reformat
This commit is contained in:
Danny Coates
parent
ee8ff3d220
commit
b32e63c305
|
|
@ -37,20 +37,20 @@ $(document).ready(function() {
|
|||
fileReceiver.on('decrypting', isStillDecrypting => {
|
||||
// The file is being decrypted
|
||||
if (isStillDecrypting) {
|
||||
console.log('Decrypting')
|
||||
console.log('Decrypting');
|
||||
} else {
|
||||
console.log('Done decrypting')
|
||||
console.log('Done decrypting');
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
fileReceiver.on('hashing', isStillHashing => {
|
||||
// The file is being hashed to make sure a malicious user hasn't tampered with it
|
||||
if (isStillHashing) {
|
||||
console.log('Checking file integrity')
|
||||
console.log('Checking file integrity');
|
||||
} else {
|
||||
console.log('Integrity check done')
|
||||
console.log('Integrity check done');
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
fileReceiver
|
||||
.download()
|
||||
|
|
|
|||
|
|
@ -61,52 +61,60 @@ class FileReceiver extends EventEmitter {
|
|||
true,
|
||||
['encrypt', 'decrypt']
|
||||
)
|
||||
]).then(([fdata, key]) => {
|
||||
this.emit('decrypting', true);
|
||||
return Promise.all([
|
||||
window.crypto.subtle.decrypt(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: hexToArray(fdata.iv),
|
||||
additionalData: hexToArray(fdata.aad)
|
||||
},
|
||||
key,
|
||||
fdata.data
|
||||
).then(decrypted => {
|
||||
this.emit('decrypting', false);
|
||||
return new Promise((resolve, reject) => {
|
||||
resolve(decrypted);
|
||||
})
|
||||
}),
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(fdata.filename);
|
||||
}),
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(hexToArray(fdata.aad));
|
||||
})
|
||||
]);
|
||||
}).then(([decrypted, fname, proposedHash]) => {
|
||||
this.emit('hashing', true);
|
||||
return window.crypto.subtle.digest('SHA-256', decrypted).then(calculatedHash => {
|
||||
this.emit('hashing', false);
|
||||
const integrity = new Uint8Array(calculatedHash).toString() === proposedHash.toString();
|
||||
if (!integrity) {
|
||||
return new Promise((resolve, reject) => {
|
||||
console.log('This file has been tampered with.')
|
||||
reject();
|
||||
})
|
||||
}
|
||||
|
||||
])
|
||||
.then(([fdata, key]) => {
|
||||
this.emit('decrypting', true);
|
||||
return Promise.all([
|
||||
window.crypto.subtle
|
||||
.decrypt(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: hexToArray(fdata.iv),
|
||||
additionalData: hexToArray(fdata.aad)
|
||||
},
|
||||
key,
|
||||
fdata.data
|
||||
)
|
||||
.then(decrypted => {
|
||||
this.emit('decrypting', false);
|
||||
return new Promise((resolve, reject) => {
|
||||
resolve(decrypted);
|
||||
});
|
||||
}),
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(decrypted);
|
||||
resolve(fdata.filename);
|
||||
}),
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(fname);
|
||||
resolve(hexToArray(fdata.aad));
|
||||
})
|
||||
]);
|
||||
})
|
||||
})
|
||||
.then(([decrypted, fname, proposedHash]) => {
|
||||
this.emit('hashing', true);
|
||||
return window.crypto.subtle
|
||||
.digest('SHA-256', decrypted)
|
||||
.then(calculatedHash => {
|
||||
this.emit('hashing', false);
|
||||
const integrity =
|
||||
new Uint8Array(calculatedHash).toString() ===
|
||||
proposedHash.toString();
|
||||
if (!integrity) {
|
||||
return new Promise((resolve, reject) => {
|
||||
console.log('This file has been tampered with.');
|
||||
reject();
|
||||
});
|
||||
}
|
||||
|
||||
return Promise.all([
