From 1b59878fd69c93f1258c2295e3473ebba2a252ae Mon Sep 17 00:00:00 2001 From: HardenedVault Date: Mon, 4 Nov 2019 17:40:55 +0800 Subject: [PATCH 1/3] Consider device_id when dealing with remote identity keys. As signal protocol suggests, different clients under the same account are distinguished by their device_id, so what should be uniquely stored and queried should be the tuple of (addr_p->name, addr_p->device_id, identity_key), not (addr_p->name, identity_key). Signed-off-by: HardenedVault --- src/axc_store.c | 39 ++++++++++++++++++++++----------------- src/axc_store.h | 2 +- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/src/axc_store.c b/src/axc_store.c index b69c3a2..0e14ad8 100644 --- a/src/axc_store.c +++ b/src/axc_store.c @@ -38,6 +38,7 @@ #define IDENTITY_KEY_STORE_KEY_NAME "key" #define IDENTITY_KEY_STORE_KEY_LEN_NAME "key_len" #define IDENTITY_KEY_STORE_TRUSTED_NAME "trusted" +#define IDENTITY_KEY_STORE_DEVICE_ID_NAME "device_id" #define SETTINGS_STORE_TABLE_NAME "settings" #define SETTINGS_STORE_NAME_NAME "name" #define SETTINGS_STORE_PROPERTY_NAME "property" @@ -177,7 +178,8 @@ int axc_db_create(axc_context * axc_ctx_p) { IDENTITY_KEY_STORE_NAME_NAME " TEXT NOT NULL PRIMARY KEY, " IDENTITY_KEY_STORE_KEY_NAME " BLOB NOT NULL, " IDENTITY_KEY_STORE_KEY_LEN_NAME " INTEGER NOT NULL, " - IDENTITY_KEY_STORE_TRUSTED_NAME " INTEGER NOT NULL);" + IDENTITY_KEY_STORE_TRUSTED_NAME " INTEGER NOT NULL, " + IDENTITY_KEY_STORE_DEVICE_ID_NAME " INTEGER NOT NULL);" "CREATE TABLE IF NOT EXISTS " SETTINGS_STORE_TABLE_NAME "(" SETTINGS_STORE_NAME_NAME " TEXT NOT NULL PRIMARY KEY, " SETTINGS_STORE_PROPERTY_NAME " INTEGER NOT NULL);" @@ -1283,8 +1285,8 @@ int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t * key_d // 2 - key blob // 3 - length of the key // 4 - trusted (1 for true, 0 for false) - char save_stmt[] = "INSERT OR REPLACE INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4);"; - char del_stmt[] = "DELETE FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1;"; + char save_stmt[] = "INSERT OR REPLACE INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4, ?5);"; + char del_stmt[] = "DELETE FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; char * stmt = (void *) 0; if (key_data) { @@ -1316,6 +1318,13 @@ int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t * key_d db_conn_cleanup(db_p, pstmt_p, "Failed to bind", __func__, axc_ctx_p); return -24; } + if(sqlite3_bind_int(pstmt_p, 5, addr_p->device_id)) { + db_conn_cleanup(db_p, pstmt_p, "Failed to bind", __func__, axc_ctx_p); + return -25; + } + } else if (sqlite3_bind_int(pstmt_p, 2, addr_p->device_id)) { + db_conn_cleanup(db_p, pstmt_p, "Failed to bind", __func__, axc_ctx_p); + return -25; } if (db_exec_single_change(db_p, pstmt_p, axc_ctx_p)) return -3; @@ -1324,23 +1333,27 @@ int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t * key_d return 0; } -int axc_db_identity_is_trusted(const char * name, size_t name_len, uint8_t * key_data, size_t key_len, void * user_data) { - const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1;"; +int axc_db_identity_is_trusted(const signal_protocol_address * addr_p, uint8_t * key_data, size_t key_len, void * user_data) { + const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; - signal_buffer * key_record = (void *) 0; int step_result = 0; size_t record_len = 0; if (db_conn_open(&db_p, &pstmt_p, stmt, user_data)) return -1; - if (sqlite3_bind_text(pstmt_p, 1, name, -1, SQLITE_TRANSIENT)) { + if (sqlite3_bind_text(pstmt_p, 1, addr_p->name, -1, SQLITE_TRANSIENT)) { db_conn_cleanup(db_p, pstmt_p, "Failed to bind", __func__, axc_ctx_p); return -21; } + if (sqlite3_bind_int(pstmt_p, 