olm

package module
v0.0.0-...-f4dbe4c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2020 License: Apache-2.0 Imports: 6 Imported by: 3

README

Go olm/megolm bindings GoDoc

Work In Progress.

All original library functions exposed and documented.

Unstable API for now, as I'm figuring out the best way to use the functions from the point of view of a matrix chat client.

License

Published under Apache License Version 2.0 (see LICENSE).

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func VerifySignatureJSON 

func VerifySignatureJSON(_obj interface{}, userID, deviceID string, key Ed25519) (bool, error)

VerifySignatureJSON verifies the signature in the JSON object _obj following the Matrix specification: https://matrix.org/speculator/spec/drafts%2Fe2e/appendices.html#signing-json This function is a wrapper over Utility.VerifySignatureJSON that creates and destroys the Utility object transparently. If the _obj is a struct, the `json` tags will be honored.

func Version 

func Version() (major, minor, patch uint8)

Version returns the version number of the olm library.

Types

type Account 

type Account C.OlmAccount

Account stores a device account for end to end encrypted messaging.

func AccountFromPickled 

func AccountFromPickled(pickled string, key []byte) (*Account, error)

AccountFromPickled loads an Account from a pickled base64 string. Decrypts the Account using the supplied key. Returns error on failure. If the key doesn't match the one used to encrypt the Account then the error will be "BAD_ACCOUNT_KEY". If the base64 couldn't be decoded then the error will be "INVALID_BASE64".

func NewAccount 

func NewAccount() *Account

NewAccount creates a new Account.

func (*Account) Clear 

func (a *Account) Clear() error

Clear clears the memory used to back this Account.

func (*Account) GenOneTimeKeys 

func (a *Account) GenOneTimeKeys(num uint)

GenOneTimeKeys generates a number of new one time keys. If the total number of keys stored by this Account exceeds MaxNumberOfOneTimeKeys then the old keys are discarded.

func (*Account) IdentityKeys 

func (a *Account) IdentityKeys() (Ed25519, Curve25519)

IdentityKeys returns the public parts of the Ed25519 and Curve25519 identity keys for the Account.

func (*Account) IdentityKeysJSON 

func (a *Account) IdentityKeysJSON() string

IdentityKeysJSON returns the public parts of the identity keys for the Account.

func (*Account) MarkKeysAsPublished 

func (a *Account) MarkKeysAsPublished()

MarkKeysAsPublished marks the current set of one time keys as being published.

func (*Account) MaxNumberOfOneTimeKeys 

func (a *Account) MaxNumberOfOneTimeKeys() uint

MaxNumberOfOneTimeKeys returns the largest number of one time keys this Account can store.

func (*Account) NewInboundSession 

func (a *Account) NewInboundSession(oneTimeKeyMsg string) (*Session, error)

NewInboundSession creates a new in-bound session for sending/receiving messages from an incoming PRE_KEY message. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message was for an unsupported protocol version then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then the error will be "BAD_MESSAGE_FORMAT". If the message refers to an unknown one time key then the error will be "BAD_MESSAGE_KEY_ID".

func (*Account) NewInboundSessionFrom 

func (a *Account) NewInboundSessionFrom(theirIdentityKey Curve25519, oneTimeKeyMsg string) (*Session, error)

NewInboundSessionFrom creates a new in-bound session for sending/receiving messages from an incoming PRE_KEY message. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message was for an unsupported protocol version then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then the error will be "BAD_MESSAGE_FORMAT". If the message refers to an unknown one time key then the error will be "BAD_MESSAGE_KEY_ID".

func (*Account) NewOutboundSession 

func (a *Account) NewOutboundSession(theirIdentityKey, theirOneTimeKey Curve25519) (*Session, error)

NewOutboundSession creates a new out-bound session for sending messages to a given curve25519 identityKey and oneTimeKey. Returns error on failure. If the keys couldn't be decoded as base64 then the error will be "INVALID_BASE64"

func (*Account) OneTimeKeys 

func (a *Account) OneTimeKeys() OTKs

OneTimeKeys returns the public parts of the unpublished one time keys for the Account.

