Project *Core Apps » Bazaar » ChatSecure:Android » KeySync » Orbot » Orfox Private Browser » Orweb » Secure ReaderCacheWordIOCipherNetCipherPanicTrusted Intents » CheckeyLibreoSpideyStoryMakerâ„¢SecureSmartCam » CameraV (InformaCam Project) » ObscuraCam
Tracker *Bug Feature Task
Subject *
Description Attempts to connect to XMPP servers that require explicit use of Forward Secrecy Cipher Suite(s) fail. ChatSecure Android client does not appear to support PFS ciphers. Specifically, the following standard Forward Secrecy Cipher Suite(s) appear missing from ChatSecure: ECDHE-ECDSA-AES256-GCM-SHA384 (0xc02c) ECDHE-ECDSA-AES256-SHA384 (0xc024) ECDHE-ECDSA-AES128-GCM-SHA256 (0xc02b) I have setup an (intermittently available) test server that only supports these higher ciphers so that you may independently verify if need be. IM Observatory test results to test server (and server details) - https://xmpp.net/result.php?id=434489 While TLS negotiation fails with ChatSecure:Android, it remains successful with desktop xmpp client such as PSI. Support for standard PFS ciphers is requested as part of the standard privacy & security model to which ChatSecure prescribes.
Status *New
Priority *Low Normal High Urgent Immediate
Assignee << me >>amoghbl1hansn8fr8Anonymous
Target version Orfox Alpha Orfox Alpha 2 Orfox Beta 1 Orfox GSoC 2016 Orfox RC Backlog
Start date
Due date
Estimated time Hours
% Done0 % 10 % 20 % 30 % 40 % 50 % 60 % 70 % 80 % 90 % 100 %
Component
Copy attachments
Files (Maximum size: 195 MB)