2, addr_p->device_id)) { + db_conn_cleanup(db_p, pstmt_p, "Failed to bind", __func__, axc_ctx_p); + return -25; + } + step_result = sqlite3_step(pstmt_p); if (step_result == SQLITE_DONE) { // no entry = trusted, according to docs @@ -1355,25 +1368,17 @@ int axc_db_identity_is_trusted(const char * name, size_t name_len, uint8_t * key return 0; } - key_record = signal_buffer_create(sqlite3_column_blob(pstmt_p, 1), record_len); - if (key_record == 0) { - db_conn_cleanup(db_p, pstmt_p, "Buffer could not be initialised", __func__, axc_ctx_p); - return -3; - } - - if (memcmp(key_data, signal_buffer_data(key_record), key_len)) { + // key_len should equal to record_len here + if (memcmp(key_data, sqlite3_column_blob(pstmt_p, 1), key_len)) { db_conn_cleanup(db_p, pstmt_p, "Key data does not match", __func__, axc_ctx_p); } db_conn_cleanup(db_p, pstmt_p, (void *) 0, __func__, axc_ctx_p); - signal_buffer_bzero_free(key_record); return 1; } else { db_conn_cleanup(db_p, pstmt_p, "Failed executing SQL statement", __func__, axc_ctx_p); return -32; } - - (void)name_len; } int axc_db_identity_always_trusted(const signal_protocol_address * addr_p, uint8_t * key_data, size_t key_len, void * user_data) { diff --git a/src/axc_store.h b/src/axc_store.h index 03e1b34..f6a5d28 100644 --- a/src/axc_store.h +++ b/src/axc_store.h @@ -75,7 +75,7 @@ void axc_db_signed_pre_key_destroy_ctx(void *user_data); int axc_db_identity_get_key_pair(signal_buffer **public_data, signal_buffer **private_data, void *user_data); int axc_db_identity_get_local_registration_id(void *user_data, uint32_t *registration_id); int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t *key_data, size_t key_len, void *user_data); -int axc_db_identity_is_trusted(const char *name, size_t name_len, uint8_t *key_data, size_t key_len, void *user_data); +int axc_db_identity_is_trusted(const signal_protocol_address * addr_p, uint8_t * key_data, size_t key_len, void * user_data); int axc_db_identity_always_trusted(const signal_protocol_address * addr_p, uint8_t * key_data, size_t key_len, void * user_data); void axc_db_identity_destroy_ctx(void *user_data); From 845ca2aa38ed845dcdf7cffc0b31fe48eb81f8c8 Mon Sep 17 00:00:00 2001 From: HardenedVault Date: Tue, 5 Nov 2019 12:37:21 +0800 Subject: [PATCH 2/3] Apply static storage class for semantic constants Auto variables must be initialized at every time the housing code blocks ({}) are called, even qualified with "const", so if semantic constants are needed, they had better be stored statically, i.e. declared as global "const" or "static const" in blocks. By the way, it is better to initialize those provider structures with global constant templates. Signed-off-by: HardenedVault --- src/axc.c | 59 ++++++----------------------- src/axc_crypto.c | 15 ++++++++ src/axc_crypto.h | 2 + src/axc_store.c | 96 +++++++++++++++++++++++++++++++++--------------- src/axc_store.h | 5 +++ 5 files changed, 100 insertions(+), 77 deletions(-) diff --git a/src/axc.c b/src/axc.c index 78d9c72..b242a8b 100644 --- a/src/axc.c +++ b/src/axc.c @@ -459,40 +459,14 @@ int axc_init(axc_context * ctx_p) { axc_mutexes * mutexes_p = (void *) 0; signal_protocol_store_context * store_context_p = (void *) 0; - signal_protocol_session_store session_store = { - .load_session_func = &axc_db_session_load, - .get_sub_device_sessions_func = &axc_db_session_get_sub_device_sessions, - .store_session_func = &axc_db_session_store, - .contains_session_func = &axc_db_session_contains, - .delete_session_func = &axc_db_session_delete, - .delete_all_sessions_func = &axc_db_session_delete_all, - .destroy_func = &axc_db_session_destroy_store_ctx, - .user_data = ctx_p - }; - signal_protocol_pre_key_store pre_key_store = { - .load_pre_key = &axc_db_pre_key_load, - .store_pre_key = &axc_db_pre_key_store, - .contains_pre_key = &axc_db_pre_key_contains, - .remove_pre_key = &axc_db_pre_key_remove, - .destroy_func = &axc_db_pre_key_destroy_ctx, - .user_data = ctx_p - }; - signal_protocol_signed_pre_key_store signed_pre_key_store = { - .load_signed_pre_key = &axc_db_signed_pre_key_load, - .store_signed_pre_key = &axc_db_signed_pre_key_store, - .contains_signed_pre_key = &axc_db_signed_pre_key_contains, - .remove_signed_pre_key = &axc_db_signed_pre_key_remove, - .destroy_func = &axc_db_signed_pre_key_destroy_ctx, - .user_data = ctx_p - }; - signal_protocol_identity_key_store identity_key_store = { - .get_identity_key_pair = &axc_db_identity_get_key_pair, - .get_local_registration_id = &axc_db_identity_get_local_registration_id, - .save_identity = &axc_db_identity_save, - .is_trusted_identity = &axc_db_identity_always_trusted, - .destroy_func = &axc_db_identity_destroy_ctx, - .user_data = ctx_p - }; + signal_protocol_session_store session_store = axc_session_store_tmpl; + session_store.user_data = ctx_p; + signal_protocol_pre_key_store pre_key_store = axc_pre_key_store_tmpl; + pre_key_store.user_data = ctx_p; + signal_protocol_signed_pre_key_store signed_pre_key_store = axc_signed_pre_key_store_tmpl; + signed_pre_key_store.user_data = ctx_p; + signal_protocol_identity_key_store identity_key_store = axc_identity_key_store_tmpl; + identity_key_store.user_data = ctx_p; // init mutexes ret_val = axc_mutexes_create_and_init(&mutexes_p); @@ -512,20 +486,9 @@ int axc_init(axc_context * ctx_p) { axc_log(ctx_p, AXC_LOG_DEBUG, "%s: created and set axolotl context", __func__); // 2. init and set crypto provider - signal_crypto_provider crypto_provider = { - .random_func = random_bytes, - .hmac_sha256_init_func = hmac_sha256_init, - .hmac_sha256_update_func = hmac_sha256_update, - .hmac_sha256_final_func = hmac_sha256_final, - .hmac_sha256_cleanup_func = hmac_sha256_cleanup, - .sha512_digest_init_func = sha512_digest_init, - .sha512_digest_update_func = sha512_digest_update, - .sha512_digest_final_func = sha512_digest_final, - .sha512_digest_cleanup_func = sha512_digest_cleanup, - .encrypt_func = aes_encrypt, - .decrypt_func = aes_decrypt, - .user_data = ctx_p - }; + signal_crypto_provider crypto_provider = axc_crypto_provider_tmpl; + crypto_provider.user_data = ctx_p; + if (signal_context_set_crypto_provider(ctx_p->axolotl_global_context_p, &crypto_provider)) { err_msg = "failed to set crypto provider"; ret_val = -1; diff --git a/src/axc_crypto.c b/src/axc_crypto.c index 693eed7..5c71419 100644 --- a/src/axc_crypto.c +++ b/src/axc_crypto.c @@ -490,3 +490,18 @@ int aes_decrypt(signal_buffer ** output_pp, return ret_val; } + +const signal_crypto_provider axc_crypto_provider_tmpl = { + .random_func = random_bytes, + .hmac_sha256_init_func = hmac_sha256_init, + .hmac_sha256_update_func = hmac_sha256_update, + .hmac_sha256_final_func = hmac_sha256_final, + .hmac_sha256_cleanup_func = hmac_sha256_cleanup, + .sha512_digest_init_func = sha512_digest_init, + .sha512_digest_update_func = sha512_digest_update, + .sha512_digest_final_func = sha512_digest_final, + .sha512_digest_cleanup_func = sha512_digest_cleanup, + .encrypt_func = aes_encrypt, + .decrypt_func = aes_decrypt, + .user_data = (void *) 0 +}; diff --git a/src/axc_crypto.h b/src/axc_crypto.h index d72d596..e88971d 100644 --- a/src/axc_crypto.h +++ b/src/axc_crypto.h @@ -4,6 +4,8 @@ #include "signal_protocol.h" +extern const signal_crypto_provider axc_crypto_provider_tmpl; + void axc_crypto_init(void); void axc_crypto_teardown(void); diff --git