c66f9efa55
merge migrations, prepare schema for multiple queues per connection ( #243 )
...
* merge migrations into initial
* update connection/queue tables in schema, simplify creating connections
* refactor create connection
* remove queue fields from connections table
* update server constraints
2021-12-29 17:55:27 +00:00
73cad5a6c4
simple per-queue e2e encryption with NaCl crypto_box ( #242 )
...
* simple per-queue e2e encryption with NaCl crypto_box
* add e2e keys and DH secrets to schema
* agree and save shared DH secret per queue (not used yet)
* protocol changes for uniform padding and message part lengths
* correct message structure diagrams
* make per-queue E2E encryption non-optional
* refactor crypto keys
* use NaCl crypto_box for per-queue E2E encryption, remove RSA keys from queues
* remove RSA support
* merge migration with E2E DH keys
* clean up
* remove unused methods
* parsing/serializing agent messages
* remove sender timestamp from DB and code
* clean up
* slean up
* s/SMPConfMsg/SMPConfirmation/
* serializeAgentMessage = serializeClientMessage . agentToClientMsg
* simplify error handling
* update protocol docs
2021-12-29 14:27:10 +00:00
51a9750891
double ratchet algorithm implementation ( #236 )
...
* started double ratchet implementation
* initialize ratchets
* started ratchet encryption
* ratchet encryption
* simplify / narrow down Ratchet type
* double ratchet decryption "framework"
* advance receive ratched on skipped messages
* more ratchet decryption
* double ratchet encrypt/decrypt (TODO tests)
* double ratchet tests
* double ratchet tests
* use ratchet AD in header encryption, use header and ratchet AD as AD in message encryption
* change ratchet message error, remove Show instances
* Update tests/AgentTests/DoubleRatchetTests.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* Update tests/AgentTests/DoubleRatchetTests.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* Update tests/AgentTests/DoubleRatchetTests.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* Update tests/AgentTests/DoubleRatchetTests.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* Update tests/AgentTests/DoubleRatchetTests.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* Update src/Simplex/Messaging/Crypto/Ratchet.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
* test in the same ratchet step
* merge tests
* Update src/Simplex/Messaging/Crypto/Ratchet.hs
* Update src/Simplex/Messaging/Crypto/Ratchet.hs
* remove HMAC comment
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-25 17:13:53 +00:00
7bf97fac18
add sessionId and blockSize to the client record used internally ( #241 )
2021-12-24 19:31:39 +00:00
14954df6b9
print version on server initialization & start-up ( #240 )
2021-12-24 15:44:40 +04:00
388e4d2bcc
update server recipes - Linode & DigitalOcean ( #239 )
2021-12-24 15:34:09 +04:00
0c866105d2
chain of two certificates - offline (identity) and online; switch certificates to v3 ( #238 )
2021-12-23 21:20:41 +04:00
96cf4d288c
base64url encode fingerprint in agent test ( #237 )
2021-12-23 13:04:56 +04:00
e2cd370513
certificate validation on client side; check stored fingerprint on server start-up; non-optional fingerprint parsing ( #234 , closes #155 )
...
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2021-12-22 23:24:58 +04:00
f9f1b8f355
new overview ( #235 )
2021-12-21 07:46:22 +00:00
f154f7ee3a
overview doc updates ( #216 )
...
* overview changes
* correction
* protocol docs changes
* include reviewer comments in the doc
* encryption scheme for the recipient traffic
* TLS cipher suite
2021-12-20 12:07:31 +00:00
1873e82804
add CODEOWNERS ( #231 )
2021-12-20 07:08:52 +00:00
400e057dab
use tls-unique as session ID, switch to TLS 1.2 in tls package fork ( #230 )
...
* use tls-unique as session ID, switch to TLS 1.2 in tls package fork
* Update src/Simplex/Messaging/Transport.hs
* Update src/Simplex/Messaging/Transport/WebSockets.hs
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-19 15:10:37 +00:00
129246c9e6
unencrypted SMP transport over TLS; simplified handshake ( #229 )
...
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2021-12-19 13:04:44 +04:00
8ca2d64bc9
Update FUNDING.yml
2021-12-18 16:28:06 +00:00
e0acb42a28
Merge branch 'stable'
2021-12-17 15:44:58 +00:00
bd2e251cae
server update script
2021-12-17 13:23:37 +00:00
6b5cc3d2d5
0.5.1
2021-12-17 12:33:01 +00:00
5f7fe8b0dc
remove client from servers subscribers map after client disconnection ( #228 )
...
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-17 16:28:48 +04:00
1df146c702
make WebSockets use TLS Context ( #227 )
2021-12-16 07:30:16 +00:00
323fb1f03c
remove SMP server signing responses ( #226 )
...
