Skip to content
Browse files

api for extra symmetric key

  • Loading branch information...
1 parent a82306f commit 68342553de9168ca6f97459f96108d60d242d5c8 @arlolra committed Mar 19, 2013
Showing with 88 additions and 2 deletions.
  1. +33 −2 lib/otr.js
  2. +23 −0 readme.md
  3. +32 −0 test/spec/unit/otr.js
View
35 lib/otr.js
@@ -248,7 +248,7 @@
}
- OTR.prototype.prepareMsg = function (msg) {
+ OTR.prototype.prepareMsg = function (msg, esk) {
if (this.msgstate !== CONST.MSGSTATE_ENCRYPTED || this.their_keyid === 0)
return this.error('Not ready to encrypt.')
@@ -291,6 +291,10 @@
, this.their_instance_tag
)
if (send[0]) return this.error(send[0])
+
+ // emit extra symmetric key
+ if (esk) this.trigger('file', ['send', sessKeys.extra_symkey, esk])
+
return send[1]
}
@@ -397,7 +401,11 @@
break
case 8:
// Extra Symkey
- // sessKeys.extra_symkey
+ this.trigger('file', [
+ 'receive'
+ , sessKeys.extra_symkey
+ , msg.substring(4) // remove 4-byte indication
+ ])
break
}
@@ -564,6 +572,29 @@
})
}
+ OTR.prototype.sendFile = function (filename) {
+ if (this.msgstate !== CONST.MSGSTATE_ENCRYPTED)
+ return this.error('Not ready to encrypt.')
+
+ if (this.ake.otr_version !== CONST.OTR_VERSION_3)
+ return this.error('Protocol v3 required.')
+
+ if (!filename) return this.error('Please specify a filename.')
+
+ var msg = '\x00' // null byte
+ msg += '\x00\x08' // type 8 tlv
+ msg += HLP.packSHORT(4 + filename.length) // length of value
+ msg += '\x00\x00\x00\x01' // four bytes indicating file
+ msg += filename
+
+ // utf8 filenames
+ msg = CryptoJS.enc.Utf8.parse(msg)
+ msg = msg.toString(CryptoJS.enc.Latin1)
+
+ msg = this.prepareMsg(msg, filename)
+ this._sendMsg(msg, true)
+ }
+
OTR.prototype.endOtr = function () {
if (this.msgstate === CONST.MSGSTATE_ENCRYPTED) {
this.sendMsg('\x00\x00\x01\x00\x00')
View
23 readme.md
@@ -278,6 +278,29 @@ Importing the (somewhat) standard libotr s-expression format works as well,
---
+### Extra Symmetric Key
+
+In version 3 of the protocol, an extra symmetric key is derived during the AKE. This may be used for secure communication over a different channel (e.g., file transfer, voice chat).
+
+ var filename = "test.zip"
+ var buddy = new OTR()
+ buddy.sendFile(filename)
+ buddy.on('file', function (type, key, filename) {
+ // type === 'send'
+ // key should be used to encrypt filename
+ // and sent through a different channel
+ })
+
+On the other end,
+
+ var friend = new OTR()
+ friend.on('file', function (type, key, filename) {
+ // type === 'receive'
+ // decrypt filename with key, once received
+ })
+
+---
+
###Links
Spec:
View
32 test/spec/unit/otr.js
@@ -470,4 +470,36 @@ describe('OTR', function () {
userA.sendQueryMsg()
})
+ it.only('should confirm extra symmetric keys', function (done) {
+ var key, filename = 'testfile!@#$.zip'
+
+ var userB = new OTR({ priv: keys.userB })
+ userB.on('io', function (msg) { userA.receiveMsg(msg) })
+ userB.on('error', function (err) { assert.ifError(err) })
+ userB.on('status', function (state) {
+ if (state === CONST.STATUS_AKE_SUCCESS) {
+ assert.equal(userA.msgstate, CONST.MSGSTATE_ENCRYPTED)
+ assert.equal(userB.msgstate, CONST.MSGSTATE_ENCRYPTED)
+ userB.sendFile(filename)
+ }
+ })
+ userB.on('file', function (type, keyB, fn) {
+ assert.equal(type, 'send')
+ assert.equal(filename, fn)
+ key = keyB
+ })
+
+ var userA = new OTR({ priv: keys.userA })
+ userA.on('io', userB.receiveMsg)
+ userA.on('file', function (type, keyA, fn) {
+ assert.equal(type, 'receive')
+ assert.equal(filename, fn)
+ assert.equal(key, keyA)
+ done()
+ })
+ assert.equal(userA.msgstate, CONST.MSGSTATE_PLAINTEXT)
+ assert.equal(userB.msgstate, CONST.MSGSTATE_PLAINTEXT)
+ userA.sendQueryMsg()
+ })
+
})

0 comments on commit 6834255

Please sign in to comment.
Something went wrong with that request. Please try again.