From ae76cf2007af0f1172c3f6e1fdac998fc21296d9 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Thu, 12 Oct 2023 06:35:50 -0700 Subject: [PATCH 1/8] Expose GroupID on MLSMessage --- include/mls/messages.h | 3 +++ include/mls/state.h | 7 +++++-- src/messages.cpp | 14 ++++++++++++++ src/state.cpp | 24 ++++++++++++++++++++---- 4 files changed, 42 insertions(+), 6 deletions(-) diff --git a/include/mls/messages.h b/include/mls/messages.h index a660aeb0..b2ea8fe4 100644 --- a/include/mls/messages.h +++ b/include/mls/messages.h @@ -574,6 +574,7 @@ struct PublicMessage { PublicMessage() = default; + bytes get_group_id() const { return content.group_id; } epoch_t get_epoch() const { return content.epoch; } static PublicMessage protect(AuthenticatedContent content_auth, @@ -611,6 +612,7 @@ struct PrivateMessage { PrivateMessage() = default; + bytes get_group_id() const { return group_id; } epoch_t get_epoch() const { return epoch; } static PrivateMessage protect(AuthenticatedContent content_auth, @@ -649,6 +651,7 @@ struct MLSMessage var::variant message; + bytes group_id() const; epoch_t epoch() const; WireFormat wire_format() const; diff --git a/include/mls/state.h b/include/mls/state.h index 329aadb0..3d25fcbb 100644 --- a/include/mls/state.h +++ b/include/mls/state.h @@ -151,6 +151,11 @@ class State bytes epoch_authenticator() const; + /// + /// Unwrap messages so that applications can inspect them + /// + AuthenticatedContent unwrap(const MLSMessage& msg); + /// /// Application encryption and decryption /// @@ -334,8 +339,6 @@ class State template MLSMessage protect_full(Inner&& content, const MessageOpts& msg_opts); - AuthenticatedContent unprotect_to_content_auth(const MLSMessage& msg); - // Apply the changes requested by various messages LeafIndex apply(const Add& add); void apply(LeafIndex target, const Update& update); diff --git a/src/messages.cpp b/src/messages.cpp index 37da6311..0119fc5a 100644 --- a/src/messages.cpp +++ b/src/messages.cpp @@ -832,6 +832,20 @@ PrivateMessage::PrivateMessage(GroupContent content, { } +bytes +MLSMessage::group_id() const +{ + return var::visit( + overloaded{ + [](const PublicMessage& pt) -> bytes { return pt.get_group_id(); }, + [](const PrivateMessage& pt) -> bytes { return pt.get_group_id(); }, + [](const auto& /* unused */) -> bytes { + throw InvalidParameterError("MLSMessage has no group_id"); + }, + }, + message); +} + epoch_t MLSMessage::epoch() const { diff --git a/src/state.cpp b/src/state.cpp index c45b6335..f5361ea5 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -408,7 +408,7 @@ State::protect(AuthenticatedContent&& content_auth, size_t padding_size) } AuthenticatedContent -State::unprotect_to_content_auth(const MLSMessage& msg) +State::unwrap(const MLSMessage& msg) { if (msg.version != ProtocolVersion::mls10) { throw InvalidParameterError("Unsupported version"); @@ -416,6 +416,14 @@ State::unprotect_to_content_auth(const MLSMessage& msg) const auto unprotect = overloaded{ [&](const PublicMessage& pt) -> AuthenticatedContent { + if (pt.get_group_id() != _group_id) { + throw ProtocolError("PublicMessage not for this group"); + } + + if (pt.get_epoch() != _epoch) { + throw ProtocolError("PublicMessage not for this epoch"); + } + auto maybe_content_auth = pt.unprotect(_suite, _key_schedule.membership_key, group_context()); if (!maybe_content_auth) { @@ -425,6 +433,14 @@ State::unprotect_to_content_auth(const MLSMessage& msg) }, [&](const PrivateMessage& ct) -> AuthenticatedContent { + if (ct.get_group_id() != _group_id) { + throw ProtocolError("PrivateMessage not for this group"); + } + + if (ct.get_epoch() != _epoch) { + throw ProtocolError("PrivateMessage