Commit graph

317 commits

Author SHA1 Message Date
Daniel Gultsch 8a6430ae29 ground work for omemo dtls verification 2021-03-02 21:13:49 +01:00
Daniel Gultsch d889c02a0a make ascii armor parsing more resiliant 2021-02-24 11:05:11 +01:00
Daniel Gultsch 78901e3339 use detached signatures 2021-02-17 22:47:40 +01:00
Daniel Gultsch b76b60df5c verify against IDN variant of domain 2021-02-04 11:15:59 +01:00
Daniel Gultsch 8ce7bfb95e automated code clean up 2021-01-23 09:25:34 +01:00
Ferdinand Pöll 453ca7c0ed Migrate from Android Support Library to AndroidX
Unignored gradle.properties since androidX requires additions there
See also https://developer.android.com/jetpack/androidx/migrate
2021-01-18 20:49:35 +01:00
Daniel Gultsch 0e54d8a2cf implement SCRAM-SHA512 2020-12-31 09:32:05 +01:00
Daniel Gultsch 2a57c92f63 rewrote scram cache implementation 2020-12-30 22:01:08 +01:00
Daniel Gultsch 692ee6c9fb SCRAM remove cache. made digest and hmac non static
DIGEST and HMAC were static variables. Those are initialized by
what ever concrete implementation gets executed first.

(Perform SCRAM-SHA1 first and those variables got initialized with
SHA1 variants)

For subsequent SHA256 executions those variables contained wrong
values.
2020-12-30 15:57:44 +01:00
Daniel Gultsch 575ada3b27 fix scram crash for broken metronome servers 2020-05-27 13:53:28 +02:00
Daniel Gultsch f8fedf0059 sasl prep password before hashing. fixes #1893 2020-05-19 15:28:12 +02:00
Daniel Gultsch b6703dbe38 switch xmpp-addr to jxmpp-jid 2020-05-15 17:06:16 +02:00
Daniel Gultsch 00191e2b60 explicitly use BouncyCastle for file crypto 2020-03-09 19:12:30 +01:00
Daniel Gultsch aecb771ab5 use 16 byte IVs for http upload files larger than 768KiB
Ever since Android 9+ switched to Conscrypt we can no longer efficiently
encrypt (and decrypt) large files with AES-GCM. We did’t notice this before
because when using 16 byte IVs even modern Androids will fall back to bouncy
castle. However the 'bug'/'feature' in Conscrypt surfaced when we switched over
to 12 byte IVs (which uses Conscrypt on Android 9+)
Switching back entirely to 16 byte IVs is undesirable as this would break
compatibility with Monal. So we end up with a weird compromise where we use
12 byte for normale plain text OMEMO messages and 'small' files where the
inefficiencies aren’t a problem.

The result of this commit is that Monal won’t be able to receive our files
larger than 768KiB. However the alternative is that Conversations would always
OOM when attempting to send larger files (where large depends on the available
RAM.)

fixes #3653
2020-03-08 13:13:19 +01:00
Daniel Gultsch 0f40e7e73b fixed typo in resolver that cause hostnames not to be marked as authenticated (with DNSSec)
usually this wasn’t a problem as this is only the fallback after no IPs
have been discovered.

this also isn‘t a security issue as worst case is the hostname doesn’t get
accepeted as fallback in cert validation.

thanks @genofire for spotting this
2020-02-29 12:55:54 +01:00
Daniel Gultsch e38a9cd729 omemo changes: use 12 byte IV, no longer accept auth tag appended to payload 2020-01-18 12:08:03 +01:00
Daniel Gultsch b56f6fbf4c updated screenshots 2020-01-18 09:12:50 +01:00
Daniel Gultsch 80e83f77a7 pulled translations from transifex 2020-01-08 19:05:12 +01:00
Daniel Gultsch b135486bb4 prevent crash when deleting account on servers that don't support omemo 2019-12-02 13:21:18 +01:00
Daniel Gultsch e0b5010f24 don’t mark pgp encrypted files received from dino as deleted 2019-10-11 15:37:41 +02:00
Daniel Gultsch 9276eff1db delete omemo keys when deleting account 2019-09-28 21:52:07 +02:00
Daniel Gultsch abe01f18f2 improved logging for messages waiting for join 2019-09-19 10:00:50 +02:00
Daniel Gultsch 4cd652884c do not finish or repair sessions for untrusted senders
finishing (sending a key transport message in response to pre key message) as
well as reparing sessions will leak resource and availability and might in
certain situations in group chat leak the Jabber ID.

Therefor we disable that. Leaking resource might not be considered harmful by
a lot of people however we have always doing similar things with receipts.
2019-09-15 11:49:58 +02:00
Daniel Gultsch e395da18bf when parsing omemo messages ensure we only find one element 2019-09-12 12:43:11 +02:00
Daniel Gultsch 9bf5fb98ac show language in message bubble if multiple language variants were received
XML and by inheritence XMPP has the feature of transmitting multiple language
variants for the same content. This can be really useful if, for example, you
are talking to an automated system. A chat bot could greet you in your own
language.

