Commit graph

40 commits

Author SHA1 Message Date
Daniel Gultsch c02676ea4c implement self healing omemo
after receiving a SignalMessage that can’t be decrypted because of broken sessions
Conversations will attempt to grab a new pre key bundle and send a new PreKeySignalMessage
wrapped in a key transport message.
2018-12-02 14:41:29 +01:00
Daniel Gultsch f9cafc144b refactor magic creates password gen to CryptoHelper 2018-10-20 00:05:10 +02:00
Daniel Gultsch b0e1b5b02d refined create conference dialog 2018-06-24 11:23:10 +02:00
Daniel Gultsch fd7a5c605a Do not use TLS_FALLBACK_SCSV
closes #2937

Thanks to @tmolitor-stud-tu for explaining the situation in
https://github.com/guardianproject/NetCipher/pull/74
2018-05-26 10:22:44 +02:00
Daniel Gultsch 4626bdf8d8 show p1s3 attchments with download button 2018-05-25 13:18:25 +02:00
Daniel Gultsch 9ef2d32a3e changed jid of push server 2018-05-12 17:23:37 +02:00
Daniel Gultsch afb7c0592b display avatar in groups 2018-04-14 17:54:04 +02:00
Daniel Gultsch bda95bc571 make error message for 'not encrypted for this device' 2018-04-04 18:21:22 +02:00
Daniel Gultsch 1accf9d961 migrate to xmpp-addr 2018-03-07 22:30:36 +01:00
Daniel Gultsch 63cd8e5981 added config param to use a random resource at every bind 2018-02-24 20:47:02 +01:00
Daniel Gultsch cce5a7b39f parse jid from CN in client certs if nothing else is available 2017-08-07 16:02:48 +02:00
Daniel Gultsch e11277c70f use base64 instead of base36 when creating random strings 2017-07-30 11:39:47 +02:00
Daniel Gultsch 24768d051d upgrade to signal-protocol-java. thanks @ysangkok
fixes #1384
closes #2509
2017-06-18 16:36:30 +02:00
Daniel Gultsch 6c34763d32 transform aesgcm:// links back to https:// before connecting through Tor
fixes #2444
2017-04-16 08:44:26 +02:00
Daniel Gultsch 26badb7f4c send urls pointing to pgp encrypted files directly in body+oob 2017-04-05 21:01:29 +02:00
Daniel Gultsch 401329caaa use aesgcm:// uri scheme for omemo encrypted http upload 2017-04-05 18:46:56 +02:00
Daniel Gultsch 07fe434cc7 added share button to account details 2016-11-22 22:31:46 +01:00
Daniel Gultsch 5a73a6b139 fixed account hash calculation 2016-10-07 14:54:06 +02:00
Daniel Gultsch 40e5090bdd issue ping after push was received 2016-10-06 18:09:55 +02:00
Daniel Gultsch 0e96e0a796 show identity type for device selection 2016-07-28 22:58:37 +02:00
Daniel Gultsch ae7543bbfc put bug report jid in config. include package signature in report 2016-05-28 11:04:18 +02:00
Daniel Gultsch 703d95fcf8 lower case all fingerprints. fixes #1521 2015-12-27 18:37:12 +01:00
Daniel Gultsch c40372fc0d code cleanup 2015-12-23 22:30:14 +01:00
Daniel Gultsch f46cbb38a9 show certificate information 2015-12-23 19:18:53 +01:00
Daniel Gultsch a7fd629c05 show encryption type in warned/red messages 2015-10-28 22:40:09 +01:00
Daniel Gultsch cfeb67d71d introduced code to verify omemo device keys with x509 certificates.
cleaned up TrustKeysActivity to automatically close if there is nothing to do
2015-10-16 23:48:42 +02:00
Daniel Gultsch 7be331bbb2 add menu item in account details to renew certificate 2015-10-11 16:10:52 +02:00
Andreas Straub 8fd46d40d6 Adapt prettifyFingerprint() to axolotl FP sizes 2015-07-19 21:32:27 +02:00
Daniel Gultsch 5dd83a5fe6 null check otr fingerprint before display 2015-07-11 21:23:58 +02:00
Daniel Gultsch 82daf849aa fixed #1039 2015-04-25 14:42:32 +02:00
Boris Wachtmeister 67f8ed44bd disable all really weak cipher suites
With #959 all ciphers of the platform were enabled, but this also
includes several suites that are considered as very weak, even down to
NULL- and anon-ciphers which disable completely disable encryption
and/or authentication. Especially the anon-ciphers could be easily used
for a mitm-attack.

To remove all weak ciphers a blacklist with patterns of cipher-names was
added to Config.java. The blacklist is based on the "mandatory discards"
that Mozilla suggests to not use for TLS-servers because they are weak
or known to be broken.
https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards
2015-03-07 15:48:29 +01:00
Sam Whited 03d30e4fdb Use platform ciphers as well, just prefer ours 2015-02-02 11:16:22 -05:00
iNPUTmice bd3fccd2dc don't disable any ciphers 2015-02-02 14:22:49 +01:00
Sam Whited 548a585b2c Harden the TLS connection cipher suites 2015-01-14 13:10:15 -05:00
Sam Whited cfdda5f8fd Don't escape passwords in SASL
Fixes #671
2014-11-15 21:11:14 -05:00
iNPUTmice 88c3537b68 parse otr-fingerprint in qr codes and nfc. include otr fingerprint in shareable uri where ever possible 2014-11-16 00:20:20 +01:00
Sam Whited a463f82e3b Cache SCRAM-SHA-1 keys for current session 2014-11-15 12:57:36 -05:00
Sam Whited 0e550789d3 Add SCRAM-SHA1 support
Factor out GS2 tokanization into own class
Add authentication exception class

Fixes #71
2014-11-14 18:00:12 -05:00
Sam Whited 14cfb60952 Refactor authentication code 2014-11-12 10:15:38 -05:00
Sam Whited 281ce3105f Make conversations the root project 2014-10-22 15:47:11 -04:00
Renamed from conversations/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java (Browse further)