]+\b)src=['"][^'">]+['"]/ig, function(match, prefix) {
+ return prefix;
+ });
+ }
- document.body.innerHTML = html;
+ document.body.innerHTML = html;
- scaleToFit();
- };
+ scaleToFit();
+};
- window.addEventListener('resize', scaleToFit);
+window.addEventListener('resize', scaleToFit);
- /**
- * Parse email body and generate conversation nodes
- * @param {Object} email The email object
- * @return {Node} The root node of the conversion
- */
- function parseConversation(textBody) {
- var nodes;
+/**
+ * Parse email body and generate conversation nodes
+ * @param {Object} email The email object
+ * @return {Node} The root node of the conversion
+ */
+function parseConversation(textBody) {
+ var nodes;
- function parseLines(body) {
- var lines = [];
- body.split('\n').forEach(parseLine);
+ function parseLines(body) {
+ var lines = [];
+ body.split('\n').forEach(parseLine);
- function parseLine(line) {
- var regex = /^>*/;
- var result = regex.exec(line);
+ function parseLine(line) {
+ var regex = /^>*/;
+ var result = regex.exec(line);
- lines.push({
- text: line.replace(regex, '').trim(),
- level: (result && result.length > 0) ? result[0].length : 0
- });
- }
-
- return lines;
+ lines.push({
+ text: line.replace(regex, '').trim(),
+ level: (result && result.length > 0) ? result[0].length : 0
+ });
}
- function buildTextNodes(lines) {
- var i, j, root, currentLevel, currentNode, levelDelta;
-
- root = new Node();
- currentLevel = 0;
- currentNode = root;
+ return lines;
+ }
- // iterate over text lines
- for (i = 0; i < lines.length; i++) {
- levelDelta = lines[i].level - currentLevel;
-
- if (levelDelta === 0) {
- // we are at the desired node ... no traversal required
- } else if (levelDelta > 0) {
- // traverse to child node(s)
- for (j = 0; j < levelDelta; j++) {
- var newChild = new Node(currentNode);
- // create new child node
- currentNode.children.push(newChild);
- // go to last child node
- currentNode = newChild;
- // increase current level by one
- currentLevel++;
- }
- } else {
- // traverse to parent(s)
- for (j = levelDelta; j < 0; j++) {
- currentNode = currentNode.parent;
- currentLevel--;
- }
+ function buildTextNodes(lines) {
+ var i, j, root, currentLevel, currentNode, levelDelta;
+
+ root = new Node();
+ currentLevel = 0;
+ currentNode = root;
+
+ // iterate over text lines
+ for (i = 0; i < lines.length; i++) {
+ levelDelta = lines[i].level - currentLevel;
+
+ if (levelDelta === 0) {
+ // we are at the desired node ... no traversal required
+ } else if (levelDelta > 0) {
+ // traverse to child node(s)
+ for (j = 0; j < levelDelta; j++) {
+ var newChild = new Node(currentNode);
+ // create new child node
+ currentNode.children.push(newChild);
+ // go to last child node
+ currentNode = newChild;
+ // increase current level by one
+ currentLevel++;
+ }
+ } else {
+ // traverse to parent(s)
+ for (j = levelDelta; j < 0; j++) {
+ currentNode = currentNode.parent;
+ currentLevel--;
}
-
- // add text to the current node
- currentNode.addLine(lines[i].text);
}
- return root;
+ // add text to the current node
+ currentNode.addLine(lines[i].text);
}
- function Node(parent) {
- this.parent = parent;
- this.children = [];
- }
- Node.prototype.addLine = function(lineText) {
- var c, l;
-
- c = this.children;
- l = c.length;
+ return root;
+ }
- // append text node to children if last child is not a text node
- if (l < 1 || typeof c[l - 1] !== 'string') {
- c[l] = '';
- l = c.length;
- }
+ function Node(parent) {
+ this.parent = parent;
+ this.children = [];
+ }
+ Node.prototype.addLine = function(lineText) {
+ var c, l;
- // append line to last child (add newline between lines)
- c[l - 1] += lineText + '\n';
- };
+ c = this.children;
+ l = c.length;
- function removeParentReference(node) {
- if (!node.children) {
- // this is a text leaf ... terminate recursion
- return;
- }
+ // append text node to children if last child is not a text node
+ if (l < 1 || typeof c[l - 1] !== 'string') {
+ c[l] = '';
+ l = c.length;
+ }
- // remove parent node to prevent infinite loop in JSON stringify
- delete node.parent;
+ // append line to last child (add newline between lines)
+ c[l - 1] += lineText + '\n';
+ };
- for (var i = 0; i < node.children.length; i++) {
- if (typeof node.children[i] === 'string') {
- // remove trailing newline in string
- node.children[i] = node.children[i].replace(/\n$/, '');
- } else {
- // I used recursion ...
- removeParentReference(node.children[i]);
- }
- }
+ function removeParentReference(node) {
+ if (!node.children) {
+ // this is a text leaf ... terminate recursion
+ return;
}
- nodes = buildTextNodes(parseLines(textBody.replace(/ >/g, '>')));
- removeParentReference(nodes);
+ // remove parent node to prevent infinite loop in JSON stringify
+ delete node.parent;
- return nodes;
+ for (var i = 0; i < node.children.length; i++) {
+ if (typeof node.children[i] === 'string') {
+ // remove trailing newline in string
+ node.children[i] = node.children[i].replace(/\n$/, '');
+ } else {
+ // I used recursion ...
