Commit graph

1740 commits

Author SHA1 Message Date
Scott Nonnenberg
b0dbecb4e2 Check trust store for identity key information on every new message
It's debounced so it doesn't go too crazy.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
782c484680 Check trust store for latest identity key info before sending
We definitely want the latest information from our local database before
attempting to send.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
fc39241003 Ensure that we pull verified state only after getting profiles
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
4a1dc46ab3 Fixes to get local verification and sync messages working
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
c43d96904d Move to the real verify/trust APIs
This wires up verification sync messages, verification and trust checks
to the trust store instead of using mocked data.

FREEBIE
2017-08-04 12:03:25 -07:00
lilia
52481d1d13 Support for sending and receiving verification sync messages
This adds a new method to message sender for sending verification sync messages
and a new event to message receiver representing incoming verification sync
messages. Currently the event handler just logs the message.

// FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
475d607fd0 Prepare for verification sync messages: receiver, ready to send
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
aebf4b32d6 Conversation.updateLastMessage: fix indent, use of null message
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
36c28296e9 Remove extraneous logging
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
9b864c8675 Re-render verified change conversation items when convo changes
If the contact's name changes, for example.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
1cf9289b1a Add items to conversation history when user verifies/unverifies
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
a827334c3e Allow re-send of messages in msg detail view on OutgoingKeyError
We also show more errors than we used to in the MessageDetail screen
to help make it clear what is happening, and why the user would need to
re-send.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
688cae6374 Remove empty string class passed to contact template
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
8264f3ba33 Make the term 'Verified' fully localizable
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
e9968c3118 Remove comments after NewGroupUpdateView investigation
It doesn't run today - it depends on RecipientsInputView, which depends
on Backbone.TypeaheadCollection which doesn't currently exist in the
product.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
8d29cb9830 Prevent access to Safety Number when talking to yourself
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
c7e385eb38 Remove 'safety number approval' option from settings dialog
Also sync templates in test/index.html and background.html

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
9204188aa3 A bit of cleanup after some early code review
FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
2955c36b3e Confirmation dialog: Make keyboard-accessible: escape to cancel
And proper tab order. Then some more work to re-focus on the message
composition field after the dialog shows up and steals focus.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
243cbd8123 Confirmaton on send, banner when 'unverified'
Not yet using the new APIs, but ready to. Still to do:
- Send sync messages on trust decisions
- Respond to received trust decision sync messages
- Show trust decisions in the conversation history
- In that rare situation where a sent message ends up with a key error
  make it easy to retry the send.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
bedf10056b Support for group-member verifications via second-level panel
Also:
- All the necessary wire-up to update things in real time. If you have
a safety number page up via a group member view as well as via a 1:1
conversation with that contact, they'll both be updated as the
underlying model changes. Similarly, the overall group will update
in real-time as members change.
- A bit of special-casing for yourself in a group conversation - you're
shown as 'me' and are not clickable, where normally that would take you
to the Safety Number screen for that contact. You are also not included
in the trust calculations for a given group.

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
ae3587f05e Move all instances of 'verify identity' to 'show identity'
As discussed in standup this morning - only the act of verifying or a
statement about current status should use that word 'verify.'

FREEBIE
2017-08-04 12:03:25 -07:00
Scott Nonnenberg
ee0b0f5ffb Remove all concept of 'key conflict' from the app 2017-08-04 12:03:25 -07:00
lilia
0e0f14723e Rename model IdentityKey -> IdentityRecord
Reduce ambiguity in between the record itself, which now stores other
information besides the public key, and its `publicKey` attribute, which
contains an ArrayBuffer of key material.

This model is internal to SignalProtocolStore.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
aa6dbb2e59 Preserve UNVERIFIED status on key change
Don't revert it to default, which would effectively downgrade the security model
for that contact.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
12d9bb61c3 Let removeIdentityKey delete the entire record
Previously we would only clear the publicKey since that was the only attribute,
but now we should delete the entire record. This method is currently only called
from tests.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
d1858de39b Default nonblockingApproval to false
saveIdentity is invoked with only two arguments from the protocol layer, in
which case we should default nonblockingApproval to false.

