matrix/matrix-js-sdk
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-js-sdk.git synced 2025-12-19 10:22:30 +03:00
Code Activity
1,462 Commits 241 Branches 517 Tags
ed1673c66cfd684ec6cee459886750b605e30f1c
Commit Graph

55 Commits

Author SHA1 Message Date
Richard van der Hoff
ed1673c66c Remove dead _sendPingToDevice function 
This is no longer used; remove it.
 2016-12-14 12:38:33 +00:00
Richard van der Hoff
739e94302d fix test fail 2016-12-08 18:06:22 +00:00
Richard van der Hoff
e54541aecf e2e: Wait for pending device lists 
When we send a megolm message, wait for any existing key download to complete.
 2016-12-08 16:37:29 +00:00
Richard van der Hoff
89ced19874 E2E: Download our own devicelist on startup 
Make sure we get a list of our own devices when starting a new client.

Fixes https://github.com/vector-im/riot-web/issues/2676.
 2016-12-06 17:09:21 +00:00
Richard van der Hoff
ce71de0d78 Improve decryption error messages 
Attempt to make the decryption errors less obscure
 2016-11-24 14:51:35 +00:00
Richard van der Hoff
aefdacc566 Merge pull request #297 from matrix-org/rav/better_new_device_handling 
Avoid a packetstorm of device queries on startup
 2016-11-17 17:42:51 +00:00
Richard van der Hoff
036d1da013 Avoid a packetstorm of device queries on startup 
Two main changes here:
 * when we get an m.new_device event for a device we know about, ignore it
 * Batch up the m.new_device events received during initialsync and spam out
   all the queries at once.
 2016-11-17 16:23:24 +00:00
Richard van der Hoff
766e837775 Factor out ensureOlmSessionsForDevices 
... and move to olmlib
 2016-11-16 21:21:57 +00:00
Richard van der Hoff
851b33aac2 distinguish unknown users from deviceless users 
Fixes https://github.com/vector-im/vector-web/issues/2275
 2016-11-16 18:05:41 +00:00
Richard van der Hoff
1a03e534bd Refactor decryption 
Create the MatrixEvent wrapper before decryption, and then pass that into the
decryptors, which should update it.

Also remove the workaround that sends m.new_device messages when we get an
unknown session; it's just a bandaid which is obscuring more meaningful
problems.
 2016-11-14 15:13:02 +00:00
Richard van der Hoff
e623b539c4 persist DecryptionAlgorithm instances 
It's useful to be able to keep state between events in the DecryptionAlgorithm,
so store them in a map.
 2016-11-14 15:13:02 +00:00
Mark Haines
777ef83378 Merge remote-tracking branch 'origin/develop' into markjh/encrypted_voip 2016-11-10 19:44:42 +00:00
Mark Haines
24283dcbd5 Encrypt all events, including 'm.call.*' 2016-11-10 19:42:16 +00:00
Richard van der Hoff
e173d822e8 Log to the console on unknown session 
This might help diagnose Erik/Matthew's comms breakdown.
 2016-11-07 18:57:09 +00:00
Richard van der Hoff
a4f192bc88 Sign one-time keys, and verify their signatures 
We have decided that signing one-time keys is the lesser of two evils;
accordingly, use a new key algorithm type (`signed_curve25519`), sign the
one-time keys that we upload to the server, and verify the signatures on those
we download.

This will mean that develop won't be able to talk to master, but hey, we're in
beta.
 2016-10-21 12:24:19 +01:00
Richard van der Hoff
19c257703c Rotate megolm sessions 
In order to mitigate backward-secrecy concerns, make sure that we rotate the
outbound megolm session at regular intervals (every week/100 msgs by default).
 2016-10-20 15:42:06 +01:00
Richard van der Hoff
7a7f345f28 Merge pull request #239 from matrix-org/rav/fix_unknown_key 
Check recipient and sender in Olm messages
 2016-10-19 11:44:48 +01:00
Richard van der Hoff
b5c7c700d5 Check recipient and sender in Olm messages 
Embed the sender, recipient, and recipient keys in the plaintext of Olm
messages, and check those fields on receipt.

Fixes https://github.com/vector-im/vector-web/issues/2483
 2016-10-19 11:24:59 +01:00
Richard van der Hoff
aafb1ffdef Consistency checks for E2E device downloads 
Check that the user_id and device_id in device query responses match those that
we expect.

This resolves an unknown-key attack whereby Eve can re-sign Bob's keys with her
own key, thus getting Alice to send her messages which she can then forward to
Bob, making Bob think that Alice sent the messages to him.
 2016-10-18 13:40:13 +01:00
Richard van der Hoff
faff057592 crypto: remove duplicate code 
Only call SessionStore.storeEndToEndDevicesForUser once per user, rather than
once per device.

