From a9987b1bc7f789f3063c06ed23e1f51024341463 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 21 Jan 2021 19:16:31 +0100 Subject: Move tests --- autotests/CMakeLists.txt | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 autotests/CMakeLists.txt (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt new file mode 100644 index 00000000..abfcb49a --- /dev/null +++ b/autotests/CMakeLists.txt @@ -0,0 +1,14 @@ +# SPDX-FileCopyrightText: 2021 Carl Schwan +# +# SPDX-License-Identifier: BSD-3-Clause + +include(CMakeParseArguments) + +function(QUOTIENT_ADD_TEST) + cmake_parse_arguments(ARG "" "NAME" "" ${ARGN}) + add_executable(${ARG_NAME} ${ARG_NAME}.cpp) + target_link_libraries(${ARG_NAME} Qt5::Core Qt5::Test Quotient) + add_test(NAME ${ARG_NAME} COMMAND ${ARG_NAME}) +endfunction() + +quotient_add_test(callcandidateseventtest.cpp NAME callcandidateseventtest) -- cgit v1.2.3 From ba9c361b6ee18401fcd9a79175f56758a11d7f7d Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 21 Jan 2021 19:21:00 +0100 Subject: fix build --- autotests/CMakeLists.txt | 2 +- autotests/callcandidateseventtest.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index abfcb49a..07f1f046 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -11,4 +11,4 @@ function(QUOTIENT_ADD_TEST) add_test(NAME ${ARG_NAME} COMMAND ${ARG_NAME}) endfunction() -quotient_add_test(callcandidateseventtest.cpp NAME callcandidateseventtest) +quotient_add_test(NAME callcandidateseventtest) diff --git a/autotests/callcandidateseventtest.cpp b/autotests/callcandidateseventtest.cpp index ca908db3..f103e4d3 100644 --- a/autotests/callcandidateseventtest.cpp +++ b/autotests/callcandidateseventtest.cpp @@ -29,7 +29,7 @@ void TestCallCandidatesEvent::fromJson() QVERIFY(document.isObject()); - auto object = documemt.object(); + auto object = document.object(); Quotient::CallCandidatesEvent callCandidatesEvent(object); -- cgit v1.2.3 From dcbb2cfd0e238f788105d7d249f8aac6ad0823e4 Mon Sep 17 00:00:00 2001 From: Alexey Rusakov Date: Fri, 11 Jun 2021 17:46:58 +0200 Subject: CMakeLists: require at least Qt 5.12; add Qt 6 support --- CMakeLists.txt | 23 +++++++++++++++++++---- autotests/CMakeLists.txt | 2 +- quotest/CMakeLists.txt | 2 +- 3 files changed, 21 insertions(+), 6 deletions(-) (limited to 'autotests/CMakeLists.txt') diff --git a/CMakeLists.txt b/CMakeLists.txt index 39b1b03a..9b53a53a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -72,9 +72,21 @@ message(STATUS " Header files will be installed to ${CMAKE_INSTALL_PREFIX}/${${ # Instruct CMake to run moc automatically when needed. set(CMAKE_AUTOMOC ON) -find_package(Qt5 5.9 REQUIRED Core Network Gui Multimedia Test) -get_filename_component(Qt5_Prefix "${Qt5_DIR}/../../../.." ABSOLUTE) -message(STATUS "Using Qt ${Qt5_VERSION} at ${Qt5_Prefix}") +option(BUILD_WITH_QT6 "Build Quotient with Qt 6" OFF) + +if (NOT BUILD_WITH_QT6) + # Use Qt5 by default + find_package(Qt5 5.12 QUIET COMPONENTS Core) +endif() +if (NOT Qt5Core_FOUND OR BUILD_WITH_Qt6) + find_package(Qt6 6.2 REQUIRED Core Network Gui Test) # TODO: Multimedia + set(Qt Qt6) +else() + find_package(Qt5 5.12 REQUIRED Core Network Gui Multimedia Test) + set(Qt Qt5) +endif() +get_filename_component($Qt_Prefix "${${Qt}_DIR}/../../../.." ABSOLUTE) +message(STATUS "Using Qt ${${Qt}_VERSION} at ${Qt_Prefix}") if (${PROJECT_NAME}_ENABLE_E2EE) if ((NOT DEFINED USE_INTREE_LIBQOLM OR USE_INTREE_LIBQOLM) @@ -279,7 +291,10 @@ if (${PROJECT_NAME}_ENABLE_E2EE) target_link_libraries(${PROJECT_NAME} QtOlm) set(FIND_DEPS "find_dependency(QtOlm)") # For QuotientConfig.cmake.in endif() -target_link_libraries(${PROJECT_NAME} Qt5::Core Qt5::Network Qt5::Gui Qt5::Multimedia) +target_link_libraries(${PROJECT_NAME} ${Qt}::Core ${Qt}::Network ${Qt}::Gui) +if (Qt STREQUAL Qt5) # Qt 6 hasn't got Multimedia component as yet + target_link_libraries(${PROJECT_NAME} ${Qt}::Multimedia) +endif() configure_file(${PROJECT_NAME}.pc.in ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}.pc @ONLY NEWLINE_STYLE UNIX) diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 07f1f046..282ab036 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -7,7 +7,7 @@ include(CMakeParseArguments) function(QUOTIENT_ADD_TEST) cmake_parse_arguments(ARG "" "NAME" "" ${ARGN}) add_executable(${ARG_NAME} ${ARG_NAME}.cpp) - target_link_libraries(${ARG_NAME} Qt5::Core Qt5::Test Quotient) + target_link_libraries(${ARG_NAME} ${Qt}::Core ${Qt}::Test Quotient) add_test(NAME ${ARG_NAME} COMMAND ${ARG_NAME}) endfunction() diff --git a/quotest/CMakeLists.txt b/quotest/CMakeLists.txt index 29c53fae..bf9af796 100644 --- a/quotest/CMakeLists.txt +++ b/quotest/CMakeLists.txt @@ -5,7 +5,7 @@ set(quotest_SRCS quotest.cpp) add_executable(quotest ${quotest_SRCS}) -target_link_libraries(quotest PRIVATE Qt5::Core Qt5::Test ${PROJECT_NAME}) +target_link_libraries(quotest PRIVATE ${Qt}::Core ${Qt}::Test ${PROJECT_NAME}) option(${PROJECT_NAME}_INSTALL_TESTS "install quotest (former qmc-example) application" ON) add_feature_info(InstallQuotest ${PROJECT_NAME}_INSTALL_TESTS -- cgit v1.2.3 From d9286b1ad5516082bc9b40adaceb9485acf4a553 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Fri, 22 Jan 2021 23:38:32 +0100 Subject: Add tests --- autotests/CMakeLists.txt | 1 + autotests/testolmaccount.cpp | 65 ++++++++++++++++++++++++++++++++++++++++++++ autotests/testolmaccount.h | 19 +++++++++++++ 3 files changed, 85 insertions(+) create mode 100644 autotests/testolmaccount.cpp create mode 100644 autotests/testolmaccount.h (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 282ab036..07c22ad6 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -12,3 +12,4 @@ function(QUOTIENT_ADD_TEST) endfunction() quotient_add_test(NAME callcandidateseventtest) +quotient_add_test(NAME testolmaccount) diff --git a/autotests/testolmaccount.cpp b/autotests/testolmaccount.cpp new file mode 100644 index 00000000..549f07ea --- /dev/null +++ b/autotests/testolmaccount.cpp @@ -0,0 +1,65 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#ifdef Quotient_E2EE_ENABLED +#include "testolmaccount.h" +#include "olm/qolmaccount.h" + +void TestOlmAccount::pickleUnpickedTest() +{ + auto olmAccount = QOlmAccount::create().value(); + auto identityKeys = std::get(olmAccount.identityKeys()); + auto pickled = std::get(olmAccount.pickle(Unencrypted{})); + auto olmAccount2 = std::get(QOlmAccount::unpickle(pickled, Unencrypted{})); + auto identityKeys2 = std::get(olmAccount2.identityKeys()); + QCOMPARE(identityKeys.curve25519, identityKeys2.curve25519); + QCOMPARE(identityKeys.ed25519, identityKeys2.ed25519); +} + +void TestOlmAccount::identityKeysValid() +{ + auto olmAccount = QOlmAccount::create().value(); + const auto identityKeys = std::get(olmAccount.identityKeys()); + const auto curve25519 = identityKeys.curve25519; + const auto ed25519 = identityKeys.ed25519; + // verify encoded keys length + QCOMPARE(curve25519.size(), 43); + QCOMPARE(ed25519.size(), 43); + + // encoded as valid base64? + QVERIFY(QByteArray::fromBase64Encoding(curve25519).decodingStatus == QByteArray::Base64DecodingStatus::Ok); + QVERIFY(QByteArray::fromBase64Encoding(ed25519).decodingStatus == QByteArray::Base64DecodingStatus::Ok); +} + +void TestOlmAccount::signatureValid() +{ + const auto olmAccount = QOlmAccount::create().value(); + const auto message = "Hello world!"; + const auto signature = std::get(olmAccount.sign(message)); + QVERIFY(QByteArray::fromBase64Encoding(signature.toUtf8()).decodingStatus == QByteArray::Base64DecodingStatus::Ok); + + //let utility = OlmUtility::new(); + //let identity_keys = olm_account.parsed_identity_keys(); + //let ed25519_key = identity_keys.ed25519(); + //assert!(utility + // .ed25519_verify(&ed25519_key, message, &signature) + // .unwrap()); +} + +void TestOlmAccount::oneTimeKeysValid() +{ + const auto olmAccount = QOlmAccount::create().value(); + const auto maxNumberOfOneTimeKeys = olmAccount.maxNumberOfOneTimeKeys(); + QCOMPARE(100, maxNumberOfOneTimeKeys); + + const auto oneTimeKeysEmpty = std::get(olmAccount.oneTimeKeys()); + QVERIFY(oneTimeKeysEmpty.curve25519().isEmpty()); + + olmAccount.generateOneTimeKeys(20); + const auto oneTimeKeysFilled = std::get(olmAccount.oneTimeKeys()); + QCOMPARE(20, oneTimeKeysFilled.curve25519().count()); +} + +QTEST_MAIN(TestOlmAccount) +#endif diff --git a/autotests/testolmaccount.h b/autotests/testolmaccount.h new file mode 100644 index 00000000..c3297b5f --- /dev/null +++ b/autotests/testolmaccount.h @@ -0,0 +1,19 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#ifdef Quotient_E2EE_ENABLED +#include + +class TestOlmAccount : public QObject +{ + Q_OBJECT + +private Q_SLOTS: + void pickleUnpickedTest(); + void identityKeysValid(); + void signatureValid(); + void oneTimeKeysValid(); + //void removeOneTimeKeys(); +}; +#endif -- cgit v1.2.3 From 8706c055e69b01097b702403aaa0d222e5ab0d29 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Sun, 24 Jan 2021 01:45:43 +0100 Subject: Implement outboundsession --- CMakeLists.txt | 4 ++ autotests/CMakeLists.txt | 1 + autotests/testgroupsession.cpp | 39 +++++++++++++ autotests/testgroupsession.h | 15 +++++ autotests/testolmaccount.cpp | 2 + lib/olm/errors.h | 2 + lib/olm/qolmaccount.cpp | 27 +-------- lib/olm/qolminboundsession.cpp | 51 +++++++---------- lib/olm/qolminboundsession.h | 9 +-- lib/olm/qolmoutboundsession.cpp | 121 ++++++++++++++++++++++++++++++++++++++++ lib/olm/qolmoutboundsession.h | 47 ++++++++++++++++ lib/olm/utils.cpp | 22 ++++++++ lib/olm/utils.h | 13 +++++ 13 files changed, 291 insertions(+), 62 deletions(-) create mode 100644 