76c28cfa7a/src/org/thoughtcrime/securesms/crypto/storage/TextSecureIdentityKeyStore.java (L87)

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
261ec003ee Account manager calls saveIdentityWithAtttributes
saveIdentityWithAtttributes allows directly setting all properties of an
identity key record. In AccountManager we use it to save our own identity
key after a new registration.

Previously we would remove the existing key first in order to coerce firstUse to
true, but now we can simply set it explicitly, along with a VERIFIED status.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
2a76bb6fc2 Add new methods to identity store
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
50dd9c6772 Add identityKey model validation
This will enforce that all identity record attributes are valid and present
before allowing the record to be saved. This is necessary since we will be
exposing a lower-level method to save an identity with explicit values for
firstUse, nonblockingApproval, and verified status.
2017-08-04 12:03:25 -07:00
lilia
b93042f12f Add verified status
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
c6bfdec84d Remove blockingApproval
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
53e7e1be3a Fix libsignal-protocol using wrong direction flag
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
6fdd0f1625 Handle identity errors on decrypt
Previously we only expected these errors to occur when decrypting prekey
messages, so we need to add handling for them in the case of a normal message.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
f095a1583e Fetch profiles whenever conversations are opened
For a group, fetch everyone's profile.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
d295fa7057 Update libsignal-protocol
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
1b9eb83422 Update isTrustedIdentity for directional trust
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
4e4aedd4ba Pass in non/blockingApproval args to saveIdentity
Multiple cases here:
1. setting our own key on registration
1. changing identities from a safety number change dialog

Note that removeIdentityKey runs before saveIdentity, so we'll always end up
with firstUse: true on our own key.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
3ca511a10a Unwrap removeIdentityKey from calls to saveIdentity
saveIdentity is now reponsible for determining firstUse, so we must not remove
the existing key before updating it.

Previously, the implementation provided an extra check against overwritting an
existing key, but that should be done via isTrustedIdentity instead.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
82469713d2 Update saveIdentity
Add support new blockingApproval and nonblockingApproval arguments
Populate the firstUse property on identity key records
Return whether an existing record was overwritten.

References
https://github.com/WhisperSystems/Signal-Android/commit/39d4a7#diff-69ede72c549da6bcbcd959935995b7e9R45

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
4d4dd3341f Add isBlocking/isNonBlockingApprovalRequired
These analyse the identity key record and user preferences to determine whether
a key requires approval for sending.

// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
22e907a8d4 Add getProfile to MessageSender
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
0c5a69cce4 Add support for getProfile to TextSecureServer
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
9f4a657e8a Add database migration
// FREEBIE
2017-08-04 12:03:25 -07:00
lilia
3afe378063 Remove legacy property from OutgoingMessage 2017-07-05 18:05:56 -07:00
lilia
d47ced1199 Don't recompute outgoing message padding
We can use the same padded plaintext across multiple numbers or attempts rather
than re-creating it every time we encrypt to a particular number.

// FREEBIE
2017-07-05 18:05:56 -07:00
lilia
30201969be Inline some functions in OutgoingMessage
Since we no longer have legacy messages to send, we can simplify things a bit
here.

// FREEBIE
2017-07-05 18:05:56 -07:00
lilia
e8548879db Stop sending legacy DataMessages 2017-06-20 17:57:27 -07:00
Scott Nonnenberg
3fbd1ab618 Use error.stack instead of error for console log
Chrome/V8 give you the error name, message and callstack at that
property, where toString() gives you [object NavigatorUserMediaError]

FREEBIE
2017-06-20 16:57:11 -07:00
Scott Nonnenberg
98f88607a0 Remove recorder UI when we fail to 'getUserMedia'
FREEBIE
2017-06-20 16:57:11 -07:00