* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985)
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb.
* use batch syntax for ntf server commands
* separate encodeTransmission when there is no key
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* tests: add ntf case with multiple Ntf servers
* simplify test
* fix for master
* add server switch test
* add server switch test
* add message test for ntf server switch
* agent: notify about polled message processing (for iOS notifications)
* optionally keep key and support re-opening database
* exports
* test that cannot reopen when created with keepKey: false
* set max number of messages to receive for a notification to 3
* end SMP client connection after configured number of PING errors, reset PING error count on any success
* only terminate client on PING timeout
* refactor
* comment
* store SMP client version per queue
* use versioned format for queue addresses (not compatible with v1)
* multiple server hosts in queue URI/data, versioned encoding (cross-version tests fail)
* choose server host based on socksProxy setting
* test works
* multiple server addresses mostly work
* add onion hosts for provided servers
* update SMP hosts
* batch server commands in one transport block
* subscribe to multiple queues using batched commands
* agent method to subscribe to multiple queues using batched commands
* refactor
* test for batched subscriptions
* delete part of connections in batched test
* add resubscribeConnections
* remove comment
* update SMP protocol doc
* test notification token with agent and notifications server
* notification server test with APNS mock
* set environment variables in the test
* use base64url encoding in encrypted notification data
* APN push client (WIP)
* APNS push client works
* TODO comments
* comment
* send notification and process the response
* config
* e2e encryption for notification parameter
* read apns key filename and ID from env
* connect APNS client to server, fix notification JSON encoding to use dash case
* do not connect to APNS on start to pass CI tests
* fix CI test
* remove redundant import
* agent schema/methods/types/store methods for notifications tokens
* register notification token on the server
* agent commands for notification tokens
* refactor initial servers from AgentConfig
* agent store functions for notification tokens
* server STM store methods for tokens
* fix protocol client for ntfs (use generic handshake), minimal server and agent tests
* server command to verify ntf token
* process ntf server commands
* when subscription is re-created and it was ENDed, resubscribe to SMP
* SMPClientAgent draft
* SMPClientAgent: remove double tracking of subscriptions
* subscriber frame
* PING error now throws error to restart SMPClient for more reliable re-connection (#342)
* increase TCP timeout to 5 sec
* add pragmas and vacuum db (#343)
* vacuum in each connection to enable auto-vacuum (#344)
* update protocol, token verification
* refactor SMPClient to ProtocoClient, to use with notification server protocol
* notification server client, managing notification clients in the agent
* stub for push payload
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
* use TCP keep-alive instead of SMP protocol PING
* update header files
* use CInt
* use Int again
* use network-3.1.2.7
* use https in cabal.project
* confitional keep-alive parameters to work on mac
* pass keep-alive opts via client/agent options
* remove space
* types and encodings for double ratchet integration
* upgrade stack resolver
* type classes for version agreement, encode/decode connection request links and E2E params with versioning
* encode/decode client parameters (version and DH key) in SMP queue URI using query string parameters
* restore support of the current SMP queue URI format
* update AMessage to only send queues in REPLY message (not the full connection request)
* new agent message evnvelopes (tests fail)
* new message envelopes - tests pass
* store fully encrypted messages before sending
* unify message delivery via DB queue (excluding confirmation and invitation)
* remove activateSecuredQueue
* linter hints
* remove comment
* export order
* save rachet-encrypted message, not per-queue encrypted
* delete message after it is accepted by the server, reduce message delivery interval for the tests
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com>
* make KeyHash non-optional, StrEncoding class
* change server URI format in agent config, refactor with StrEncoding
* refactor Crypto using checkAlgorithm
* refactor parsing connection requests
* prepare to validate CA fingerprint sent in client handshake
* KeyHash check in handshake
* rename type to CliCommand
* server validates keyhash sent by the client
* validate -a option when parsing
* more of StrEncoding
* binary SMP protocol encoding (server tests fail)
* use 1 byte for bytestring length when encoding/decoding
* Encoding class, binary tags
* update server tests
* negotiate SMP version in client/server handshake
* add version columns to queues and connections
* split parsing SMP client commands and server responses to different functions
* check uniqueness of protocol tags
* split client commands and server responses/messages to separate types
* update types in SMP client
* remove pattern synonyms for SMP errors
* simplify getHandshake
* update SMP protocol encoding in protocol spec
* encode time as a number of seconds (64-bit integer) since epoch
