web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'staging' of github.com:xwiki-labs/cryptpad into staging

Browse Source
This commit is contained in:
yflory
2018-01-11 16:02:18 +01:00
parent ef480fea79 dc376fdb1c
commit bd9c44dbb2
22 changed files with 120 additions and 1986 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
customize.dist/credential.js Normal file
View File

@@ -0,0 +1,77 @@
define([
'/customize/application_config.js',
'/bower_components/scrypt-async/scrypt-async.min.js',
], function (AppConfig) {
var Cred = {};
var Scrypt = window.scrypt;
Cred.MINIMUM_PASSWORD_LENGTH = typeof(AppConfig.minimumPasswordLength) === 'number'?
AppConfig.minimumPasswordLength: 8;
Cred.isLongEnoughPassword = function (passwd) {
return passwd.length >= Cred.MINIMUM_PASSWORD_LENGTH;
};
var isString = Cred.isString = function (x) {
return typeof(x) === 'string';
};
Cred.isValidUsername = function (name) {
return !!(name && isString(name));
};
Cred.isValidPassword = function (passwd) {
return !!(passwd && isString(passwd));
};
Cred.passwordsMatch = function (a, b) {
return isString(a) && isString(b) && a === b;
};
Cred.customSalt = function () {
return typeof(AppConfig.loginSalt) === 'string'?
AppConfig.loginSalt: '';
};
Cred.deriveFromPassphrase = function (username, password, len, cb) {
Scrypt(password,
username + Cred.customSalt(), // salt
8, // memoryCost (n)
1024, // block size parameter (r)
len || 128, // dkLen
200, // interruptStep
cb,
undefined); // format, could be 'base64'
};
Cred.dispenser = function (bytes) {
var entropy = {
used: 0,
};
// crypto hygeine
var consume = function (n) {
// explode if you run out of bytes
if (entropy.used + n > bytes.length) {
throw new Error('exceeded available entropy');
}
if (typeof(n) !== 'number') { throw new Error('expected a number'); }
if (n <= 0) {
throw new Error('expected to consume a positive number of bytes');
}
// grab an unused slice of the entropy
var A = bytes.slice(entropy.used, entropy.used + n);
// account for the bytes you used so you don't reuse bytes
entropy.used += n;
//console.info("%s bytes of entropy remaining", bytes.length - entropy.used);
return A;
};
return consume;
};
return Cred;
});

