Commits · 10924709d0ebd8fe90b82584b09918a97520f74c · Julian Dehm / briar

Mar 23, 2015
- Use PIE Tor binary on API version 16+. · 10924709
  akwizgran authored 10 years ago
  
  10924709
- Updated Tor GeoIP database. · 0be467f4
  akwizgran authored 10 years ago
  
  0be467f4
- Insert padding between password strength meter and progress spinner. · b791ce02
  akwizgran authored 10 years ago
  
  b791ce02
Mar 20, 2015
- Upgraded Tor to 0.2.5.11 with OpenSSL 1.0.2a. · a9489a51
  akwizgran authored 10 years ago
  
  a9489a51
Mar 11, 2015
- Log discovered devices to track down discovery bugs. · a5b1d92e
  akwizgran authored 10 years ago
  
  a5b1d92e
Mar 09, 2015
- Added Android Studio's local.properties to .gitignore. · afb6a185
  akwizgran authored 10 years ago
  
  afb6a185
- Added Android Studio files to .gitignore. · 4630137c
  akwizgran authored 10 years ago
  
  4630137c
- Updated Gradle and Android Gradle wrapper. · 37138d7a
  akwizgran authored 10 years ago
  
  37138d7a
Mar 05, 2015
- Bumped expiry date to 1 April 2015. · 50f87127
  akwizgran authored 10 years ago
  
  50f87127
- Bumped expiry date to 1 PAril 2015. · 35212a49
  Alex authored 10 years ago
  
  35212a49
Feb 05, 2015
- Bumped expiry date to 1 March 2015. · 316e4c88
  akwizgran authored 10 years ago
  
  316e4c88
Jan 31, 2015
- Bump the version number, indicate that Bluetooth is required. · c026a07a
  akwizgran authored 10 years ago
  
  c026a07a
Jan 30, 2015
- Moved patches to their own directory. · 540a399b
  akwizgran authored 10 years ago
  
  540a399b
- Upgraded Tor to 0.2.5.10 with OpenSSL 1.0.2. · c1469797
  akwizgran authored 10 years ago
  
  c1469797
Jan 29, 2015
- Remove vuln.pub manifest, we're not getting any useful notifications. · 4fcc3092
  akwizgran authored 10 years ago
  
  4fcc3092
- Merge branch 'AbrahamKiggundu/briar-master': better lock encapsulation · f8a4a492
  akwizgran authored 10 years ago
  
  f8a4a492
- Comments to indicate which locks guard which variables. · 0dbfd707
  akwizgran authored 10 years ago
  
  0dbfd707
Jan 28, 2015
- Code formatting and small cleanups. · 47bd8412
  akwizgran authored 10 years ago
  
  47bd8412
Jan 14, 2015
- Use FortunaGenerator to implement PseudoRandom. · 7fbad8dc
  akwizgran authored 10 years ago
  
  7fbad8dc
- Use a provider to instantiate AuthenticatedCipher. · 1c7432ca
  akwizgran authored 10 years ago
  
  1c7432ca
- Don't close the connection until both peers have finished. Bug #78. · 6ff8f5ce
  akwizgran authored 10 years ago
  
  6ff8f5ce
- Log how long it takes to generate and verify signatures. · 03247aed
  akwizgran authored 10 years ago
  
  03247aed
- Forgot to update some constants to reflect the new crypto primitives. · 920c8119
  akwizgran authored 10 years ago
  
  920c8119
- Bumped expiry date to 1 February 2015. · 73d4f397
  akwizgran authored 10 years ago
  
  73d4f397
Jan 09, 2015
- Downgrade to 256-bit curve for performance. · 112d8042
  akwizgran authored 10 years ago
  
  Also reduced hash function to 256 bits because our target security level is now 128 bits.
  112d8042
- AuthenticatedCipher interface isn't needed outside crypto package. · 5d46d3a4
  akwizgran authored 10 years ago
  
  5d46d3a4
- Remove AAD from AuthenticatedCipher interface. · dc5e37a9
  akwizgran authored 10 years ago
  
  dc5e37a9
Jan 08, 2015
- Bug#49 · fcb983a6
  Abraham Kiggundu authored 10 years ago
  
  https://sourceforge.net/p/briar/bugs/49/ Fixed by ensuring that the generated contact and group intents are uniquely identified
  fcb983a6
- Pull-Merge of latest changes from main repo · 85115104
  Abraham Kiggundu authored 10 years ago
  
  85115104
Jan 07, 2015

bug#49 Fixed by ensuring that intents for different contacts/groups can be... · 686d5fd2

Abraham Kiggundu authored 10 years ago

bug#49 Fixed by ensuring that intents for different contacts/groups can be distinguished from each other when resolving PendingIntent refs

686d5fd2

Jan 06, 2015
- Fixed bug calling notifyAll instead of signalAll · 8d25840a
  Abraham Kiggundu authored 10 years ago
  
  8d25840a
- Revert lock variable rename for clarity · be2a92d6
  Abraham Kiggundu authored 10 years ago
  
  be2a92d6
- Reverted inadvertent downgrade of gradle version · 2933f1a8
  Abraham Kiggundu authored 10 years ago
  
  2933f1a8
- Use constant-time GCM multiplier. · 4e57029d
  akwizgran authored 10 years ago
  
  4e57029d
- Merge branch 'improve-thread-encapsulation' into upstream · 2b9c4690
  Abraham Kiggundu authored 10 years ago
  
  2b9c4690
Jan 05, 2015
- Unit tests for StreamEncrypterImpl. · ed79719b
  akwizgran authored 10 years ago
  
  ed79719b
- Variable-length frames (untested). · 1f69f0d2
  akwizgran authored 10 years ago
  
  1f69f0d2
- Use the same maximum frame length for all transports. · d3bf2d59
  akwizgran authored 10 years ago
  
  d3bf2d59
Jan 04, 2015
- Fix to travis android build tools version · 8b79d840
  Abraham Kiggundu authored 10 years ago
  
  8b79d840
Dec 29, 2014

Don't try to erase secrets from memory. · 358166bc

akwizgran authored 10 years ago

1. The things we're really trying to protect - contact identities,
message contents, etc - can't be erased from memory because they're
encapsulated inside objects we don't control.

2. Long-term secrets can't be protected by erasing them from memory
because they're stored in the database and the database key has to be
held in memory whenever the app's running.

3. If the runtime uses a compacting garbage collector then we have no
way to ensure an object is erased from memory.

4. Trying to erase secrets from memory makes the code more complex.

Conclusion: Let's not try to protect secrets from an attacker who can
read arbitrary memory locations.

358166bc