Fully end to end encrypted anonymous chat program. Server only stores public key lookup for users and the encrypted messages. No credentials are transfered to the server, but kept in local browser storage. This allows 100% safe chatting.
https://safechat.ch
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
2.5 KiB
83 lines
2.5 KiB
module.exports = function(chatserver, keyserver) { |
|
|
|
var package = require(__dirname+'/../package.json') |
|
var config = require(package.path.config) |
|
var io = require('socket.io-client') |
|
var openpgp = require('openpgp') |
|
openpgp.initWorker() |
|
openpgp.config.aead_protect = true |
|
|
|
var module = function() { |
|
var _hkp = new openpgp.HKP(keyserver) |
|
var _user = null |
|
|
|
this.login = function(user, password, success, fail) { |
|
_user = user |
|
_hkp.lookup({query: _user.email}).then(function(key) { |
|
var data = (new Date()).toLocaleString()+' '+_user.name+' '+_user.email |
|
console.log('data:', data) |
|
var pubkeys = openpgp.key.readArmored(key) |
|
var privkey = openpgp.key.readArmored(_user.key.priv).keys[0] |
|
privkey.decrypt(password) |
|
if (pubkeys.keys.length==1) { |
|
openpgp.encrypt({ |
|
data: data, |
|
publicKeys: pubkeys.keys[0], |
|
privateKeys: privkey |
|
}).then(function(ciphertext) { |
|
openpgp.decrypt({ |
|
message: ciphertext, |
|
publicKeys: openpgp.key.readArmored(_user.key.pub).keys[0], |
|
privateKey: privkey |
|
}).then(function(plaintext) { |
|
if (data==plaintext) { |
|
success(_user) |
|
} else { |
|
fail('local key does not match key on server') |
|
} |
|
}).catch(function(e) { |
|
fail('decryption failed', e) |
|
}) |
|
}).catch(function(e) { |
|
fail('encryption failed', e) |
|
}) |
|
} else { |
|
fail('more than one public key on server', pubkeys.keys) |
|
} |
|
}).catch(function(e) { |
|
fail('check key on server failed', e) |
|
}) |
|
} |
|
|
|
this.create = function(name, host, password, success, fail) { |
|
var _this = this |
|
openpgp.generateKey({ |
|
numBits: 4096, |
|
userIds: [{name: name, email: name+'@'+host}], |
|
passphrase: password |
|
}).then(function(key) { |
|
_user = { |
|
name: name, |
|
email: name+'@'+host, |
|
numBits: 4096, |
|
key: { |
|
pub: key.publicKeyArmored, |
|
priv: key.privateKeyArmored |
|
} |
|
} |
|
_hkp.upload(_user.key.pub).then(function() { |
|
console.log('key successfully uploaded') |
|
_this.login(_user, password, success, fail) |
|
}).catch(function(e) { |
|
fail('upload key failed', e) |
|
}) |
|
}).catch(function(e) { |
|
fail('generating key pairs failed', e) |
|
}) |
|
} |
|
|
|
} |
|
|
|
return new module(); |
|
|
|
}
|
|
|