X-Git-Url: https://gitweb.ps.run/matrix_esp_thesis/blobdiff_plain/9eaa420b7bf51cc81c50e7f4ca0f256498a07c86..HEAD:/src/matrix.c diff --git a/src/matrix.c b/src/matrix.c index ef094b8..8b186ca 100644 --- a/src/matrix.c +++ b/src/matrix.c @@ -3,19 +3,24 @@ #include #include #include +#include #ifdef ESP_PLATFORM #include #endif -#define STATIC +// can be used to disable static allocation +#define STATIC static +// DEFINES #define LOGIN_REQUEST_SIZE 1024 #define LOGIN_RESPONSE_SIZE 1024 #define LOGIN_URL "/_matrix/client/v3/login" #define ENCRYPTED_REQUEST_SIZE (1024*5) +STATIC char g_EncryptedRequestBuffer[ENCRYPTED_REQUEST_SIZE]; #define ENCRYPTED_EVENT_SIZE (1024*10) +STATIC char g_EncryptedEventBuffer[ENCRYPTED_EVENT_SIZE]; #define ROOM_SEND_REQUEST_SIZE 256 #define ROOM_SEND_RESPONSE_SIZE 1024 #define ROOM_SEND_URL "/_matrix/client/v3/rooms/%s/send/%s/%d" @@ -23,15 +28,18 @@ #define ROOMKEY_REQUEST_SIZE (1024*4) #define TODEVICE_EVENT_SIZE (1024*5) +STATIC char g_TodeviceEventBuffer[TODEVICE_EVENT_SIZE]; #define TODEVICE_URL "/_matrix/client/v3/sendToDevice/%s/%d" #define KEYS_QUERY_URL "/_matrix/client/v3/keys/query" #define KEYS_QUERY_REQUEST_SIZE 256 -#define KEYS_QUERY_RESPONSE_SIZE (1024*10) +#define KEYS_QUERY_RESPONSE_SIZE (1024*5) #define KEYS_UPLOAD_URL "/_matrix/client/v3/keys/upload" #define KEYS_UPLOAD_REQUEST_SIZE 1024*4 +STATIC char g_KeysUploadRequestBuffer[KEYS_UPLOAD_REQUEST_SIZE]; #define KEYS_UPLOAD_REQUEST_SIGNED_SIZE 2048*4 +STATIC char g_KeysUploadRequestSignedBuffer[KEYS_UPLOAD_REQUEST_SIGNED_SIZE]; #define KEYS_UPLOAD_RESPONSE_SIZE 2048 #define KEYS_CLAIM_URL "/_matrix/client/v3/keys/claim" @@ -47,6 +55,8 @@ #define MAX(a,b) ((a) > (b) ? (a) : (b)) #define MIN(a,b) ((a) < (b) ? (a) : (b)) +// Util + void Randomize( uint8_t * random, @@ -203,7 +213,6 @@ bool JsonSign( return true; } - bool MatrixOlmAccountInit( MatrixOlmAccount * account) @@ -364,6 +373,7 @@ MatrixOlmSessionEncrypt( STATIC uint8_t random[OLM_ENCRYPT_RANDOM_SIZE]; Randomize(random, OLM_ENCRYPT_RANDOM_SIZE); + memset(outBuffer, 0, outBufferCap); size_t res = olm_encrypt(session->session, plaintext, strlen(plaintext), random, OLM_ENCRYPT_RANDOM_SIZE, @@ -388,7 +398,7 @@ MatrixOlmSessionDecrypt( encrypted, strlen(encrypted), outBuffer, outBufferCap); - if (res != olm_error() && res < outBufferCap) + if (res != olm_error() && (int)res < outBufferCap) outBuffer[res] = '\0'; return res != olm_error(); @@ -439,14 +449,9 @@ MatrixMegolmInSessionDecrypt( (uint8_t *)outDecrypted, outDecryptedCap, &megolmInMessageIndex); - printf("message index: %d\n", (int)megolmInMessageIndex); - if (res == olm_error()) { printf("error decrypting megolm message: %s\n", olm_inbound_group_session_last_error(session->session)); } - else { - printf("decrypted len: %d\n", res); - } return true; } @@ -489,6 +494,7 @@ MatrixMegolmOutSessionEncrypt( const char * plaintext, char * outBuffer, int outBufferCap) { + memset(outBuffer, 0, outBufferCap); size_t res = olm_group_encrypt(session->session, (uint8_t *)plaintext, strlen(plaintext), (uint8_t *)outBuffer, outBufferCap); @@ -496,73 +502,6 @@ MatrixMegolmOutSessionEncrypt( return res != olm_error(); } -bool -MatrixMegolmOutSessionSave( - MatrixMegolmOutSession * session, - const char * filename, - const char * key) -{ - FILE * f = fopen(filename, "w"); - - size_t roomIdLen = strlen(session->roomId); - fwrite(&roomIdLen, sizeof(size_t), 1, f); - fwrite(session->roomId, 1, roomIdLen, f); - - size_t pickleBufferLen = - olm_pickle_outbound_group_session_length( - session->session); - void * pickleBuffer = malloc(pickleBufferLen); - - olm_pickle_outbound_group_session( - session->session, - key, strlen(key), - pickleBuffer, pickleBufferLen); - - fwrite(&pickleBufferLen, sizeof(size_t), 1, f); - fwrite(pickleBuffer, 1, pickleBufferLen, f); - free(pickleBuffer); - - fclose(f); - - return true; -} - -bool -MatrixMegolmOutSessionLoad( - MatrixMegolmOutSession * session, - const char * filename, - const char * key) -{ - FILE * f = fopen(filename, "r"); - - size_t roomIdLen; - fread(&roomIdLen, sizeof(size_t), 1, f); - fread(session->roomId, 1, roomIdLen, f); - for (int i = roomIdLen; i < ROOM_ID_SIZE; i++) - session->roomId[i] = '\0'; - - size_t pickleBufferLen; - fread(&pickleBufferLen, sizeof(size_t), 1, f); - - void * pickleBuffer = malloc(pickleBufferLen); - fread(pickleBuffer, 1, pickleBufferLen, f); - - olm_unpickle_outbound_group_session( - session->session, - key, strlen(key), - pickleBuffer, pickleBufferLen); - - free(pickleBuffer); - - olm_outbound_group_session_id(session->session, (uint8_t *)session->id, MEGOLM_SESSION_ID_SIZE); - olm_outbound_group_session_key(session->session, (uint8_t *)session->key, MEGOLM_SESSION_KEY_SIZE); - - fclose(f); - - return true; -} - - bool MatrixClientInit( @@ -576,70 +515,6 @@ MatrixClientInit( return true; } -bool -MatrixClientSave( - MatrixClient * client, - const char * filename) -{ - FILE * f = fopen(filename, "w"); - - - char thisDeviceKey[DEVICE_KEY_SIZE]; - MatrixOlmAccountGetDeviceKey(&client->olmAccount, thisDeviceKey, DEVICE_KEY_SIZE); - char thisSigningKey[DEVICE_KEY_SIZE]; - MatrixOlmAccountGetSigningKey(&client->olmAccount, thisSigningKey, DEVICE_KEY_SIZE); - - - fwrite(thisDeviceKey, 1, DEVICE_KEY_SIZE, f); - fwrite(thisSigningKey, 1, DEVICE_KEY_SIZE, f); - fwrite(client->userId, 1, USER_ID_SIZE, f); - fwrite(client->accessToken, 1, ACCESS_TOKEN_SIZE, f); - fwrite(client->deviceId, 1, DEVICE_ID_SIZE, f); - fwrite(client->expireMs, 1, EXPIRE_MS_SIZE, f); - fwrite(client->refreshToken, 1, REFRESH_TOKEN_SIZE, f); - - fwrite(&client->numDevices, sizeof(int), 1, f); - for (int i = 0; i < client->numDevices; i++) { - fwrite(client->devices[i].deviceId, 1, DEVICE_ID_SIZE, f); - fwrite(client->devices[i].deviceKey, 1, DEVICE_KEY_SIZE, f); - } - - fclose(f); - return true; -} - -bool -MatrixClientLoad( - MatrixClient * client, - const char * filename) -{ - FILE * f = fopen(filename, "r"); - - - char thisDeviceKey[DEVICE_KEY_SIZE]; - MatrixOlmAccountGetDeviceKey(&client->olmAccount, thisDeviceKey, DEVICE_KEY_SIZE); - char thisSigningKey[DEVICE_KEY_SIZE]; - MatrixOlmAccountGetSigningKey(&client->olmAccount, thisSigningKey, DEVICE_KEY_SIZE); - - - fread(thisDeviceKey, 1, DEVICE_KEY_SIZE, f); - fread(thisSigningKey, 1, DEVICE_KEY_SIZE, f); - fread(client->userId, 1, USER_ID_SIZE, f); - fread(client->accessToken, 1, ACCESS_TOKEN_SIZE, f); - fread(client->deviceId, 1, DEVICE_ID_SIZE, f); - fread(client->expireMs, 1, EXPIRE_MS_SIZE, f); - fread(client->refreshToken, 1, REFRESH_TOKEN_SIZE, f); - - fread(&client->numDevices, sizeof(int), 1, f); - for (int i = 0; i < client->numDevices; i++) { - fread(client->devices[i].deviceId, 1, DEVICE_ID_SIZE, f); - fread(client->devices[i].deviceKey, 1, DEVICE_KEY_SIZE, f); - } - - fclose(f); - return true; -} - bool MatrixClientSetAccessToken( MatrixClient * client, @@ -691,24 +566,26 @@ MatrixClientGenerateOnetimeKeys( return res != olm_error(); } -// https://spec.matrix.org/v1.7/client-server-api/#post_matrixclientv3keysupload +// https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3keysupload bool MatrixClientUploadOnetimeKeys( MatrixClient * client) { - STATIC char requestBuffer[KEYS_UPLOAD_REQUEST_SIZE]; - - mjson_snprintf(requestBuffer, KEYS_UPLOAD_REQUEST_SIZE, + mjson_snprintf(g_KeysUploadRequestBuffer, KEYS_UPLOAD_REQUEST_SIZE, "{"); STATIC char onetimeKeysBuffer[1024]; olm_account_one_time_keys(client->olmAccount.account, onetimeKeysBuffer, 1024); + // olm_account_one_time_keys returns a json object + // find curve25519 member const char *keys; int keysLen; mjson_find(onetimeKeysBuffer, strlen(onetimeKeysBuffer), "$.curve25519", &keys, &keysLen); + // iterate over onetime keys, create key object + // sign it and append to request int koff, klen, voff, vlen, vtype, off = 0; while ((off = mjson_next(keys, keysLen, off, &koff, &klen, &voff, &vlen, &vtype)) != 0) { STATIC char keyJson[JSON_ONETIME_KEY_SIZE]; @@ -724,43 +601,35 @@ MatrixClientUploadOnetimeKeys( keyJson, keyJsonLen, keyJsonSigned, JSON_ONETIME_KEY_SIGNED_SIZE); - mjson_snprintf(requestBuffer+strlen(requestBuffer), KEYS_UPLOAD_REQUEST_SIZE-strlen(requestBuffer), + mjson_snprintf(g_KeysUploadRequestBuffer+strlen(g_KeysUploadRequestBuffer), KEYS_UPLOAD_REQUEST_SIZE-strlen(g_KeysUploadRequestBuffer), "\"signed_curve25519:%.*s\":%s,", klen-2, keys + koff+1, keyJsonSigned); } - if (requestBuffer[strlen(requestBuffer)-1] == ',') - requestBuffer[strlen(requestBuffer)-1] = '\0'; + // delete last ',' since the loop always appends it + if (g_KeysUploadRequestBuffer[strlen(g_KeysUploadRequestBuffer)-1] == ',') + g_KeysUploadRequestBuffer[strlen(g_KeysUploadRequestBuffer)-1] = '\0'; - mjson_snprintf(requestBuffer+strlen(requestBuffer), KEYS_UPLOAD_REQUEST_SIZE-strlen(requestBuffer), + mjson_snprintf(g_KeysUploadRequestBuffer+strlen(g_KeysUploadRequestBuffer), KEYS_UPLOAD_REQUEST_SIZE-strlen(g_KeysUploadRequestBuffer), "}"); - - // STATIC char onetimeKeysSignedBuffer[KEYS_UPLOAD_REQUEST_SIGNED_SIZE]; - // JsonSign(client, - // requestBuffer, strlen(requestBuffer), - // onetimeKeysSignedBuffer, KEYS_UPLOAD_REQUEST_SIZE); - - // STATIC char finalEvent[KEYS_UPLOAD_REQUEST_SIGNED_SIZE]; - // snprintf(finalEvent, KEYS_UPLOAD_REQUEST_SIGNED_SIZE, - // "{\"one_time_keys\":%s}", onetimeKeysSignedBuffer); - STATIC char