Daniel Gultsch
5137837f6d
only publish keys if omemo is enabled
2016-05-25 21:55:01 +02:00
Daniel Gultsch
9ce2cfa3d2
resetting fetch status error when mutual subscription is reestablished
2016-05-19 10:47:27 +02:00
Daniel Gultsch
afa3883089
synchronize around identity key generation
2016-05-19 10:39:47 +02:00
Daniel Gultsch
8d0693ed6a
keep conference members in memory and show them in conference details
2016-05-16 19:58:36 +02:00
Daniel Gultsch
908aa19a36
make omemo default when all resources support it
2016-05-12 14:20:11 +02:00
Daniel Gultsch
cc209afc51
stop processing PreKeyWhisperMessage if there is no PreKeyId
...
fixes #1832
2016-05-10 18:11:13 +02:00
Sebastian
544e1dee65
Remove copy of innerkey
...
The line overwrites this.innerkey with the value that was already there.
2016-05-05 17:09:01 +02:00
klemens
7047d68165
spelling fixes
2016-05-04 10:29:29 +02:00
Sebastian
cf374ec4ef
Renaming of variable
...
Was probably just a copy/paste typo.
2016-05-03 23:35:57 +02:00
Daniel Gultsch
ecaf75e5ec
better detect broken pep
...
mark pep as broken when publishing bundle or device list failed
reset 'brokenness' when account is getting disabled
2016-04-05 13:31:03 +02:00
Daniel Gultsch
198dc2c6b4
let users confirm each member in a conference even if that contact is already trusted
2016-03-01 11:26:59 +01:00
Daniel Gultsch
9e0466d1e6
refactored omemo to take multiple recipients
2016-02-29 13:18:07 +01:00
Daniel Gultsch
fab0a45955
re-read common name from certificates on startup
2016-02-02 13:43:20 +01:00
Daniel Gultsch
43521891f0
show fetch errors in trust keys activity
2016-01-23 11:39:02 +01:00
Andreas Straub
58d213f291
Fix OMEMO session creating loggin
...
Now prints the correct JID to the log when finding devices without
sessions.
2015-12-31 15:48:43 +01:00
Daniel Gultsch
f46cbb38a9
show certificate information
2015-12-23 19:18:53 +01:00
Daniel Gultsch
d0bad09f13
save certificate when verifying with x509
2015-12-23 17:41:26 +01:00
Daniel Gultsch
534013fd0c
store identity key in XmppAxolotlSession instead of the fingerprint
2015-12-19 15:44:11 +01:00
Daniel Gultsch
15c8cb8ac6
add more debugging to certificate checks after new omemo session was established
2015-12-19 12:44:55 +01:00
Daniel Gultsch
15f220747f
some more NPE checks
2015-12-10 23:16:39 +01:00
Daniel Gultsch
1de74c2337
also verify sessions in CBE mode that got created by key transport messages
2015-12-08 17:15:08 +01:00
Daniel Gultsch
baf76d883c
indicate cbe in chat message hint
2015-10-31 22:55:04 +01:00
Daniel Gultsch
bca29cf7fd
explicitly mark verified omemo keys in UI
2015-10-31 10:57:57 +01:00
Daniel Gultsch
34bcc59f72
fixed session objects not being build on start up
2015-10-30 12:05:21 +01:00
Daniel Gultsch
c7ff196f58
push CN into nick pep node when uploading certificate. subscribe to nick node
2015-10-29 13:41:08 +01:00
Daniel Gultsch
3c6c424d31
don't retry building broken omemo keys
2015-10-17 15:51:21 +02:00
Daniel Gultsch
e9e31b1c9b
load axolotl session cache on first device update
2015-10-17 14:44:59 +02:00
Daniel Gultsch
a83aae341f
improved error reporting in trust keys activity
2015-10-17 14:09:26 +02:00
Daniel Gultsch
cfeb67d71d
introduced code to verify omemo device keys with x509 certificates.
...
cleaned up TrustKeysActivity to automatically close if there is nothing to do
2015-10-16 23:48:42 +02:00
Daniel Gultsch
212d1a8c91
add config variable to enable x509 verification
2015-10-12 13:18:20 +02:00
Daniel Gultsch
933538a39d
code clean up
2015-10-12 12:36:54 +02:00
Daniel Gultsch
7be331bbb2
add menu item in account details to renew certificate
2015-10-11 16:10:52 +02:00
Andreas Straub
fdd88aa530
Clean up
...
