Add a new crate, libsignal-message-backup-io, and move the existing code that
handles backup decryption, deframing, and protobuf deserialization there. Keep
the actual validation of the protobuf contents in the libsignal-message-backup
crate.
This allows the existing example binproto<->json binaries to be built with
local modifications to the backup.proto file without also requiring all the
validation code to be modified.
This (1) actually works on iOS and Android, and (2) will likely be
more full-featured and better-supported going forward. But it does
mean plugging one system's certificate verifier (rustls) into
another's TLS implementation (BoringSSL). Still, having *all* of
rustls used alongside BoringSSL would be redundant.
Handle encrypted & compressed message backup files with additional padding
after the compressed contents (the padding bytes are encrypted, but not
compressed). Update the example encrypter binary to add padding by default.
Add a flag to the CLI validation tool and an argument to the bridged validation
functions so users can specify whether a provided message backup should be
validated according to the rules for device-to-device transfers or backups
intended for remote storage.
- Feature flags removed for unconditionally-provided APIs.
- A function's this() is no longer guaranteed to be an object,
so we have to check and error out more often.
- Use of usize instead of i32 in a few places.
- Convenience for fetching globals.
Update snow to include a fix for a DoS opportunity in the latest
release.
Thank you to Joe Doyle and Jim Miller from Trail of Bits for bringing
this to our attention.
Add a derive macro and attach it to each generated protobuf message. The
generated code will walk each field in the message and dispatch recursively to
the same trait to find all unknown fields. Keep the existing
dynamically-dispatched descriptor-walking implementation since it's easier to
understand, but only use it to ensure parity with the macro-generated version
via test cases.
Update to semver-compatible versions of all crates. Prevent duplicate
versions of crates by updating
- http to v1.0.0
- indexmap to v2.1.0
Run `yarn upgrade`
Fix a bunch of issues revealed by the upgraded clippy
- update UUID library for improved uuid! parser macro
- make #[cfg(test)] block the last thing in a file
- call .to_string() instead of format! without interpolation
- use infallible conversion instead of try_into().expect
- remove redundant "Error" suffix from enum variant names
- remove unused type
Add an executable target that reads backup files from disk or from stdin (by
buffering the contents in memory to allow seeking), decrypts the contents if
keys are provided, validates, and prints the output if requested.