Daniel Gultsch
c8bd5bc1f5
made OF selfSigned() workaround only available >=kitkat
...
this undos 8a729061d5
. as it turns out 4.1
and 4.0 only break when checking if a cert is self signed.
2017-07-23 07:47:39 +02:00
Daniel Gultsch
85dc0c284d
made omemo always available but in public mucs
2017-07-18 12:51:15 +02:00
Daniel Gultsch
da87eac48e
provide upgrade path for accounts with publish-options
2017-07-18 12:51:15 +02:00
Daniel Gultsch
9a57673130
use publish-options instead of always pushing node configuration
2017-07-18 12:51:15 +02:00
Daniel Gultsch
8d6b2074cb
let hasPendingFetches() return true when fetching device ids
2017-07-18 12:51:15 +02:00
Daniel Gultsch
7a2856ac86
fetch required device ids on demand
2017-07-18 12:51:15 +02:00
Daniel Gultsch
f7258d16e1
explicitly fetch device ids before building sessions in single mode conversation
2017-07-18 12:51:15 +02:00
Daniel Gultsch
25e993693f
change access model of omemo pep nodes after every publish
2017-07-18 12:51:15 +02:00
Daniel Gultsch
6c95897f09
fetch device ids for muc members w/o known devices
2017-07-18 12:51:15 +02:00
Daniel Gultsch
8a729061d5
use CN-workaround for pre-kitkat
2017-07-17 23:13:55 +02:00
Daniel Gultsch
217335703c
fix regression introduces with OF fix. properly fall back to common name
2017-07-17 21:11:15 +02:00
Daniel Gultsch
8afe7efc2c
workaround for OpenFire: check CN first in self signed certs
...
The self signed certificates created by OpenFire (Not sure if other
certs are affected as well) will crash the Java/Android TLS stack when
accessing getSubjectAlternativeNames() on the the peer certificate.
This usually goes unnoticed in other applications since the
DefaultHostnameVerifier checkes the CN first. That however is a
violation of RFC6125 section 6.4.4 which requires us to check for the
existence of SAN first.
This commit adds a work around where in self signed certificates we
check for the CN first as well. (Avoiding the call to
getSubjectAlternativeNames())
2017-07-16 11:05:25 +02:00
Daniel Gultsch
cbce73c301
fixed fingerprint trust (was messed up after library upgrade)
2017-06-25 18:18:13 +02:00
Daniel Gultsch
2ed71df01a
also check for hostname in in certs if hostname is from trusted source
2017-06-21 23:40:01 +02:00
Daniel Gultsch
24768d051d
upgrade to signal-protocol-java. thanks @ysangkok
...
fixes #1384
closes #2509
2017-06-18 16:36:30 +02:00
Daniel Gultsch
f98888d796
display open pgp key id in account details and allow to delete. fixes #2470
2017-05-04 13:02:46 +02:00
Daniel Gultsch
cc1402442a
don't load signed prekeys on startup
2017-05-04 11:03:58 +02:00
cijo-saju
3467a67e75
Removed unused imports from entire project.
2017-04-12 20:24:36 +05:30
Daniel Gultsch
99565a6876
treat URL as file if URL is in oob or contains key
2017-04-05 22:35:42 +02:00
Daniel Gultsch
0c0ff882a9
make x509 verification node world readable
2017-02-24 19:58:46 +01:00
Daniel Gultsch
53241f2ef1
add explicit encryption hints to outgoing messages
2017-01-26 19:19:08 +01:00
Sam Whited
bfc2cffc2f
Add SCRAM-SHA-2 support
2017-01-15 23:43:44 -06:00
Daniel Gultsch
d028f4b398
refactored whispermessage processing
2017-01-15 18:54:47 +01:00
Daniel Gultsch
8f39a594ff
partially improved logging for receiving omemo messages
2017-01-14 18:10:04 +01:00
Daniel Gultsch
bfacc180c5
don't allow to purge keys. offer distrut instead
2017-01-12 15:59:13 +01:00
Daniel Gultsch
2c1d3ef968
fixed avatar republish missing the mime type
2017-01-12 12:20:10 +01:00
Daniel Gultsch
f0c3b31a42
treat omemo keys >= 32 bytes as containing auth tag. add config flag to put auth tag in key
2017-01-09 21:47:07 +01:00
Daniel Gultsch
a1cb855739
adding prekey='true' to omemo messages if applicable
2017-01-09 20:20:02 +01:00
Daniel Gultsch
fcd9ab17fe
don't throw assertion error when building session with same device id from other contact
2016-12-28 22:15:24 +01:00
Daniel Gultsch
e5fff42b10
added omemo padding but disabled by Config.java flag
2016-12-20 16:12:12 +01:00
Daniel Gultsch
fbbf1a37b4
disable removing of broken devices by default
2016-12-18 11:49:27 +01:00
Daniel Gultsch
dbda2afd6d
remove broken devices only once to prevent loops
2016-12-18 11:47:42 +01:00
Daniel Gultsch
87746ca2ba
remove own fetch errors from device announcement
2016-12-16 17:12:26 +01:00
Daniel Gultsch
58de10bcab
use prepped string when building axolotl session
2016-12-01 20:48:39 +01:00
Daniel Gultsch
2ec7165381
update the conversations view (and the lock icon) after receiving device list
2016-11-24 11:28:04 +01:00
Daniel Gultsch
839ef8e14b
introduced blind trust before verification mode
...
