Commit 1574acb3 authored by JC Brand's avatar JC Brand

Save the private key and instance tag in session storage.

parent 9967b955
...@@ -317,34 +317,40 @@ ...@@ -317,34 +317,40 @@
}, },
getSession: function () { getSession: function () {
var saved_key = this.get('priv_key'); // XXX: sessionStorage is not supported in IE < 8. Perhaps a
// user alert is required here...
var saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')];
var instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')];
var cipher = crypto.lib.PasswordBasedCipher; var cipher = crypto.lib.PasswordBasedCipher;
var pass = converse.connection.pass; var pass = converse.connection.pass;
var result, key; var result, key;
if (saved_key) { if (saved_key && instance_tag) {
var decrypted = cipher.decrypt(crypto.algo.AES, saved_key, pass); var decrypted = cipher.decrypt(crypto.algo.AES, saved_key, pass);
key = otr.DSA.parsePrivate(decrypted.toString(crypto.enc.Latin1)); key = otr.DSA.parsePrivate(decrypted.toString(crypto.enc.Latin1));
if (cipher.decrypt(crypto.algo.AES, this.get('pass_check'), pass).toString(crypto.enc.Latin1) === 'match') { if (cipher.decrypt(crypto.algo.AES, this.get('pass_check'), pass).toString(crypto.enc.Latin1) === 'match') {
// Verified that the user's password is still the same // Verified that the user's password is still the same
this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]);
return { return {
'key': key, 'key': key,
'instance_tag': this.get('instance_tag') 'instance_tag': instance_tag
}; };
} }
} }
// We need to generate a new key // We need to generate a new key and instance tag
result = alert(__( result = alert(__(
'Your browser needs to generate a private key, which will be used '+ 'Your browser needs to generate a private key, which will be used '+
'in your encrypted chat session. This can take up to 30 seconds and '+ 'in your encrypted chat session. This can take up to 30 seconds and '+
'your browser might freeze and become unresponsive.')); 'your browser might freeze and become unresponsive.'));
instance_tag = otr.OTR.makeInstanceTag();
key = new otr.DSA(); key = new otr.DSA();
var instance_tag = otr.OTR.makeInstanceTag(); // Encrypt the key and set in sessionStorage. Also store
// instance tag
window.sessionStorage[hex_sha1(this.id+'priv_key')] =
cipher.encrypt(crypto.algo.AES, key.packPrivate(), pass).toString();
window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
this.trigger('showHelpMessages', [__('Private key generated.')]); this.trigger('showHelpMessages', [__('Private key generated.')]);
this.save({ this.save({'pass_check': cipher.encrypt(crypto.algo.AES, 'match', pass).toString()});
'priv_key': cipher.encrypt(crypto.algo.AES, key.packPrivate(), pass).toString(),
'pass_check': cipher.encrypt(crypto.algo.AES, 'match', pass).toString(),
'instance_tag': instance_tag
});
return { return {
'key': key, 'key': key,
'instance_tag': instance_tag 'instance_tag': instance_tag
...@@ -401,6 +407,7 @@ ...@@ -401,6 +407,7 @@
// If 'query_msg' is passed in, it means there is an alread incoming // If 'query_msg' is passed in, it means there is an alread incoming
// query message from our buddy. Otherwise, it is us who will // query message from our buddy. Otherwise, it is us who will
// send the query message to them. // send the query message to them.
this.save({'otr_status': UNENCRYPTED});
session = this.getSession(); session = this.getSession();
this.otr = new otr.OTR({ this.otr = new otr.OTR({
fragment_size: 140, fragment_size: 140,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment