From 6425d492f1f349a76ea6a87b5db72a3779de977c Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Fri, 27 Sep 2019 12:04:31 +0200
Subject: [PATCH 1/3] move credential.js from customize.dist/ to www/common/

---
 customize.dist/login.js                       |  2 +-
 .../common/common-credential.js               | 24 ++++++++++++++-----
 www/common/cryptpad-common.js                 |  2 +-
 www/register/main.js                          |  2 +-
 www/settings/inner.js                         |  2 +-
 5 files changed, 22 insertions(+), 10 deletions(-)
 rename customize.dist/credential.js => www/common/common-credential.js (80%)

diff --git a/customize.dist/login.js b/customize.dist/login.js
index 21668140f..0bf36b7ce 100644
--- a/customize.dist/login.js
+++ b/customize.dist/login.js
@@ -4,7 +4,7 @@ define([
     '/bower_components/chainpad-crypto/crypto.js',
     '/common/common-util.js',
     '/common/outer/network-config.js',
-    '/customize/credential.js',
+    '/common/common-credential.js',
     '/bower_components/chainpad/chainpad.dist.js',
     '/common/common-realtime.js',
     '/common/common-constants.js',
diff --git a/customize.dist/credential.js b/www/common/common-credential.js
similarity index 80%
rename from customize.dist/credential.js
rename to www/common/common-credential.js
index cdbd835c5..ffbc482d6 100644
--- a/customize.dist/credential.js
+++ b/www/common/common-credential.js
@@ -1,9 +1,6 @@
-define([
-    '/customize/application_config.js',
-    '/bower_components/scrypt-async/scrypt-async.min.js',
-], function (AppConfig) {
+(function () {
+var factory = function (AppConfig, Scrypt) {
     var Cred = {};
-    var Scrypt = window.scrypt;
 
     Cred.MINIMUM_PASSWORD_LENGTH = typeof(AppConfig.minimumPasswordLength) === 'number'?
         AppConfig.minimumPasswordLength: 8;
@@ -86,4 +83,19 @@ define([
     };
 
     return Cred;
-});
+};
+
+    if (typeof(module) !== 'undefined' && module.exports) {
+        module.exports = factory(
+            {}, //require("../../customize.dist/application_config.js"),
+            require("../bower_components/scrypt-async/scrypt-async.min.js")
+        );
+    } else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
+        define([
+            '/customize/application_config.js',
+            '/bower_components/scrypt-async/scrypt-async.min.js',
+        ], function (AppConfig) {
+            return factory(AppConfig, window.scrypt);
+        });
+    }
+}());
diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js
index 0516bf057..3be8ed032 100644
--- a/www/common/cryptpad-common.js
+++ b/www/common/cryptpad-common.js
@@ -1017,7 +1017,7 @@ define([
         var Cred, Block, Login;
         Nthen(function (waitFor) {
             require([
-                '/customize/credential.js',
+                '/common/common-credential.js',
                 '/common/outer/login-block.js',
                 '/customize/login.js'
             ], waitFor(function (_Cred, _Block, _Login) {
diff --git a/www/register/main.js b/www/register/main.js
index 63324f810..d052f88b0 100644
--- a/www/register/main.js
+++ b/www/register/main.js
@@ -3,7 +3,7 @@ define([
     '/customize/login.js',
     '/common/cryptpad-common.js',
     '/common/test.js',
-    '/customize/credential.js', // preloaded for login.js
+    '/common/common-credential.js',
     '/common/common-interface.js',
     '/common/common-util.js',
     '/common/common-realtime.js',
diff --git a/www/settings/inner.js b/www/settings/inner.js
index 6fe07e3fe..416f99bb8 100644
--- a/www/settings/inner.js
+++ b/www/settings/inner.js
@@ -9,7 +9,7 @@ define([
     '/common/common-hash.js',
     '/customize/messages.js',
     '/common/hyperscript.js',
-    '/customize/credential.js',
+    '/common/common-credential.js',
     '/customize/application_config.js',
     '/api/config',
     '/common/make-backup.js',

From 61e66e9add2dfd59fd323e85d26c2a687794e3bc Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Fri, 27 Sep 2019 12:05:08 +0200
Subject: [PATCH 2/3] WIP invitation link generation

