node-forge is a pure JS crypto library that was used during the build
process to sign the clients and at runtime to verify the signature
before downloading the updated client:
* check the update manifest on the server, if the version is higher
than installed:
* get the sha512 digest and signature from the manifest and verify the
signature (node-forge only requires the digest, not the data)
if it matches:
* download the update and let electron-updater do its thing
with this change, we have to download the update first because node
crypto requires the data to verify the signature (digest is calculated
internally). In case the signature doesn't match, we delete the
downloaded file and stop polling for updates for this run.
forge was also used to get a private key for signing out of a
self-signed cert in development environments. from now on, this is done
by providing PEM encoded private and public keys.
close#3832
to create these signatures, run the dist script with the environment
variable DEBUG_SIGN set to a directory containing a self-signed code
signing cert file test.p12
close#2918
added mailto handling to desktop client. closes#670
proper handling of logout event, closes#682
made winsigner optional, made client version available from devTools, fixed#678
made F5 refresh not break the app. closes#673fixed#674
reenabled HTML5 notifications. fixes#672 once tutanota starts showing notifications for new mail.
fixed#691 & fixed#716
integration of IPC into WorkerProtocol, closes#669
public key for code signing
code signing for the linux client
fixed Jenkinsfile to correctly link snapshot
upgrade to electron 4.0.0-beta.7 #718
made the add 2FA dialog not reload the page #718
added support for Ctrl + Scroll zooming. #755
added F11 maximize/unmaximize support, #755
added Ctrl + P printing support, #755
fixed make script for desktop client
A search bar for the Desktop Client, #755
added async imports for nativewrappercommands
fixed focus loss for desktop ctrl+f search bar
Context menu for the Desktop client, #763
Code signing for mac & windows
linking of mac & windows snapshots
targetURL for mac snapshot
Settings View for the Desktop Client
better icons
prevented handleMailto from being called before app is ready
made showRequestPasswordDialog focus the input element
implementation of link tooltips for desktop
restricted mouse hover URL reveal for desktop to anchor elements inside the mail viewer
rich text toolbar overhaul, #873
upgrade to electron 4.0.0-beta.9
