Merge branch 'main' into devon/pk-pickle

.deny.toml

@@ -0,0 +1,36 @@
+# https://embarkstudios.github.io/cargo-deny/checks/cfg.html
+[graph]
+all-features = true
+exclude = [
+    # dev only dependency
+    "criterion"
+]
+
+[advisories]
+version = 2
+ignore = [
+    { id = "RUSTSEC-2024-0368", reason = "We're only using olm-sys for unit tests" },
+]
+
+[licenses]
+version = 2
+allow = [
+    "Apache-2.0",
+    "BSD-3-Clause",
+    "MIT",
+]
+exceptions = [
+    { allow = ["Unicode-DFS-2016"], crate = "unicode-ident" },
+]
+
+[bans]
+multiple-versions = "warn"
+wildcards = "deny"
+
+[sources]
+unknown-registry = "deny"
+unknown-git = "deny"
+
+allow-git = [
+    "https://github.com/poljar/olm-rs",
+]

.editorconfig

@@ -0,0 +1,17 @@
+root = true
+
+[*]
+charset = utf-8
+
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+indent_style = space
+indent_size = 4
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.yml]
+indent_size = 2

.github/workflows/deny.yml

@@ -0,0 +1,14 @@
+name: Lint dependencies (for licences, allowed sources, banned dependencies, vulnerabilities)
+on:
+  pull_request:
+    paths:
+      - '**/Cargo.toml'
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  cargo-deny:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: EmbarkStudios/cargo-deny-action@v1

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+    "rust-analyzer.checkOnSave.command": "clippy",
+    "rust-analyzer.cargo.features": "all",
+    "rust-analyzer.rustfmt": {
+        "extraArgs": ["+nightly"]
+    }
+}

README.md

@@ -2,26 +2,20 @@
 <div align="center">
     <i>vodozemac is an implementation of Olm (Double Ratchet) and Megolm</i>
     <br/><br/>
-    <a href="https://git-cliff.org">
-        <img src="contrib/zemi.png" width="200"></a>
+    <img src="contrib/zemi.png" width="200">
     <br>
     <hr>
     <a href="https://github.com/matrix-org/vodozemac/releases">
-        <img src="https://img.shields.io/github/v/release/matrix-org/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub&logoColor=white">
-    </a>
+        <img src="https://img.shields.io/github/v/release/matrix-org/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub&logoColor=white"></a>
     <a href="https://crates.io/crates/vodozemac/">
-        <img src="https://img.shields.io/crates/v/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white">
-    </a>
+        <img src="https://img.shields.io/crates/v/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white"></a>
     <a href="https://codecov.io/gh/matrix-org/vodozemac">
-        <img src="https://img.shields.io/codecov/c/gh/matrix-org/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Codecov&logoColor=white">
-    </a>
+        <img src="https://img.shields.io/codecov/c/gh/matrix-org/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Codecov&logoColor=white"></a>
     <br>
     <a href="https://docs.rs/vodozemac/">
-        <img src="https://img.shields.io/docsrs/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white">
-    </a>
+        <img src="https://img.shields.io/docsrs/vodozemac?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white"></a>
     <a href="https://github.com/matrix-org/vodozemac/actions/workflows/ci.yml">
-        <img src="https://img.shields.io/github/actions/workflow/status/matrix-org/vodozemac/ci.yml?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub%20Actions&logoColor=white">
-    </a>
+        <img src="https://img.shields.io/github/actions/workflow/status/matrix-org/vodozemac/ci.yml?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub%20Actions&logoColor=white"></a>
     <br>
     <br>
 </div>

src/olm/account/mod.rs

@@ -129,8 +129,8 @@ impl Account {
     }
 
     /// Sign the given message using our Ed25519 fingerprint key.
-    pub fn sign(&self, message: &str) -> Ed25519Signature {
-        self.signing_key.sign(message.as_bytes())
+    pub fn sign(&self, message: impl AsRef<[u8]>) -> Ed25519Signature {
+        self.signing_key.sign(message.as_ref())
     }
 
     /// Get the maximum number of one-time keys the client should keep on the
@@ -1076,7 +1076,7 @@ mod test {
         #[allow(clippy::redundant_clone)]
         let signing_key_clone = account_with_expanded_key.signing_key.clone();
         signing_key_clone.sign("You met with a terrible fate, haven’t you?".as_bytes());
-        account_with_expanded_key.sign("You met with a terrible fate, haven’t you?");
+        account_with_expanded_key.sign("You met with a terrible fate, haven’t you?".as_bytes());
 
         Ok(())
     }
@@ -1146,7 +1146,7 @@ mod test {
         let vodozemac_pickle = account.to_libolm_pickle(key).unwrap();
         let _ = Account::from_libolm_pickle(&vodozemac_pickle, key).unwrap();
 
-        let vodozemac_signature = account.sign(message);
+        let vodozemac_signature = account.sign(message.as_bytes());
         let olm_signature = Ed25519Signature::from_base64(&olm_signature)
             .expect("We should be able to parse a signature produced by libolm");
         account

src/olm/messages/mod.rs

@@ -19,7 +19,7 @@ pub use message::Message;
 pub use pre_key::PreKeyMessage;
 use serde::{Deserialize, Serialize};
 
-use crate::DecodeError;
+use crate::{base64_decode, base64_encode, DecodeError};
 
