web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'staging' of github.com:xwiki-labs/cryptpad into staging

Browse Source
This commit is contained in:
yflory
2019-09-03 17:05:23 +02:00
parent e2178f5aa7 31c6e7241e
commit a6a40c3f6a
21 changed files with 256 additions and 473 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
www/common/common-messenger.js
View File

@@ -1,6 +1,5 @@
define([
'/bower_components/chainpad-crypto/crypto.js',
'/common/curve.js',
'/common/common-hash.js',
'/common/common-util.js',
'/common/common-realtime.js',
@@ -8,8 +7,10 @@ define([
'/customize/messages.js',
'/bower_components/nthen/index.js',
], function (Crypto, Curve, Hash, Util, Realtime, Constants, Messages, nThen) {
], function (Crypto, Hash, Util, Realtime, Constants, Messages, nThen) {
'use strict';
var Curve = Crypto.Curve;
var Msg = {
inputs: [],
};

97
www/common/curve.js
View File

@@ -1,97 +0,0 @@
define([
'/bower_components/tweetnacl/nacl-fast.min.js',
], function () {
var Nacl = window.nacl;
var Curve = {};
var concatenateUint8s = function (A) {
var len = 0;
var offset = 0;
A.forEach(function (uints) {
len += uints.length || 0;
});
var c = new Uint8Array(len);
A.forEach(function (x) {
c.set(x, offset);
offset += x.length;
});
return c;
};
var encodeBase64 = Nacl.util.encodeBase64;
var decodeBase64 = Nacl.util.decodeBase64;
var decodeUTF8 = Nacl.util.decodeUTF8;
var encodeUTF8 = Nacl.util.encodeUTF8;
Curve.encrypt = function (message, secret) {
var buffer = decodeUTF8(message);
var nonce = Nacl.randomBytes(24);
var box = Nacl.box.after(buffer, nonce, secret);
return encodeBase64(nonce) + '|' + encodeBase64(box);
};
Curve.decrypt = function (packed, secret) {
var unpacked = packed.split('|');
var nonce = decodeBase64(unpacked[0]);
var box = decodeBase64(unpacked[1]);
var message = Nacl.box.open.after(box, nonce, secret);
if (message === false) { return null; }
return encodeUTF8(message);
};
Curve.signAndEncrypt = function (msg, cryptKey, signKey) {
var packed = Curve.encrypt(msg, cryptKey);
return encodeBase64(Nacl.sign(decodeUTF8(packed), signKey));
};
Curve.openSigned = function (msg, cryptKey /*, validateKey STUBBED*/) {
var content = decodeBase64(msg).subarray(64);
return Curve.decrypt(encodeUTF8(content), cryptKey);
};
Curve.deriveKeys = function (theirs, mine) {
try {
var pub = decodeBase64(theirs);
var secret = decodeBase64(mine);
var sharedSecret = Nacl.box.before(pub, secret);
var salt = decodeUTF8('CryptPad.signingKeyGenerationSalt');
// 64 uint8s
var hash = Nacl.hash(concatenateUint8s([salt, sharedSecret]));
var signKp = Nacl.sign.keyPair.fromSeed(hash.subarray(0, 32));
var cryptKey = hash.subarray(32, 64);
return {
cryptKey: encodeBase64(cryptKey),
signKey: encodeBase64(signKp.secretKey),
validateKey: encodeBase64(signKp.publicKey)
};
} catch (e) {
console.error('invalid keys or other problem deriving keys');
console.error(e);
return null;
}
};
Curve.createEncryptor = function (keys) {
if (!keys || typeof(keys) !== 'object') {
return void console.error("invalid input for createEncryptor");
}
var cryptKey = decodeBase64(keys.cryptKey);
var signKey = decodeBase64(keys.signKey);
var validateKey = decodeBase64(keys.validateKey);
return {
encrypt: function (msg) {
return Curve.signAndEncrypt(msg, cryptKey, signKey);
},
decrypt: function (packed) {
return Curve.openSigned(packed, cryptKey, validateKey);
}
};
};
return Curve;
});

