Encrypt password before putting it in the hash

pull/1/head
yflory 4 years ago committed by ansuz
parent 7eea957a4d
commit 47eace89bf

@ -2647,6 +2647,7 @@ define([
classic: true,
};
var rt = window.rt = Listmap.create(listmapConfig);
store.driveSecret = secret;
store.proxy = rt.proxy;
store.loggedIn = typeof(data.userHash) !== "undefined";

@ -2,7 +2,8 @@ define([
'/common/common-messaging.js',
'/common/common-hash.js',
'/common/common-util.js',
], function (Messaging, Hash, Util) {
'/bower_components/chainpad-crypto/crypto.js',
], function (Messaging, Hash, Util, Crypto) {
// Random timeout between 10 and 30 times your sync time (lag + chainpad sync)
var getRandomTimeout = function (ctx) {
@ -221,6 +222,11 @@ define([
toRemove = old.data;
}
if (content.password) {
var key = ctx.store.driveSecret.keys.cryptKey;
content.password = Crypto.encrypt(content.password, key);
}
// Update the data
channels[channel] = {
mode: mode,

@ -207,7 +207,14 @@ define([
var newPad = JSON.parse(decodeURIComponent(parsed.hashData.newPadOpts));
Cryptpad.initialTeam = newPad.t;
Cryptpad.initialPath = newPad.p;
newPadPassword = newPad.pw;
if (newPad.pw) {
try {
var uHash = Utils.LocalStore.getUserHash();
var uSecret = Utils.Hash.getSecrets('drive', uHash);
var uKey = uSecret.keys.cryptKey;
newPadPassword = Crypto.decrypt(newPad.pw, uKey);
} catch (e) { console.error(e); }
}
if (newPad.d) {
Cryptpad.fromFileData = newPad.d;
var _parsed1 = Utils.Hash.parsePadUrl(Cryptpad.fromFileData.href);

Loading…
Cancel
Save