 /// Enum over the different Olm message types.
 ///
@@ -67,9 +67,8 @@ impl Serialize for OlmMessage {
     where
         S: serde::Serializer,
     {
-        let (message_type, ciphertext) = self.clone().to_parts();
-
-        let message = MessageSerdeHelper { message_type, ciphertext };
+        let (message_type, ciphertext) = self.to_parts();
+        let message = MessageSerdeHelper { message_type, ciphertext: base64_encode(ciphertext) };
 
         message.serialize(serializer)
     }
@@ -78,18 +77,19 @@ impl Serialize for OlmMessage {
 impl<'de> Deserialize<'de> for OlmMessage {
     fn deserialize<D: serde::Deserializer<'de>>(d: D) -> Result<Self, D::Error> {
         let value = MessageSerdeHelper::deserialize(d)?;
+        let ciphertext_bytes = base64_decode(value.ciphertext).map_err(serde::de::Error::custom)?;
 
-        OlmMessage::from_parts(value.message_type, &value.ciphertext)
+        OlmMessage::from_parts(value.message_type, ciphertext_bytes.as_slice())
             .map_err(serde::de::Error::custom)
     }
 }
 
 impl OlmMessage {
     /// Create a `OlmMessage` from a message type and a ciphertext.
-    pub fn from_parts(message_type: usize, ciphertext: &str) -> Result<Self, DecodeError> {
+    pub fn from_parts(message_type: usize, ciphertext: &[u8]) -> Result<Self, DecodeError> {
         match message_type {
-            0 => Ok(Self::PreKey(PreKeyMessage::try_from(ciphertext)?)),
-            1 => Ok(Self::Normal(Message::try_from(ciphertext)?)),
+            0 => Ok(Self::PreKey(PreKeyMessage::from_bytes(ciphertext)?)),
+            1 => Ok(Self::Normal(Message::from_bytes(ciphertext)?)),
             m => Err(DecodeError::MessageType(m)),
         }
     }
@@ -110,14 +110,13 @@ impl OlmMessage {
         }
     }
 
-    /// Convert the `OlmMessage` into a message type, and base64 encoded message
-    /// tuple.
-    pub fn to_parts(self) -> (usize, String) {
+    /// Convert the `OlmMessage` into a message type, and message bytes tuple.
+    pub fn to_parts(&self) -> (usize, Vec<u8>) {
         let message_type = self.message_type();
 
         match self {
-            OlmMessage::Normal(m) => (message_type.into(), m.to_base64()),
-            OlmMessage::PreKey(m) => (message_type.into(), m.to_base64()),
+            OlmMessage::Normal(m) => (message_type.into(), m.to_bytes()),
+            OlmMessage::PreKey(m) => (message_type.into(), m.to_bytes()),
         }
     }
 }
@@ -156,8 +155,10 @@ use olm_rs::session::OlmMessage as LibolmMessage;
 impl From<LibolmMessage> for OlmMessage {
     fn from(other: LibolmMessage) -> Self {
         let (message_type, ciphertext) = other.to_tuple();
+        let ciphertext_bytes = base64_decode(ciphertext).expect("Can't decode base64");
 
-        Self::from_parts(message_type.into(), &ciphertext).expect("Can't decode a libolm message")
+        Self::from_parts(message_type.into(), ciphertext_bytes.as_slice())
+            .expect("Can't decode a libolm message")
     }
 }
 
@@ -247,27 +248,31 @@ mod tests {
 
     #[test]
     fn from_parts() -> Result<()> {
-        let message = OlmMessage::from_parts(0, PRE_KEY_MESSAGE)?;
+        let message = OlmMessage::from_parts(0, base64_decode(PRE_KEY_MESSAGE)?.as_slice())?;
         assert_matches!(message, OlmMessage::PreKey(_));
         assert_eq!(
             message.message_type(),
             MessageType::PreKey,
             "Expected message to be recognized as a pre-key Olm message."
         );
         assert_eq!(message.message(), PRE_KEY_MESSAGE_CIPHERTEXT);
-        assert_eq!(message.to_parts(), (0, PRE_KEY_MESSAGE.to_string()), "Roundtrip not identity.");
+        assert_eq!(
+            message.to_parts(),
+            (0, base64_decode(PRE_KEY_MESSAGE)?),
+            "Roundtrip not identity."
+        );
 
-        let message = OlmMessage::from_parts(1, MESSAGE)?;
+        let message = OlmMessage::from_parts(1, base64_decode(MESSAGE)?.as_slice())?;
         assert_matches!(message, OlmMessage::Normal(_));
         assert_eq!(
             message.message_type(),
             MessageType::Normal,
             "Expected message to be recognized as a normal Olm message."
         );
         assert_eq!(message.message(), MESSAGE_CIPHERTEXT);
-        assert_eq!(message.to_parts(), (1, MESSAGE.to_string()), "Roundtrip not identity.");
+        assert_eq!(message.to_parts(), (1, base64_decode(MESSAGE)?), "Roundtrip not identity.");
 
-        OlmMessage::from_parts(3, PRE_KEY_MESSAGE)
+        OlmMessage::from_parts(3, base64_decode(PRE_KEY_MESSAGE)?.as_slice())
             .expect_err("Unknown message types can't be parsed");
 
         Ok(())