read more about the concept on https://gultsch.de/trust.html
2016-11-23 10:42:27 +01:00
Daniel Gultsch
b71aa6d3a4
remove omemo devices from annoucement after 7 days of inactivity
2016-11-19 21:39:16 +01:00
Daniel Gultsch
6362799d56
save last activation time in fingerprint status
2016-11-19 13:34:54 +01:00
Daniel Gultsch
2b9b3be3f1
show 'clear devices' button underneath own devices
2016-11-18 21:49:52 +01:00
Daniel Gultsch
a86a36f570
removed some unecessary logging from omemo message generation
2016-11-18 20:13:09 +01:00
Daniel Gultsch
9d9a9e63ad
removed some very verbose logging from axolotl service
2016-11-18 13:03:02 +01:00
Daniel Gultsch
211354ee26
put omemo fingerprint in own uri (qr code / nfc)
2016-11-17 22:28:45 +01:00
Daniel Gultsch
7e2e42cb11
parse omemo fingerprints from uris
2016-11-17 20:09:42 +01:00
Daniel Gultsch
ad9a8c2281
use base64.nowrap for omemo keys
2016-11-17 10:58:44 +01:00
Daniel Gultsch
d61b00604d
fixed enabling trust toggle. unknown->untrusted
2016-11-15 15:14:21 +01:00
Daniel Gultsch
05fc15be3d
refactore trust enum to be FingerprintStatus class with trust and active
2016-11-14 22:27:41 +01:00
Daniel Gultsch
44ce5df359
write prepped string to db. use display version everywhere else
2016-10-20 17:31:46 +02:00
Daniel Gultsch
dce8149aae
retrigger key selection if openpgp key was deleted
2016-10-19 11:53:55 +02:00
Daniel Gultsch
dc02e2b498
small code reformation in pgp decryption service
2016-10-17 09:52:43 +02:00
Daniel Gultsch
f6cfa27741
synchronize access to json key storage in account model
2016-10-13 11:27:26 +02:00
Daniel Gultsch
1f7f82da7b
respond to chat marker request only when mutual presence subscription exists
2016-10-07 10:05:08 +02:00
Daniel Gultsch
0af13fc746
be more careful parsing integers in omemo
2016-10-06 22:05:18 +02:00
Daniel Gultsch
5ac0e9267d
fixed omemo shown as unavailable in 1:1 chats
2016-10-03 21:04:10 +02:00
Daniel Gultsch
7c6d1d19d5
when activating omemo in conference always check preferences
2016-10-03 10:42:43 +02:00
Daniel Gultsch
badc97e280
don't simply ignore null in message body but try to avoid it
2016-09-18 22:15:02 +02:00
Sam Whited
805717673c
Support ANONYMOUS SASL
2016-09-12 11:30:03 -05:00
Daniel Gultsch
ac9f13a9f2
provide hint on why conference can not be encrypted
2016-09-08 11:01:27 +02:00
Daniel Gultsch
af329eff46
add more logging to pgp engine
2016-08-30 13:12:09 +02:00
Daniel Gultsch
f7933c26d7
don't crash on broken base64 in omemo messages. fixes #1934
2016-06-29 17:18:57 +02:00
Daniel Gultsch
28dc888159
display toast on pgp error
2016-06-19 11:08:17 +02:00
Daniel Gultsch
1eb776f39c
synchronize message body changes for message correction
2016-06-16 11:47:40 +02:00
Daniel Gultsch
60588af825
replace corrected messages in decryption queue
2016-06-15 14:29:25 +02:00
Daniel Gultsch
5f40a7042d
delay notification until after pgp decryption
2016-06-15 12:44:29 +02:00
Daniel Gultsch
39ad426ca9
remove messages from decryption queue when trimming a conversation
2016-06-13 19:06:09 +02:00
Daniel Gultsch
587fb3cca3
refactored pgp decryption
2016-06-13 13:32:14 +02:00
Daniel Gultsch
c06e2787c7
sending warning to receiving client if that client doesn't support omemo.
