mirrors
/
olm
mirror of https://git.matrix.org/git/olm.git
1
0
Fork 0
Code Issues Releases Wiki Activity
312 Commits
42 Branches
39 Tags
4.4 MiB
Commit Graph

312 Commits (0a7d4e35ccee89c34adeb03b112d243a27326fda)

Author SHA1 Message Date
Mark Haines 0a7d4e35cc Reword and s/message index/ratchet index/ 2016-10-21 15:44:53 +01:00
Mark Haines 8c4a11a92d Document the potential for message replays and possible mitigations 2016-10-21 15:13:20 +01:00
Mark Haines 5a98012c0d Merge pull request #31 from matrix-org/markjh/groupmessageindex 
Return the message index when decrypting group messages.
 2016-10-21 09:57:42 +01:00
Mark Haines 9a8d2d15d9 Check the message index in the tests 2016-10-20 11:51:56 +01:00
Richard van der Hoff 65b3345317 Merge branch 'master' 2016-10-20 11:43:41 +01:00
Richard van der Hoff 68d98234e1 Merge pull request #30 from matrix-org/rav/misc_docs 
Add notes on limitations to megolm spec
 2016-10-20 11:42:09 +01:00
Mark Haines 3091dc2b1d Add NULL check for message_index pointer 2016-10-20 11:35:45 +01:00
Mark Haines 653790eacb Return the message index when decrypting group messages. 
Applications can use the index to detect replays of the same message.
 2016-10-20 09:58:55 +01:00
Richard van der Hoff 5f1b93bd0f s/ephemeral/one-time/ in olm spec 
We're standardising on 'one-time keys' as a term for the thing that Bob uploads
for prekey messages.
 2016-10-19 19:18:58 +01:00
Richard van der Hoff df04cd509a Add notes on limitations to megolm spec 2016-10-19 19:16:23 +01:00
Richard van der Hoff 23fdc0b0f9 Link to the megolm spec 2016-10-19 19:14:18 +01:00
Richard van der Hoff d48dc81976 Document the unknown key-share attacks and mitigation (#29) 2016-10-19 17:27:24 +01:00
Richard van der Hoff 351b26fa6e Merge pull request #28 from matrix-org/rav/fix_megolm_segfault 
Fix a buffer bounds check when decoding group messages
 2016-10-19 15:21:07 +01:00
Richard van der Hoff 780203b054 Merge pull request #27 from matrix-org/rav/fuzzers_readme 
Add a README for the fuzzers
 2016-10-19 15:20:54 +01:00
Richard van der Hoff 1ff64391ed Fix a buffer bounds check when decoding group messages 
Fixes a segfault when a group message had exactly the length of the mac +
signature.

Also tweak skipping of unknown tags to avoid an extra trip around the loop.
 2016-10-19 15:03:40 +01:00
Richard van der Hoff cada801de5 Add a README for the fuzzers 2016-10-19 14:59:50 +01:00
Matthew Hodgson 38acc352a3 fix missing ctypes function signatures 
These missing signatures were causing OSX to truncate 64-bit pointers
to 32-bit pointers when calling the missing methods, causing segfaults
 2016-10-02 02:50:52 +01:00
Matthew Hodgson 68ec41f8ca s/PCKS/PKCS/ 2016-10-02 00:48:06 +01:00
Matthew Hodgson 63800ad8e6 s/PCKS/PKCS/ 2016-10-02 00:47:29 +01:00
Matthew Hodgson 6d80d934cd typo 2016-09-28 18:49:56 +01:00
Richard van der Hoff 8a8d100ee5 Makefile: install-headers is phony 2016-09-23 12:22:34 +01:00
Emmanuel Gil Peyrot 7c9b2f6395 Add a Makefile rule to install the headers 
Signed-off-by: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
 2016-09-23 12:17:44 +01:00
Richard van der Hoff 6ea9fb450e Merge branch 'rav/megolm_spec' 2016-09-23 11:55:28 +01:00
Richard van der Hoff 4049261867 megolm.rst: link to protobuf spec 2016-09-23 11:54:35 +01:00
Richard van der Hoff 6449c90d81 More review feedback 2016-09-22 18:23:43 +01:00
Richard van der Hoff 97c991ffee Merge branch 'rav/python_fixes' 2016-09-22 16:54:29 +01:00
Richard van der Hoff b411f07df9 InboundGroupSession.init no longer requires a separate message_index 2016-09-22 16:24:03 +01:00
Richard van der Hoff cfcee54a81 Handle non-base64 chars in pickle files 2016-09-22 15:09:40 +01:00
Richard van der Hoff fc6688c4c8 megolm.rst: review feedback 
Split ratchet algorithm out to a separate section.