autotests/testgroupsession.cpp create mode 100644 autotests/testgroupsession.h create mode 100644 lib/olm/qolmoutboundsession.cpp create mode 100644 lib/olm/qolmoutboundsession.h create mode 100644 lib/olm/utils.cpp create mode 100644 lib/olm/utils.h (limited to 'autotests/CMakeLists.txt') diff --git a/CMakeLists.txt b/CMakeLists.txt index b4d4ef8b..18a7b622 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -172,6 +172,10 @@ list(APPEND lib_SRCS lib/jobs/mediathumbnailjob.cpp lib/jobs/downloadfilejob.cpp lib/olm/qolmaccount.cpp + lib/olm/qolminboundsession.cpp + lib/olm/qolmoutboundsession.cpp + lib/olm/utils.cpp + lib/olm/errors.cpp ) # Configure API files generation diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 07c22ad6..31cdb446 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -13,3 +13,4 @@ endfunction() quotient_add_test(NAME callcandidateseventtest) quotient_add_test(NAME testolmaccount) +quotient_add_test(NAME testgroupsession) diff --git a/autotests/testgroupsession.cpp b/autotests/testgroupsession.cpp new file mode 100644 index 00000000..02892366 --- /dev/null +++ b/autotests/testgroupsession.cpp @@ -0,0 +1,39 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#ifdef Quotient_E2EE_ENABLED +#include "testgroupsession.h" +#include "olm/qolminboundsession.h" +#include "olm/qolmoutboundsession.h" +#include "olm/utils.h" + +using namespace Quotient; + +void TestOlmSession::groupSessionPicklingValid() +{ + auto ogs = std::get(QOlmOutboundGroupSession::create()); + const auto ogsId = std::get(ogs.sessionId()); + QVERIFY(QByteArray::fromBase64Encoding(ogsId).decodingStatus == QByteArray::Base64DecodingStatus::Ok); + QCOMPARE(0, ogs.sessionMessageIndex()); + + auto ogsPickled = std::get(ogs.pickle(Unencrypted {})); + ogs = std::get(QOlmOutboundGroupSession::unpickle(ogsPickled, Unencrypted {})); + QCOMPARE(ogsId, std::get(ogs.sessionId())); + + qDebug() << std::get(ogs.sessionKey()); + auto igs = std::get(QOlmInboundGroupSession::create(std::get(ogs.sessionKey()))); + const auto igsId = std::get(igs.sessionId()); + // ID is valid base64? + QVERIFY(QByteArray::fromBase64Encoding(igsId).decodingStatus == QByteArray::Base64DecodingStatus::Ok); + + //// no messages have been sent yet + QCOMPARE(0, igs.firstKnownIndex()); + + auto igsPickled = std::get(igs.pickle(Unencrypted {})); + igs = std::get(QOlmInboundGroupSession::unpickle(igsPickled, Unencrypted {})); + QCOMPARE(igsId, std::get(igs.sessionId())); +} + +QTEST_MAIN(TestOlmSession) +#endif diff --git a/autotests/testgroupsession.h b/autotests/testgroupsession.h new file mode 100644 index 00000000..28ebf4c9 --- /dev/null +++ b/autotests/testgroupsession.h @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#ifdef Quotient_E2EE_ENABLED +#include + +class TestOlmSession : public QObject +{ + Q_OBJECT + +private Q_SLOTS: + void groupSessionPicklingValid(); +}; +#endif diff --git a/autotests/testolmaccount.cpp b/autotests/testolmaccount.cpp index 549f07ea..45a7e3a5 100644 --- a/autotests/testolmaccount.cpp +++ b/autotests/testolmaccount.cpp @@ -6,6 +6,8 @@ #include "testolmaccount.h" #include "olm/qolmaccount.h" +using namespace Quotient; + void TestOlmAccount::pickleUnpickedTest() { auto olmAccount = QOlmAccount::create().value(); diff --git a/lib/olm/errors.h b/lib/olm/errors.h index fc2ae2e9..3dc4c796 100644 --- a/lib/olm/errors.h +++ b/lib/olm/errors.h @@ -24,6 +24,8 @@ enum OlmError Unknown, }; +OlmError fromString(const std::string &error_raw); + } //namespace Quotient #endif diff --git a/lib/olm/qolmaccount.cpp b/lib/olm/qolmaccount.cpp index bde9b712..89d82832 100644 --- a/lib/olm/qolmaccount.cpp +++ b/lib/olm/qolmaccount.cpp @@ -4,6 +4,7 @@ #ifdef Quotient_E2EE_ENABLED #include "qolmaccount.h" +#include "olm/utils.h" #include #include #include @@ -24,37 +25,11 @@ std::optional> OneTimeKeys::get(QString keyType) const return keys[keyType]; } -// Convert PicklingMode to key -QByteArray toKey(const PicklingMode &mode) -{ - if (std::holds_alternative(mode)) { - return ""; - } - return std::get(mode).key; -} - bool operator==(const IdentityKeys& lhs, const IdentityKeys& rhs) { return lhs.curve25519 == rhs.curve25519 &&& lhs.ed25519 == rhs.ed25519; } -// TODO use impl from errors.cpp -OlmError fromString(const std::string &error_raw) { - if (error_raw.compare("BAD_ACCOUNT_KEY")) { - return OlmError::BadAccountKey; - } else if (error_raw.compare("BAD_MESSAGE_KEY_ID")) { - return OlmError::BadMessageKeyId; - } else if (error_raw.compare("INVALID_BASE64")) { - return OlmError::InvalidBase64; - } else if (error_raw.compare("NOT_ENOUGH_RANDOM")) { - return OlmError::NotEnoughRandom; - } else if (error_raw.compare("OUTPUT_BUFFER_TOO_SMALL")) { - return OlmError::OutputBufferTooSmall; - } else { - return OlmError::Unknown; - } -} - // Conver olm error to enum OlmError lastError(OlmAccount *account) { const std::string error_raw = olm_account_last_error(account); diff --git a/lib/olm/qolminboundsession.cpp b/lib/olm/qolminboundsession.cpp index 62de138f..37dd60f8 100644 --- a/lib/olm/qolminboundsession.cpp +++ b/lib/olm/qolminboundsession.cpp @@ -3,64 +3,51 @@ // SPDX-License-Identifier: LGPL-2.1-or-later #include "olm/qolminboundsession.h" -#include -#include - +#include +#include using namespace Quotient; -// TODO move to errors.cpp -OlmError fromString(const std::string &error_raw) { - if (error_raw.compare("BAD_ACCOUNT_KEY")) { - return OlmError::BadAccountKey; - } else if (error_raw.compare("BAD_MESSAGE_KEY_ID")) { - return OlmError::BadMessageKeyId; - } else if (error_raw.compare("INVALID_BASE64")) { - return OlmError::InvalidBase64; - } else if (error_raw.compare("NOT_ENOUGH_RANDOM")) { - return OlmError::NotEnoughRandom; - } else if (error_raw.compare("OUTPUT_BUFFER_TOO_SMALL")) { - return OlmError::OutputBufferTooSmall; - } else { - return OlmError::Unknown; - } -} - OlmError lastError(OlmInboundGroupSession *session) { const std::string error_raw = olm_inbound_group_session_last_error(session); + std::cout << error_raw; return fromString(error_raw); } -QOlmInboundGroupSession::QOlmInboundGroupSession(OlmInboundGroupSession *session, const QByteArray &buffer) +QOlmInboundGroupSession::QOlmInboundGroupSession(OlmInboundGroupSession *session, QByteArray buffer) : m_groupSession(session) , m_buffer(buffer) { } -std::variant QOlmInboundGroupSession::create(const QString &key) +QOlmInboundGroupSession::~QOlmInboundGroupSession() { - auto olmInboundGroupSessionBuf = QByteArray(olm_inbound_group_session_size(), '0'); + olm_clear_inbound_group_session(m_groupSession); +} +std::variant QOlmInboundGroupSession::create(const QByteArray &key) +{ + QByteArray olmInboundGroupSessionBuf(olm_inbound_group_session_size(), '0'); const auto olmInboundGroupSession = olm_inbound_group_session(olmInboundGroupSessionBuf.data()); - QByteArray keyBuf = key.toUtf8(); + const auto temp = key; const auto error = olm_init_inbound_group_session(olmInboundGroupSession, - reinterpret_cast(keyBuf.data()), keyBuf.size()); + reinterpret_cast(temp.data()), temp.size()); if (error == olm_error()) { return lastError(olmInboundGroupSession); } - return QOlmInboundGroupSession(olmInboundGroupSession, olmInboundGroupSessionBuf); + return QOlmInboundGroupSession(olmInboundGroupSession, std::move(olmInboundGroupSessionBuf)); } -std::variant QOlmInboundGroupSession::import(const QString &key) +std::variant QOlmInboundGroupSession::import(const QByteArray &key) { - auto olmInboundGroupSessionBuf = QByteArray(olm_inbound_group_session_size(), '0'); + QByteArray olmInboundGroupSessionBuf(olm_inbound_group_session_size(), '0'); const auto olmInboundGroupSession = olm_inbound_group_session(olmInboundGroupSessionBuf.data()); - QByteArray keyBuf = key.toUtf8(); + QByteArray keyBuf = key; const auto error = olm_import_inbound_group_session(olmInboundGroupSession, reinterpret_cast(keyBuf.data()), keyBuf.size()); @@ -68,7 +55,7 @@ std::variant QOlmInboundGroupSession::import( return lastError(olmInboundGroupSession); } - return QOlmInboundGroupSession(olmInboundGroupSession, olmInboundGroupSessionBuf); + return QOlmInboundGroupSession(olmInboundGroupSession, std::move(olmInboundGroupSessionBuf)); } QByteArray toKey(const PicklingMode &mode) @@ -91,7 +78,7 @@ std::variant QOlmInboundGroupSession::pickle(const Picklin return pickledBuf; } -std::variant QOlmInboundGroupSession::unpicke(QByteArray &picked, const PicklingMode &mode) +std::variant QOlmInboundGroupSession::unpickle(QByteArray &picked, const PicklingMode &mode) { QByteArray groupSessionBuf(olm_inbound_group_session_size(), '0'); auto groupSession = olm_inbound_group_session(groupSessionBuf.data()); @@ -100,7 +87,7 @@ std::variant QOlmInboundGroupSession::unpicke if (error == olm_error()) { return lastError(groupSession); } - return QOlmInboundGroupSession(groupSession, groupSessionBuf); + return QOlmInboundGroupSession(groupSession, std::move(groupSessionBuf)); } std::variant, OlmError> QOlmInboundGroupSession::decrypt(QString &message) diff --git a/lib/olm/qolminboundsession.h b/lib/olm/qolminboundsession.h index c75b7285..82802520 100644 --- a/lib/olm/qolminboundsession.h +++ b/lib/olm/qolminboundsession.h @@ -17,15 +17,16 @@ namespace Quotient { struct QOlmInboundGroupSession { public: + ~QOlmInboundGroupSession(); //! Creates a new instance of `OlmInboundGroupSession`. - static std::variant create(const QString &key); + static std::variant create(const QByteArray &key); //! Import an inbound group session, from a previous export. - static std::variant import(const QString &key); + static std::variant import(const