...
fixes #1873
2016-05-25 23:24:36 +02:00
Daniel Gultsch
5137837f6d
only publish keys if omemo is enabled
2016-05-25 21:55:01 +02:00
Daniel Gultsch
9ce2cfa3d2
resetting fetch status error when mutual subscription is reestablished
2016-05-19 10:47:27 +02:00
Daniel Gultsch
afa3883089
synchronize around identity key generation
2016-05-19 10:39:47 +02:00
Daniel Gultsch
8d0693ed6a
keep conference members in memory and show them in conference details
2016-05-16 19:58:36 +02:00
Daniel Gultsch
908aa19a36
make omemo default when all resources support it
2016-05-12 14:20:11 +02:00
Daniel Gultsch
cc209afc51
stop processing PreKeyWhisperMessage if there is no PreKeyId
...
fixes #1832
2016-05-10 18:11:13 +02:00
Daniel Gultsch
76889b9c58
handle invalid base64 is SASl SCRAM response
2016-05-07 11:34:17 +02:00
Sebastian
544e1dee65
Remove copy of innerkey
...
The line overwrites this.innerkey with the value that was already there.
2016-05-05 17:09:01 +02:00
Daniel Gultsch
6e0ec9b924
republish pgp signature when changing status
2016-05-05 13:17:04 +02:00
klemens
7047d68165
spelling fixes
2016-05-04 10:29:29 +02:00
Sebastian
cf374ec4ef
Renaming of variable
...
Was probably just a copy/paste typo.
2016-05-03 23:35:57 +02:00
Daniel Gultsch
ecaf75e5ec
better detect broken pep
...
mark pep as broken when publishing bundle or device list failed
reset 'brokenness' when account is getting disabled
2016-04-05 13:31:03 +02:00
Daniel Gultsch
a9b66e3ea5
allow to delete attachments. fixes #1539
2016-03-23 19:23:22 +01:00
Daniel Gultsch
281cb65046
only add image files to media scanner
2016-03-23 12:20:09 +01:00
Daniel Gultsch
198dc2c6b4
let users confirm each member in a conference even if that contact is already trusted
2016-03-01 11:26:59 +01:00
Daniel Gultsch
9e0466d1e6
refactored omemo to take multiple recipients
2016-02-29 13:18:07 +01:00
Daniel Gultsch
b00c561f81
check for uuid change when decrypting pgp messages
2016-02-21 11:43:03 +01:00
Daniel Gultsch
fab0a45955
re-read common name from certificates on startup
2016-02-02 13:43:20 +01:00
Daniel Gultsch
43521891f0
show fetch errors in trust keys activity
2016-01-23 11:39:02 +01:00
Andreas Straub
58d213f291
Fix OMEMO session creating loggin
...
Now prints the correct JID to the log when finding devices without
sessions.
2015-12-31 15:48:43 +01:00
Daniel Gultsch
f46cbb38a9
show certificate information
2015-12-23 19:18:53 +01:00
Daniel Gultsch
d0bad09f13
save certificate when verifying with x509
2015-12-23 17:41:26 +01:00
Daniel Gultsch
534013fd0c
store identity key in XmppAxolotlSession instead of the fingerprint
2015-12-19 15:44:11 +01:00
Daniel Gultsch
15c8cb8ac6
add more debugging to certificate checks after new omemo session was established
2015-12-19 12:44:55 +01:00
Daniel Gultsch
15f220747f
some more NPE checks
2015-12-10 23:16:39 +01:00
Daniel Gultsch
1de74c2337
also verify sessions in CBE mode that got created by key transport messages
2015-12-08 17:15:08 +01:00
Daniel Gultsch
23ef1c660a
encrypt pgp messages to self
2015-11-26 17:44:11 +01:00
Daniel Gultsch
a557d38e4d
pgp fixes and revert configuration changes
2015-11-25 20:47:02 +01:00
Daniel Gultsch
fbb7cb99f7
Merge pull request #1558 from fiaxh/pgp_api_9.0
...
Use OpenPGP-API 9.0
2015-11-24 06:52:24 +01:00
fiaxh
2c1f7e115c
PgpEngine: Get account from conversation instead of from contact. fixes #1568 , fixes #1544
2015-11-15 13:24:07 +00:00
fiaxh
fac1d4e0bd
Use OpenPGP-API 9.0
2015-11-09 13:49:57 +00:00
Daniel Gultsch
baf76d883c
indicate cbe in chat message hint
2015-10-31 22:55:04 +01:00
Daniel Gultsch
bca29cf7fd
explicitly mark verified omemo keys in UI
2015-10-31 10:57:57 +01:00
Daniel Gultsch
34bcc59f72
fixed session objects not being build on start up
2015-10-30 12:05:21 +01:00