+ removeParentReference(node.children[i]);
+ }
+ }
}
- /**
- * Render the conversation nodes as markup. This is not injected directly into the DOM, but rather send to a sandboxed iframe to be rendered
- * @param {Node} root The conversation root node
- * @return {Strin} The conversation as markup
- */
- function renderNodes(root) {
- var body = '';
-
- function render(node) {
- var i, html = '';
- if (!node.children) {
- // this is a text leaf
- var lines = node.split('\n');
- for (i = 0; i < lines.length; i++) {
- // replace all urls with anchors
- lines[i] = lines[i].replace(/(https?:\/\/[^\s]+)/g, createArchor);
- // wrap line into an element for easier styling
- html += '' + lines[i] + '
';
+ nodes = buildTextNodes(parseLines(textBody.replace(/ >/g, '>')));
+ removeParentReference(nodes);
+
+ return nodes;
+}
+
+/**
+ * Render the conversation nodes as markup. This is not injected directly into the DOM, but rather send to a sandboxed iframe to be rendered
+ * @param {Node} root The conversation root node
+ * @return {Strin} The conversation as markup
+ */
+function renderNodes(root) {
+ var body = '';
+
+ function render(node) {
+ var i, html = '';
+ if (!node.children) {
+ // this is a text leaf
+ var lines = node.split('\n');
+ for (i = 0; i < lines.length; i++) {
+ // replace all urls with anchors
+ lines[i] = lines[i].replace(/(https?:\/\/[^\s]+)/g, createArchor);
+ // wrap line into an element for easier styling
+ html += '' + lines[i] + '
';
}
-
- for (i = 0; i < node.children.length; i++) {
- html += '' + render(node.children[i]) + '
';
- }
-
return html;
}
- function createArchor(url) {
- return '' + url + '';
+ for (i = 0; i < node.children.length; i++) {
+ html += '' + render(node.children[i]) + '
';
}
- function isLineEmpty(line) {
- return line.replace(/>/g, '').trim().length === 0;
- }
+ return html;
+ }
- for (var j = 0; j < root.children.length; j++) {
- // start by rendering the root nodes children
- body += render(root.children[j]);
- }
+ function createArchor(url) {
+ return '' + url + '';
+ }
- return '' + body + '
';
+ function isLineEmpty(line) {
+ return line.replace(/>/g, '').trim().length === 0;
}
- /**
- * Transform scale content to fit iframe width
- */
- function scaleToFit() {
- var view = document.getElementsByClassName('scale-body').item(0);
- if(!view) {
- return;
- }
+ for (var j = 0; j < root.children.length; j++) {
+ // start by rendering the root nodes children
+ body += render(root.children[j]);
+ }
- var parentWidth = view.parentNode.offsetWidth;
- var w = view.offsetWidth;
- var scale = '';
+ return '' + body + '
';
+}
- if(w > parentWidth) {
- scale = parentWidth / w;
- scale = 'scale(' + scale + ',' + scale + ')';
- }
+/**
+ * Transform scale content to fit iframe width
+ */
+function scaleToFit() {
+ var view = document.getElementsByClassName('scale-body').item(0);
+ if (!view) {
+ return;
+ }
+
+ var parentWidth = view.parentNode.offsetWidth;
+ var w = view.offsetWidth;
+ var scale = '';
- view.style['-webkit-transform-origin'] = '0 0';
- view.style.transformOrigin = '0 0';
- view.style['-webkit-transform'] = scale;
- view.style.transform = scale;
+ if (w > parentWidth) {
+ scale = parentWidth / w;
+ scale = 'scale(' + scale + ',' + scale + ')';
}
-})();
\ No newline at end of file
+ view.style['-webkit-transform-origin'] = '0 0';
+ view.style.transformOrigin = '0 0';
+ view.style['-webkit-transform'] = scale;
+ view.style.transform = scale;
+}
\ No newline at end of file
diff --git a/src/js/controller/read.js b/src/js/controller/read.js
index dc3ea9c..26aea1c 100644
--- a/src/js/controller/read.js
+++ b/src/js/controller/read.js
@@ -1,286 +1,283 @@
-define(function(require) {
- 'use strict';
-
- var appController = require('js/app-controller'),
- download = require('js/util/download'),
- angular = require('angular'),
- str = require('js/app-config').string,
- emailDao, invitationDao, outbox, pgp, keychain;
-
- //
- // Controller
- //
-
- var ReadCtrl = function($scope) {
-
- emailDao = appController._emailDao;
- invitationDao = appController._invitationDao;
- outbox = appController._outboxBo;
- pgp = appController._pgp;
- keychain = appController._keychain;
-
- // set default value so that the popover height is correct on init
- $scope.keyId = 'No key found.';
-
- $scope.state.read = {
- open: false,
- toggle: function(to) {
- this.open = to;
- }
- };
+'use strict';
- $scope.getKeyId = function(address) {
- $scope.keyId = 'Searching...';
- keychain.getReceiverPublicKey(address, function(err, pubkey) {
- if (err) {
- $scope.onError(err);
- return;
- }
+var appController = require('../app-controller'),
+ download = require('../util/download'),
+ str = require('../app-config').string,
+ emailDao, invitationDao, outbox, pgp, keychain;
- if (!pubkey) {
- $scope.keyId = 'User has no key. Click to invite.';
- $scope.$apply();
- return;
- }
+//
+// Controller
+//
- var fpr = pgp.getFingerprint(pubkey.publicKey);
- var formatted = fpr.slice(32);
+var ReadCtrl = function($scope) {
- $scope.keyId = 'PGP key: ' + formatted;
- $scope.$apply();
- });
- };
+ emailDao = appController._emailDao;
+ invitationDao = appController._invitationDao;
+ outbox = appController._outboxBo;
+ pgp = appController._pgp;
+ keychain = appController._keychain;
+
+ // set default value so that the popover height is correct on init
+ $scope.keyId = 'No key found.';
+
+ $scope.state.read = {
+ open: false,
+ toggle: function(to) {
+ this.open = to;
+ }
+ };
- $scope.$watch('state.mailList.selected', function(mail) {
