infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Merge branch 'staging' of github.com:xwiki-labs/cryptpad into staging

Browse Source
pull/1/head
yflory 8 years ago
parent 72c60ec676 a0c17d7c9b
commit 12cc49b575
5 changed files with 196 additions and 116 deletions
Show Stats Download Patch File Download Diff File

14
customize.dist/translations/messages.fr.js
Unescape Escape View File

@ -362,20 +362,6 @@ define(function () {
// Initial states // Initial states
out.initialState = [
'<p>',
'Voici <strong>CryptPad</strong>, l\'éditeur collaboratif en temps-réel Zero Knowledge.',
'<br>',
'Ce que vous tapez ici est chiffré de manière que seules les personnes avec le lien peuvent y accéder.',
'<br>',
'Même le serveur est incapable de voir ce que vous tapez.',
'</p>',
'<p>',
'<small>',
'<i>Ce que vous voyez ici, ce que vous entendez, quand vous partez, ça reste ici</i>',
'</small>',
'</p>',
].join('');
out.initialState = [ out.initialState = [
'<span style="font-size:18px;"><p>', '<span style="font-size:18px;"><p>',
'Voici <strong>CryptPad</strong>, l\'éditeur collaboratif en temps-réel Zero Knowledge. Tout est sauvegardé dés que vous le tapez.', 'Voici <strong>CryptPad</strong>, l\'éditeur collaboratif en temps-réel Zero Knowledge. Tout est sauvegardé dés que vous le tapez.',

3
customize.dist/translations/messages.js
Unescape Escape View File

@ -365,9 +365,6 @@ define(function () {
out.header_france = '<a href="http://www.xwiki.com/" target="_blank" rel="noopener noreferrer">With <img class="bottom-bar-heart" src="/customize/heart.png" alt="love" /> from <img class="bottom-bar-fr" src="/customize/fr.png" title="France" alt="France"/> by <img src="/customize/logo-xwiki.png" alt="XWiki SAS" class="bottom-bar-xwiki"/></a>'; out.header_france = '<a href="http://www.xwiki.com/" target="_blank" rel="noopener noreferrer">With <img class="bottom-bar-heart" src="/customize/heart.png" alt="love" /> from <img class="bottom-bar-fr" src="/customize/fr.png" title="France" alt="France"/> by <img src="/customize/logo-xwiki.png" alt="XWiki SAS" class="bottom-bar-xwiki"/></a>';
// TODO Hardcode cause YOLO
//out.header_xwiki = '<a href="http://www.xwiki.com/" target="_blank" rel="noopener noreferrer"><img src="/customize/logo-xwiki.png" alt="XWiki SAS" class="bottom-bar-xwiki"/></a>';
out.header_support = '<a href="http://ng.open-paas.org/" title="OpenPaaS::ng" target="_blank" rel="noopener noreferrer"> <img src="/customize/openpaasng.png" alt="OpenPaaS-ng" class="bottom-bar-openpaas" /></a>'; out.header_support = '<a href="http://ng.open-paas.org/" title="OpenPaaS::ng" target="_blank" rel="noopener noreferrer"> <img src="/customize/openpaasng.png" alt="OpenPaaS-ng" class="bottom-bar-openpaas" /></a>';
out.header_logoTitle = 'Go to the main page'; out.header_logoTitle = 'Go to the main page';