QByteArray &key); //! Serialises an `OlmInboundGroupSession` to encrypted Base64. std::variant pickle(const PicklingMode &mode) const; //! Deserialises from encrypted Base64 that was previously obtained by pickling //! an `OlmInboundGroupSession`. - static std::variant unpicke(QByteArray &picked, const PicklingMode &mode); + static std::variant unpickle(QByteArray &picked, const PicklingMode &mode); //! Decrypts ciphertext received for this group session. std::variant, OlmError> decrypt(QString &message); //! Export the base64-encoded ratchet key for this session, at the given index, @@ -37,7 +38,7 @@ public: std::variant sessionId() const; bool isVerified() const; private: - QOlmInboundGroupSession(OlmInboundGroupSession *session, const QByteArray &buffer); + QOlmInboundGroupSession(OlmInboundGroupSession *session, QByteArray buffer); OlmInboundGroupSession *m_groupSession; QByteArray m_buffer; }; diff --git a/lib/olm/qolmoutboundsession.cpp b/lib/olm/qolmoutboundsession.cpp new file mode 100644 index 00000000..8a6b966b --- /dev/null +++ b/lib/olm/qolmoutboundsession.cpp @@ -0,0 +1,121 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later +// +#include "olm/qolmoutboundsession.h" +#include "olm/utils.h" + +using namespace Quotient; + +OlmError lastError(OlmOutboundGroupSession *session) { + const std::string error_raw = olm_outbound_group_session_last_error(session); + + return fromString(error_raw); +} + +QOlmOutboundGroupSession::QOlmOutboundGroupSession(OlmOutboundGroupSession *session, const QByteArray &buffer) + : m_groupSession(session) + , m_buffer(buffer) +{ +} + +QOlmOutboundGroupSession::~QOlmOutboundGroupSession() +{ + olm_clear_outbound_group_session(m_groupSession); +} + +std::variant QOlmOutboundGroupSession::create() +{ + QByteArray sessionBuffer(olm_outbound_group_session_size(), '0'); + auto *olmOutboundGroupSession = olm_outbound_group_session(sessionBuffer.data()); + const auto randomLen = olm_init_outbound_group_session_random_length(olmOutboundGroupSession); + QByteArray randomBuf = getRandom(randomLen); + + const auto error = olm_init_outbound_group_session(olmOutboundGroupSession, + reinterpret_cast(randomBuf.data()), randomBuf.length()); + + if (error == olm_error()) { + return lastError(olmOutboundGroupSession); + } + + randomBuf.clear(); + + return QOlmOutboundGroupSession(olmOutboundGroupSession, sessionBuffer); +} + +std::variant QOlmOutboundGroupSession::pickle(const PicklingMode &mode) +{ + QByteArray pickledBuf(olm_pickle_outbound_group_session_length(m_groupSession), '0'); + QByteArray key = toKey(mode); + const auto error = olm_pickle_outbound_group_session(m_groupSession, key.data(), key.length(), + pickledBuf.data(), pickledBuf.length()); + + if (error == olm_error()) { + return lastError(m_groupSession); + } + + key.clear(); + + return pickledBuf; +} + + +std::variant QOlmOutboundGroupSession::unpickle(QByteArray &pickled, const PicklingMode &mode) +{ + QByteArray pickledBuf = pickled; + QByteArray olmOutboundGroupSessionBuf(olm_outbound_group_session_size(), '0'); + QByteArray key = toKey(mode); + auto olmOutboundGroupSession = olm_outbound_group_session(reinterpret_cast(olmOutboundGroupSessionBuf.data())); + const auto error = olm_unpickle_outbound_group_session(olmOutboundGroupSession, key.data(), key.length(), + pickled.data(), pickled.length()); + if (error == olm_error()) { + return lastError(olmOutboundGroupSession); + } + + key.clear(); + return QOlmOutboundGroupSession(olmOutboundGroupSession, olmOutboundGroupSessionBuf); +} + +std::variant QOlmOutboundGroupSession::encrypt(QString &plaintext) +{ + QByteArray plaintextBuf = plaintext.toUtf8(); + const auto messageMaxLen = olm_group_encrypt_message_length(m_groupSession, plaintextBuf.length()); + QByteArray messageBuf(messageMaxLen, '0'); + const auto error = olm_group_encrypt(m_groupSession, reinterpret_cast(plaintextBuf.data()), + plaintextBuf.length(), reinterpret_cast(messageBuf.data()), messageBuf.length()); + + if (error == olm_error()) { + return lastError(m_groupSession); + } + + return messageBuf; +} + +uint32_t QOlmOutboundGroupSession::sessionMessageIndex() const +{ + return olm_outbound_group_session_message_index(m_groupSession); +} + +std::variant QOlmOutboundGroupSession::sessionId() const +{ + const auto idMaxLength = olm_outbound_group_session_id_length(m_groupSession); + QByteArray idBuffer(idMaxLength, '0'); + const auto error = olm_outbound_group_session_id(m_groupSession, reinterpret_cast(idBuffer.data()), + idBuffer.length()); + if (error == olm_error()) { + return lastError(m_groupSession); + } + return idBuffer; +} + +std::variant QOlmOutboundGroupSession::sessionKey() const +{ + const auto keyMaxLength = olm_outbound_group_session_key_length(m_groupSession); + QByteArray keyBuffer(keyMaxLength, '0'); + const auto error = olm_outbound_group_session_key(m_groupSession, reinterpret_cast(keyBuffer.data()), + keyMaxLength); + if (error == olm_error()) { + return lastError(m_groupSession); + } + return keyBuffer; +} diff --git a/lib/olm/qolmoutboundsession.h b/lib/olm/qolmoutboundsession.h new file mode 100644 index 00000000..147c0e03 --- /dev/null +++ b/lib/olm/qolmoutboundsession.h @@ -0,0 +1,47 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later +#pragma once + +#include "olm/olm.h" // from Olm +#include "olm/errors.h" +#include "olm/e2ee.h" + +namespace Quotient { + +//! An out-bound group session is responsible for encrypting outgoing +//! communication in a Megolm session. +class QOlmOutboundGroupSession +{ +public: + ~QOlmOutboundGroupSession(); + //! Creates a new instance of `QOlmOutboundGroupSession`. + static std::variant create(); + //! Serialises an `QOlmOutboundGroupSession` to encrypted Base64. + std::variant pickle(const PicklingMode &mode); + //! Deserialises from encrypted Base64 that was previously obtained by + //! pickling an `QOlmOutboundGroupSession`. + static std::variant unpickle(QByteArray &pickled, const PicklingMode &mode); + //! Encrypts a plaintext message using the session. + std::variant encrypt(QString &plaintext); + + //! Get the current message index for this session. + //! + //! Each message is sent with an increasing index; this returns the + //! index for the next message. + uint32_t sessionMessageIndex() const; + + //! Get a base64-encoded identifier for this session. + std::variant sessionId() const; + + //! Get the base64-encoded current ratchet key for this session. + //! + //! Each message is sent with a different ratchet key. This function returns the + //! ratchet key that will be used for the next message. + std::variant sessionKey() const; +private: + QOlmOutboundGroupSession(OlmOutboundGroupSession *groupSession, const QByteArray &groupSessionBuf); + OlmOutboundGroupSession *m_groupSession; + QByteArray m_buffer; +}; +} diff --git a/lib/olm/utils.cpp b/lib/olm/utils.cpp new file mode 100644 index 00000000..4966af15 --- /dev/null +++ b/lib/olm/utils.cpp @@ -0,0 +1,22 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include "olm/utils.h" + +using namespace Quotient; + +QByteArray Quotient::toKey(const Quotient::PicklingMode &mode) +{ + if (std::holds_alternative(mode)) { + return ""; + } + return std::get(mode).key; +} + +QByteArray Quotient::getRandom(size_t bufferSize) +{ + QByteArray buffer(bufferSize, '0'); + std::generate(buffer.begin(), buffer.end(), std::rand); + return buffer; +} diff --git a/lib/olm/utils.h b/lib/olm/utils.h new file mode 100644 index 00000000..ec0da784 --- /dev/null +++ b/lib/olm/utils.h @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#pragma once + +#include "olm/e2ee.h" + +namespace Quotient { +// Convert PicklingMode to key +QByteArray toKey(const PicklingMode &mode); +QByteArray getRandom(size_t bufferSize); +} -- cgit v1.2.3 From fe2d5dd577a05e4a0e250d89487cd14025204b02 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Wed, 27 Jan 2021 01:43:49 +0100 Subject: Start adding test for session stuff --- autotests/CMakeLists.txt | 1 + autotests/testolmsession.cpp | 28 ++++++++++++++++++++++++++++ lib/olm/message.cpp | 15 ++++++++------- lib/olm/message.h | 7 +++---- lib/olm/qolmaccount.cpp | 2 ++ lib/olm/session.cpp | 4 ++-- lib/olm/session.h | 4 ++++ 7 files changed, 48 insertions(+), 13 deletions(-) create mode 100644 autotests/testolmsession.cpp (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 31cdb446..f35890a5 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -14,3 +14,4 @@ endfunction() quotient_add_test(NAME callcandidateseventtest) quotient_add_test(NAME testolmaccount) quotient_add_test(NAME testgroupsession) +quotient_add_test(NAME testolmsession) diff --git a/autotests/testolmsession.cpp b/autotests/testolmsession.cpp new file mode 100644 index 00000000..1b7fbb9b --- /dev/null +++ b/autotests/testolmsession.cpp @@ -0,0 +1,28 @@ +#include "olm/session.h" + +using namespace Quotient; + +std::pair, std::unique_ptr> createSessionPair() +{ + QByteArray pickledAccountA("eOBXIKivUT6YYowRH031BNv7zNmzqM5B7CpXdyeaPvala5mt7/OeqrG1qVA7vA1SYloFyvJPIy0QNkD3j1HiPl5vtZHN53rtfZ9exXDok03zjmssqn4IJsqcA7Fbo1FZeKafG0NFcWwCPTdmcV7REqxjqGm3I4K8MQFa45AdTGSUu2C12cWeOcbSMlcINiMral+Uyah1sgPmLJ18h1qcnskXUXQvpffZ5DiUw1Iz5zxnwOQF1GVyowPJD7Zdugvj75RQnDxAn6CzyvrY2k2CuedwqDC3fIXM2xdUNWttW4nC2g4InpBhCVvNwhZYxlUb5BUEjmPI2AB3dAL5ry6o9MFncmbN6x5x"); + QByteArray pickledAccountB("eModTvoFi9oOIkax4j4nuxw9Tcl/J8mOmUctUWI68Q89HSaaPTqR+tdlKQ85v2GOs5NlZCp7EuycypN9GQ4fFbHUCrS7nspa3GFBWsR8PnM8+wez5PWmfFZLg3drOvT0jbMjpDx0MjGYClHBqcrEpKx9oFaIRGBaX6HXzT4lRaWSJkXxuX92q8iGNrLn96PuAWFNcD+2JXpPcNFntslwLUNgqzpZ04aIFYwL80GmzyOgq3Bz1GO6u3TgCQEAmTIYN2QkO0MQeuSfe7UoMumhlAJ6R8GPcdSSPtmXNk4tdyzzlgpVq1hm7ZLKto+g8/5Aq3PvnvA8wCqno2+Pi1duK1pZFTIlActr"); + auto