Use lufi-api and WebCrypto
This commit is contained in:
Booteille
parent
c79f2c5662
commit
9695a615da
File diff suppressed because one or more lines are too long
|
|
@ -1,27 +1,43 @@
|
||||||
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
|
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
|
||||||
|
|
||||||
|
import * as lufiApi from "/js/lufi-api.browser.js"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Return the deciphering key stored in anchor part of the URL
|
* Return the deciphering key stored in anchor part of the URL
|
||||||
* Stolen from https://github.com/sebsauvage/ZeroBin/blob/master/js/zerobin.js
|
* Stolen from https://github.com/sebsauvage/ZeroBin/blob/master/js/zerobin.js
|
||||||
*/
|
*/
|
||||||
function pageKey() {
|
function pageKey() {
|
||||||
var key = window.location.hash.substring(1); // Get key
|
var key = window.location.hash.substring(1); // Get key
|
||||||
|
let i;
|
||||||
|
|
||||||
// Some stupid web 2.0 services and redirectors add data AFTER the anchor
|
// Some stupid web 2.0 services and redirectors add data AFTER the anchor
|
||||||
// (such as &utm_source=...).
|
// (such as &utm_source=...).
|
||||||
// We will strip any additional data.
|
// We will strip any additional data.
|
||||||
|
|
||||||
// First, strip everything after the equal sign (=) which signals end of base64 string.
|
// First, strip everything after the equal sign (=) which signals end of base64 string.
|
||||||
i = key.indexOf('='); if (i>-1) { key = key.substring(0, i + 1); }
|
i = key.indexOf('=');
|
||||||
|
let isb64 = false
|
||||||
|
|
||||||
|
if (i>-1) {
|
||||||
|
key = key.substring(0, i + 1);
|
||||||
|
|
||||||
|
isb64 = true
|
||||||
|
}
|
||||||
|
|
||||||
// If the equal sign was not present, some parameters may remain:
|
// If the equal sign was not present, some parameters may remain:
|
||||||
i = key.indexOf('&'); if (i>-1) { key = key.substring(0, i); }
|
i = key.indexOf('&'); if (i>-1) { key = key.substring(0, i); }
|
||||||
|
|
||||||
// Then add trailing equal sign if it's missing
|
// Then add trailing equal sign if it's missing and was using the Sjcl algorithm
|
||||||
|
if (isb64) {
|
||||||
if (key.charAt(key.length-1)!=='=') key += '=';
|
if (key.charAt(key.length-1)!=='=') key += '=';
|
||||||
|
}
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
|
||||||
function base64ToArrayBuffer(base64) {
|
function base64ToArrayBuffer(base64) {
|
||||||
|
base64 = base64 instanceof ArrayBuffer ? new TextDecoder().decode(base64) : base64; // Is it using Lufi API?
|
||||||
|
|
||||||
var binary_string = window.atob(base64);
|
var binary_string = window.atob(base64);
|
||||||
var len = binary_string.length;
|
var len = binary_string.length;
|
||||||
var bytes = new Uint8Array(len);
|
var bytes = new Uint8Array(len);
|
||||||
|
|
@ -92,6 +108,12 @@ function spawnWebsocket(pa) {
|
||||||
} else {
|
} else {
|
||||||
console.log(`Getting slice ${data.part + 1} of ${data.total}`);
|
console.log(`Getting slice ${data.part + 1} of ${data.total}`);
|
||||||
var slice = JSON.parse(res.shift());
|
var slice = JSON.parse(res.shift());
|
||||||
|
|
||||||
|
// If file was used using Lufi API
|
||||||
|
if (slice.iv) {
|
||||||
|
slice.iv = new Uint8Array(Object.values(slice.iv))
|
||||||
|
}
|
||||||
|
|
||||||
var percent = Math.round(1000 * (data.part + 1)/data.total)/10;
|
var percent = Math.round(1000 * (data.part + 1)/data.total)/10;
|
||||||
var wClass = percent.toString().replace('.', '-');
|
var wClass = percent.toString().replace('.', '-');
|
||||||
var pb = $('#pb');
|
var pb = $('#pb');
|
||||||
|
|
@ -101,8 +123,11 @@ function spawnWebsocket(pa) {
|
||||||
pb.attr('aria-valuenow', percent);
|
pb.attr('aria-valuenow', percent);
|
||||||
$('#pbt').html(`${percent}%`);
|
$('#pbt').html(`${percent}%`);
|
||||||
try {
|
try {
|
||||||
var b64 = sjcl.decrypt(window.key, slice);
|
lufiApi.lufiCrypto.decrypt(window.key, slice).then((decrypted) => {
|
||||||
|
var b64 = decrypted;
|
||||||
|
|
||||||
window.a[data.part] = base64ToArrayBuffer(b64);
|
window.a[data.part] = base64ToArrayBuffer(b64);
|
||||||
|
|
||||||