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(decrypted);
|
||||
}),
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(fname);
|
||||
})
|
||||
]);
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -61,8 +61,8 @@ class FileSender extends EventEmitter {
|
|||
window.crypto.subtle.digest('SHA-256', plaintext).then(hash => {
|
||||
self.emit('hashing', false);
|
||||
self.emit('encrypting', true);
|
||||
resolve({plaintext: plaintext, hash: new Uint8Array(hash)});
|
||||
})
|
||||
resolve({ plaintext: plaintext, hash: new Uint8Array(hash) });
|
||||
});
|
||||
};
|
||||
reader.onerror = function(err) {
|
||||
reject(err);
|
||||
|
|
@ -81,14 +81,17 @@ class FileSender extends EventEmitter {
|
|||
},
|
||||
secretKey,
|
||||
file.plaintext
|
||||
).then(encrypted => {
|
||||
)
|
||||
.then(encrypted => {
|
||||
self.emit('encrypting', false);
|
||||
return new Promise((resolve, reject) => {
|
||||
resolve(encrypted);
|
||||
})
|
||||
});
|
||||
}),
|
||||
window.crypto.subtle.exportKey('jwk', secretKey),
|
||||
new Promise((resolve, reject) => { resolve(file.hash) })
|
||||
new Promise((resolve, reject) => {
|
||||
resolve(file.hash);
|
||||
})
|
||||
]);
|
||||
})
|
||||
.then(([encrypted, keydata, hash]) => {
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ $(document).ready(function() {
|
|||
gcmCompliant().catch(err => {
|
||||
$('#page-one').hide();
|
||||
$('#compliance-error').show();
|
||||
})
|
||||
});
|
||||
|
||||
// reset copy button
|
||||
const $copyBtn = $('#copy-btn');
|
||||
|
|
@ -88,29 +88,29 @@ $(document).ready(function() {
|
|||
fileSender.on('loading', isStillLoading => {
|
||||
// The file is loading into Firefox at this stage
|
||||
if (isStillLoading) {
|
||||
console.log('Processing')
|
||||
console.log('Processing');
|
||||
} else {
|
||||
console.log('Finished processing')
|
||||
console.log('Finished processing');
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
fileSender.on('hashing', isStillHashing => {
|
||||
// The file is being hashed
|
||||
if (isStillHashing) {
|
||||
console.log('Hashing');
|
||||
} else {
|
||||
console.log('Finished hashing')
|
||||
console.log('Finished hashing');
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
fileSender.on('encrypting', isStillEncrypting => {
|
||||
// The file is being encrypted
|
||||
if (isStillEncrypting) {
|
||||
console.log('Encrypting');
|
||||
} else {
|
||||
console.log('Finished encrypting')
|
||||
console.log('Finished encrypting');
|
||||
}
|
||||
})
|
||||
});
|
||||
|
||||
fileSender
|
||||
.upload()
|
||||
|
|
|
|||
|
|
@ -34,34 +34,38 @@ function notify(str) {
|
|||
|
||||
function gcmCompliant() {
|
||||
try {
|
||||
return window.crypto.subtle.generateKey(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
length: 128
|
||||
},
|
||||
true,
|
||||
['encrypt', 'decrypt']
|
||||
).then(key => {
|
||||
return window.crypto.subtle.encrypt(
|
||||
return window.crypto.subtle
|
||||
.generateKey(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: window.crypto.getRandomValues(new Uint8Array(12)),
|
||||
additionalData: window.crypto.getRandomValues(new Uint8Array(6)),
|
||||
tagLength: 128
|
||||
length: 128
|
||||
},
|
||||
key,
|
||||
new ArrayBuffer(8)
|
||||
true,
|
||||
['encrypt', 'decrypt']
|
||||
)
|
||||
.then(() => {
|
||||
return Promise.resolve()
|
||||
.then(key => {
|
||||
return window.crypto.subtle
|
||||
.encrypt(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: window.crypto.getRandomValues(new Uint8Array(12)),
|
||||
