mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
Add crypto backend for signal-protocol
This commit is contained in:
parent
4a5b672f95
commit
bfbc8edcad
@ -70,6 +70,7 @@ unittest_sources = \
|
||||
src/otr/otr.h \
|
||||
src/pgp/gpg.h \
|
||||
src/omemo/omemo.h \
|
||||
src/omemo/crypto.h \
|
||||
src/command/cmd_defs.h src/command/cmd_defs.c \
|
||||
src/command/cmd_funcs.h src/command/cmd_funcs.c \
|
||||
src/command/cmd_ac.h src/command/cmd_ac.c \
|
||||
@ -170,7 +171,7 @@ otr4_sources = \
|
||||
src/otr/otrlib.h src/otr/otrlibv4.c src/otr/otr.h src/otr/otr.c
|
||||
|
||||
omemo_sources = \
|
||||
src/omemo/omemo.h src/omemo/omemo.c
|
||||
src/omemo/omemo.h src/omemo/omemo.c src/omemo/crypto.h src/omemo/crypto.c
|
||||
|
||||
if BUILD_PYTHON_API
|
||||
core_sources += $(python_sources)
|
||||
|
@ -275,6 +275,14 @@ if test "x$enable_omemo" != xno; then
|
||||
[AS_IF([test "x$enable_omemo" = xyes],
|
||||
[AC_MSG_ERROR([libsignal-protocol-c is required for omemo support])],
|
||||
[AC_MSG_NOTICE([libsignal-protocol-c not found, omemo support not enabled])])])
|
||||
|
||||
AC_CHECK_LIB([sodium], [sodium_init],
|
||||
[AM_CONDITIONAL([BUILD_OMEMO], [true])
|
||||
AC_DEFINE([HAVE_LIBSIGNAL_PROTOCOL], [1], [Have omemo]),
|
||||
LIBS="-lsodium $LIBS"],
|
||||
[AS_IF([test "x$enable_omemo" = xyes],
|
||||
[AC_MSG_ERROR([libsodium is required for omemo support])],
|
||||
[AC_MSG_NOTICE([libsodium not found, omemo support not enabled])])])
|
||||
fi
|
||||
|
||||
AS_IF([test "x$with_themes" = xno],
|
||||
|
136
src/omemo/crypto.c
Normal file
136
src/omemo/crypto.c
Normal file
@ -0,0 +1,136 @@
|
||||
#include <assert.h>
|
||||
#include <signal/signal_protocol.h>
|
||||
#include <signal/signal_protocol_types.h>
|
||||
#include <sodium.h>
|
||||
|
||||
#include "omemo/crypto.h"
|
||||
|
||||
int
|
||||
omemo_crypto_init(void)
|
||||
{
|
||||
if (sodium_init() < 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (crypto_aead_aes256gcm_is_available() == 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
omemo_random_func(uint8_t *data, size_t len, void *user_data)
|
||||
{
|
||||
randombytes_buf(data, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
omemo_hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data)
|
||||
{
|
||||
*hmac_context = sodium_malloc(sizeof(crypto_auth_hmacsha256_state));
|
||||
return crypto_auth_hmacsha256_init(*hmac_context, key, key_len);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_hmac_sha256_update_func(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data)
|
||||
{
|
||||
return crypto_auth_hmacsha256_update(hmac_context, data, data_len);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_hmac_sha256_final_func(void *hmac_context, signal_buffer **output, void *user_data)
|
||||
{
|
||||
int ret;
|
||||
unsigned char out[crypto_auth_hmacsha256_BYTES];
|
||||
|
||||
if ((ret = crypto_auth_hmacsha256_final(hmac_context, out)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
*output = signal_buffer_create(out, crypto_auth_hmacsha256_BYTES);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
omemo_hmac_sha256_cleanup_func(void *hmac_context, void *user_data)
|
||||
{
|
||||
sodium_free(hmac_context);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_sha512_digest_init_func(void **digest_context, void *user_data)
|
||||
{
|
||||
*digest_context = sodium_malloc(sizeof(crypto_hash_sha512_state));
|
||||
return crypto_hash_sha512_init(*digest_context);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_sha512_digest_update_func(void *digest_context, const uint8_t *data, size_t data_len, void *user_data)
|
||||
{
|
||||
return crypto_hash_sha512_update(digest_context, data, data_len);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_sha512_digest_final_func(void *digest_context, signal_buffer **output, void *user_data)
|
||||
{
|
||||
int ret;
|
||||
unsigned char out[crypto_hash_sha512_BYTES];
|
||||
|
||||
if ((ret = crypto_hash_sha512_final(digest_context, out)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
*output = signal_buffer_create(out, crypto_hash_sha512_BYTES);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
omemo_sha512_digest_cleanup_func(void *digest_context, void *user_data)
|
||||
{
|
||||
sodium_free(digest_context);
|
||||
}
|
||||
|
||||
int
|
||||
omemo_encrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len,
|
||||
const uint8_t *plaintext, size_t plaintext_len, void *user_data)
|
||||
{
|
||||
unsigned char *ciphertext;
|
||||