finalEvent[KEYS_UPLOAD_REQUEST_SIGNED_SIZE]; - snprintf(finalEvent, KEYS_UPLOAD_REQUEST_SIGNED_SIZE, - "{\"one_time_keys\":%s}", requestBuffer); + + snprintf(g_KeysUploadRequestSignedBuffer, KEYS_UPLOAD_REQUEST_SIGNED_SIZE, + "{\"one_time_keys\":%s}", g_KeysUploadRequestBuffer); STATIC char responseBuffer[KEYS_UPLOAD_RESPONSE_SIZE]; MatrixHttpPost(client->hc, KEYS_UPLOAD_URL, - finalEvent, + g_KeysUploadRequestSignedBuffer, responseBuffer, KEYS_UPLOAD_RESPONSE_SIZE, true); return true; } -// https://spec.matrix.org/v1.7/client-server-api/#post_matrixclientv3keysupload +// https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3keysupload bool -MatrixClientUploadDeviceKey( +MatrixClientUploadDeviceKeys( MatrixClient * client) { char thisDeviceKey[DEVICE_KEY_SIZE]; @@ -768,10 +637,8 @@ MatrixClientUploadDeviceKey( char thisSigningKey[DEVICE_KEY_SIZE]; MatrixOlmAccountGetSigningKey(&client->olmAccount, thisSigningKey, DEVICE_KEY_SIZE); - STATIC char deviceKeysBuffer[KEYS_UPLOAD_REQUEST_SIZE]; - int deviceKeysBufferLen = - mjson_snprintf(deviceKeysBuffer, KEYS_UPLOAD_REQUEST_SIZE, + mjson_snprintf(g_KeysUploadRequestBuffer, KEYS_UPLOAD_REQUEST_SIZE, "{" "\"algorithms\":[\"m.olm.v1.curve25519-aes-sha2\",\"m.megolm.v1.aes-sha2\"]," "\"device_id\":\"%s\"," @@ -786,14 +653,13 @@ MatrixClientUploadDeviceKey( client->deviceId, thisSigningKey, client->userId); - STATIC char deviceKeysSignedBuffer[KEYS_UPLOAD_REQUEST_SIGNED_SIZE]; JsonSign(client, - deviceKeysBuffer, deviceKeysBufferLen, - deviceKeysSignedBuffer, KEYS_UPLOAD_REQUEST_SIZE); + g_KeysUploadRequestBuffer, deviceKeysBufferLen, + g_KeysUploadRequestSignedBuffer, KEYS_UPLOAD_REQUEST_SIZE); STATIC char finalEvent[KEYS_UPLOAD_REQUEST_SIGNED_SIZE+30]; snprintf(finalEvent, KEYS_UPLOAD_REQUEST_SIGNED_SIZE+30, - "{\"device_keys\":%s}", deviceKeysSignedBuffer); + "{\"device_keys\":%s}", g_KeysUploadRequestSignedBuffer); STATIC char responseBuffer[KEYS_UPLOAD_RESPONSE_SIZE]; MatrixHttpPost(client->hc, @@ -805,7 +671,7 @@ MatrixClientUploadDeviceKey( return true; } -// https://spec.matrix.org/v1.7/client-server-api/#post_matrixclientv3keysclaim +// https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3keysclaim bool MatrixClientClaimOnetimeKey( MatrixClient * client, @@ -837,18 +703,24 @@ MatrixClientClaimOnetimeKey( JsonEscape(userId, strlen(userId), userIdEscaped, USER_ID_SIZE); + // create the json query according to + // https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3keysclaim STATIC char query[JSON_QUERY_SIZE]; snprintf(query, JSON_QUERY_SIZE, "$.one_time_keys.%s.%s", userIdEscaped, deviceId); + // find the corresponding json object const char * keyObject; int keyObjectSize; mjson_find(responseBuffer, strlen(responseBuffer), query, &keyObject, &keyObjectSize); + // use mjson_next (which iterates over all key/value pairs) once + // because we only request one key + // (see https://github.com/cesanta/mjson#mjson_next for details) int koff, klen, voff, vlen, vtype; mjson_next(keyObject, keyObjectSize, 0, &koff, &klen, &voff, &vlen, &vtype); @@ -856,12 +728,12 @@ MatrixClientClaimOnetimeKey( mjson_get_string(keyObject + voff, vlen, "$.key", outOnetimeKey, outOnetimeKeyCap); - // TODO:verify signature + // TODO: verify signature return true; } -// https://spec.matrix.org/v1.6/client-server-api/#post_matrixclientv3login +// https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3login bool MatrixClientLoginPassword( MatrixClient * client, @@ -898,6 +770,7 @@ MatrixClientLoginPassword( int responseLen = strlen(responseBuffer); + // store variables in MatrixClient mjson_get_string(responseBuffer, responseLen, "$.access_token", client->accessToken, ACCESS_TOKEN_SIZE); @@ -916,7 +789,7 @@ MatrixClientLoginPassword( return true; } -// https://spec.matrix.org/v1.6/client-server-api/#put_matrixclientv3roomsroomidsendeventtypetxnid +// https://spec.matrix.org/v1.8/client-server-api/#put_matrixclientv3roomsroomidsendeventtypetxnid bool MatrixClientSendEvent( MatrixClient * client, @@ -925,7 +798,7 @@ MatrixClientSendEvent( const char * msgBody) { STATIC char requestUrl[MAX_URL_LEN]; - sprintf(requestUrl, + snprintf(requestUrl, MAX_URL_LEN, ROOM_SEND_URL, roomId, msgType, (int)time(NULL)); STATIC char responseBuffer[ROOM_SEND_RESPONSE_SIZE]; @@ -939,7 +812,7 @@ MatrixClientSendEvent( return result; } -// https://spec.matrix.org/v1.6/client-server-api/#mroomencrypted +// https://spec.matrix.org/v1.8/client-server-api/#mroomencrypted // https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide#sending-an-encrypted-message-event bool MatrixClientSendEventEncrypted( @@ -950,7 +823,7 @@ MatrixClientSendEventEncrypted( { // event json STATIC char