not for this epoch"); + } + auto maybe_content_auth = ct.unprotect(_suite, _keys, _key_schedule.sender_data_secret); if (!maybe_content_auth) { @@ -797,7 +813,7 @@ State::handle(const MLSMessage& msg, std::optional cached_state, const std::optional& expected_params) { - auto content_auth = unprotect_to_content_auth(msg); + auto content_auth = unwrap(msg); if (!verify(content_auth)) { throw InvalidParameterError("Message signature failed to verify"); } @@ -1136,7 +1152,7 @@ State::Tombstone State::handle_reinit_commit(const MLSMessage& commit_msg) { // Verify the signature and process the commit - auto content_auth = unprotect_to_content_auth(commit_msg); + auto content_auth = unwrap(commit_msg); if (!verify(content_auth)) { throw InvalidParameterError("Message signature failed to verify"); } @@ -1417,7 +1433,7 @@ State::protect(const bytes& authenticated_data, std::tuple State::unprotect(const MLSMessage& ct) { - auto content_auth = unprotect_to_content_auth(ct); + auto content_auth = unwrap(ct); if (!verify(content_auth)) { throw InvalidParameterError("Message signature failed to verify"); From caf88b06ae13c1a086df835f84c0ee593b2ab7c8 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Mon, 27 Nov 2023 11:35:35 -0500 Subject: [PATCH 2/8] Provide handle() complementary to unwrap() --- include/mls/state.h | 8 ++++++++ src/state.cpp | 27 +++++++++++++++++++-------- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/include/mls/state.h b/include/mls/state.h index 3d25fcbb..f9b2cf83 100644 --- a/include/mls/state.h +++ b/include/mls/state.h @@ -122,6 +122,14 @@ class State std::optional handle(const MLSMessage& msg); std::optional handle(const MLSMessage& msg, std::optional cached_state); + + // In general, you should avoid these methods and prefer the MLSMessage + // variants. They are provided for cases where a message recipient wishes to + // unwrap and inspect a message before handling it. + std::optional handle(const AuthenticatedContent& content_auth); + std::optional handle(const AuthenticatedContent& content_auth, + std::optional cached_state); + /// /// PSK management /// diff --git a/src/state.cpp b/src/state.cpp index f5361ea5..99f26769 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -799,13 +799,25 @@ State::group_context() const std::optional State::handle(const MLSMessage& msg) { - return handle(msg, std::nullopt, std::nullopt); + return handle(unwrap(msg), std::nullopt, std::nullopt); } std::optional State::handle(const MLSMessage& msg, std::optional cached_state) { - return handle(msg, std::move(cached_state), std::nullopt); + return handle(unwrap(msg), std::move(cached_state), std::nullopt); +} + +std::optional +State::handle(const AuthenticatedContent& content_auth) +{ + return handle(content_auth, std::nullopt, std::nullopt); +} + +std::optional +State::handle(const AuthenticatedContent& content_auth, std::optional cached_state) +{ + return handle(content_auth, std::move(cached_state), std::nullopt); } std::optional @@ -813,12 +825,7 @@ State::handle(const MLSMessage& msg, std::optional cached_state, const std::optional& expected_params) { - auto content_auth = unwrap(msg); - if (!verify(content_auth)) { - throw InvalidParameterError("Message signature failed to verify"); - } - - return handle(content_auth, std::move(cached_state), expected_params); + return handle(unwrap(msg), std::move(cached_state), expected_params); } std::optional @@ -836,6 +843,10 @@ State::handle(const AuthenticatedContent& content_auth, throw InvalidParameterError("Epoch mismatch"); } + if (!verify(content_auth)) { + throw InvalidParameterError("Message signature failed to verify"); + } + // Dispatch on content