---
 www/common/outer/invitation.js | 95 ++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)
 create mode 100644 www/common/outer/invitation.js

diff --git a/www/common/outer/invitation.js b/www/common/outer/invitation.js
new file mode 100644
index 000000000..c6199bf4c
--- /dev/null
+++ b/www/common/outer/invitation.js
@@ -0,0 +1,95 @@
+(function () {
+var factory = function (Util, Cred, nThen) {
+    nThen = nThen; // XXX
+    var Invite = {};
+
+/* 
+    TODO key derivation
+
+    scrypt(seed, passwd) => {
+        curve: {
+            private,
+            public,
+        },
+        ed: {
+            private,
+            public,
+        }
+        cryptKey,
+        channel
+    }
+*/
+
+    var BYTES_REQUIRED = 256;
+
+    Invite.deriveKeys = function (seed, passwd, cb) {
+        cb = cb; // XXX
+        // TODO validate has cb
+        // TODO onceAsync the cb
+        // TODO cb with err if !(seed && passwd)
+
+        Cred.deriveFromPassphrase(seed, passwd, BYTES_REQUIRED, function (bytes) {
+            var dispense = Cred.dispenser(bytes);
+            dispense = dispense; // XXX
+
+            // edPriv => edPub
+            // curvePriv => curvePub
+            // channel
+            // cryptKey
+        });
+    };
+
+    Invite.createSeed = function () {
+        // XXX
+        // return a seed
+    };
+
+    Invite.create = function (cb) {
+        cb = cb; // XXX
+        // TODO validate has cb
+        // TODO onceAsync the cb
+        // TODO cb with err if !(seed && passwd)
+
+
+
+        // required
+            // password
+            // validateKey
+            // creatorEdPublic
+                // for owner
+        // ephemeral
+            // signingKey
+                // for owner to write invitation
+        // derived
+            // edPriv
+                // edPublic
+                    // for invitee ownership
+            // curvePriv
+                // curvePub
+                    // for acceptance OR
+                    // authenticated decline message via mailbox
+            // channel
+                // for owned deletion
+                // for team pinning
+            // cryptKey
+                // for protecting channel content
+    };
+
+    return Invite;
+};
+    if (typeof(module) !== 'undefined' && module.exports) {
+        module.exports = factory(
+            require("../common-util"),
+            require("../common-credential.js"),
+            require("nthen")
+        );
+    } else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
+        define([
+            '/common/common-util.js',
+            '/common/common-credential.js',
+            '/bower_components/nthen/index.js',
+        ], function (Util, Cred, nThen) {
+            return factory(Util, nThen);
+        });
+    }
+}());

From 69e61ec2f2a290ed9b20ea1f52f1f7fde789a185 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Fri, 27 Sep 2019 14:28:59 +0200
Subject: [PATCH 3/3] ignore metadata commands which add invalid owners

---
 lib/metadata.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/metadata.js b/lib/metadata.js
index 6231ea224..de40043af 100644
--- a/lib/metadata.js
+++ b/lib/metadata.js
@@ -15,6 +15,10 @@ var deduplicate = require("./deduplicate");
 
 var commands = {};
 
+var isValidOwner = function (owner) {
+    return typeof(owner) === 'string' && owner.length === 44;
+};
+
 // ["ADD_OWNERS", ["7eEqelGso3EBr5jHlei6av4r9w2B9XZiGGwA1EgZ-5I="], 1561623438989]
 commands.ADD_OWNERS = function (meta, args) {
     // bail out if args isn't an array
@@ -30,6 +34,7 @@ commands.ADD_OWNERS = function (meta, args) {
 
     var changed = false;
     args.forEach(function (owner) {
+        if (!isValidOwner(owner)) { return; }
         if (meta.owners.indexOf(owner) >= 0) { return; }
         meta.owners.push(owner);
         changed = true;
@@ -90,6 +95,7 @@ commands.ADD_PENDING_OWNERS = function (meta, args) {
     }
     // or fill it
     args.forEach(function (owner) {
+        if (!isValidOwner(owner)) { return; }
         if (meta.pending_owners.indexOf(owner) >= 0) { return; }
         meta.pending_owners.push(owner);
         changed = true;
@@ -134,7 +140,7 @@ commands.RESET_OWNERS = function (meta, args) {
     }
 
     // overwrite the existing owners with the new one
-    meta.owners = deduplicate(args);
+    meta.owners = deduplicate(args.filter(isValidOwner));
     return true;
 };