Skip to content

C
converse.js
Commit d0f023db authored by JC Brand's avatar JC Brand
Browse files
Options

Allow the OTR private key to be cached. Updates #111

parent 5406df1b
Hide whitespace changes
Inline Side-by-side
Showing with 64 additions and 38 deletions
converse.js
View file @ d0f023db
...@@ -135,6 +135,7 @@ ...@@ -135,6 +135,7 @@
this.auto_list_rooms = false; this.auto_list_rooms = false;
this.auto_subscribe = false; this.auto_subscribe = false;
this.bosh_service_url = undefined; // The BOSH connection manager URL. this.bosh_service_url = undefined; // The BOSH connection manager URL.
this.cache_otr_key = false;
this.debug = false; this.debug = false;
this.hide_muc_server = false; this.hide_muc_server = false;
this.i18n = locales.en; this.i18n = locales.en;
...@@ -159,6 +160,7 @@ ...@@ -159,6 +160,7 @@
'auto_list_rooms', 'auto_list_rooms',
'auto_subscribe', 'auto_subscribe',
'bosh_service_url', 'bosh_service_url',
'cache_otr_key',
'connection', 'connection',
'debug', 'debug',
'fullname', 'fullname',
...@@ -167,11 +169,11 @@ ...@@ -167,11 +169,11 @@
'jid', 'jid',
'prebind', 'prebind',
'rid', 'rid',
'show_call_button',
'show_controlbox_by_default', 'show_controlbox_by_default',
'show_emoticons', 'show_emoticons',
'show_only_online_users', 'show_only_online_users',
'show_toolbar', 'show_toolbar',
'show_call_button',
'sid', 'sid',
'use_vcards', 'use_vcards',
'xhr_custom_status', 'xhr_custom_status',
...@@ -528,30 +530,56 @@ ...@@ -528,30 +530,56 @@
} }
}, },
getSessionPassphrase: function () {
return converse.prebind ? converse.connection.jid : converse.connection.pass;
},
generatePrivateKey: function (callback, instance_tag) {
var cipher = CryptoJS.lib.PasswordBasedCipher;
var key = new DSA();
if (converse.cache_otr_key) {
pass = this.getSessionPassphrase();
if (typeof pass !== "undefined") {
// Encrypt the key and set in sessionStorage. Also store instance tag.
window.sessionStorage[hex_sha1(this.id+'priv_key')] =
cipher.encrypt(CryptoJS.algo.AES, key.packPrivate(), pass).toString();
window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
this.save({'pass_check': cipher.encrypt(CryptoJS.algo.AES, 'match', pass).toString()});
}
}
this.trigger('showHelpMessages', [__('Private key generated.')], null, false);
callback({
'key': key,
'instance_tag': instance_tag
});
},
getSession: function (callback) { getSession: function (callback) {
// FIXME: sessionStorage is not supported in IE < 8. Perhaps a // FIXME: sessionStorage is not supported in IE < 8. Perhaps a
// user alert is required here... // user alert is required here...
var result, pass, instance_tag, saved_key;
var cipher = CryptoJS.lib.PasswordBasedCipher; var cipher = CryptoJS.lib.PasswordBasedCipher;
if (typeof converse.connection.pass !== "undefined") { var result, pass, instance_tag, saved_key;
instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')]; if (converse.cache_otr_key) {
saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')]; pass = this.getSessionPassphrase();
pass = converse.connection.pass; if (typeof pass !== "undefined") {
var pass_check = this.get('pass_check'); instance_tag = window.sessionStorage[hex_sha1(this.id+'instance_tag')];
if (saved_key && instance_tag && typeof pass_check !== 'undefined') { saved_key = window.sessionStorage[hex_sha1(this.id+'priv_key')];
var decrypted = cipher.decrypt(CryptoJS.algo.AES, saved_key, pass); var pass_check = this.get('pass_check');
var key = DSA.parsePrivate(decrypted.toString(CryptoJS.enc.Latin1)); if (saved_key && instance_tag && typeof pass_check !== 'undefined') {
if (cipher.decrypt(CryptoJS.algo.AES, pass_check, pass).toString(CryptoJS.enc.Latin1) === 'match') { var decrypted = cipher.decrypt(CryptoJS.algo.AES, saved_key, pass);
// Verified that the user's password is still the same var key = DSA.parsePrivate(decrypted.toString(CryptoJS.enc.Latin1));
