dylan.derr/Send
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

big refactor

Browse source
This commit is contained in:
Danny Coates 2018-01-24 10:23:13 -08:00
parent dd448cb3ed
commit 565e47aef8
No known key found for this signature in database
GPG key ID: 4C442633C62E00CB
37 changed files with 1095 additions and 943 deletions
Download patch file Download diff file Expand all files Collapse all files

274
app/fileReceiver.js
View file

@ -1,104 +1,21 @@
import Nanobus from 'nanobus';
import { arrayToB64, b64ToArray, bytes } from './utils';
import Keychain from './keychain';
import { bytes } from './utils';
import { metadata, downloadFile } from './api';
export default class FileReceiver extends Nanobus {
constructor(url, file) {
constructor(fileInfo) {
super('FileReceiver');
this.secretKeyPromise = window.crypto.subtle.importKey(
'raw',
b64ToArray(file.secretKey),
'HKDF',
false,
['deriveKey']
);
this.encryptKeyPromise = this.secretKeyPromise.then(sk => {
const encoder = new TextEncoder();
return window.crypto.subtle.deriveKey(
{
name: 'HKDF',
salt: new Uint8Array(),
info: encoder.encode('encryption'),
hash: 'SHA-256'
},
sk,
{
name: 'AES-GCM',
length: 128
},
false,
['decrypt']
);
});
if (file.pwd) {
const encoder = new TextEncoder();
this.authKeyPromise = window.crypto.subtle
.importKey(
'raw',
encoder.encode(file.password),
{ name: 'PBKDF2' },
false,
['deriveKey']
)
.then(pwdKey =>
window.crypto.subtle.deriveKey(
{
name: 'PBKDF2',
salt: encoder.encode(file.url),
iterations: 100,
hash: 'SHA-256'
},
pwdKey,
{
name: 'HMAC',
hash: 'SHA-256'
},
true,
['sign']
)
);
} else {
this.authKeyPromise = this.secretKeyPromise.then(sk => {
const encoder = new TextEncoder();
return window.crypto.subtle.deriveKey(
{
name: 'HKDF',
salt: new Uint8Array(),
info: encoder.encode('authentication'),
hash: 'SHA-256'
},
sk,
{
name: 'HMAC',
hash: { name: 'SHA-256' }
},
false,
['sign']
);
});
this.keychain = new Keychain(fileInfo.secretKey, fileInfo.nonce);
if (fileInfo.requiresPassword) {
this.keychain.setPassword(fileInfo.password, fileInfo.url);
}
this.metaKeyPromise = this.secretKeyPromise.then(sk => {
const encoder = new TextEncoder();
return window.crypto.subtle.deriveKey(
{
name: 'HKDF',
salt: new Uint8Array(),
info: encoder.encode('metadata'),
hash: 'SHA-256'
},
sk,
{
name: 'AES-GCM',
length: 128
},
false,
['decrypt']
);
});
this.file = file;
this.url = url;
this.fileInfo = fileInfo;
this.fileDownload = null;
this.msg = 'fileSizeProgress';
this.state = 'initialized';
this.progress = [0, 1];
this.cancelled = false;
}
get progressRatio() {
@ -113,160 +30,51 @@ export default class FileReceiver extends Nanobus {
}
cancel() {
// TODO
}
async fetchMetadata(nonce) {
const authHeader = await this.getAuthHeader(nonce);
return new Promise((resolve, reject) => {
const xhr = new XMLHttpRequest();
xhr.onreadystatechange = () => {
if (xhr.readyState === XMLHttpRequest.DONE) {
if (xhr.status === 404) {
return reject(new Error(xhr.status));
}
const nonce = xhr.getResponseHeader('WWW-Authenticate').split(' ')[1];
this.file.nonce = nonce;
if (xhr.status === 200) {
return resolve(xhr.response);
}
const err = new Error(xhr.status);
err.nonce = nonce;
reject(err);
}
};
xhr.onerror = () => reject(new Error(0));
xhr.ontimeout = () => reject(new Error(0));
xhr.open('get', `/api/metadata/${this.file.id}`);
xhr.setRequestHeader('Authorization', authHeader);
xhr.responseType = 'json';
xhr.timeout = 2000;
xhr.send();
});
}