- if (!mail) {
+ $scope.getKeyId = function(address) {
+ $scope.keyId = 'Searching...';
+ keychain.getReceiverPublicKey(address, function(err, pubkey) {
+ if (err) {
+ $scope.onError(err);
return;
}
- // display sender security status
- mail.from.forEach(checkPublicKey);
- // display recipient security status
- mail.to.forEach(checkPublicKey);
- // display recipient security status
- Array.isArray(mail.cc) && mail.cc.forEach(checkPublicKey);
+ if (!pubkey) {
+ $scope.keyId = 'User has no key. Click to invite.';
+ $scope.$apply();
+ return;
+ }
+
+ var fpr = pgp.getFingerprint(pubkey.publicKey);
+ var formatted = fpr.slice(32);
+
+ $scope.keyId = 'PGP key: ' + formatted;
+ $scope.$apply();
});
+ };
- function checkPublicKey(user) {
- user.secure = undefined;
+ $scope.$watch('state.mailList.selected', function(mail) {
+ if (!mail) {
+ return;
+ }
- if (!keychain) {
+ // display sender security status
+ mail.from.forEach(checkPublicKey);
+ // display recipient security status
+ mail.to.forEach(checkPublicKey);
+ // display recipient security status
+ Array.isArray(mail.cc) && mail.cc.forEach(checkPublicKey);
+ });
+
+ function checkPublicKey(user) {
+ user.secure = undefined;
+
+ if (!keychain) {
+ return;
+ }
+
+ keychain.getReceiverPublicKey(user.address, function(err, pubkey) {
+ if (err) {
+ $scope.onError(err);
return;
}
- keychain.getReceiverPublicKey(user.address, function(err, pubkey) {
- if (err) {
- $scope.onError(err);
- return;
- }
-
- if (pubkey && pubkey.publicKey) {
- user.secure = true;
- } else {
- user.secure = false;
- }
+ if (pubkey && pubkey.publicKey) {
+ user.secure = true;
+ } else {
+ user.secure = false;
+ }
- $scope.$apply();
+ $scope.$apply();
+ });
+ }
+
+ $scope.download = function(attachment) {
+ // download file to disk if content is available
+ if (attachment.content) {
+ download.createDownload({
+ content: attachment.content,
+ filename: attachment.filename,
+ contentType: attachment.mimeType
});
+ return;
}
- $scope.download = function(attachment) {
- // download file to disk if content is available
- if (attachment.content) {
- download.createDownload({
- content: attachment.content,
- filename: attachment.filename,
- contentType: attachment.mimeType
- });
- return;
- }
+ var folder = $scope.state.nav.currentFolder;
+ var email = $scope.state.mailList.selected;
+ emailDao.getAttachment({
+ folder: folder,
+ uid: email.uid,
+ attachment: attachment
+ }, $scope.onError);
+ };
- var folder = $scope.state.nav.currentFolder;
- var email = $scope.state.mailList.selected;
- emailDao.getAttachment({
- folder: folder,
- uid: email.uid,
- attachment: attachment
- }, $scope.onError);
- };
+ $scope.invite = function(user) {
+ // only invite non-pgp users
+ if (user.secure) {
+ return;
+ }
+
+ $scope.keyId = 'Sending invitation...';
- $scope.invite = function(user) {
- // only invite non-pgp users
- if (user.secure) {
+ var sender = emailDao._account.emailAddress,
+ recipient = user.address;
+
+ invitationDao.invite({
+ recipient: recipient,
+ sender: sender
+ }, function(err) {
+ if (err) {
+ $scope.onError(err);
return;
}
- $scope.keyId = 'Sending invitation...';
-
- var sender = emailDao._account.emailAddress,
- recipient = user.address;
-
- invitationDao.invite({
- recipient: recipient,
- sender: sender
- }, function(err) {
- if (err) {
- $scope.onError(err);
- return;
- }
-
- var invitationMail = {
- from: [{
- address: sender
- }],
- to: [{
- address: recipient
- }],
- cc: [],
- bcc: [],
- subject: str.invitationSubject,
- body: str.invitationMessage
- };
+ var invitationMail = {
+ from: [{
+ address: sender
+ }],
+ to: [{
+ address: recipient
+ }],
+ cc: [],
+ bcc: [],
+ subject: str.invitationSubject,
+ body: str.invitationMessage
+ };
- // send invitation mail
- outbox.put(invitationMail, $scope.onError);
- });
- };
+ // send invitation mail
+ outbox.put(invitationMail, $scope.onError);
+ });
};
+};
- //
- // Directives
- //
+//
+// Directives
+//
- var ngModule = angular.module('read', []);
+var ngModule = angular.module('read', []);
- ngModule.directive('replySelection', function() {
- return function(scope, elm) {
- var popover, visible;
+ngModule.directive('replySelection', function() {
+ return function(scope, elm) {
+ var popover, visible;
- popover = angular.element(document.querySelector('.reply-selection'));
- visible = false;
+ popover = angular.element(document.querySelector('.reply-selection'));
+ visible = false;
- elm.on('touchstart click', appear);
- elm.parent().parent().on('touchstart click', disappear);
- popover.on('touchstart click', disappear);
+ elm.on('touchstart click', appear);
+ elm.parent().parent().on('touchstart click', disappear);
+ popover.on('touchstart click', disappear);
- function appear(e) {
- e.preventDefault();
- e.stopPropagation();
+ function appear(e) {
+ e.preventDefault();
+ e.stopPropagation();
- visible = true;
+ visible = true;
- // set popover position
- var top = elm[0].offsetTop;
- var left = elm[0].offsetLeft;
- var width = elm[0].offsetWidth;
- var height = elm[0].offsetHeight;
+ // set popover position
+ var top = elm[0].offsetTop;
+ var left = elm[0].offsetLeft;
+ var width = elm[0].offsetWidth;
+ var height = elm[0].offsetHeight;
- popover[0].style.transition = 'opacity 0.1s linear';
- popover[0].style.top = (top + height) + 'px';
- popover[0].style.left = (left + width / 2 - popover[0].offsetWidth / 2) + 'px';
- popover[0].style.opacity = '1';
- }
+ popover[0].style.transition = 'opacity 0.1s linear';
+ popover[0].style.top = (top + height) + 'px';
