diff options
| author | Marvin Borner | 2019-01-26 22:16:30 +0100 |
|---|---|---|
| committer | Marvin Borner | 2019-01-26 22:16:30 +0100 |
| commit | 150779fa6ad074f9124a495cbb79209419a1ca34 (patch) | |
| tree | c8d6a01cb3e738c0e1c7f04aec8049dd51a0763a /public | |
| parent | be66b667d1e301751e49d87fd9282c2f6148b6f8 (diff) | |
Added public key verification
Diffstat (limited to 'public')
| -rw-r--r-- | public/scripts/2_encryption.js | 39 | ||||
| -rw-r--r-- | public/scripts/chat.js | 13 |
2 files changed, 31 insertions, 21 deletions
diff --git a/public/scripts/2_encryption.js b/public/scripts/2_encryption.js index fbc46fe..e33b475 100644 --- a/public/scripts/2_encryption.js +++ b/public/scripts/2_encryption.js @@ -54,7 +54,8 @@ async function generateKeys(peerId, passphrase) { * @returns {Promise<String>} */ async function getPrivateKey() { - return await db.own_keys.where('key_type').equals('private_key').limit(1).toArray().then(res => res.length > 0 ? res[0]['key_data'] : ''); + return await db.own_keys.where('key_type').equals('private_key').limit(1).toArray() + .then(res => res.length > 0 ? res[0]['key_data'] : ''); } /** @@ -62,7 +63,8 @@ async function getPrivateKey() { * @returns {Promise<String>} */ async function getPublicKey() { - return await db.own_keys.where('key_type').equals('public_key').limit(1).toArray().then(res => res.length > 0 ? res[0]['key_data'] : ''); + return await db.own_keys.where('key_type').equals('public_key').limit(1).toArray() + .then(res => res.length > 0 ? res[0]['key_data'] : ''); } /** @@ -70,7 +72,8 @@ async function getPublicKey() { * @returns {Promise<String>} */ async function getRevocationCertificate() { - return await db.own_keys.where('key_type').equals('public_key').limit(1).toArray().then(res => res.length > 0 ? res[0]['key_data'] : ''); + return await db.own_keys.where('key_type').equals('public_key').limit(1).toArray() + .then(res => res.length > 0 ? res[0]['key_data'] : ''); } /** @@ -81,7 +84,6 @@ async function getRevocationCertificate() { * @returns {Promise<String>} */ async function encrypt(data, publicKey) { - console.log(publicKey); //const privateKeyObj = (await openpgp.key.readArmored(privateKey)).keys[0]; //await privateKeyObj.decrypt(passphrase); @@ -91,10 +93,7 @@ async function encrypt(data, publicKey) { //privateKeys: [privateKeyObj] // TODO: Use private key for signing }; - return await openpgp.encrypt(options).then(ciphertext => { - console.log(ciphertext.data); - return ciphertext.data; - }); + return await openpgp.encrypt(options).then(ciphertext => ciphertext.data); } /** @@ -140,22 +139,32 @@ async function isEncrypted() { * @param key */ async function storePeerPublicKey(peerId, key) { - console.log(peerId); - console.log(key); await db.peer_keys.put({peer_id: peerId, key_data: key}).then(() => console.log('[LOG] Stored public key of ' + peerId) ); } /** - * Gets the public key of a peer + * Gets and verifies the public key of a peer * @param peerId * @returns {Promise<String>} */ async function getPeerPublicKey(peerId) { - return await db.peer_keys.where('peer_id').equals(peerId).limit(1).toArray().then(res => - res.length > 0 ? res[0]['key_data'] : '' - ); + return await db.peer_keys.where('peer_id').equals(peerId).limit(1).toArray().then(async res => { + let publicKey; + if (res.length > 0) { + publicKey = res[0]['key_data']; + const publicKeyUserId = (await (await openpgp.key.readArmored(publicKey)).keys[0].getPrimaryUser() + .then(obj => obj.user.userId.userid)); + if (publicKeyUserId !== peerId) { + publicKey = ''; + console.error('[LOG] Public key verification failed! The peers real identity is ' + publicKeyUserId) + } else + console.log('[LOG] Public key verification succeeded!') + } else + publicKey = ''; + return publicKey; + }); } /** @@ -182,3 +191,5 @@ exports.check = isEncrypted; exports.store = storePeerPublicKey; exports.get = getPeerPublicKey; exports.test = testEncryption; + +window.pgp = openpgp; diff --git a/public/scripts/chat.js b/public/scripts/chat.js index 5f437d9..9845b50 100644 --- a/public/scripts/chat.js +++ b/public/scripts/chat.js @@ -1,12 +1,12 @@ const $ = require('jquery'); const encryption = require('./2_encryption'); const generate = require('nanoid/generate'); -const nolookalikes = require('nanoid-dictionary/nolookalikes'); +const noLookalikes = require('nanoid-dictionary/nolookalikes'); -let connectedPeers = []; // TODO: Save new peers in array let connectedPeer; -const peerId = generate(nolookalikes, 16); -const host = '127.0.0.1'; +let connectedPeers = []; // TODO: Save new peers in array +const peerId = generate(noLookalikes, 16); +const host = 'meta.marvinborner.de'; // setup encryption (async () => { @@ -38,7 +38,7 @@ function chat() { * @param id */ function connect(id) { - const connectionId = generate(nolookalikes, 16); + const connectionId = generate(noLookalikes, 16); console.log('[LOG] Connecting to', id); console.log('[LOG] Your connection ID is', connectionId); connectedPeer = peer.connect(id, {label: connectionId, reliable: true}); @@ -53,7 +53,7 @@ function chat() { * @returns {Promise<void>} */ async function sendMessage(message) { - console.log(`[LOG] Sending message ${message} to ${connectedPeer.peer}`); + console.log(`[LOG] Sending message '${message}' to ${connectedPeer.peer}`); await encryption.get(connectedPeer.peer).then(async peerKey => { await encryption.encrypt(message, peerKey).then(async encrypted => { connectedPeer.send({type: 'text', data: encrypted}); @@ -81,7 +81,6 @@ function chat() { $('#messages').append(`<span style="color: green">${message}</span><br>`); } else { if (message.type === 'text') { - // TODO: Cleanup async method calls await encryption.get(connectedPeer.peer).then(async peerKey => { await encryption.getPrivate().then(async privateKey => { await encryption.decrypt(message.data, peerKey, privateKey, 'supersecure') |