accountA = QOlmAccount("accountA:foo.com", "Device1UserA"); + accountA.unpickle(pickledAccountA, Unencrypted{}); + auto accountB = QOlmAccount("accountB:foo.com", "Device1UserB"); + accountB.unpickle(pickledAccountB, Unencrypted{}); + + const QByteArray identityKeyA("qIEr3TWcJQt4CP8QoKKJcCaukByIOpgh6erBkhLEa2o"); + const QByteArray oneTimeKeyA("WzsbsjD85iB1R32iWxfJdwkgmdz29ClMbJSJziECYwk"); + const QByteArray identityKeyB("q/YhJtog/5VHCAS9rM9uUf6AaFk1yPe4GYuyUOXyQCg"); + const QByteArray oneTimeKeyB("oWvzryma+B2onYjo3hM6A3Mgo/Yepm8HvgSvwZMTnjQ"); + auto outbound = std::get>(accountA + .createOutboundSession(identityKeyB, oneTimeKeyB)); + + const auto preKey = std::get(outbound->encrypt("")); // Payload does not matter for PreKey + + if (preKey.type() != Message::General) { + throw "Wrong first message type received, can't create session"; + } + auto inbound = std::get>(accountB.createInboundSession(preKey)); + return std::make_pair, std::unique_ptr>(std::move(inbound), std::move(outbound)); +} diff --git a/lib/olm/message.cpp b/lib/olm/message.cpp index 0998a66b..634a6f0c 100644 --- a/lib/olm/message.cpp +++ b/lib/olm/message.cpp @@ -8,19 +8,15 @@ using namespace Quotient; Message::Message(const QByteArray &ciphertext, Message::Type type) - : QByteArray(std::move(ciphertext)), _messageType(type) -{ - Q_ASSERT_X(!ciphertext.isEmpty(), "olm message", "Ciphertext is empty"); -} - -Message::Message(QByteArray ciphertext) : QByteArray(std::move(ciphertext)) + : QByteArray(std::move(ciphertext)) + , m_messageType(type) { Q_ASSERT_X(!ciphertext.isEmpty(), "olm message", "Ciphertext is empty"); } Message::Type Message::type() const { - return _messageType; + return m_messageType; } QByteArray Message::toCiphertext() const @@ -28,6 +24,11 @@ QByteArray Message::toCiphertext() const return QByteArray(*this); } +Message Message::fromCiphertext(const QByteArray &ciphertext) +{ + return Message(ciphertext, Message::General); +} + #endif // Quotient_E2EE_ENABLED diff --git a/lib/olm/message.h b/lib/olm/message.h index 6c8ab485..067d9b5a 100644 --- a/lib/olm/message.h +++ b/lib/olm/message.h @@ -28,16 +28,15 @@ public: Q_ENUM(Type) Message() = default; - explicit Message(const QByteArray& ciphertext, Type type = General); - explicit Message(QByteArray ciphertext); + explicit Message(const QByteArray &ciphertext, Type type = General); - static Message fromCiphertext(QByteArray ciphertext); + static Message fromCiphertext(const QByteArray &ciphertext); Q_INVOKABLE Type type() const; Q_INVOKABLE QByteArray toCiphertext() const; private: - Type _messageType = General; + Type m_messageType = General; }; diff --git a/lib/olm/qolmaccount.cpp b/lib/olm/qolmaccount.cpp index 9c47bc87..ef51a395 100644 --- a/lib/olm/qolmaccount.cpp +++ b/lib/olm/qolmaccount.cpp @@ -199,11 +199,13 @@ OlmAccount *Quotient::QOlmAccount::data() std::variant, OlmError> QOlmAccount::createInboundSession(const Message &preKeyMessage) { + Q_ASSERT(preKeyMessage.type() == Message::PreKey); return QOlmSession::createInboundSession(this, preKeyMessage); } std::variant, OlmError> QOlmAccount::createInboundSessionFrom(const QByteArray &theirIdentityKey, const Message &preKeyMessage) { + Q_ASSERT(preKeyMessage.type() == Message::PreKey); return QOlmSession::createInboundSessionFrom(this, theirIdentityKey, preKeyMessage); } diff --git a/lib/olm/session.cpp b/lib/olm/session.cpp index b5cd7b81..f6cab650 100644 --- a/lib/olm/session.cpp +++ b/lib/olm/session.cpp @@ -152,9 +152,9 @@ QByteArray QOlmSession::sessionId() const return idBuffer; } -QOlmSession::QOlmSession(OlmSession *session): m_session(session) +QOlmSession::QOlmSession(OlmSession *session) + : m_session(session) { - } #endif // Quotient_E2EE_ENABLED diff --git a/lib/olm/session.h b/lib/olm/session.h index e3a52c88..89f5d822 100644 --- a/lib/olm/session.h +++ b/lib/olm/session.h @@ -14,6 +14,8 @@ namespace Quotient { class QOlmAccount; +class QOlmSession; + //! Either an outbound or inbound session for secure communication. class QOlmSession @@ -43,6 +45,8 @@ private: OlmSession* m_session; }; +//using QOlmSessionPtr = std::unique_ptr; + } //namespace Quotient #endif // Quotient_E2EE_ENABLED -- cgit v1.2.3 From efe7e4ebc9c71f68d29c5c1a5a6bacbaea6fd146 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Wed, 27 Jan 2021 16:12:17 +0100 Subject: Disable olm test when disabling encryption --- autotests/CMakeLists.txt | 8 +++++--- autotests/testgroupsession.cpp | 2 -- autotests/testgroupsession.h | 2 -- autotests/testolmaccount.cpp | 2 -- autotests/testolmaccount.h | 2 -- autotests/testolmsession.cpp | 8 -------- autotests/testolmsession.h | 2 -- 7 files changed, 5 insertions(+), 21 deletions(-) (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index f35890a5..6afdf8cc 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -12,6 +12,8 @@ function(QUOTIENT_ADD_TEST) endfunction() quotient_add_test(NAME callcandidateseventtest) -quotient_add_test(NAME testolmaccount) -quotient_add_test(NAME testgroupsession) -quotient_add_test(NAME testolmsession) +if(${PROJECT_NAME}_ENABLE_E2EE) + quotient_add_test(NAME testolmaccount) + quotient_add_test(NAME testgroupsession) + quotient_add_test(NAME testolmsession) +endif() diff --git a/autotests/testgroupsession.cpp b/autotests/testgroupsession.cpp index a99172d7..23c5bf8f 100644 --- a/autotests/testgroupsession.cpp +++ b/autotests/testgroupsession.cpp @@ -2,7 +2,6 @@ // // SPDX-License-Identifier: LGPL-2.1-or-later -#ifdef Quotient_E2EE_ENABLED #include "testgroupsession.h" #include "olm/qolminboundsession.h" #include "olm/qolmoutboundsession.h" @@ -54,4 +53,3 @@ void TestOlmSession::groupSessionCryptoValid() QCOMPARE(0, decryptionResult.second); } QTEST_MAIN(TestOlmSession) -#endif diff --git a/autotests/testgroupsession.h b/autotests/testgroupsession.h index c9192990..27f34bec 100644 --- a/autotests/testgroupsession.h +++ b/autotests/testgroupsession.h @@ -2,7 +2,6 @@ // // SPDX-License-Identifier: LGPL-2.1-or-later -#ifdef Quotient_E2EE_ENABLED #include class TestOlmSession : public QObject @@ -13,4 +12,3 @@ private Q_SLOTS: void groupSessionPicklingValid(); void groupSessionCryptoValid(); }; -#endif diff --git a/autotests/testolmaccount.cpp b/autotests/testolmaccount.cpp index 75102c32..9f85e77e 100644 --- a/autotests/testolmaccount.cpp +++ b/autotests/testolmaccount.cpp @@ -2,7 +2,6 @@ // // SPDX-License-Identifier: LGPL-2.1-or-later -#ifdef Quotient_E2EE_ENABLED #include "testolmaccount.h" #include "olm/qolmaccount.h" @@ -69,4 +68,3 @@ void TestOlmAccount::oneTimeKeysValid() } QTEST_MAIN(TestOlmAccount) -#endif diff --git a/autotests/testolmaccount.h b/autotests/testolmaccount.h index c3297b5f..e7b32b8b 100644 --- a/autotests/testolmaccount.h +++ b/autotests/testolmaccount.h @@ -2,7 +2,6 @@ // // SPDX-License-Identifier: LGPL-2.1-or-later -#ifdef Quotient_E2EE_ENABLED #include class TestOlmAccount : public QObject @@ -16,4 +15,3 @@ private Q_SLOTS: void oneTimeKeysValid(); //void removeOneTimeKeys(); }; -#endif diff --git a/autotests/testolmsession.cpp b/autotests/testolmsession.cpp index 77ba35ef..da0e36e3 100644 --- a/autotests/testolmsession.cpp +++ b/autotests/testolmsession.cpp @@ -7,7 +7,6 @@ using namespace Quotient; -#ifdef Quotient_E2EE_ENABLED std::pair, std::unique_ptr> createSessionPair() { QByteArray pickledAccountA("eOBXIKivUT6YYowRH031BNv7zNmzqM5B7CpXdyeaPvala5mt7/OeqrG1qVA7vA1SYloFyvJPIy0QNkD3j1HiPl5vtZHN53rtfZ9exXDok03zjmssqn4IJsqcA7Fbo1FZeKafG0NFcWwCPTdmcV7REqxjqGm3I4K8MQFa45AdTGSUu2C12cWeOcbSMlcINiMral+Uyah1sgPmLJ18h1qcnskXUXQvpffZ5DiUw1Iz5zxnwOQF1GVyowPJD7Zdugvj75RQnDxAn6CzyvrY2k2CuedwqDC3fIXM2xdUNWttW4nC2g4InpBhCVvNwhZYxlUb5BUEjmPI2AB3dAL5ry6o9MFncmbN6x5x"); @@ -32,19 +31,15 @@ std::pair, std::unique_ptr> createSess auto inbound = std::get>(accountB.createInboundSession(preKey)); return std::make_pair, std::unique_ptr>(std::move(inbound), std::move(outbound)); } -#endif void TestOlmSession::olmOutboundSessionCreation() { -#ifdef Quotient_E2EE_ENABLED const auto [_, outboundSession] = createSessionPair(); QCOMPARE(0, outboundSession->hasReceivedMessage()); -#endif } void TestOlmSession::olmEncryptDecrypt() { -#ifdef Quotient_E2EE_ENABLED const auto [inboundSession, outboundSession] = createSessionPair(); const auto encrypted = outboundSession->encrypt("Hello world!"); if (encrypted.type() == Message::PreKey) { @@ -55,12 +50,10 @@ void TestOlmSession::olmEncryptDecrypt() const auto decrypted = std::get(inboundSession->decrypt(encrypted)); QCOMPARE(decrypted, "Hello world!"); -#endif } void TestOlmSession::correctSessionOrdering() { -#ifdef Quotient_E2EE_ENABLED // n0W5IJ2ZmaI9FxKRj/wohUQ6WEU0SfoKsgKKHsr4VbM auto session1 = std::get>(QOlmSession::unpickle("7g5cfQRsDk2ROXf9S01n2leZiFRon+EbvXcMOADU0UGvlaV6t/0ihD2/0QGckDIvbmE1aV+PxB0zUtHXh99bI/60N+PWkCLA84jEY4sz3d45ui/TVoFGLDHlymKxvlj7XngXrbtlxSkVntsPzDiNpKEXCa26N2ubKpQ0fbjrV5gbBTYWfU04DXHPXFDTksxpNALYt/h0eVMVhf6hB0ZzpLBsOG0mpwkLufwub0CuDEDGGmRddz3TcNCLq5NnI8R9udDWvHAkTS1UTbHuIf/y6cZg875nJyXpAvd8/XhL8TOo8ot2sE1fElBa4vrH/m9rBQMC1GPkhLBIizmY44C+Sq9PQRnF+uCZ", Unencrypted{})); // +9pHJhP3K4E5/2m8PYBPLh8pS9CJodwUOh8yz3mnmw0 @@ -81,7 +74,6 @@ void TestOlmSession::correctSessionOrdering() QCOMPARE(sessionList[0]->sessionId(), session2Id); QCOMPARE(sessionList[1]->sessionId(), session3Id); QCOMPARE(sessionList[2]->sessionId(), session1Id); -#endif } QTEST_MAIN(TestOlmSession) diff --git a/autotests/testolmsession.h b/autotests/testolmsession.h index