libsignal-protocol 0.1.0

An idiomatic high-level interface to the libsignal-protocol-c crate.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

use crate::{errors::InternalError, Address, Buffer};
use std::{
    os::raw::{c_int, c_void},
    panic::RefUnwindSafe,
};

/// Something used to store identity keys and track trusted identities.
pub trait IdentityKeyStore: RefUnwindSafe {
    /// Get the local client's identity key pair as the tuple `(public,
    /// private)`.
    fn identity_key_pair(&self) -> Result<(Buffer, Buffer), InternalError>;

    /// Get the local client's registration ID.
    ///
    /// Clients should maintain a registration ID, a random number
    /// between 1 and 16380 that's generated once at install time.
    fn local_registration_id(&self) -> Result<u32, InternalError>;

    /// Verify a remote client's identity key.
    ///
    /// Determine whether a remote client's identity is trusted.  Convention is
    /// that the TextSecure protocol is *trust on first use*. This means that
    /// an identity key is considered *trusted* if there is no entry for the
    /// recipient in the local store, or if it matches the saved key for a
    /// recipient in the local store.  Only if it mismatches an entry in the
    /// local store is it considered *untrusted*.
    fn is_trusted_identity(
        &self,
        address: Address,
        identity_key: &[u8],
    ) -> Result<bool, InternalError>;

    /// Save a remote client's identity key as trusted.
    ///
    /// The value of `identity_key` may be empty. In this case remove the key
    /// data from the identity store, but retain any metadata that may be
    /// kept alongside it.
    fn save_identity(
        &self,
        address: Address,
        identity_key: &[u8],
    ) -> Result<(), InternalError>;
}

pub(crate) fn new_vtable<I: IdentityKeyStore + 'static>(
    identity_key_store: I,
) -> sys::signal_protocol_identity_key_store {
    let state: Box<State> = Box::new(State(Box::new(identity_key_store)));

    sys::signal_protocol_identity_key_store {
        user_data: Box::into_raw(state) as *mut c_void,
        get_identity_key_pair: Some(get_identity_key_pair),
        get_local_registration_id: Some(get_local_registration_id),
        save_identity: Some(save_identity),
        is_trusted_identity: Some(is_trusted_identity),
        destroy_func: Some(destroy_func),
    }
}

struct State(Box<dyn IdentityKeyStore>);

unsafe extern "C" fn get_identity_key_pair(
    public_data: *mut *mut sys::signal_buffer,
    private_data: *mut *mut sys::signal_buffer,
    user_data: *mut c_void,
) -> c_int {
    signal_assert!(!user_data.is_null());
    signal_assert!(!public_data.is_null());
    signal_assert!(!private_data.is_null());

    let user_data = &*(user_data as *const State);

    match signal_catch_unwind!(user_data.0.identity_key_pair()) {
        Ok((public, private)) => {
            *public_data = public.into_raw();
            *private_data = private.into_raw();
            sys::SG_SUCCESS as c_int
        },
        Err(e) => e.code(),
    }
}

unsafe extern "C" fn get_local_registration_id(
    user_data: *mut c_void,
    registration_id: *mut u32,
) -> c_int {
    signal_assert!(!user_data.is_null());

    let user_data = &*(user_data as *const State);

    match signal_catch_unwind!(user_data.0.local_registration_id()) {
        Ok(id) => {
            *registration_id = id;
            sys::SG_SUCCESS as c_int
        },
        Err(e) => e.code(),
    }
}

unsafe extern "C" fn save_identity(
    address: *const sys::signal_protocol_address,
    key_data: *mut u8,
    key_len: usize,
    user_data: *mut c_void,
) -> c_int {
    signal_assert!(!address.is_null());
    signal_assert!(!user_data.is_null());

    let user_data = &*(user_data as *const State);
    let address = Address::from_ptr(address);
    let key = if key_data.is_null() {
        &[]
    } else {
        std::slice::from_raw_parts(key_data, key_len)
    };

    match signal_catch_unwind!(user_data.0.save_identity(address, key)) {
        Ok(_) => sys::SG_SUCCESS as _,
        Err(e) => e.code(),
    }
}

unsafe extern "C" fn is_trusted_identity(
    address: *const sys::signal_protocol_address,
    key_data: *mut u8,
    key_len: usize,
    user_data: *mut c_void,
) -> c_int {
    signal_assert!(!address.is_null());
    signal_assert!(!key_data.is_null());
    signal_assert!(!user_data.is_null());

    let user_data = &*(user_data as *const State);
    let address = Address::from_raw(sys::signal_protocol_address {
        name: (*address).name,
        name_len: (*address).name_len,
        device_id: (*address).device_id,
    });
    let key = std::slice::from_raw_parts(key_data, key_len);

    match signal_catch_unwind!(user_data.0.is_trusted_identity(address, key)) {
        Ok(true) => 1,
        Ok(false) => 0,
        Err(e) => e.code(),
    }
}

unsafe extern "C" fn destroy_func(user_data: *mut c_void) {
    if !user_data.is_null() {
        let user_data = Box::from_raw(user_data as *mut State);
        drop(user_data);
    }
}