146
customize.dist/login.js Normal file
View File

@@ -0,0 +1,146 @@
define([
'jquery',
'/bower_components/chainpad-listmap/chainpad-listmap.js',
'/bower_components/chainpad-crypto/crypto.js',
'/common/common-util.js',
'/common/outer/network-config.js',
'/customize/credential.js',
'/bower_components/chainpad/chainpad.dist.js',
'/bower_components/tweetnacl/nacl-fast.min.js',
'/bower_components/scrypt-async/scrypt-async.min.js', // better load speed
], function ($, Listmap, Crypto, Util, NetConfig, Cred, ChainPad) {
var Exports = {
Cred: Cred,
};
var Nacl = window.nacl;
var allocateBytes = function (bytes) {
var dispense = Cred.dispenser(bytes);
var opt = {};
// dispense 18 bytes of entropy for your encryption key
var encryptionSeed = dispense(18);
// 16 bytes for a deterministic channel key
var channelSeed = dispense(16);
// 32 bytes for a curve key
var curveSeed = dispense(32);
var curvePair = Nacl.box.keyPair.fromSecretKey(new Uint8Array(curveSeed));
opt.curvePrivate = Nacl.util.encodeBase64(curvePair.secretKey);
opt.curvePublic = Nacl.util.encodeBase64(curvePair.publicKey);
// 32 more for a signing key
var edSeed = opt.edSeed = dispense(32);
// derive a private key from the ed seed
var signingKeypair = Nacl.sign.keyPair.fromSeed(new Uint8Array(edSeed));
opt.edPrivate = Nacl.util.encodeBase64(signingKeypair.secretKey);
opt.edPublic = Nacl.util.encodeBase64(signingKeypair.publicKey);
var keys = opt.keys = Crypto.createEditCryptor(null, encryptionSeed);
// 24 bytes of base64
keys.editKeyStr = keys.editKeyStr.replace(/\//g, '-');
// 32 bytes of hex
var channelHex = opt.channelHex = Util.uint8ArrayToHex(channelSeed);
// should never happen
if (channelHex.length !== 32) { throw new Error('invalid channel id'); }
opt.channel64 = Util.hexToBase64(channelHex);
opt.userHash = '/1/edit/' + [opt.channel64, opt.keys.editKeyStr].join('/');
return opt;
};
var loadUserObject = function (opt, cb) {
var config = {
websocketURL: NetConfig.getWebsocketURL(),
channel: opt.channelHex,
data: {},
validateKey: opt.keys.validateKey, // derived validation key
crypto: Crypto.createEncryptor(opt.keys),
logLevel: 1,
classic: true,
ChainPad: ChainPad,
};
var rt = opt.rt = Listmap.create(config);
rt.proxy
.on('ready', function () {
cb(void 0, rt);
})
.on('disconnect', function (info) {
cb('E_DISCONNECT', info);
});
};
var isProxyEmpty = function (proxy) {
return Object.keys(proxy).length === 0;
};
Exports.loginOrRegister = function (uname, passwd, isRegister, cb) {
if (typeof(cb) !== 'function') { return; }
// Usernames are all lowercase. No going back on this one
uname = uname.toLowerCase();
// validate inputs
if (!Cred.isValidUsername(uname)) { return void cb('INVAL_USER'); }
if (!Cred.isValidPassword(passwd)) { return void cb('INVAL_PASS'); }
if (isRegister && !Cred.isLongEnoughPassword(passwd)) {
return void cb('PASS_TOO_SHORT');
}
Cred.deriveFromPassphrase(uname, passwd, 128, function (bytes) {
// results...
var res = {
register: isRegister,
};
// run scrypt to derive the user's keys
var opt = res.opt = allocateBytes(bytes);
// use the derived key to generate an object
loadUserObject(opt, function (err, rt) {
if (err) { return void cb(err); }
res.proxy = rt.proxy;
res.realtime = rt.realtime;
res.network = rt.network;
// they're registering...
res.userHash = opt.userHash;
res.userName = uname;
// export their signing key
res.edPrivate = opt.edPrivate;
res.edPublic = opt.edPublic;
res.curvePrivate = opt.curvePrivate;
res.curvePublic = opt.curvePublic;
// they tried to just log in but there's no such user
if (!isRegister && isProxyEmpty(rt.proxy)) {
rt.network.disconnect(); // clean up after yourself
return void cb('NO_SUCH_USER', res);
}
// they tried to register, but those exact credentials exist
if (isRegister && !isProxyEmpty(rt.proxy)) {
rt.network.disconnect();
return void cb('ALREADY_REGISTERED', res);
}
setTimeout(function () { cb(void 0, res); });
});
});
};
return Exports;
});