requestBuffer[ROOM_SEND_REQUEST_SIZE]; - sprintf(requestBuffer, + snprintf(requestBuffer, ROOM_SEND_REQUEST_SIZE, "{" "\"type\":\"%s\"," "\"content\":%s," @@ -966,10 +839,9 @@ MatrixClientSendEventEncrypted( MatrixClientNewMegolmOutSession(client, roomId, &outSession); // encrypt - STATIC char encryptedBuffer[ENCRYPTED_REQUEST_SIZE/10]; MatrixMegolmOutSessionEncrypt(outSession, requestBuffer, - encryptedBuffer, ENCRYPTED_REQUEST_SIZE); + g_EncryptedRequestBuffer, ENCRYPTED_REQUEST_SIZE); char thisDeviceKey[DEVICE_KEY_SIZE]; MatrixOlmAccountGetDeviceKey(&client->olmAccount, thisDeviceKey, DEVICE_KEY_SIZE); @@ -980,8 +852,7 @@ MatrixClientSendEventEncrypted( const char * sessionId = outSession->id; const char * deviceId = client->deviceId; - STATIC char encryptedEventBuffer[ENCRYPTED_EVENT_SIZE/10]; - sprintf(encryptedEventBuffer, + snprintf(g_EncryptedEventBuffer, ENCRYPTED_EVENT_SIZE, "{" "\"algorithm\":\"m.megolm.v1.aes-sha2\"," "\"ciphertext\":\"%s\"," @@ -989,7 +860,7 @@ MatrixClientSendEventEncrypted( "\"sender_key\":\"%s\"," "\"session_id\":\"%s\"" "}", - encryptedBuffer, + g_EncryptedRequestBuffer, deviceId, senderKey, sessionId); @@ -998,25 +869,477 @@ MatrixClientSendEventEncrypted( return MatrixClientSendEvent(client, roomId, "m.room.encrypted", - encryptedEventBuffer); + g_EncryptedEventBuffer); } -// https://spec.matrix.org/v1.6/client-server-api/#get_matrixclientv3sync +// this handles to_device events received from a sync +// mainly for verification (m.key.verification.* events) +void +MatrixClientHandleEvent( + MatrixClient * client, + const char * event, int eventLen +) { + // get the event type + STATIC char eventType[128]; + memset(eventType, 0, sizeof(eventType)); + mjson_get_string(event, eventLen, "$.type", eventType, 128); + + // static variables for verification + // since verification takes multiple requests + // data is cleared when verification is finished or started + static char transactionId[64]; + static char verifyFromDeviceId[DEVICE_ID_SIZE]; + static OlmSAS * olmSas = NULL; + + // initial verification request, reply that we are ready to verify + if (strcmp(eventType, "m.key.verification.request") == 0) { + // reset static data + memset(transactionId, 0, 64); + memset(verifyFromDeviceId, 0, DEVICE_ID_SIZE); + if (olmSas != NULL) + free(olmSas); + + mjson_get_string(event, eventLen, "$.content.transaction_id", transactionId, 64); + mjson_get_string(event, eventLen, "$.content.from_device", verifyFromDeviceId, DEVICE_ID_SIZE); + + char verificationReadyBuffer[2048]; + snprintf(verificationReadyBuffer, 2048, + "{" + "\"from_device\":\"%s\"," + "\"methods\":[\"m.sas.v1\"]," + "\"transaction_id\":\"%s\"" + "}", + client->deviceId, + transactionId); + + MatrixClientSendToDevice(client, + client->userId, + verifyFromDeviceId, + verificationReadyBuffer, + "m.key.verification.ready"); + } + else if (strcmp(eventType, "m.key.verification.start") == 0) { + olmSas = olm_sas(malloc(olm_sas_size())); + void * sasRandomBytes = malloc(olm_create_sas_random_length(olmSas)); + olm_create_sas(olmSas, + sasRandomBytes, + olm_create_sas_random_length(olmSas)); + + OlmUtility * olmUtil = olm_utility(malloc(olm_utility_size())); + + // calculate commitment according to + // https://spec.matrix.org/v1.8/client-server-api/#mkeyverificationaccept + STATIC char publicKey[64]; + STATIC char keyStartJsonCanonical[512]; + STATIC char concat[512+64]; + STATIC char commitment[1024]; + olm_sas_get_pubkey(olmSas, + publicKey, + 64); + + const char * keyStartJson; + int keyStartJsonLen; + mjson_find(event, eventLen, "$.content", &keyStartJson, &keyStartJsonLen); + JsonCanonicalize(keyStartJson, keyStartJsonLen, keyStartJsonCanonical, 512); + + int concatLen = + snprintf(concat, 512+64, "%.*s%s", (int)olm_sas_pubkey_length(olmSas), publicKey, keyStartJsonCanonical); + + int commitmentLen = + olm_sha256(olmUtil, concat, concatLen, commitment, 1024); + olm_clear_utility(olmUtil); + free(olmUtil); + + STATIC char verificationAcceptBuffer[512]; + snprintf(verificationAcceptBuffer, 512, + "{" + "\"commitment\":\"%.*s\"," + "\"hash\":\"sha256\"," + "\"key_agreement_protocol\":\"curve25519\"," + "\"message_authentication_code\":\"hkdf-hmac-sha256.v2\"," + "\"method\":\"m.sas.v1\"," + "\"short_authentication_string\":[\"decimal\"]," + "\"transaction_id\":\"%s\"" + "}", + commitmentLen, commitment, + transactionId); + + MatrixClientSendToDevice(client, + client->userId, + verifyFromDeviceId, + verificationAcceptBuffer, + "m.key.verification.accept"); + } + // send our sas key and calculate sas using their received key + else if (strcmp(eventType, "m.key.verification.key") == 0) { + STATIC char publicKey[128]; + olm_sas_get_pubkey(olmSas, + publicKey, + 128); + + STATIC char theirPublicKey[128]; + int theirPublicKeyLen = + mjson_get_string(event, eventLen, "$.content.key", theirPublicKey, 128); + + olm_sas_set_their_key(olmSas, theirPublicKey, theirPublicKeyLen); + + STATIC char verificationKeyBuffer[256]; + snprintf(verificationKeyBuffer, 256, + "{" + "\"key\":\"%.