type switch (content.content_type()) { // Proposals get queued, do not result in a state transition From 70d6c2fb99bed91167586d8b1f05400f9504e940 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Mon, 27 Nov 2023 11:54:37 -0500 Subject: [PATCH 3/8] Add GroupInfo branch; remove redundant checks --- src/messages.cpp | 3 ++- src/state.cpp | 24 ++++++++++-------------- 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/src/messages.cpp b/src/messages.cpp index 0119fc5a..8dbcb7f5 100644 --- a/src/messages.cpp +++ b/src/messages.cpp @@ -838,7 +838,8 @@ MLSMessage::group_id() const return var::visit( overloaded{ [](const PublicMessage& pt) -> bytes { return pt.get_group_id(); }, - [](const PrivateMessage& pt) -> bytes { return pt.get_group_id(); }, + [](const PrivateMessage& ct) -> bytes { return ct.get_group_id(); }, + [](const GroupInfo& gi) -> bytes { return gi.group_context.group_id; }, [](const auto& /* unused */) -> bytes { throw InvalidParameterError("MLSMessage has no group_id"); }, diff --git a/src/state.cpp b/src/state.cpp index 99f26769..f780af87 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -454,7 +454,12 @@ State::unwrap(const MLSMessage& msg) }, }; - return var::visit(unprotect, msg.message); + const auto content_auth = var::visit(unprotect, msg.message); + if (!verify(content_auth)) { + throw InvalidParameterError("Message signature failed to verify"); + } + + return content_auth; } Proposal @@ -833,21 +838,12 @@ State::handle(const AuthenticatedContent& content_auth, std::optional cached_state, const std::optional& expected_params) { - // Validate the GroupContent - const auto& content = content_auth.content; - if (content.group_id != _group_id) { - throw InvalidParameterError("GroupID mismatch"); - } - - if (content.epoch != _epoch) { - throw InvalidParameterError("Epoch mismatch"); - } - - if (!verify(content_auth)) { - throw InvalidParameterError("Message signature failed to verify"); - } + // XXX(RLB): We assume that the AuthenticatedContent has come to us by way of + // `unwrap()`, so that its authenticity has already been checked. This avoids + // duplicate signature verification. // Dispatch on content type + const auto& content = content_auth.content; switch (content.content_type()) { // Proposals get queued, do not result in a state transition case ContentType::proposal: From 05d681dd3ec209e20e840c75ba3ea1d8d97fcbc8 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Mon, 27 Nov 2023 12:44:53 -0500 Subject: [PATCH 4/8] clang-format --- src/state.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/state.cpp b/src/state.cpp index f780af87..d53a9383 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -820,7 +820,8 @@ State::handle(const AuthenticatedContent& content_auth) } std::optional -State::handle(const AuthenticatedContent& content_auth, std::optional cached_state) +State::handle(const AuthenticatedContent& content_auth, + std::optional cached_state) { return handle(content_auth, std::move(cached_state), std::nullopt); } From 06d19b462404028dd6f28de2c19ca770ccf71828 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Thu, 7 Dec 2023 15:20:18 -0500 Subject: [PATCH 5/8] ValidatedContent --- include/mls/messages.h | 21 +++++++++++++++++-- include/mls/state.h | 13 +++++------- lib/mls_vectors/src/mls_vectors.cpp | 5 +++-- src/messages.cpp | 28 ++++++++++++++++++++------ src/state.cpp | 31 ++++++++++++++--------------- test/messages.cpp | 6 ++++-- 6 files changed, 68 insertions(+), 36 deletions(-) diff --git a/include/mls/messages.h b/include/mls/messages.h index b2ea8fe4..a7365d0b 100644 --- a/include/mls/messages.h +++ b/include/mls/messages.h @@ -570,6 +570,23 @@ struct