Also clean up some phrasing and correct a typo or two.
 2016-09-22 13:32:03 +01:00
Richard van der Hoff 182eccc624 megolm.rst: linkify Ed25519 2016-09-22 11:38:33 +01:00
Richard van der Hoff ec91dd4570 Megolm.rst: add Background and footer 2016-09-22 11:35:23 +01:00
Richard van der Hoff c07444d3e6 First stab at a megolm spec 2016-09-22 11:04:19 +01:00
Mark Haines 4106767fd0 Merge pull request #25 from matrix-org/markjh/fix_jenkins 
Fix jenkins.sh
 2016-09-16 17:38:18 +01:00
Mark Haines 8acf8fd367 Fix jenkins.sh 2016-09-16 17:34:21 +01:00
Richard van der Hoff 4ff663a0ae Merge pull request #24 from matrix-org/rav/one_time_keys_comment 
Update comment on olm_account_one_time_keys
 2016-09-16 14:21:15 +01:00
Richard van der Hoff 76aad9d9c3 Update comment on olm_account_one_time_keys 
Document what it actually returns.
 2016-09-16 14:05:48 +01:00
Mark Haines 047927d822 Fix the release instructions 2016-09-14 14:16:51 +01:00
Mark Haines ec7d968623 Changelog and version bump for 1.3.0 2016-09-14 13:55:54 +01:00
Mark Haines 7647555fc7 Make release instructions more C+Pable 2016-09-14 11:48:15 +01:00
Mark Haines 6dfa64342a Fix the group javascript demo 2016-09-14 11:10:05 +01:00
Mark Haines f274adfe24 Merge remote-tracking branch 'matrix/master' 2016-09-13 17:55:21 +01:00
Mark Haines d7bc00c81d Merge pull request #23 from matrix-org/markjh/remove_message_index 
Remove the messsage index from olm_init_inbound_group_session
 2016-09-13 17:54:14 +01:00
Mark Haines 1a50a4b3a0 Merge pull request #22 from matrix-org/markjh/inbound_group_session_id 
Add a olm_inbound_group_session_id method
 2016-09-13 17:54:07 +01:00
Mark Haines a628ef41bd Remove the messsage index from olm_init_inbound_group_session since it is read from the session_key 2016-09-13 17:51:02 +01:00
Mark Haines 71bcaa5d45 Add a test to check the equivalence of session ids for inbound and outbound sessions 2016-09-13 17:15:28 +01:00
Mark Haines 6971f54fea Add a olm_inbound_group_session_id method 2016-09-13 17:02:36 +01:00
Mark Haines e0b51971b7 Merge pull request #21 from matrix-org/markjh/fix_session_ids 
Use the ed25519 public key as the group session id.
 2016-09-13 17:02:12 +01:00
Mark Haines a89a169c89 ``if`` is not the same as ``for`` 2016-09-13 17:00:54 +01:00
Mark Haines 5926a8fd29 Comment on the encoding of the message counter. 2016-09-13 16:45:54 +01:00
Mark Haines d62e344db7 Use the ed22519 public key as the group session id. 
Some clients expect the session id to be globally unique,
so allowing the end devices to pick the session id will cause
problems.

Include the current ratchet index with the initial keys, this decreases
the risk that the client will supply the wrong index causing problems.

Sign the initial keys with the ratchet ed25519 key, this reduces the
risk of a client claiming a session that they didn't create.
 2016-09-13 15:42:47 +01:00