infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Merge branch 'barFix' into staging

Browse Source
pull/1/head
ansuz 5 years ago
parent 6a1844cac7 476d968660
commit 84059fa103
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File

7
www/common/common-hash.js
Unescape Escape View File

@ -28,6 +28,13 @@ var factory = function (Util, Crypto, Keys, Nacl) {
}; };
}; };
Hash.getSignPublicFromPrivate = function (edPrivateSafeStr) {
var edPrivateStr = Crypto.b64AddSlashes(edPrivateSafeStr);
var privateKey = Nacl.util.decodeBase64(edPrivateStr);
var keyPair = Nacl.sign.keyPair.fromSecretKey(privateKey);
return Nacl.util.encodeBase64(keyPair.publicKey);
};
var getEditHashFromKeys = Hash.getEditHashFromKeys = function (secret) { var getEditHashFromKeys = Hash.getEditHashFromKeys = function (secret) {
var version = secret.version; var version = secret.version;
var data = secret.keys; var data = secret.keys;

22
www/common/sframe-common-outer.js
Unescape Escape View File

@ -28,6 +28,7 @@ define([
var Test; var Test;
var password; var password;
var initialPathInDrive; var initialPathInDrive;
var burnAfterReading;
var currentPad = window.CryptPad_location = { var currentPad = window.CryptPad_location = {
app: '', app: '',
@ -171,6 +172,8 @@ define([
}); });
var parsed = Utils.Hash.parsePadUrl(currentPad.href); var parsed = Utils.Hash.parsePadUrl(currentPad.href);
burnAfterReading = parsed && parsed.hashData && parsed.hashData.ownerKey;
currentPad.app = parsed.type; currentPad.app = parsed.type;
if (cfg.getSecrets) { if (cfg.getSecrets) {
var w = waitFor(); var w = waitFor();
@ -376,6 +379,24 @@ define([
})); }));
}).nThen(done); }).nThen(done);
} }
}).nThen(function (waitFor) {
if (!burnAfterReading) { return; }
// This is a burn after reading URL: make sure our owner key is still valid
try {
var publicKey = Utils.Hash.getSignPublicFromPrivate(burnAfterReading);
Cryptpad.getPadMetadata({
channel: secret.channel
}, waitFor(function (md) {
if (md && md.error) { return console.error(md.error); }
// If our key is not valid anymore, don't show BAR warning
if (!(md && Array.isArray(md.owners)) || md.owners.indexOf(publicKey) === -1) {
burnAfterReading = null;
}
}));
} catch (e) {
console.error(e);
}
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
if (cfg.afterSecrets) { if (cfg.afterSecrets) {
cfg.afterSecrets(Cryptpad, Utils, secret, waitFor(), sframeChan); cfg.afterSecrets(Cryptpad, Utils, secret, waitFor(), sframeChan);
@ -402,7 +423,6 @@ define([
} }
Utils.crypto = Utils.Crypto.createEncryptor(Utils.secret.keys); Utils.crypto = Utils.Crypto.createEncryptor(Utils.secret.keys);
var parsed = Utils.Hash.parsePadUrl(currentPad.href); var parsed = Utils.Hash.parsePadUrl(currentPad.href);
var burnAfterReading = parsed && parsed.hashData && parsed.hashData.ownerKey;
if (!parsed.type) { throw new Error(); } if (!parsed.type) { throw new Error(); }
var defaultTitle = Utils.UserObject.getDefaultName(parsed); var defaultTitle = Utils.UserObject.getDefaultName(parsed);
var edPublic, curvePublic, notifications, isTemplate; var edPublic, curvePublic, notifications, isTemplate;

Write Preview
Loading…
Cancel
Save