OmemoAesCipher is the sole point where OMEMO related AES operations
are performed. This allows OmemoAesCipher to check in a static block
if AES is available. If AES is not available it throws a (hopefully)
helpfull exception message.
Typically AES is not available on Android if no security provider
providing AES, like Bouncy Castle, has been explicitly configured.
By not directly depending on Bouncycastle (BC), we avoid conflicts between
different bouncycastle versions. It is also part of the developers job
to take care that all required security primitives are available. If
they are provide by BC or some other security provider should not be
up to Smack to decide.
We now only add BC as test dependency to satisfy this requirement when
the unit tests are executed.
and FileTestUtil in favor of commons-io. This is required because
Eclipse won't put src/test code into the classpath of src/main
code (even though gradle was configured with an according
dependency).
Those exception are caused by I/O operations in the OmemoStore, which
is now declaring that it throws those (since it is not uncommon for
I/O operations to cause IOExceptions). After all, this is nicely
demonstrated as this change is caused by switching with this commit to
the Android API 19 compatible methods in FileBasedOmemoStore, which
throw.
The library can not decide what to do in case of those exceptions,
hence it is sensible to expose them to the user.
Introducing Smack's own XmlPullParser interface which tries to stay as
compatible as possible to XPP3. The interface is used to either wrap
StAX's XMLStreamReader if Smack is used on Java SE, and XPP3's
XmlPullParser if Smack is used on on Android.
Fixes SMACK-591.
Also introduce JUnit 5 and non-strict javadoc projects.
Changes:
Rework integration tests
New structure of base integration test classes
bump dependency on signal-protocol-java from 2.4.0 to 2.6.2
Introduced CachingOmemoStore implementations
Use CachingOmemoStore classes in integration tests
Removed OmemoSession classes (replaced with more logical OmemoRatchet classes)
Consequently also removed load/storeOmemoSession methods from OmemoStore
Removed some clutter from KeyUtil classes
Moved trust decision related code from OmemoStore to TrustCallback
Require authenticated connection for many functions
Add async initialization function in OmemoStore
Refactor omemo test package (/java/org/jivesoftware/smack/omemo -> /java/org/jivesoftware/smackx)
Remove OmemoStore method isFreshInstallation() as well as defaultDeviceId related stuff
FileBasedOmemoStore: Add cleaner methods to store/load base data types (Using tryWithResource, only for future releases, once Android API gets bumped)
Attempt to make OmemoManager thread safe
new logic for getInstanceFor() deviceId determination
OmemoManagers encrypt methods now don't throw exceptions when encryption for some devices fails. Instead message gets encrypted when possible and more information about failures gets returned alongside the message itself
Added OmemoMessage class for that purpose
Reworked entire OmemoService class
Use safer logic for creating trust-ignoring messages (like ratchet-update messages)
Restructure elements/provider in order to prepare for OMEMO namespace bumps
Remove OmemoManager.regenerate() methods in favor of getInstanceFor(connection, randomDeviceId)
Removed some unnecessary configuration options
Prepare for support of more AES message key types
Simplify session creation
Where possible, avoid side effects in methods
Add UntrustedOmemoIdentityException
Add TrustState enum
More improved tests
This commit adds the modules smack-omemo and smack-omemo-signal.
smack-omemo is licensed under the Apache license like the rest of the smack project.
smack-omemo-signal on the other hand is licensed under the GPLv3.
Due to the fact, that smack-omemo is not of much use without smack-omemo-signal,
the OMEMO feature can currently only be used by GPLv3 compatible software.
This may change in the future, when a more permissively licensed module becomes available.
Fixes SMACK-743.