AuthenticatedContent friend struct PrivateMessage; }; +struct ValidatedContent +{ + public: + const AuthenticatedContent& authenticated_content() const; + + friend bool operator==(const ValidatedContent& lhs, const ValidatedContent& rhs); + + private: + AuthenticatedContent content_auth; + + ValidatedContent(AuthenticatedContent content_auth_in); + + friend struct PublicMessage; + friend struct PrivateMessage; + friend class State; +}; + struct PublicMessage { PublicMessage() = default; @@ -581,7 +598,7 @@ struct PublicMessage CipherSuite suite, const std::optional& membership_key, const std::optional& context); - std::optional unprotect( + std::optional unprotect( CipherSuite suite, const std::optional& membership_key, const std::optional& context) const; @@ -620,7 +637,7 @@ struct PrivateMessage GroupKeySource& keys, const bytes& sender_data_secret, size_t padding_size); - std::optional unprotect( + std::optional unprotect( CipherSuite suite, GroupKeySource& keys, const bytes& sender_data_secret) const; diff --git a/include/mls/state.h b/include/mls/state.h index f9b2cf83..1741d10d 100644 --- a/include/mls/state.h +++ b/include/mls/state.h @@ -117,17 +117,14 @@ class State const MessageOpts& msg_opts); /// - /// Generic handshake message handler + /// Generic handshake message handlers /// std::optional handle(const MLSMessage& msg); std::optional handle(const MLSMessage& msg, std::optional cached_state); - // In general, you should avoid these methods and prefer the MLSMessage - // variants. They are provided for cases where a message recipient wishes to - // unwrap and inspect a message before handling it. - std::optional handle(const AuthenticatedContent& content_auth); - std::optional handle(const AuthenticatedContent& content_auth, + std::optional handle(const ValidatedContent& content_auth); + std::optional handle(const ValidatedContent& content_auth, std::optional cached_state); /// @@ -162,7 +159,7 @@ class State /// /// Unwrap messages so that applications can inspect them /// - AuthenticatedContent unwrap(const MLSMessage& msg); + ValidatedContent unwrap(const MLSMessage& msg); /// /// Application encryption and decryption @@ -331,7 +328,7 @@ class State std::optional cached_state, const std::optional& expected_params); std::optional handle( - const AuthenticatedContent& content_auth, + const ValidatedContent& val_content, std::optional cached_state, const std::optional& expected_params); diff --git a/lib/mls_vectors/src/mls_vectors.cpp b/lib/mls_vectors/src/mls_vectors.cpp index ea44bdef..c05762c5 100644 --- a/lib/mls_vectors/src/mls_vectors.cpp +++ b/lib/mls_vectors/src/mls_vectors.cpp @@ -880,7 +880,7 @@ MessageProtectionTestVector::unprotect(const MLSMessage& message) auto keys = group_keys(); return ct.unprotect(cipher_suite, keys, sender_data_secret); }, - [](const auto& /* other */) -> std::optional { + [](const auto& /* other */) -> std::optional { return std::nullopt; } }; @@ -890,7 +890,8 @@ MessageProtectionTestVector::unprotect(const MLSMessage& message) return std::nullopt; } - auto auth_content = opt::get(maybe_auth_content); + auto val_content = opt::get(maybe_auth_content); + const auto& auth_content = val_content.authenticated_content(); if (!auth_content.verify(cipher_suite, signature_pub, group_context())) { return std::nullopt; } diff --git a/src/messages.cpp b/src/messages.cpp index 8dbcb7f5..148eb811 100644 --- a/src/messages.cpp +++ b/src/messages.cpp @@ -464,6 +464,22 @@ AuthenticatedContent::AuthenticatedContent(WireFormat wire_format_in, { } +const AuthenticatedContent& +ValidatedContent::authenticated_content() const +{ + return content_auth; +} + +ValidatedContent::ValidatedContent(AuthenticatedContent