/
CryptoModule.h
93 lines (74 loc) · 2.67 KB
/
CryptoModule.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#pragma once
#include <memory>
#include <string>
#include <unordered_map>
#include "olm/olm.h"
#include "Persist.h"
#include "Session.h"
#include "Tools.h"
namespace comm {
namespace crypto {
class CryptoModule {
OlmBuffer accountBuffer;
std::unordered_map<std::string, std::shared_ptr<Session>> sessions = {};
Keys keys;
OlmAccount *getOlmAccount();
void createAccount();
void exposePublicIdentityKeys();
void generateOneTimeKeys(size_t oneTimeKeysAmount);
std::string generateAndGetPrekey();
// returns number of published keys
size_t publishOneTimeKeys();
bool prekeyExistsAndOlderThan(uint64_t threshold);
public:
const std::string id;
CryptoModule(std::string id);
CryptoModule(std::string id, std::string secretKey, Persist persist);
// CryptoModule's accountBuffer cannot be safely copied
// See explanation in https://phab.comm.dev/D9562
CryptoModule(const CryptoModule &) = delete;
static Keys keysFromStrings(
const std::string &identityKeys,
const std::string &oneTimeKeys);
std::string getIdentityKeys();
std::string getOneTimeKeysForPublishing(size_t oneTimeKeysAmount = 10);
// Prekey rotation methods for X3DH
std::uint8_t getNumPrekeys();
std::string getPrekey();
std::string getPrekeySignature();
std::optional<std::string> getUnpublishedPrekey();
void markPrekeyAsPublished();
void forgetOldPrekey();
void initializeInboundForReceivingSession(
const std::string &targetDeviceId,
const OlmBuffer &encryptedMessage,
const OlmBuffer &idKeys,
int sessionVersion,
const bool overwrite);
int initializeOutboundForSendingSession(
const std::string &targetDeviceId,
const OlmBuffer &idKeys,
const OlmBuffer &preKeys,
const OlmBuffer &preKeySignature,
const OlmBuffer &oneTimeKey);
bool hasSessionFor(const std::string &targetDeviceId);
std::shared_ptr<Session> getSessionByDeviceId(const std::string &deviceId);
void removeSessionByDeviceId(const std::string &deviceId);
Persist storeAsB64(const std::string &secretKey);
void restoreFromB64(const std::string &secretKey, Persist persist);
EncryptedData
encrypt(const std::string &targetDeviceId, const std::string &content);
std::string
decrypt(const std::string &targetDeviceId, EncryptedData &encryptedData);
std::string decryptSequential(
const std::string &targetDeviceId,
EncryptedData &encryptedData);
std::string signMessage(const std::string &message);
static void verifySignature(
const std::string &publicKey,
const std::string &message,
const std::string &signature);
std::optional<std::string> validatePrekey();
};
} // namespace crypto
} // namespace comm