2
www/common/outer/async-store.js
View File

@@ -253,7 +253,7 @@ define([
return void cb({error: 'User drive removal blocked!'});
}
store.rpc.removeOwnedChannel(data, function (err) {
store.rpc.removeOwnedChannel(channel, function (err) {
cb({error:err});
});
};

4
www/common/outer/onlyoffice.js
View File

@@ -91,9 +91,9 @@ define([
var hk = network.historyKeeper;
var cfg = {
validateKey: obj.validateKey,
lastKnownHash: chan.lastKnownHash || chan.lastCpHash,
metadata: {
lastKnownHash: chan.lastKnownHash || chan.lastCpHash,
validateKey: obj.validateKey,
owners: obj.owners,
expire: obj.expire
}

7
www/common/proxy-manager.js
View File

@@ -464,7 +464,10 @@ define([
// convert a folder to a Shared Folder
var _convertFolderToSharedFolder = function (Env, data, cb) {
var path = data.path;
return void cb({
error: 'DISABLED'
}); // XXX CONVERT
/*var path = data.path;
var folderElement = Env.user.userObject.find(path);
// don't try to convert top-level elements (trash, root, etc) to shared-folders
// TODO also validate that you're in root (not templates, etc)
@@ -554,7 +557,7 @@ define([
Env.user.userObject.delete([path], function () {
cb();
});
});
});*/
};
// Delete permanently some pads or folders

11
www/common/sframe-common-codemirror.js
View File

@@ -399,17 +399,6 @@ define([
"Shift-Tab": function () {
editor.execCommand("indentLess");
},
"Backspace": function () {
var cursor = doc.getCursor();
var line = doc.getLine(cursor.line);
var beforeCursor = line.substring(0, cursor.ch);
if (beforeCursor && beforeCursor.trim() === "") {
editor.execCommand("indentLess");
} else {
editor.execCommand("delCharBefore");
}
},
});
$('.CodeMirror').css('font-size', fontSize+'px');
};

13
www/common/toolbar3.js
View File

@@ -732,13 +732,20 @@ MessengerUI, Messages) {
$('.cp-pad-not-pinned').remove();
return;
}
if (typeof(ApiConfig.inactiveTime) !== 'number') {
$('.cp-pad-not-pinned').remove();
return;
}
if ($('.cp-pad-not-pinned').length) { return; }
var pnpTitle = Messages._getKey('padNotPinned', ['','','','']);
var pnpMsg = Messages._getKey('padNotPinned', [
var pnpTitle = Messages._getKey('padNotPinnedVariable', ['','','','', ApiConfig.inactiveTime]);
var pnpMsg = Messages._getKey('padNotPinnedVariable', [
'<a href="' + o + '/login" class="cp-pnp-login" target="blank" title>',
'</a>',
'<a href="' + o + '/register" class="cp-pnp-register" target="blank" title>',
'</a>'
'</a>',
ApiConfig.inactiveTime
]);
var $msg = $('<span>', {
'class': 'cp-pad-not-pinned'

3
www/common/translations/messages.fr.json
View File

@@ -1159,5 +1159,6 @@
"owner_request_accepted": "{0} a accepté votre offre de devenir propriétaire de <b>{1}</b>",
"owner_request_declined": "{0} a refusé votre offre de devenir propriétaire de <b>{1}</b>",
"owner_removed": "{0} a supprimé vos droits de propriétaire de <b>{1}</b>",
"owner_removedPending": "{0} a annulé l'offre de co-propriété reçue pour <b>{1}</b>"
"owner_removedPending": "{0} a annulé l'offre de co-propriété reçue pour <b>{1}</b>",
"padNotPinnedVariable": "Ce pad va expirer après {4} jours d'inactivité, {0}connectez-vous{1} ou {2}enregistrez-vous{3} pour le préserver."
}

5
www/common/translations/messages.json
View File

@@ -27,6 +27,7 @@
"onLogout": "You are logged out, {0}click here{1} to log in<br>or press <em>Escape</em> to access your pad in read-only mode.",
"wrongApp": "Unable to display the content of that realtime session in your browser. Please try to reload that page.",
"padNotPinned": "This pad will expire after 3 months of inactivity, {0}login{1} or {2}register{3} to preserve it.",
"padNotPinnedVariable": "This pad will expire after {4} days of inactivity, {0}login{1} or {2}register{3} to preserve it.",
"anonymousStoreDisabled": "The webmaster of this CryptPad instance has disabled the store for anonymous users. You have to log in to be able to use CryptDrive.",
"expiredError": "This pad has reached its expiration time and is no longer available.",
"deletedError": "This pad has been deleted by its owner and is no longer available.",
@@ -435,6 +436,10 @@
"register_cancel": "Go back",
"register_warning": "Zero Knowledge means that we can't recover your data if you lose your password.",
"register_alreadyRegistered": "This user already exists, do you want to log in?",
"register_emailWarning0": "It looks like you submitted your email as your username.",
"register_emailWarning1": "You can do that if you want, but it won't be sent to our server.",
"register_emailWarning2": "You won't be able to reset your password using your email as you can with many other services.",
"register_emailWarning3": "If you understand and would like to use your email for your username anyway, click OK.",
"settings_cat_account": "Account",
"settings_cat_drive": "CryptDrive",
"settings_cat_cursor": "Cursor",

6
www/drive/inner.js
View File

@@ -1162,6 +1162,7 @@ define([
hide.push('collapseall');
}
containsFolder = true;
hide.push('share'); // XXX CONVERT
hide.push('openro');
hide.push('openincode');
hide.push('properties');
@@ -3947,7 +3948,8 @@ define([
});
} else if (manager.isFolder(el)) { // Folder
// if folder is inside SF
if (manager.isInSharedFolder(paths[0].path)) {
return UI.warn('ERROR: Temporarily disabled'); // XXX CONVERT
/*if (manager.isInSharedFolder(paths[0].path)) {
return void UI.alert(Messages.convertFolderToSF_SFParent);
}
// if folder already contains SF
@@ -3977,7 +3979,7 @@ define([
var owned = Util.isChecked($(convertContent).find('#cp-upload-owned'));
manager.convertFolderToSharedFolder(paths[0].path, owned, password, refresh);
});
}
}*/
} else { // File
data = manager.getFileData(el);
parsed = Hash.parsePadUrl(data.href);

25
www/register/main.js
View File

@@ -54,7 +54,9 @@ define([
var registering = false;
var test;
$register.click(function () {
var I_REALLY_WANT_TO_USE_MY_EMAIL_FOR_MY_USERNAME = false;
var registerClick = function () {
var uname = $uname.val();
var passwd = $passwd.val();
var confirmPassword = $confirm.val();
@@ -62,6 +64,23 @@ define([
var shouldImport = $checkImport[0].checked;
var doesAccept = $checkAcceptTerms[0].checked;
if (Cred.isEmail(uname) && !I_REALLY_WANT_TO_USE_MY_EMAIL_FOR_MY_USERNAME) {
var emailWarning = [
Messages.register_emailWarning0,
Messages.register_emailWarning1,
Messages.register_emailWarning2,
Messages.register_emailWarning3,
].join('<br><br>');
Feedback.send("EMAIL_USERNAME_WARNING", true);
return void UI.confirm(emailWarning, function (yes) {
if (!yes) { return; }
I_REALLY_WANT_TO_USE_MY_EMAIL_FOR_MY_USERNAME = true;
registerClick();
}, {}, true);
}
/* basic validation */
if (!Cred.isLongEnoughPassword(passwd)) {
var warning = Messages._getKey('register_passwordTooShort', [
@@ -104,7 +123,9 @@ define([
},
}, true);
}, 150);
});
};
$register.click(registerClick);
var clickRegister = Util.notAgainForAnother(function () {
$register.click();