(messageBuffer)); + } + env->ReleaseByteArrayElements(messageBuffer, messagePtr, JNI_ABORT); + } + + if (errorMessage) + { + env->ThrowNew(env->FindClass("java/lang/Exception"), errorMessage); + } + + return returnValue; +} + JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(calculateMacLongKdfJni)(JNIEnv *env, jobject thiz,jbyteArray messageBuffer,jbyteArray infoBuffer) { LOGD("## calculateMacLongKdfJni(): IN"); const char* errorMessage = NULL; @@ -387,4 +467,4 @@ } return returnValue; -} \ No newline at end of file +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_sas.h new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_sas.h --- old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_sas.h 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_sas.h 2022-05-30 19:55:34.000000000 +0200 @@ -32,6 +32,7 @@ JNIEXPORT void OLM_SAS_FUNC_DEF(setTheirPubKey)(JNIEnv *env, jobject thiz,jbyteArray pubKey); JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(generateShortCodeJni)(JNIEnv *env, jobject thiz, jbyteArray infoStringBytes, jint byteNb); JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(calculateMacJni)(JNIEnv *env, jobject thiz, jbyteArray messageBuffer, jbyteArray infoBuffer); +JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(calculateMacFixedBase64Jni)(JNIEnv *env, jobject thiz, jbyteArray messageBuffer, jbyteArray infoBuffer); JNIEXPORT jbyteArray OLM_SAS_FUNC_DEF(calculateMacLongKdfJni)(JNIEnv *env, jobject thiz, jbyteArray messageBuffer, jbyteArray infoBuffer); #ifdef __cplusplus diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_session.cpp new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_session.cpp --- old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_session.cpp 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_session.cpp 2022-05-30 19:55:34.000000000 +0200 @@ -798,6 +798,58 @@ return returnValue; } +JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(olmSessionDescribeJni(JNIEnv *env, jobject thiz)) +{ + const char* errorMessage = NULL; + jbyteArray returnValue = 0; + + LOGD("## olmSessionDescribeJni(): IN "); + + OlmSession *sessionPtr = getSessionInstanceId(env, thiz); + + if (!sessionPtr) + { + LOGE("## olmSessionDescribeJni(): failure - invalid Session ptr=NULL"); + errorMessage = "invalid Session ptr=NULL"; + } + else + { + int maxLength = 600; + char* describePtr = NULL; + describePtr = (char*) malloc(maxLength * sizeof *describePtr); + if (!describePtr) + { + LOGE("## olmSessionDescribeJni(): failure - describe allocation OOM"); + errorMessage = "describe allocation OOM"; + } + else + { + olm_session_describe(sessionPtr, describePtr, maxLength); + int length = strlen(describePtr); + if (length == 0) + { + LOGE("## olmSessionDescribeJni(): failure - get session describe"); + } + else + { + LOGD("## olmSessionDescribeJni(): success - describe=%.*s", (char*)describePtr); + + returnValue = env->NewByteArray(length); + env->SetByteArrayRegion(returnValue, 0, length, (jbyte*)describePtr); + } + + free(describePtr); + } + } + + if (errorMessage) + { + env->ThrowNew(env->FindClass("java/lang/Exception"), errorMessage); + } + + return returnValue; +} + /** * Serialize and encrypt session instance.<br> * An exception is thrown if the operation fails. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_session.h new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_session.h --- old/olm-3.2.10/android/olm-sdk/src/main/jni/olm_session.h 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/android/olm-sdk/src/main/jni/olm_session.h 2022-05-30 19:55:34.000000000 +0200 @@ -47,6 +47,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(decryptMessageJni)(JNIEnv *env, jobject thiz, jobject aEncryptedMsg); JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(getSessionIdentifierJni)(JNIEnv *env, jobject thiz); +JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(olmSessionDescribeJni)(JNIEnv *env, jobject thiz); // serialization JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thiz, jbyteArray aKey); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/common.mk new/olm-3.2.12/common.mk --- old/olm-3.2.10/common.mk 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/common.mk 2022-05-30 19:55:34.000000000 +0200 @@ -1,4 +1,4 @@ MAJOR := 3 MINOR := 2 -PATCH := 10 +PATCH := 12 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/docs/megolm.md new/olm-3.2.12/docs/megolm.md --- old/olm-3.2.10/docs/megolm.md 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/docs/megolm.md 2022-05-30 19:55:34.000000000 +0200 @@ -109,7 +109,7 @@ ### Sharing session data To allow other participants in the conversation to decrypt messages, the -session data is formatted as described in [Session-sharing format](#Session-sharing-format). It is then +session data is formatted as described in [Session-sharing format](#session-sharing-format). It is then shared with other participants in the conversation via a secure peer-to-peer channel (such as that provided by [Olm][]). @@ -182,9 +182,13 @@ ## Data exchange formats -### Session-sharing format +### Session sharing format -The Megolm key-sharing format is as follows: +This format is used for the initial sharing of a Megolm session with other +group participants who need to be able to read messages encrypted by this +session. + +The session sharing format is as follows: ``` +---+----+--------+--------+--------+--------+------+-----------+ @@ -202,6 +206,33 @@ The data is then signed using the Ed25519 keypair, and the 64-byte signature is appended. +### Session export format + +Once the session is initially shared with the group participants, each +participant needs to retain a copy of the session if they want to maintain +their ability to decrypt messages encrypted with that session. + +For forward-secrecy purposes, a participant may choose to store a ratcheted +version of the session. But since the ratchet index is covered by the +signature, this would invalidate the signature. So we define a similar format, +called the *session export format*, which is identical to the [session sharing +format](#session-sharing-format) except for dropping the signature. + +The Megolm session export format is thus as follows: + +``` ++---+----+--------+--------+--------+--------+------+ +| V | i | R(i,0) | R(i,1) | R(i,2) | R(i,3) | Kpub | ++---+----+--------+--------+--------+--------+------+ +0 1 5 37 69 101 133 165 bytes +``` + +The version byte, ``V``, is ``"\x02"``. + +This is followed by the ratchet index, $`i`$, which is encoded as a +big-endian 32-bit integer; the ratchet values $`R_{i,j}`$; and the public +part of the Ed25519 keypair $`K`$. + ### Message format Megolm messages consist of a one byte version, followed by a variable length diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/flake.lock new/olm-3.2.12/flake.lock --- old/olm-3.2.10/flake.lock 1970-01-01 01:00:00.000000000 +0100 +++ new/olm-3.2.12/flake.lock 2022-05-30 19:55:34.000000000 +0200 @@ -0,0 +1,60 @@ +{ + "nodes": { + "flake-utils": { + "locked": { + "lastModified": 1649676176, + "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1652172129, + "narHash": "sha256-8e2JMrswaKe02P8rYfvIMoc59pNuw6h/GYu8DBE1c+0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f419dc5763c2b3c5580e396dea065b6d8b58ee27", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "npmlock2nix": { + "flake": false, + "locked": { + "lastModified": 