unsigned long long ciphertext_len;
|
||||
|
||||
assert(cipher != SG_CIPHER_AES_GCM_NOPADDING);
|
||||
assert(key_len == crypto_aead_aes256gcm_KEYBYTES);
|
||||
assert(iv_len == crypto_aead_aes256gcm_NPUBBYTES);
|
||||
|
||||
ciphertext = malloc(plaintext_len + crypto_aead_aes256gcm_ABYTES);
|
||||
crypto_aead_aes256gcm_encrypt(ciphertext, &ciphertext_len, plaintext, plaintext_len, NULL, 0, NULL, iv, key);
|
||||
|
||||
*output = signal_buffer_create(ciphertext, ciphertext_len);
|
||||
free(ciphertext);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
omemo_decrypt_func(signal_buffer **output, int cipher, const uint8_t *key, size_t key_len, const uint8_t *iv, size_t iv_len,
|
||||
const uint8_t *ciphertext, size_t ciphertext_len, void *user_data)
|
||||
{
|
||||
unsigned char *plaintext;
|
||||
unsigned long long plaintext_len;
|
||||
|
||||
assert(cipher != SG_CIPHER_AES_GCM_NOPADDING);
|
||||
assert(key_len == crypto_aead_aes256gcm_KEYBYTES);
|
||||
assert(iv_len == crypto_aead_aes256gcm_NPUBBYTES);
|
||||
|
||||
plaintext = malloc(ciphertext_len - crypto_aead_aes256gcm_ABYTES);
|
||||
if (crypto_aead_aes256gcm_decrypt(plaintext, &plaintext_len, NULL, ciphertext, ciphertext_len, NULL, 0, iv, key) < 0) {
|
||||
free(plaintext);
|
||||
return -1;
|
||||
}
|
||||
|
||||
*output = signal_buffer_create(plaintext, plaintext_len);
|
||||
free(plaintext);
|
||||
|
||||
return 0;
|
||||
}
|
136
src/omemo/crypto.h
Normal file
136
src/omemo/crypto.h
Normal file
@ -0,0 +1,136 @@
|
||||
#include <signal/signal_protocol_types.h>
|
||||
|
||||
#define SG_CIPHER_AES_GCM_NOPADDING 1000
|
||||
|
||||
int omemo_crypto_init(void);
|
||||
/**
|
||||
* Callback for a secure random number generator.
|
||||
* This function shall fill the provided buffer with random bytes.
|
||||
*
|
||||
* @param data pointer to the output buffer
|
||||
* @param len size of the output buffer
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_random_func(uint8_t *data, size_t len, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an HMAC-SHA256 implementation.
|
||||
* This function shall initialize an HMAC context with the provided key.
|
||||
*
|
||||
* @param hmac_context private HMAC context pointer
|
||||
* @param key pointer to the key
|
||||
* @param key_len length of the key
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an HMAC-SHA256 implementation.
|
||||
* This function shall update the HMAC context with the provided data
|
||||
*
|
||||
* @param hmac_context private HMAC context pointer
|
||||
* @param data pointer to the data
|
||||
* @param data_len length of the data
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_hmac_sha256_update_func(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an HMAC-SHA256 implementation.
|
||||
* This function shall finalize an HMAC calculation and populate the output
|
||||
* buffer with the result.
|
||||
*
|
||||
* @param hmac_context private HMAC context pointer
|
||||
* @param output buffer to be allocated and populated with the result
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_hmac_sha256_final_func(void *hmac_context, signal_buffer **output, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an HMAC-SHA256 implementation.
|
||||
* This function shall free the private context allocated in
|
||||
* hmac_sha256_init_func.
|
||||
*
|
||||
* @param hmac_context private HMAC context pointer
|
||||
*/
|
||||
void omemo_hmac_sha256_cleanup_func(void *hmac_context, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for a SHA512 message digest implementation.
|
||||
* This function shall initialize a digest context.
|
||||
*
|
||||
* @param digest_context private digest context pointer
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_sha512_digest_init_func(void **digest_context, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for a SHA512 message digest implementation.
|
||||
* This function shall update the digest context with the provided data.
|
||||
*
|
||||
* @param digest_context private digest context pointer
|
||||
* @param data pointer to the data
|
||||
* @param data_len length of the data
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_sha512_digest_update_func(void *digest_context, const uint8_t *data, size_t data_len, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for a SHA512 message digest implementation.
|
||||
* This function shall finalize the digest calculation, populate the
|
||||
* output buffer with the result, and prepare the context for reuse.