c03b7b6a..9a5798fa 100644 --- a/autotests/testolmsession.h +++ b/autotests/testolmsession.h @@ -2,7 +2,6 @@ // // SPDX-License-Identifier: LGPL-2.1-or-later -#ifdef Quotient_E2EE_ENABLED #include class TestOlmSession : public QObject @@ -13,4 +12,3 @@ private Q_SLOTS: void olmEncryptDecrypt(); void correctSessionOrdering(); }; -#endif -- cgit v1.2.3 From fe9b2f918753d40d93f8aecf182485e75d4b75bb Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Sun, 31 Jan 2021 01:18:35 +0100 Subject: More test but still failing in signing/signature verification --- autotests/CMakeLists.txt | 1 + autotests/testolmaccount.cpp | 10 ++-- autotests/testolmutility.cpp | 131 +++++++++++++++++++++++++++++++++++++++++++ autotests/testolmutility.h | 15 +++++ lib/crypto/qolmaccount.cpp | 36 ++++++------ lib/crypto/qolmaccount.h | 8 ++- lib/crypto/qolmutility.cpp | 23 ++++++-- lib/crypto/qolmutility.h | 2 +- 8 files changed, 196 insertions(+), 30 deletions(-) create mode 100644 autotests/testolmutility.cpp create mode 100644 autotests/testolmutility.h (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 6afdf8cc..0354172b 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -16,4 +16,5 @@ if(${PROJECT_NAME}_ENABLE_E2EE) quotient_add_test(NAME testolmaccount) quotient_add_test(NAME testgroupsession) quotient_add_test(NAME testolmsession) + quotient_add_test(NAME testolmutility) endif() diff --git a/autotests/testolmaccount.cpp b/autotests/testolmaccount.cpp index 5cb88a99..8d979e0b 100644 --- a/autotests/testolmaccount.cpp +++ b/autotests/testolmaccount.cpp @@ -309,11 +309,10 @@ void TestOlmAccount::claimKeys() deviceKeys[bob->userId()] = QStringList(); auto job = alice->callApi(deviceKeys); connect(job, &BaseJob::result, this, [bob, alice, aliceOlm, job, this] { + qDebug() << job->jsonData(); auto bobDevices = job->deviceKeys()[bob->userId()]; QVERIFY(bobDevices.size() > 0); - auto devices = {bob->deviceId()}; - // Retrieve the identity key for the current device. auto bobEd25519 = bobDevices[bob->deviceId()].keys["ed25519:" + bob->deviceId()]; @@ -324,10 +323,9 @@ void TestOlmAccount::claimKeys() QVERIFY(verifyIdentitySignature(currentDevice, bob->deviceId(), bob->userId())); QHash> oneTimeKeys; - for (const auto &d : devices) { - oneTimeKeys[bob->userId()] = QHash(); - oneTimeKeys[bob->userId()][d] = SignedCurve25519Key; - } + oneTimeKeys[bob->userId()] = QHash(); + oneTimeKeys[bob->userId()][bob->deviceId()] = SignedCurve25519Key; + auto job = alice->callApi(oneTimeKeys); connect(job, &BaseJob::result, this, [aliceOlm, bob, bobEd25519, job] { const auto userId = bob->userId(); diff --git a/autotests/testolmutility.cpp b/autotests/testolmutility.cpp new file mode 100644 index 00000000..cb92a0df --- /dev/null +++ b/autotests/testolmutility.cpp @@ -0,0 +1,131 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include "testolmutility.h" +#include "crypto/qolmaccount.h" +#include "crypto/qolmutility.h" + +using namespace Quotient; + +void TestOlmUtility::canonicalJSON() +{ + // Examples taken from + // https://matrix.org/docs/spec/appendices.html#canonical-json + auto data = QJsonDocument::fromJson(QByteArrayLiteral(R"({ + "auth": { + "success": true, + "mxid": "@john.doe:example.com", + "profile": { + "display_name": "John Doe", + "three_pids": [{ + "medium": "email", + "address": "john.doe@example.org" + }, { + "medium": "msisdn", + "address": "123456789" + }] + }}})")); + + QCOMPARE(data.toJson(QJsonDocument::Compact), + "{\"auth\":{\"mxid\":\"@john.doe:example.com\",\"profile\":{\"display_name\":\"John " + "Doe\",\"three_pids\":[{\"address\":\"john.doe@example.org\",\"medium\":\"email\"},{" + "\"address\":\"123456789\",\"medium\":\"msisdn\"}]},\"success\":true}}"); + + auto data0 = QJsonDocument::fromJson(QByteArrayLiteral(R"({"b":"2","a":"1"})")); + QCOMPARE(data0.toJson(QJsonDocument::Compact), "{\"a\":\"1\",\"b\":\"2\"}"); + + auto data1 = QJsonDocument::fromJson(QByteArrayLiteral(R"({ "本": 2, "日": 1 })")); + QCOMPARE(data1.toJson(QJsonDocument::Compact), "{\"日\":1,\"本\":2}"); + + auto data2 = QJsonDocument::fromJson(QByteArrayLiteral(R"({"a": "\u65E5"})")); + QCOMPARE(data2.toJson(QJsonDocument::Compact), "{\"a\":\"日\"}"); + + auto data3 = QJsonDocument::fromJson(QByteArrayLiteral(R"({ "a": null })")); + QCOMPARE(data3.toJson(QJsonDocument::Compact), "{\"a\":null}"); +} + +void TestOlmUtility::verifySignedOneTimeKey() +{ + auto aliceOlm = std::make_shared("alice:matrix.org", "aliceDevice"); + aliceOlm->createNewAccount(); + aliceOlm->generateOneTimeKeys(1); + auto keys = aliceOlm->oneTimeKeys(); + + auto firstKey = keys.curve25519().keyValueBegin()->second; + auto msgObj = QJsonObject({{"key", firstKey}}); + auto sig = aliceOlm->sign(msgObj); + + auto msg = QJsonDocument(msgObj).toJson(QJsonDocument::Compact); + + auto utilityBuf = new uint8_t[olm_utility_size()]; + auto utility = olm_utility(utilityBuf); + + qDebug() << "1" << aliceOlm->identityKeys().ed25519 << msg << QString::fromUtf8(sig); + + QByteArray signatureBuf1(sig.length(), '0'); + std::copy(sig.begin(), sig.end(), signatureBuf1.begin()); + + auto res = olm_ed25519_verify(utility, + aliceOlm->identityKeys().ed25519.data(), + aliceOlm->identityKeys().ed25519.size(), + msg.data(), + msg.size(), + (void *)sig.data(), + sig.size()); + qDebug() << "2" << aliceOlm->identityKeys().ed25519 << msg << QString::fromUtf8(signatureBuf1); + + QCOMPARE(std::string(olm_utility_last_error(utility)), "SUCCESS"); + QCOMPARE(res, 0); + + delete[](reinterpret_cast(utility)); + + QOlmUtility utility2; + auto res2 = std::get(utility2.ed25519Verify(aliceOlm->identityKeys().ed25519, msg, signatureBuf1)); + + //QCOMPARE(std::string(olm_utility_last_error(utility)), "SUCCESS"); + QCOMPARE(res2, true); +} + +void TestOlmUtility::validUploadKeysRequest() +{ + const auto userId = QStringLiteral("@alice:matrix.org"); + const auto deviceId = QStringLiteral("FKALSOCCC"); + + auto alice = std::make_shared(userId, deviceId); + alice->createNewAccount(); + alice->generateOneTimeKeys(1); + + auto idSig = alice->signIdentityKeys(); + + QJsonObject body + { + {"algorithms", QJsonArray{"m.olm.v1.curve25519-aes-sha2", "m.megolm.v1.aes-sha2"}}, + {"user_id", userId}, + {"device_id", deviceId}, + {"keys", + QJsonObject{ + {QStringLiteral("curve25519:") + deviceId, QString::fromUtf8(alice->identityKeys().curve25519)}, + {QStringLiteral("ed25519:") + deviceId, QString::fromUtf8(alice->identityKeys().ed25519)} + } + }, + {"signatures", + QJsonObject{ + {userId, + QJsonObject{ + {"ed25519:" + deviceId, QString::fromUtf8(idSig)} + } + } + } + } + }; + + DeviceKeys deviceKeys = alice->getDeviceKeys(); + QCOMPARE(QJsonDocument(toJson(deviceKeys)).toJson(QJsonDocument::Compact), + QJsonDocument(body).toJson(QJsonDocument::Compact)); + + QVERIFY(verifyIdentitySignature(fromJson(body), deviceId, userId)); + QVERIFY(verifyIdentitySignature(deviceKeys, deviceId, userId)); +} + +QTEST_MAIN(TestOlmUtility) diff --git a/autotests/testolmutility.h b/autotests/testolmutility.h new file mode 100644 index 00000000..b30249c8 --- /dev/null +++ b/autotests/testolmutility.h @@ -0,0 +1,15 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include + +class TestOlmUtility : public QObject +{ + Q_OBJECT + +private Q_SLOTS: + void canonicalJSON(); + void verifySignedOneTimeKey(); + void validUploadKeysRequest(); +}; diff --git a/lib/crypto/qolmaccount.cpp b/lib/crypto/qolmaccount.cpp index 750d7318..e27bbee1 100644 --- a/lib/crypto/qolmaccount.cpp +++ b/lib/crypto/qolmaccount.cpp @@ -110,10 +110,10 @@ IdentityKeys QOlmAccount::identityKeys() const QByteArray QOlmAccount::sign(const QByteArray &message) const { - const size_t signatureLength = olm_account_signature_length(m_account); - QByteArray signatureBuffer(signatureLength, '0'); + QByteArray signatureBuffer(olm_account_signature_length(m_account), '0'); + const auto error = olm_account_sign(m_account, message.data(), message.length(), - signatureBuffer.data(), signatureLength); + signatureBuffer.data(), signatureBuffer.length()); if (error == olm_error()) { throw lastError(m_account); @@ -216,9 +216,8 @@ OlmAccount *Quotient::QOlmAccount::data() return m_account; } -UploadKeysJob *QOlmAccount::createUploadKeyRequest(const OneTimeKeys &oneTimeKeys) +DeviceKeys QOlmAccount::getDeviceKeys() const { - DeviceKeys deviceKeys; deviceKeys.userId = m_userId; deviceKeys.deviceId = m_deviceId; @@ -231,6 +230,13 @@ UploadKeysJob *QOlmAccount::createUploadKeyRequest(const OneTimeKeys &oneTimeKey const auto sign = signIdentityKeys(); deviceKeys.signatures[m_userId]["ed25519:" + m_deviceId] = sign; + return deviceKeys; +} + +UploadKeysJob *QOlmAccount::createUploadKeyRequest(const OneTimeKeys &oneTimeKeys) +{ + auto deviceKeys = getDeviceKeys(); + if (oneTimeKeys.curve25519().isEmpty()) { return new UploadKeysJob(deviceKeys); } @@ -272,36 +278,34 @@ bool Quotient::verifyIdentitySignature(const DeviceKeys &deviceKeys, const auto signingKey = deviceKeys.keys[signKeyId]; const auto signature = deviceKeys.signatures[userId][signKeyId]; - if (signature.isEmpty()) { + qDebug() << "signature empty"; return false; } return ed25519VerifySignature(signingKey, toJson(deviceKeys), signature); } -bool Quotient::ed25519VerifySignature(QString signingKey, - QJsonObject obj, - QString signature) +bool Quotient::ed25519VerifySignature(const QString &signingKey, + const QJsonObject &obj, + const QString &signature) { if (signature.isEmpty()) { return false; } + QJsonObject obj1 = obj; - obj.remove("unsigned"); - obj.remove("signatures"); - - QJsonDocument doc; - doc.setObject(obj); - auto