matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-08-13 19:42:25 +03:00
Code Activity
1,336 Commits 250 Branches 494 Tags
b5c7c700d5dba15d77126c82e6d085816f99fff7
Commit Graph

18 Commits

Author SHA1 Message Date
Richard van der Hoff
b5c7c700d5 Check recipient and sender in Olm messages 
Embed the sender, recipient, and recipient keys in the plaintext of Olm
messages, and check those fields on receipt.

Fixes https://github.com/vector-im/vector-web/issues/2483
 2016-10-19 11:24:59 +01:00
Richard van der Hoff
832559926f Fix the ed25519 key checking 
Finish plumbing in the Ed25519 key checks. Make sure we store the claimed key
correctly in the megolm sessions, and keep them as a separate field in
MatrixEvent rather than stuffing them into _clearEvent
 2016-09-20 20:42:08 +01:00
Richard van der Hoff
59411353b1 Add 'keys' to *all* olm messages 
(including ones which just carry megolm keys)
 2016-09-20 20:39:40 +01:00
Richard van der Hoff
83bd420cd5 Return null from decryptEvent if session is unknown 
This just makes the shape of the API a bit saner.
 2016-09-20 20:39:40 +01:00
Richard van der Hoff
6e31319294 Handle lack of one-time keys better 
If a device had run out of one-time keys, we would send it an empty to_device
event, which it would then fail to decrypt with a "Not included in
recipients", which is all a bit pointless.
 2016-09-18 22:58:35 +01:00
Richard van der Hoff
cd0b19f93f Crypto: improve console logs 
Attempt to make the console logs more helpful by reducing noise and adding
helpful debug info.
 2016-09-18 21:55:38 +01:00
Richard van der Hoff
4f22610499 Megolm: clarify jsdoc 
Clarify somewhat misleading jsdoc text
 2016-09-18 13:52:48 +01:00
Richard van der Hoff
a15dffbb3a Pull user device list on join 
When a new user joins a room, make sure we download their device list if we
don't already have it.

This should fix at least one cause of
https://github.com/vector-im/vector-web/issues/2249.
 2016-09-17 17:44:15 +01:00
Matthew Hodgson
a30c816cb6 typo 2016-09-17 15:44:55 +01:00
Mark Haines
71f23ffce1 Merge branch 'develop' into markjh/megolm 
Conflicts:
	lib/crypto/algorithms/megolm.js
 2016-09-15 17:10:02 +01:00
Mark Haines
bde6a171f6 Add getKeysProved and getKeysClaimed methods to MatrixEvent. 
These list the keys that sender of the event must have ownership
of and the keys of that the sender claims ownership of.

All olm and megolm messages prove ownership of a curve25519 key.
All new olm and megolm message will now claim ownership of a
ed25519 key.

This allows us to detect if an attacker claims ownership of a curve25519
key they don't own when advertising their device keys, because when we
receive an event from the original user it will have a different ed25519 key
to the attackers.
 2016-09-15 16:26:43 +01:00
Mark Haines
6f9bb38232 Include our device key in megolm messages 2016-09-15 11:56:56 +01:00
Mark Haines
72a4b92022 Send a 'm.new_device' when we get a message for an unknown group session 
This should reduce the risk of a device getting permenantly stuck unable
to receive encrypted group messages.
 2016-09-14 19:16:24 +01:00
Mark Haines
0cc68bc125 Update the olm library version to 1.3.0 2016-09-14 14:24:21 +01:00
Richard van der Hoff
72b4f270ff Show warnings on to-device decryption fail 
If we can't decrypt a to-device message, show a warning about it, rather than
swallowing the error.
 2016-09-09 12:37:02 +01:00
Richard van der Hoff
1da633e28a Handle new device announcements 
When we see a new device, download its keys, and then add it to the list of
things waiting for a keyshare.
 2016-09-08 14:35:13 +01:00
Richard van der Hoff
cacafb461d Share the current ratchet with new members 
When a new member joins the room, we don't need to reset the megolm session;
instead we can just share the current state with the new user.
 2016-09-08 14:20:54 +01:00
Richard van der Hoff
71c33420f6 Move crypto bits into a subdirectory 
It was getting a bit sprawly; this should help keep things together.
 2016-09-08 09:50:31 +01:00