First draft of OMEMO #1256
Draft
First draft of OMEMO #1256
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sending not implemented yet; Receiving works only if user subscription was granted. The way the OMEMO API and our own application is designed, it's not easy to build something abstracted following the Coder interface. But since Smack 4.4 will dismantle the current OMEMO API... Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Actually it's not just because of OMEMO, the aim here is to create a more clear abstraction for encrypting/decrypting. Signed-off-by: Daniele Ricci <[email protected]>
[skip ci] Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Also update security flags of a message when falling back to basic encryption Signed-off-by: Daniele Ricci <[email protected]>
Codecov Report
@@ Coverage Diff @@
## master #1256 +/- ##
===========================================
- Coverage 1.70% 1.68% -0.02%
Complexity 113 113
===========================================
Files 359 357 -2
Lines 25143 25330 +187
Branches 3267 3297 +30
===========================================
Hits 428 428
- Misses 24666 24853 +187
Partials 49 49
Continue to review full report at Codecov.
|
Also move TRUST_* constants to Keyring Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
[skip ci] Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Because of the way smack-omemo is designed, processing and decryption can't be separated, so a few dirty tricks were put in place to make this work. Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
And a few optimizations. Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
# Conflicts: # app/src/main/java/org/kontalk/ui/GroupInfoFragment.java
# Conflicts: # app/src/main/java/org/kontalk/crypto/PGPCoder.java # app/src/main/java/org/kontalk/provider/Keyring.java # app/src/main/java/org/kontalk/service/msgcenter/DiscoverInfoListener.java # app/src/main/java/org/kontalk/service/msgcenter/DiscoverItemsListener.java # app/src/main/java/org/kontalk/service/msgcenter/MessageCenterService.java # app/src/main/java/org/kontalk/service/msgcenter/PushDiscoverItemsListener.java # app/src/main/java/org/kontalk/util/MessageUtils.java
Signed-off-by: Daniele Ricci <[email protected]>
# Conflicts: # app/src/androidTest/java/org/kontalk/provider/UsersProviderTest.java # app/src/main/java/org/kontalk/data/Contact.java
Signed-off-by: Daniele Ricci <[email protected]>
Sorry people, I missed this... Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
# Conflicts: # app/src/main/java/org/kontalk/data/Contact.java # app/src/main/java/org/kontalk/service/msgcenter/MessageCenterService.java # app/src/main/java/org/kontalk/service/msgcenter/MessageListener.java # app/src/main/java/org/kontalk/service/msgcenter/RegenerateKeyPairListener.java # app/src/main/java/org/kontalk/sync/Syncer.java # app/src/main/java/org/kontalk/util/MessageUtils.java
Signed-off-by: Daniele Ricci <[email protected]>
Signed-off-by: Daniele Ricci <[email protected]>
Brings Java to 1.8 and minimum API level to 19 Signed-off-by: Daniele Ricci <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A first very draft implementation of OMEMO, trying to fullfil #132.
The OMEMO model (in Smack) requires authentication to be handled tightly with encryption, so our current abstractions and separation between encryption and authentication struggles to work with smack-omemo.
I would rather not tighten Keyring with Coder, instead I would leave it to the higher functions (MessageCenter and UI stuff). Blind Trust Before Verification might be harder to do in a transparent way for the Coder interface, unless it's done in a separate manner (e.g. when receiving key bundles for users, through some listeners. Also PGP trust changes can be a trigger to trust or distrust OMEMO devices).
OMEMO doesn't support stanza encryption yet (only the body is encrypted), therefore group messages will leak group metadata to servers and to unauthorized parties. Same thing with non-body parts of the message (chat state, attachments). HTTP-uploaded attachments will still be encrypted with OpenPGP.
The current prototype uses Smack 4.3 which contains an alpha version of the OMEMO modules. The OMEMO API was rewritten in Smack 4.4 which is currently under development and raises Java minimum version to 1.8, which requires Android API 19. Sorry pre-KitKat users :-(
(Some notes on this decision to raise Java and Android versions here: https://discourse.igniterealtime.org/t/smack-android-api-requirements/85767)