1. 15 Jan, 2016 1 commit
  2. 14 Jan, 2016 3 commits
  3. 13 Jan, 2016 8 commits
    • Torsten Grote's avatar
      Delete database as panic response even when signed out · c8d0e645
      Torsten Grote authored
      The method `runOnDbThread()` depends on an executor
      that's created by roboguice at startup.
      It requires to be signed in, so use a different thread instead.
      c8d0e645
    • akwizgran's avatar
      Updated Ant build file for briar-tests. · d66677e0
      akwizgran authored
      d66677e0
    • akwizgran's avatar
      Merge branch 'metadata-encoder-parser-tests' into 'master' · 4af52200
      akwizgran authored
      Add tests for metadata encoder and parser as well as UTF-8 tests for BDF reader and writer
      
      This also includes a commit to fix issues found in the metadata encoder and parser.
      
      See merge request !58
      4af52200
    • akwizgran's avatar
      42d1f6de
    • akwizgran's avatar
      Merge branch '213-use-test-annotation' into 'master' · 1a01fc46
      akwizgran authored
      Use @Test annotation to test for exceptions being thrown (#213)
      
      Please note that this commit only uses the @Test annotation
      where exceptions are thrown at the end of the test,
      because otherwise the test would not be executed completely.
      
      Examples for this are in DatabaseComponentImplTest where many exceptions
      are thrown in close succession or in ConnectionRegistryImplTest where an
      exception is thrown in the middle of the test.
      
      Closes #213
      
      See merge request !57
      1a01fc46
    • akwizgran's avatar
      Merge branch '210-support-panic-kit-purge' into 'master' · 0d2e12e7
      akwizgran authored
      Support for Destructive Panic Actions
      
      This MR is based on and requires !52.
      
      More details are available in the commit message.
      
      All known issues have now been fixed by new upstream releases.
      
      See merge request !54
      0d2e12e7
    • akwizgran's avatar
      Capitalise panic button header, tweak wording. · d8c65d00
      akwizgran authored
      d8c65d00
    • akwizgran's avatar
      Merge branch '204-support-panic-kit' into 'master' · 04473d20
      akwizgran authored
      Initial Support For PanicKit
      
      This MR adds support for the PanicKit libary. It supports the basic default panic response (signing out) which does not require user interaction to work. For destructive panic responses, the user needs to "connect" the panic trigger app (e.g. Ripple) with Briar first. To secure this connection further, TrustedIntents have been added. Gradle Witness is being used to guarantee the integrity of external libraries.
      
      Otherwise, this MR is pretty isolated and should not interfere with other parts of Briar. So merging it should be safe. However, the panic functionality still has rough edges and should not be relied on just now. It will mature along the the PanicKit library and the Ripple app.
      
      Closes #204 
      
      
      See merge request !52
      04473d20
  4. 12 Jan, 2016 16 commits
    • Torsten Grote's avatar
      Add UTF-8 tests for BDF Reader and Writer · 0dfa1b52
      Torsten Grote authored
      0dfa1b52
    • Torsten Grote's avatar
    • akwizgran's avatar
      4c23ceca
    • Torsten Grote's avatar
      Use @Test annotation to test for exceptions being thrown · b837e8b0
      Torsten Grote authored
      Please note that this commit only uses the @Test annotation
      where exceptions are thrown at the end of the test,
      because otherwise the test would not be executed completely.
      
      Examples for this are in DatabaseComponentImplTest where many exceptions
      are thrown in close succession or in ConnectionRegistryImplTest where an
      exception is thrown in the middle of the test.
      b837e8b0
    • Torsten Grote's avatar
    • Torsten Grote's avatar
      Support for Destructive Panic Actions · 63d87ae0
      Torsten Grote authored
      PanicKit does distinguish between two kinds of panic responses:
      
      * default responses such as logging out which are non-destructive and
        do not require user interaction, so that the basics work without
        configuration
      * destructive responses such as deleting user data. These require
        some sort of authentication to make sure they are not triggered
        by malicious apps
      
      The second type of responses is implemented with this commit.
      
