From e3536272045221e44d430056866c999db4bcc677 Mon Sep 17 00:00:00 2001 From: ansuz Date: Wed, 5 Jul 2017 17:19:28 +0200 Subject: [PATCH] log users out if they do not have curve keys. add curve keys to object on registration and login. --- www/common/cryptpad-common.js | 6 ++++++ www/common/fsStore.js | 4 ++-- www/common/login.js | 10 +++++++++- www/login/main.js | 3 +++ www/register/main.js | 2 ++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 5c1e748f9..d3f081ef3 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -304,6 +304,12 @@ define([ typeof(proxy.edPublic) === 'string'; }; + common.hasCurveKeys = function (proxy) { + return typeof(proxy) === 'object' && + typeof(proxy.curvePrivate) === 'string' && + typeof(proxy.curvePublic) === 'string'; + }; + common.isArray = $.isArray; /* diff --git a/www/common/fsStore.js b/www/common/fsStore.js index b47d3c50e..880429ed9 100644 --- a/www/common/fsStore.js +++ b/www/common/fsStore.js @@ -206,7 +206,8 @@ define([ } // if the user is logged in, but does not have signing keys... - if (Cryptpad.isLoggedIn() && !Cryptpad.hasSigningKeys(proxy)) { + if (Cryptpad.isLoggedIn() && (!Cryptpad.hasSigningKeys(proxy) || + !Cryptpad.hasCurveKeys(proxy))) { return void requestLogin(); } @@ -219,7 +220,6 @@ define([ Cryptpad.changeDisplayName(proxy[Cryptpad.displayNameKey]); }); proxy.on('change', [tokenKey], function () { - console.log('wut'); var localToken = tryParsing(localStorage.getItem(tokenKey)); if (localToken !== proxy[tokenKey]) { return void requestLogin(); diff --git a/www/common/login.js b/www/common/login.js index 004837ea1..fdb58c1d5 100644 --- a/www/common/login.js +++ b/www/common/login.js @@ -22,7 +22,12 @@ define([ // 16 bytes for a deterministic channel key var channelSeed = dispense(16); // 32 bytes for a curve key - opt.curveSeed = dispense(32); + var curveSeed = dispense(32); + + var curvePair = Nacl.box.keyPair.fromSecretKey(new Uint8Array(curveSeed)); + opt.curvePrivate = Nacl.util.encodeBase64(curvePair.secretKey); + opt.curvePublic = Nacl.util.encodeBase64(curvePair.publicKey); + // 32 more for a signing key var edSeed = opt.edSeed = dispense(32); @@ -109,6 +114,9 @@ define([ res.edPrivate = opt.edPrivate; res.edPublic = opt.edPublic; + res.curvePrivate = opt.curvePrivate; + res.curvePublic = opt.curvePublic; + // they tried to just log in but there's no such user if (!isRegister && isProxyEmpty(rt.proxy)) { rt.network.disconnect(); // clean up after yourself diff --git a/www/login/main.js b/www/login/main.js index ae860888d..0b1c6da06 100644 --- a/www/login/main.js +++ b/www/login/main.js @@ -91,6 +91,9 @@ define([ proxy.edPrivate = result.edPrivate; proxy.edPublic = result.edPublic; + proxy.curvePrivate = result.curvePrivate; + proxy.curvePublic = result.curvePublic; + Cryptpad.feedback('LOGIN', true); Cryptpad.whenRealtimeSyncs(result.realtime, function() { Cryptpad.login(result.userHash, result.userName, function () { diff --git a/www/register/main.js b/www/register/main.js index 97a1d1a20..6c8891d2a 100644 --- a/www/register/main.js +++ b/www/register/main.js @@ -75,6 +75,8 @@ define([ var proxy = result.proxy; proxy.edPublic = result.edPublic; proxy.edPrivate = result.edPrivate; + proxy.curvePublic = result.curvePublic; + proxy.curvePrivate = result.curvePrivate; Cryptpad.feedback('REGISTRATION', true);