119
rpc.js
Unescape Escape View File

@ -1,6 +1,4 @@
/* Use Nacl for checking signatures of messages /* Use Nacl for checking signatures of messages */
*/
var Nacl = require("tweetnacl"); var Nacl = require("tweetnacl");
var RPC = module.exports; var RPC = module.exports;
@ -15,43 +13,124 @@ var isValidChannel = function (chan) {
return /^[a-fA-F0-9]/.test(chan); return /^[a-fA-F0-9]/.test(chan);
}; };
var checkSignature = function (signedMsg, publicKey) { var makeCookie = function (seq) {
if (!(signedMsg && publicKey)) { return null; } return [
Math.floor(new Date() / (1000*60*60*24)),
process.pid, // jshint ignore:line
seq
].join('|');
};
var parseCookie = function (cookie) {
if (!(cookie && cookie.split)) { return null; }
var parts = cookie.split('|');
if (parts.length !== 3) { return null; }
var c = {};
c.time = new Date(parts[0]);
c.pid = parts[1];
c.seq = parts[2];
return c;
};
var isValidCookie = function (ctx, cookie) {
var now = +new Date();
if (now - cookie.time > 300000) { // 5 minutes
return false;
}
// different process. try harder
if (process.pid !== cookie.pid) { // jshint ignore:line
return false;
}
//if (cookie.seq !==
return true;
};
var checkSignature = function (signedMsg, signature, publicKey) {
if (!(signedMsg && publicKey)) { return false; }
var signedBuffer; var signedBuffer;
var pubBuffer; var pubBuffer;
var signatureBuffer;
try { try {
signedBuffer = Nacl.util.decodeBase64(signedMsg); signedBuffer = Nacl.util.decodeUTF8(signedMsg);
pubBuffer = Nacl.util.decodeBase64(publicKey);
} catch (e) { } catch (e) {
console.log('invalid signedBuffer');
console.log(signedMsg);
return null; return null;
} }
var opened = Nacl.sign.open(signedBuffer, pubBuffer); try {
pubBuffer = Nacl.util.decodeBase64(publicKey);
} catch (e) {
return false;
}
if (opened) {
var decoded = Nacl.util.encodeUTF8(opened);
try { try {
return JSON.parse(decoded); signatureBuffer = Nacl.util.decodeBase64(signature);
} catch (e) { } // fall through to return } catch (e) {
return false;
} }
return null;
if (pubBuffer.length !== 32) {
console.log('public key length: ' + pubBuffer.length);
console.log(publicKey);
return false;
}
if (signatureBuffer.length !== 64) {
return false;
}
return Nacl.sign.detached.verify(signedBuffer, signatureBuffer, pubBuffer);
}; };
RPC.create = function (config, cb) { RPC.create = function (config, cb) {
// load pin-store... // load pin-store...
console.log('loading rpc module...'); console.log('loading rpc module...');
var rpc = function (ctx, args, respond) {
if (args.length < 2) { var Cookies = {};
var rpc = function (ctx, data, respond) {
if (!data.length) {
return void respond("INSUFFICIENT_ARGS"); return void respond("INSUFFICIENT_ARGS");
} else if (data.length !== 1) {
console.log(data.length);
}
var msg = data[0].slice(0);
var signature = msg.shift();
var publicKey = msg.shift();
var cookie = parseCookie(msg.shift());
if (!cookie) {
// no cookie is fine if the RPC is to get a cookie
if (msg[0] !== 'COOKIE') {
return void respond('NO_COOKIE');
}
} else if (!isValidCookie(cookie)) { // is it a valid cookie?
return void respond('INVALID_COOKIE');
} }
var signed = args[0]; var serialized = JSON.stringify(msg);
var publicKey = args[1];
if (!(serialized && publicKey)) {
return void respond('INVALID_MESSAGE_OR_PUBLIC_KEY');
}
if (checkSignature(serialized, signature, publicKey) !== true) {
return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY");
}
var msg = checkSignature(signed, publicKey); if (!msg.length) {
if (!msg) {
return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY"); return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY");
} }
@ -60,6 +139,8 @@ RPC.create = function (config, cb) {
} }
switch (msg[0]) { switch (msg[0]) {
case 'COOKIE':
return void respond(void 0, makeCookie());
case 'ECHO': case 'ECHO':
return void respond(void 0, msg); return void respond(void 0, msg);
case 'RESET': case 'RESET':

