MirrorMirror
/
lufi
mirror of https://framagit.org/fiat-tux/hat-softwares/lufi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use lufi-api and WebCrypto

This commit is contained in:
Booteille 2024-06-26 15:56:04 +02:00
parent c79f2c5662
commit 9695a615da
No known key found for this signature in database
GPG Key ID: 0AB6C6CA01272646
5 changed files with 209 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
themes/default/public/js/lufi-api.browser.js Normal file
View File

File diff suppressed because one or more lines are too long

34
themes/default/public/js/lufi-down.js
View File

@ -1,27 +1,43 @@
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
import * as lufiApi from "/js/lufi-api.browser.js"
/*
* Return the deciphering key stored in anchor part of the URL
* Stolen from https://github.com/sebsauvage/ZeroBin/blob/master/js/zerobin.js
*/
function pageKey() {
var key = window.location.hash.substring(1); // Get key
let i;
// Some stupid web 2.0 services and redirectors add data AFTER the anchor
// (such as &utm_source=...).
// We will strip any additional data.
// First, strip everything after the equal sign (=) which signals end of base64 string.
i = key.indexOf('='); if (i>-1) { key = key.substring(0, i + 1); }
i = key.indexOf('=');
let isb64 = false
if (i>-1) {
key = key.substring(0, i + 1);
isb64 = true
}
// If the equal sign was not present, some parameters may remain:
i = key.indexOf('&'); if (i>-1) { key = key.substring(0, i); }
// Then add trailing equal sign if it's missing
// Then add trailing equal sign if it's missing and was using the Sjcl algorithm
if (isb64) {
if (key.charAt(key.length-1)!=='=') key += '=';
}
return key;
}
function base64ToArrayBuffer(base64) {
base64 = base64 instanceof ArrayBuffer ? new TextDecoder().decode(base64) : base64; // Is it using Lufi API?
var binary_string = window.atob(base64);
var len = binary_string.length;
var bytes = new Uint8Array(len);
@ -92,6 +108,12 @@ function spawnWebsocket(pa) {
} else {
console.log(`Getting slice ${data.part + 1} of ${data.total}`);
var slice = JSON.parse(res.shift());
// If file was used using Lufi API
if (slice.iv) {
slice.iv = new Uint8Array(Object.values(slice.iv))
}
var percent = Math.round(1000 * (data.part + 1)/data.total)/10;
var wClass = percent.toString().replace('.', '-');
var pb = $('#pb');
@ -101,8 +123,11 @@ function spawnWebsocket(pa) {
pb.attr('aria-valuenow', percent);
$('#pbt').html(`${percent}%`);
try {
var b64 = sjcl.decrypt(window.key, slice);
lufiApi.lufiCrypto.decrypt(window.key, slice).then((decrypted) => {
var b64 = decrypted;
window.a[data.part] = base64ToArrayBuffer(b64);
if (data.part + 1 === data.total) {
var blob = new Blob(a, { type: data.type });
@ -206,6 +231,9 @@ function spawnWebsocket(pa) {
}
}
}
}).catch((e) => {
console.error(e);
})
} catch (err) {
if (err.message === 'ccm: tag doesn\'t match') {
addAlert(i18n.badkey);