1648735462, + "narHash": "sha256-G22WBttdFoWp7E/YvGfePOc+W+ZsQGw+IwpFbAwJNeI=", + "owner": "nix-community", + "repo": "npmlock2nix", + "rev": "dd2897c3a6e404446704a63f40b9a29fa0acf752", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "npmlock2nix", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "npmlock2nix": "npmlock2nix" + } + } + }, + "root": "root", + "version": 7 +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/flake.nix new/olm-3.2.12/flake.nix --- old/olm-3.2.10/flake.nix 1970-01-01 01:00:00.000000000 +0100 +++ new/olm-3.2.12/flake.nix 2022-05-30 19:55:34.000000000 +0200 @@ -0,0 +1,136 @@ +{ + description = "An implementation of the Double Ratchet cryptographic ratchet"; + + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + # We can't use the current stable release because of + # https://github.com/emscripten-core/emscripten/issues/14995 + inputs.flake-utils.url = "github:numtide/flake-utils"; + inputs.npmlock2nix = { + url = "github:nix-community/npmlock2nix"; + flake = false; + }; + + outputs = { self, nixpkgs, flake-utils, npmlock2nix }: + ( + # some systems cause issues, e.g. i686-linux is unsupported by gradle, + # which causes "nix flake check" to fail. Investigate more later, but for + # now, we will just allow x86_64-linux + flake-utils.lib.eachSystem [ "x86_64-linux" ] (system: + let + pkgs = import nixpkgs { + inherit system; + overlays = [ + (final: prev: { + npmlock2nix = final.callPackage npmlock2nix {}; + }) + ]; + }; + node_modules = pkgs.npmlock2nix.node_modules { src = ./javascript; }; + in + rec { + checks.gcc-cmake = pkgs.gccStdenv.mkDerivation { + name = "olm"; + + buildInputs = [ pkgs.cmake ]; + + src = ./.; + + buildPhase = '' + cmake . -Bbuild + cmake --build build + ''; + + doCheck = true; + checkPhase = '' + cd build/tests + ctest . + cd ../.. + ''; + }; + + checks.clang-cmake = pkgs.clangStdenv.mkDerivation { + name = "olm"; + + buildInputs = [ pkgs.cmake ]; + + src = ./.; + + buildPhase = '' + cmake . -Bbuild + cmake --build build + ''; + + doCheck = true; + checkPhase = '' + cd build/tests + ctest . + cd ../.. + ''; + }; + + checks.gcc-make = pkgs.gccStdenv.mkDerivation { + name = "olm"; + + src = ./.; + + buildPhase = '' + make + ''; + + doCheck = true; + checkPhase = '' + make test + ''; + + installPhase = '' + make install PREFIX=$out + ''; + }; + + packages.javascript = pkgs.buildEmscriptenPackage { + pname = "olm"; + inherit (builtins.fromJSON (builtins.readFile ./javascript/package.json)) version; + + buildInputs = with pkgs; [ gnumake python3 nodejs ]; + + src = ./.; + + postPatch = '' + patchShebangs . + ''; + + configurePhase = ""; + + buildPhase = '' + export EM_CACHE=$TMPDIR + make javascript/exported_functions.json + make js + ''; + + output = [ "out" ]; + + installPhase = '' + mkdir -p $out/javascript + cd javascript + echo sha256: > checksums.txt + sha256sum olm.js olm_legacy.js olm.wasm >> checksums.txt + echo sha512: >> checksums.txt + sha512sum olm.js olm_legacy.js olm.wasm >> checksums.txt + cp package.json olm.js olm.wasm olm_legacy.js index.d.ts README.md checksums.txt $out/javascript + cd .. + ''; + + checkPhase = '' + cd javascript + export HOME=$TMPDIR + ln -s ${node_modules}/node_modules ./node_modules + npm test + cd .. + ''; + }; + + packages.default = packages.javascript; + } + ) + ); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/gitlab-math.lua new/olm-3.2.12/gitlab-math.lua --- old/olm-3.2.10/gitlab-math.lua 1970-01-01 01:00:00.000000000 +0100 +++ new/olm-3.2.12/gitlab-math.lua 2022-05-30 19:55:34.000000000 +0200 @@ -0,0 +1,17 @@ +function Math(el) + if el.mathtype == "InlineMath" then + if el.text:sub(1,1) == '`' and el.text:sub(#el.text) == '`' then + local text = el.text:sub(2,#el.text-1) + return pandoc.Math(el.mathtype, text) + else + local cont = pandoc.read(el.text) + return { pandoc.Str("$") } .. cont.blocks[1].content .. { pandoc.Str("$") } + end + end +end + +function CodeBlock(el) + if