briar issueshttps://code.briarproject.org/briar/briar/-/issues2018-04-29T13:15:17Zhttps://code.briarproject.org/briar/briar/-/issues/474Introduction protocol modifies state external to session2018-04-29T13:15:17ZakwizgranIntroduction protocol modifies state external to sessionSub-task of #456.Sub-task of #456.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/789Initial Account Creation Unclear2018-04-29T12:57:06ZTorsten GroteInitial Account Creation UnclearDuring a user testing session (#788) a user installed the app and failed to create the initial account that is required to use the app.
The user saw the disabled button, tried to click it several times, but eventually gave up and turned...During a user testing session (#788) a user installed the app and failed to create the initial account that is required to use the app.
The user saw the disabled button, tried to click it several times, but eventually gave up and turned to other members of the group saying that it doesn't work. The user did not take time to read the explanatory text and either did not see or understand the toolbar title "Briar Setup" (in Spanish translation).
![device-2016-11-30-101817](/uploads/cc23f59cf11e5553eeae3d3fe7b753ff/device-2016-11-30-101817.png)Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/1163Check whether our key agreement procotols assume contributory behaviour2018-04-28T13:38:03ZakwizgranCheck whether our key agreement procotols assume contributory behaviourWe're migrating to Curve25519 for key agreement, and RFC 7748 [warns](https://tools.ietf.org/html/rfc7748#section-7) that protocols based on Curve25519 should not assume contributory behaviour:
> Protocol designers using Diffie-Hellman ...We're migrating to Curve25519 for key agreement, and RFC 7748 [warns](https://tools.ietf.org/html/rfc7748#section-7) that protocols based on Curve25519 should not assume contributory behaviour:
> Protocol designers using Diffie-Hellman over the curves defined in this document must not assume "contributory behaviour". Specially, contributory behaviour means that both parties' private keys contribute to the resulting shared key. Since curve25519 and curve448 have cofactors of 8 and 4 (respectively), an input point of small order will eliminate any contribution from the other party's private key. This situation can be detected by checking for the all-zero output, which implementations MAY do, as specified in Section 6. However, a large number of existing implementations do not do this.
The Curve25519 website also has a [warning](https://cr.yp.to/ecdh.html#validate):
> There are some unusual non-Diffie-Hellman elliptic-curve protocols that need to ensure ``contributory'' behavior. In those protocols, you should reject the 32-byte strings that, in little-endian form, represent 0, 1, 325606250916557431795983626356110631294008115727848805560023387167927233504 (which has order 8), 39382357235489614581723060781553021112529911719440698176882885853963445705823 (which also has order 8), 2^255 - 19 - 1, 2^255 - 19, 2^255 - 19 + 1, 2^255 - 19 + 325606250916557431795983626356110631294008115727848805560023387167927233504, 2^255 - 19 + 39382357235489614581723060781553021112529911719440698176882885853963445705823, 2(2^255 - 19) - 1, 2(2^255 - 19), and 2(2^255 - 19) + 1. But these exclusions are unnecessary for Diffie-Hellman.
It's not clear to me whether the special public keys listed in the second quote will produce the all-zero output as described in the first quote. This is something we can confirm, and we can check for the all-zero output in our usage of Curve25519. But for defence in depth we should also check whether our key agreement protocols (BQP, the contact exchange protocol and the introduction protocol) assume contributory behaviour.
