aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/eu/siacs/conversations/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* be more careful when publishing device bundleDaniel Gultsch2015-09-171-0/+14
|
* indicate broken pep in server infoDaniel Gultsch2015-09-061-0/+4
|
* Only show that have sessions in fingerprint listAndreas Straub2015-09-062-5/+21
| | | | | | | | | Doesn't access database directly anymore but goes through AxolotlService now to obtain list of fingerprints associated with an Account/Contact. This should prevent orphaned keys littering the UI which previously couldn't be removed through the Clear Devices function. Together with 1c79982da84964c1d81179a0927d9cd1eadf53de this fixes #1393
* Don't manually add keys to the storeAndreas Straub2015-09-061-2/+0
| | | | | | | There is no need to preemptively add the keys to the store oneself. SessionBuilder will take care of this for us. What's more, this will prevent IdentityKeys from otherwise invalid bundles to show up in our UI.
* Never build a session with oneselfAndreas Straub2015-09-052-9/+12
| | | | | | | | | | | | | | If we detect our own ID is not in our own devicelist on receiving an update, we reannounce ourselves. This used to have the side effect of modifying the list of devices we thought were in the update set, causing us to accidentally build a session with ourselves. This lead to our own key being set to TRUSTED_INACTIVE, resulting in red lock icons on messages sent by the own device. We fix this by having publishOwnDeviceId() operate on a copy of the original set. This commit also includes a db migration which deletes sessions with oneself and sets own keys back to TRUSTED.
* use same method to add message hints to otr message everywhere it is neededDaniel Gultsch2015-09-011-4/+2
|
* Fix error handling for announce check retrievalAndreas Straub2015-08-261-3/+3
| | | | | Only aborts when a timeout was received. Error conditions (most notably item-not-found) are interpreted as no other devices existing.
* Only announce device after publishing bundleAndreas Straub2015-08-261-6/+18
|
* Fix key publishingAndreas Straub2015-08-261-72/+68
| | | | | | | Remove invalid check for result code, which prevented publishing if the node was empty to begin with. Fix pepBroken check
* Add more logging to pep attemp counter logicAndreas Straub2015-08-251-0/+1
|
* Limit number of PEP publish triesAndreas Straub2015-08-251-9/+42
| | | | | | If PEP publish tries are repeatedly triggered by empty PEP updates, stop attempting to publish after 3 tries. This should work around broken PEP implementations in older ejabberd and OpenFire versions.
* Pass through device IDs when updating own listAndreas Straub2015-08-251-17/+17
|
* cleared up some error messages in axolotl service and execute ↵Daniel Gultsch2015-08-251-3/+7
| | | | publishOwnDevicesWhenNeeded() only if processing our own jid
* Add error handling to OMEMO PEP codeAndreas Straub2015-08-231-116/+131
| | | | Log received errors and abort processing
* catch null pointer in ScramSHA1 saslDaniel Gultsch2015-08-161-0/+3
|
* Increase number of published prekeys for releaseAndreas Straub2015-08-071-1/+1
|
* Let UNTRUSTED/UNDECIDED keys become INACTIVEAndreas Straub2015-08-013-79/+94
|
* Provide process function for key transport messageAndreas Straub2015-07-313-18/+83
|
* Refactor axolotl message processing workflowAndreas Straub2015-07-313-152/+116
| | | | | | | | | | | | | | XmppAxolotlMessage is now entirely responsible for handling encryption and decryption of messages, only leveraging XmppAxolotlSession as a packing/unpacking primitive for payload keys. Removed pseudo-dead session generation code step from prepareMessage function, as sessions have been created by invoking the TrustKeysActivity for a while now. Added prepareKeyTransportMessage function, which creates a message with no payload. The key that is packed into the header keyElements can then be used for other purposes (e.g. encrypted file transfer).
* Reformat codeAndreas Straub2015-07-313-86/+87
|
* Change to new wire protocol versionAndreas Straub2015-07-314-72/+111
|
* Fix NPE: consider unknown keys UNDECIDEDAndreas Straub2015-07-291-1/+2
|
* Refactor out inner classes, cache trust storeAndreas Straub2015-07-294-563/+613
| | | | | | | Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes. IdentityKeys trust statuses are now cached in an LruCache to prevent hammering the database when rendering the UI.
* Always build own device session automaticallyAndreas Straub2015-07-221-6/+13
|
* Add INACTIVE state for removed keysAndreas Straub2015-07-211-11/+43
| | | | | | | | | | | | | We introduce a new trust state: INACTIVE. This state is intended for old keys that have been removed. When a TRUSTED device is removed from the PEP devicelist, it's status will be set to INACTIVE. INACTIVE keys are shown in the UI as greyed out, non-interactible key rows. Messages are not encrypted for INACTIVE devices. When an INACTIVE device reappears in PEP, or a message is received from an INACTIVE device, it is set back to trusted.
