Save the private key and instance tag in session storage.

1574acb3 · JC Brand · 9967b955 · 1574acb3
Commit 1574acb3 authored Sep 10, 2013 by JC Brand
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 10 deletions

converse.js converse.js +17 -10

No files found.
--- a/converse.js
+++ b/converse.js
@@ -317,34 +317,40 @@
            },

            getSession: function () {
-                var saved_key = this.get('priv_key');
+                // XXX: sessionStorage is not supported in IE < 8. Perhaps a
+                // user alert is required here...
+                var saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')];
+                var instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')];
                var cipher = crypto.lib.PasswordBasedCipher;
                var pass = converse.connection.pass;
                var result, key;
-                if (saved_key) {
+                if (saved_key && instance_tag) {
                    var decrypted = cipher.decrypt(crypto.algo.AES, saved_key, pass);
                    key = otr.DSA.parsePrivate(decrypted.toString(crypto.enc.Latin1));
                    if (cipher.decrypt(crypto.algo.AES, this.get('pass_check'), pass).toString(crypto.enc.Latin1) === 'match') {
                        // Verified that the user's password is still the same
+                        this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]);
                        return {
                            'key': key,
-                            'instance_tag': this.get('instance_tag')
+                            'instance_tag': instance_tag
                        };
                    }
                } 
-                // We need to generate a new key
+                // We need to generate a new key and instance tag
                result = alert(__(
                    'Your browser needs to generate a private key, which will be used '+
                    'in your encrypted chat session. This can take up to 30 seconds and '+
                    'your browser might freeze and become unresponsive.'));
+                instance_tag = otr.OTR.makeInstanceTag();
                key = new otr.DSA();
-                var instance_tag = otr.OTR.makeInstanceTag();
+                // Encrypt the key and set in sessionStorage. Also store
+                // instance tag
+                window.sessionStorage[hex_sha1(this.id+'priv_key')] = 
+                    cipher.encrypt(crypto.algo.AES, key.packPrivate(), pass).toString();
+                window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
+
                this.trigger('showHelpMessages', [__('Private key generated.')]);
-                this.save({
-                    'priv_key': cipher.encrypt(crypto.algo.AES, key.packPrivate(), pass).toString(),
-                    'pass_check': cipher.encrypt(crypto.algo.AES, 'match', pass).toString(),
-                    'instance_tag': instance_tag
-                });
+                this.save({'pass_check': cipher.encrypt(crypto.algo.AES, 'match', pass).toString()});
                return {
                    'key': key,
                    'instance_tag': instance_tag
@@ -401,6 +407,7 @@
                // If 'query_msg' is passed in, it means there is an alread incoming
                // query message from our buddy. Otherwise, it is us who will
                // send the query message to them.
+                this.save({'otr_status': UNENCRYPTED});
                session = this.getSession();
                this.otr = new otr.OTR({
                    fragment_size: 140,