The returned data is a struct with the single value "Curve25519", which is itself an object mapping key id to base64-encoded Curve25519 key. For example: 

{
    Curve25519: {
        "AAAAAA": "wo76WcYtb0Vk/pBOdmduiGJ0wIEjW4IBMbbQn7aSnTo",
        "AAAAAB": "LRvjo46L1X2vx69sS9QNFD29HWulxrmW11Up5AfAjgU"
    }
}

func (*Account) Pickle 

func (a *Account) Pickle(key []byte) string

Pickle returns an Account as a base64 string. Encrypts the Account using the supplied key.

func (*Account) RemoveOneTimeKeys 

func (a *Account) RemoveOneTimeKeys(s *Session) error

RemoveOneTimeKeys removes the one time keys that the session used from the Account. Returns error on failure. If the Account doesn't have any matching one time keys then the error will be "BAD_MESSAGE_KEY_ID".

func (*Account) Sign 

func (a *Account) Sign(message string) string

Sign returns the signature of a message using the ed25519 key for this Account.

func (*Account) SignJSON 

func (a *Account) SignJSON(_obj interface{}, userID, deviceID string) (interface{}, error)

SignJSON signs the JSON object _obj following the Matrix specification: https://matrix.org/speculator/spec/drafts%2Fe2e/appendices.html#signing-json If the _obj is a struct, the `json` tags will be honored.

type Algorithm 

type Algorithm string
const (
	AlgorithmNone     Algorithm = ""
	AlgorithmOlmV1    Algorithm = "m.olm.v1.curve25519-aes-sha2"
	AlgorithmMegolmV1 Algorithm = "m.megolm.v1.aes-sha2"
)

type Curve25519 

type Curve25519 string

Curve25519 is the base64 representation of an Curve25519 public key

type Ed25519 

type Ed25519 string

Ed25519 is the base64 representation of an Ed25519 public key

type InboundGroupSession 

type InboundGroupSession C.OlmInboundGroupSession

InboundGroupSession stores an inbound encrypted messaging session for a group.

func InboundGroupSessionFromPickled 

func InboundGroupSessionFromPickled(pickled string, key []byte) (*InboundGroupSession, error)

InboundGroupSessionFromPickled loads an InboundGroupSession from a pickled base64 string. Decrypts the InboundGroupSession using the supplied key. Returns error on failure. If the key doesn't match the one used to encrypt the InboundGroupSession then the error will be "BAD_SESSION_KEY". If the base64 couldn't be decoded then the error will be "INVALID_BASE64".

func InboundGroupSessionImport 

func InboundGroupSessionImport(sessionKey []byte) (*InboundGroupSession, error)

InboundGroupSessionImport imports an inbound group session from a previous export. Returns error on failure. If the sessionKey is not valid base64 the error will be "OLM_INVALID_BASE64". If the session_key is invalid the error will be "OLM_BAD_SESSION_KEY".

func NewInboundGroupSession 

func NewInboundGroupSession(sessionKey []byte) (*InboundGroupSession, error)

NewInboundGroupSession creates a new inbound group session from a key exported from OutboundGroupSession.SessionKey(). Returns error on failure. If the sessionKey is not valid base64 the error will be "OLM_INVALID_BASE64". If the session_key is invalid the error will be "OLM_BAD_SESSION_KEY".

func (*InboundGroupSession) Clear 

func (s *InboundGroupSession) Clear() error

Clear clears the memory used to back this InboundGroupSession.

func (*InboundGroupSession) Decrypt 

func (s *InboundGroupSession) Decrypt(message string) (string, uint32, error)

Decrypt decrypts a message using the InboundGroupSession. Returns the the plain-text and message index on success. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message is for an unsupported version of the protocol then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then the error will be BAD_MESSAGE_FORMAT". If the MAC on the message was invalid then the error will be "BAD_MESSAGE_MAC". If we do not have a session key corresponding to the message's index (ie, it was sent before the session key was shared with us) the error will be "OLM_UNKNOWN_MESSAGE_INDEX".

