From a3ff4c48c1ad502dd6c6f7fb59bd836764f75fdd Mon Sep 17 00:00:00 2001
From: Tankred Hase <mail@tankredhase.de>
Date: Fri, 24 May 2013 00:14:02 +0200
Subject: [PATCH] integrated senderPk signature check

---
 src/js/crypto/crypto-batch.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/js/crypto/crypto-batch.js b/src/js/crypto/crypto-batch.js
index a8622f3..6144829 100644
--- a/src/js/crypto/crypto-batch.js
+++ b/src/js/crypto/crypto-batch.js
@@ -58,8 +58,8 @@
 
 				// process new values
 				i.encryptedKey = rsa.encrypt(i.key);
-				i.signature = rsa.sign([i.iv, util.str2Base64(i.id), i.encryptedKey, i.ciphertext]);
 				i.senderPk = senderPrivkey._id;
+				i.signature = rsa.sign([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext]);
 				// delete old ones
 				delete i.key;
 				delete i.receiverPk;
@@ -90,7 +90,7 @@
 				rsa.init(pk.publicKey);
 
 				// verify signature
-				if (!rsa.verify([i.iv, util.str2Base64(i.id), i.encryptedKey, i.ciphertext], i.signature)) {
+				if (!rsa.verify([i.iv, util.str2Base64(i.id), util.str2Base64(i.senderPk), i.encryptedKey, i.ciphertext], i.signature)) {
 					throw new Error('Verifying RSA signature failed!');
 				}
 				// process new values