*s\"," + "\"transaction_id\":\"%s\"" + "}", + (int)olm_sas_pubkey_length(olmSas), publicKey, + transactionId); + + MatrixClientSendToDevice(client, + client->userId, + verifyFromDeviceId, + verificationKeyBuffer, + "m.key.verification.key"); + + // sas + STATIC char hkdfInfo[1024]; + int hkdfInfoLen = + snprintf(hkdfInfo, 1024, + "MATRIX_KEY_VERIFICATION_SAS%s%s%s%s%s", + client->userId, + verifyFromDeviceId, + client->userId, + client->deviceId, + transactionId); + + unsigned char sasBytes[5]; + olm_sas_generate_bytes(olmSas, + hkdfInfo, hkdfInfoLen, + sasBytes, 5); + int b0 = sasBytes[0]; + int b1 = sasBytes[1]; + int b2 = sasBytes[2]; + int b3 = sasBytes[3]; + int b4 = sasBytes[4]; + + // for now just printf SAS numbers + // https://spec.matrix.org/v1.8/client-server-api/#sas-method-decimal + printf("%d | %d | %d\n", + ((b0 << 5) | (b1 >> 3)) + 1000, + (((b1 & 0x7) << 10) | (b2 << 2) | (b3 >> 6)) + 1000, + (((b3 & 0x3F) << 7) | (b4 >> 1)) + 1000); + } + // calculate MACs for signing key, master key and the key list + else if (strcmp(eventType, "m.key.verification.mac") == 0) { + // mac + STATIC char masterKey[123]; + MatrixClientRequestMasterKey(client, masterKey, 123); + + STATIC char keyList[256]; + STATIC char keyListMac[256]; + STATIC char key1Id[128]; + STATIC char key1[128]; + STATIC char key1Mac[128]; + STATIC char key2Id[128]; + STATIC char key2[128]; + STATIC char key2Mac[128]; + + // keys have to be sorted so write keys/key IDs into key1/key2 + // depending on lexicographical order + if (strcmp(masterKey, client->deviceId) < 0) { + snprintf(key1Id, 1024, "ed25519:%s", masterKey); + strcpy(key1, masterKey); + snprintf(key2Id, 1024, "ed25519:%s", client->deviceId); + MatrixOlmAccountGetSigningKey(&client->olmAccount, key2, 1024); + } + else { + snprintf(key1Id, 1024, "ed25519:%s", client->deviceId); + MatrixOlmAccountGetSigningKey(&client->olmAccount, key1, 1024); + snprintf(key2Id, 1024, "ed25519:%s", masterKey); + strcpy(key2, masterKey); + } + + // create key list + snprintf(keyList, 1024, + "%s,%s", key1Id, key2Id); + + // generate MAC info for both keys and key list + // https://spec.matrix.org/v1.8/client-server-api/#mac-calculation + STATIC char macInfo[1024]; + int macInfoLen; + { + macInfoLen = + snprintf(macInfo, 1024, + "MATRIX_KEY_VERIFICATION_MAC%s%s%s%s%s%s", + client->userId, + client->deviceId, + client->userId, + verifyFromDeviceId, + transactionId, + "KEY_IDS"); + olm_sas_calculate_mac_fixed_base64(olmSas, keyList, strlen(keyList), macInfo, macInfoLen, keyListMac, 1024); + } + { + macInfoLen = + snprintf(macInfo, 1024, + "MATRIX_KEY_VERIFICATION_MAC%s%s%s%s%s%s", + client->userId, + client->deviceId, + client->userId, + verifyFromDeviceId, + transactionId, + key1Id); + olm_sas_calculate_mac_fixed_base64(olmSas, key1, strlen(key1), macInfo, macInfoLen, key1Mac, 1024); + } + { + macInfoLen = + snprintf(macInfo, 1024, + "MATRIX_KEY_VERIFICATION_MAC%s%s%s%s%s%s", + client->userId, + client->deviceId, + client->userId, + verifyFromDeviceId, + transactionId, + key2Id); + olm_sas_calculate_mac_fixed_base64(olmSas, key2, strlen(key2), macInfo, macInfoLen, key2Mac, 1024); + } + + // construct message and send + STATIC char verificationMacBuffer[1024]; + snprintf(verificationMacBuffer, 1024, + "{" + "\"keys\":\"%s\"," + "\"mac\":{" + "\"%s\":\"%s\"," + "\"%s\":\"%s\"" + "}," + "\"transaction_id\":\"%s\"" + "}", + keyListMac, + key1Id, + key1Mac, + key2Id, + key2Mac, + transactionId); + + MatrixClientSendToDevice(client, + client->userId, + verifyFromDeviceId, + verificationMacBuffer, + "m.key.verification.mac"); + + // send 'done' message + STATIC char verificationDoneBuffer[128]; + snprintf(verificationDoneBuffer, 128, + "{" + "\"transaction_id\":\"%s\"" + "}", + transactionId); + + MatrixClientSendToDevice(client, + client->userId, + verifyFromDeviceId, + verificationDoneBuffer, + "m.key.verification.done"); + + free(olmSas); + + client->verified = true; + } + else if (strcmp(eventType, "m.room.encrypted") == 0) { + STATIC char algorithm[128]; + mjson_get_string(event, eventLen, "$.content.algorithm", algorithm, 128); + + // since this only handles to_device messages algorithm should always be olm + if (strcmp(algorithm, "m.olm.v1.curve25519-aes-sha2") == 0) { + STATIC char thisDeviceKey[DEVICE_KEY_SIZE]; + MatrixOlmAccountGetDeviceKey(&client->olmAccount, thisDeviceKey, DEVICE_KEY_SIZE); + + STATIC char jp[128]; + snprintf(jp, 128, "$.content.ciphertext.