+ popover[0].style.left = (left + width / 2 - popover[0].offsetWidth / 2) + 'px';
+ popover[0].style.opacity = '1';
+ }
- function disappear() {
- if (!visible) {
- return;
- }
+ function disappear() {
+ if (!visible) {
+ return;
+ }
- popover[0].style.transition = 'opacity 0.25s linear, top 0.25s step-end, left 0.25s step-end';
- popover[0].style.opacity = '0';
- popover[0].style.top = '-9999px';
- popover[0].style.left = '-9999px';
- visible = false;
+ popover[0].style.transition = 'opacity 0.25s linear, top 0.25s step-end, left 0.25s step-end';
+ popover[0].style.opacity = '0';
+ popover[0].style.top = '-9999px';
+ popover[0].style.left = '-9999px';
+ visible = false;
+ }
+ };
+});
+
+ngModule.directive('frameLoad', function($timeout, $window) {
+ return function(scope, elm) {
+ var iframe = elm[0];
+
+ scope.$watch('state.read.open', function(open) {
+ if (open) {
+ // trigger rendering of iframe
+ // otherwise scale to fit would not compute correct dimensions on mobile
+ displayText(scope.state.mailList.selected ? scope.state.mailList.selected.body : undefined);
+ displayHtml(scope.state.mailList.selected ? scope.state.mailList.selected.html : undefined);
}
- };
- });
+ });
- ngModule.directive('frameLoad', function($timeout, $window) {
- return function(scope, elm) {
- var iframe = elm[0];
-
- scope.$watch('state.read.open', function(open) {
- if (open) {
- // trigger rendering of iframe
- // otherwise scale to fit would not compute correct dimensions on mobile
- displayText(scope.state.mailList.selected ? scope.state.mailList.selected.body : undefined);
- displayHtml(scope.state.mailList.selected ? scope.state.mailList.selected.html : undefined);
- }
- });
+ $window.addEventListener('resize', scaleToFit);
- $window.addEventListener('resize', scaleToFit);
+ iframe.onload = function() {
+ // set listeners
+ scope.$watch('state.mailList.selected.body', displayText);
+ scope.$watch('state.mailList.selected.html', displayHtml);
+ // display initial message body
+ scope.$apply();
+ };
- iframe.onload = function() {
- // set listeners
- scope.$watch('state.mailList.selected.body', displayText);
- scope.$watch('state.mailList.selected.html', displayHtml);
- // display initial message body
- scope.$apply();
- };
+ function displayText(body) {
+ var mail = scope.state.mailList.selected;
+ if ((mail && mail.html) || (mail && mail.encrypted && !mail.decrypted)) {
+ return;
+ }
- function displayText(body) {
- var mail = scope.state.mailList.selected;
- if ((mail && mail.html) || (mail && mail.encrypted && !mail.decrypted)) {
- return;
- }
+ // send text body for rendering in iframe
+ iframe.contentWindow.postMessage({
+ text: body
+ }, '*');
- // send text body for rendering in iframe
- iframe.contentWindow.postMessage({
- text: body
- }, '*');
+ $timeout(scaleToFit, 0);
+ }
- $timeout(scaleToFit, 0);
+ function displayHtml(html) {
+ if (!html) {
+ return;
}
- function displayHtml(html) {
- if (!html) {
- return;
- }
-
- // if there are image tags in the html?
- var hasImages = /]+\bsrc=['"][^'">]+['"]/ig.test(html);
- scope.showImageButton = hasImages;
-
- iframe.contentWindow.postMessage({
- html: html,
- removeImages: hasImages // avoids doing unnecessary work on the html
- }, '*');
-
- // only add a scope function to reload the html if there are images
- if (hasImages) {
- // reload WITH images
- scope.displayImages = function() {
- scope.showImageButton = false;
- iframe.contentWindow.postMessage({
- html: html,
- removeImages: false
- }, '*');
- };
- }
-
- $timeout(scaleToFit, 0);
+ // if there are image tags in the html?
+ var hasImages = /]+\bsrc=['"][^'">]+['"]/ig.test(html);
+ scope.showImageButton = hasImages;
+
+ iframe.contentWindow.postMessage({
+ html: html,
+ removeImages: hasImages // avoids doing unnecessary work on the html
+ }, '*');
+
+ // only add a scope function to reload the html if there are images
+ if (hasImages) {
+ // reload WITH images
+ scope.displayImages = function() {
+ scope.showImageButton = false;
+ iframe.contentWindow.postMessage({
+ html: html,
+ removeImages: false
+ }, '*');
+ };
}
- // transform scale iframe (necessary on iOS) to fit container width
- function scaleToFit() {
- var parentWidth = elm.parent().width();
- var w = elm.width();
- var scale = '';
-
- if (w > parentWidth) {
- scale = parentWidth / w;
- scale = 'scale(' + scale + ',' + scale + ')';
- }
-
- elm.css({
- '-webkit-transform-origin': '0 0',
- 'transform-origin': '0 0',
- '-webkit-transform': scale,
- 'transform': scale
- });
+ $timeout(scaleToFit, 0);
+ }
+
+ // transform scale iframe (necessary on iOS) to fit container width
+ function scaleToFit() {
+ var parentWidth = elm.parent().width();
+ var w = elm.width();
+ var scale = '';
+
+ if (w > parentWidth) {
+ scale = parentWidth / w;
+ scale = 'scale(' + scale + ',' + scale + ')';
}
- };
- });
- return ReadCtrl;
-});
\ No newline at end of file
+ elm.css({
+ '-webkit-transform-origin': '0 0',
+ 'transform-origin': '0 0',
+ '-webkit-transform': scale,
+ 'transform': scale
+ });
+ }
+ };
+});
+
+module.exports = ReadCtrl;
\ No newline at end of file
diff --git a/src/js/controller/set-passphrase.js b/src/js/controller/set-passphrase.js
index 726c78b..724af8d 100644
--- a/src/js/controller/set-passphrase.js
+++ b/src/js/controller/set-passphrase.js
@@ -1,138 +1,136 @@
-define(function(require) {
- 'use strict';
+'use strict';
- var appController = require('js/app-controller'),
- pgp, keychain;
+var appController = require('../app-controller'),
