Disable OMEMO when the current device is not trusted.

updates #1242

CHANGES.md

@@ -7,6 +7,7 @@
 - Bugfix. MUC features weren't being refreshed when saving the config form
 - Don't show duplicate notification messages
 - New config setting [show_images_inline](https://conversejs.org/docs/html/configuration.html#show-images-inline)
+- Disable OMEMO when the user has indicated that Converse is running on an untrusted device.
 - #537 Render `xmpp:` URI as link
 - #1058 Send an inactive chat state notification when the user switches to another tab 
 - #1062 Collapse multiple join/leave messages into one

dist/converse.js

@@ -72859,11 +72859,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
         },
 
         getMessageAttributesFromStanza(stanza, original_stanza) {
-          const encrypted = sizzle(`encrypted[xmlns="${Strophe.NS.OMEMO}"]`, original_stanza).pop();
-
-          const attrs = this.__super__.getMessageAttributesFromStanza.apply(this, arguments);
+          const _converse = this.__super__._converse,
+                encrypted = sizzle(`encrypted[xmlns="${Strophe.NS.OMEMO}"]`, original_stanza).pop(),
+                attrs = this.__super__.getMessageAttributesFromStanza.apply(this, arguments);
 
-          if (!encrypted) {
+          if (!encrypted || !_converse.config.get('trusted')) {
             return attrs;
           } else {
             return this.getEncryptionAttributesfromStanza(stanza, original_stanza, attrs);
@@ -73641,6 +73641,10 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
       }
 
       function initOMEMO() {
+        if (!_converse.config.get('trusted')) {
+          return;
+        }
+
         _converse.devicelists = new _converse.DeviceLists();
 
         const storage = _converse.config.get('storage'),
@@ -80004,7 +80008,7 @@ __p += ' checked="checked" ';
 __p += '>\n                    <label for="converse-login-trusted" class="form-check-label login-trusted__desc">' +
 __e(o.__('This is a trusted device')) +
 '</label>\n                    <i class="fa fa-info-circle" data-toggle="popover"\n                       data-title="Trusted device?"\n                       data-content="' +
-__e(o.__('To improve performance, we cache your data in this browser. Uncheck this box if this is a public computer or if you want your data to be deleted when you log out. It\'s important that you explicitly log out, otherwise not all cached data might be deleted.')) +
+__e(o.__('To improve performance, we cache your data in this browser. Uncheck this box if this is a public computer or if you want your data to be deleted when you log out. It\'s important that you explicitly log out, otherwise not all cached data might be deleted. Please note, when using an untrusted device, OMEMO encryption is be supported.')) +
 '"></i>\n                </div>\n\n                <fieldset class="buttons">\n                    <input class="btn btn-primary" type="submit" value="' +
 __e(o.__('Log in')) +
 '">\n                </fieldset>\n            ';

src/converse-omemo.js

@@ -321,9 +321,11 @@
                 },
 
                 getMessageAttributesFromStanza (stanza, original_stanza) {
-                    const encrypted = sizzle(`encrypted[xmlns="${Strophe.NS.OMEMO}"]`, original_stanza).pop();
-                    const attrs = this.__super__.getMessageAttributesFromStanza.apply(this, arguments);
-                    if (!encrypted) {
+                    const { _converse } = this.__super__,
+                          encrypted = sizzle(`encrypted[xmlns="${Strophe.NS.OMEMO}"]`, original_stanza).pop(),
+                          attrs = this.__super__.getMessageAttributesFromStanza.apply(this, arguments);
+
+                    if (!encrypted || !_converse.config.get('trusted')) {
                         return attrs;
                     } else {
                         return this.getEncryptionAttributesfromStanza(stanza, original_stanza, attrs);
@@ -1010,7 +1012,10 @@
                 return _converse.omemo_store.fetchSession();
             }
 
-            function initOMEMO() {
+            function initOMEMO () {
+                if (!_converse.config.get('trusted')) {
+                    return;
+                }
                 _converse.devicelists = new _converse.DeviceLists();
                 const storage = _converse.config.get('storage'),
                       id = `converse.devicelists-${_converse.bare_jid}`;
@@ -1030,7 +1035,7 @@
                 delete _converse.omemo_store;
             });
             _converse.api.listen.on('connected', registerPEPPushHandler);
-            _converse.api.listen.on('renderToolbar', (view) => view.renderOMEMOToolbarButton());
+            _converse.api.listen.on('renderToolbar', view => view.renderOMEMOToolbarButton());
             _converse.api.listen.on('statusInitialized', initOMEMO);
             _converse.api.listen.on('addClientFeatures',
                 () => _converse.api.disco.own.features.add(`${Strophe.NS.OMEMO_DEVICELIST}+notify`));

src/templates/login_panel.html

@@ -23,7 +23,7 @@
                     <label for="converse-login-trusted" class="form-check-label login-trusted__desc">{{{o.__('This is a trusted device')}}}</label>
                     <i class="fa fa-info-circle" data-toggle="popover"
                        data-title="Trusted device?"
-                       data-content="{{{o.__('To improve performance, we cache your data in this browser. Uncheck this box if this is a public computer or if you want your data to be deleted when you log out. It\'s important that you explicitly log out, otherwise not all cached data might be deleted.')}}}"></i>
+                       data-content="{{{o.__('To improve performance, we cache your data in this browser. Uncheck this box if this is a public computer or if you want your data to be deleted when you log out. It\'s important that you explicitly log out, otherwise not all cached data might be deleted. Please note, when using an untrusted device, OMEMO encryption is be supported.')}}}"></i>
                 </div>
 
                 <fieldset class="buttons">