infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Seperated common crypto operations to common file and made common toolbar used for both pad and spreadsheet

Browse Source
pull/1/head
Caleb James DeLisle 10 years ago
parent e039e90a24
commit 0e44b10aeb
5 changed files with 160 additions and 222 deletions
Show Stats Download Patch File Download Diff File

77
www/common/crypto.js
Unescape Escape View File

@ -0,0 +1,77 @@
define([
'/bower_components/tweetnacl/nacl-fast.min.js',
], function () {
var Nacl = window.nacl;
var module = { exports: {} };
var encryptStr = function (str, key) {
var array = Nacl.util.decodeUTF8(str);
var nonce = Nacl.randomBytes(24);
var packed = Nacl.secretbox(array, nonce, key);
if (!packed) { throw new Error(); }
return Nacl.util.encodeBase64(nonce) + "|" + Nacl.util.encodeBase64(packed);
};
var decryptStr = function (str, key) {
var arr = str.split('|');
if (arr.length !== 2) { throw new Error(); }
var nonce = Nacl.util.decodeBase64(arr[0]);
var packed = Nacl.util.decodeBase64(arr[1]);
var unpacked = Nacl.secretbox.open(packed, nonce, key);
if (!unpacked) { throw new Error(); }
return Nacl.util.encodeUTF8(unpacked);
};
// this is crap because of bencoding messages... it should go away....
var splitMessage = function (msg, sending) {
var idx = 0;
var nl;
for (var i = ((sending) ? 0 : 1); i < 3; i++) {
nl = msg.indexOf(':',idx);
idx = nl + Number(msg.substring(idx,nl)) + 1;
}
return [ msg.substring(0,idx), msg.substring(msg.indexOf(':',idx) + 1) ];
};
var encrypt = module.exports.encrypt = function (msg, key) {
var spl = splitMessage(msg, true);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
json[1] = encryptStr(JSON.stringify(json[1]), key);
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var decrypt = module.exports.decrypt = function (msg, key) {
var spl = splitMessage(msg, false);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
if (typeof(json[1]) !== 'string') { throw new Error(); }
json[1] = JSON.parse(decryptStr(json[1], key));
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var parseKey = module.exports.parseKey = function (str) {
var array = Nacl.util.decodeBase64(str);
var hash = Nacl.hash(array);
var lk = hash.subarray(32);
return {
lookupKey: lk,
cryptKey: hash.subarray(0,32),
channel: Nacl.util.encodeBase64(lk).substring(0,10)
};
};
var rand64 = module.exports.rand64 = function (bytes) {
return Nacl.util.encodeBase64(Nacl.randomBytes(bytes));
};
var genKey = module.exports.genKey = function () {
return rand64(18);
};
return module.exports;
});