(Probably also fixes a bug where, when a user removes all devices, the store
isn't updated)
 2016-09-30 09:17:54 +01:00
Richard van der Hoff
1a3ee28d01 Log when we get an oh_hai message 2016-09-21 17:07:40 +01:00
Richard van der Hoff
669aecf4e6 E2E: Fix NPE in getEventSenderDeviceInfo 2016-09-21 15:05:27 +01:00
Richard van der Hoff
832559926f Fix the ed25519 key checking 
Finish plumbing in the Ed25519 key checks. Make sure we store the claimed key
correctly in the megolm sessions, and keep them as a separate field in
MatrixEvent rather than stuffing them into _clearEvent
 2016-09-20 20:42:08 +01:00
Richard van der Hoff
83bd420cd5 Return null from decryptEvent if session is unknown 
This just makes the shape of the API a bit saner.
 2016-09-20 20:39:40 +01:00
Richard van der Hoff
78a0aa5d47 Add MatrixClient.getEventSenderDeviceInfo() 
- a function to get information about the device which sent an event
 2016-09-20 20:39:16 +01:00
Matthew Hodgson
9e57a9352a Merge pull request #212 from matrix-org/rav/get_devicelist_on_join 
Pull user device list on join
 2016-09-17 19:21:17 +01:00
Richard van der Hoff
f2e10e030d Unknown sessions: send oh_hai to all devices if device_id is unknown 2016-09-17 19:07:03 +01:00
Richard van der Hoff
266b7afc72 Fix sending of oh_hais on bad sessions 
Fix a bunch of bugs in the code which tried to send an oh_hai message when we
got a message with an unknown megolm session.
 2016-09-17 18:30:12 +01:00
Richard van der Hoff
a15dffbb3a Pull user device list on join 
When a new user joins a room, make sure we download their device list if we
don't already have it.

This should fix at least one cause of
https://github.com/vector-im/vector-web/issues/2249.
 2016-09-17 17:44:15 +01:00
Matthew Hodgson
425f862cf8 Merge pull request #205 from matrix-org/markjh/megolm 
Update the olm library version to 1.3.0
 2016-09-16 17:30:26 +01:00
Mark Haines
5d6256bede Merge pull request #209 from matrix-org/markjh/comment_upload_key 
Comment what the logic in uploadKeys does
 2016-09-16 16:34:37 +01:00
Mark Haines
ff5b923e6f Spelling: s/cliamed/claimed/ 2016-09-16 16:31:00 +01:00
Mark Haines
af7a9a68b8 Merge pull request #210 from matrix-org/markjh/echo_keys_proved 
Include keysProved and keysClaimed in the local echo for events we send.
 2016-09-16 15:45:22 +01:00
Mark Haines
3bc56cf3f8 More comments on the local echo 2016-09-16 15:36:56 +01:00
Mark Haines
c2a40572a5 Include keysProved and keysClaimed in the local echo for events we send. 2016-09-16 15:30:22 +01:00
Mark Haines
ee7d4d0521 Explain what happens to the old keys in olm 2016-09-16 14:43:22 +01:00
Mark Haines
6ab410ef6a Comment what the logic in uploadKeys does 2016-09-16 14:38:26 +01:00
Mark Haines
460f20a4ce Merge pull request #207 from matrix-org/markjh/variable_scoping 
Reset oneTimeKey to null on each loop iteration.
 2016-09-16 11:23:58 +01:00
Mark Haines
9a98c3991a Reset onTimeKey to null on each loop iteration. 
Otherwise we will use a value from a previous iteration of the loop.
 2016-09-16 10:44:25 +01:00
Matthew Hodgson
2765720b76 unbreak NPE where megolm's decryptEvent doesn't return a result 2016-09-15 20:09:41 +01:00
Mark Haines
71f23ffce1 Merge branch 'develop' into markjh/megolm 
Conflicts:
	lib/crypto/algorithms/megolm.js
 2016-09-15 17:10:02 +01:00
Mark Haines
bde6a171f6 Add getKeysProved and getKeysClaimed methods to MatrixEvent. 
These list the keys that sender of the event must have ownership
of and the keys of that the sender claims ownership of.

All olm and megolm messages prove ownership of a curve25519 key.
All new olm and megolm message will now claim ownership of a
ed25519 key.

This allows us to detect if an attacker claims ownership of a curve25519
key they don't own when advertising their device keys, because when we
receive an event from the original user it will have a different ed25519 key
to the attackers.
 2016-09-15 16:26:43 +01:00
Mark Haines
2fbef8638f Fix grammar 2016-09-15 14:43:23 +01:00
Mark Haines
355b728a57 Remove unnecessary semicolon; 2016-09-15 14:23:30 +01:00
Mark Haines
35d99564c1 Rate limit the oh hai pings 2016-09-15 14:07:40 +01:00
Mark Haines
d02c205910 Rename the "content" variable to avoid shadowing 2016-09-15 11:46:49 +01:00
Mark Haines
38681202dc Add olm version to client. Add semicolons. 2016-09-14 20:03:31 +01:00
Mark Haines
0d20a0acf0 Add a test to check that we have the right version of Olm 2016-09-14 19:59:32 +01:00
Mark Haines
72a4b92022 Send a 'm.new_device' when we get a message for an unknown group session 
This should reduce the risk of a device getting permenantly stuck unable
to receive encrypted group messages.
 2016-09-14 19:16:24 +01:00
Mark Haines
f0274f3f26 Wrap the crypto event handlers in try/catch blocks 2016-09-12 11:44:31 +01:00