One thing we need to clarify is whether hashing both public keys into the shared secret (which we already do) is enough to ensure contributory behaviour.Android 1.0akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/613Use metadata queries to look up introduction session state2018-04-28T00:17:21ZakwizgranUse metadata queries to look up introduction session stateSubtask of #376.Subtask of #376.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/377Replace BDF data structures with classes in introduction client2018-04-28T00:17:04ZakwizgranReplace BDF data structures with classes in introduction clientThe introduction client uses BdfDictionary and BdfList for its internal data structures, rather than just for serialisation. This tends to push type checking from compile time to run time. Create classes to represent the client's interna...The introduction client uses BdfDictionary and BdfList for its internal data structures, rather than just for serialisation. This tends to push type checking from compile time to run time. Create classes to represent the client's internal state.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/308Messages in MessageQueue are picked up by Clients2018-04-28T00:16:54ZTorsten GroteMessages in MessageQueue are picked up by ClientsA message that arrived out of order and is pending in the message queue could be picked up by `getIntroductionMessages()`.A message that arrived out of order and is pending in the message queue could be picked up by `getIntroductionMessages()`.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/108Set up offline build box2018-04-28T00:16:04ZakwizgranSet up offline build boxThe build box should be air-gapped as it will have access to the APK signing key, which can never be changed.The build box should be air-gapped as it will have access to the APK signing key, which can never be changed.Android 1.0akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/857Introduction: No notification for contact established confirmation.2018-04-28T00:15:25ZMegaloxIntroduction: No notification for contact established confirmation.A introducted B to C. B accepted. Then C accepted. B did not receive a notification that C is now her contact.A introducted B to C. B accepted. Then C accepted. B did not receive a notification that C is now her contact.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/456Protocols Modify State External to Session2018-04-28T00:13:10ZTorsten GroteProtocols Modify State External to SessionThe fundamental issue is that the protocol modifies state that's external to the session. In the case of forum sharing, the external state is the list of forums and their visibility; in the case of introductions, it's the contact list. I...The fundamental issue is that the protocol modifies state that's external to the session. In the case of forum sharing, the external state is the list of forums and their visibility; in the case of introductions, it's the contact list. If multiple sessions can modify the same external state then we may have problems keeping the sessions consistent with the state and with each other.
When we first thought about sessions, I was thinking of the sequence of messages and the local state stored by the protocol - I didn't think about external state. That's also the reason the ProtocolEngine interface doesn't provide a way to update external state (#376). For any protocol that updates external state, such as the forum sharing and introduction protocols, we need to re-think what a session means.
I think we can solve this issue in the general case by saying that all sessions that affect the same external state must share the same session ID and local state. In other words, a single ongoing session per unit of external state. Then we need to design the state machine to allow for the fact that different parties may try to perform different operations within a given session, possibly at the same time. This will probably make the state machine more complex, but that's because the state machine now captures the possibility of multiple operations affecting the same state, whereas previously we just sort of crossed our fingers and hoped that didn't happen.
To put this in more concrete terms, the unit of external state for forum sharing is the visibility of a given forum to a given contact, so all sessions that affect the visibility of a given forum to a given contact should share the same session ID and local state. In particular, if a contact shares a forum with us and we simultaneously share the same forum with them, both sessions should use the same ID. When we receive their invitation we'll look up the session and discover that we're in the "invitation sent" state. We can then have a rule in the state machine that says what we should do if we receive an invitation in that state. For example, we might apply the Alice/Bob tie-breaker and ignore one of the invitations, or we might decide that we should react in the same way as if the contact had accepted our invitation. But the point is, the need to handle that situation is defined as part of the protocol.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/376Refactor clients based on ProtocolEngine2018-04-28T00:12:24ZakwizgranRefactor clients based on ProtocolEngineThe ProtocolEngine interface allows certain tasks to be performed in response to local actions and incoming messages: updating local state, sending messages, broadcasting events and deleting the incoming message. Clients based on Protoco...The ProtocolEngine interface allows certain tasks to be performed in response to local actions and incoming messages: updating local state, sending messages, broadcasting events and deleting the incoming message. Clients based on ProtocolEngine that need to perform other tasks are forced to store a task label in the local state, then retrieve it and perform the task outside the engine. This defeats the purpose of the engine interface, which is meant to encapsulate the protocol logic.
Alter or remove the ProtocolEngine interface so clients have the flexibility they need.Android 1.0Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/1149Confirmation before creating test data2018-04-25T13:44:12ZWikinautConfirmation before creating test dataFor the second time I accidentally clicked the "create test data" -- with all the immediate "negative" consequences.