a/src/axc_store.c b/src/axc_store.c index 0e14ad8..b978672 100644 --- a/src/axc_store.c +++ b/src/axc_store.c @@ -158,7 +158,7 @@ void db_exec_quick(const char stmt[], void * user_data_p) { } int axc_db_create(axc_context * axc_ctx_p) { - const char stmt[] = "BEGIN TRANSACTION;" + static const char stmt[] = "BEGIN TRANSACTION;" "CREATE TABLE IF NOT EXISTS " SESSION_STORE_TABLE_NAME "(" SESSION_STORE_NAME_NAME " TEXT NOT NULL, " SESSION_STORE_NAME_LEN_NAME " INTEGER NOT NULL, " @@ -210,7 +210,7 @@ int axc_db_create(axc_context * axc_ctx_p) { * @param axc_ctx_p Pointer to the axc context. */ int axc_db_destroy(axc_context * axc_ctx_p) { - const char stmt[] = "BEGIN TRANSACTION;" + static const char stmt[] = "BEGIN TRANSACTION;" "DROP TABLE IF EXISTS " SESSION_STORE_TABLE_NAME ";" "DROP TABLE IF EXISTS " PRE_KEY_STORE_TABLE_NAME ";" "DROP TABLE IF EXISTS " SIGNED_PRE_KEY_STORE_TABLE_NAME ";" @@ -240,7 +240,7 @@ int axc_db_destroy(axc_context * axc_ctx_p) { int axc_db_property_set(const char * name, const int val, axc_context * axc_ctx_p) { // 1 - name of property // 2 - value - const char stmt[] = "INSERT OR REPLACE INTO " SETTINGS_STORE_TABLE_NAME " VALUES (?1, ?2);"; + static const char stmt[] = "INSERT OR REPLACE INTO " SETTINGS_STORE_TABLE_NAME " VALUES (?1, ?2);"; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; @@ -263,7 +263,7 @@ int axc_db_property_set(const char * name, const int val, axc_context * axc_ctx_ } int axc_db_property_get(const char * name, int * val_p, axc_context * axc_ctx_p) { - const char stmt[] = "SELECT * FROM " SETTINGS_STORE_TABLE_NAME " WHERE name IS ?1;"; + static const char stmt[] = "SELECT * FROM " SETTINGS_STORE_TABLE_NAME " WHERE name IS ?1;"; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; @@ -306,7 +306,7 @@ int axc_db_init_status_get(int * init_status_p, axc_context * axc_ctx_p) { // session store impl int axc_db_session_load(signal_buffer ** record, signal_buffer ** user_record, const signal_protocol_address * address, void * user_data) { - const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME + static const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1" " AND " SESSION_STORE_DEVICE_ID_NAME " IS ?2;"; @@ -351,7 +351,7 @@ int axc_db_session_load(signal_buffer ** record, signal_buffer ** user_record, c } int axc_db_session_get_sub_device_sessions(signal_int_list ** sessions, const char * name, size_t name_len, void * user_data) { - const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -399,7 +399,7 @@ int axc_db_session_get_sub_device_sessions(signal_int_list ** sessions, const ch } int axc_db_session_store(const signal_protocol_address *address, uint8_t *record, size_t record_len, uint8_t *user_record, size_t user_record_len, void *user_data) { - const char stmt[] = "INSERT OR REPLACE INTO " SESSION_STORE_TABLE_NAME " VALUES (:name, :name_len, :device_id, :session_record, :record_len);"; + static const char stmt[] = "INSERT OR REPLACE INTO " SESSION_STORE_TABLE_NAME " VALUES (:name, :name_len, :device_id, :session_record, :record_len);"; (void) user_record; (void) user_record_len; @@ -437,7 +437,7 @@ int axc_db_session_store(const signal_protocol_address *address, uint8_t *record } int axc_db_session_contains(const signal_protocol_address * address, void * user_data) { - const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME + static const char stmt[] = "SELECT * FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1" " AND " SESSION_STORE_DEVICE_ID_NAME " IS ?2;"; @@ -473,7 +473,7 @@ int axc_db_session_contains(const signal_protocol_address * address, void * user } int axc_db_session_delete(const signal_protocol_address * address, void * user_data) { - const char stmt[] = "DELETE FROM " SESSION_STORE_TABLE_NAME + static const char stmt[] = "DELETE FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1" " AND " SESSION_STORE_DEVICE_ID_NAME " IS ?2;"; @@ -507,7 +507,7 @@ int axc_db_session_delete(const signal_protocol_address * address, void * user_d } int axc_db_session_delete_all(const char * name, size_t name_len, void * user_data) { - const char stmt[] = "DELETE FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1;"; + static const char stmt[] = "DELETE FROM " SESSION_STORE_TABLE_NAME " WHERE " SESSION_STORE_NAME_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -540,7 +540,7 @@ void axc_db_session_destroy_store_ctx(void * user_data) { // pre key store impl int axc_db_pre_key_load(signal_buffer ** record, uint32_t pre_key_id, void * user_data) { - const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -576,7 +576,7 @@ int axc_db_pre_key_load(signal_buffer ** record, uint32_t pre_key_id, void * use } int axc_db_pre_key_store(uint32_t pre_key_id, uint8_t * record, size_t record_len, void * user_data) { - const char stmt[] = "INSERT OR REPLACE INTO " PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; + static const char stmt[] = "INSERT OR REPLACE INTO " PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -603,9 +603,9 @@ int axc_db_pre_key_store(uint32_t pre_key_id, uint8_t * record, size_t record_le } int axc_db_pre_key_store_list(signal_protocol_key_helper_pre_key_list_node * pre_keys_head, axc_context * axc_ctx_p) { - const char stmt_begin[] = "BEGIN TRANSACTION;"; - const char stmt[] = "INSERT OR REPLACE INTO " PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; - const char stmt_commit[] = "COMMIT TRANSACTION;"; + static const char stmt_begin[] = "BEGIN TRANSACTION;"; + static const char stmt[] = "INSERT OR REPLACE INTO " PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; + static const char stmt_commit[] = "COMMIT TRANSACTION;"; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; @@ -676,7 +676,7 @@ int axc_db_pre_key_store_list(signal_protocol_key_helper_pre_key_list_node * pre } int axc_db_pre_key_get_list(size_t amount, axc_context * axc_ctx_p, axc_buf_list_item ** list_head_pp) { - const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME + static const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME " ORDER BY " PRE_KEY_STORE_ID_NAME " ASC LIMIT ?1;"; int ret_val = -1; @@ -774,7 +774,7 @@ int axc_db_pre_key_get_list(size_t amount, axc_context * axc_ctx_p, axc_buf_list } int axc_db_pre_key_contains(uint32_t pre_key_id, void * user_data) { - const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -862,7 +862,7 @@ int axc_db_pre_key_get_count(axc_context * axc_ctx_p, size_t * count_p) { } int axc_db_pre_key_remove(uint32_t pre_key_id, void * user_data) { - const char stmt[] = "DELETE FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "DELETE FROM " PRE_KEY_STORE_TABLE_NAME " WHERE " PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -897,7 +897,7 @@ void axc_db_pre_key_destroy_ctx(void * user_data) { // signed pre key store impl int axc_db_signed_pre_key_load(signal_buffer ** record, uint32_t signed_pre_key_id, void * user_data) { - const char stmt[] = "SELECT * FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -933,7 +933,7 @@ int axc_db_signed_pre_key_load(signal_buffer ** record, uint32_t signed_pre_key_ } int axc_db_signed_pre_key_store(uint32_t signed_pre_key_id, uint8_t * record, size_t record_len, void * user_data) { - const char stmt[] = "INSERT OR REPLACE INTO " SIGNED_PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; + static const char stmt[] = "INSERT OR REPLACE INTO " SIGNED_PRE_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3);"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -960,7 +960,7 @@ int axc_db_signed_pre_key_store(uint32_t signed_pre_key_id, uint8_t * record, si } int axc_db_signed_pre_key_contains(uint32_t signed_pre_key_id, void * user_data) { - const char stmt[] = "SELECT * FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -989,7 +989,7 @@ int axc_db_signed_pre_key_contains(uint32_t signed_pre_key_id, void * user_data) } int axc_db_signed_pre_key_remove(uint32_t signed_pre_key_id, void * user_data) { - const char stmt[] = "DELETE FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; + static const char stmt[] = "DELETE FROM " SIGNED_PRE_KEY_STORE_TABLE_NAME " WHERE " SIGNED_PRE_KEY_STORE_ID_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -1031,7 +1031,7 @@ int axc_db_identity_set_key_pair(const ratchet_identity_key_pair * key_pair_p, a // 2 - key blob // 3 - length of the key // 4 - trusted (1 for true, 0 for false) - const char stmt[] = "INSERT INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4);"; + static const char stmt[] = "INSERT INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4);"; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; @@ -1157,7 +1157,7 @@ int axc_db_identity_set_key_pair(const ratchet_identity_key_pair * key_pair_p, a int axc_db_identity_get_key_pair(signal_buffer ** public_data, signal_buffer ** private_data, void * user_data) { - const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -1251,7 +1251,7 @@ int axc_db_identity_set_local_registration_id(const uint32_t reg_id, axc_context } int axc_db_identity_get_local_registration_id(void * user_data, uint32_t * registration_id) { - const char stmt[] = "SELECT * FROM " SETTINGS_STORE_TABLE_NAME " WHERE " SETTINGS_STORE_NAME_NAME " IS ?1;"; + static const char stmt[] = "SELECT * FROM " SETTINGS_STORE_TABLE_NAME " WHERE " SETTINGS_STORE_NAME_NAME " IS ?1;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -1285,9 +1285,9 @@ int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t * key_d // 2 - key blob // 3 - length of the key // 4 - trusted (1 for true, 0 for false) - char save_stmt[] = "INSERT OR REPLACE INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4, ?5);"; - char del_stmt[] = "DELETE FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; - char * stmt = (void *) 0; + static const char save_stmt[] = "INSERT OR REPLACE INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4, ?5);"; + static const char del_stmt[] = "DELETE FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; + const char * stmt = (void *) 0; if (key_data) { stmt = save_stmt; @@ -1334,7 +1334,7 @@ int axc_db_identity_save(const signal_protocol_address * addr_p, uint8_t * key_d } int axc_db_identity_is_trusted(const signal_protocol_address * addr_p, uint8_t * key_data, size_t key_len, void * user_data) { - const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; + static const char stmt[] = "SELECT * FROM " IDENTITY_KEY_STORE_TABLE_NAME " WHERE " IDENTITY_KEY_STORE_NAME_NAME " IS ?1 AND " IDENTITY_KEY_STORE_DEVICE_ID_NAME " IS ?2;"; axc_context * axc_ctx_p = (axc_context *) user_data; sqlite3 * db_p = (void *) 0; @@ -1396,3 +1396,41 @@ void axc_db_identity_destroy_ctx(void * user_data) { //db_exec_quick(stmt, user_data); } + +const signal_protocol_session_store axc_session_store_tmpl = { + .load_session_func = &axc_db_session_load, + .get_sub_device_sessions_func = &axc_db_session_get_sub_device_sessions, + .store_session_func = &axc_db_session_store, + .contains_session_func = &axc_db_session_contains, + .delete_session_func = &axc_db_session_delete, + .delete_all_sessions_func = &axc_db_session_delete_all, + .destroy_func = &axc_db_session_destroy_store_ctx, + .user_data = (void *) 0 +}; + +const signal_protocol_pre_key_store axc_pre_key_store_tmpl = { + .load_pre_key = &axc_db_pre_key_load, + .store_pre_key = &axc_db_pre_key_store, + .contains_pre_key = &axc_db_pre_key_contains, + .remove_pre_key = &axc_db_pre_key_remove, + .destroy_func = &axc_db_pre_key_destroy_ctx, + .user_data = (void *) 0 +}; + +const signal_protocol_signed_pre_key_store axc_signed_pre_key_store_tmpl = { + .load_signed_pre_key = &axc_db_signed_pre_key_load, + .store_signed_pre_key = &axc_db_signed_pre_key_store, + .contains_signed_pre_key = &axc_db_signed_pre_key_contains, + .remove_signed_pre_key = &axc_db_signed_pre_key_remove, + .destroy_func = &axc_db_signed_pre_key_destroy_ctx, + .user_data = (void *) 0 +}; + +const signal_protocol_identity_key_store axc_identity_key_store_tmpl = { + .get_identity_key_pair = &axc_db_identity_get_key_pair, + .get_local_registration_id = &axc_db_identity_get_local_registration_id, + .save_identity = &axc_db_identity_save, + .is_trusted_identity = &axc_db_identity_always_trusted, + .destroy_func = &axc_db_identity_destroy_ctx, + .user_data = (void *) 0 +}; diff --git a/src/axc_store.h b/src/axc_store.h index f6a5d28..a917f22 100644 --- a/src/axc_store.h +++ b/src/axc_store.h @@ -12,6 +12,11 @@ #define AXC_DB_NEEDS_ROLLBACK 0 #define AXC_DB_INITIALIZED 1 +extern const signal_protocol_session_store axc_session_store_tmpl; +extern const signal_protocol_pre_key_store axc_pre_key_store_tmpl; +extern const signal_protocol_signed_pre_key_store axc_signed_pre_key_store_tmpl; +extern const signal_protocol_identity_key_store axc_identity_key_store_tmpl; + // session store int axc_db_session_load(signal_buffer **record, signal_buffer **user_record, const signal_protocol_address *address, void *user_data); int axc_db_session_get_sub_device_sessions(signal_int_list **sessions, const char *name, size_t name_len, void *user_data); From e18a98684bb720dc64e537514ce31a7e0183de70 Mon Sep 17 00:00:00 2001 From: HardenedVault Date: Mon, 18 May 2020 16:55:14 +0800 Subject: [PATCH 3/3] Add missing logic to handle added row in identity key storage --- src/axc_store.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/axc_store.c b/src/axc_store.c index b978672..703ac7a 100644 --- a/src/axc_store.c +++ b/src/axc_store.c @@ -1030,8 +1030,9 @@ int axc_db_identity_set_key_pair(const ratchet_identity_key_pair * key_pair_p, a // 1 - name ("public" or "private") // 2 - key blob // 3 - length of the key - // 4 - trusted (1 for true, 0 for false) - static const char stmt[] = "INSERT INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4);"; + // 4 - trusted (1 for true, 0 for false, 2 for OWN_KEY) + // 5 - device_id (0, for identity key is already marked with OWN_KEY) + static const char stmt[] = "INSERT INTO " IDENTITY_KEY_STORE_TABLE_NAME " VALUES (?1, ?2, ?3, ?4, ?5);"; sqlite3 * db_p = (void *) 0; sqlite3_stmt * pstmt_p = (void *) 0; @@ -1080,6 +1081,12 @@ int axc_db_identity_set_key_pair(const ratchet_identity_key_pair * key_pair_p, a goto cleanup; } + if (sqlite3_bind_int(pstmt_p, 5, 0)) { + err_msg = "Failed to bind"; + ret_val = -24; + goto cleanup; + } + if (sqlite3_step(pstmt_p) != SQLITE_DONE) { err_msg = "Failed to execute statement"; ret_val = -3; @@ -1132,6 +1139,12 @@ int axc_db_identity_set_key_pair(const ratchet_identity_key_pair * key_pair_p, a goto cleanup; } + if (sqlite3_bind_int(pstmt_p, 5, 0)) { + err_msg = "Failed to bind"; + ret_val = -24; + goto cleanup; + } + if (sqlite3_step(pstmt_p) != SQLITE_DONE) { err_msg = "Failed to execute statement"; ret_val = -3;