eliott/libsignal
1
0
Fork 0
mirror of https://github.com/signalapp/libsignal.git synced 2026-05-09 00:22:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,305 Commits 4 Branches 250 Tags
ca28564e0b657e6caaeda97ea6a82a62cceed29a
Commit Graph

241 Commits

Author SHA1 Message Date
moiseev-signal
ca28564e0b java: Address deprecation warning in Curve25519Test 2025-07-16 11:26:31 -07:00
Jordan Rose
a410849578 crypto: Add a stripped-down HPKE API for our Curve25519 keys 2025-07-15 16:17:23 -07:00
andrew-signal
a323900858 Refactor so tests generate legacy key format encrypted file; client tests can use that. 2025-07-15 13:16:06 -04:00
andrew-signal
36797e6eca Update MessageBackupKey derivation logic to use nonce if provided 2025-07-09 13:57:09 -04:00
moiseev-signal
4d187d2452 ci: Run proxy tests in Slow Tests workflow 2025-07-02 13:25:57 -07:00
Alex Bakon
a7f823771f Combine CreateSession push_token, push_token_type 
These fields should always be present or absent together.
 2025-06-26 17:19:05 -07:00
moiseev-signal
f395e1cb7d java: Make CertificateValidator inheritable for tests 2025-06-25 15:19:36 -07:00
Jordan Rose
8070d6a4e6 Send Accept-Language when connecting a chat socket 2025-06-25 13:16:37 -07:00
Jordan Rose
9a468837b8 java: Clean up javadoc issues 2025-06-24 09:56:18 -07:00
Jordan Rose
841f57c30f Move (RegistrationSessionState)RequestedInformation -> ChallengeOption 2025-06-23 10:37:55 -07:00
Alex Bakon
56c63a4838 Refactor registration errors on existing types 2025-06-20 17:14:52 -04:00
Jordan Rose
2879220e93 Require Kyber keys/ciphertexts throughout all XDH APIs 2025-06-13 16:06:07 -07:00
Alex Bakon
02b786b07e Limit device ID to the range 1-127 
This is already required for sealed sender messages and enforced by the server.
 2025-06-13 14:18:16 -04:00
Jordan Rose
5001df1ee4 Kotlin: use explicitApi() mode 2025-06-13 10:27:37 -07:00
Alex Bakon
881b3a4c8e Port some Java classes to Kotlin 2025-06-12 18:24:15 -04:00
Alex Bakon
a32aca9bce Remove Java Curve class 2025-06-12 17:24:31 -04:00
Alex Bakon
3c89a5fa07 Colocate Kotlin sources with Java 2025-06-12 16:00:05 -04:00
moiseev-signal
beebd1cd20 keytrans: Add example usage for Java bridge 2025-06-11 16:35:42 -07:00
Jordan Rose
a280bc6555 Resolve an age-old X3DH test inconsistency 
This known-answer test was originally ported over from
libsignal-protocol-java, but did not produce the same results. Why?
Because one of the private keys chosen by libsignal-protocol-java for
its test was unclamped, while libsignal-the-Rust-implementation always
clamps private keys as part of deserialization, not just generation.
Consequently, the public key didn't actually correspond to the private
key according to our modern libsignal.

Rather than try to line up exactly with what libsignal-protocol-java
was coincidentally doing, this commit clamps the private key, computes
the resulting public key, and verifies a new
consistent-between-both-sides outcome.
 2025-06-10 16:20:08 -07:00
Jordan Rose
f40d20a72f Add CompletableFuture.await() helper for Kotlin clients 
Test it by porting several tests from FutureTest.java to Kotlin and
using Kotlin idioms for awaiting and cancellation.
 2025-06-05 12:34:15 -07:00
gram-signal
b7b8040e3a Integrate post-quantum ratchet SPQR. 
This PR integrates a post-quantum ratchet (SPQR) into libsignal, using an API that maintains its own internal chain and provides per-message keys.  In doing so, it also aims to be fully backwards-compatible with current clients and stored session state.

## Backwards compatibility with current clients

Remote clients that connect to us or that we connect to may not have this integration.  If they don't, their SignalMessage wire format should still deserialize, and in doing so we'll receive an empty pq_ratchet field.  SQPR handles this internally, by downgrading the protocol version to "version 0" or "don't do anything".  Note that should we eventually want to disallow this, we can do so via increasing the `min_version` field passed into the SQPR init functions to V1.  This is also the method by which we would upgrade SQPR from v1 to a future v2, etc.