* Fill own device sessions into SessionMapAndreas Straub2015-07-211-7/+14
|
* and now do that properlyDaniel Gultsch2015-07-211-1/+1
|
* bugfix: also add no-permanent-storage to message hintsDaniel Gultsch2015-07-211-1/+1
|
* Use properly fixed numeral values in Trust enumAndreas Straub2015-07-211-4/+26
| | | | Why, oh God, why?! #thanksjamesgosling
* Remove unused importAndreas Straub2015-07-211-1/+0
|
* Switch payload encryption to AES-GCMAndreas Straub2015-07-213-17/+46
| | | | This also ensures that the IV is generated with proper randomness.
* Also decrypt messages from UNTRUSTED sessionsAndreas Straub2015-07-201-1/+1
|
* Refactor axolotl send processing/caching flowAndreas Straub2015-07-201-9/+8
|
* Start TrustKeysActivity if no keys are TRUSTEDAndreas Straub2015-07-201-6/+6
| | | | | If there are no UNDECIDED keys, but none of the contact's keys are trusted, redirect the user to the TrustKeysActivity
* Add purge axolotl key optionAndreas Straub2015-07-202-30/+61
| | | | Can now long-press a key to permanently purge it.
* attempt to fix the delay problemDaniel Gultsch2015-07-201-5/+5
|
* Lock TrustKeys if no trusted keys are availableAndreas Straub2015-07-201-0/+8
|
* Optimize importsAndreas Straub2015-07-204-27/+24
|
* Ask for key trust when sending messagesAndreas Straub2015-07-191-37/+88
| | | | | | If the contact (or the own account) has keys that have UNDECIDED trust, we now drop the user into the new TrustKeysActivity, where they have to decide for each new key whether it should be TRUSTED or UNTRUSTED.
* Send correct body for HTTP filesAndreas Straub2015-07-191-1/+7
| | | | | When using HTTP upload to send files, take care to transmit only the URL rather than the entire body, which contains metadata.
* Fix trust status for outgoing messagesAndreas Straub2015-07-191-8/+8
| | | | | | Tag sent messages with own fingerprint, set own fingerprint as always trusted, include own fingerprint in database trust search, explicitly reset trust colorfilter
* Ensure that available sessions are always usedAndreas Straub2015-07-191-9/+30
| | | | | | | | | | | | | | | | | | Any time a new session is established, call syncRosterToDisk() to ensure that on subsequent restoreFromDatabase() calls, the roster is actually available. This is important so that initAccountServices() can properly initialize the SessionMap. This prevents a race condition where after adding a new account and initiating sessions with it, if the app is killed (e.g. by reinstall) before triggering a syncRosterToDisk(), subsequent restores will not have the roster available, leading to missing XmppAxolotlSessions in the SessionMap cache. As a result of this, a new session was initiated when sending a new message, and received messages could not be tagged with the originating session's fingerprint. As an added sanity check, go to the database to confirm no records are present before creating fresh XmppAxolotlSession objects (both in the sending and receiving case).
* Fix and expand key regeneration functionAndreas Straub2015-07-191-9/+18
| | | | | | Wipe session cache to prevent stale sessions being used. Wipe fetch status cache to enable recreation of sessions. Regenerate deviceId, so that foreign devices will talk to us again.
* Overhauled Message taggingAndreas Straub2015-07-192-43/+68
| | | | | | Messages are now tagged with the IdentityKey fingerprint of the originating session. IdentityKeys have one of three trust states: undecided (default), trusted, and untrusted/not yet trusted.
* Use full int range for device IDsAndreas Straub2015-07-191-1/+1
|
* Clean up unused constantAndreas Straub2015-07-191-1/+0
|
* Make some fields finalAndreas Straub2015-07-191-3/+3
|
* Clean up loggingAndreas Straub2015-07-191-54/+61
| | | | | Add a fixed prefix to axolotl-related log messages, set log levels sensibly.
* Add basic PEP managemend UI to EditAccountActivityAndreas Straub2015-07-191-0/+33
| | | | | | | | | EditAccountActivity now show own fingerprint, and gives an option to regenerate local keying material (and wipe all sessions associated with the old keys in the process). It also now displays a list of other own devices, and gives an option to remove all but the current device.
* Fix devicelist update handlingAndreas Straub2015-07-191-0/+5
| | | | | | No longer store own device ID (so that we don't encrypt messages for ourselves), verify that own device ID is present in update list (otherwise republish), reflect update in UI.