|
|
|
|
@ -1,8 +1,76 @@
|
|
|
|
|
(function () {
|
|
|
|
|
var factory = function (Util, Cred, nThen) {
|
|
|
|
|
var factory = function (Util, Cred, nThen, Nacl) {
|
|
|
|
|
nThen = nThen; // XXX
|
|
|
|
|
var Invite = {};
|
|
|
|
|
|
|
|
|
|
var encode64 = Nacl.util.encodeBase64;
|
|
|
|
|
var decode64 = Nacl.util.decode64;
|
|
|
|
|
|
|
|
|
|
// ed and curve keys can be random...
|
|
|
|
|
Invite.generateKeys = function () {
|
|
|
|
|
var ed = Nacl.sign.keyPair();
|
|
|
|
|
var curve = Nacl.box.keyPair();
|
|
|
|
|
return {
|
|
|
|
|
edPublic: encode64(ed.publicKey),
|
|
|
|
|
edPrivate: encode64(ed.secretKey),
|
|
|
|
|
curvePublic: encode64(curve.publicKey),
|
|
|
|
|
curvePrivate: encode64(curve.secretKey),
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var b64ToChannelKeys = function (b64) {
|
|
|
|
|
var dispense = Cred.dispenser(decode64(b64));
|
|
|
|
|
return {
|
|
|
|
|
channel: Util.uint8ArrayToHex(dispense(16)),
|
|
|
|
|
cryptKey: encode64(dispense(Nacl.secretbox.keyLength)),
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// the secret invite values (cryptkey and channel) can be derived
|
|
|
|
|
// from the link seed and (optional) password
|
|
|
|
|
Invite.deriveInviteKeys = b64ToChannelKeys;
|
|
|
|
|
|
|
|
|
|
// the preview values (cryptkey and channel) are less sensitive than the invite values
|
|
|
|
|
// as they cannot be leveraged to access any further content on their own
|
|
|
|
|
// unless the message contains secrets.
|
|
|
|
|
// derived from the link seed alone.
|
|
|
|
|
Invite.derivePreviewKeys = b64ToChannelKeys;
|
|
|
|
|
|
|
|
|
|
// what the invite link alone will allow you to see
|
|
|
|
|
Invite.createPreviewContent = function (data, keys, cb) {
|
|
|
|
|
cb = cb;
|
|
|
|
|
/* should include:
|
|
|
|
|
{
|
|
|
|
|
message: "", // personal message
|
|
|
|
|
author: "", // author public key
|
|
|
|
|
from: "", // author pretty name
|
|
|
|
|
}
|
|
|
|
|
*/
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// the remaining data available with the invite link + password
|
|
|
|
|
Invite.createInviteContent = function (data, keys, cb) {
|
|
|
|
|
cb = cb;
|
|
|
|
|
/* should include:
|
|
|
|
|
{
|
|
|
|
|
teamData: {
|
|
|
|
|
// everything you need to join the team
|
|
|
|
|
|
|
|
|
|
},
|
|
|
|
|
ephemeral: {
|
|
|
|
|
curve: "", // for the roster
|
|
|
|
|
ed: "" // for deleting the preview content
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
*/
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Invite.createRosterEntry = function (roster, data, cb) {
|
|
|
|
|
var toInvite = {};
|
|
|
|
|
toInvite[data.curvePublic] = data.content;
|
|
|
|
|
roster.invite(toInvite, cb);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* INPUTS
|
|
|
|
|
|
|
|
|
|
* password (for scrypt)
|
|
|
|
|
@ -13,20 +81,6 @@ var factory = function (Util, Cred, nThen) {
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* DERIVATIONS
|
|
|
|
|
|
|
|
|
|
* components corresponding to www/common/invitation.js
|
|
|
|
|
* preview_hash => components
|
|
|
|
|
* channel
|
|
|
|
|
* cryptKey
|
|
|
|
|
* b64_bytes
|
|
|
|
|
* curvePrivate => curvePublic
|
|
|
|
|
* edSeed => edPrivate => edPublic
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* IO / FUNCTIONALITY
|
|
|
|
|
|
|
|
|
|
* creator
|
|
|
|
|
@ -46,77 +100,23 @@ var factory = function (Util, Cred, nThen) {
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var BYTES_REQUIRED = 256;
|
|
|
|
|
|
|
|
|
|
Invite.deriveKeys = function (seed, passwd, cb) {
|
|
|
|
|
cb = cb; // XXX
|
|
|
|
|
// TODO validate has cb
|
|
|
|
|
// TODO onceAsync the cb
|
|
|
|
|
// TODO cb with err if !(seed && passwd)
|
|
|
|
|
|
|
|
|
|
Cred.deriveFromPassphrase(seed, passwd, BYTES_REQUIRED, function (bytes) {
|
|
|
|
|
var dispense = Cred.dispenser(bytes);
|
|
|
|
|
dispense = dispense; // XXX
|
|
|
|
|
|
|
|
|
|
// edPriv => edPub
|
|
|
|
|
// curvePriv => curvePub
|
|
|
|
|
// channel
|
|
|
|
|
// cryptKey
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Invite.createSeed = function () {
|
|
|
|
|
// XXX
|
|
|
|
|
// return a seed
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
Invite.create = function (cb) {
|
|
|
|
|
cb = cb; // XXX
|
|
|
|
|
// TODO validate has cb
|
|
|
|
|
// TODO onceAsync the cb
|
|
|
|
|
// TODO cb with err if !(seed && passwd)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// required
|
|
|
|
|
// password
|
|
|
|
|
// validateKey
|
|
|
|
|
// creatorEdPublic
|
|
|
|
|
// for owner
|
|
|
|
|
// ephemeral
|
|
|
|
|
// signingKey
|
|
|
|
|
// for owner to write invitation
|
|
|
|
|
// derived
|
|
|
|
|
// edPriv
|
|
|
|
|
// edPublic
|
|
|
|
|
// for invitee ownership
|
|
|
|
|
// curvePriv
|
|
|
|
|
// curvePub
|
|
|
|
|
// for acceptance OR
|
|
|
|
|
// authenticated decline message via mailbox
|
|
|
|
|
// channel
|
|
|
|
|
// for owned deletion
|
|
|
|
|
// for team pinning
|
|
|
|
|
// cryptKey
|
|
|
|
|
// for protecting channel content
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return Invite;
|
|
|
|
|
};
|
|
|
|
|
if (typeof(module) !== 'undefined' && module.exports) {
|
|
|
|
|
module.exports = factory(
|
|
|
|
|
require("../common-util"),
|
|
|
|
|
require("../common-credential.js"),
|
|
|
|
|
require("nthen")
|
|
|
|
|
require("nthen"),
|
|
|
|
|
require("tweetnacl/nacl-fast")
|
|
|
|
|
);
|
|
|
|
|
} else if ((typeof(define) !== 'undefined' && define !== null) && (define.amd !== null)) {
|
|
|
|
|
define([
|
|
|
|
|
'/common/common-util.js',
|
|
|
|
|
'/common/common-credential.js',
|
|
|
|
|
'/bower_components/nthen/index.js',
|
|
|
|
|
'/bower_components/tweetnacl/nacl-fast.min.js',
|
|
|
|
|
], function (Util, Cred, nThen) {
|
|
|
|
|
return factory(Util, nThen);
|
|
|
|
|
return factory(Util, Cred, nThen, window.nacl);
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
}());
|
|
|
|
|
|
ansuz
5 years ago