this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]); if (cipher.decrypt(CryptoJS.algo.AES, pass_check, pass).toString(CryptoJS.enc.Latin1) === 'match') {
callback({ // Verified that the passphrase is still the same
'key': key, this.trigger('showHelpMessages', [__('Re-establishing encrypted session')]);
'instance_tag': instance_tag callback({
}); 'key': key,
'instance_tag': instance_tag
});
return; // Our work is done here
}
} }
} }
} }
// We need to generate a new key and instance tag // We need to generate a new key and instance tag
instance_tag = OTR.makeInstanceTag(); instance_tag = OTR.makeInstanceTag();
this.trigger('showHelpMessages', [ this.trigger('showHelpMessages', [
...@@ -560,25 +588,7 @@ ...@@ -560,25 +588,7 @@
null, null,
true // show spinner true // show spinner
); );
setTimeout($.proxy(this.generatePrivateKey, this), 500, callback, instance_tag);
var clb = callback;
setTimeout($.proxy(function () {
var key = new DSA();
if (typeof converse.connection.pass !== "undefined") {
// Encrypt the key and set in sessionStorage. Also store
// instance tag
window.sessionStorage[hex_sha1(this.id+'priv_key')] =
cipher.encrypt(CryptoJS.algo.AES, key.packPrivate(), pass).toString();
window.sessionStorage[hex_sha1(this.id+'instance_tag')] = instance_tag;
this.save({'pass_check': cipher.encrypt(CryptoJS.algo.AES, 'match', pass).toString()});
}
this.trigger('showHelpMessages', [__('Private key generated.')], null, false);
clb({
'key': key,
'instance_tag': instance_tag
});
}, this), 500);
}, },
updateOTRStatus: function (state) { updateOTRStatus: function (state) {
......
docs/CHANGES.rst
View file @ d0f023db
...@@ -6,6 +6,7 @@ Unreleased ...@@ -6,6 +6,7 @@ Unreleased
* Option to display a call button in the chatbox toolbar, to allow third-party libraries to provide a calling feature. [Aupajo] * Option to display a call button in the chatbox toolbar, to allow third-party libraries to provide a calling feature. [Aupajo]
* #108 Japanese Translations [mako09] * #108 Japanese Translations [mako09]
* #111 OTR not working when using converse.js with prebinding. [jseidl, jcbrand]
* #114 Hewbrew Translations [GreenLunar] * #114 Hewbrew Translations [GreenLunar]
* #115 Indonesian Translations [priyadi] * #115 Indonesian Translations [priyadi]
......
docs/source/index.rst
View file @ d0f023db
...@@ -306,7 +306,6 @@ Facebook integration ...@@ -306,7 +306,6 @@ Facebook integration
this myself. Feedback and patches from people who have succesfully done this this myself. Feedback and patches from people who have succesfully done this
will be appreciated. will be appreciated.
Converse.js uses `Strophe.js <http://strophe.im/strophejs>`_ to connect and Converse.js uses `Strophe.js <http://strophe.im/strophejs>`_ to connect and
communicate with the XMPP server. One nice thing about Strophe.js is that it communicate with the XMPP server. One nice thing about Strophe.js is that it
can be extended via `plugins <http://github.com/strophe/strophejs-plugins>`_. can be extended via `plugins <http://github.com/strophe/strophejs-plugins>`_.
...@@ -763,6 +762,22 @@ a middle man between HTTP and XMPP. ...@@ -763,6 +762,22 @@ a middle man between HTTP and XMPP.
See `here <http://metajack.im/2008/09/08/which-bosh-server-do-you-need>`_ for more information. See `here <http://metajack.im/2008/09/08/which-bosh-server-do-you-need>`_ for more information.
cache_otr_key
-------------
Default = ``false``
Let the `OTR (Off-the-record encryption) <https://otr.cypherpunks.ca>`_ private
key be cached in your browser's session storage.
The browser's session storage persists across page loads but is deleted once
the tab or window is closed.
If this options is set to ``false``, a new OTR private key will be generated
for each page load. While more inconvenient, this is a much more secure option.
This setting can only be used together with ``allow_otr = true``.
debug debug
----- -----
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7