about summary refs log tree commit diff stats
path: root/src/omemo
diff options
context:
space:
mode:
authorPaul Fariello <paul@fariello.eu>2019-03-22 00:03:16 +0100
committerPaul Fariello <paul@fariello.eu>2019-04-10 17:12:31 +0200
commit91ee289c773a137c60e98c1e62db41346eb57363 (patch)
treef403efe7df2c83eb233a22a190a44e48e7f07142 /src/omemo
parentbc541cb8ac6be40a2ee1e38a99de7cf144361a2a (diff)
downloadprofani-tty-91ee289c773a137c60e98c1e62db41346eb57363.tar.gz
Add support for disconnect in OMEMO
Diffstat (limited to 'src/omemo')
-rw-r--r--src/omemo/omemo.c98
-rw-r--r--src/omemo/omemo.h4
-rw-r--r--src/omemo/store.c16
3 files changed, 91 insertions, 27 deletions
diff --git a/src/omemo/omemo.c b/src/omemo/omemo.c
index 6e723891..8ec0554f 100644
--- a/src/omemo/omemo.c
+++ b/src/omemo/omemo.c
@@ -35,7 +35,6 @@ static void unlock(void *user_data);
 static void omemo_log(int level, const char *message, size_t len, void *user_data);
 static gboolean handle_own_device_list(const char *const jid, GList *device_list);
 static gboolean handle_device_list_start_session(const char *const jid, GList *device_list);
-static void free_omemo_key(omemo_key_t *key);
 static char * omemo_fingerprint(ec_public_key *identity, gboolean formatted);
 static unsigned char *omemo_fingerprint_decode(const char *const fingerprint, size_t *len);
 static void cache_device_identity(const char *const jid, uint32_t device_id, ec_public_key *identity);
@@ -196,6 +195,8 @@ omemo_on_connect(ProfAccount *account)
         }
     }
 
+    g_string_free(basedir, TRUE);
+
     omemo_devicelist_subscribe();
 
     omemo_ctx.identity_keyfile = g_key_file_new();
@@ -219,6 +220,28 @@ omemo_on_connect(ProfAccount *account)
 }
 
 void
+omemo_on_disconnect(void)
+{
+    signal_protocol_signed_pre_key_remove_key(omemo_ctx.store, omemo_ctx.signed_pre_key_id);
+    g_hash_table_free(omemo_ctx.signed_pre_key_store);
+
+    GHashTableIter iter;
+    gpointer id;
+
+    g_hash_table_iter_init(&iter, omemo_ctx.pre_key_store);
+    while (g_hash_table_iter_next(&iter, &id, NULL)) {
+        signal_protocol_pre_key_remove_key(omemo_ctx.store, GPOINTER_TO_INT(id));
+    }
+
+    g_hash_table_free(omemo_ctx.pre_key_store);
+
+    g_string_free(omemo_ctx.identity_filename, TRUE);
+    g_key_file_free(omemo_ctx.identity_keyfile);
+    g_string_free(omemo_ctx.sessions_filename, TRUE);
+    g_key_file_free(omemo_ctx.sessions_keyfile);
+}
+
+void
 omemo_generate_crypto_materials(ProfAccount *account)
 {
     if (loaded) {
@@ -261,6 +284,13 @@ omemo_generate_short_term_crypto_materials(ProfAccount *account)
     signal_protocol_key_helper_pre_key_list_node *pre_keys_head;
     signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, start, 100, omemo_ctx.signal);
 
+    signal_protocol_key_helper_pre_key_list_node *p;
+    for (p = pre_keys_head; p != NULL; p = signal_protocol_key_helper_key_list_next(p)) {
+        session_pre_key *prekey = signal_protocol_key_helper_key_list_element(p);
+        signal_protocol_pre_key_store_key(omemo_ctx.store, prekey);
+    }
+    signal_protocol_key_helper_key_list_free(pre_keys_head);
+
     session_signed_pre_key *signed_pre_key;
     struct timeval tv;
     gettimeofday(&tv, NULL);
@@ -268,13 +298,8 @@ omemo_generate_short_term_crypto_materials(ProfAccount *account)
 
     omemo_ctx.signed_pre_key_id = 1;
     signal_protocol_key_helper_generate_signed_pre_key(&signed_pre_key, omemo_ctx.identity_key_pair, omemo_ctx.signed_pre_key_id, timestamp, omemo_ctx.signal);
-
-    signal_protocol_key_helper_pre_key_list_node *p;
-    for (p = pre_keys_head; p != NULL; p = signal_protocol_key_helper_key_list_next(p)) {
-        session_pre_key *prekey = signal_protocol_key_helper_key_list_element(p);
-        signal_protocol_pre_key_store_key(omemo_ctx.store, prekey);
-    }
     signal_protocol_signed_pre_key_store_key(omemo_ctx.store, signed_pre_key);
+    SIGNAL_UNREF(signed_pre_key);
 
     loaded = TRUE;
 
