diff options
author | friendica <info@friendica.com> | 2013-12-23 15:13:09 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-12-23 15:13:09 -0800 |
commit | 63a42480c7eb36bdc8b63b31b2a4d222ba5751cd (patch) | |
tree | b0bd80b8f114e2711152ce0374783a7106e068b1 /js | |
parent | 4517bdcff1aa75c5389f9fb29947012fca5df4e1 (diff) | |
download | volse-hubzilla-63a42480c7eb36bdc8b63b31b2a4d222ba5751cd.tar.gz volse-hubzilla-63a42480c7eb36bdc8b63b31b2a4d222ba5751cd.tar.bz2 volse-hubzilla-63a42480c7eb36bdc8b63b31b2a4d222ba5751cd.zip |
add account_level, is_foreigner and is_member functions; convert all e2ee user input and prompts to hex to avoid javascipt's lame handling of quotes. !!This breaks all prior encrypted posts.!!
Diffstat (limited to 'js')
-rw-r--r-- | js/crypto.js | 10 | ||||
-rw-r--r-- | js/main.js | 9 |
2 files changed, 14 insertions, 5 deletions
diff --git a/js/crypto.js b/js/crypto.js index a144e03ea..2e6402c62 100644 --- a/js/crypto.js +++ b/js/crypto.js @@ -43,7 +43,7 @@ function red_encrypt(alg, elem,text) { // key and hint need to be localised - var enc_key = prompt(aStr['passphrase']); + var enc_key = bin2hex(prompt(aStr['passphrase'])); // If you don't provide a key you get rot13, which doesn't need a key // but consequently isn't secure. @@ -59,7 +59,7 @@ function red_encrypt(alg, elem,text) { // This is the prompt we're going to use when the receiver tries to open it. // Maybe "Grandma's maiden name" or "our secret place" or something. - var enc_hint = prompt(aStr['passhint']); + var enc_hint = bin2hex(prompt(aStr['passhint'])); enc_text = CryptoJS.AES.encrypt(text,enc_key); @@ -72,7 +72,7 @@ function red_encrypt(alg, elem,text) { // This is the prompt we're going to use when the receiver tries to open it. // Maybe "Grandma's maiden name" or "our secret place" or something. - var enc_hint = prompt(aStr['passhint']); + var enc_hint = bin2hex(prompt(aStr['passhint'])); enc_text = CryptoJS.Rabbit.encrypt(text,enc_key); encrypted = enc_text.toString(); @@ -84,7 +84,7 @@ function red_encrypt(alg, elem,text) { // This is the prompt we're going to use when the receiver tries to open it. // Maybe "Grandma's maiden name" or "our secret place" or something. - var enc_hint = prompt(aStr['passhint']); + var enc_hint = bin2hex(prompt(aStr['passhint'])); enc_text = CryptoJS.TripleDES.encrypt(text,enc_key); encrypted = enc_text.toString(); @@ -135,7 +135,7 @@ function red_decrypt(alg,hint,text,elem) { if(alg == 'rot13' || alg == 'triple-rot13') dec_text = str_rot13(text); else { - var enc_key = prompt((hint.length) ? hint : aStr['passphrase']); + var enc_key = bin2hex(prompt((hint.length) ? hex2bin(hint) : aStr['passphrase'])); } if(alg == 'aes256') { diff --git a/js/main.js b/js/main.js index 70d11bfd3..c8e9fc9a2 100644 --- a/js/main.js +++ b/js/main.js @@ -873,6 +873,15 @@ function updateConvItems(mode,data) { return a.join(''); } + function hex2bin(hex) { + var bytes = [], str; + + for(var i=0; i< hex.length-1; i+=2) + bytes.push(parseInt(hex.substr(i, 2), 16)); + + return String.fromCharCode.apply(String, bytes); + } + function groupChangeMember(gid, cid, sec_token) { $('body .fakelink').css('cursor', 'wait'); $.get('group/' + gid + '/' + cid + "?t=" + sec_token, function(data) { |