Validate messages not coming from history-keeper

7 years ago · e37aab492b
parent 2381dd0e39
commit e37aab492b
4 changed files with 19 additions and 8 deletions
--- a/www/common/outer/async-store.js
+++ b/www/common/outer/async-store.js
@ -918,8 +918,12 @@ define([
                channel.data = padData || {};
                postMessage("PAD_READY");
            }, // post EV_PAD_READY
-            onMessage: function (m) {
-                postMessage("PAD_MESSAGE", m);
+            onMessage: function (user, m, validateKey) {
+                postMessage("PAD_MESSAGE", {
+                    user: user,
+                    msg: m,
+                    validateKey: validateKey
+                });
            }, // post EV_PAD_MESSAGE
            onJoin: function (m) {
                postMessage("PAD_JOIN", m);
--- a/www/common/outer/chainpad-netflux-worker.js
+++ b/www/common/outer/chainpad-netflux-worker.js
@ -130,7 +130,7 @@ define([], function () {
            message = unBencode(message);//.slice(message.indexOf(':[') + 1);

            // pass the message into Chainpad
-            onMessage(message);
+            onMessage(peer, message, validateKey);
            //sframeChan.query('Q_RT_MESSAGE', message, function () { });
        };

--- a/www/common/sframe-chainpad-netflux-outer.js
+++ b/www/common/sframe-chainpad-netflux-outer.js
@ -39,9 +39,11 @@ define([], function () {
        });

        // shim between chainpad and netflux
-        var msgIn = function (msg) {
+        var msgIn = function (peer, msg) {
            try {
-                var decryptedMsg = Crypto.decrypt(msg, isNewHash);
+                var isHk = peer.length !== 32;
+                var key = isNewHash ? validateKey : false;
+                var decryptedMsg = Crypto.decrypt(msg, key, isHk);
                return decryptedMsg;
            } catch (err) {
                console.error(err);
@ -67,8 +69,11 @@ define([], function () {
            padRpc.sendPadMsg(msg, cb);
        });

-        var onMessage = function(msg) {
-            var message = msgIn(msg);
+        var onMessage = function(msgObj) {
+            if (msgObj.validateKey && !validateKey) {
+                validateKey = msgObj.validateKey;
+            }
+            var message = msgIn(msgObj.user, msgObj.msg);

            verbose(message);

--- a/www/common/sframe-common-outer.js
+++ b/www/common/sframe-common-outer.js
@ -325,7 +325,9 @@ define([
                    validateKey: secret.keys.validateKey
                }, function (encryptedMsgs) {
                    cb(encryptedMsgs.map(function (msg) {
-                        return crypto.decrypt(msg, true);
+                        // The 3rd parameter "true" means we're going to skip signature validation.
+                        // We don't need it since the message is already validated serverside by hk
+                        return crypto.decrypt(msg, true, true);
                    }));
                });
            });