45
themes/default/public/js/lufi-up.js
View File

@ -1,5 +1,7 @@
// vim:set sw=4 ts=4 sts=4 ft=javascript expandtab:
import * as lufiApi from "/js/lufi-api.browser.js"
// total file counter
window.fc = 0;
// Cancelled files indexes
@ -267,18 +269,15 @@ function handleFiles(f) {
}
}
// Create random key
function genRandomKey() {
return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 10), 0);
}
// Create progress bar and call slicing and uploading function
function uploadFile(i, delay, del_at_first_view) {
// Prevent exiting page before full upload
window.onbeforeunload = confirmExit;
// Create a random key, different for all files
var randomkey = genRandomKey();
lufiApi.lufiCrypto.generateKey().then((random) => {
var randomKey = random;
// Get the file and properties
var file = window.fileList[i];
@ -306,7 +305,7 @@ function uploadFile(i, delay, del_at_first_view) {
</div>
<div class="progress">
<div id="progress-${window.fc}"
data-key="${randomkey}"
data-key="${randomKey}"
data-name="${name}"
aria-valuemax="100"
aria-valuemin="0"
@ -324,11 +323,14 @@ function uploadFile(i, delay, del_at_first_view) {
destroyBlock(this);
});
sliceAndUpload(randomkey, i, parts, 0, delay, del_at_first_view, null, null);
sliceAndUpload(randomKey, i, parts, 0, delay, del_at_first_view, null, null);
}).catch((e) => {
console.error(e);
});
}
// Get a slice of file and send it
function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short, mod_token) {
function sliceAndUpload(randomKey, i, parts, j, delay, del_at_first_view, short, mod_token) {
if (mod_token !== null && window.cancelled.includes(i)) {
var data = JSON.stringify({
id: short,
@ -356,6 +358,7 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
var file = window.fileList[i];
var slice = file.slice(j * window.sliceLength, (j + 1) * window.sliceLength, file.type);
var fr = new FileReader();
fr.onloadend = function() {
var sl = $(`#parts-${window.fc}`);
@ -370,7 +373,8 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
var b = window.btoa(bin);
// Encrypt it
var encrypted = sjcl.encrypt(randomkey, b);
lufiApi.lufiCrypto.encrypt(randomKey, new TextEncoder().encode(b).buffer).then((encryptedFile) => {
let encrypted = encryptedFile;
// Prepare json
var data = {
@ -388,12 +392,15 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
// number of the sent file in the queue
i: i
};
if ($('#file_pwd').length === 1) {
var pwd = $('#file_pwd').val();
if (pwd !== undefined && pwd !== null && pwd !== '') {
data['file_pwd'] = $('#file_pwd').val();
}
}
data = `${JSON.stringify(data)}XXMOJOXX${JSON.stringify(encrypted)}`;
var percent = Math.round(1000 * j/parts)/10;
@ -421,9 +428,14 @@ function sliceAndUpload(randomkey, i, parts, j, delay, del_at_first_view, short,
window.ws.send(data);
});
};
window.ws.send(data);
}
}).catch((e) => {
console.error(e);
})
}
fr.readAsBinaryString(slice);
}
}
@ -476,7 +488,6 @@ function updateProgressBar(data) {
var key = dp.attr('data-key');
if (j + 1 === parts) {
//
window.ws.onclose = function () {
console.log('Connection is closed.');
};
@ -690,19 +701,7 @@ $(document).ready(function() {
$('#zip-files').prop('checked', false);
$('#first-view').prop('checked', false);
$('#zipname').val('documents.zip');
if (!sjcl.random.isReady(10)) {
var loop = setInterval(function() {
if (!sjcl.random.isReady(10)) {
$('#not-enough-entropy').removeClass('hiddendiv');
} else {
$('#not-enough-entropy').addClass('hiddendiv');
bindDropZone();
clearInterval(loop);
}
}, 1000);
} else {
bindDropZone();
}
if (maxSize > 0) {
$('#max-file-size').text(i18n.maxSize.replace('XXX', filesize(maxSize)));
}

2
themes/default/templates/index.html.ep
View File

@ -165,5 +165,5 @@
%= javascript '/js/filesize.min.js'
%= javascript '/js/jszip.min.js'
%= javascript '/js/lufi-notifications.js'
%= javascript '/js/lufi-up.js'
% }
<script type="module" src="/js/lufi-up.js"></script>

2
themes/default/templates/render.html.ep
View File

@ -46,8 +46,8 @@
%= javascript '/js/sjcl.js'
%= javascript '/js/jszip.min.js'
%= javascript '/js/lufi-notifications.js'
%= javascript '/js/lufi-down.js'
% }
% }
<script type="module" src="/js/lufi-down.js"></script>
</div>
</div>