async getMetadata(nonce) {
let data = null;
try {
try {
data = await this.fetchMetadata(nonce);
} catch (e) {
if (e.message === '401' && nonce !== e.nonce) {
// allow one retry for changed nonce
data = await this.fetchMetadata(e.nonce);
} else {
throw e;
}
}
const metaKey = await this.metaKeyPromise;
const json = await window.crypto.subtle.decrypt(
{
name: 'AES-GCM',
iv: new Uint8Array(12),
tagLength: 128
},
metaKey,
b64ToArray(data.metadata)
);
const decoder = new TextDecoder();
const meta = JSON.parse(decoder.decode(json));
this.file.name = meta.name;
this.file.type = meta.type;
this.file.iv = meta.iv;
this.file.size = data.size;
this.file.ttl = data.ttl;
this.file.dlimit = data.dlimit;
this.file.dtotal = data.dtotal;
this.state = 'ready';
} catch (e) {
this.state = 'invalid';
throw e;
this.cancelled = true;
if (this.fileDownload) {
this.fileDownload.cancel();
}
}
async downloadFile(nonce) {
const authHeader = await this.getAuthHeader(nonce);
return new Promise((resolve, reject) => {
const xhr = new XMLHttpRequest();
xhr.onprogress = event => {
if (event.lengthComputable && event.target.status !== 404) {
this.progress = [event.loaded, event.total];
this.emit('progress', this.progress);
}
};
xhr.onload = event => {
if (xhr.status === 404) {
reject(new Error('notfound'));
return;
}
if (xhr.status !== 200) {
const err = new Error(xhr.status);
err.nonce = xhr.getResponseHeader('WWW-Authenticate').split(' ')[1];
return reject(err);
}
const blob = new Blob([xhr.response]);
const fileReader = new FileReader();
fileReader.onload = function() {
resolve(this.result);
};
fileReader.readAsArrayBuffer(blob);
};
xhr.open('get', this.url);
xhr.setRequestHeader('Authorization', authHeader);
xhr.responseType = 'blob';
xhr.send();
});
async getMetadata() {
const meta = await metadata(this.fileInfo.id, this.keychain);
if (meta) {
this.keychain.setIV(meta.iv);
this.fileInfo.name = meta.name;
this.fileInfo.type = meta.type;
this.fileInfo.iv = meta.iv;
this.fileInfo.size = meta.size;
this.state = 'ready';
return;
}
this.state = 'invalid';
return;
}
async getAuthHeader(nonce) {
const authKey = await this.authKeyPromise;
const sig = await window.crypto.subtle.sign(
{
name: 'HMAC'
},
authKey,
b64ToArray(nonce)
);
return `send-v1 ${arrayToB64(new Uint8Array(sig))}`;
}
async download(nonce) {
async download() {
this.state = 'downloading';
this.emit('progress', this.progress);
try {
const encryptKey = await this.encryptKeyPromise;
let ciphertext = null;
try {
ciphertext = await this.downloadFile(nonce);
} catch (e) {
if (e.message === '401' && nonce !== e.nonce) {
ciphertext = await this.downloadFile(e.nonce);
} else {
throw e;
}
}
const download = await downloadFile(this.fileInfo.id, this.keychain);
download.onprogress = p => {
this.progress = p;
this.emit('progress', p);
};
this.fileDownload = download;
const ciphertext = await download.result;
this.fileDownload = null;
this.msg = 'decryptingFile';
this.emit('decrypting');
const plaintext = await window.crypto.subtle.decrypt(
{
name: 'AES-GCM',
iv: b64ToArray(this.file.iv),
tagLength: 128
},
encryptKey,
ciphertext
);
const plaintext = await this.keychain.decryptFile(ciphertext);
if (this.cancelled) {
throw new Error(0);
}
this.msg = 'downloadFinish';
this.state = 'complete';
return {
plaintext,
name: decodeURIComponent(this.file.name),
type: this.file.type
name: decodeURIComponent(this.fileInfo.name),
type: this.fileInfo.type
};
} catch (e) {
this.state = 'invalid';