107
www/common/toolbar.js
Unescape Escape View File

@ -1,4 +1,6 @@
var Toolbar = function ($, container, Messages, myUserName, realtime) {
define([
'/common/messages.js'
], function (Messages) {
/** Id of the element for getting debug info. */
var DEBUG_LINK_CLS = 'rtwysiwyg-debug-link';
@ -22,15 +24,15 @@ var Toolbar = function ($, container, Messages, myUserName, realtime) {
return 'rtwysiwyg-uid-' + String(Math.random()).substring(2);
};
var createRealtimeToolbar = function (container) {
var createRealtimeToolbar = function ($container) {
var id = uid();
$(container).prepend(
$container.prepend(
'<div class="' + TOOLBAR_CLS + '" id="' + id + '">' +
'<div class="rtwysiwyg-toolbar-leftside"></div>' +
'<div class="rtwysiwyg-toolbar-rightside"></div>' +
'</div>'
);
var toolbar = $('#'+id);
var toolbar = $container.find('#'+id);
toolbar.append([
'<style>',
'.' + TOOLBAR_CLS + ' {',
@ -77,10 +79,10 @@ var Toolbar = function ($, container, Messages, myUserName, realtime) {
return toolbar;
};
var createSpinner = function (container) {
var createSpinner = function ($container) {
var id = uid();
$(container).append('<div class="rtwysiwyg-spinner" id="'+id+'"></div>');
return $('#'+id)[0];
$container.append('<div class="rtwysiwyg-spinner" id="'+id+'"></div>');
return $container.find('#'+id)[0];
};
var kickSpinner = function (spinnerElement, reversed) {
@ -93,10 +95,10 @@ var Toolbar = function ($, container, Messages, myUserName, realtime) {
}, SPINNER_DISAPPEAR_TIME);
};
var createUserList = function (container) {
var createUserList = function ($container) {
var id = uid();
$(container).prepend('<div class="' + USER_LIST_CLS + '" id="'+id+'"></div>');
return $('#'+id)[0];
$container.prepend('<div class="' + USER_LIST_CLS + '" id="'+id+'"></div>');
return $container.find('#'+id)[0];
};
var updateUserList = function (myUserName, listElement, userList) {
@ -115,10 +117,10 @@ var Toolbar = function ($, container, Messages, myUserName, realtime) {
}
};
var createLagElement = function (container) {
var createLagElement = function ($container) {
var id = uid();
$(container).append('<div class="' + LAG_ELEM_CLS + '" id="'+id+'"></div>');
return $('#'+id)[0];
$container.append('<div class="' + LAG_ELEM_CLS + '" id="'+id+'"></div>');
return $container.find('#'+id)[0];
};
var checkLag = function (realtime, lagElement) {
@ -133,40 +135,49 @@ var Toolbar = function ($, container, Messages, myUserName, realtime) {
lagElement.textContent = lagMsg;
};
var toolbar = createRealtimeToolbar(container);
var userListElement = createUserList(toolbar.find('.rtwysiwyg-toolbar-leftside'));
var spinner = createSpinner(toolbar.find('.rtwysiwyg-toolbar-rightside'));
var lagElement = createLagElement(toolbar.find('.rtwysiwyg-toolbar-rightside'));
var connected = false;
realtime.onUserListChange(function (userList) {
if (userList.indexOf(myUserName) !== -1) { connected = true; }
if (!connected) { return; }
updateUserList(myUserName, userListElement, userList);
});
var ks = function () {
if (connected) { kickSpinner(spinner, false); }
var create = function ($container, myUserName, realtime) {
var toolbar = createRealtimeToolbar($container);
var userListElement = createUserList(toolbar.find('.rtwysiwyg-toolbar-leftside'));
var spinner = createSpinner(toolbar.find('.rtwysiwyg-toolbar-rightside'));
var lagElement = createLagElement(toolbar.find('.rtwysiwyg-toolbar-rightside'));
var connected = false;
realtime.onUserListChange(function (userList) {
if (userList.indexOf(myUserName) !== -1) { connected = true; }
if (!connected) { return; }
updateUserList(myUserName, userListElement, userList);
});
var ks = function () {
if (connected) { kickSpinner(spinner, false); }
};
realtime.onPatch(ks);
// Try to filter out non-patch messages, doesn't have to be perfect this is just the spinner
realtime.onMessage(function (msg) { if (msg.indexOf(':[2,') > -1) { ks(); } });
setInterval(function () {
if (!connected) { return; }
checkLag(realtime, lagElement);
}, 3000);
return {
failed: function () {
connected = false;
userListElement.textContent = '';
lagElement.textContent = '';
},
reconnecting: function () {
connected = false;
userListElement.textContent = Messages.reconnecting;
lagElement.textContent = '';
},
connected: function () {
connected = true;
}
};
};
realtime.onPatch(ks);
realtime.onMessage(ks);
setInterval(function () {
if (!connected) { return; }
checkLag(realtime, lagElement);
}, 3000);
return {
reconnecting: function () {
connected = false;
userListElement.textContent = Messages.reconnecting;
lagElement.textContent = '';
},
connected: function () {
connected = true;
}
};
};
return { create: create };
});

