web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

use APIs instead of creating invitations inline

Browse Source
This commit is contained in:
ansuz
2019-12-16 09:38:36 -05:00
parent 4a83103f52
commit 042cfffbe8
2 changed files with 40 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
www/common/invitation.js
View File

@@ -1,78 +1,62 @@
(function () { (function () {
var factory = function (Hash, Nacl/*, Util, Cred, nThen */) { var factory = function (Hash, Nacl, Scrypt/*, Util, Cred, nThen */) {
var Invite = {}; var Invite = {};
/* XXX ansuz Invite.deriveSeeds = function (seed) {
inner invitation components // take the hash of the provided seed
var u8_seed = Nacl.hash(Nacl.util.decodeBase64(seed));
* create an invitation link // hash the first half again for scrypt's input
* derive secrets from a v2 link and password var subseed1 = Nacl.hash(u8_seed.subarray(0, 32));
* split hash into two preseeds // hash the remainder for the invite content
* preseed1 => preview hash var subseed2 = Nacl.hash(u8_seed.subarray(32));
* scrypt(scrypt_seed) => b64_bytes
* preview an invitation link
* get preview hash from invitation link
* decrypt an invitation link
* (slowly) get b64_bytes from hash
*/ return {
scrypt: Nacl.util.encodeBase64(subseed1),
preview: Nacl.util.encodeBase64(subseed2),
};
};
Invite.deriveSeeds = function (key) { Invite.derivePreviewHash = function (seeds) {
var seeds = {}; return '#/2/invite/view/' +
Nacl.util.encodeBase64(seeds.preview.slice(0, 18)).replace('/', '-')
+ '/';
};
/* Invite.derivePreviewSecrets = function (seeds) {
var preview_channel; return Hash.getSecrets('pad', Invite.derivePreviewHash(seeds));
var preview_cryptKey; };
*/
var preview_secrets;
(function () {
var b64_seed = key;
if (typeof(b64_seed) !== 'string') {
return console.error('invite seed is not a string');
}
var u8_seed = Nacl.util.decodeBase64(b64_seed); Invite.deriveSalt = function (password, instance_salt) {
var step1 = Nacl.hash(u8_seed); return (password || '') + (instance_salt || '');
seeds.scrypt = Nacl.util.encodeBase64(step1.subarray(0, 32));
var preview_hash = '#/2/invite/view/' +
Nacl.util.encodeBase64(step1.subarray(32, 50)).replace('/', '-')
+ '/';
preview_secrets = Hash.getSecrets('pad', preview_hash);
}());
return seeds;
}; };
// seed => bytes64 // seed => bytes64
Invite.deriveBytes = function (scrypt_seed, cb) { Invite.deriveBytes = function (scrypt_seed, salt, cb) {
// XXX do scrypt stuff... Scrypt(scrypt_seed,
cb = cb; salt,
8, // memoryCost (n)
1024, // block size parameter (r)
192, // dkLen
200, // interruptStep
cb,
'base64'); // format, could be 'base64'
}; };
Invite.derivePreviewHash = function (preview_seed) {
preview_seed = preview_seed;
};
return Invite; return Invite;
}; };
if (typeof(module) !== 'undefined' && module.exports) { if (typeof(module) !== 'undefined' && module.exports) {
module.exports = factory( module.exports = factory(
require("../common-hash"), require("../common-hash"),
require("tweetnacl/nacl-fast"), require("tweetnacl/nacl-fast"),
require("../common-util"), require("scrypt-async")
require("../common-credential.js"),
require("nthen")
); );
} else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) { } else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
define([ define([
'/common/common-hash.js', '/common/common-hash.js',
'/common/common-util.js',
'/common/common-credential.js',
'/bower_components/nthen/index.js',
'/bower_components/tweetnacl/nacl-fast.min.js', '/bower_components/tweetnacl/nacl-fast.min.js',
], function (Hash, Util, Cred, nThen) { '/bower_components/scrypt_async/scrypt-async.min.js',
return factory(Hash, window.nacl, Util, Cred, nThen); ], function (Hash /*, Nacl, Scrypt */) {
return factory(Hash, window.nacl, window.Scrypt);
}); });
} }
}()); }());

17
www/teams/inner.js
View File

@@ -18,7 +18,6 @@ define([
'/common/invitation.js', '/common/invitation.js',
'/customize/messages.js', '/customize/messages.js',
'/bower_components/scrypt-async/scrypt-async.min.js',
'css!/bower_components/bootstrap/dist/css/bootstrap.min.css', 'css!/bower_components/bootstrap/dist/css/bootstrap.min.css',
'css!/bower_components/components-font-awesome/css/font-awesome.min.css', 'css!/bower_components/components-font-awesome/css/font-awesome.min.css',
'less!/teams/app-team.less', 'less!/teams/app-team.less',
@@ -45,7 +44,6 @@ define([
var APP = {}; var APP = {};
var driveAPP = {}; var driveAPP = {};
//var SHARED_FOLDER_NAME = Messages.fm_sharedFolderName; //var SHARED_FOLDER_NAME = Messages.fm_sharedFolderName;
var Scrypt = window.scrypt;
var copyObjectValue = function (objRef, objToCopy) { var copyObjectValue = function (objRef, objToCopy) {
for (var k in objRef) { delete objRef[k]; } for (var k in objRef) { delete objRef[k]; }
@@ -1062,17 +1060,10 @@ define([
])); ]));
setTimeout(waitFor(), 150); setTimeout(waitFor(), 150);
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// XXX ansuz InviteInner.deriveBytes var salt = InviteInner.deriveSalt(pw, AppConfig.loginSalt);
Scrypt(seeds.scrypt, InviteInner.deriveBytes(seeds.scrypt, salt, waitFor(function (bytes) {
(pw || '') + (AppConfig.loginSalt || ''), // salt bytes64 = bytes;
8, // memoryCost (n) }));
1024, // block size parameter (r)
192, // dkLen
200, // interruptStep
waitFor(function (_bytes) {
bytes64 = _bytes;
}),
'base64'); // format, could be 'base64'
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
APP.module.execCommand('GET_LINK_DATA', { APP.module.execCommand('GET_LINK_DATA', {
bytes64: bytes64, bytes64: bytes64,