123
customize.dist/main.js
View File

@@ -1,25 +1,12 @@
define([
'jquery',
'/customize/application_config.js',
'/common/cryptpad-common.js',
'/common/common-interface.js',
'/common/common-realtime.js',
'/common/common-constants.js',
'/common/outer/local-store.js',
'/customize/messages.js',
], function ($, Config, Cryptpad, UI, Realtime, Constants, LocalStore, Messages) {
window.APP = {
Cryptpad: Cryptpad,
};
], function ($, LocalStore, Messages) {
$(function () {
var $main = $('#mainBlock');
$(window).click(function () {
$('.cp-dropdown-content').hide();
});
// main block is hidden in case javascript is disabled
$main.removeClass('hidden');
@@ -34,113 +21,9 @@ define([
$main.find('a[href="/drive/"] div.pad-button-text h4')
.text(Messages.main_yourCryptDrive);
var name = localStorage[Constants.userNameKey] || sessionStorage[Constants.userNameKey];
var $loggedInBlock = $main.find('#loggedIn');
var $hello = $loggedInBlock.find('#loggedInHello');
var $logout = $loggedInBlock.find('#loggedInLogOut');
if (name) {
$hello.text(Messages._getKey('login_hello', [name]));
} else {
$hello.text(Messages.login_helloNoName);
}
$('#buttons').find('.nologin').hide();
$logout.click(function () {
LocalStore.logout(function () {
window.location.reload();
});
});
$loggedInBlock.removeClass('hidden');
}
else {
$main.find('#userForm').removeClass('hidden');
$('#name').focus();
}
/* Log in UI */
var Login;
// deferred execution to avoid unnecessary asset loading
var loginReady = function (cb) {
if (Login) {
if (typeof(cb) === 'function') { cb(); }
return;
}
require([
'/common/login.js',
], function (_Login) {
Login = Login || _Login;
if (typeof(cb) === 'function') { cb(); }
});
};
var $uname = $('#name').on('focus', loginReady);
var $passwd = $('#password')
// background loading of login assets
.on('focus', loginReady)
// enter key while on password field clicks signup
.on('keyup', function (e) {
if (e.which !== 13) { return; } // enter
$('button.login').click();
$(window).click(function () {
$('.cp-dropdown-content').hide();
});
$('button.login').click(function () {
// setTimeout 100ms to remove the keyboard on mobile devices before the loading screen pops up
window.setTimeout(function () {
UI.addLoadingScreen({loadingText: Messages.login_hashing});
// We need a setTimeout(cb, 0) otherwise the loading screen is only displayed after hashing the password
window.setTimeout(function () {
loginReady(function () {
var uname = $uname.val();
var passwd = $passwd.val();
Login.loginOrRegister(uname, passwd, false, function (err, result) {
if (!err) {
var proxy = result.proxy;
// successful validation and user already exists
// set user hash in localStorage and redirect to drive
if (proxy && !proxy.login_name) {
proxy.login_name = result.userName;
}
proxy.edPrivate = result.edPrivate;
proxy.edPublic = result.edPublic;
Realtime.whenRealtimeSyncs(result.realtime, function () {
LocalStore.login(result.userHash, result.userName, function () {
document.location.href = '/drive/';
});
});
return;
}
switch (err) {
case 'NO_SUCH_USER':
UI.removeLoadingScreen(function () {
UI.alert(Messages.login_noSuchUser);
});
break;
case 'INVAL_USER':
UI.removeLoadingScreen(function () {
UI.alert(Messages.login_invalUser);
});
break;
case 'INVAL_PASS':
UI.removeLoadingScreen(function () {
UI.alert(Messages.login_invalPass);
});
break;
default: // UNHANDLED ERROR
UI.errorLoadingScreen(Messages.login_unhandledError);
}
});
});
}, 0);
}, 100);
});
/* End Log in UI */
console.log("ready");
});
});

97
customize.dist/store.js
View File

@@ -1,97 +0,0 @@
define(function () {
/*
This module uses localStorage, which is synchronous, but exposes an
asyncronous API. This is so that we can substitute other storage
methods.
To override these methods, create another file at:
/customize/storage.js
*/
var Store = {};
// Store uses nodebacks...
Store.set = function (key, val, cb) {
localStorage.setItem(key, JSON.stringify(val));
cb();
};
// implement in alternative store
Store.setBatch = function (map, cb) {
Object.keys(map).forEach(function (key) {
localStorage.setItem(key, JSON.stringify(map[key]));
});
cb(void 0, map);
};
var safeGet = window.safeGet = function (key) {
var val = localStorage.getItem(key);
try {
return JSON.parse(val);
} catch (err) {
console.log(val);
console.error(err);
return val;
}
};
Store.get = function (key, cb) {
cb(void 0, safeGet(key));
};
// implement in alternative store
Store.getBatch = function (keys, cb) {
var res = {};
keys.forEach(function (key) {
res[key] = safeGet(key);
});
cb(void 0, res);
};
Store.remove = function (key, cb) {
localStorage.removeItem(key);
cb();
};
// implement in alternative store
Store.removeBatch = function (keys, cb) {
keys.forEach(function (key) {
localStorage.removeItem(key);
});
cb();
};
Store.keys = function (cb) {
cb(void 0, Object.keys(localStorage));
};
Store.ready = function (f) {
if (typeof(f) === 'function') {
f(void 0, Store);
}
};
var changeHandlers = Store.changeHandlers = [];
Store.change = function (f) {
if (typeof(f) !== 'function') {
throw new Error('[Store.change] callback must be a function');
}
changeHandlers.push(f);
if (changeHandlers.length === 1) {
// start listening for changes
window.addEventListener('storage', function (e) {
changeHandlers.forEach(function (f) {
f({
key: e.key,
oldValue: e.oldValue,
newValue: e.newValue,
});
});
});
}
};
return Store;
});