## Opt-in

The publicly facing API calls for this now expose an explicit opt-in via a passed-in `use_pq_ratchet` bool (and associated enums in language-specific APIs).  If false, they default to SQPR `v0`, IE: none.  If true, they try to set up SPQR on new sessions, but will downgrade if the remote party cannot or will not do the same.
 2025-06-04 11:18:12 -07:00
Alex Bakon
033abcf96f Support checking Java @CalledFromNative annotation 2025-06-02 13:02:41 -04:00
moiseev-signal
bf096c449d keytrans: Improve errors 2025-05-30 16:00:06 -07:00
Alex Bakon
e760168a51 Fixup registration service code and improve docs 2025-05-21 12:16:59 -04:00
Alex Bakon
19e85b08dc Mark chat Response as constructed from native code 2025-05-21 12:10:06 -04:00
Jordan Rose
0e1ec3909b bridge: Require that PreKeyBundles have Kyber pre-keys 
Support for starting sessions with pre-quantum X3DH has been removed
from Swift, Java, and TypeScript. PQXDH will be required going
forward.
 2025-05-19 12:25:53 -07:00
moiseev-signal
a823fd4a14 keytrans: Remove SearchResult type 2025-05-16 11:33:31 -07:00
andrew-signal
eaa32e1b4c Bridge CompletableFuture Cancellation to Android 2025-05-16 11:23:37 -04:00
Alex Bakon
5f56145e74 Bridge re-register account function 2025-05-15 16:00:29 -04:00
moiseev-signal
ef5356ba3b Java: avoid calling InputStream#readAllBytes in a test 2025-05-14 09:55:22 -04:00
Michelle Tang
f1142dbebd Java: Improve incremental MAC InputStream implementation 
Co-authored-by: Max Moiseev <moiseev@signal.org>
 2025-05-13 12:46:12 -07:00
Alex Bakon
b95359ced8 Allow using registration client to check SVR2 credentials 2025-05-01 08:51:00 -04:00
Alex Bakon
0871f06fc7 Use Base64 util class in test 2025-04-30 16:26:44 -04:00
Jordan Rose
d58f237b4a net: Require TLS 1.3 for Signal-provided services and 1.2 for Cloudflare DoH 
Co-authored-by: andrew-signal <andrew@signal.org>
 2025-04-30 07:08:17 -05:00
Alex Bakon
890ac9e006 Enable account registration via Java registration service client 2025-04-29 13:41:51 -04:00
Alex Bakon
8f1baf561c Use an enum value for IdentityKeyStore.saveIdentity in libraries 2025-04-25 12:52:58 -04:00
Alex Bakon
e0e79e567c Bridge register account error to Java 2025-04-25 10:33:12 -04:00
Alex Bakon
b749afc059 Bridge RegisterAccountResponse to Java 2025-04-22 14:30:14 -04:00
Alex Bakon
a8d4849c9e Add Java type for public parts of a signed prekey 2025-04-21 16:29:56 -04:00
Alex Bakon
f0b83376e4 Don't bridge SessionRecord test-only code in real .so 2025-04-18 15:06:32 -04:00
Alex Bakon
a88a1b873e Accept languages list for SMS/call verification 2025-04-11 16:57:04 -04:00
Alex Bakon
0d916d3aa0 Bridge registration client to Java 2025-04-09 18:57:07 -04:00
Alex Bakon
5d7ce2d165 Remove app language code marked as deprecated 2025-04-09 15:41:35 -04:00
gram-signal
23e65e4bbe Add in new CDSI enclave, now with Kyber in Noise handshake. 2025-04-04 11:58:01 -07:00
Jordan Rose
5563e4d277 net: Add "remote config" string-to-string map to Net/ConnectionManager 
This can be set at creation time as well as updated later without
recreating the Net instance.
 2025-04-03 15:16:35 -07:00
andrew-signal
0a6376525f Implement ConnectionInvalidated and ConnectedElsewhere Disconnection Reasons 2025-04-02 15:06:37 -04:00
Alex Bakon
d13bc958e2 Remove fallback CDSI connect code 2025-04-02 13:39:38 -04:00
Jordan Rose
682c6e1746 java: Make sure to close InputStreams created by libsignal 2025-03-25 13:02:04 -07:00
Alex Bakon
8756d1ab1d Java: inherit from NativeHandleGuard.SimpleOwner 2025-03-21 16:56:40 -04:00
Alex Bakon
c08602eebe Enable creating a fake unauthenticated chat connection 2025-03-20 08:18:25 -04:00