content_auth_in) + : content_auth(content_auth_in) +{} + +bool +operator==(const ValidatedContent& lhs, const ValidatedContent& rhs) +{ + return lhs.content_auth == rhs.content_auth; +} + struct GroupContentTBS { WireFormat wire_format = WireFormat::reserved; @@ -526,7 +542,7 @@ PublicMessage::protect(AuthenticatedContent content_auth, return pt; } -std::optional +std::optional PublicMessage::unprotect(CipherSuite suite, const std::optional& membership_key, const std::optional& context) const @@ -545,11 +561,11 @@ PublicMessage::unprotect(CipherSuite suite, break; } - return AuthenticatedContent{ + return { { AuthenticatedContent{ WireFormat::mls_public_message, content, auth, - }; + } } }; } bool @@ -756,7 +772,7 @@ PrivateMessage::protect(AuthenticatedContent content_auth, }; } -std::optional +std::optional PrivateMessage::unprotect(CipherSuite suite, GroupKeySource& keys, const bytes& sender_data_secret) const @@ -813,11 +829,11 @@ PrivateMessage::unprotect(CipherSuite suite, unmarshal_ciphertext_content(opt::get(content_pt), content, auth); - return AuthenticatedContent{ + return { { AuthenticatedContent{ WireFormat::mls_private_message, std::move(content), std::move(auth), - }; + } } }; } PrivateMessage::PrivateMessage(GroupContent content, diff --git a/src/state.cpp b/src/state.cpp index d53a9383..f7ee29ff 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -407,7 +407,7 @@ State::protect(AuthenticatedContent&& content_auth, size_t padding_size) } } -AuthenticatedContent +ValidatedContent State::unwrap(const MLSMessage& msg) { if (msg.version != ProtocolVersion::mls10) { @@ -415,7 +415,7 @@ State::unwrap(const MLSMessage& msg) } const auto unprotect = overloaded{ - [&](const PublicMessage& pt) -> AuthenticatedContent { + [&](const PublicMessage& pt) -> ValidatedContent { if (pt.get_group_id() != _group_id) { throw ProtocolError("PublicMessage not for this group"); } @@ -432,7 +432,7 @@ State::unwrap(const MLSMessage& msg) return opt::get(maybe_content_auth); }, - [&](const PrivateMessage& ct) -> AuthenticatedContent { + [&](const PrivateMessage& ct) -> ValidatedContent { if (ct.get_group_id() != _group_id) { throw ProtocolError("PrivateMessage not for this group"); } @@ -449,17 +449,17 @@ State::unwrap(const MLSMessage& msg) return opt::get(maybe_content_auth); }, - [](const auto& /* unused */) -> AuthenticatedContent { + [](const auto& /* unused */) -> ValidatedContent { throw ProtocolError("Invalid wire format"); }, }; - const auto content_auth = var::visit(unprotect, msg.message); - if (!verify(content_auth)) { + const auto val_content = var::visit(unprotect, msg.message); + if (!verify(val_content.content_auth)) { throw InvalidParameterError("Message signature failed to verify"); } - return content_auth; + return val_content; } Proposal @@ -814,13 +814,13 @@ State::handle(const MLSMessage& msg, std::optional cached_state) } std::optional -State::handle(const AuthenticatedContent& content_auth) +State::handle(const ValidatedContent& content_auth) { return handle(content_auth, std::nullopt, std::nullopt); } std::optional -State::handle(const AuthenticatedContent& content_auth, +State::handle(const ValidatedContent& content_auth, std::optional cached_state) { return handle(content_auth, std::move(cached_state), std::nullopt); @@ -835,15 +835,12 @@ State::handle(const MLSMessage& msg, } std::optional -State::handle(const AuthenticatedContent& content_auth, +State::handle(const ValidatedContent& val_content, std::optional cached_state, const std::optional& expected_params) { - // XXX(RLB): We assume that the AuthenticatedContent has come to us by way of - // `unwrap()`, so