el.classes[1] == "math" then + return pandoc.Para({ pandoc.Math("DisplayMath", el.text) }) + end +end \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/javascript/index.d.ts new/olm-3.2.12/javascript/index.d.ts --- old/olm-3.2.10/javascript/index.d.ts 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/javascript/index.d.ts 2022-05-30 19:55:34.000000000 +0200 @@ -121,6 +121,7 @@ set_their_key(their_key: string): void; generate_bytes(info: string, length: number): Uint8Array; calculate_mac(input: string, info: string): string; + calculate_mac_fixed_base64(input: string, info: string): string; calculate_mac_long_kdf(input: string, info: string): string; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/javascript/olm_sas.js new/olm-3.2.12/javascript/olm_sas.js --- old/olm-3.2.10/javascript/olm_sas.js 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/javascript/olm_sas.js 2022-05-30 19:55:34.000000000 +0200 @@ -82,6 +82,22 @@ return UTF8ToString(mac_buffer, mac_length); }); +SAS.prototype['calculate_mac_fixed_base64'] = restore_stack(function(input, info) { + var input_array = array_from_string(input); + var input_buffer = stack(input_array); + var info_array = array_from_string(info); + var info_buffer = stack(info_array); + var mac_length = sas_method(Module['_olm_sas_mac_length'])(this.ptr); + var mac_buffer = stack(mac_length + NULL_BYTE_PADDING_LENGTH); + sas_method(Module['_olm_sas_calculate_mac_fixed_base64'])( + this.ptr, + input_buffer, input_array.length, + info_buffer, info_array.length, + mac_buffer, mac_length + ); + return UTF8ToString(mac_buffer, mac_length); +}); + SAS.prototype['calculate_mac_long_kdf'] = restore_stack(function(input, info) { var input_array = array_from_string(input); var input_buffer = stack(input_array); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/javascript/package-lock.json new/olm-3.2.12/javascript/package-lock.json --- old/olm-3.2.10/javascript/package-lock.json 1970-01-01 01:00:00.000000000 +0100 +++ new/olm-3.2.12/javascript/package-lock.json 2022-05-30 19:55:34.000000000 +0200 @@ -0,0 +1,241 @@ +{ + "name": "@matrix-org/olm", + "version": "3.2.11", + "lockfileVersion": 2, + "requires": true, + "packages": { + "": { + "name": "@matrix-org/olm", + "version": "3.2.11", + "license": "Apache-2.0", + "devDependencies": { + "jasmine": "^3.0.0" + } + }, + "node_modules/balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz";, + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true + }, + "node_modules/brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz";, + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "dependencies": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "node_modules/concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz";, + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "node_modules/fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz";, + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "node_modules/glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz";, + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "dev": true, + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + }, + "engines": { + "node": "*" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs"; + } + }, + "node_modules/inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz";, + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "dependencies": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "node_modules/inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz";, + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "node_modules/jasmine": { + "version": "3.99.0", + "resolved": "https://registry.npmjs.org/jasmine/-/jasmine-3.99.0.tgz";, + "integrity": "sha512-YIThBuHzaIIcjxeuLmPD40SjxkEcc8i//sGMDKCgkRMVgIwRJf5qyExtlJpQeh7pkeoBSOe6lQEdg+/9uKg9mw==", + "dev": true, + "dependencies": { + "glob": "^7.1.6", + "jasmine-core": "~3.99.0" + }, + "bin": { + "jasmine": "bin/jasmine.js" + } + }, + "node_modules/jasmine-core": { + "version": "3.99.1", + "resolved": "https://registry.npmjs.org/jasmine-core/-/jasmine-core-3.99.1.tgz";, + "integrity": "sha512-Hu1dmuoGcZ7AfyynN3LsfruwMbxMALMka+YtZeGoLuDEySVmVAPaonkNoBRIw/ectu8b9tVQCJNgp4a4knp+tg==", + "dev": true + }, + "node_modules/minimatch": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz";, + "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "dev": true, + "dependencies": { + "brace-expansion": "^1.1.7" + }, + "engines": { + "node": "*" + } + }, + "node_modules/once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz";, + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "dependencies": { + "wrappy": "1" + } + }, + "node_modules/path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz";, + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz";, + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + } + }, + "dependencies": { + "balanced-match": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz";, + "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", + "dev": true + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz";, + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz";, + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz";, + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "glob": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.0.tgz";, + "integrity": "sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz";, + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz";, + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "jasmine": { + "version": "3.99.0", + "resolved": "https://registry.npmjs.org/jasmine/-/jasmine-3.99.0.tgz";, + "integrity": "sha512-YIThBuHzaIIcjxeuLmPD40SjxkEcc8i//sGMDKCgkRMVgIwRJf5qyExtlJpQeh7pkeoBSOe6lQEdg+/9uKg9mw==", + "dev": true, + "requires": { + "glob": "^7.1.6", + "jasmine-core": "~3.99.0" + } + }, + "jasmine-core": { + "version": "3.99.1", + "resolved": "https://registry.npmjs.org/jasmine-core/-/jasmine-core-3.99.1.tgz";, + "integrity": "sha512-Hu1dmuoGcZ7AfyynN3LsfruwMbxMALMka+YtZeGoLuDEySVmVAPaonkNoBRIw/ectu8b9tVQCJNgp4a4knp+tg==", + "dev": true + }, + "minimatch": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz";, + "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz";, + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz";, + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz";, + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + } + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/javascript/package.json new/olm-3.2.12/javascript/package.json --- old/olm-3.2.10/javascript/package.json 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/javascript/package.json 2022-05-30 19:55:34.000000000 +0200 @@ -1,6 +1,6 @@ { "name": "@matrix-org/olm", - "version": "3.2.10", + "version": "3.2.12", "description": "An implementation of the Double Ratchet cryptographic ratchet", "main": "olm.js", "files": [ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/python/Makefile new/olm-3.2.12/python/Makefile --- old/olm-3.2.10/python/Makefile 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/python/Makefile 2022-05-30 19:55:34.000000000 +0200 @@ -20,6 +20,9 @@ headers: include/olm/olm.h include/olm/pk.h include/olm/sas.h include/olm/error.h +olm-python3: headers + DEVELOP=$(DEVELOP) python3 setup.py build + install: install-python3 install-python3: olm-python3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/python/olm/__version__.py new/olm-3.2.12/python/olm/__version__.py --- old/olm-3.2.10/python/olm/__version__.py 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/python/olm/__version__.py 2022-05-30 19:55:34.000000000 +0200 @@ -2,7 +2,7 @@ __description__ = ("python CFFI bindings for the olm " "cryptographic ratchet library") __url__ = "https://github.com/poljar/python-olm"; -__version__ = "3.2.10" +__version__ = "3.2.12" __author__ = "Damir Jeli??" __author_email__ = "[email protected]" __license__ = "Apache 2.0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/python/olm/pk.py new/olm-3.2.12/python/olm/pk.py --- old/olm-3.2.10/python/olm/pk.py 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/python/olm/pk.py 2022-05-30 19:55:34.000000000 +0200 @@ -217,7 +217,7 @@ random_buffer, random_length ) self._check_error(ret) - self.public_key = bytes_to_native_str(ffi.unpack( + self.public_key: str = bytes_to_native_str(ffi.unpack( key_buffer, key_length )) @@ -267,7 +267,7 @@ @classmethod def from_pickle(cls, pickle, passphrase=""): - # types: (bytes, str) -> PkDecryption + # type: (bytes, str) -> PkDecryption """Restore a previously stored PkDecryption object. Creates a PkDecryption object from a pickled base64 string. Decrypts @@ -314,7 +314,7 @@ return obj def decrypt(self, message, unicode_errors="replace"): - # type (PkMessage, str) -> str + # type: (PkMessage, str) -> str """Decrypt a previously encrypted Pk message. Returns the decrypted plaintext. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/python/olm/sas.py new/olm-3.2.12/python/olm/sas.py --- old/olm-3.2.10/python/olm/sas.py 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/python/olm/sas.py 2022-05-30 19:55:34.000000000 +0200 @@ -210,6 +210,40 @@ ) return bytes_to_native_str(ffi.unpack(mac_buffer, mac_length)) + def calculate_mac_fixed_base64(self, message, extra_info): + # type: (str, str) -> str + """Generate a message authentication code based on the shared secret. + + This function uses a fixed base64 encoding that is compatible with + other base64 implementations. + + Args: + message (str): The message to produce the authentication code for. + extra_info (str): Extra information to mix in when generating the + MAC + + Raises OlmSasError on failure. + + """ + byte_message = to_bytes(message) + byte_info = to_bytes(extra_info) + + mac_length = lib.olm_sas_mac_length(self._sas) + mac_buffer = ffi.new("char[]", mac_length) + + self._check_error( + lib.olm_sas_calculate_mac_fixed_base64( + self._sas, + ffi.from_buffer(byte_message), + len(byte_message), + ffi.from_buffer(byte_info), + len(byte_info), + mac_buffer, + mac_length + ) + ) + return bytes_to_native_str(ffi.unpack(mac_buffer, mac_length)) + def calculate_mac_long_kdf(self, message, extra_info): # type: (str, str) -> str """Generate a message authentication code based on the shared secret. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/python/olm_build.py new/olm-3.2.12/python/olm_build.py --- old/olm-3.2.10/python/olm_build.py 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/python/olm_build.py 2022-05-30 19:55:34.000000000 +0200 @@ -33,6 +33,13 @@ if DEVELOP and DEVELOP.lower() in ["yes", "true", "1"]: link_args.append('-Wl,-rpath=../build') +# If libolm is compiled statically, we may need to link to the C++ standard +# library dynamically. This flag allows passing the required linker flag to do +# so. +CXX_LIB = os.environ.get("CXX_LIB") +if CXX_LIB: + link_args.append(CXX_LIB) + headers_build = subprocess.Popen("make headers", shell=True) headers_build.wait() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/xcode/OLMKit/OLMAccount.h new/olm-3.2.12/xcode/OLMKit/OLMAccount.h --- old/olm-3.2.10/xcode/OLMKit/OLMAccount.h 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/xcode/OLMKit/OLMAccount.h 2022-05-30 19:55:34.000000000 +0200 @@ -35,14 +35,27 @@ /** Public parts of the unpublished one time keys for the account */ - (NSDictionary*) oneTimeKeys; -/** Public part of the unpublished