log users out if they do not have curve keys. add curve keys to object on registration and login.

2017-07-05 17:19:28 +02:00 · 2017-07-05 17:19:28 +02:00 · e353627204
parent 4016a95540
commit e353627204
5 changed files with 22 additions and 3 deletions
--- a/www/common/cryptpad-common.js
+++ b/www/common/cryptpad-common.js
@ -304,6 +304,12 @@ define([
            typeof(proxy.edPublic) === 'string';
    };

+    common.hasCurveKeys = function (proxy) {
+        return typeof(proxy) === 'object' &&
+            typeof(proxy.curvePrivate) === 'string' &&
+            typeof(proxy.curvePublic) === 'string';
+    };
+
    common.isArray = $.isArray;

    /*
--- a/www/common/fsStore.js
+++ b/www/common/fsStore.js
@ -206,7 +206,8 @@ define([
            }

            // if the user is logged in, but does not have signing keys...
-            if (Cryptpad.isLoggedIn() && !Cryptpad.hasSigningKeys(proxy)) {
+            if (Cryptpad.isLoggedIn() && (!Cryptpad.hasSigningKeys(proxy) ||
+                !Cryptpad.hasCurveKeys(proxy))) {
                return void requestLogin();
            }

@ -219,7 +220,6 @@ define([
                Cryptpad.changeDisplayName(proxy[Cryptpad.displayNameKey]);
            });
            proxy.on('change', [tokenKey], function () {
-                console.log('wut');
                var localToken = tryParsing(localStorage.getItem(tokenKey));
                if (localToken !== proxy[tokenKey]) {
                    return void requestLogin();
--- a/www/common/login.js
+++ b/www/common/login.js
@ -22,7 +22,12 @@ define([
        // 16 bytes for a deterministic channel key
        var channelSeed = dispense(16);
        // 32 bytes for a curve key
-        opt.curveSeed = dispense(32);
+        var curveSeed = dispense(32);
+
+        var curvePair = Nacl.box.keyPair.fromSecretKey(new Uint8Array(curveSeed));
+        opt.curvePrivate = Nacl.util.encodeBase64(curvePair.secretKey);
+        opt.curvePublic = Nacl.util.encodeBase64(curvePair.publicKey);
+
        // 32 more for a signing key
        var edSeed = opt.edSeed = dispense(32);

@ -109,6 +114,9 @@ define([
                res.edPrivate = opt.edPrivate;
                res.edPublic = opt.edPublic;

+                res.curvePrivate = opt.curvePrivate;
+                res.curvePublic = opt.curvePublic;
+
                // they tried to just log in but there's no such user
                if (!isRegister && isProxyEmpty(rt.proxy)) {
                    rt.network.disconnect(); // clean up after yourself
--- a/www/login/main.js
+++ b/www/login/main.js
@ -91,6 +91,9 @@ define([
                                proxy.edPrivate = result.edPrivate;
                                proxy.edPublic = result.edPublic;

+                                proxy.curvePrivate = result.curvePrivate;
+                                proxy.curvePublic = result.curvePublic;
+
                                Cryptpad.feedback('LOGIN', true);
                                Cryptpad.whenRealtimeSyncs(result.realtime, function() {
                                    Cryptpad.login(result.userHash, result.userName, function () {
--- a/www/register/main.js
+++ b/www/register/main.js
@ -75,6 +75,8 @@ define([
            var proxy = result.proxy;
            proxy.edPublic = result.edPublic;
            proxy.edPrivate = result.edPrivate;
+            proxy.curvePublic = result.curvePublic;
+            proxy.curvePrivate = result.curvePrivate;

            Cryptpad.feedback('REGISTRATION', true);