%s.type", thisDeviceKey); + + double messageType; + mjson_get_number(event, eventLen, jp, &messageType); + int messageTypeInt = (int)messageType; + + snprintf(jp, 128, "$.content.ciphertext.%s.body", thisDeviceKey); + + mjson_get_string(event, eventLen, jp, g_EncryptedEventBuffer, 2048); + + MatrixOlmSession * olmSession; + + // depending on message type create new incoming + // (type 0 indicates a new session so we dont check locally) + if (messageTypeInt == 0) { + MatrixClientNewOlmSessionIn(client, + client->userId, + verifyFromDeviceId, + g_EncryptedEventBuffer, + &olmSession); + } + // or new outgoing, checking for known sessions first + else { + if (! MatrixClientGetOlmSession(client, client->userId, verifyFromDeviceId, &olmSession)) + { + MatrixClientNewOlmSessionOut(client, + client->userId, + verifyFromDeviceId, + &olmSession); + } + } + + STATIC char decrypted[2048]; + MatrixOlmSessionDecrypt(olmSession, + messageTypeInt, g_EncryptedEventBuffer, decrypted, 2048); + + MatrixClientHandleEvent(client, decrypted, strlen(decrypted)); + } + } + else if (strcmp(eventType, "m.room_key") == 0 || + strcmp(eventType, "m.forwarded_room_key") == 0) { + // store session information + STATIC char roomId[128]; + STATIC char sessionId[128]; + STATIC char sessionKey[1024]; + mjson_get_string(event, eventLen, "$.content.room_id", roomId, 128); + mjson_get_string(event, eventLen, "$.content.session_id", sessionId, 128); + mjson_get_string(event, eventLen, "$.content.session_key", sessionKey, 1024); + + MatrixMegolmInSession * megolmInSession; + MatrixClientNewMegolmInSession(client, roomId, sessionId, sessionKey, &megolmInSession); + } +} + +void +MatrixClientHandleRoomEvent( + MatrixClient * client, + const char * room, int roomLen, + const char * event, int eventLen) +{ + STATIC char eventType[128]; + memset(eventType, 0, sizeof(eventType)); + mjson_get_string(event, eventLen, "$.type", eventType, 128); + + if (strcmp(eventType, "m.room.encrypted") == 0) { + STATIC char algorithm[128]; + mjson_get_string(event, eventLen, "$.content.algorithm", algorithm, 128); + + // only room specific message type is encrypted + // since this is only room messages, algorithm should always be megolm + if (strcmp(algorithm, "m.megolm.v1.aes-sha2") == 0) { + STATIC char sessionId[128]; + int sessionIdLen = + mjson_get_string(event, eventLen, "$.content.session_id", sessionId, 128); + + bool res; + + MatrixMegolmInSession * megolmInSession; + res = MatrixClientGetMegolmInSession(client, + room, roomLen, + sessionId, sessionIdLen, + &megolmInSession); + + if (res) { + mjson_get_string(event, eventLen, "$.content.ciphertext", g_EncryptedEventBuffer, 2048); + + STATIC char decrypted[2048]; + MatrixMegolmInSessionDecrypt(megolmInSession, g_EncryptedEventBuffer, strlen(g_EncryptedEventBuffer), decrypted, 2048); + + MatrixClientHandleEvent(client, decrypted, strlen(decrypted)); + } + else { + printf("error: megolm session not known\n"); + } + } + } + MatrixClientHandleEvent(client, event, eventLen); +} + +// pass the response from sync to Handle(Room)Event +void +MatrixClientHandleSync( + MatrixClient * client, + char * syncBuffer, int syncBufferLen, + char * nextBatch, int nextBatchCap) +{ + int res; + + const char * s = syncBuffer; + int slen = syncBufferLen; + + // read next_batch + mjson_get_string(s, slen, "$.next_batch", nextBatch, nextBatchCap); + + // to_device + const char * events; + int eventsLen; + res = + mjson_find(s, slen, "$.to_device.events", &events, &eventsLen); + + // iterate event and pass to HandleEvent + if (res != MJSON_TOK_INVALID) { + { + int koff, klen, voff, vlen, vtype, off = 0; + for (off = 0; (off = mjson_next(events, eventsLen, off, &koff, &klen, + &voff, &vlen, &vtype)) != 0; ) { + const char * v = events + voff; + + MatrixClientHandleEvent(client, v, vlen); + } + } + } + + // rooms + const char * rooms; + int roomsLen; + res = + mjson_find(s, slen, "$.rooms.join", &rooms, &roomsLen); + + if (res != MJSON_TOK_INVALID) { + // iterate rooms + int koff, klen, voff, vlen, vtype, off = 0; + for (off = 0; (off = mjson_next(rooms, roomsLen, off, &koff, &klen, + &voff, &vlen, &vtype)) != 0; ) { + const char * k = rooms + koff; + const char * v = rooms + voff; + + const char * events; + int eventsLen; + res = + mjson_find(v, vlen, "$.timeline.events", &events, &eventsLen); + + if (res != MJSON_TOK_INVALID) { + // iterate messages in that room + int koff2, klen2, voff2, vlen2, vtype2, off2 = 0; + for (off2 = 0; (off2 = mjson_next(events, eventsLen, off2, &koff2, &klen2, + &voff2, &vlen2, &vtype2)) != 0; ) { + const char * v2 = events + voff2; + + MatrixClientHandleRoomEvent(client, + k+1, klen-2, + v2, vlen2); + } + } + } + } +} + +// https://spec.matrix.org/v1.8/client-server-api/#get_matrixclientv3sync bool MatrixClientSync( MatrixClient * client, char * outSyncBuffer, int outSyncCap, - const char * nextBatch) + char * nextBatch, int nextBatchCap) { // filter={\"event_fields\":[\"to_device\"]} STATIC char url[MAX_URL_LEN]; snprintf(url, MAX_URL_LEN, - "/_matrix/client/v3/sync?timeout=%d%s", + "/_matrix/client/v3/sync?timeout=%d" "%s" "%s", SYNC_TIMEOUT, + "", + // "&filter={\"event_fields\":[\"to_device\"]}", strlen(nextBatch) > 0 ? "&since=" : ""); int index = strlen(url); + // URL encode next_batch parameter since it can include ~ for (size_t i = 0; i < strlen(nextBatch); i++) { char c = nextBatch[i]; @@ -1031,14 +1354,20 @@ MatrixClientSync( } url[index] = '\0'; - return + bool result = MatrixHttpGet(client->hc, url, outSyncBuffer, outSyncCap, true); + + MatrixClientHandleSync(client, + outSyncBuffer, strlen(outSyncBuffer), + nextBatch, nextBatchCap); + + return result; } -// https://spec.matrix.org/v1.7/client-server-api/#get_matrixclientv3roomsroomideventeventid +// https://spec.matrix.org/v1.8/client-server-api/#get_matrixclientv3roomsroomideventeventid bool MatrixClientGetRoomEvent( MatrixClient * client, @@ -1068,7 +1397,7 @@ MatrixClientShareMegolmOutSession( { // generate room key event STATIC char eventBuffer[KEY_SHARE_EVENT_LEN]; - sprintf(eventBuffer, + snprintf(eventBuffer, KEY_SHARE_EVENT_LEN, "{" "\"algorithm\":\"m.megolm.v1.aes-sha2\"," "\"room_id\":\"%s\"," @@ -1090,37 +1419,6 @@ MatrixClientShareMegolmOutSession( return true; } -bool -MatrixClientShareMegolmOutSessionTest( - MatrixClient * client, - const char * userId, - const char * deviceId, - MatrixMegolmOutSession * session) -{ - // generate room key event - char eventBuffer[KEY_SHARE_EVENT_LEN]; - sprintf(eventBuffer, - "{" - "\"algorithm\":\"m.megolm.v1.aes-sha2\"," - "\"room_id\":\"%s\"," - "\"session_id\":\"%s\"," - "\"session_key\":\"%s\"" - "}", - session->roomId, - session->id, - session->key - ); - - // send - MatrixClientSendToDevice(client, - userId, - deviceId, - eventBuffer, - "m.room_key"); - - return true; -} - bool MatrixClientGetMegolmOutSession( MatrixClient * client, @@ -1253,12 +1551,14 @@ MatrixClientRequestMegolmInSession( } bool -MatrixClientGetOlmSessionIn( +MatrixClientGetOlmSession( MatrixClient * client, const char * userId, const char * deviceId, MatrixOlmSession ** outSession) { + (void)userId; //unused for now + for (int i = 0; i < client->numOlmSessions; i++) { if (strcmp(client->olmSessions[i].deviceId, deviceId) == 0) @@ -1279,6 +1579,8 @@ MatrixClientNewOlmSessionIn( const char * encrypted, MatrixOlmSession ** outSession) { + (void)userId; //unused for now + if (client->numOlmSessions < NUM_OLM_SESSIONS) { STATIC char deviceKey[DEVICE_KEY_SIZE]; @@ -1303,25 +1605,6 @@ MatrixClientNewOlmSessionIn( return false; } -bool -MatrixClientGetOlmSessionOut( - MatrixClient * client, - const char * userId, - const char * deviceId, - MatrixOlmSession ** outSession) -{ - for (int i = 0; i < client->numOlmSessions; i++) - { - if (strcmp(client->olmSessions[i].deviceId, deviceId) == 0) - { - *outSession = &client->olmSessions[i]; - return true; - } - } - - return false; -} - bool MatrixClientNewOlmSessionOut( MatrixClient * client, @@ -1359,7 +1642,7 @@ MatrixClientNewOlmSessionOut( return false; } -// https://spec.matrix.org/v1.6/client-server-api/#put_matrixclientv3sendtodeviceeventtypetxnid +// https://spec.matrix.org/v1.8/client-server-api/#put_matrixclientv3sendtodeviceeventtypetxnid bool MatrixClientSendToDevice( MatrixClient * client, @@ -1369,11 +1652,10 @@ MatrixClientSendToDevice( const char * msgType) { STATIC char requestUrl[MAX_URL_LEN]; - sprintf(requestUrl, + snprintf(requestUrl, MAX_URL_LEN, TODEVICE_URL, msgType, (int)time(NULL)); - STATIC char eventBuffer[TODEVICE_EVENT_SIZE]; - snprintf(eventBuffer, TODEVICE_EVENT_SIZE, + snprintf(g_TodeviceEventBuffer, TODEVICE_EVENT_SIZE, "{" "\"messages\":{" "\"%s\":{" @@ -1389,12 +1671,10 @@ MatrixClientSendToDevice( bool result = MatrixHttpPut(client->hc, requestUrl, - eventBuffer, + g_TodeviceEventBuffer, responseBuffer, ROOM_SEND_RESPONSE_SIZE, true); - printf("%s\n", responseBuffer); - return result; } @@ -1408,7 +1688,7 @@ MatrixClientSendToDeviceEncrypted( { // get olm session MatrixOlmSession * olmSession; - if (! MatrixClientGetOlmSessionOut(client, userId, deviceId, &olmSession)) + if (! MatrixClientGetOlmSession(client, userId, deviceId, &olmSession)) MatrixClientNewOlmSessionOut(client, userId, deviceId, &olmSession); // create event json @@ -1420,18 +1700,17 @@ MatrixClientSendToDeviceEncrypted( char thisSigningKey[DEVICE_KEY_SIZE]; MatrixOlmAccountGetSigningKey(&client->olmAccount, thisSigningKey, DEVICE_KEY_SIZE); - STATIC char eventBuffer[TODEVICE_EVENT_SIZE]; - sprintf(eventBuffer, + snprintf(g_TodeviceEventBuffer, TODEVICE_EVENT_SIZE, "{" "\"type\":\"%s\"," "\"content\":%s," "\"sender\":\"%s\"," "\"recipient\":\"%s\"," "\"recipient_keys\":{" - "\"ed25519\":\"%s\"" + "\"ed25519\":\"%s\"" "}," "\"keys\":{" - "\"ed25519\":\"%s\"" + "\"ed25519\":\"%s\"" "}" "}", msgType, @@ -1442,17 +1721,14 @@ MatrixClientSendToDeviceEncrypted( thisSigningKey); // encrypt - STATIC char encryptedBuffer[ENCRYPTED_REQUEST_SIZE]; MatrixOlmSessionEncrypt(olmSession, - eventBuffer, - encryptedBuffer, ENCRYPTED_REQUEST_SIZE); + g_TodeviceEventBuffer, + g_EncryptedRequestBuffer, ENCRYPTED_REQUEST_SIZE); char thisDeviceKey[DEVICE_KEY_SIZE]; MatrixOlmAccountGetDeviceKey(&client->olmAccount, thisDeviceKey, DEVICE_KEY_SIZE); - - STATIC char encryptedEventBuffer[ENCRYPTED_EVENT_SIZE]; - sprintf(encryptedEventBuffer, + snprintf(g_EncryptedEventBuffer, ENCRYPTED_EVENT_SIZE, "{" "\"algorithm\":\"m.olm.v1.curve25519-aes-sha2\"," "\"ciphertext\":{" @@ -1465,7 +1741,8 @@ MatrixClientSendToDeviceEncrypted( "\"sender_key\":\"%s\"" "}", targetDeviceKey, - encryptedBuffer, + // olm_encrypt_message_length(olmSession->session, strlen(g_TodeviceEventBuffer)), g_EncryptedRequestBuffer, + g_EncryptedRequestBuffer, olm_session_has_received_message(olmSession->session), client->deviceId, thisDeviceKey); @@ -1475,7 +1752,7 @@ MatrixClientSendToDeviceEncrypted( client, userId, deviceId, - encryptedEventBuffer, + g_EncryptedEventBuffer, "m.room.encrypted"); } @@ -1499,6 +1776,15 @@ MatrixClientFindDevice( const char * deviceId, MatrixDevice ** outDevice) { + for (int i = 0; i < client->numDevices; i++) + { + if (strcmp(client->devices[i].deviceId, deviceId) == 0) + { + *outDevice = &client->devices[i]; + return true; + } + } + MatrixClientRequestDeviceKeys(client); for (int i = 0; i < client->numDevices; i++) @@ -1564,20 +1850,42 @@ MatrixClientRequestSigningKey( return false; } -// https://spec.matrix.org/v1.6/client-server-api/#post_matrixclientv3keysquery +bool +MatrixClientRequestMasterKey( + MatrixClient * client, + char * outMasterKey, int outMasterKeyCap) +{ + if (strlen(client->masterKey) > 0) { + strncpy(outMasterKey, client->masterKey, outMasterKeyCap); + return true; + } + + MatrixClientRequestDeviceKeys(client); + + if (strlen(client->masterKey) > 0) { + strncpy(outMasterKey, client->masterKey, outMasterKeyCap); + return true; + } + + return false; +} + +// https://spec.matrix.org/v1.8/client-server-api/#post_matrixclientv3keysquery bool MatrixClientRequestDeviceKeys( MatrixClient * client) { if (client->numDevices >= NUM_DEVICES) { - printf("Maximum number of devices reached\n"); + printf("error: Maximum number of devices reached\n"); return false; } + // escape userId so we can use it in json queries STATIC char userIdEscaped[USER_ID_SIZE]; JsonEscape(client->userId, strlen(client->userId), userIdEscaped, USER_ID_SIZE); + // construct and send request STATIC char request[KEYS_QUERY_REQUEST_SIZE]; snprintf(request, KEYS_QUERY_REQUEST_SIZE, "{\"device_keys\":{\"%s\":[]}}", client->userId); @@ -1594,17 +1902,31 @@ MatrixClientRequestDeviceKeys( // query for retrieving device keys for user id STATIC char query[JSON_QUERY_SIZE]; + const char * s; + int slen; + + // look for master key + snprintf(query, JSON_QUERY_SIZE, + "$.master_keys.%s.keys", userIdEscaped); + mjson_find(responseBuffer, strlen(responseBuffer), + query, &s, &slen); + + int koff, klen, voff, vlen, vtype, off = 0; + for (off = 0; (off = mjson_next(s, slen, off, &koff, &klen, + &voff, &vlen, &vtype)) != 0; ) { + snprintf(client->masterKey, MASTER_KEY_SIZE, + "%.*s", vlen-2, s+voff+1); + } + + // iterate over returned devices for that userId snprintf(query, JSON_QUERY_SIZE, "$.device_keys.%s", userIdEscaped); - const char * s; - int slen; mjson_find(responseBuffer, strlen(responseBuffer), query, &s, &slen); // loop over keys - - int koff, klen, voff, vlen, vtype, off = 0; + // creating a new device if possible for (off = 0; (off = mjson_next(s, slen, off, &koff, &klen, &voff, &vlen, &vtype)) != 0; ) { const char * key = s + koff; @@ -1638,7 +1960,6 @@ MatrixClientRequestDeviceKeys( foundDevice = true; if (! foundDevice) { - printf("new device: %s %s %s\n", d.deviceId, d.deviceKey, d.signingKey); client->devices[client->numDevices] = d; client->numDevices++; } @@ -1664,4 +1985,4 @@ MatrixClientDeleteDevice( bool res = MatrixHttpPost(client->hc, "/_matrix/client/v3/delete_devices", deleteRequest, deleteResponse, 1024, true); return res; -} \ No newline at end of file +}