|
||||
*
|
||||
* @param digest_context private digest context pointer
|
||||
* @param output buffer to be allocated and populated with the result
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_sha512_digest_final_func(void *digest_context, signal_buffer **output, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for a SHA512 message digest implementation.
|
||||
* This function shall free the private context allocated in
|
||||
* sha512_digest_init_func.
|
||||
*
|
||||
* @param digest_context private digest context pointer
|
||||
*/
|
||||
void omemo_sha512_digest_cleanup_func(void *digest_context, void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an AES encryption implementation.
|
||||
*
|
||||
* @param output buffer to be allocated and populated with the ciphertext
|
||||
* @param cipher specific cipher variant to use, either SG_CIPHER_AES_CTR_NOPADDING or SG_CIPHER_AES_CBC_PKCS5
|
||||
* @param key the encryption key
|
||||
* @param key_len length of the encryption key
|
||||
* @param iv the initialization vector
|
||||
* @param iv_len length of the initialization vector
|
||||
* @param plaintext the plaintext to encrypt
|
||||
* @param plaintext_len length of the plaintext
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_encrypt_func(signal_buffer **output,
|
||||
int cipher,
|
||||
const uint8_t *key, size_t key_len,
|
||||
const uint8_t *iv, size_t iv_len,
|
||||
const uint8_t *plaintext, size_t plaintext_len,
|
||||
void *user_data);
|
||||
|
||||
/**
|
||||
* Callback for an AES decryption implementation.
|
||||
*
|
||||
* @param output buffer to be allocated and populated with the plaintext
|
||||
* @param cipher specific cipher variant to use, either SG_CIPHER_AES_CTR_NOPADDING or SG_CIPHER_AES_CBC_PKCS5
|
||||
* @param key the encryption key
|
||||
* @param key_len length of the encryption key
|
||||
* @param iv the initialization vector
|
||||
* @param iv_len length of the initialization vector
|
||||
* @param ciphertext the ciphertext to decrypt
|
||||
* @param ciphertext_len length of the ciphertext
|
||||
* @return 0 on success, negative on failure
|
||||
*/
|
||||
int omemo_decrypt_func(signal_buffer **output,
|
||||
int cipher,
|
||||
const uint8_t *key, size_t key_len,
|
||||
const uint8_t *iv, size_t iv_len,
|
||||
const uint8_t *ciphertext, size_t ciphertext_len,
|
||||
void *user_data);
|
@ -1,10 +1,40 @@
|
||||
#include <signal/signal_protocol.h>
|
||||
|
||||
#include "config/account.h"
|
||||
#include "ui/ui.h"
|
||||
#include "omemo/crypto.h"
|
||||
|
||||
void
|
||||
omemo_init(ProfAccount *account)
|
||||
{
|
||||
signal_context *global_context;
|
||||
signal_context_create(&global_context, NULL);
|
||||
signal_crypto_provider crypto_provider = {
|
||||
.random_func = omemo_random_func,
|
||||
.hmac_sha256_init_func = omemo_hmac_sha256_init_func,
|
||||
.hmac_sha256_update_func = omemo_hmac_sha256_update_func,
|
||||
.hmac_sha256_final_func = omemo_hmac_sha256_final_func,
|
||||
.hmac_sha256_cleanup_func = omemo_hmac_sha256_cleanup_func,
|
||||
.sha512_digest_init_func = omemo_sha512_digest_init_func,
|
||||
.sha512_digest_update_func = omemo_sha512_digest_update_func,
|
||||
.sha512_digest_final_func = omemo_sha512_digest_final_func,
|
||||
.sha512_digest_cleanup_func = omemo_sha512_digest_cleanup_func,
|
||||
.encrypt_func = omemo_encrypt_func,
|
||||
.decrypt_func = omemo_decrypt_func,
|
||||
.user_data = NULL
|
||||
};
|
||||
|
||||
if (omemo_crypto_init() != 0) {
|
||||
cons_show("Error initializing Omemo crypto");
|
||||
}
|
||||
|
||||
if (signal_context_create(&global_context, NULL) != 0) {
|
||||
cons_show("Error initializing Omemo context");
|
||||
return;
|
||||
}
|
||||
|
||||
if (signal_context_set_crypto_provider(global_context, &crypto_provider) != 0) {
|
||||
cons_show("Error initializing Omemo crypto");
|
||||
return;
|
||||
}
|
||||
//signal_context_set_locking_functions(global_context, lock_function, unlock_function);
|
||||
}
|
||||
|
3
src/omemo/omemo.h
Normal file
3
src/omemo/omemo.h
Normal file
@ -0,0 +1,3 @@
|
||||
#include "config/account.h"
|
||||
|
||||
void omemo_init(ProfAccount *account);
|
Loading…
Reference in New Issue
Block a user