sending challenge on paste creation, adding logic to store and check it on view requests

2019-06-28 21:33:52 +02:00
parent d0c8975b89
commit 79db7ddafc
13 changed files with 247 additions and 14 deletions
--- a/js/pastemeta.jsonld
+++ b/js/pastemeta.jsonld
@@ -26,6 +26,9 @@
 		},
 		"time_to_live": {
 			"@type": "pb:RemainingSeconds"
+		},
+		"challenge": {
+			"@type": "pb:Challenge"
 		}
 	}
 }
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -4229,7 +4229,9 @@ jQuery.PrivateBin = (function($, RawDeflate) {

            // prepare server interaction
            ServerInteraction.prepare();
-            ServerInteraction.setCryptParameters(TopNav.getPassword());
+            const key = CryptTool.getSymmetricKey(),
+                  password = TopNav.getPassword();
+            ServerInteraction.setCryptParameters(password, key);

            // set success/fail functions
            ServerInteraction.setSuccess(showCreatedPaste);
@@ -4250,7 +4252,10 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                TopNav.getOpenDiscussion() ? 1 : 0,
                TopNav.getBurnAfterReading() ? 1 : 0
            ]);
-            ServerInteraction.setUnencryptedData('meta', {'expire': TopNav.getExpiration()});
+            ServerInteraction.setUnencryptedData('meta', {
+                'expire':    TopNav.getExpiration(),
+                'challenge': CryptTool.getCredentials(key, password)
+            });

            // prepare PasteViewer for later preview
            PasteViewer.setText(plainText);
--- a/js/types.jsonld
+++ b/js/types.jsonld
@@ -92,6 +92,9 @@
 		"@type": "dp:Second",
 		"@minimum": 1
 	},
+	"Challenge": {
+		"@type": "pb:Base64"
+	},
 	"CipherParameters": {
 		"@container": "@list",
 		"@value": [