web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'invitations' into staging

Browse Source
This commit is contained in:
ansuz
2019-09-30 10:53:10 +02:00
parent 648980ad50 69e61ec2f2
commit 9b74136b66
7 changed files with 124 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
www/common/common-credential.js Normal file
View File

@@ -0,0 +1,101 @@
(function () {
var factory = function (AppConfig, Scrypt) {
var Cred = {};
Cred.MINIMUM_PASSWORD_LENGTH = typeof(AppConfig.minimumPasswordLength) === 'number'?
AppConfig.minimumPasswordLength: 8;
// https://stackoverflow.com/questions/46155/how-to-validate-an-email-address-in-javascript
Cred.isEmail = function (email) {
var re = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
return re.test(String(email).toLowerCase());
};
Cred.isLongEnoughPassword = function (passwd) {
return passwd.length >= Cred.MINIMUM_PASSWORD_LENGTH;
};
var isString = Cred.isString = function (x) {
return typeof(x) === 'string';
};
Cred.isValidUsername = function (name) {
return !!(name && isString(name));
};
Cred.isValidPassword = function (passwd) {
return !!(passwd && isString(passwd));
};
Cred.passwordsMatch = function (a, b) {
return isString(a) && isString(b) && a === b;
};
Cred.customSalt = function () {
return typeof(AppConfig.loginSalt) === 'string'?
AppConfig.loginSalt: '';
};
Cred.deriveFromPassphrase = function (username, password, len, cb) {
Scrypt(password,
username + Cred.customSalt(), // salt
8, // memoryCost (n)
1024, // block size parameter (r)
len || 128, // dkLen
200, // interruptStep
cb,
undefined); // format, could be 'base64'
};
Cred.dispenser = function (bytes) {
var entropy = {
used: 0,
};
// crypto hygeine
var consume = function (n) {
// explode if you run out of bytes
if (entropy.used + n > bytes.length) {
throw new Error('exceeded available entropy');
}
if (typeof(n) !== 'number') { throw new Error('expected a number'); }
if (n <= 0) {
throw new Error('expected to consume a positive number of bytes');
}
// grab an unused slice of the entropy
// Note: Internet Explorer doesn't support .slice on Uint8Array
var A;
if (bytes.slice) {
A = bytes.slice(entropy.used, entropy.used + n);
} else {
A = bytes.subarray(entropy.used, entropy.used + n);
}
// account for the bytes you used so you don't reuse bytes
entropy.used += n;
//console.info("%s bytes of entropy remaining", bytes.length - entropy.used);
return A;
};
return consume;
};
return Cred;
};
if (typeof(module) !== 'undefined' && module.exports) {
module.exports = factory(
{}, //require("../../customize.dist/application_config.js"),
require("../bower_components/scrypt-async/scrypt-async.min.js")
);
} else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
define([
'/customize/application_config.js',
'/bower_components/scrypt-async/scrypt-async.min.js',
], function (AppConfig) {
return factory(AppConfig, window.scrypt);
});
}
}());

2
www/common/cryptpad-common.js
View File

@@ -1017,7 +1017,7 @@ define([
var Cred, Block, Login;
Nthen(function (waitFor) {
require([
'/customize/credential.js',
'/common/common-credential.js',
'/common/outer/login-block.js',
'/customize/login.js'
], waitFor(function (_Cred, _Block, _Login) {

95
www/common/outer/invitation.js Normal file
View File

@@ -0,0 +1,95 @@
(function () {
var factory = function (Util, Cred, nThen) {
nThen = nThen; // XXX
var Invite = {};
/*
TODO key derivation
scrypt(seed, passwd) => {
curve: {
private,
public,
},
ed: {
private,
public,
}
cryptKey,
channel
}
*/
var BYTES_REQUIRED = 256;
Invite.deriveKeys = function (seed, passwd, cb) {
cb = cb; // XXX
// TODO validate has cb
// TODO onceAsync the cb
// TODO cb with err if !(seed && passwd)
Cred.deriveFromPassphrase(seed, passwd, BYTES_REQUIRED, function (bytes) {
var dispense = Cred.dispenser(bytes);
dispense = dispense; // XXX
// edPriv => edPub
// curvePriv => curvePub
// channel
// cryptKey
});
};
Invite.createSeed = function () {
// XXX
// return a seed
};
Invite.create = function (cb) {
cb = cb; // XXX
// TODO validate has cb
// TODO onceAsync the cb
// TODO cb with err if !(seed && passwd)
// required
// password
// validateKey
// creatorEdPublic
// for owner
// ephemeral
// signingKey
// for owner to write invitation
// derived
// edPriv
// edPublic
// for invitee ownership
// curvePriv
// curvePub
// for acceptance OR
// authenticated decline message via mailbox
// channel
// for owned deletion
// for team pinning
// cryptKey
// for protecting channel content
};
return Invite;
};
if (typeof(module) !== 'undefined' && module.exports) {
module.exports = factory(
require("../common-util"),
require("../common-credential.js"),
require("nthen")
);
} else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
define([
'/common/common-util.js',
'/common/common-credential.js',
'/bower_components/nthen/index.js',
], function (Util, Cred, nThen) {
return factory(Util, nThen);
});
}
}());