canonicalJson = doc.toJson(QJsonDocument::Compact); + obj1.remove("unsigned"); + obj1.remove("signatures"); - qDebug() << canonicalJson; + auto canonicalJson = QJsonDocument(obj1).toJson(QJsonDocument::Compact); QByteArray signingKeyBuf = signingKey.toUtf8(); QOlmUtility utility; auto signatureBuf = signature.toUtf8(); auto result = utility.ed25519Verify(signingKeyBuf, canonicalJson, signatureBuf); if (std::holds_alternative(result)) { + qDebug() << "error:" << std::get(result); return false; } diff --git a/lib/crypto/qolmaccount.h b/lib/crypto/qolmaccount.h index 09ef623a..de78a8af 100644 --- a/lib/crypto/qolmaccount.h +++ b/lib/crypto/qolmaccount.h @@ -72,6 +72,8 @@ public: UploadKeysJob *createUploadKeyRequest(const OneTimeKeys &oneTimeKeys); + DeviceKeys getDeviceKeys() const; + //! Remove the one time key used to create the supplied session. [[nodiscard]] std::optional removeOneTimeKeys(const std::unique_ptr &session) const; @@ -104,9 +106,9 @@ bool verifyIdentitySignature(const DeviceKeys &deviceKeys, const QString &userId); //! checks if the signature is signed by the signing_key -bool ed25519VerifySignature(QString signingKey, - QJsonObject obj, - QString signature); +bool ed25519VerifySignature(const QString &signingKey, + const QJsonObject &obj, + const QString &signature); } // namespace Quotient diff --git a/lib/crypto/qolmutility.cpp b/lib/crypto/qolmutility.cpp index 3c6a14c7..ad78a226 100644 --- a/lib/crypto/qolmutility.cpp +++ b/lib/crypto/qolmutility.cpp @@ -5,6 +5,7 @@ #ifdef Quotient_E2EE_ENABLED #include "crypto/qolmutility.h" #include "olm/olm.h" +#include using namespace Quotient; @@ -19,10 +20,12 @@ QOlmUtility::QOlmUtility() { auto utility = new uint8_t[olm_utility_size()]; m_utility = olm_utility(utility); + qDebug() << "created"; } QOlmUtility::~QOlmUtility() { + qDebug() << "deleted"; olm_clear_utility(m_utility); delete[](reinterpret_cast(m_utility)); } @@ -43,15 +46,27 @@ QString QOlmUtility::sha256Utf8Msg(const QString &message) const } std::variant QOlmUtility::ed25519Verify(const QByteArray &key, - const QByteArray &message, QByteArray &signature) + const QByteArray &message, const QByteArray &signature) { - const auto error = olm_ed25519_verify(m_utility, key.data(), key.length(), - message.data(), message.length(), signature.data(), signature.length()); + QByteArray signatureBuf(signature.length(), '0'); + std::copy(signature.begin(), signature.end(), signatureBuf.begin()); + qDebug() << "3" << key << message << signature; + + const auto ret = olm_ed25519_verify(m_utility, key.data(), key.size(), + message.data(), message.size(), (void *)signatureBuf.data(), signatureBuf.size()); + + const auto error = ret; if (error == olm_error()) { + qDebug() << QString(olm_utility_last_error(m_utility)); return lastError(m_utility); } - return error == 0; + + if (ret != 0) { + qDebug() << "ed25519Verify" << ret; + return false; + } + return true; } diff --git a/lib/crypto/qolmutility.h b/lib/crypto/qolmutility.h index 16c330eb..3de09ab4 100644 --- a/lib/crypto/qolmutility.h +++ b/lib/crypto/qolmutility.h @@ -36,7 +36,7 @@ public: //! \param message QByteArray The message that was signed. //! \param signature QByteArray The signature of the message. std::variant ed25519Verify(const QByteArray &key, - const QByteArray &message, QByteArray &signature); + const QByteArray &message, const QByteArray &signature); private: -- cgit v1.2.3 From a1fcad591968ec717214a73a2dbe78f608207bc5 Mon Sep 17 00:00:00 2001 From: Alexey Rusakov Date: Sun, 5 Dec 2021 10:59:44 +0100 Subject: Move away Omittable static tests to autotests/ These are not required to build libQuotient, and omittable.cpp entirely consisted of them. --- CMakeLists.txt | 2 +- autotests/CMakeLists.txt | 1 + autotests/utiltests.cpp | 45 +++++++++++++++++++++++++++++++++++++++++++++ lib/omittable.cpp | 34 ---------------------------------- 4 files changed, 47 insertions(+), 35 deletions(-) create mode 100644 autotests/utiltests.cpp delete mode 100644 lib/omittable.cpp (limited to 'autotests/CMakeLists.txt') diff --git a/CMakeLists.txt b/CMakeLists.txt index ddf11680..89eb996a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -127,7 +127,7 @@ list(APPEND lib_SRCS lib/quotient_common.h lib/quotient_export.h lib/function_traits.h lib/function_traits.cpp - lib/omittable.h lib/omittable.cpp + lib/omittable.h lib/networkaccessmanager.h lib/networkaccessmanager.cpp lib/connectiondata.h lib/connectiondata.cpp lib/connection.h lib/connection.cpp diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 282ab036..9efab0d1 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -12,3 +12,4 @@ function(QUOTIENT_ADD_TEST) endfunction() quotient_add_test(NAME callcandidateseventtest) +quotient_add_test(NAME utiltests) diff --git a/autotests/utiltests.cpp b/autotests/utiltests.cpp new file mode 100644 index 00000000..e3ec63d0 --- /dev/null +++ b/autotests/utiltests.cpp @@ -0,0 +1,45 @@ +// SPDX-FileCopyrightText: 2021 Kitsune Ral +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include "omittable.h" + +#include + +// compile-time Omittable<> tests +using namespace Quotient; + +Omittable testFn(bool) { return 0; } +bool testFn2(int) { return false; } +static_assert( + std::is_same_v>().then(testFn)), + Omittable>); +static_assert( + std::is_same_v< + decltype(std::declval>().then_or(testFn, 0)), int>); +static_assert( + std::is_same_v>().then(testFn)), + Omittable>); +static_assert(std::is_same_v>() + .then(testFn2) + .then(testFn)), + Omittable>); +static_assert(std::is_same_v>() + .then(testFn) + .then_or(testFn2, false)), + bool>); + +constexpr auto visitTestFn(int, bool) { return false; } +static_assert( + std::is_same_v, decltype(lift(testFn2, Omittable()))>); +static_assert(std::is_same_v, + decltype(lift(visitTestFn, Omittable(), + Omittable()))>); + +class TestUtils : public QObject { + Q_OBJECT +private Q_SLOTS: + // TODO +}; + +QTEST_APPLESS_MAIN(TestUtils) +#include "utiltests.moc" diff --git a/lib/omittable.cpp b/lib/omittable.cpp deleted file mode 100644 index 245ae721..00000000 --- a/lib/omittable.cpp +++ /dev/null @@ -1,34 +0,0 @@ -// SPDX-FileCopyrightText: 2021 Kitsune Ral -// SPDX-License-Identifier: LGPL-2.1-or-later - -#include "omittable.h" - -// Omittable<> tests -using namespace Quotient; - -Omittable testFn(bool) { return 0; } -bool testFn2(int) { return false; } -static_assert( - std::is_same_v>().then(testFn)), - Omittable>); -static_assert( - std::is_same_v< - decltype(std::declval>().then_or(testFn, 0)), int>); -static_assert( - std::is_same_v>().then(testFn)), - Omittable>); -static_assert(std::is_same_v>() - .then(testFn2) - .then(testFn)), - Omittable>); -static_assert(std::is_same_v>() - .then(testFn) - .then_or(testFn2, false)), - bool>); - -constexpr auto visitTestFn(int, bool) { return false; } -static_assert( - std::is_same_v, decltype(lift(testFn2, Omittable()))>); -static_assert(std::is_same_v, - decltype(lift(visitTestFn, Omittable(), - Omittable()))>); -- cgit v1.2.3 From efa450920e5fc338e771e653ca0889e948d04ee7 Mon Sep 17 00:00:00 2001 From: Tobias Fella Date: Tue, 8 Mar 2022 00:06:36 +0100 Subject: Implement sending encrypted files --- autotests/CMakeLists.txt | 1 + autotests/testfilecrypto.cpp | 17 +++++++++++ autotests/testfilecrypto.h | 12 ++++++++ lib/eventitem.cpp | 10 +++++++ lib/eventitem.h | 3 ++ lib/events/encryptedfile.cpp | 26 +++++++++++++++-- lib/events/encryptedfile.h | 1 + lib/room.cpp | 67 +++++++++++++++++++++++++++++--------------- lib/room.h | 2 +- 9 files changed, 113 insertions(+), 26 deletions(-) create mode 100644 autotests/testfilecrypto.cpp create mode 100644 autotests/testfilecrypto.h (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index 671d6c08..c11901bf 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -18,4 +18,5 @@ if(${PROJECT_NAME}_ENABLE_E2EE) quotient_add_test(NAME testgroupsession) quotient_add_test(NAME testolmsession) quotient_add_test(NAME testolmutility) + quotient_add_test(NAME testfilecrypto) endif() diff --git a/autotests/testfilecrypto.cpp b/autotests/testfilecrypto.cpp new file mode 100644 index 00000000..e6bec1fe --- /dev/null +++ b/autotests/testfilecrypto.cpp @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2022 Tobias Fella +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include "testfilecrypto.h" +#include "events/encryptedfile.h" +#include + +using namespace Quotient; +void TestFileCrypto::encryptDecryptData() +{ + QByteArray data = "ABCDEF"; + auto [file, cipherText] = EncryptedFile::encryptFile(data); + auto decrypted = file.decryptFile(cipherText); + QCOMPARE(data, decrypted); +} +QTEST_APPLESS_MAIN(TestFileCrypto) diff --git a/autotests/testfilecrypto.h b/autotests/testfilecrypto.h new file mode 100644 index 00000000..9096a8c7 --- /dev/null +++ b/autotests/testfilecrypto.h @@ -0,0 +1,12 @@ +// SPDX-FileCopyrightText: 2022 Tobias Fella +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include + +class TestFileCrypto : public QObject +{ + Q_OBJECT +private Q_SLOTS: + void encryptDecryptData(); +}; diff --git a/lib/eventitem.cpp b/lib/eventitem.cpp index a2d65d8d..302ae053 100644 --- a/lib/eventitem.cpp +++ b/lib/eventitem.cpp @@ -26,6 +26,16 @@ void PendingEventItem::setFileUploaded(const QUrl& remoteUrl) setStatus(EventStatus::FileUploaded); } +void PendingEventItem::setEncryptedFile(const EncryptedFile& encryptedFile) +{ + if (auto* rme = getAs()) { + Q_ASSERT(rme->hasFileContent()); + rme->editContent([encryptedFile](EventContent::TypedBase& ec) { + ec.fileInfo()->file = encryptedFile; + }); + } +} + // Not exactly