@@ -315,6 +340,7 @@ omemo_start_muc_sessions(const char *const roomjid)
         omemo_start_session(jid->barejid);
         jid_destroy(jid);
     }
+    g_list_free(roster);
 }
 
 gboolean
@@ -348,6 +374,7 @@ omemo_signed_prekey(unsigned char **output, size_t *length)
 
     signal_protocol_signed_pre_key_load_key(omemo_ctx.store, &signed_pre_key, omemo_ctx.signed_pre_key_id);
     ec_public_key_serialize(&buffer, ec_key_pair_get_public(session_signed_pre_key_get_key_pair(signed_pre_key)));
+    SIGNAL_UNREF(signed_pre_key);
     *length = signal_buffer_len(buffer);
     *output = malloc(*length);
     memcpy(*output, signal_buffer_data(buffer), *length);
@@ -363,6 +390,7 @@ omemo_signed_prekey_signature(unsigned char **output, size_t *length)
     *length = session_signed_pre_key_get_signature_len(signed_pre_key);
     *output = malloc(*length);
     memcpy(*output, session_signed_pre_key_get_signature(signed_pre_key), *length);
+    SIGNAL_UNREF(signed_pre_key);
 }
 
 void
@@ -382,9 +410,12 @@ omemo_prekeys(GList **prekeys, GList **ids, GList **lengths)
 
         signal_buffer *public_key;
         ec_public_key_serialize(&public_key, ec_key_pair_get_public(session_pre_key_get_key_pair(pre_key)));
+        SIGNAL_UNREF(pre_key);
         size_t length = signal_buffer_len(public_key);
         unsigned char *prekey_value = malloc(length);
         memcpy(prekey_value, signal_buffer_data(public_key), length);
+        signal_buffer_free(public_key);
+
         *prekeys = g_list_append(*prekeys, prekey_value);
         *ids = g_list_append(*ids, GINT_TO_POINTER(id));
         *lengths = g_list_append(*lengths, GINT_TO_POINTER(length));
@@ -454,7 +485,7 @@ omemo_start_device_session(const char *const jid, uint32_t device_id,
     const unsigned char *const identity_key_raw, size_t identity_key_len)
 {
     signal_protocol_address address = {
-        .name = strdup(jid),
+        .name = jid,
         .name_len = strlen(jid),
         .device_id = device_id,
     };
@@ -538,7 +569,7 @@ omemo_start_device_session(const char *const jid, uint32_t device_id,
     }
 
 out:
-    g_list_free_full(prekeys, (GDestroyNotify)free_omemo_key);
+    SIGNAL_UNREF(identity_key);
     jid_destroy(ownjid);
 }
 
@@ -591,6 +622,7 @@ omemo_on_message_send(ProfWin *win, const char *const message, gboolean request_
             }
             jid_destroy(jid);
         }
+        g_list_free(roster);
     } else {
         ProfChatWin *chatwin = (ProfChatWin *)win;
         assert(chatwin->memcheck == PROFCHATWIN_MEMCHECK);
@@ -625,17 +657,20 @@ omemo_on_message_send(ProfWin *win, const char *const message, gboolean request_
             }
 
             res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
+            session_cipher_free(cipher);
             if (res != 0) {
                 log_error("OMEMO: cannot encrypt key for %s device id %d", address.name, address.device_id);
                 continue;
             }
             signal_buffer *buffer = ciphertext_message_get_serialized(ciphertext);
             omemo_key_t *key = malloc(sizeof(omemo_key_t));
-            key->data = signal_buffer_data(buffer);
             key->length = signal_buffer_len(buffer);
+            key->data = malloc(key->length);
+            memcpy(key->data, signal_buffer_data(buffer), key->length);
             key->device_id = GPOINTER_TO_INT(device_ids_iter->data);
             key->prekey = ciphertext_message_get_type(ciphertext) == CIPHERTEXT_PREKEY_TYPE;
             keys = g_list_append(keys, key);
+            SIGNAL_UNREF(ciphertext);
         }
     }
 
@@ -660,17 +695,20 @@ omemo_on_message_send(ProfWin *win, const char *const message, gboolean request_
             }
 
             res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
+            session_cipher_free(cipher);
             if (res != 0) {
                 log_error("OMEMO: cannot encrypt key for %s device id %d", address.name, address.device_id);
                 continue;
             }
             signal_buffer *buffer = ciphertext_message_get_serialized(ciphertext);
             omemo_key_t *key = malloc(sizeof(omemo_key_t));
-            key->data = signal_buffer_data(buffer);
             key->length = signal_buffer_len(buffer);
+            key->data = malloc(key->length);
+            memcpy(key->data, signal_buffer_data(buffer), key->length);
             key->device_id = GPOINTER_TO_INT(device_ids_iter->data);
             key->prekey = ciphertext_message_get_type(ciphertext) == CIPHERTEXT_PREKEY_TYPE;
             keys = g_list_append(keys, key);
+            SIGNAL_UNREF(ciphertext);
         }
     }
 
@@ -686,7 +724,7 @@ omemo_on_message_send(ProfWin *win, const char *const message, gboolean request_
 
 out:
     jid_destroy(jid);
-    g_list_free_full(keys, free);
+    g_list_free_full(keys, (GDestroyNotify)omemo_key_free);
     free(ciphertext);
     gcry_free(key);
     gcry_free(iv);
@@ -734,6 +772,7 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
                 break;
             }
         }
+        g_list_free(roster);
         if (!sender) {
             log_warning("OMEMO: cannot find MUC message sender fulljid");
             goto out;
@@ -770,6 +809,9 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
         curve_generate_key_pair(omemo_ctx.signal, &ec_pair);
         session_pre_key_create(&new_pre_key, pre_key_id, ec_pair);
         signal_protocol_pre_key_store_key(omemo_ctx.store, new_pre_key);
+        SIGNAL_UNREF(new_pre_key);
+        SIGNAL_UNREF(message);
+        SIGNAL_UNREF(ec_pair);
         omemo_bundle_publish();
 
         if (res == 0) {
@@ -781,16 +823,19 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
         signal_message *message;
         signal_message_deserialize(&message, key->data, key->length, omemo_ctx.signal);
         res = session_cipher_decrypt_signal_message(cipher, message, NULL, &plaintext_key);
+        SIGNAL_UNREF(message);
     }
+
+    session_cipher_free(cipher);
     if (res != 0) {
         log_error("OMEMO: cannot decrypt message key");
-        return NULL;
+        goto out;
     }
 
     if (signal_buffer_len(plaintext_key) != AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH) {
         log_error("OMEMO: invalid key length");
         signal_buffer_free(plaintext_key);
-        return NULL;
+        goto out;
     }
 
     size_t plaintext_len = payload_len;
@@ -798,11 +843,12 @@ omemo_on_message_recv(const char *const from_jid, uint32_t sid,
     res = aes128gcm_decrypt(plaintext, &plaintext_len, payload, payload_len, iv,
         signal_buffer_data(plaintext_key),
         signal_buffer_data(plaintext_key) + AES128_GCM_KEY_LENGTH);
+    signal_buffer_free(plaintext_key);
     if (res != 0) {
         log_error("OMEMO: cannot decrypt message: %s", gcry_strerror(res));
-        signal_buffer_free(plaintext_key);
         free(plaintext);
-        return NULL;
+        plaintext = NULL;
+        goto out;
     }
 
     plaintext[plaintext_len] = '\0';
@@ -1040,14 +1086,14 @@ handle_device_list_start_session(const char *const jid, GList *device_list)
     return FALSE;
 }
 
-static void
-free_omemo_key(omemo_key_t *key)
+void
+omemo_key_free(omemo_key_t *key)
 {
     if (key == NULL) {
         return;
     }
 
-    free((void *)key->data);
+    free(key->data);
     free(key);
 }
 
@@ -1062,13 +1108,14 @@ load_identity(void)
     char *identity_key_public_b64 = g_key_file_get_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PUBLIC, NULL);
     size_t identity_key_public_len;
     unsigned char *identity_key_public = g_base64_decode(identity_key_public_b64, &identity_key_public_len);
+    g_free(identity_key_public_b64);
     omemo_ctx.identity_key_store.public = signal_buffer_create(identity_key_public, identity_key_public_len);
 
     char *identity_key_private_b64 = g_key_file_get_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_IDENTITY, OMEMO_STORE_KEY_IDENTITY_KEY_PRIVATE, NULL);
     size_t identity_key_private_len;
     unsigned char *identity_key_private = g_base64_decode(identity_key_private_b64, &identity_key_private_len);
+    g_free(identity_key_private_b64);
     omemo_ctx.identity_key_store.private = signal_buffer_create(identity_key_private, identity_key_private_len);
-    signal_buffer_create(identity_key_private, identity_key_private_len);
 