additionalData: window.crypto.getRandomValues(new Uint8Array(6)),
|
||||
tagLength: 128
|
||||
},
|
||||
key,
|
||||
new ArrayBuffer(8)
|
||||
)
|
||||
.then(() => {
|
||||
return Promise.resolve();
|
||||
})
|
||||
.catch(err => {
|
||||
return Promise.reject();
|
||||
});
|
||||
})
|
||||
.catch(err => {
|
||||
return Promise.reject()
|
||||
})
|
||||
}).catch(err => {
|
||||
return Promise.reject();
|
||||
})
|
||||
} catch(err) {
|
||||
return Promise.reject();
|
||||
});
|
||||
} catch (err) {
|
||||
return Promise.reject();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -92,33 +92,35 @@ app.get('/assets/download/:id', (req, res) => {
|
|||
storage
|
||||
.metadata(id)
|
||||
.then(meta => {
|
||||
storage.length(id).then(contentLength => {
|
||||
res.writeHead(200, {
|
||||
'Content-Disposition': 'attachment; filename=' + meta.filename,
|
||||
'Content-Type': 'application/octet-stream',
|
||||
'Content-Length': contentLength,
|
||||
'X-File-Metadata': JSON.stringify(meta)
|
||||
});
|
||||
const file_stream = storage.get(id);
|
||||
storage
|
||||
.length(id)
|
||||
.then(contentLength => {
|
||||
res.writeHead(200, {
|
||||
'Content-Disposition': 'attachment; filename=' + meta.filename,
|
||||
'Content-Type': 'application/octet-stream',
|
||||
'Content-Length': contentLength,
|
||||
'X-File-Metadata': JSON.stringify(meta)
|
||||
});
|
||||
const file_stream = storage.get(id);
|
||||
|
||||
file_stream.on('end', () => {
|
||||
storage
|
||||
.forceDelete(id)
|
||||
.then(err => {
|
||||
if (!err) {
|
||||
log.info('Deleted:', id);
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
log.info('DeleteError:', id);
|
||||
});
|
||||
});
|
||||
file_stream.on('end', () => {
|
||||
storage
|
||||
.forceDelete(id)
|
||||
.then(err => {
|
||||
if (!err) {
|
||||
log.info('Deleted:', id);
|
||||
}
|
||||
})
|
||||
.catch(err => {
|
||||
log.info('DeleteError:', id);
|
||||
});
|
||||
});
|
||||
|
||||
file_stream.pipe(res);
|
||||
})
|
||||
.catch(err => {
|
||||
res.sendStatus(404);
|
||||
});
|
||||
file_stream.pipe(res);
|
||||
})
|
||||
.catch(err => {
|
||||
res.sendStatus(404);
|
||||
});
|
||||
})
|
||||
.catch(err => {
|
||||
res.sendStatus(404);
|
||||
|
|
@ -157,15 +159,17 @@ app.post('/upload', (req, res, next) => {
|
|||
|
||||
try {
|
||||
meta = JSON.parse(req.header('X-File-Metadata'));
|
||||
} catch(err) {
|
||||
} catch (err) {
|
||||
res.sendStatus(400);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!validateIV(meta.id) ||
|
||||
!meta.hasOwnProperty('aad') ||
|
||||
!meta.hasOwnProperty('id') ||
|
||||
!meta.hasOwnProperty('filename')) {
|
||||
if (
|
||||
!validateIV(meta.id) ||
|
||||
!meta.hasOwnProperty('aad') ||
|
||||
!meta.hasOwnProperty('id') ||
|
||||
!meta.hasOwnProperty('filename')
|
||||
) {
|
||||
res.sendStatus(404);
|
||||
return;
|
||||
}
|
||||
|
|
@ -216,4 +220,4 @@ const validateIV = route_id => {
|
|||
module.exports = {
|
||||
server: server,
|
||||
storage: storage
|
||||
}
|
||||
};
|
||||
|
|
|
|||
|
|
@ -129,7 +129,9 @@ function localGet(id) {
|
|||
|
||||
function localSet(newId, file, filename, meta) {
|
||||
return new Promise((resolve, reject) => {
|
||||
const fstream = fs.createWriteStream(path.join(__dirname, '../static', newId));
|
||||
const fstream = fs.createWriteStream(
|
||||
path.join(__dirname, '../static', newId)
|
||||
);
|
||||
file.pipe(fstream);
|
||||
fstream.on('close', () => {
|
||||
redis_client.hmset(newId, meta);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user