Commit Graph

21 Commits

Author SHA1 Message Date
Andrea Maria Piana 38e5335e18
Allow messages to be decrypted from previous bundles (#1400)
Currently we only decrypt messages if received on the current bundle.
This changes the behavior so that messages can be decrypted if sent to
previous bundles as well, as otherwise is a bit restrictive
2019-02-28 13:09:43 +01:00
Andrea Maria Piana 81d8ca82a2
Add confirm messages processed by ID (#1375)
Currently PFS messages are decrypted and therefore modified before being
passed to the client. This make IDs computation difficult, as we pass
the whole object to the client and expect the object be passed back once
confirmed.
This changes the behavior allowing confirmation by ID, which is passed
to the client instead of the raw object.
This is a breaking change, but status-react is already forward
compatible.
2019-02-19 13:58:42 +01:00
Andrea Maria Piana 2a4382369a
Add GetContactCode call, add DH flag (#1367)
This PR does a few things:

1) Add a call GetContactCode to check whether we have a bundle for a
given user.

2) Add a DH flag to the API (non-breaking change), for those messages
that we want to target all devices (contact-requests for example).

3) Fixes a few small issues with installations, namely if for example a
messages is sent without a bundle (currently not done by any client),
we still infer installation info, so that we can communicate securely
and making it truly optional.
2019-02-12 12:07:13 +01:00
Andrea Maria Piana 2df5422337
Add backward compatibility for single bundle (#1355)
We change the protocol to accomodate publishing multiple bundles, in
order to propagate bundles for group chats and have a way to extend it
further.
This commit re-introduces backward compatibility for direct messages,
to be removed once that is not an issue anymore.
2019-01-21 12:33:18 +01:00
Andrea Maria Piana ad51c019e8
Fix broken migration (#1354)
The migration from unencrypted->encrypted did not work properly, it was
deleting and re-creating the database. This correctly migrates the db.
2019-01-19 08:30:05 +01:00
Roman Volosovskyi :: Darkviolet Lightgreen Halcyon d6216f1aa4 [slow sign in] Reduce number of kdf iterations for PDF database key (#1343)
`kdf_iter` parameter is reduced to 3200. This change is done because of
performance reasons, currently key derivation is too slow on some mobile
devices. The number of iterations before this commit is 64000, default
value in `sqlcipher` from version `3.0.0`.
fda4c68bb4/CHANGELOG.md (300---2013-11-05)

Implementation:
`sqlcipher_export` is used for migration, check out the link below
for details
https://www.zetetic.net/sqlcipher/sqlcipher-api/#sqlcipher_export
2019-01-11 11:12:23 +01:00
Andrea Maria Piana 3292538b41
Allow multiple bundles, change n devices & bundle refresh (#1331)
Change to support sending multiple bundles, as needed for group chats,
limit number of devices to 3 as already done in the UI and refresh
bundle daily.
2018-12-21 11:07:25 +01:00
Andrea Maria Piana 79bf92bea5
Allow specify topic in rpc endpoint (#1328) 2018-12-18 16:27:12 +01:00
Andrea Maria Piana b676de9dac
Hash password before using it (#1306) 2018-12-10 14:11:19 +01:00
Andrea Maria Piana afc3017e07
Notify user when the device is missing (#1298)
* Notify user when the device is missing

* Update services/shhext/chat/encryption.go

Co-Authored-By: cammellos <andrea.maria.piana@gmail.com>
2018-12-05 09:22:49 +01:00
Andrea Maria Piana 38bb4d8ef3
Add versioning & tests, migrate db files (#1293)
We are preparing for the release of this to general public, so a few
things have been added:

1) Add versioning for bundles, and make refresh interval configurable
2) Move files to installationID so no metadata is leaked
3) Re-key using user password db
2018-11-28 12:34:39 +01:00
Andrea Maria Piana 6112ca0289
Add tests for multi-device and refactor encryption service config (#1277) 2018-11-27 09:54:20 +01:00
Andrea Maria Piana 1f6cccd0fc
Add enabling/disabling of installations (#1264)
This commit adds a list new table, installations, which is used to keep
track of which installation are active for a given identity key.

In general, we limit the number of installation that we keep
synchronized to 5, to avoid excessive usage of resources.

Any installation coming from our own identity, will have to be manually
enabled, otherwise we trust the other peer has correctly paired their
devices.

We use a timestamp to decide which installations to keep synchronized as
a logical clock would have make the creation of the bundle more
complicated, but this can always be converted to a logical clock at
later stages without breaking compatibility.
2018-11-06 09:05:32 +01:00
Andrea Maria Piana ee3c05c79b
Change handling of skipped/deleted keys & add version (#1261)
- Skipped keys

The purpose of limiting the number of skipped keys generated is to avoid a dos
attack whereby an attacker would send a large N, forcing the device to
compute all the keys between currentN..N .

Previously the logic for handling skipped keys was:

- If in the current receiving chain there are more than maxSkip keys,
throw an error

This is problematic as in long-lived session dropped/unreceived messages starts
piling up, eventually reaching the threshold (1000 dropped/unreceived
messages).

This logic has been changed to be more inline with signals spec, and now
it is:

- If N is > currentN + maxSkip, throw an error

The purpose of limiting the number of skipped keys stored is to avoid a dos
attack whereby an attacker would force us to store a large number of
keys, filling up our storage.

Previously the logic for handling old keys was:

- Once you have maxKeep ratchet steps, delete any key from
currentRatchet - maxKeep.

This, in combination with the maxSkip implementation, capped the number of stored keys to
maxSkip * maxKeep.

The logic has been changed to:

- Keep a maximum of MaxMessageKeysPerSession

and additionally we delete any key that has a sequence number <
currentSeqNum - maxKeep

- Version

We check now the version of the bundle so that when we get a bundle from
the same installationID with a higher version, we mark the previous
bundle as expired and use the new bundle the next time a message is sent
2018-11-05 20:00:04 +01:00
Andrea Maria Piana 22eb53ea8c shhext: increase max skip keys (#1257) 2018-10-26 10:44:10 +02:00
Ivan Daniluk e7c588fcd0
Change API of BuildDirectMessage function to use variadic arguments (#1243) 2018-10-16 17:22:28 +02:00
Andrea Maria Piana e4ba365b8a
Add bundles.added signal & pairing endpoint (#1237) 2018-10-16 12:31:05 +02:00
Andrea Maria Piana 9f8f0089a3
Add extract group membership signatures (#1226) 2018-10-04 18:53:48 +02:00
Dmitry 5b551c67fa Use status-im whisper/whisperv6 module everywhere 2018-10-03 09:27:51 +03:00
Andrea Maria Piana b309718fdc
Add sign & verify api calls (#1218) 2018-09-27 15:07:32 +02:00
Andrea Maria Piana dcaf8caed0
Add x3dh key exchange (#1127)
* Add x3dh key exchange

* Encrypt using the double ratchet

* Multi device with auto-pairing

* Add pfs enabled flag
2018-09-24 20:07:34 +02:00