31
www/pad/main.js
Unescape Escape View File

@ -2,39 +2,22 @@ define([
'/api/config?cb=' + Math.random().toString(16).substring(2),
'/pad/realtime-wysiwyg.js',
'/common/messages.js',
'/common/crypto.js',
'/bower_components/jquery/dist/jquery.min.js',
'/bower_components/ckeditor/ckeditor.js',
'/bower_components/tweetnacl/nacl-fast.min.js',
], function (Config, RTWysiwyg, Messages) {
], function (Config, RTWysiwyg, Messages, Crypto) {
var Ckeditor = window.CKEDITOR;
var Nacl = window.nacl;
var $ = jQuery;
var module = { exports: {} };
var parseKey = function (str) {
var array = Nacl.util.decodeBase64(str);
var hash = Nacl.hash(array);
return { lookupKey: hash.subarray(32), cryptKey: hash.subarray(0,32) };
};
var genKey = function () {
return Nacl.util.encodeBase64(Nacl.randomBytes(18));
};
var userName = function () {
return Nacl.util.encodeBase64(Nacl.randomBytes(8));
};
var $ = window.jQuery;
$(function () {
$(window).on('hashchange', function() {
window.location.reload();
});
if (window.location.href.indexOf('#') === -1) {
window.location.href = window.location.href + '#' + genKey();
window.location.href = window.location.href + '#' + Crypto.genKey();
return;
}
var key = parseKey(window.location.hash.substring(1));
var key = Crypto.parseKey(window.location.hash.substring(1));
var editor = Ckeditor.replace('editor1', {
removeButtons: 'Source,Maximize',
// This plugin inserts html crap into the document which is not part of the document
@ -48,8 +31,8 @@ define([
var rtw =
RTWysiwyg.start(Config.websocketURL,
userName(),
Nacl.util.encodeBase64(key.lookupKey).substring(0,10),
Crypto.rand64(8),
key.channel,
key.cryptKey);
editor.on('change', function () { rtw.onEvent(); });
});