+ pgp, keychain;
- //
- // Controller
- //
+//
+// Controller
+//
- var SetPassphraseCtrl = function($scope) {
- keychain = appController._keychain;
- pgp = appController._pgp;
+var SetPassphraseCtrl = function($scope) {
+ keychain = appController._keychain;
+ pgp = appController._pgp;
- $scope.state.setPassphrase = {
- toggle: function(to) {
- $scope.state.lightbox = (to) ? 'set-passphrase' : undefined;
+ $scope.state.setPassphrase = {
+ toggle: function(to) {
+ $scope.state.lightbox = (to) ? 'set-passphrase' : undefined;
- $scope.newPassphrase = undefined;
- $scope.oldPassphrase = undefined;
- $scope.confirmation = undefined;
- $scope.passphraseMsg = undefined;
- }
- };
+ $scope.newPassphrase = undefined;
+ $scope.oldPassphrase = undefined;
+ $scope.confirmation = undefined;
+ $scope.passphraseMsg = undefined;
+ }
+ };
- //
- // scope variables
- //
-
- //
- // scope functions
- //
-
- /*
- * Taken from jQuery validate.password plug-in 1.0
- * http://bassistance.de/jquery-plugins/jquery-plugin-validate.password/
- *
- * Copyright (c) 2009 Jörn Zaefferer
- *
- * Licensed under the MIT
- * http://www.opensource.org/licenses/mit-license.php
- */
- $scope.checkPassphraseQuality = function() {
- var passphrase = $scope.newPassphrase;
- $scope.passphraseRating = 0;
-
- var LOWER = /[a-z]/,
- UPPER = /[A-Z]/,
- DIGIT = /[0-9]/,
- DIGITS = /[0-9].*[0-9]/,
- SPECIAL = /[^a-zA-Z0-9]/,
- SAME = /^(.)\1+$/;
-
- function uncapitalize(str) {
- return str.substring(0, 1).toLowerCase() + str.substring(1);
- }
+ //
+ // scope variables
+ //
- if (!passphrase) {
- // no rating for empty passphrase
- $scope.passphraseMsg = '';
- return;
- }
+ //
+ // scope functions
+ //
- if (passphrase.length < 8 || SAME.test(passphrase)) {
- $scope.passphraseMsg = 'Very weak';
- return;
- }
+ /*
+ * Taken from jQuery validate.password plug-in 1.0
+ * http://bassistance.de/jquery-plugins/jquery-plugin-validate.password/
+ *
+ * Copyright (c) 2009 Jörn Zaefferer
+ *
+ * Licensed under the MIT
+ * http://www.opensource.org/licenses/mit-license.php
+ */
+ $scope.checkPassphraseQuality = function() {
+ var passphrase = $scope.newPassphrase;
+ $scope.passphraseRating = 0;
+
+ var LOWER = /[a-z]/,
+ UPPER = /[A-Z]/,
+ DIGIT = /[0-9]/,
+ DIGITS = /[0-9].*[0-9]/,
+ SPECIAL = /[^a-zA-Z0-9]/,
+ SAME = /^(.)\1+$/;
+
+ function uncapitalize(str) {
+ return str.substring(0, 1).toLowerCase() + str.substring(1);
+ }
- var lower = LOWER.test(passphrase),
- upper = UPPER.test(uncapitalize(passphrase)),
- digit = DIGIT.test(passphrase),
- digits = DIGITS.test(passphrase),
- special = SPECIAL.test(passphrase);
-
- if (lower && upper && digit || lower && digits || upper && digits || special) {
- $scope.passphraseMsg = 'Strong';
- $scope.passphraseRating = 3;
- } else if (lower && upper || lower && digit || upper && digit) {
- $scope.passphraseMsg = 'Good';
- $scope.passphraseRating = 2;
- } else {
- $scope.passphraseMsg = 'Weak';
- $scope.passphraseRating = 1;
- }
- };
+ if (!passphrase) {
+ // no rating for empty passphrase
+ $scope.passphraseMsg = '';
+ return;
+ }
- $scope.setPassphrase = function() {
- var keyId = pgp.getKeyParams()._id;
- keychain.lookupPrivateKey(keyId, function(err, savedKey) {
- if (err) {
- $scope.onError(err);
- return;
- }
-
- pgp.changePassphrase({
- privateKeyArmored: savedKey.encryptedKey,
- oldPassphrase: $scope.oldPassphrase,
- newPassphrase: $scope.newPassphrase
- }, onPassphraseChanged);
- });
- };
+ if (passphrase.length < 8 || SAME.test(passphrase)) {
+ $scope.passphraseMsg = 'Very weak';
+ return;
+ }
- function onPassphraseChanged(err, newPrivateKeyArmored) {
+ var lower = LOWER.test(passphrase),
+ upper = UPPER.test(uncapitalize(passphrase)),
+ digit = DIGIT.test(passphrase),
+ digits = DIGITS.test(passphrase),
+ special = SPECIAL.test(passphrase);
+
+ if (lower && upper && digit || lower && digits || upper && digits || special) {
+ $scope.passphraseMsg = 'Strong';
+ $scope.passphraseRating = 3;
+ } else if (lower && upper || lower && digit || upper && digit) {
+ $scope.passphraseMsg = 'Good';
+ $scope.passphraseRating = 2;
+ } else {
+ $scope.passphraseMsg = 'Weak';
+ $scope.passphraseRating = 1;
+ }
+ };
+
+ $scope.setPassphrase = function() {
+ var keyId = pgp.getKeyParams()._id;
+ keychain.lookupPrivateKey(keyId, function(err, savedKey) {
if (err) {
- err.showBugReporter = false;
$scope.onError(err);
return;
}
- // persist new armored key
- var keyParams = pgp.getKeyParams(newPrivateKeyArmored);
- var privateKey = {
- _id: keyParams._id,
- userId: keyParams.userId,
- userIds: keyParams.userIds,
- encryptedKey: newPrivateKeyArmored
- };
+ pgp.changePassphrase({
+ privateKeyArmored: savedKey.encryptedKey,
+ oldPassphrase: $scope.oldPassphrase,
+ newPassphrase: $scope.newPassphrase
+ }, onPassphraseChanged);
+ });
+ };
- keychain.saveLocalPrivateKey(privateKey, onKeyPersisted);
+ function onPassphraseChanged(err, newPrivateKeyArmored) {
+ if (err) {
+ err.showBugReporter = false;
+ $scope.onError(err);
+ return;
}
- function onKeyPersisted(err) {
- if (err) {
- $scope.onError(err);
- return;
- }
+ // persist new armored key
+ var keyParams = pgp.getKeyParams(newPrivateKeyArmored);
+ var privateKey = {
+ _id: keyParams._id,
+ userId: keyParams.userId,
+ userIds: keyParams.userIds,
+ encryptedKey: newPrivateKeyArmored
+ };
+
+ keychain.saveLocalPrivateKey(privateKey, onKeyPersisted);
+ }
- $scope.state.setPassphrase.toggle(false);
- $scope.$apply();
- $scope.onError({
- title: 'Success',
- message: 'Passphrase change complete.'