if (data.part + 1 === data.total) {
|
if (data.part + 1 === data.total) {
|
||||||
var blob = new Blob(a, { type: data.type });
|
var blob = new Blob(a, { type: data.type });
|
||||||
|
|
||||||
|
|
@ -206,6 +231,9 @@ function spawnWebsocket(pa) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}).catch((e) => {
|
||||||
|
console.error(e);
|
||||||
|
})
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
if (err.message === 'ccm: tag doesn\'t match') {
|
if (err.message === 'ccm: tag doesn\'t match') {
|
||||||
addAlert(i18n.badkey);
|
addAlert(i18n.badkey);
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,7 @@
|
||||||
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
|
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
|
||||||
|
|
||||||
|
import * as lufiApi from "/js/lufi-api.browser.js"
|
||||||
|
|
||||||
// total file counter
|
// total file counter
|
||||||
window.fc = 0;
|
window.fc = 0;
|
||||||
// Cancelled files indexes
|
// Cancelled files indexes
|
||||||
|
|
@ -267,18 +269,15 @@ function handleFiles(f) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create random key
|
|
||||||
function genRandomKey() {
|
|
||||||
return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 10), 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create progress bar and call slicing and uploading function
|
// Create progress bar and call slicing and uploading function
|
||||||
function uploadFile(i, delay, del_at_first_view) {
|
function uploadFile(i, delay, del_at_first_view) {
|
||||||
// Prevent exiting page before full upload
|
// Prevent exiting page before full upload
|
||||||
window.onbeforeunload = confirmExit;
|
window.onbeforeunload = confirmExit;
|
||||||
|
|
||||||
// Create a random key, different for all files
|
// Create a random key, different for all files
|
||||||
var randomkey = genRandomKey();
|
|
||||||
|
lufiApi.lufiCrypto.generateKey().then((random) => {
|
||||||
|
var randomKey = random;
|
||||||
|
|
||||||
// Get the file and properties
|
// Get the file and properties
|
||||||
var file = window.fileList[i];
|
var file = window.fileList[i];
|
||||||
|
|
@ -306,7 +305,7 @@ function uploadFile(i, delay, del_at_first_view) {
|
||||||
</div>
|
</div>
|
||||||
<div class="progress">
|
<div class="progress">
|
||||||
<div id="progress-${window.fc}"
|
<div id="progress-${window.fc}"
|
||||||
data-key="${randomkey}"
|
data-key="${randomKey}"
|
||||||
data-name="${name}"
|
data-name="${name}"
|
||||||
aria-valuemax="100"
|
aria-valuemax="100"
|
||||||
aria-valuemin="0"
|
aria-valuemin="0"
|
||||||
|
|
@ -324,11 +323,14 @@ function uploadFile(i, delay, del_at_first_view) {
|
||||||
destroyBlock(this);
|
destroyBlock(this);
|
||||||
});
|
});
|
||||||
|
|
||||||
sliceAndUpload(randomkey, i, parts, 0, delay, del_at_first_view, null, null);
|
sliceAndUpload(randomKey, i, parts, 0, delay, del_at_first_view, null, null);
|
||||||
|
}).catch((e) => {
|
||||||
|
console.error(e);
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get a slice of file and send it
|
// Get a slice of file and send it
|
||||||
function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short, mod_token) {
|
function sliceAndUpload(randomKey, i, parts, j, delay, del_at_first_view, short, mod_token) {
|
||||||
if (mod_token !== null && window.cancelled.includes(i)) {
|
if (mod_token !== null && window.cancelled.includes(i)) {
|
||||||
var data = JSON.stringify({
|
var data = JSON.stringify({
|
||||||
id: short,
|
id: short,
|
||||||
|
|
@ -356,6 +358,7 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
|
||||||
var file = window.fileList[i];
|
var file = window.fileList[i];
|
||||||
var slice = file.slice(j * window.sliceLength, (j + 1) * window.sliceLength, file.type);
|
var slice = file.slice(j * window.sliceLength, (j + 1) * window.sliceLength, file.type);
|
||||||
var fr = new FileReader();
|
var fr = new FileReader();
|
||||||
|
|
||||||
fr.onloadend = function() {
|
fr.onloadend = function() {
|
||||||
var sl = $(`#parts-${window.fc}`);
|
var sl = $(`#parts-${window.fc}`);
|
||||||
|
|
||||||
|
|
@ -370,7 +373,8 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
