Moves SQLiteAxolotlStore and XmppAxolotlSession into proper classes.
IdentityKeys trust statuses are now cached in an LruCache to prevent
hammering the database when rendering the UI.
* change chat states to type=chat and chat markers to type=chat
* use same type as requesting stanza for delivery receipts (which should make them type=chat most of the time)
We introduce a new trust state: INACTIVE. This state is intended for
old keys that have been removed.
When a TRUSTED device is removed from the PEP devicelist, it's status
will be set to INACTIVE. INACTIVE keys are shown in the UI as greyed
out, non-interactible key rows. Messages are not encrypted for INACTIVE
devices.
When an INACTIVE device reappears in PEP, or a message is received from
an INACTIVE device, it is set back to trusted.
* CryptoNextBeta: (60 commits)
Lock TrustKeys if no trusted keys are available
Optimize imports
Use MD style for key trust toggle switch
Fix set/remove OnUpdateBlocklistListener
Fix axolotl database migration
Remove device list from EditAccount
Add clear devices to overflow menu in EditAccount
Ask for key trust when sending messages
Encrypt files for HTTP upload in encrypted chats
Refactor trust key ui and show in account details
Send correct body for HTTP files
Handle file transmission properly in axolotl
Remove unneccessary code
Fix trust status for outgoing messages
Don't merge messages with different trust statuses
Fix copying of axolotl keys to clipboard
Add refresh icon to v21 theme
Disable Axolotl option if not usable
Show trust status of messages' originating session
Add key trust toggle to ContactDetailsActivity
...
If the contact (or the own account) has keys that have UNDECIDED trust,
we now drop the user into the new TrustKeysActivity, where they have to
decide for each new key whether it should be TRUSTED or UNTRUSTED.
Refactored the trust key row UI element so it can be used in multiple
places. It now also uses a slider to toggle the trust state, and the
redundant trust state description was removed.
EditAccountActivity now shows the keys of other devices associated with
that account.
Tag sent messages with own fingerprint, set own fingerprint as always
trusted, include own fingerprint in database trust search, explicitly
reset trust colorfilter
Any time a new session is established, call syncRosterToDisk() to ensure
that on subsequent restoreFromDatabase() calls, the roster is actually
available. This is important so that initAccountServices() can properly
initialize the SessionMap. This prevents a race condition where after
adding a new account and initiating sessions with it, if the app is
killed (e.g. by reinstall) before triggering a syncRosterToDisk(),
subsequent restores will not have the roster available, leading to
missing XmppAxolotlSessions in the SessionMap cache. As a result of
this, a new session was initiated when sending a new message, and
received messages could not be tagged with the originating session's
fingerprint.
As an added sanity check, go to the database to confirm no records are
present before creating fresh XmppAxolotlSession objects (both in the
sending and receiving case).
Wipe session cache to prevent stale sessions being used. Wipe fetch
status cache to enable recreation of sessions. Regenerate deviceId, so
that foreign devices will talk to us again.
Messages are now tagged with the IdentityKey fingerprint of the
originating session. IdentityKeys have one of three trust states:
undecided (default), trusted, and untrusted/not yet trusted.
EditAccountActivity now show own fingerprint, and gives an option to
regenerate local keying material (and wipe all sessions associated with
the old keys in the process).
It also now displays a list of other own devices, and gives an option to
remove all but the current device.
No longer store own device ID (so that we don't encrypt messages for
ourselves), verify that own device ID is present in update list
(otherwise republish), reflect update in UI.
When receiving a message, only remember the XmppAxolotlSession wrapper
if the prospective session was actually established. This prevents us
from erroneously adding empty sessions that are never established using
received PreKeyWhisperMessages, which would lead to errors if we try to
use them for sending.
The trust-on-first-use policy leads to problems when receiving messages
from two different devices of a contact before sending a message to them
(as their IdentityKeys will not have been added yet). Since session
trust will be managed externally anyway, this change is not a security
problem, and will allow us to decrypt messages from yet-untrusted
sessions.