func (*InboundGroupSession) Export 

func (s *InboundGroupSession) Export(messageIndex uint32) (string, error)

Export returns the base64-encoded ratchet key for this session, at the given index, in a format which can be used by InboundGroupSession.InboundGroupSessionImport(). Encrypts the InboundGroupSession using the supplied key. Returns error on failure. if we do not have a session key corresponding to the given index (ie, it was sent before the session key was shared with us) the error will be "OLM_UNKNOWN_MESSAGE_INDEX".

func (*InboundGroupSession) FirstKnownIndex 

func (s *InboundGroupSession) FirstKnownIndex() uint

FirstKnownIndex returns the first message index we know how to decrypt.

func (*InboundGroupSession) ID 

func (s *InboundGroupSession) ID() SessionID

ID returns a base64-encoded identifier for this session.

func (*InboundGroupSession) IsVerified 

func (s *InboundGroupSession) IsVerified() uint

IsVerified check if the session has been verified as a valid session. (A session is verified either because the original session share was signed, or because we have subsequently successfully decrypted a message.)

func (*InboundGroupSession) Pickle 

func (s *InboundGroupSession) Pickle(key []byte) string

Pickle returns an InboundGroupSession as a base64 string. Encrypts the InboundGroupSession using the supplied key.

type MsgType 

type MsgType uint
const (
	MsgTypePreKey MsgType = 0
	MsgTypeMsg    MsgType = 1
)

cgo doesn't handle static const

type OTKs 

type OTKs struct {
	Curve25519 map[string]Curve25519 `json:"curve25519"`
}

type OutboundGroupSession 

type OutboundGroupSession C.OlmOutboundGroupSession

OutboundGroupSession stores an outbound encrypted messaging session for a group.

func NewOutboundGroupSession 

func NewOutboundGroupSession() *OutboundGroupSession

NewOutboundGroupSession creates a new outbound group session.

func OutboundGroupSessionFromPickled 

func OutboundGroupSessionFromPickled(pickled string, key []byte) (*OutboundGroupSession, error)

OutboundGroupSessionFromPickled loads an OutboundGroupSession from a pickled base64 string. Decrypts the OutboundGroupSession using the supplied key. Returns error on failure. If the key doesn't match the one used to encrypt the OutboundGroupSession then the error will be "BAD_SESSION_KEY". If the base64 couldn't be decoded then the error will be "INVALID_BASE64".

func (*OutboundGroupSession) Clear 

func (s *OutboundGroupSession) Clear() error

Clear clears the memory used to back this OutboundGroupSession.

func (*OutboundGroupSession) Encrypt 

func (s *OutboundGroupSession) Encrypt(plaintext string) string

Encrypt encrypts a message using the Session. Returns the encrypted message as base64.

func (*OutboundGroupSession) ID 

func (s *OutboundGroupSession) ID() SessionID

ID returns a base64-encoded identifier for this session.

func (*OutboundGroupSession) MessageIndex 

func (s *OutboundGroupSession) MessageIndex() uint

MessageIndex returns the message index for this session. Each message is sent with an increasing index; this returns the index for the next message.

func (*OutboundGroupSession) Pickle 

func (s *OutboundGroupSession) Pickle(key []byte) string

Pickle returns an OutboundGroupSession as a base64 string. Encrypts the OutboundGroupSession using the supplied key.

func (*OutboundGroupSession) SessionKey 

func (s *OutboundGroupSession) SessionKey() string

SessionKey returns the base64-encoded current ratchet key for this session.

type Session 

type Session C.OlmSession

Session stores an end to end encrypted messaging session.

func SessionFromPickled 

func SessionFromPickled(pickled string, key []byte) (*Session, error)

SessionFromPickled loads a Session from a pickled base64 string. Decrypts the Session using the supplied key. Returns error on failure. If the key doesn't match the one used to encrypt the Session then the error will be "BAD_SESSION_KEY". If the base64 couldn't be decoded then the error will be "INVALID_BASE64".