83
www/pad/realtime-wysiwyg.js
Unescape Escape View File

@ -19,13 +19,13 @@ define([
'/pad/errorbox.js',
'/common/messages.js',
'/bower_components/reconnectingWebsocket/reconnecting-websocket.js',
'/common/crypto.js',
'/common/toolbar.js',
'/pad/rangy.js',
'/common/chainpad.js',
'/common/otaml.js',
'/common/toolbar.js',
'/bower_components/jquery/dist/jquery.min.js',
'/bower_components/tweetnacl/nacl-fast.min.js'
], function (HTMLPatcher, ErrorBox, Messages, ReconnectingWebSocket) {
], function (HTMLPatcher, ErrorBox, Messages, ReconnectingWebSocket, Crypto, Toolbar) {
window.ErrorBox = ErrorBox;
@ -34,7 +34,6 @@ window.ErrorBox = ErrorBox;
Rangy.init();
var ChainPad = window.ChainPad;
var Otaml = window.Otaml;
var Nacl = window.nacl;
var PARANOIA = true;
@ -49,23 +48,6 @@ window.ErrorBox = ErrorBox;
/** Maximum number of milliseconds of lag before we fail the connection. */
var MAX_LAG_BEFORE_DISCONNECT = 20000;
/** Id of the element for getting debug info. */
var DEBUG_LINK_CLS = 'rtwysiwyg-debug-link';
/** Id of the div containing the user list. */
var USER_LIST_CLS = 'rtwysiwyg-user-list';
/** Id of the div containing the lag info. */
var LAG_ELEM_CLS = 'rtwysiwyg-lag';
/** The toolbar class which contains the user list, debug link and lag. */
var TOOLBAR_CLS = 'rtwysiwyg-toolbar';
/** Key in the localStore which indicates realtime activity should be disallowed. */
var LOCALSTORAGE_DISALLOW = 'rtwysiwyg-disallow';
var SPINNER_DISAPPEAR_TIME = 3000;
// ------------------ Trapping Keyboard Events ---------------------- //
var bindEvents = function (element, events, callback, unbind) {
@ -108,9 +90,8 @@ window.ErrorBox = ErrorBox;
var abort = function (socket, realtime) {
realtime.abort();
realtime.toolbar.failed();
try { socket._socket.close(); } catch (e) { }
$('.'+USER_LIST_CLS).text(Messages.disconnected);
$('.'+LAG_ELEM_CLS).text("");
};
var createDebugInfo = function (cause, realtime, docHTML, allMessages) {
@ -266,55 +247,6 @@ window.ErrorBox = ErrorBox;
return out;
};
var encryptStr = function (str, key) {
var array = Nacl.util.decodeUTF8(str);
var nonce = Nacl.randomBytes(24);
var packed = Nacl.secretbox(array, nonce, key);
if (!packed) { throw new Error(); }
return Nacl.util.encodeBase64(nonce) + "|" + Nacl.util.encodeBase64(packed);
};
var decryptStr = function (str, key) {
var arr = str.split('|');
if (arr.length !== 2) { throw new Error(); }
var nonce = Nacl.util.decodeBase64(arr[0]);
var packed = Nacl.util.decodeBase64(arr[1]);
var unpacked = Nacl.secretbox.open(packed, nonce, key);
if (!unpacked) { throw new Error(); }
return Nacl.util.encodeUTF8(unpacked);
};
// this is crap because of bencoding messages... it should go away....
var splitMessage = function (msg, sending) {
var idx = 0;
var nl;
for (var i = ((sending) ? 0 : 1); i < 3; i++) {
nl = msg.indexOf(':',idx);
idx = nl + Number(msg.substring(idx,nl)) + 1;
}
return [ msg.substring(0,idx), msg.substring(msg.indexOf(':',idx) + 1) ];
};
var encrypt = function (msg, key) {
var spl = splitMessage(msg, true);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
json[1] = encryptStr(JSON.stringify(json[1]), key);
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var decrypt = function (msg, key) {
var spl = splitMessage(msg, false);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
if (typeof(json[1]) !== 'string') { throw new Error(); }
json[1] = JSON.parse(decryptStr(json[1], key));
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var start = module.exports.start = function (websocketUrl, userName, channel, cryptKey)
{
var passwd = 'y';
@ -370,7 +302,8 @@ console.log(new Error().stack);
getDocHTML(doc),
{ transformFunction: Otaml.transform });
var toolbar = Toolbar($, $('#cke_1_toolbox'), Messages, userName, realtime);
var toolbar = realtime.toolbar =
Toolbar.create($('#cke_1_toolbox'), userName, realtime);
onEvent = function () {
if (isErrorState) { return; }
@ -417,7 +350,7 @@ console.log(new Error().stack);
socket.onMessage.push(function (evt) {
if (isErrorState) { return; }
var message = decrypt(evt.data, cryptKey);
var message = Crypto.decrypt(evt.data, cryptKey);
allMessages.push(message);
if (!initializing) {
if (PARANOIA) { onEvent(); }
@ -427,7 +360,7 @@ console.log(new Error().stack);
});
realtime.onMessage(function (message) {
if (isErrorState) { return; }
message = encrypt(message, cryptKey);
message = Crypto.encrypt(message, cryptKey);
try {
socket.send(message);
} catch (e) {