that its authenticity has already been checked. This avoids - // duplicate signature verification. - // Dispatch on content type + const auto& content_auth = val_content.authenticated_content(); const auto& content = content_auth.content; switch (content.content_type()) { // Proposals get queued, do not result in a state transition @@ -1160,7 +1157,8 @@ State::Tombstone State::handle_reinit_commit(const MLSMessage& commit_msg) { // Verify the signature and process the commit - auto content_auth = unwrap(commit_msg); + const auto val_content = unwrap(commit_msg); + const auto& content_auth = val_content.authenticated_content(); if (!verify(content_auth)) { throw InvalidParameterError("Message signature failed to verify"); } @@ -1441,7 +1439,8 @@ State::protect(const bytes& authenticated_data, std::tuple State::unprotect(const MLSMessage& ct) { - auto content_auth = unwrap(ct); + const auto val_content = unwrap(ct); + const auto& content_auth = val_content.authenticated_content(); if (!verify(content_auth)) { throw InvalidParameterError("Message signature failed to verify"); diff --git a/test/messages.cpp b/test/messages.cpp index 033c9fac..2f28fe6d 100644 --- a/test/messages.cpp +++ b/test/messages.cpp @@ -129,7 +129,8 @@ TEST_CASE_FIXTURE(MLSMessageTest, "PublicMessage Protect/Unprotect") auto pt = PublicMessage::protect( content_auth_original, suite, membership_key, context); - auto content_auth_unprotected = pt.unprotect(suite, membership_key, context); + auto val_auth_unprotected = pt.unprotect(suite, membership_key, context); + const auto& content_auth_unprotected = opt::get(val_auth_unprotected).authenticated_content(); REQUIRE(content_auth_unprotected == content_auth_original); } @@ -145,7 +146,8 @@ TEST_CASE_FIXTURE(MLSMessageTest, "PrivateMessage Protect/Unprotect") auto ct = PrivateMessage::protect( content_auth_original, suite, keys, sender_data_secret, padding_size); - auto content_auth_unprotected = ct.unprotect(suite, keys, sender_data_secret); + auto val_auth_unprotected = ct.unprotect(suite, keys, sender_data_secret); + const auto& content_auth_unprotected = opt::get(val_auth_unprotected).authenticated_content(); REQUIRE(content_auth_unprotected == content_auth_original); } From fd2c871059ca1b1a6a490b0e732eb4549b08cea8 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Fri, 15 Dec 2023 15:53:10 -0500 Subject: [PATCH 6/8] clang-format --- include/mls/messages.h | 6 +++--- lib/mls_vectors/src/mls_vectors.cpp | 24 ++++++++++++------------ src/messages.cpp | 3 ++- test/messages.cpp | 6 ++++-- 4 files changed, 21 insertions(+), 18 deletions(-) diff --git a/include/mls/messages.h b/include/mls/messages.h index a7365d0b..c7442a8f 100644 --- a/include/mls/messages.h +++ b/include/mls/messages.h @@ -572,12 +572,12 @@ struct AuthenticatedContent struct ValidatedContent { - public: const AuthenticatedContent& authenticated_content() const; - friend bool operator==(const ValidatedContent& lhs, const ValidatedContent& rhs); + friend bool operator==(const ValidatedContent& lhs, + const ValidatedContent& rhs); - private: +private: AuthenticatedContent content_auth; ValidatedContent(AuthenticatedContent content_auth_in); diff --git a/lib/mls_vectors/src/mls_vectors.cpp b/lib/mls_vectors/src/mls_vectors.cpp index c05762c5..5d31e226 100644 --- a/lib/mls_vectors/src/mls_vectors.cpp +++ b/lib/mls_vectors/src/mls_vectors.cpp @@ -872,18 +872,18 @@ MessageProtectionTestVector::protect_priv( std::optional MessageProtectionTestVector::unprotect(const MLSMessage& message) { - auto do_unprotect = overloaded{ - [&](const PublicMessage& pt) { - return pt.unprotect(cipher_suite, membership_key, group_context()); - }, - [&](const PrivateMessage& ct) { - auto keys = group_keys(); - return ct.unprotect(cipher_suite, keys, sender_data_secret); - }, - [](const auto& /* other */) -> std::optional { - return std::nullopt; - } - }; + auto do_unprotect = + overloaded{ [&](const PublicMessage& pt) { + return pt.unprotect( + cipher_suite, membership_key, group_context()); + }, + [&](const PrivateMessage& ct) { + auto keys = group_keys(); + return ct.unprotect(cipher_suite, keys, sender_data_secret); + }, + [](const auto& /* other */) -> std::optional { + return std::nullopt; + } }; auto maybe_auth_content = var::visit(do_unprotect, message.message); if (!maybe_auth_content) { diff --git a/src/messages.cpp b/src/messages.cpp index 148eb811..16a06b84 100644 --- a/src/messages.cpp +++ b/src/messages.cpp @@ -472,7 +472,8 @@ ValidatedContent::authenticated_content() const ValidatedContent::ValidatedContent(AuthenticatedContent content_auth_in) : content_auth(content_auth_in) -{} +{ +} bool operator==(const ValidatedContent& lhs, const ValidatedContent& rhs) diff --git a/test/messages.cpp b/test/messages.cpp index 5253407b..a2f514fa 100644 --- a/test/messages.cpp +++ b/test/messages.cpp @@ -130,7 +130,8 @@ TEST_CASE_METHOD(MLSMessageTest, "PublicMessage Protect/Unprotect") auto pt = PublicMessage::protect( content_auth_original, suite, membership_key, context); auto val_auth_unprotected = pt.unprotect(suite, membership_key, context); - const auto& content_auth_unprotected = opt::get(val_auth_unprotected).authenticated_content(); + const auto& content_auth_unprotected = + opt::get(val_auth_unprotected).authenticated_content(); REQUIRE(content_auth_unprotected == content_auth_original); } @@ -147,7 +148,8 @@ TEST_CASE_METHOD(MLSMessageTest, "PrivateMessage Protect/Unprotect") auto ct = PrivateMessage::protect( content_auth_original, suite, keys, sender_data_secret, padding_size); auto val_auth_unprotected = ct.unprotect(suite, keys, sender_data_secret); - const auto& content_auth_unprotected = opt::get(val_auth_unprotected).authenticated_content(); + const auto& content_auth_unprotected = + opt::get(val_auth_unprotected).authenticated_content(); REQUIRE(content_auth_unprotected == content_auth_original); } From 57ab3a63a90aa39787eb7a14597706045ce805a9 Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Fri, 15 Dec 2023 16:16:46 -0500 Subject: [PATCH 7/8] clang-tidy --- src/messages.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/messages.cpp b/src/messages.cpp index 16a06b84..8d483193 100644 --- a/src/messages.cpp +++ b/src/messages.cpp @@ -471,7 +471,7 @@ ValidatedContent::authenticated_content() const } ValidatedContent::ValidatedContent(AuthenticatedContent content_auth_in) - : content_auth(content_auth_in) + : content_auth(std::move(content_auth_in)) { } From b0d874c0d5976155271abf5517b9acf953b0558b Mon Sep 17 00:00:00 2001 From: Richard Barnes Date: Fri, 15 Dec 2023 19:17:08 -0500 Subject: [PATCH 8/8] clang-tidy --- src/state.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/state.cpp b/src/state.cpp index f7ee29ff..826503ba 100644 --- a/src/state.cpp +++ b/src/state.cpp @@ -454,7 +454,7 @@ State::unwrap(const MLSMessage& msg) }, }; - const auto val_content = var::visit(unprotect, msg.message); + auto val_content = var::visit(unprotect, msg.message); if (!verify(val_content.content_auth)) { throw InvalidParameterError("Message signature failed to verify"); } @@ -1455,8 +1455,8 @@ State::unprotect(const MLSMessage& ct) } return { - std::move(content_auth.content.authenticated_data), - std::move(var::get(content_auth.content.content).data), + content_auth.content.authenticated_data, + var::get(content_auth.content.content).data, }; }