web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Hide the crypto keys from the hash

Browse Source
This commit is contained in:
yflory
2020-01-27 12:18:25 +01:00
parent e3f5c89333
commit 0ad96e0966
8 changed files with 251 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
www/common/common-hash.js
View File

@@ -60,6 +60,18 @@ var factory = function (Util, Crypto, Nacl) {
return '/2/' + secret.type + '/view/' + Crypto.b64RemoveSlashes(data.viewKeyStr) + '/' + pass;
}
};
Hash.getHiddenHashFromKeys = function (type, secret, opts) {
var mode = (secret.keys && secret.keys.editKeyStr) ? 'edit' : 'view';
var pass = secret.password ? 'p/' : '';
var hash = '/2/' + secret.type + '/' + mode + '/' + secret.channel + '/' + pass;
var href = '/' + type + '/#' + hash;
var parsed = Hash.parsePadUrl(href);
if (parsed.hashData && parsed.hashData.getHash) {
return parsed.hashData.getHash(opts || {});
}
return hash;
};
var getFileHashFromKeys = Hash.getFileHashFromKeys = function (secret) {
var version = secret.version;
var data = secret.keys;
@@ -192,6 +204,13 @@ Version 1
if (opts.present) { hash += 'present/'; }
return hash;
};
parsed.getOptions = function () {
return {
embed: parsed.embed,
present: parsed.present,
ownerKey: parsed.ownerKey
};
};
return parsed;
}
if (hashArr[1] && hashArr[1] === '2') { // Version 2
@@ -221,6 +240,13 @@ Version 1
if (opts.present) { hash += 'present/'; }
return hash;
};
parsed.getOptions = function () {
return {
embed: parsed.embed,
present: parsed.present,
ownerKey: parsed.ownerKey
};
};
return parsed;
}
return parsed;
@@ -256,6 +282,13 @@ Version 1
if (opts.present) { hash += 'present/'; }
return hash;
};
parsed.getOptions = function () {
return {
embed: parsed.embed,
present: parsed.present,
ownerKey: parsed.ownerKey
};
};
return parsed;
}
return parsed;
@@ -309,6 +342,10 @@ Version 1
url += '#' + hash;
return url;
};
ret.getOptions = function () {
if (!ret.hashData || !ret.hashData.getOptions) { return {}; }
return ret.hashData.getOptions();
};
if (!/^https*:\/\//.test(href)) {
idx = href.indexOf('/#');
@@ -497,8 +534,9 @@ Version 1
if (typeof(parsed.hashData.version) === "undefined") { return; }
// pads and files should have a base64 (or hex) key
if (parsed.hashData.type === 'pad' || parsed.hashData.type === 'file') {
if (!parsed.hashData.key) { return; }
if (!/^[a-zA-Z0-9+-/=]+$/.test(parsed.hashData.key)) { return; }
if (!parsed.hashData.key && !parsed.hashData.channel) { return; }
if (parsed.hashData.key && !/^[a-zA-Z0-9+-/=]+$/.test(parsed.hashData.key)) { return; }
if (parsed.hashData.channel && !/^[a-f0-9]{32,34}$/.test(parsed.hashData.channel)) { return; }
}
}
return true;