On the wire this will usually look like this:

```xml
<message to="you">
  <body>Good morning</body>
  <body xml:lang="de">Guten Morgen</body>
</message>
```

However receiving such a message in a group chat can be very confusing and
potentially dangerous if the sender puts conflicting information in there and
different people get shown different strings.

Disabeling support for localization entirely isn’t an ideal solution as on
principle it is still a good feature; and other clients might still show a
localization even if Conversations would always show the default language.

So instead Conversations now shows the displayed language in a corner of the
message bubble if more than one translation has been received.

If multiple languages are received Conversations will attempt to find one in
the language the operating system is set to. If no such translation can be
found it will attempt to display the English string.

If English can not be found either (for example a message that only has ru and
fr on a phone that is set to de) it will display what ever language came first.

Furthermore Conversations will discard (not show at all) messages with with
multiple bodies of the same language. (This is considered an invalid message)

The lanuage tag will not be shown if Conversations received a single body in
a language not understood by the user. (For example operating system set to
'de' and message received with one body in 'ru' will just display that body as
usual.)

As a guide line to the user: If you are reading a message where it is important
that this message is not interpreted differently by different people (like a
vote (+1 / -1) in a chat room) make sure it has *no* language tag.
2019-09-12 10:12:51 +02:00
Daniel Gultsch a4665d4657 made domain verifier case insensitive. fixes #3495 2019-07-20 17:51:37 +02:00
Daniel Gultsch 49224335fc attempt to unregister when receiving push for channel no longer joined
when receiving a FCM push message for a channel the user is no longer in (this can happen when the disable command failed) an attempt will be made to explicitly unregister from the app server (which in turn will then send item-not-found on next push)
2019-06-26 17:40:12 +02:00
Daniel Gultsch b2ea91909b introduced type private_file_message to handle attachments in PMs. fixes #3372 2019-04-27 11:46:43 +02:00
Daniel Gultsch ad64058d25 hide lock icon in channels; modify muc user context 2019-02-07 13:18:42 +01:00
Daniel Gultsch e9bf2b464c explicitly set type=images for all media with an image mime type
this is in preperation to be able to query the database for all images
2019-01-12 09:01:35 +01:00
Daniel Gultsch 7cabb2c377 check if encrypted pgp file get deleted 2019-01-10 21:24:24 +01:00
Daniel Gultsch 52afcac230 mark deleted files in database and not query them when querying for media 2019-01-10 14:52:27 +01:00
Daniel Gultsch 96e3546904 put images into MessageStyle notifications 2019-01-09 12:47:09 +01:00
Daniel Gultsch dac088428c handle decrypting/encrypting of omemo messages with duplicate device ids 2019-01-05 15:34:19 +01:00
Daniel Gultsch acea062abc fixed dead lock when sending pgp messages from quick reply. fixes #3246 2018-12-13 19:29:16 +01:00
Daniel Gultsch bcfd3f20c2 postpone prekey removal and republish to after mam 2018-12-05 10:42:56 +01:00
Daniel Gultsch c02676ea4c implement self healing omemo
after receiving a SignalMessage that can’t be decrypted because of broken sessions
Conversations will attempt to grab a new pre key bundle and send a new PreKeySignalMessage
wrapped in a key transport message.
2018-12-02 14:41:29 +01:00
Daniel Gultsch 1de385dcb9 set access model to open when publishing avatar. fixes #3291 2018-11-25 20:58:48 +01:00
Daniel Gultsch 2e0b26a5ab revert 12 byte ivs that got commited by accident 2018-11-21 16:44:24 +01:00
Daniel Gultsch 03d5aa8aeb show 'show password' toggle for all magically created accounts. make quicksy accounts magically created 2018-11-20 21:33:43 +01:00
Daniel Gultsch 2fa629d113 create api calls 2018-10-31 13:33:55 +01:00
Daniel Gultsch a3744ce4f8 improve openkeychain error reporting 2018-10-25 18:16:02 +02:00
Daniel Gultsch 409bf3c0cb use bouncycastle provider up to api 27
apparently using conscrypt on Android below version 7? throws an exception when using 16 byte IVs.
so we now use BC when ever possible (excluding api 28)

we don’t know why Conscrypt behaves differently on various android versions
2018-10-11 04:36:37 +02:00
Daniel Gultsch ce46b36c33 go back to 16 byte IVs for OMEMO
clients like Dino can’t handle 12 byte IVs
2018-10-04 22:32:42 +02:00
Daniel Gultsch bfa63e13c5 added a few TODOs in regards to the handling of inactive devices 2018-10-04 18:48:45 +02:00
Daniel Gultsch 23282484d6 prevent race condition when fetching device ids 2018-10-03 22:03:47 +02:00
Daniel Gultsch 4c08ba8d03 use 12 byte IV for omemo and http upload 2018-10-03 17:44:48 +02:00
Daniel Gultsch 7fa8811f64 refresh ui after device list update only if list has changed 2018-10-03 11:53:02 +02:00
Daniel Gultsch d4b98c9aff made xmpp domain verifier verify wildcard domains where domain is a sub.sub domain 2018-10-01 17:08:23 +02:00
Daniel Gultsch 6121217df5 fixed auth 2018-09-26 10:39:36 +02:00