Commit graph

23 commits

Author SHA1 Message Date
Ken Powers
29de50c12a Stickers
Co-authored-by: scott@signal.org
Co-authored-by: ken@signal.org
2019-05-16 16:10:37 -07:00
Scott Nonnenberg
3851bf351f Throttle typing events, fix profile logging, fix group typing 2018-12-10 14:06:43 -08:00
Scott Nonnenberg
0774ba2903 Eslintify all of libtextsecure 2018-07-21 14:52:43 -07:00
Scott Nonnenberg
754d65ae2e Let's make it all pretty, shall we?
We missed a couple directories with previous attempts to turn this on
globally: app/ and libtextsecure/

Not to mention files in places we didn't expect: ts files that weren't
in the ts directory!

This turns prettier on for every file we care about (js, ts, tsx, md)
everywhere in the project but for a few key parts.
2018-05-02 13:40:57 -07:00
Daniel Gasienica
95321e5d3e Remove Vim mode lines 2018-04-30 16:53:34 -04:00
Daniel Gasienica
32911002d4 Verify makeAttachmentPointer and encryptAttachment arguments
The underlying `crypto.subtle.encrypt` API requires it.
2018-03-26 16:38:34 -04:00
Lilia
ae190fed44
Profiles (#1453)
* Add AES-GCM encryption for profiles

With tests.

* Add profileKey to DataMessage protobuf

// FREEBIE

* Decrypt and save profile names

// FREEBIE

* Save incoming profile keys

* Move pad/unpad to crypto module

// FREEBIE

* Support fetching avatars from the cdn

// FREEBIE

* Translate failed authentication errors

When AES-GCM authentication fails, webcrypto returns a very generic error. The
same error is thrown for invalid length inputs, but our earlier checks in
decryptProfile should rule out those failure modes and leave us safe to assume
that we either had bad ciphertext or the wrong key.

// FREEBIE

* Handle profile avatars (wip) and log decrypt errors

// FREEBIE

* Display profile avatars

Synced contact avatars will still override profile avatars.

* Display profile names in convo list

Only if we don't have a synced contact name.

// FREEBIE

* Make cdn url an environment config

Use different ones for staging and production

// FREEBIE

* Display profile name in conversation header

* Display profile name in group messages

* Update conversation header if profile avatar changes

// FREEBIE

* Style profile names small with ~

* Save profileKeys from contact sync messages

// FREEBIE

* Save profile keys from provisioning messages

For standalone accounts, generate a random profile key.

// FREEBIE

* Special case for one-time sync of our profile key

Android will use a contact sync message to sync a profile key from Android
clients who have just upgraded and generated their profile key. Normally we
should receive this data in a provisioning message.

// FREEBIE

* Infer profile sharing from synced data messages

* Populate profile keys on outgoing messages

Requires that `profileSharing` be set on the conversation.

// FREEBIE

* Support for the profile key update flag

When receiving a message with this flag, don't init a message record, just
process the profile key and move on.

// FREEBIE

* Display profile names in group member list

* Refresh contact's profile on profile key changes

// FREEBIE

* Catch errors on profile save

// FREEBIE

* Save our own synced contact info

Don't return early if we get a contact sync for our own number

// FREEBIE
2017-09-14 17:04:00 -07:00
lilia
a256f17e19 Cleanup attachment attributes
Convert attachment ids from longs to strings, and byte buffers to
arrays.

// FREEBIE
2017-04-18 11:48:53 -07:00
lilia
43de0cc2ec Add attachment digests
// FREEBIE
2017-03-10 14:40:45 -08:00
lilia
f8e176fd40 Dedupe methods
Define textsecure.crypto in terms of libsignal.crypto.

// FREEBIE
2016-05-18 13:15:57 -07:00
lilia
63cd3b2788 Use constant time mac comparison
In libtextsecure and in libaxolotl.

// FREEBIE
2015-11-27 14:40:17 -08:00
lilia
ac7c95fed0 Validate argument lengths in crypto.js
These functions accept an array buffer and extract an AES and MAC key
from it without verifying it has the appropriate length. Ciphertext
messages are similarly dissected. The slice function does not raise an
error on out of bounds accesses but instead returns an empty or
partially-filled array. Empty or short arrays will be passed through to
the window.crypto.subtle API, where they will raise an error. We should
not rely on the Web Crypto API to validate key lengths or for MAC checks
to fail. Instead, validate the lengths of given parameters before
extracting their components.

// FREEBIE
2015-10-27 13:58:23 -07:00
lilia
7d9cf0c167 Pass the signaling key into decryptWebSocketMessage
De-couple this file from dependency on storage.
2015-09-17 16:02:22 -07:00
lilia
f764445c86 Remove erroneous license file and headers
We only use GPLV3 around here.

// FREEBIE
2015-09-07 14:58:42 -07:00
lilia
704c6ce779 Signaling key is now an array buffer 2015-05-15 11:39:22 -07:00
Matt Corallo
00cb420d37 Merge (un)encrypted storage layers 2015-03-25 11:56:25 -07:00
Matt Corallo
e2e06b2d3c Remove axolotl.storage usage from libtextsecure 2015-03-17 13:59:25 -07:00
Matt Corallo
870e5dc9dc Remove all external non-test deps on libaxolotl/crypto 2015-02-12 15:11:59 -08:00
Matt Corallo
7d2d2d92fc Copy getRandomBytes from libaxolotl to libtextsecure 2015-02-12 15:11:59 -08:00
Matt Corallo
403ae4376d Move attachment/websocket [en|de]cryption to libtextsecure 2015-02-12 15:11:58 -08:00
Matt Corallo
83c6fe9008 Moveish the first files to libaxolotl/ 2015-02-12 15:11:57 -08:00
Matt Corallo
e7f3e52b6c Remove NaCL! 2015-01-14 11:39:36 -10:00
Matt Corallo
8ad1a38b5b Move js files around for libtextsecure split 2015-01-14 09:35:57 -10:00
Renamed from js/crypto.js (Browse further)