Fixes some random linter warnings.
2015-10-11 16:05:44 +02:00
Daniel Gultsch
506b83ddc6
be more careful when publishing device bundle
2015-09-17 14:18:06 +02:00
Daniel Gultsch
eff173ebc2
indicate broken pep in server info
2015-09-06 19:40:28 +02:00
Andreas Straub
a95c451f1e
Only show that have sessions in fingerprint list
...
Doesn't access database directly anymore but goes through AxolotlService
now to obtain list of fingerprints associated with an Account/Contact.
This should prevent orphaned keys littering the UI which previously
couldn't be removed through the Clear Devices function.
Together with 1c79982da84964c1d81179a0927d9cd1eadf53de this fixes #1393
2015-09-06 15:15:57 +02:00
Andreas Straub
2bb033267b
Don't manually add keys to the store
...
There is no need to preemptively add the keys to the store oneself.
SessionBuilder will take care of this for us. What's more, this will
prevent IdentityKeys from otherwise invalid bundles to show up in our
UI.
2015-09-06 15:15:57 +02:00
Andreas Straub
e2d506c96a
Never build a session with oneself
...
If we detect our own ID is not in our own devicelist on receiving an
update, we reannounce ourselves. This used to have the side effect of
modifying the list of devices we thought were in the update set, causing
us to accidentally build a session with ourselves.
This lead to our own key being set to TRUSTED_INACTIVE, resulting in red
lock icons on messages sent by the own device.
We fix this by having publishOwnDeviceId() operate on a copy of the
original set. This commit also includes a db migration which deletes
sessions with oneself and sets own keys back to TRUSTED.
2015-09-05 17:29:58 +02:00
Andreas Straub
1156ccbce2
Fix error handling for announce check retrieval
...
Only aborts when a timeout was received. Error conditions (most notably
item-not-found) are interpreted as no other devices existing.
2015-08-26 20:52:44 +02:00
Andreas Straub
c4a548ada0
Only announce device after publishing bundle
2015-08-26 15:45:21 +02:00
Andreas Straub
0eeaccd974
Fix key publishing
...
Remove invalid check for result code, which prevented publishing if the
node was empty to begin with.
Fix pepBroken check
2015-08-26 00:27:39 +02:00
Andreas Straub
25a9d59412
Add more logging to pep attemp counter logic
2015-08-25 18:52:36 +02:00
Andreas Straub
eafcf38ec9
Limit number of PEP publish tries
...
If PEP publish tries are repeatedly triggered by empty PEP updates, stop
attempting to publish after 3 tries. This should work around broken PEP
implementations in older ejabberd and OpenFire versions.
2015-08-25 18:43:44 +02:00
Andreas Straub
b84fecf51a
Pass through device IDs when updating own list
2015-08-25 12:17:09 +02:00
Daniel Gultsch
5eae1e52d2
cleared up some error messages in axolotl service and execute publishOwnDevicesWhenNeeded() only if processing our own jid
2015-08-25 11:43:10 +02:00
Andreas Straub
e1dc7f990d
Add error handling to OMEMO PEP code
...
Log received errors and abort processing
2015-08-23 13:23:51 +02:00
Andreas Straub
7437d0fe0c
Increase number of published prekeys for release
2015-08-07 12:30:39 +02:00
Andreas Straub
6cd9383e53
Let UNTRUSTED/UNDECIDED keys become INACTIVE
2015-08-01 18:30:11 +02:00
Andreas Straub
6059b96456
Provide process function for key transport message
2015-07-31 23:28:09 +02:00
Andreas Straub
909f761ca1
Refactor axolotl message processing workflow
...
XmppAxolotlMessage is now entirely responsible for handling encryption
and decryption of messages, only leveraging XmppAxolotlSession as a
packing/unpacking primitive for payload keys.
Removed pseudo-dead session generation code step from prepareMessage
function, as sessions have been created by invoking the
TrustKeysActivity for a while now.
Added prepareKeyTransportMessage function, which creates a message with
no payload. The key that is packed into the header keyElements can then
be used for other purposes (e.g. encrypted file transfer).
2015-07-31 21:31:45 +02:00