1) Migrate from GSON to Jackson everywhere.
2) Add support for storing identity key conflicts on message rows.
3) Add limited support for surfacing identity key conflicts in UI.
1) Change SessionBuilder to only establish sessions via
KeyExchangeMessage and PreKeyBundles.
2) Change SessionCipher to decrypt either WhisperMessage
or PreKeyWhisperMessage items, automatically building
a session for the latter.
3) Change SessionCipher to tear down new sessions built
with PreKeyWhisperMessages if the embedded WhsiperMessage
fails to decrypt.
1) Use the new /v2/keys API for storing/retrieving prekey bundles.
2) For sessions built with PreKeyBundle and PreKeyWhisperMessage,
use a v3 ratcheting session when available.
1) Add plain two-way key exchange support libaxolotl by moving
all the KeyExchangeMessage code there.
2) Move the bulk of KeyExchangeProcessor code to libaxolotl
for setting up sessions based on retrieved prekeys, received
prekeybundles, or exchanged key exchange messages.
1) Break the core cryptography functions out into libaxolotol.
2) The objective for this code is a Java library that isn't
dependent on any Android functions. However, while the
code has been separated from any Android functionality,
it is still an 'android library project' because of the
JNI.
1) Modify SessionRecord to store a list of "previous" sessions
in addition to the current active session. Previous sessions
can be used for receiving messages, but not for sending
messages.
2) When a possible "simultaneous initiate" is detected, push the
current session onto the "previous session" stack instead of
clearing it and starting over.
3) Additionally, mark the new session created on a received
possible "simultaneous initiate" as stale for sending. The
next outgoing message would trigger a full prekey refresh.
4) Work to do: outgoing messages on the SMS transport should
probably not use the existing session if it's marked stale
for sending. These messages need to fail and notify the user,
similar to how we'll handle SMS fallback to push users before
a prekey session is created.
1) On the push side, this message is a flag in PushMessageContent.
Any secure message with that flag will terminate the current
sessin.
2) On the SMS side, there is an "end session" wire type and
the convention that a message with this wire type must be
secure and contain the string "TERMINATE."
1) At registration time, a client generates a random ID and
transmits to the the server.
2) The server provides that registration ID to any client
that requests a prekey.
3) Clients include that registration ID in any
PreKeyWhisperMessage.
4) Clients include that registration ID in their sendMessage
API call to the server.
5) The server verifies that the registration ID included in
an API call is the same as the current registration ID
for the destination device. Otherwise, it notifies the
sender that their session is stale.
1) In addition to the Recipient interface, there is now
RecipientDevice. A Recipient can have multiple corresponding
RecipientDevices. All addressing is done to a Recipient, but
crypto sessions and transport delivery are done to
RecipientDevice.
2) The Push transport handles the discovery and session setup
of additional Recipient devices.
3) Some internal rejiggering of Groups.
1) Move the attachment structures into the encrypted message body.
2) Encrypt attachments with symmetric keys transmitted in the
encryptd attachment pointer structure.
3) Correctly handle asynchronous decryption and categorization of
encrypted push messages.
TODO: Correct notification process and network/interruption
retries.
1) Added SMS transport support.
2) Keep track of whether a PreKeyBundle message has gotten
a response, and send them as subsequent messages until
one has been received.
1) Move all the crypto classes from securesms.crypto.
2) Move all the crypto storage from securesms.database.keys
3) Replace the old imported BC code with spongycastle.
Not really sure how it's possible for the system to give us an
extra block of data, but it does if both the input and output
buffers are sized the same during the first decrypt. This
fixes things, but I wish I better understood why it was broken.
1) Fixed the "Unsupported Encoding!" problem.
2) Workaround for the Sprint issue, where the MMSC is adding a single
extra byte to the end of each encrypted message.
3) Fixed the "large blob of base64 text" on encrypted MMS problem.
1) There is no longer a concept of "verified" or "unverified."
Only "what we saw last time" and "different from last time."
2) Let's eliminate "verify session," since we're all about
identity keys now.
3) Mark manually processed key exchanges as processed.
1) We now try to hand out cursors at a minimum. There has always been
a fairly clean insertion layer that handles encrypting message bodies,
but the process of decrypting message bodies has always been less than
ideal. Here we introduce a "Reader" interface that will decrypt message
bodies when appropriate and return objects that encapsulate record state.
No more MessageDisplayHelper. The MmsSmsDatabase interface is also more
sane.
2) We finally rid ourselves of the technical debt associated with TextSecure's
initial usage of the default SMS DB. In that world, we weren't able to use
anything other than the default "Inbox, Outbox, Sent" types to describe a
message, and had to overload the message content itself with a set of
local "prefixes" to describe what it was (encrypted, asymetric encrypted,
remote encrypted, a key exchange, procssed key exchange), and so on.
This includes a major schema update that transforms the "type" field into
a bitmask that describes everything that used to be encoded in a prefix,
and prefixes have been completely eliminated from the system.
No more Prefix.java
3) Refactoring of the MultipartMessageHandler code. It's less of a mess, and
hopefully more clear as to what's going on.
The next step is to remove what we can from SmsTransportDetails and genericize
that interface for a GCM equivalent.
Yet another setting that most users will never touch. Workaround for
those who would is to use a different identity key per device.
Let this be a sacrifice to the android settings design pattern gods.
1) Update the create, prompt, and change passphrase activities.
They are no longer dialog themed, and should look a little
less ugly.
2) Update the import DB activity to be less ugly and more robust.
3) Abstract all of the state handling stuff out of
ConversationListActivity. This is now handled by RoutingActivity,
which all launch intents move through.
1) Refactor the master secret reset logic to properly interact with
services.
2) Add support for "BigText" and "Inbox" style notifications.
3) Decrypt message bodies when unlocked, display 'encrypted' when
locked.
1) Refactor recipient class to support asynchronous loading operations.
2) Refactor recipient factory to simplify recipient access.
3) Consoliate everything into one recipient provider that is capable of
doing async lookups and intelligent caching.
Mostly, the inheritance graph for MessageRecord/MmsMessageRecord was
all messed up, and each class was overloaded for things it shouldn't
have been.
1) Broke MessageRecord/MmsMessageRecord up into: DisplayRecord, ThreadRecord,
MessageRecord, SmsMessageRecord, NotificationMmsMessageRecord, and
MediaMmsMessageRecord.
2) Updated all the adapters/views to keep pace with that change.
1) Change all instances which use concatenation to build strings
with variables in them to use string formatting instead.
2) Extract all string literals from layouts and menus into strings.xml
3) Extract all string literals from code into strings.xml
1) Move to Fragments for the list view.
2) Switch to CursorLoader from my jankey self-managed cursor.
3) Add session security logic to the ActionBar.
4) Fix colors to be less ugly.