Please add a conformation question "Are you really sure?" before this action is performed. Even in the beta version.For the second time I accidentally clicked the "create test data" -- with all the immediate "negative" consequences.
Please add a conformation question "Are you really sure?" before this action is performed. Even in the beta version.Julian DehmJulian Dehmhttps://code.briarproject.org/briar/briar/-/issues/1190Shut down cleanly when phone is shutting down or memory is low2018-04-23T10:44:40ZakwizgranShut down cleanly when phone is shutting down or memory is lowListen for `ACTION_SHUTDOWN` and `QUICKBOOT_POWEROFF` broadcasts and try to shut down the background service cleanly before the phone powers off.
Similarly, try to shut down the service cleanly before the process is killed if `BriarServ...Listen for `ACTION_SHUTDOWN` and `QUICKBOOT_POWEROFF` broadcasts and try to shut down the background service cleanly before the phone powers off.
Similarly, try to shut down the service cleanly before the process is killed if `BriarService#onLowMemory()` is called.Android Beta 2akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/1177Viewfinder is blank after connection fails2018-04-23T10:44:40ZakwizgranViewfinder is blank after connection failsWhen a connection fails while adding a contact, the viewfinder is shown again but it's blank. This is a regression caused by stopping the camera preview after scanning the QR code.When a connection fails while adding a contact, the viewfinder is shown again but it's blank. This is a regression caused by stopping the camera preview after scanning the QR code.Android 1.0akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/1171Could not connect via wifi to phone running hotspot2018-04-23T10:44:40ZakwizgranCould not connect via wifi to phone running hotspotA user reported that when their phone was running a wifi hotspot, devices connected to the hotspot could connect to each other but not to the phone running the hotspot.
* Android version: 7.1
* Phone model: OnePlus5
* Briar version: 0.16.2A user reported that when their phone was running a wifi hotspot, devices connected to the hotspot could connect to each other but not to the phone running the hotspot.
* Android version: 7.1
* Phone model: OnePlus5
* Briar version: 0.16.2Android Beta 2akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/1180Transport icons show wrong state2018-04-17T14:57:44ZakwizgranTransport icons show wrong state* Android version: 7.0
* Briar version: 0.16.18 (812522a)
* Phone model: TCL Alcatel 5085C
* User feedback: "Frequently shows my internet as offline when I have lots of 4G service."
* Mobile data status: Available, enabled, connected
* W...* Android version: 7.0
* Briar version: 0.16.18 (812522a)
* Phone model: TCL Alcatel 5085C
* User feedback: "Frequently shows my internet as offline when I have lots of 4G service."
* Mobile data status: Available, enabled, connected
* Wi-Fi address: 0.0.0.0
* Wi-Fi status: Available, not enabled, not connectedAndroid Beta 2akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/112Separate data sync protocol (BSP) from clients2018-04-16T16:24:37ZakwizgranSeparate data sync protocol (BSP) from clientsThe current clients of the data sync protocol are:
* Transport properties
* Private messages
* Forums
The current clients of the data sync protocol are:
* Transport properties
* Private messages
* Forums
Milestone Aakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/118Introduce contacts to each other2018-04-16T16:24:37ZakwizgranIntroduce contacts to each otherThe protocol for doing this will be a BSP client.The protocol for doing this will be a BSP client.Milestone BTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/130Protocol spec for BSP2018-04-16T16:24:37ZakwizgranProtocol spec for BSPMilestone Dhttps://code.briarproject.org/briar/briar/-/issues/174Rename classes, methods, fields with BSP nomenclature2018-04-16T16:24:37ZakwizgranRename classes, methods, fields with BSP nomenclatureThis is going to touch a lot of code, but shouldn't make any functional changes.
Subtask of #112.This is going to touch a lot of code, but shouldn't make any functional changes.
Subtask of #112.Milestone Aakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/229Convert TransportPropertyManager into a BSP client2018-04-16T16:24:37ZakwizgranConvert TransportPropertyManager into a BSP clientSubtask of #112Subtask of #112Milestone Aakwizgranakwizgran