75
www/common/rpc.js
Unescape Escape View File

@ -1,8 +1,6 @@
define([ define([
'/common/encode.js',
'/bower_components/tweetnacl/nacl-fast.min.js', '/bower_components/tweetnacl/nacl-fast.min.js',
], function (Encode) { ], function () {
var MAX_LAG_BEFORE_TIMEOUT = 30000; var MAX_LAG_BEFORE_TIMEOUT = 30000;
var Nacl = window.nacl; var Nacl = window.nacl;
@ -11,34 +9,27 @@ define([
.toString(32).replace(/\./g, ''); .toString(32).replace(/\./g, '');
}; };
var signMsg = function (type, msg, signKey) { var signMsg = function (data, signKey) {
var toSign = JSON.stringify([type, msg]); var buffer = Nacl.util.decodeUTF8(JSON.stringify(data));
var buffer = Nacl.util.decodeUTF8(toSign); return Nacl.util.encodeBase64(Nacl.sign.detached(buffer, signKey));
return Nacl.util.encodeBase64(Nacl.sign(buffer, signKey));
}; };
/* /*
types of messages: types of messages:
pin -> hash pin -> hash
unpin -> hash unpin -> hash
getHash -> hash getHash -> hash
getTotalSize -> bytes getTotalSize -> bytes
getFileSize -> bytes getFileSize -> bytes
*/
/* RPC communicates only with the history keeper
messages have the format:
[TYPE, txid, msg]
*/ */
var sendMsg = function (ctx, type, signed, id, cb) {
var sendMsg = function (ctx, data, cb) {
var network = ctx.network; var network = ctx.network;
var hkn = network.historyKeeper; var hkn = network.historyKeeper;
var txid = uid(); var txid = uid();
ctx.pending[txid] = cb; ctx.pending[txid] = cb;
return network.sendto(hkn, JSON.stringify([txid, data]));
return network.sendto(hkn, JSON.stringify([txid, signed, id]));
}; };
var parse = function (msg) { var parse = function (msg) {
@ -49,20 +40,20 @@ types of messages:
} }
}; };
/* Returning messages have the format:
[txid, {}]
*/
var onMsg = function (ctx, msg) { var onMsg = function (ctx, msg) {
var parsed = parse(msg); var parsed = parse(msg);
if (!parsed) { if (!parsed) {
// TODO handle error return void console.error(new Error('could not parse message: %s', msg));
console.log(msg);
return;
} }
var txid = parsed[0]; var txid = parsed[0];
var pending = ctx.pending[txid]; var pending = ctx.pending[txid];
if (!(parsed && parsed.slice)) {
return void console.error('MALFORMED_RPC_RESPONSE');
}
var response = parsed.slice(1); var response = parsed.slice(1);
if (typeof(pending) === 'function') { if (typeof(pending) === 'function') {
@ -76,39 +67,57 @@ types of messages:
}; };
var create = function (network, edPrivateKey, edPublicKey) { var create = function (network, edPrivateKey, edPublicKey) {
var signKey = Nacl.util.decodeBase64(edPrivateKey); var signKey;
try { try {
signKey = Nacl.util.decodeBase64(edPrivateKey);
if (signKey.length !== 64) { if (signKey.length !== 64) {
throw new Error('private key did not match expected length of 64'); throw new Error('private key did not match expected length of 64');
} }
} catch (err) { } catch (err) { throw err; }
throw new Error("private signing key is not valid");
}
// TODO validate public key as well var pubBuffer;
try {
pubBuffer = Nacl.util.decodeBase64(edPublicKey);
if (pubBuffer.length !== 32) {
throw new Error('expected public key to be 32 uint');
}
} catch (err) { throw err; }
var ctx = { var ctx = {
//privateKey: Encode.hexToUint8Array(edPrivateKey),
seq: new Date().getTime(), seq: new Date().getTime(),
network: network, network: network,
timeouts: {}, // timeouts timeouts: {}, // timeouts
pending: {}, // callbacks pending: {}, // callbacks
cookie: null,
}; };
var pin = function (channel, cb) { };
var send = function (type, msg, cb) { var send = function (type, msg, cb) {
// construct a signed message... // construct a signed message...
var signed = signMsg(type, msg, signKey); var data = [type, msg];
var sig = signMsg(data, signKey);
data.unshift(ctx.cookie); //
data.unshift(edPublicKey);
data.unshift(sig);
return sendMsg(ctx, type, signed, edPublicKey, cb); // [sig, edPublicKey, cookie, type, msg]
return sendMsg(ctx, data, cb);
}; };
var getCookie = function (cb) {
send('COOKIE', "", function (e, msg) {
console.log('cookie message', e, msg);
cb(e, msg);
});
};
network.on('message', function (msg, sender) { network.on('message', function (msg, sender) {
onMsg(ctx, msg); onMsg(ctx, msg);
}); });
return { return {
send: send, send: send,
ready: getCookie,
}; };
}; };

15
www/examples/rpc/main.js
Unescape Escape View File

@ -24,6 +24,8 @@ define([
b: 7, b: 7,
}; };
rpc.ready(function () {
// console.log(payload); // console.log(payload);
rpc.send('ECHO', payload, function (e, msg) { rpc.send('ECHO', payload, function (e, msg) {
if (e) { return void console.error(e); } if (e) { return void console.error(e); }
@ -66,23 +68,28 @@ define([
console.log(msg); console.log(msg);
}); });
if (false) {
(function () { (function () {
var bytes = 0; var bytes = 0;
list.forEach(function (chan) { list.forEach(function (chan) {
rpc.send('GET_FILE_SIZE', chan, function (e, msg) { rpc.send('GET_FILE_SIZE', chan, function (e, msg) {
if (e) { return void console.error(e); } if (e) {
if (e === 'ENOENT') {
return void console.log(e, chan);
}
return void console.error(e);
}
if (msg && msg[0] && typeof(msg[0]) === 'number') { if (msg && msg[0] && typeof(msg[0]) === 'number') {
bytes += msg[0]; bytes += msg[0];
console.log(bytes); console.log(bytes);
} else { } else {
console.log(msg); console.log(msg);
} }
}); });
}); });
}()); }());
}
});
}); });
}); });
}); });

Write Preview
Loading…
Cancel
Save