sure why but this helps with the linker not finding // Quotient::EventStatus::staticMetaObject when building Quaternion #include "moc_eventitem.cpp" diff --git a/lib/eventitem.h b/lib/eventitem.h index f04ef323..d8313736 100644 --- a/lib/eventitem.h +++ b/lib/eventitem.h @@ -9,6 +9,8 @@ #include #include +#include "events/encryptedfile.h" + namespace Quotient { namespace EventStatus { @@ -114,6 +116,7 @@ public: void setDeparted() { setStatus(EventStatus::Departed); } void setFileUploaded(const QUrl& remoteUrl); + void setEncryptedFile(const EncryptedFile& encryptedFile); void setReachedServer(const QString& eventId) { setStatus(EventStatus::ReachedServer); diff --git a/lib/events/encryptedfile.cpp b/lib/events/encryptedfile.cpp index d4a517bd..e90be428 100644 --- a/lib/events/encryptedfile.cpp +++ b/lib/events/encryptedfile.cpp @@ -8,6 +8,7 @@ #ifdef Quotient_E2EE_ENABLED #include #include +#include "e2ee/qolmutils.h" #endif using namespace Quotient; @@ -27,7 +28,7 @@ QByteArray EncryptedFile::decryptFile(const QByteArray& ciphertext) const { int length; auto* ctx = EVP_CIPHER_CTX_new(); - QByteArray plaintext(ciphertext.size() + EVP_CIPHER_CTX_block_size(ctx) + QByteArray plaintext(ciphertext.size() + EVP_MAX_BLOCK_LENGTH - 1, '\0'); EVP_DecryptInit_ex(ctx, EVP_aes_256_ctr(), nullptr, @@ -44,7 +45,7 @@ QByteArray EncryptedFile::decryptFile(const QByteArray& ciphertext) const + length, &length); EVP_CIPHER_CTX_free(ctx); - return plaintext; + return plaintext.left(ciphertext.size()); } #else qWarning(MAIN) << "This build of libQuotient doesn't support E2EE, " @@ -53,6 +54,27 @@ QByteArray EncryptedFile::decryptFile(const QByteArray& ciphertext) const #endif } +std::pair EncryptedFile::encryptFile(const QByteArray &plainText) +{ + QByteArray k = getRandom(32); + auto kBase64 = k.toBase64(); + QByteArray iv = getRandom(16); + JWK key = {"oct"_ls, {"encrypt"_ls, "decrypt"_ls}, "A256CTR"_ls, QString(k.toBase64()).replace(u'/', u'_').replace(u'+', u'-').left(kBase64.indexOf('=')), true}; + + int length; + auto* ctx = EVP_CIPHER_CTX_new(); + QByteArray cipherText(plainText.size(), plainText.size() + EVP_MAX_BLOCK_LENGTH - 1); + EVP_EncryptInit_ex(ctx, EVP_aes_256_ctr(), nullptr, reinterpret_cast(k.data()),reinterpret_cast(iv.data())); + EVP_EncryptUpdate(ctx, reinterpret_cast(cipherText.data()), &length, reinterpret_cast(plainText.data()), plainText.size()); + EVP_EncryptFinal_ex(ctx, reinterpret_cast(cipherText.data()) + length, &length); + EVP_CIPHER_CTX_free(ctx); + + auto hash = QCryptographicHash::hash(cipherText, QCryptographicHash::Sha256).toBase64(); + auto ivBase64 = iv.toBase64(); + EncryptedFile file = {{}, key, ivBase64.left(ivBase64.indexOf('=')), {{QStringLiteral("sha256"), hash.left(hash.indexOf('='))}}, "v2"_ls}; + return {file, cipherText}; +} + void JsonObjectConverter::dumpTo(QJsonObject& jo, const EncryptedFile& pod) { diff --git a/lib/events/encryptedfile.h b/lib/events/encryptedfile.h index d0c4a030..2ce35086 100644 --- a/lib/events/encryptedfile.h +++ b/lib/events/encryptedfile.h @@ -46,6 +46,7 @@ public: QString v; QByteArray decryptFile(const QByteArray &ciphertext) const; + static std::pair encryptFile(const QByteArray &plainText); }; template <> diff --git a/lib/room.cpp b/lib/room.cpp index 7db9f8e9..763ca31c 100644 --- a/lib/room.cpp +++ b/lib/room.cpp @@ -299,8 +299,7 @@ public: RoomEvent* addAsPending(RoomEventPtr&& event); - //TODO deleteWhenFinishedis ugly, find out if there's something nicer - QString doSendEvent(const RoomEvent* pEvent, bool deleteWhenFinished = false); + QString doSendEvent(const RoomEvent* pEvent); void onEventSendingFailure(const QString& txnId, BaseJob* call = nullptr); SetRoomStateWithKeyJob* requestSetState(const QString& evtType, @@ -2076,6 +2075,16 @@ QString Room::Private::sendEvent(RoomEventPtr&& event) qCWarning(MAIN) << q << "has been upgraded, event won't be sent"; return {}; } + + return doSendEvent(addAsPending(std::move(event))); +} + +QString Room::Private::doSendEvent(const RoomEvent* pEvent) +{ + const auto txnId = pEvent->transactionId(); + // TODO, #133: Enqueue the job rather than immediately trigger it. + const RoomEvent* _event = pEvent; + if (q->usesEncryption()) { if (!hasValidMegolmSession() || shouldRotateMegolmSession()) { createMegolmSession(); @@ -2083,10 +2092,8 @@ QString Room::Private::sendEvent(RoomEventPtr&& event) const auto devicesWithoutKey = getDevicesWithoutKey(); sendMegolmSession(devicesWithoutKey); - //TODO check if this is necessary //TODO check if we increment the sent message count - event->setRoomId(id); - const auto encrypted = currentOutboundMegolmSession->encrypt(QJsonDocument(event->fullJson()).toJson()); + const auto encrypted = currentOutboundMegolmSession->encrypt(QJsonDocument(pEvent->fullJson()).toJson()); currentOutboundMegolmSession->setMessageCount(currentOutboundMegolmSession->messageCount() + 1); connection->saveCurrentOutboundMegolmSession(q, currentOutboundMegolmSession); if(std::holds_alternative(encrypted)) { @@ -2098,23 +2105,14 @@ QString Room::Private::sendEvent(RoomEventPtr&& event) encryptedEvent->setTransactionId(connection->generateTxnId()); encryptedEvent->setRoomId(id); encryptedEvent->setSender(connection->userId()); - event->setTransactionId(encryptedEvent->transactionId()); // We show the unencrypted event locally while pending. The echo check will throw the encrypted version out - addAsPending(std::move(event)); - return doSendEvent(encryptedEvent, true); + _event = encryptedEvent; } - return doSendEvent(addAsPending(std::move(event))); -} - -QString Room::Private::doSendEvent(const RoomEvent* pEvent, bool deleteWhenFinished) -{ - const auto txnId = pEvent->transactionId(); - // TODO, #133: Enqueue the job rather than immediately trigger it. if (auto call = connection->callApi(BackgroundRequest, id, - pEvent->matrixType(), txnId, - pEvent->contentJson())) { + _event->matrixType(), txnId, + _event->contentJson())) { Room::connect(call, &BaseJob::sentRequest, q, [this, txnId] { auto it = q->findPendingEvent(txnId); if (it == unsyncedEvents.end()) { @@ -2128,7 +2126,7 @@ QString Room::Private::doSendEvent(const RoomEvent* pEvent, bool deleteWhenFinis Room::connect(call, &BaseJob::failure, q, std::bind(&Room::Private::onEventSendingFailure, this, txnId, call)); - Room::connect(call, &BaseJob::success, q, [this, call, txnId, deleteWhenFinished, pEvent] { + Room::connect(call, &BaseJob::success, q, [this, call, txnId, _event] { auto it = q->findPendingEvent(txnId); if (it != unsyncedEvents.end()) { if (it->deliveryStatus() != EventStatus::ReachedServer) { @@ -2140,8 +2138,8 @@ QString Room::Private::doSendEvent(const RoomEvent* pEvent, bool deleteWhenFinis << "already merged"; emit q->messageSent(txnId, call->eventId()); - if (deleteWhenFinished){ - delete pEvent; + if (q->usesEncryption()){ + delete _event; } }); } else @@ -2266,13 +2264,16 @@ QString Room::Private::doPostFile(RoomEventPtr&& msgEvent, const QUrl& localUrl) // Below, the upload job is used as a context object to clean up connections const auto& transferJob = fileTransfers.value(txnId).job; connect(q, &Room::fileTransferCompleted, transferJob, - [this, txnId](const QString& tId, const QUrl&, const QUrl& mxcUri) { + [this, txnId](const QString& tId, const QUrl&, const QUrl& mxcUri, Omittable encryptedFile) { if (tId != txnId) return; const auto it = q->findPendingEvent(txnId); if (it != unsyncedEvents.end()) { it->setFileUploaded(mxcUri); + if (encryptedFile) { + it->setEncryptedFile(*encryptedFile); + } emit q->pendingEventChanged( int(it - unsyncedEvents.begin())); doSendEvent(it->get()); @@ -2508,6 +2509,20 @@ void Room::uploadFile(const QString& id, const QUrl& localFilename, Q_ASSERT_X(localFilename.isLocalFile(), __FUNCTION__, "localFilename should point at a local file"); auto fileName = localFilename.toLocalFile(); + Omittable encryptedFile = std::nullopt; +#ifdef Quotient_E2EE_ENABLED + QTemporaryFile tempFile; + if (usesEncryption()) { + tempFile.open(); + QFile file(localFilename.toLocalFile()); + file.open(QFile::ReadOnly); + auto [e, data] = EncryptedFile::encryptFile(file.readAll()); + tempFile.write(data); + tempFile.close(); + fileName = QFileInfo(tempFile).absoluteFilePath(); + encryptedFile = e; + } +#endif auto job = connection()->uploadFile(fileName, overrideContentType); if (isJobPending(job)) { d->fileTransfers[id] = { job, fileName, true }; @@ -2516,9 +2531,15 @@ void Room::uploadFile(const QString& id, const QUrl& localFilename, d->fileTransfers[id].update(sent, total); emit fileTransferProgress(id, sent, total); }); - connect(job, &BaseJob::success, this, [this, id, localFilename, job] { + connect(job, &BaseJob::success, this, [this, id, localFilename, job, encryptedFile] { d->fileTransfers[id].status = FileTransferInfo::Completed; - emit fileTransferCompleted(id, localFilename, QUrl(job->contentUri())); + if (encryptedFile) { + auto file = *encryptedFile; + file.url = QUrl(job->contentUri()); + emit fileTransferCompleted(id, localFilename, QUrl(job->contentUri()), file); + } else { + emit fileTransferCompleted(id, localFilename, QUrl(job->contentUri())); + } }); connect(job, &BaseJob::failure, this, std::bind(&Private::failedTransfer, d, id, job->errorString())); diff --git a/lib/room.h b/lib/room.h index 6e6071f0..d5a8366a 100644 --- a/lib/room.h +++ b/lib/room.h @@ -999,7 +999,7 @@ Q_SIGNALS: void newFileTransfer(QString id, QUrl localFile); void fileTransferProgress(QString id, qint64 progress, qint64 total); - void fileTransferCompleted(QString id, QUrl localFile, QUrl