     ec_public_key *public_key;
     curve_decode_point(&public_key, identity_key_public, identity_key_public_len, omemo_ctx.signal);
@@ -1086,11 +1133,13 @@ load_identity(void)
             char *key_b64 = g_key_file_get_string(omemo_ctx.identity_keyfile, OMEMO_STORE_GROUP_TRUST, keys[i], NULL);
             size_t key_len;
             unsigned char *key = g_base64_decode(key_b64, &key_len);
+            g_free(key_b64);
             signal_buffer *buffer = signal_buffer_create(key, key_len);
-            g_hash_table_insert(omemo_ctx.identity_key_store.trusted, keys[i], buffer);
-            free(key_b64);
+            g_free(key);
+            g_hash_table_insert(omemo_ctx.identity_key_store.trusted, strdup(keys[i]), buffer);
         }
     }
+    g_strfreev(keys);
 }
 
 static void
@@ -1115,11 +1164,14 @@ load_sessions(void)
                 char *record_b64 = g_key_file_get_string(omemo_ctx.sessions_keyfile, groups[i], keys[j], NULL);
                 size_t record_len;
                 unsigned char *record = g_base64_decode(record_b64, &record_len);
+                g_free(record_b64);
                 signal_buffer *buffer = signal_buffer_create(record, record_len);
+                g_free(record);
                 g_hash_table_insert(device_store, GINT_TO_POINTER(id), buffer);
-                free(record_b64);
             }
+            g_strfreev(keys);
         }
+        free(groups);
     }
 }
 
diff --git a/src/omemo/omemo.h b/src/omemo/omemo.h
index e78bd09b..e9e9cf8d 100644
--- a/src/omemo/omemo.h
+++ b/src/omemo/omemo.h
@@ -9,7 +9,7 @@
 typedef struct omemo_context_t omemo_context;
 
 typedef struct omemo_key {
-    const unsigned char *data;
+    unsigned char *data;
     size_t length;
     gboolean prekey;
     uint32_t device_id;
@@ -18,7 +18,9 @@ typedef struct omemo_key {
 
 void omemo_init(void);
 void omemo_on_connect(ProfAccount *account);
+void omemo_on_disconnect(void);
 void omemo_generate_crypto_materials(ProfAccount *account);
+void omemo_key_free(omemo_key_t *key);
 
 uint32_t omemo_device_id(void);
 void omemo_identity_key(unsigned char **output, size_t *length);
diff --git a/src/omemo/store.c b/src/omemo/store.c
index 621c902c..4b20d29f 100644
--- a/src/omemo/store.c
+++ b/src/omemo/store.c
@@ -109,7 +109,10 @@ store_session(const signal_protocol_address *address,
 
 
     char *record_b64 = g_base64_encode(record, record_len);
-    g_key_file_set_string(omemo_sessions_keyfile(), address->name, g_strdup_printf("%d", address->device_id), record_b64);
+    char *device_id = g_strdup_printf("%d", address->device_id);
+    g_key_file_set_string(omemo_sessions_keyfile(), address->name, device_id, record_b64);
+    free(device_id);
+    g_free(record_b64);
 
     omemo_sessions_keyfile_save();
 
@@ -283,9 +286,10 @@ save_identity(const signal_protocol_address *address, uint8_t *key_data,
 
     char *key_b64 = g_base64_encode(key_data, key_len);
     g_key_file_set_string(omemo_identity_keyfile(), OMEMO_STORE_GROUP_TRUST, node, key_b64);
+    g_free(key_b64);
 
     omemo_identity_keyfile_save();
-    free(node);
+    g_free(node);
 
     return SG_SUCCESS;
 }
@@ -294,13 +298,19 @@ int
 is_trusted_identity(const signal_protocol_address *address, uint8_t *key_data,
     size_t key_len, void *user_data)
 {
+    int ret;
     identity_key_store_t *identity_key_store = (identity_key_store_t *)user_data;
     char *node = g_strdup_printf("%s:%d", address->name, address->device_id);
 
     signal_buffer *buffer = signal_buffer_create(key_data, key_len);
     signal_buffer *original = g_hash_table_lookup(identity_key_store->trusted, node);
+    g_free(node);
 
-    return original != NULL && signal_buffer_compare(buffer, original) == 0;
+    ret = original != NULL && signal_buffer_compare(buffer, original) == 0;
+
+    signal_buffer_free(buffer);
+
+    return ret;
 }
 
 int