      Authentication is done by comparing the package name
      which is very weak. It requires the user to opt-in to
      destructive responses and to configure from which app
      to receive those (since there might be many different panic
      trigger apps).
      
      While possible to uninstall an app and install one with the same
      package name afterwards, this always triggers notifications to
      the user (if the attacker does not have root access).
      
      Still that is no sufficient security for Briar's requirements,
      so that TrustedIntents are used as well to make sure that the
      app sending the destructive trigger is signed by a signing key
      that we specified before. Currently, that is the one from the
      GuardianProject and from IilabEngineering who does the Amnesty
      International Panic App.
      
      The responsibility of checking that the panic TRIGGER is
      legitimate lies with the app responding to the trigger, so Briar
      in this case. This commit checks whether the TRIGGER comes from
      a trusted app before performing destructive actions,
      but does perform the default action even when triggered from
      untrusted apps.
      
      Closes #210
      63d87ae0
    • Torsten Grote's avatar
      Implemented Sign Out as a first PanicKit Response · e603b4f6
      Torsten Grote authored
      This closes #204
      e603b4f6
    • akwizgran's avatar
      Merge branch '112-metadata' into 'master' · aa1b9328
      akwizgran authored
      Structured metadata. #112
      
      Task #112 involves defining an interface between the sync protocol and its clients. To avoid the need for clients to keep their own databases, which could get out of step with the sync protocol's database, we're giving clients that ability to store metadata in the sync protocol's database.
      
      Metadata can be associated with any message, channel, or client. Each metadata object is a simple map from strings to byte arrays. We'll provide a simple query interface to retrieve metadata and/or data by specifying a set of metadata keys. Basically we're building a shitty NoSQL database... erm, I mean, an enterprise-grade key-value store.
      
      The basic metadata object is kind of Spartan, so this patch provides an encoder and parser for storing structured metadata. This gives clients an easy way to associate structured data with messages and channels, while leaving them the option of using their own encoding if they prefer.
      
      This MR depends on !49.
      
      See merge request !50
      aa1b9328
    • akwizgran's avatar
      a847b30e
    • akwizgran's avatar
      Allow nulls in BdfList, BdfDictionary. · ed23bd6c
      akwizgran authored
      BdfList and BdfDictionary are no longer thread-safe, they require external locking. Metadata (which is the class that will be passed across API boundaries) is still thread-safe.
      ed23bd6c
    • akwizgran's avatar
      Encoder for structured metadata. · d1611180
      akwizgran authored
      d1611180
    • akwizgran's avatar
      Parser for structured metadata. · a4199481
      akwizgran authored
      a4199481
    • akwizgran's avatar
      Update data format to match BDF spec. · 7be7ce8e
      akwizgran authored
      7be7ce8e
    • akwizgran's avatar
      Merge branch '112-transport-properties-manager' into 'master' · 25c9cff8
      akwizgran authored
      Transport properties manager facade, key manager refactoring. #112
      
      Refactoring for #112: decouple the invitation and plugin code from the database with a TransportPropertiesManager facade (which will become a BSP client), and move some key management logic from the invitation code to the KeyManager. Update the integration tests to use the new FooManager facades.
      
      See merge request !49
      25c9cff8
    • akwizgran's avatar
      Merge branch 'btp-final-crypto-changes' into 'master' · 1bcfbc90
      akwizgran authored
      Final crypto changes for BTPv2. #111
      
      This patch brings the implementation into line with the BTPv2 spec. Changes:
      
      * Use BLAKE2s to generate tags
      * KDF arguments for key rotation
      * Frame IV format
      
      Closes #111.
      
      See merge request !48
      1bcfbc90
    • akwizgran's avatar
      Code clarity, more unit tests for ByteUtils. · 3c6ead06
      akwizgran authored
      Addresses comments for !48.
      3c6ead06
  5. 11 Jan, 2016 1 commit
  6. 08 Jan, 2016 3 commits
  7. 07 Jan, 2016 2 commits
  8. 06 Jan, 2016 1 commit
  9. 04 Jan, 2016 5 commits