mxcUrl); + void fileTransferCompleted(QString id, QUrl localFile, QUrl mxcUrl, Omittable encryptedFile = std::nullopt); void fileTransferFailed(QString id, QString errorMessage = {}); // fileTransferCancelled() is no more here; use fileTransferFailed() and // check the transfer status instead -- cgit v1.2.3 From ecf6b855b0fc8cbe16d34b67ae1dca7bd9b69948 Mon Sep 17 00:00:00 2001 From: Tobias Fella Date: Tue, 6 Sep 2022 21:35:27 +0200 Subject: Add autotest for key verification and fix several edge-cases --- autotests/CMakeLists.txt | 1 + autotests/testkeyverification.cpp | 50 +++++++++++++++++++++++++++++++++++++++ autotests/testkeyverification.h | 18 ++++++++++++++ autotests/testolmaccount.cpp | 22 ++--------------- autotests/testutils.h | 32 +++++++++++++++++++++++++ lib/keyverificationsession.cpp | 15 +++++++++--- lib/keyverificationsession.h | 7 ++++++ 7 files changed, 122 insertions(+), 23 deletions(-) create mode 100644 autotests/testkeyverification.cpp create mode 100644 autotests/testkeyverification.h create mode 100644 autotests/testutils.h (limited to 'autotests/CMakeLists.txt') diff --git a/autotests/CMakeLists.txt b/autotests/CMakeLists.txt index c11901bf..48edb168 100644 --- a/autotests/CMakeLists.txt +++ b/autotests/CMakeLists.txt @@ -19,4 +19,5 @@ if(${PROJECT_NAME}_ENABLE_E2EE) quotient_add_test(NAME testolmsession) quotient_add_test(NAME testolmutility) quotient_add_test(NAME testfilecrypto) + quotient_add_test(NAME testkeyverification) endif() diff --git a/autotests/testkeyverification.cpp b/autotests/testkeyverification.cpp new file mode 100644 index 00000000..fbbb7614 --- /dev/null +++ b/autotests/testkeyverification.cpp @@ -0,0 +1,50 @@ +// SPDX-FileCopyrightText: 2022 Tobias Fella +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#include "testkeyverification.h" +#include "qt_connection_util.h" + +void TestKeyVerificationSession::testVerification() +{ + CREATE_CONNECTION(a, "alice1", "secret", "AliceDesktop") + CREATE_CONNECTION(b, "alice1", "secret", "AlicePhone") + + KeyVerificationSession *aSession = nullptr; + connect(a.get(), &Connection::newKeyVerificationSession, this, [&](KeyVerificationSession* session) { + aSession = session; + QVERIFY(session->remoteDeviceId() == b->deviceId()); + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORREADY); + connectSingleShot(session, &KeyVerificationSession::stateChanged, this, [=](){ + QVERIFY(session->state() == KeyVerificationSession::ACCEPTED); + connectSingleShot(session, &KeyVerificationSession::stateChanged, this, [=](){ + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORVERIFICATION); + session->sendMac(); + }); + }); + }); + a->startKeyVerificationSession(b->deviceId()); + connect(b.get(), &Connection::newKeyVerificationSession, this, [=](KeyVerificationSession* session) { + QVERIFY(session->remoteDeviceId() == a->deviceId()); + QVERIFY(session->state() == KeyVerificationSession::INCOMING); + session->sendReady(); + // KeyVerificationSession::READY is skipped because we have only one method + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORACCEPT); + connectSingleShot(session, &KeyVerificationSession::stateChanged, this, [=](){ + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORKEY || session->state() == KeyVerificationSession::ACCEPTED); + connectSingleShot(session, &KeyVerificationSession::stateChanged, this, [=]() { + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORVERIFICATION); + QVERIFY(aSession); + QVERIFY(aSession->sasEmojis() == session->sasEmojis()); + session->sendMac(); + QVERIFY(session->state() == KeyVerificationSession::WAITINGFORMAC); + }); + }); + + }); + b->syncLoop(); + a->syncLoop(); + QSignalSpy spy(b.get(), &Connection::incomingKeyVerificationDone); + spy.wait(10000); +} +QTEST_GUILESS_MAIN(TestKeyVerificationSession) diff --git a/autotests/testkeyverification.h b/autotests/testkeyverification.h new file mode 100644 index 00000000..28e00e11 --- /dev/null +++ b/autotests/testkeyverification.h @@ -0,0 +1,18 @@ +// SPDX-FileCopyrightText: 2022 Tobias Fella +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#pragma once + +#include +#include "testutils.h" + +class TestKeyVerificationSession : public QObject +{ + Q_OBJECT + +private Q_SLOTS: + void testVerification(); + +}; + diff --git a/autotests/testolmaccount.cpp b/autotests/testolmaccount.cpp index 4b32393d..280705d0 100644 --- a/autotests/testolmaccount.cpp +++ b/autotests/testolmaccount.cpp @@ -14,6 +14,8 @@ #include #include +#include "testutils.h" + using namespace Quotient; void TestOlmAccount::pickleUnpickledTest() @@ -168,26 +170,6 @@ void TestOlmAccount::encryptedFile() QCOMPARE(file.key.kty, "oct"); } -#define CREATE_CONNECTION(VAR, USERNAME, SECRET, DEVICE_NAME) \ - NetworkAccessManager::instance()->ignoreSslErrors(true); \ - auto VAR = std::make_shared(); \ - (VAR)->resolveServer("@" USERNAME ":localhost:1234"); \ - connect((VAR).get(), &Connection::loginFlowsChanged, this, [=] { \ - (VAR)->loginWithPassword((USERNAME), SECRET, DEVICE_NAME, ""); \ - }); \ - connect((VAR).get(), &Connection::networkError, [](const QString& error) { \ - QWARN(qUtf8Printable(error)); \ - QFAIL("Network error: make sure synapse is running"); \ - }); \ - connect((VAR).get(), &Connection::loginError, [](const QString& error) { \ - QWARN(qUtf8Printable(error)); \ - QFAIL("Login failed"); \ - }); \ - QSignalSpy spy##VAR((VAR).get(), &Connection::loginFlowsChanged); \ - QSignalSpy spy2##VAR((VAR).get(), &Connection::connected); \ - QVERIFY(spy##VAR.wait(10000)); \ - QVERIFY(spy2##VAR.wait(10000)); - void TestOlmAccount::uploadIdentityKey() { CREATE_CONNECTION(conn, "alice1", "secret", "AlicePhone") diff --git a/autotests/testutils.h b/autotests/testutils.h new file mode 100644 index 00000000..7d016a34 --- /dev/null +++ b/autotests/testutils.h @@ -0,0 +1,32 @@ +// SPDX-FileCopyrightText: 2021 Carl Schwan +// +// SPDX-License-Identifier: LGPL-2.1-or-later + +#pragma once + +#include +#include + +#include + +using namespace Quotient; + +#define CREATE_CONNECTION(VAR, USERNAME, SECRET, DEVICE_NAME) \ + NetworkAccessManager::instance()->ignoreSslErrors(true); \ + auto VAR = std::make_shared(); \ + (VAR)->resolveServer("@" USERNAME ":localhost:1234"); \ + connect((VAR).get(), &Connection::loginFlowsChanged, this, [=] { \ + (VAR)->loginWithPassword((USERNAME), SECRET, DEVICE_NAME, ""); \ + }); \ + connect((VAR).get(), &Connection::networkError, [](const QString& error) { \ + QWARN(qUtf8Printable(error)); \ + QFAIL("Network error: make sure synapse is running"); \ + }); \ + connect((VAR).get(), &Connection::loginError, [](const QString& error) { \ + QWARN(qUtf8Printable(error)); \ + QFAIL("Login failed"); \ + }); \ + QSignalSpy spy##VAR((VAR).get(), &Connection::loginFlowsChanged); \ + QSignalSpy spy2##VAR((VAR).get(), &Connection::connected); \ + QVERIFY(spy##VAR.wait(10000)); \ + QVERIFY(spy2##VAR.wait(10000)); diff --git a/lib/keyverificationsession.cpp b/lib/keyverificationsession.cpp index 44a085fe..24fc08e1 100644 --- a/lib/keyverificationsession.cpp +++ b/lib/keyverificationsession.cpp @@ -154,7 +154,7 @@ EmojiEntry emojiForCode(int code, const QString& language) void KeyVerificationSession::handleKey(const KeyVerificationKeyEvent& event) { - if (state() != WAITINGFORKEY && state() != WAITINGFORVERIFICATION) { + if (state() != WAITINGFORKEY && state() != ACCEPTED) { cancelVerification(UNEXPECTED_MESSAGE); return; } @@ -176,7 +176,6 @@ void KeyVerificationSession::handleKey(const KeyVerificationKeyEvent& event) } else { sendKey(); } - setState(WAITINGFORVERIFICATION); std::string key(olm_sas_pubkey_length(m_sas), '\0'); olm_sas_get_pubkey(m_sas, key.data(), key.size()); @@ -214,6 +213,7 @@ void KeyVerificationSession::handleKey(const KeyVerificationKeyEvent& event) emit sasEmojisChanged(); emit keyReceived(); + setState(WAITINGFORVERIFICATION); } QString KeyVerificationSession::calculateMac(const QString& input, @@ -314,6 +314,10 @@ void KeyVerificationSession::sendStartSas() void KeyVerificationSession::handleReady(const KeyVerificationReadyEvent& event) { + if (state() == ACCEPTED) { + // It's possible to receive ready and start in the same sync, in which case start might be handled before ready. + return; + } if (state() != WAITINGFORREADY) { cancelVerification(UNEXPECTED_MESSAGE); return; @@ -334,7 +338,7 @@ void KeyVerificationSession::handleReady(const KeyVerificationReadyEvent& event) void KeyVerificationSession::handleStart(const KeyVerificationStartEvent& event) { - if (state() != READY) { + if (state() != READY && state() != WAITINGFORREADY) { cancelVerification(UNEXPECTED_MESSAGE); return; } @@ -510,3 +514,8 @@ KeyVerificationSession::Error KeyVerificationSession::stringToError(const QStrin } return NONE; } + +QString KeyVerificationSession::remoteDeviceId() const +{ + return m_remoteDeviceId; +} diff --git a/lib/keyverificationsession.h b/lib/keyverificationsession.h index aa0295cb..31f63453 100644 --- a/lib/keyverificationsession.h +++ b/lib/keyverificationsession.h @@ -19,6 +19,11 @@ struct QUOTIENT_API EmojiEntry { Q_GADGET Q_PROPERTY(QString emoji MEMBER emoji CONSTANT) Q_PROPERTY(QString description MEMBER description CONSTANT) + +public: + bool operator==(const EmojiEntry& rhs) const { + return emoji == rhs.emoji && description == rhs.description; + } }; /** A key verification session. Listen for incoming sessions by connecting to Connection::newKeyVerificationSession. @@ -93,6 +98,8 @@ public: Error error() const; + QString remoteDeviceId() const; + public Q_SLOTS: void sendRequest(); void sendReady(); -- cgit v1.2.3