implementing web crypto API for encryption

2020-01-11 13:24:16 +01:00 · 2020-01-11 13:24:16 +01:00 · c28b134067
parent a6d5254662
commit c28b134067
4 changed files with 54 additions and 5 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -10,13 +10,13 @@ php:

 # as this is a php project, node.js v4 (for JS unit testing) isn't installed
 install:
-  - if [ ! -d "$HOME/.nvm" ]; then mkdir -p $HOME/.nvm && curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.8/install.sh | NVM_METHOD=script bash; fi
-  - source ~/.nvm/nvm.sh && nvm install 4
+  - if [ ! -d "$HOME/.nvm" ]; then mkdir -p $HOME/.nvm && curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | NVM_METHOD=script bash; fi
+  - source ~/.nvm/nvm.sh && nvm install --lts

 before_script:
  - composer install -n
  - npm install -g mocha
-  - cd js && npm install jsverify jsdom@9 jsdom-global@2 mime-types
+  - cd js && npm install

 script:
  - mocha
--- a/composer.json
+++ b/composer.json
@ -3,13 +3,13 @@
    "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
    "type": "project",
    "keywords": ["private", "secure", "end-to-end-encrypted", "e2e", "paste", "pastebin", "zero", "zero-knowledge", "encryption", "encrypted", "AES"],
-    "homepage": "https://github.com/PrivateBin",
+    "homepage": "https://privatebin.info/",
    "license":"zlib-acknowledgement",
    "support": {
        "issues": "https://github.com/PrivateBin/PrivateBin/issues",
        "wiki": "https://github.com/PrivateBin/PrivateBin/wiki",
        "source": "https://github.com/PrivateBin/PrivateBin",
-        "docs": "https://zerobin.dssr.ch/documentation/"
+        "docs": "https://privatebin.info/codedoc/"
    },
    "require": {
        "php": "^5.4.0 || ^7.0",
--- a/js/package.json
+++ b/js/package.json
@ -0,0 +1,43 @@
+{
+  "name": "privatebin",
+  "version": "1.2.1",
+  "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
+  "main": "privatebin.js",
+  "directories": {
+    "test": "test"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "jsdom": "^9.12.0",
+    "jsdom-global": "^2.1.1",
+    "jsverify": "^0.8.3",
+    "mime-types": "^2.1.20",
+    "node-webcrypto-ossl": "^1.0.37"
+  },
+  "scripts": {
+    "test": "mocha"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/PrivateBin/PrivateBin.git"
+  },
+  "keywords": [
+    "private",
+    "secure",
+    "end-to-end-encrypted",
+    "e2e",
+    "paste",
+    "pastebin",
+    "zero",
+    "zero-knowledge",
+    "encryption",
+    "encrypted",
+    "AES"
+  ],
+  "author": "",
+  "license": "zlib-acknowledgement",
+  "bugs": {
+    "url": "https://github.com/PrivateBin/PrivateBin/issues"
+  },
+  "homepage": "https://privatebin.info/"
+}
--- a/tst/README.md
+++ b/tst/README.md
@ -69,6 +69,12 @@ $ npm install jsverify jsdom@9 jsdom-global@2 mime-types
 Note: If you use a distribution that provides nodeJS >= 6, then you can install
 the latest jsdom and jsdom-global packages and don't need to use @9 and @2.

+Note: When running Ubuntu 18.04, there is [a bug](https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1779863)
+due to the mismatch of nodejs 8 and OpenSSL 1.1 library it was compiled against.
+Until this is solved, you may have to use [a PPA of nodejs, compiled against
+OpenSSL 1.0](https://launchpad.net/~ddstreet/+archive/ubuntu/lp1779863) or use
+nodejs 10 or later from a different source.
+
 To run the tests, just change into the `js` directory and run istanbul:
 ```console
 $ cd PrivateBin/js