fallback key for the account */ +/** + * Deprecated use unPublishedFallbackKey + */ - (NSDictionary*) fallbackKey; +/** + Public part of the unpublished fallback key for the account, if present and unublished. + */ +- (NSDictionary*) unpublishedFallbackKey; + - (BOOL) removeOneTimeKeysForSession:(OLMSession*)session; /** Marks the current set of one time keys as being published. */ - (void) markOneTimeKeysAsPublished; +/** Forget about the old fallback key. + * This should be called once you are reasonably certain that you will not + * receive any more messages that use the old fallback key + */ +- (void) forgetFallbackKey; + /** The largest number of one time keys this account can store. */ - (NSUInteger) maxOneTimeKeys; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/xcode/OLMKit/OLMAccount.m new/olm-3.2.12/xcode/OLMKit/OLMAccount.m --- old/olm-3.2.10/xcode/OLMKit/OLMAccount.m 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/xcode/OLMKit/OLMAccount.m 2022-05-30 19:55:34.000000000 +0200 @@ -179,6 +179,33 @@ return keyDictionary; } +- (NSDictionary *) unpublishedFallbackKey { + size_t fallbackKeyLength = olm_account_unpublished_fallback_key_length(_account); + uint8_t *fallbackKeyBytes = malloc(fallbackKeyLength); + if (!fallbackKeyBytes) { + return nil; + } + + size_t result = olm_account_unpublished_fallback_key(_account, fallbackKeyBytes, fallbackKeyLength); + if (result == olm_error()) { + const char *error = olm_account_last_error(_account); + NSLog(@"error getting unpublished fallback key: %s", error); + free(fallbackKeyBytes); + return nil; + } + NSData *fallbackKeyData = [NSData dataWithBytesNoCopy:fallbackKeyBytes length:fallbackKeyLength freeWhenDone:YES]; + NSError *error = nil; + NSDictionary *keyDictionary = [NSJSONSerialization JSONObjectWithData:fallbackKeyData options:0 error:&error]; + if (error) { + NSLog(@"Could not decode JSON for unpublished fallback: %@", error.localizedDescription); + } + return keyDictionary; +} + +- (void) forgetFallbackKey { + olm_account_forget_old_fallback_key(self.account); +} + - (void) generateFallbackKey { size_t randomLength = olm_account_generate_fallback_key_random_length(_account); NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/xcode/OLMKit/OLMSAS.h new/olm-3.2.12/xcode/OLMKit/OLMSAS.h --- old/olm-3.2.10/xcode/OLMKit/OLMSAS.h 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/xcode/OLMKit/OLMSAS.h 2022-05-30 19:55:34.000000000 +0200 @@ -56,6 +56,17 @@ /** Generate a message authentication code (MAC) based on the shared secret. + This version is compatible with other base64 implementations. + + @param input the message to produce the authentication code for. + @param info extra information to mix in when generating the MAC, as per the Matrix spec. + @param error the error if any. + @return the MAC. + */ +- (NSString *)calculateMacFixedBase64:(NSString*)input info:(NSString*)info error:(NSError* _Nullable *)error; + +/** + Generate a message authentication code (MAC) based on the shared secret. For compatibility with an old version of olm.js. @param input the message to produce the authentication code for. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/xcode/OLMKit/OLMSAS.m new/olm-3.2.12/xcode/OLMKit/OLMSAS.m --- old/olm-3.2.10/xcode/OLMKit/OLMSAS.m 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/xcode/OLMKit/OLMSAS.m 2022-05-30 19:55:34.000000000 +0200 @@ -137,6 +137,40 @@ return mac; } +- (NSString *)calculateMacFixedBase64:(NSString *)input info:(NSString *)info error:(NSError *__autoreleasing _Nullable *)error { + NSMutableData *inputData = [input dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; + NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding]; + + size_t macLength = olm_sas_mac_length(olmSAS); + NSMutableData *macData = [NSMutableData dataWithLength:macLength]; + if (!macData) { + return nil; + } + + size_t result = olm_sas_calculate_mac_fixed_base64(olmSAS, + inputData.mutableBytes, inputData.length, + infoData.bytes, infoData.length, + macData.mutableBytes, macLength); + if (result == olm_error()) { + const char *olm_error = olm_sas_last_error(olmSAS); + NSLog(@"[OLMSAS] calculateMac: olm_sas_calculate_mac error: %s", olm_error); + + NSString *errorString = [NSString stringWithUTF8String:olm_error]; + if (error && olm_error && errorString) { + *error = [NSError errorWithDomain:OLMErrorDomain + code:0 + userInfo:@{ + NSLocalizedDescriptionKey: errorString, + NSLocalizedFailureReasonErrorKey: [NSString stringWithFormat:@"olm_sas_calculate_mac error: %@", errorString] + }]; + } + return nil; + } + + NSString *mac = [[NSString alloc] initWithData:macData encoding:NSUTF8StringEncoding]; + return mac; +} + - (NSString *)calculateMacLongKdf:(NSString *)input info:(NSString *)info error:(NSError *__autoreleasing _Nullable *)error { NSMutableData *inputData = [input dataUsingEncoding:NSUTF8StringEncoding].mutableCopy; NSData *infoData = [info dataUsingEncoding:NSUTF8StringEncoding]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/olm-3.2.10/xcode/OLMKitTests/OLMKitTests.m new/olm-3.2.12/xcode/OLMKitTests/OLMKitTests.m --- old/olm-3.2.10/xcode/OLMKitTests/OLMKitTests.m 2022-01-10 11:00:49.000000000 +0100 +++ new/olm-3.2.12/xcode/OLMKitTests/OLMKitTests.m 2022-05-30 19:55:34.000000000 +0200 @@ -36,7 +36,27 @@ OLMAccount *bob = [[OLMAccount alloc] initNewAccount]; [bob generateFallbackKey]; - [self _testAliceAndBob:bob withBobKeys:bob.fallbackKey]; + [self _testAliceAndBob:bob withBobKeys:bob.unpublishedFallbackKey]; + +} + +- (void)testMarkAsPublishedFallbackKey { + OLMAccount *bob = [[OLMAccount alloc] initNewAccount]; + [bob generateFallbackKey]; + + + NSDictionary *unpublished = bob.unpublishedFallbackKey; + __block NSString *bobKeyValue = ((NSDictionary *) unpublished[@"curve25519"]).allValues.lastObject; + + XCTAssertNotNil(bobKeyValue); + + [bob markOneTimeKeysAsPublished]; + + NSDictionary *unpublishedAfter = bob.unpublishedFallbackKey; + + __block NSString *bobKeyValueAfter = ((NSDictionary *) unpublishedAfter[@"curve25519"]).allValues.lastObject; + + XCTAssertNil(bobKeyValueAfter); } - (void)_testAliceAndBob:(OLMAccount *)bob withBobKeys:(NSDictionary *)bobKeys { @@ -89,7 +109,7 @@ OLMAccount *bob = [[OLMAccount alloc] initNewAccount]; [bob generateFallbackKey]; - [self _testBackAndForthWithBob:bob andBobKeys:bob.fallbackKey]; + [self _testBackAndForthWithBob:bob andBobKeys:bob.unpublishedFallbackKey]; } - (void)_testBackAndForthWithBob:(OLMAccount *)bob andBobKeys:(NSDictionary *)bobKeys { @@ -140,7 +160,7 @@ [bob generateFallbackKey]; NSDictionary *bobIdKeys = bob.identityKeys; NSDictionary *bobOneTimeKeys = bob.oneTimeKeys; - NSDictionary *bobFallbackKey = bob.fallbackKey; + NSDictionary *bobFallbackKey = bob.unpublishedFallbackKey; NSError *error; NSData *bobData = [NSKeyedArchiver archivedDataWithRootObject:bob requiringSecureCoding:NO error:&error]; @@ -151,7 +171,7 @@ NSDictionary *bobIdKeys2 = bob2.identityKeys; NSDictionary *bobOneTimeKeys2 = bob2.oneTimeKeys; - NSDictionary *bobFallbackKey2 = bob2.fallbackKey; + NSDictionary *bobFallbackKey2 = bob2.unpublishedFallbackKey; XCTAssertEqualObjects(bobIdKeys, bobIdKeys2); XCTAssertEqualObjects(bobOneTimeKeys, bobOneTimeKeys2); @@ -169,7 +189,7 @@ OLMAccount *bob = [[OLMAccount alloc] initNewAccount]; [bob generateFallbackKey]; - [self _testSessionSerializationWithBob:bob bobKeys:bob.fallbackKey]; + [self _testSessionSerializationWithBob:bob bobKeys:bob.unpublishedFallbackKey]; } - (void)_testSessionSerializationWithBob:(OLMAccount *)bob bobKeys:(NSDictionary *)bobKeys {