- });
+ function onKeyPersisted(err) {
+ if (err) {
+ $scope.onError(err);
+ return;
}
- };
- return SetPassphraseCtrl;
-});
\ No newline at end of file
+ $scope.state.setPassphrase.toggle(false);
+ $scope.$apply();
+ $scope.onError({
+ title: 'Success',
+ message: 'Passphrase change complete.'
+ });
+ }
+};
+
+module.exports = SetPassphraseCtrl;
\ No newline at end of file
diff --git a/src/js/controller/write.js b/src/js/controller/write.js
index 41d0c12..ac058f3 100644
--- a/src/js/controller/write.js
+++ b/src/js/controller/write.js
@@ -1,534 +1,530 @@
-define(function(require) {
- 'use strict';
+'use strict';
- var angular = require('angular'),
- _ = require('underscore'),
- appController = require('js/app-controller'),
- axe = require('axe'),
- util = require('js/crypto/util'),
- str = require('js/app-config').string,
- pgp, emailDao, outbox, keychainDao, auth;
+var appController = require('../app-controller'),
+ axe = require('axe-logger'),
+ util = require('crypto-lib').util,
+ str = require('../app-config').string,
+ pgp, emailDao, outbox, keychainDao, auth;
+
+//
+// Controller
+//
+
+var WriteCtrl = function($scope, $filter, $q) {
+ pgp = appController._pgp;
+ auth = appController._auth;
+ emailDao = appController._emailDao;
+ outbox = appController._outboxBo;
+ keychainDao = appController._keychain;
+
+ // set default value so that the popover height is correct on init
+ $scope.keyId = 'XXXXXXXX';
//
- // Controller
+ // Init
//
- var WriteCtrl = function($scope, $filter, $q) {
- pgp = appController._pgp;
- auth = appController._auth;
- emailDao = appController._emailDao;
- outbox = appController._outboxBo;
- keychainDao = appController._keychain;
-
- // set default value so that the popover height is correct on init
- $scope.keyId = 'XXXXXXXX';
-
- //
- // Init
- //
-
- $scope.state.writer = {
- write: function(replyTo, replyAll, forward) {
- $scope.state.lightbox = 'write';
- $scope.replyTo = replyTo;
-
- resetFields();
-
- // fill fields depending on replyTo
- fillFields(replyTo, replyAll, forward);
-
- $scope.verify($scope.to[0]);
- },
- reportBug: function() {
- $scope.state.lightbox = 'write';
- resetFields();
- reportBug();
- $scope.verify($scope.to[0]);
- },
- close: function() {
- $scope.state.lightbox = undefined;
- }
- };
-
- function resetFields() {
- $scope.writerTitle = 'New email';
- $scope.to = [];
- $scope.showCC = false;
- $scope.cc = [];
- $scope.showBCC = false;
- $scope.bcc = [];
- $scope.subject = '';
- $scope.body = '';
- $scope.attachments = [];
- $scope.addressBookCache = undefined;
+ $scope.state.writer = {
+ write: function(replyTo, replyAll, forward) {
+ $scope.state.lightbox = 'write';
+ $scope.replyTo = replyTo;
+
+ resetFields();
+
+ // fill fields depending on replyTo
+ fillFields(replyTo, replyAll, forward);
+
+ $scope.verify($scope.to[0]);
+ },
+ reportBug: function() {
+ $scope.state.lightbox = 'write';
+ resetFields();
+ reportBug();
+ $scope.verify($scope.to[0]);
+ },
+ close: function() {
+ $scope.state.lightbox = undefined;
}
+ };
- function reportBug() {
- var dump = '';
- var appender = {
- log: function(level, date, component, log) {
- // add a tag for the log level
- if (level === axe.DEBUG) {
- dump += '[DEBUG]';
- } else if (level === axe.INFO) {
- dump += '[INFO]';
- } else if (level === axe.WARN) {
- dump += '[WARN]';
- } else if (level === axe.ERROR) {
- dump += '[ERROR]';
- }
-
- dump += '[' + date.toISOString() + ']';
+ function resetFields() {
+ $scope.writerTitle = 'New email';
+ $scope.to = [];
+ $scope.showCC = false;
+ $scope.cc = [];
+ $scope.showBCC = false;
+ $scope.bcc = [];
+ $scope.subject = '';
+ $scope.body = '';
+ $scope.attachments = [];
+ $scope.addressBookCache = undefined;
+ }
+
+ function reportBug() {
+ var dump = '';
+ var appender = {
+ log: function(level, date, component, log) {
+ // add a tag for the log level
+ if (level === axe.DEBUG) {
+ dump += '[DEBUG]';
+ } else if (level === axe.INFO) {
+ dump += '[INFO]';
+ } else if (level === axe.WARN) {
+ dump += '[WARN]';
+ } else if (level === axe.ERROR) {
+ dump += '[ERROR]';
+ }
- // component is optional
- if (component) {
- dump += '[' + component + ']';
- }
+ dump += '[' + date.toISOString() + ']';
- // log may be an error or a string
- dump += ' ' + (log || '').toString();
+ // component is optional
+ if (component) {
+ dump += '[' + component + ']';
+ }
- // if an error it is, a stack trace it has. print it, we should.