|
||||||
var b = window.btoa(bin);
|
var b = window.btoa(bin);
|
||||||
|
|
||||||
// Encrypt it
|
// Encrypt it
|
||||||
var encrypted = sjcl.encrypt(randomkey, b);
|
lufiApi.lufiCrypto.encrypt(randomKey, new TextEncoder().encode(b).buffer).then((encryptedFile) => {
|
||||||
|
let encrypted = encryptedFile;
|
||||||
|
|
||||||
// Prepare json
|
// Prepare json
|
||||||
var data = {
|
var data = {
|
||||||
|
|
@ -388,12 +392,15 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
|
||||||
// number of the sent file in the queue
|
// number of the sent file in the queue
|
||||||
i: i
|
i: i
|
||||||
};
|
};
|
||||||
|
|
||||||
if ($('#file_pwd').length === 1) {
|
if ($('#file_pwd').length === 1) {
|
||||||
var pwd = $('#file_pwd').val();
|
var pwd = $('#file_pwd').val();
|
||||||
|
|
||||||
if (pwd !== undefined && pwd !== null && pwd !== '') {
|
if (pwd !== undefined && pwd !== null && pwd !== '') {
|
||||||
data['file_pwd'] = $('#file_pwd').val();
|
data['file_pwd'] = $('#file_pwd').val();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
data = `${JSON.stringify(data)}XXMOJOXX${JSON.stringify(encrypted)}`;
|
data = `${JSON.stringify(data)}XXMOJOXX${JSON.stringify(encrypted)}`;
|
||||||
|
|
||||||
var percent = Math.round(1000 * j/parts)/10;
|
var percent = Math.round(1000 * j/parts)/10;
|
||||||
|
|
@ -421,9 +428,14 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
|
||||||
window.ws.send(data);
|
window.ws.send(data);
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
window.ws.send(data);
|
window.ws.send(data);
|
||||||
}
|
}
|
||||||
|
}).catch((e) => {
|
||||||
|
console.error(e);
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
fr.readAsBinaryString(slice);
|
fr.readAsBinaryString(slice);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -476,7 +488,6 @@ function updateProgressBar(data) {
|
||||||
var key = dp.attr('data-key');
|
var key = dp.attr('data-key');
|
||||||
|
|
||||||
if (j + 1 === parts) {
|
if (j + 1 === parts) {
|
||||||
//
|
|
||||||
window.ws.onclose = function () {
|
window.ws.onclose = function () {
|
||||||
console.log('Connection is closed.');
|
console.log('Connection is closed.');
|
||||||
};
|
};
|
||||||
|
|
@ -690,19 +701,7 @@ $(document).ready(function() {
|
||||||
$('#zip-files').prop('checked', false);
|
$('#zip-files').prop('checked', false);
|
||||||
$('#first-view').prop('checked', false);
|
$('#first-view').prop('checked', false);
|
||||||
$('#zipname').val('documents.zip');
|
$('#zipname').val('documents.zip');
|
||||||
if (!sjcl.random.isReady(10)) {
|
|
||||||
var loop = setInterval(function() {
|
|
||||||
if (!sjcl.random.isReady(10)) {
|
|
||||||
$('#not-enough-entropy').removeClass('hiddendiv');
|
|
||||||
} else {
|
|
||||||
$('#not-enough-entropy').addClass('hiddendiv');
|
|
||||||
bindDropZone();
|
bindDropZone();
|
||||||
clearInterval(loop);
|
|
||||||
}
|
|
||||||
}, 1000);
|
|
||||||
} else {
|
|
||||||
bindDropZone();
|
|
||||||
}
|
|
||||||
if (maxSize > 0) {
|
if (maxSize > 0) {
|
||||||
$('#max-file-size').text(i18n.maxSize.replace('XXX', filesize(maxSize)));
|
$('#max-file-size').text(i18n.maxSize.replace('XXX', filesize(maxSize)));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -165,5 +165,5 @@
|
||||||
%= javascript '/js/filesize.min.js'
|
%= javascript '/js/filesize.min.js'
|
||||||
%= javascript '/js/jszip.min.js'
|
%= javascript '/js/jszip.min.js'
|
||||||
%= javascript '/js/lufi-notifications.js'
|
%= javascript '/js/lufi-notifications.js'
|
||||||
%= javascript '/js/lufi-up.js'
|
|
||||||
% }
|
% }
|
||||||
|
<script type="module" src="/js/lufi-up.js"></script>
|
||||||
|
|
|
||||||
|
|
@ -46,8 +46,8 @@
|
||||||
%= javascript '/js/sjcl.js'
|
%= javascript '/js/sjcl.js'
|
||||||
%= javascript '/js/jszip.min.js'
|
%= javascript '/js/jszip.min.js'
|
||||||
%= javascript '/js/lufi-notifications.js'
|
%= javascript '/js/lufi-notifications.js'
|
||||||
%= javascript '/js/lufi-down.js'
|
|
||||||
% }
|
% }
|
||||||
% }
|
% }
|
||||||
|
<script type="module" src="/js/lufi-down.js"></script>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue