~singpolyma/cheogram-android: 00191e2b6055292a871bb3b525d79fdc8e38cb30

00191e2b — Daniel Gultsch 3 years ago

explicitly use BouncyCastle for file crypto

257de4b5 — Daniel Gultsch 3 years ago

fixed typo

7851174b — Daniel Gultsch 3 years ago

modify 'create backup' faq entry

aecb771a — Daniel Gultsch 3 years ago

use 16 byte IVs for http upload files larger than 768KiB

Ever since Android 9+ switched to Conscrypt we can no longer efficiently
encrypt (and decrypt) large files with AES-GCM. We did’t notice this before
because when using 16 byte IVs even modern Androids will fall back to bouncy
castle. However the 'bug'/'feature' in Conscrypt surfaced when we switched over
to 12 byte IVs (which uses Conscrypt on Android 9+)
Switching back entirely to 16 byte IVs is undesirable as this would break
compatibility with Monal. So we end up with a weird compromise where we use
12 byte for normale plain text OMEMO messages and 'small' files where the
inefficiencies aren’t a problem.

The result of this commit is that Monal won’t be able to receive our files
larger than 768KiB. However the alternative is that Conversations would always
OOM when attempting to send larger files (where large depends on the available
RAM.)

fixes #3653

3be7c3bc — Daniel Gultsch 3 years ago

pulled translations from transifex

788b0f7f — Daniel Gultsch 3 years ago

momentarily go back to 16 byte IVs

The Crypto provider used from Android P onwards (conscrypt) has a weird bug
that when 12 bytes IVs are used it will decrypt or encrypt the entire file
in RAM instead of streaming it. That will cause OOM for 'larger' files on http
upload. (both downloads and uploads are effected)

It is currently unclear why this is happening and why Conscrypt is put into a
different mode.
We are only observing that Android versions below P are fine and using 16 bytes
is fine on all Android versions.

b2e9a954 — Daniel Gultsch 3 years ago

avoid bundled source selection that comes with ImageCropper on Android 10

7b5d0e03 — Daniel Gultsch 3 years ago

when setting moderated also set non standard field to not make users participants by default

08bc3ca0 — Daniel Gultsch 3 years ago

do not merge oob messages

d3533727 — genofire 3 years ago

fix typo (#3646)

sorry, this makes me crazy

0f40e7e7 — Daniel Gultsch 3 years ago

fixed typo in resolver that cause hostnames not to be marked as authenticated (with DNSSec)

usually this wasn’t a problem as this is only the fallback after no IPs
have been discovered.

this also isn‘t a security issue as worst case is the hostname doesn’t get
accepeted as fallback in cert validation.

thanks @genofire for spotting this

5dd66625 — genofire 3 years ago

[BUGFIX] crash on resolve.toString if hostname is null (#3635)

17e8aa43 — Daniel Gultsch 3 years ago

Fixed link to group chat. closes #3624

12907a52 — Daniel Gultsch 3 years ago

version bump to 2.7.0 + changelog

d781bc9c — Daniel Gultsch 3 years ago

pulled translations from transifex

d73cb08e — Daniel Gultsch 3 years ago

version bump to 2.7.0-beta

d6ae9d8d — Daniel Gultsch 3 years ago

switch to sending 12 byte IVs

27ca031f — Daniel Gultsch 3 years ago

pulled translations from transifex

e4685ad4 — Daniel Gultsch 3 years ago

hide local part of group chat xmpp address

d37aeef1 — Daniel Gultsch 3 years ago

prevent sharing of xmpp uri for group chat bookmarks