- if (log.stack) {
- dump += ' . Stack: ' + log.stack;
- }
+ // log may be an error or a string
+ dump += ' ' + (log || '').toString();
- dump += '\n';
+ // if an error it is, a stack trace it has. print it, we should.
+ if (log.stack) {
+ dump += ' . Stack: ' + log.stack;
}
- };
- axe.dump(appender);
- $scope.to = [{
- address: str.supportAddress
- }];
- $scope.writerTitle = str.bugReportTitle;
- $scope.subject = str.bugReportSubject;
- $scope.body = str.bugReportBody + dump;
+ dump += '\n';
+ }
+ };
+ axe.dump(appender);
- }
+ $scope.to = [{
+ address: str.supportAddress
+ }];
+ $scope.writerTitle = str.bugReportTitle;
+ $scope.subject = str.bugReportSubject;
+ $scope.body = str.bugReportBody + dump;
- function fillFields(re, replyAll, forward) {
- var replyTo, from, sentDate, body;
+ }
- if (!re) {
- return;
- }
+ function fillFields(re, replyAll, forward) {
+ var replyTo, from, sentDate, body;
- $scope.writerTitle = (forward) ? 'Forward' : 'Reply';
+ if (!re) {
+ return;
+ }
- replyTo = re.replyTo && re.replyTo[0] && re.replyTo[0].address || re.from[0].address;
+ $scope.writerTitle = (forward) ? 'Forward' : 'Reply';
- // fill recipient field and references
- if (!forward) {
- $scope.to.unshift({
- address: replyTo
- });
- $scope.to.forEach($scope.verify);
+ replyTo = re.replyTo && re.replyTo[0] && re.replyTo[0].address || re.from[0].address;
- $scope.references = (re.references || []);
- if (re.id && $scope.references.indexOf(re.id) < 0) {
- // references might not exist yet, so use the double concat
- $scope.references = $scope.references.concat(re.id);
- }
- if (re.id) {
- $scope.inReplyTo = re.id;
- }
+ // fill recipient field and references
+ if (!forward) {
+ $scope.to.unshift({
+ address: replyTo
+ });
+ $scope.to.forEach($scope.verify);
+
+ $scope.references = (re.references || []);
+ if (re.id && $scope.references.indexOf(re.id) < 0) {
+ // references might not exist yet, so use the double concat
+ $scope.references = $scope.references.concat(re.id);
}
- if (replyAll) {
- re.to.concat(re.cc).forEach(function(recipient) {
- var me = emailDao._account.emailAddress;
- if (recipient.address === me && replyTo !== me) {
- // don't reply to yourself
- return;
- }
- $scope.cc.unshift({
- address: recipient.address
- });
+ if (re.id) {
+ $scope.inReplyTo = re.id;
+ }
+ }
+ if (replyAll) {
+ re.to.concat(re.cc).forEach(function(recipient) {
+ var me = emailDao._account.emailAddress;
+ if (recipient.address === me && replyTo !== me) {
+ // don't reply to yourself
+ return;
+ }
+ $scope.cc.unshift({
+ address: recipient.address
});
+ });
- // filter duplicates
- $scope.cc = _.uniq($scope.cc, function(recipient) {
- return recipient.address;
- });
- $scope.showCC = true;
- $scope.cc.forEach($scope.verify);
- }
+ // filter duplicates
+ $scope.cc = _.uniq($scope.cc, function(recipient) {
+ return recipient.address;
+ });
+ $scope.showCC = true;
+ $scope.cc.forEach($scope.verify);
+ }
- // fill attachments and references on forward
- if (forward) {
- // create a new array, otherwise removing an attachment will also
- // remove it from the original in the mail list as a side effect
- $scope.attachments = [].concat(re.attachments);
- if (re.id) {
- $scope.references = [re.id];
- }
+ // fill attachments and references on forward
+ if (forward) {
+ // create a new array, otherwise removing an attachment will also
+ // remove it from the original in the mail list as a side effect
+ $scope.attachments = [].concat(re.attachments);
+ if (re.id) {
+ $scope.references = [re.id];
}
+ }
- // fill subject
- if (forward) {
- $scope.subject = 'Fwd: ' + re.subject;
- } else {
- $scope.subject = 'Re: ' + ((re.subject) ? re.subject.replace('Re: ', '') : '');
- }
+ // fill subject
+ if (forward) {
+ $scope.subject = 'Fwd: ' + re.subject;
+ } else {
+ $scope.subject = 'Re: ' + ((re.subject) ? re.subject.replace('Re: ', '') : '');
+ }
- // fill text body
- from = re.from[0].name || replyTo;
- sentDate = $filter('date')(re.sentDate, 'EEEE, MMM d, yyyy h:mm a');
+ // fill text body
+ from = re.from[0].name || replyTo;
+ sentDate = $filter('date')(re.sentDate, 'EEEE, MMM d, yyyy h:mm a');
- function createString(array) {
- var str = '';
- array.forEach(function(to) {
- str += (str) ? ', ' : '';
- str += ((to.name) ? to.name : to.address) + ' <' + to.address + '>';
- });
- return str;
- }
+ function createString(array) {
+ var str = '';
+ array.forEach(function(to) {
+ str += (str) ? ', ' : '';
+ str += ((to.name) ? to.name : to.address) + ' <' + to.address + '>';
+ });
+ return str;
+ }
- if (forward) {
- body = '\n\n' +
- '---------- Forwarded message ----------\n' +
- 'From: ' + re.from[0].name + ' <' + re.from[0].address + '>\n' +
- 'Date: ' + sentDate + '\n' +
- 'Subject: ' + re.subject + '\n' +
- 'To: ' + createString(re.to) + '\n' +
- ((re.cc && re.cc.length > 0) ? 'Cc: ' + createString(re.cc) + '\n' : '') +
- '\n\n';
-
- } else {
- body = '\n\n' + sentDate + ' ' + from + ' wrote:\n> ';
- }
+ if (forward) {
+ body = '\n\n' +
+ '---------- Forwarded message ----------\n' +
+ 'From: ' + re.from[0].name + ' <' + re.from[0].address + '>\n' +