84
www/sheet/main.js
Unescape Escape View File

@ -1,34 +1,18 @@
define([
'/api/config?cb=' + Math.random().toString(16).substring(2),
'/common/messages.js',
'/common/crypto.js',
'/common/toolbar.js',
'/common/chainpad.js',
'/bower_components/jquery/dist/jquery.min.js',
'/bower_components/tweetnacl/nacl-fast.min.js',
'/common/otaml.js'
], function (Config, Messages) {
var Nacl = window.nacl;
], function (Config, Messages, Crypto, Toolbar) {
var $ = jQuery;
var ChainPad = window.ChainPad;
var Otaml = window.Otaml;
var Toolbar = window.Toolbar;
var module = { exports: {} };
var parseKey = function (str) {
var array = Nacl.util.decodeBase64(str);
var hash = Nacl.hash(array);
return { lookupKey: hash.subarray(32), cryptKey: hash.subarray(0,32) };
};
var genKey = function () {
return Nacl.util.encodeBase64(Nacl.randomBytes(18));
};
var userName = function () {
return 'Other-' + Nacl.util.encodeBase64(Nacl.randomBytes(8));
};
var sheetToJson = function (ifrWindow) {
var xx = ifrWindow.sh[0].jS
var m = [];
@ -65,55 +49,6 @@ define([
}
};
var encryptStr = function (str, key) {
var array = Nacl.util.decodeUTF8(str);
var nonce = Nacl.randomBytes(24);
var packed = Nacl.secretbox(array, nonce, key);
if (!packed) { throw new Error(); }
return Nacl.util.encodeBase64(nonce) + "|" + Nacl.util.encodeBase64(packed);
};
var decryptStr = function (str, key) {
var arr = str.split('|');
if (arr.length !== 2) { throw new Error(); }
var nonce = Nacl.util.decodeBase64(arr[0]);
var packed = Nacl.util.decodeBase64(arr[1]);
var unpacked = Nacl.secretbox.open(packed, nonce, key);
if (!unpacked) { throw new Error(); }
return Nacl.util.encodeUTF8(unpacked);
};
// this is crap because of bencoding messages... it should go away....
var splitMessage = function (msg, sending) {
var idx = 0;
var nl;
for (var i = ((sending) ? 0 : 1); i < 3; i++) {
nl = msg.indexOf(':',idx);
idx = nl + Number(msg.substring(idx,nl)) + 1;
}
return [ msg.substring(0,idx), msg.substring(msg.indexOf(':',idx) + 1) ];
};
var encrypt = function (msg, key) {
var spl = splitMessage(msg, true);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
json[1] = encryptStr(JSON.stringify(json[1]), key);
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var decrypt = function (msg, key) {
var spl = splitMessage(msg, false);
var json = JSON.parse(spl[1]);
// non-patches are not encrypted.
if (json[0] !== 2) { return msg; }
if (typeof(json[1]) !== 'string') { throw new Error(); }
json[1] = JSON.parse(decryptStr(json[1], key));
var res = JSON.stringify(json);
return spl[0] + res.length + ':' + res;
};
var applyChange = function(ctx, oldval, newval) {
if (oldval === newval) return;
@ -139,7 +74,7 @@ define([
$(function () {
if (window.location.href.indexOf('#') === -1) {
window.location.href = window.location.href + '#' + genKey();
window.location.href = window.location.href + '#' + Crypto.genKey();
}
$(window).on('hashchange', function() {
window.location.reload();
@ -168,20 +103,19 @@ define([
}, 0);
};
var key = parseKey(window.location.hash.substring(1));
var channel = Nacl.util.encodeBase64(key.lookupKey).substring(0,10);
var myUserName = userName();
var key = Crypto.parseKey(window.location.hash.substring(1));
var myUserName = Crypto.rand64(8);
var socket = new WebSocket(Config.websocketURL);
socket.onopen = function () {
var realtime = ChainPad.create(
myUserName, 'x', channel, '', { transformFunction: Otaml.transform });
myUserName, 'x', key.channel, '', { transformFunction: Otaml.transform });
socket.onmessage = function (evt) {
var message = decrypt(evt.data, key.cryptKey);
var message = Crypto.decrypt(evt.data, key.cryptKey);
realtime.message(message);
};
realtime.onMessage(function (message) {
message = encrypt(message, key.cryptKey);
message = Crypto.encrypt(message, key.cryptKey);
try {
socket.send(message);
} catch (e) {
@ -193,7 +127,7 @@ define([
realtime.onPatch(function () { realtimeEvent(realtime); });
ifrw.$('.jSTitle').html('');
Toolbar(ifrw.$, ifrw.$('.jSTitle'), Messages, myUserName, realtime);
Toolbar.create(ifrw.$('.jSTitle'), myUserName, realtime);
realtime.start();
};

Write Preview
Loading…
Cancel
Save