Daniel Gultsch
c02676ea4c
implement self healing omemo
...
after receiving a SignalMessage that can’t be decrypted because of broken sessions
Conversations will attempt to grab a new pre key bundle and send a new PreKeySignalMessage
wrapped in a key transport message.
2018-12-02 14:41:29 +01:00
Daniel Gultsch
f9cafc144b
refactor magic creates password gen to CryptoHelper
2018-10-20 00:05:10 +02:00
Daniel Gultsch
b0e1b5b02d
refined create conference dialog
2018-06-24 11:23:10 +02:00
Daniel Gultsch
fd7a5c605a
Do not use TLS_FALLBACK_SCSV
...
closes #2937
Thanks to @tmolitor-stud-tu for explaining the situation in
https://github.com/guardianproject/NetCipher/pull/74
2018-05-26 10:22:44 +02:00
Daniel Gultsch
4626bdf8d8
show p1s3 attchments with download button
2018-05-25 13:18:25 +02:00
Daniel Gultsch
9ef2d32a3e
changed jid of push server
2018-05-12 17:23:37 +02:00
Daniel Gultsch
afb7c0592b
display avatar in groups
2018-04-14 17:54:04 +02:00
Daniel Gultsch
bda95bc571
make error message for 'not encrypted for this device'
2018-04-04 18:21:22 +02:00
Daniel Gultsch
1accf9d961
migrate to xmpp-addr
2018-03-07 22:30:36 +01:00
Daniel Gultsch
63cd8e5981
added config param to use a random resource at every bind
2018-02-24 20:47:02 +01:00
Daniel Gultsch
cce5a7b39f
parse jid from CN in client certs if nothing else is available
2017-08-07 16:02:48 +02:00
Daniel Gultsch
e11277c70f
use base64 instead of base36 when creating random strings
2017-07-30 11:39:47 +02:00
Daniel Gultsch
24768d051d
upgrade to signal-protocol-java. thanks @ysangkok
...
fixes #1384
closes #2509
2017-06-18 16:36:30 +02:00
Daniel Gultsch
6c34763d32
transform aesgcm:// links back to https:// before connecting through Tor
...
fixes #2444
2017-04-16 08:44:26 +02:00
Daniel Gultsch
26badb7f4c
send urls pointing to pgp encrypted files directly in body+oob
2017-04-05 21:01:29 +02:00
Daniel Gultsch
401329caaa
use aesgcm:// uri scheme for omemo encrypted http upload
2017-04-05 18:46:56 +02:00
Daniel Gultsch
07fe434cc7
added share button to account details
2016-11-22 22:31:46 +01:00
Daniel Gultsch
5a73a6b139
fixed account hash calculation
2016-10-07 14:54:06 +02:00
Daniel Gultsch
40e5090bdd
issue ping after push was received
2016-10-06 18:09:55 +02:00
Daniel Gultsch
0e96e0a796
show identity type for device selection
2016-07-28 22:58:37 +02:00
Daniel Gultsch
ae7543bbfc
put bug report jid in config. include package signature in report
2016-05-28 11:04:18 +02:00
Daniel Gultsch
703d95fcf8
lower case all fingerprints. fixes #1521
2015-12-27 18:37:12 +01:00
Daniel Gultsch
c40372fc0d
code cleanup
2015-12-23 22:30:14 +01:00
Daniel Gultsch
f46cbb38a9
show certificate information
2015-12-23 19:18:53 +01:00
Daniel Gultsch
a7fd629c05
show encryption type in warned/red messages
2015-10-28 22:40:09 +01:00
Daniel Gultsch
cfeb67d71d
introduced code to verify omemo device keys with x509 certificates.
...
cleaned up TrustKeysActivity to automatically close if there is nothing to do
2015-10-16 23:48:42 +02:00
Daniel Gultsch
7be331bbb2
add menu item in account details to renew certificate
2015-10-11 16:10:52 +02:00
Andreas Straub
8fd46d40d6
Adapt prettifyFingerprint() to axolotl FP sizes
2015-07-19 21:32:27 +02:00
Daniel Gultsch
5dd83a5fe6
null check otr fingerprint before display
2015-07-11 21:23:58 +02:00
Daniel Gultsch
82daf849aa
fixed #1039
2015-04-25 14:42:32 +02:00
Boris Wachtmeister
67f8ed44bd
disable all really weak cipher suites
...
With #959 all ciphers of the platform were enabled, but this also
includes several suites that are considered as very weak, even down to
NULL- and anon-ciphers which disable completely disable encryption
and/or authentication. Especially the anon-ciphers could be easily used
for a mitm-attack.
To remove all weak ciphers a blacklist with patterns of cipher-names was
added to Config.java. The blacklist is based on the "mandatory discards"
that Mozilla suggests to not use for TLS-servers because they are weak
or known to be broken.
https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards
2015-03-07 15:48:29 +01:00
Sam Whited
03d30e4fdb
Use platform ciphers as well, just prefer ours
2015-02-02 11:16:22 -05:00
iNPUTmice
bd3fccd2dc
don't disable any ciphers
2015-02-02 14:22:49 +01:00
Sam Whited
548a585b2c
Harden the TLS connection cipher suites
2015-01-14 13:10:15 -05:00
Sam Whited
cfdda5f8fd
Don't escape passwords in SASL
...
Fixes #671
2014-11-15 21:11:14 -05:00
iNPUTmice
88c3537b68
parse otr-fingerprint in qr codes and nfc. include otr fingerprint in shareable uri where ever possible
2014-11-16 00:20:20 +01:00
Sam Whited
a463f82e3b
Cache SCRAM-SHA-1 keys for current session
2014-11-15 12:57:36 -05:00
Sam Whited
0e550789d3
Add SCRAM-SHA1 support
...
Factor out GS2 tokanization into own class
Add authentication exception class
Fixes #71
2014-11-14 18:00:12 -05:00
Sam Whited
14cfb60952
Refactor authentication code
2014-11-12 10:15:38 -05:00
Sam Whited
281ce3105f
Make conversations the root project
2014-10-22 15:47:11 -04:00