Commit graph

13 commits

Author SHA1 Message Date
lilia
63cd3b2788 Use constant time mac comparison
In libtextsecure and in libaxolotl.

// FREEBIE
2015-11-27 14:40:17 -08:00
lilia
ac7c95fed0 Validate argument lengths in crypto.js
These functions accept an array buffer and extract an AES and MAC key
from it without verifying it has the appropriate length. Ciphertext
messages are similarly dissected. The slice function does not raise an
error on out of bounds accesses but instead returns an empty or
partially-filled array. Empty or short arrays will be passed through to
the window.crypto.subtle API, where they will raise an error. We should
not rely on the Web Crypto API to validate key lengths or for MAC checks
to fail. Instead, validate the lengths of given parameters before
extracting their components.

// FREEBIE
2015-10-27 13:58:23 -07:00
lilia
7d9cf0c167 Pass the signaling key into decryptWebSocketMessage
De-couple this file from dependency on storage.
2015-09-17 16:02:22 -07:00
lilia
f764445c86 Remove erroneous license file and headers
We only use GPLV3 around here.

// FREEBIE
2015-09-07 14:58:42 -07:00
lilia
704c6ce779 Signaling key is now an array buffer 2015-05-15 11:39:22 -07:00
Matt Corallo
00cb420d37 Merge (un)encrypted storage layers 2015-03-25 11:56:25 -07:00
Matt Corallo
e2e06b2d3c Remove axolotl.storage usage from libtextsecure 2015-03-17 13:59:25 -07:00
Matt Corallo
870e5dc9dc Remove all external non-test deps on libaxolotl/crypto 2015-02-12 15:11:59 -08:00
Matt Corallo
7d2d2d92fc Copy getRandomBytes from libaxolotl to libtextsecure 2015-02-12 15:11:59 -08:00
Matt Corallo
403ae4376d Move attachment/websocket [en|de]cryption to libtextsecure 2015-02-12 15:11:58 -08:00
Matt Corallo
83c6fe9008 Moveish the first files to libaxolotl/ 2015-02-12 15:11:57 -08:00
Matt Corallo
e7f3e52b6c Remove NaCL! 2015-01-14 11:39:36 -10:00
Matt Corallo
8ad1a38b5b Move js files around for libtextsecure split 2015-01-14 09:35:57 -10:00
Renamed from js/crypto.js (Browse further)