func (*Session) Clear 

func (s *Session) Clear() error

Clear clears the memory used to back this Session.

func (*Session) Decrypt 

func (s *Session) Decrypt(message string, msgType MsgType) (string, error)

Decrypt decrypts a message using the Session. Returns the the plain-text on success. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message is for an unsupported version of the protocol then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then the error will be BAD_MESSAGE_FORMAT". If the MAC on the message was invalid then the error will be "BAD_MESSAGE_MAC".

func (*Session) Encrypt 

func (s *Session) Encrypt(plaintext string) (MsgType, string)

Encrypt encrypts a message using the Session. Returns the encrypted message as base64.

func (*Session) EncryptMsgType 

func (s *Session) EncryptMsgType() MsgType

EncryptMsgType returns the type of the next message that Encrypt will return. Returns MsgTypePreKey if the message will be a PRE_KEY message. Returns MsgTypeMsg if the message will be a normal message. Returns error on failure.

func (*Session) HasReceivedMessage 

func (s *Session) HasReceivedMessage() bool

HasReceivedMessage returns true if this session has received any message.

func (*Session) ID 

func (s *Session) ID() SessionID

Id returns an identifier for this Session. Will be the same for both ends of the conversation.

func (*Session) MatchesInboundSession 

func (s *Session) MatchesInboundSession(oneTimeKeyMsg string) (bool, error)

MatchesInboundSession checks if the PRE_KEY message is for this in-bound Session. This can happen if multiple messages are sent to this Account before this Account sends a message in reply. Returns true if the session matches. Returns false if the session does not match. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message was for an unsupported protocol version then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then the error will be "BAD_MESSAGE_FORMAT".

func (*Session) MatchesInboundSessionFrom 

func (s *Session) MatchesInboundSessionFrom(theirIdentityKey, oneTimeKeyMsg string) (bool, error)

MatchesInboundSessionFrom checks if the PRE_KEY message is for this in-bound Session. This can happen if multiple messages are sent to this Account before this Account sends a message in reply. Returns true if the session matches. Returns false if the session does not match. Returns error on failure. If the base64 couldn't be decoded then the error will be "INVALID_BASE64". If the message was for an unsupported protocol version then the error will be "BAD_MESSAGE_VERSION". If the message couldn't be decoded then then the error will be "BAD_MESSAGE_FORMAT".

func (*Session) Pickle 

func (s *Session) Pickle(key []byte) string

Pickle returns a Session as a base64 string. Encrypts the Session using the supplied key.

type SessionID 

type SessionID string

SessionID is the identifier of an Olm/Megolm session

type Signatures 

type Signatures map[string]map[string]string

Signatures is the data structure used to sign JSON objects. It maps from userID to a map from <algorithm:deviceID> to signature.

type Utility 

type Utility C.OlmUtility

Utility stores the necessary state to perform hash and signature verification operations.

func NewUtility 

func NewUtility() *Utility

NewUtility creates a new utility.

func (*Utility) Clear 

func (u *Utility) Clear() error

Clear clears the memory used to back this utility.

func (*Utility) Sha256 

func (u *Utility) Sha256(input string) string

Sha256 calculates the SHA-256 hash of the input and encodes it as base64.

func (*Utility) VerifySignature 

func (u *Utility) VerifySignature(message string, key Ed25519, signature string) (bool, error)

VerifySignature verifies an ed25519 signature. Returns true if the verification suceeds or false otherwise. Returns error on failure. If the key was too small then the error will be "INVALID_BASE64".

func (*Utility) VerifySignatureJSON 

func (u *Utility) VerifySignatureJSON(_obj interface{}, userID, deviceID string, key Ed25519) (bool, error)

VerifySignatureJSON verifies the signature in the JSON object _obj following the Matrix specification: https://matrix.org/speculator/spec/drafts%2Fe2e/appendices.html#signing-json If the _obj is a struct, the `json` tags will be honored.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.