* remove SMP server signing responses
* keep only one session ID
2021-12-16 07:15:45 +00:00
de01692ffd
enable WebSockets over TLS ( #225 )
2021-12-15 22:58:47 +04:00
bcf5e25cab
create TLS ServerParams once per server run; remove tlsServerParams from agent env (fixes functional agent client for chat) ( #223 )
2021-12-15 19:03:34 +04:00
5aa0e97cd9
sign server responses
2021-12-15 11:52:09 +00:00
cf3d0dfdc3
Transaction fields for size, session IDs, refactor ( #222 )
...
* add SMP session IDs/tls-unique to transmission
* refactor SMP transmissions: precise transmission types in server & client
* use correct session IDs
* remove TSession
2021-12-15 08:06:34 +00:00
83d352cfbe
TLS 1.3 transport ( #203 )
...
* TLS as Transport class instance with pre-defined server certificate/key
* refactor error logging
* remove Ed25519
* refactor TLS.cGet
* TLS over TCP for Transport
* Plain -> TLS
* comment
* getLn, change supported cipher
* use non fixed certificates
* comment
* check options earlier
* wording
* headers
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
* localhost -> server
* Update apps/smp-server/Main.hs
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
* remove comment
* agent key and cert fixtures WIP
* certificate and key in correct order
* exitFailure
* refactor loadServerCertificate
* remove liftIO
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-15 07:48:57 +00:00
7dba734ab8
Merge pull request #221 from simplex-chat/ep/smp-sign-encrypt
...
SMP protocol changes: server signature keys (no signing/verification yet), recipient message bodies encryption with crypto_box
2021-12-13 12:49:41 +00:00
a3101edbb9
Update src/Simplex/Messaging/Agent/Client.hs
...
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-13 12:04:52 +00:00
95fbd70346
encrypt recipient message bodies with crypto_box
2021-12-13 10:56:26 +00:00
acf5c15a05
increase SMP queue ID and message ID size to 24 bytes
2021-12-12 23:17:21 +00:00
560d9ceb71
add NaCl crypto_box scheme
2021-12-12 22:59:11 +00:00
bfa05c9432
all tests pass!
2021-12-12 21:17:25 +00:00
c45454d9e5
update server store log to save/restore additional keys, use Ed keys in tests instead of RSA
2021-12-12 20:51:34 +00:00
f6991539a2
add server signature keys and DH keys for server->recipient msg bodis to SMP commands (server store log and agent tests are skipped)
2021-12-12 12:22:44 +00:00
5f7366b7bd
Merge pull request #198 from simplex-chat/v5
2021-12-10 12:29:50 +00:00
f640e71f82
remove BlockArguments extension ( #220 )
2021-12-10 12:21:54 +00:00
52eef2d7c7
Merge branch 'master' into v5
2021-12-10 11:52:08 +00:00
f15067cf68
0.5.0
2021-12-08 15:11:27 +00:00
ff2b975cd8
prepare v0.5.0 - update versions, changelog ( #219 )
...
* prepare v0.5.0 - update versions, changelog
* Update CHANGELOG.md
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com >
2021-12-08 15:02:28 +00:00
fe2d6607de
delete contact connection with DEL command ( #218 )
2021-12-07 19:05:19 +00:00
6bdf4f3ff3
change ports for tests (fix for ports now in use on macOS) ( #217 )
2021-12-06 18:56:07 +04:00
218a7756f8
RJCT / rejectContact to reject contact requests ( #214 )
2021-12-06 13:12:10 +00:00
d5310c1c6f
SimpleX protocols and network overview ( #215 )
2021-12-06 12:28:11 +00:00
82ae5c623f
Merge branch 'master' into v5
2021-12-06 09:22:45 +00:00
57c9ccfc08
use base64url encoding for public key in connection requests; only allow accepting invitations that were not accepted ( #213 )
...
* use base64url encoding for public key in connection requests; only allow accepting invitations that were not accepted
* subscribe ContactConnection, fix test to use base64url encoding in key example
2021-12-06 09:05:13 +00:00
58758e0572
Merge branch 'master' into v5
2021-12-04 21:08:38 +00:00
3e226fc3f2
add CONF/LET for invitations, use REQ/ACPT only with contact connections ( #212 )
2021-12-04 21:08:02 +00:00
b116408ec3
Merge branch 'master' into v5
2021-12-04 18:55:23 +00:00
04c65d98da
support permanent connection link ("contact") in SMP agent protocols ( #143 )
...
* open/public queue extension for SMP and SMP agent protocols
* add connection mode - invitation or contact
* use ConnectionMode with REQ and ACPT agent notification/command
* parameterize ConnectionRequest with ConnectionMode
* implement Contact connection mode for permanent connection links
* tests for contact connections
2021-12-04 18:42:08 +00:00
316dc7b320
merge protocol changes from v5 ( #211 )
2021-12-02 18:42:13 +00:00
Evgeny Poberezkin