+ 'Date: ' + sentDate + '\n' +
+ 'Subject: ' + re.subject + '\n' +
+ 'To: ' + createString(re.to) + '\n' +
+ ((re.cc && re.cc.length > 0) ? 'Cc: ' + createString(re.cc) + '\n' : '') +
+ '\n\n';
+
+ } else {
+ body = '\n\n' + sentDate + ' ' + from + ' wrote:\n> ';
+ }
- if (re.body) {
- body += re.body.trim().split('\n').join('\n> ').replace(/ >/g, '>');
- $scope.body = body;
- }
+ if (re.body) {
+ body += re.body.trim().split('\n').join('\n> ').replace(/ >/g, '>');
+ $scope.body = body;
}
+ }
- //
- // Editing headers
- //
+ //
+ // Editing headers
+ //
- /**
- * Verify email address and fetch its public key
- */
- $scope.verify = function(recipient) {
- if (!recipient) {
- return;
- }
+ /**
+ * Verify email address and fetch its public key
+ */
+ $scope.verify = function(recipient) {
+ if (!recipient) {
+ return;
+ }
- // set display to insecure while fetching keys
- recipient.key = undefined;
- recipient.secure = false;
+ // set display to insecure while fetching keys
+ recipient.key = undefined;
+ recipient.secure = false;
+ $scope.checkSendStatus();
+
+ // verify email address
+ if (!util.validateEmailAddress(recipient.address)) {
+ recipient.secure = undefined;
$scope.checkSendStatus();
+ return;
+ }
- // verify email address
- if (!util.validateEmailAddress(recipient.address)) {
- recipient.secure = undefined;
- $scope.checkSendStatus();
- return;
- }
+ // keychainDao is undefined in local dev environment
+ if (keychainDao) {
+ // check if to address is contained in known public keys
+ // when we write an email, we always need to work with the latest keys available
+ keychainDao.refreshKeyForUserId(recipient.address, function(err, key) {
+ if (err) {
+ $scope.onError(err);
+ return;
+ }
- // keychainDao is undefined in local dev environment
- if (keychainDao) {
- // check if to address is contained in known public keys
- // when we write an email, we always need to work with the latest keys available
- keychainDao.refreshKeyForUserId(recipient.address, function(err, key) {
- if (err) {
- $scope.onError(err);
- return;
+ if (key) {
+ // compare again since model could have changed during the roundtrip
+ var matchingUserId = _.findWhere(key.userIds, {
+ emailAddress: recipient.address
+ });
+ // compare either primary userId or (if available) multiple IDs
+ if (key.userId === recipient.address || matchingUserId) {
+ recipient.key = key;
+ recipient.secure = true;
}
+ }
- if (key) {
- // compare again since model could have changed during the roundtrip
- var matchingUserId = _.findWhere(key.userIds, {
- emailAddress: recipient.address
- });
- // compare either primary userId or (if available) multiple IDs
- if (key.userId === recipient.address || matchingUserId) {
- recipient.key = key;
- recipient.secure = true;
- }
- }
+ $scope.checkSendStatus();
+ $scope.$digest();
+ });
+ }
+ };
- $scope.checkSendStatus();
- $scope.$digest();
- });
- }
- };
+ /**
+ * Check if it is ok to send an email depending on the invitation state of the addresses
+ */
+ $scope.checkSendStatus = function() {
+ $scope.okToSend = false;
+ $scope.sendBtnText = undefined;
+ $scope.sendBtnSecure = undefined;
- /**
- * Check if it is ok to send an email depending on the invitation state of the addresses
- */
- $scope.checkSendStatus = function() {
- $scope.okToSend = false;
- $scope.sendBtnText = undefined;
- $scope.sendBtnSecure = undefined;
-
- var allSecure = true;
- var numReceivers = 0;
-
- // count number of receivers and check security
- $scope.to.forEach(check);
- $scope.cc.forEach(check);
- $scope.bcc.forEach(check);
-
- function check(recipient) {
- // validate address
- if (!util.validateEmailAddress(recipient.address)) {
- return;
- }
- numReceivers++;
- if (!recipient.secure) {
- allSecure = false;
- }
- }
+ var allSecure = true;
+ var numReceivers = 0;
+
+ // count number of receivers and check security
+ $scope.to.forEach(check);
+ $scope.cc.forEach(check);
+ $scope.bcc.forEach(check);
- // only allow sending if receviers exist
- if (numReceivers < 1) {
+ function check(recipient) {
+ // validate address
+ if (!util.validateEmailAddress(recipient.address)) {
return;
}
-
- // bcc automatically disables secure sending
- if ($scope.bcc.filter(filterEmptyAddresses).length > 0) {
+ numReceivers++;
+ if (!recipient.secure) {
allSecure = false;
}
+ }
- if (allSecure) {
- // send encrypted if all secure
- $scope.okToSend = true;
- $scope.sendBtnText = str.sendBtnSecure;
- $scope.sendBtnSecure = true;
- } else {
- // send plaintext
- $scope.okToSend = true;
- $scope.sendBtnText = str.sendBtnClear;
- $scope.sendBtnSecure = false;
- }
- };
+ // only allow sending if receviers exist
+ if (numReceivers < 1) {
+ return;
+ }
- //
- // Editing attachments
- //
+ // bcc automatically disables secure sending
+ if ($scope.bcc.filter(filterEmptyAddresses).length > 0) {
+ allSecure = false;
+ }
- $scope.remove = function(attachment) {
- $scope.attachments.splice($scope.attachments.indexOf(attachment), 1);
+ if (allSecure) {
+ // send encrypted if all secure
+ $scope.okToSend = true;
+ $scope.sendBtnText = str.sendBtnSecure;
+ $scope.sendBtnSecure = true;
+ } else {
+ // send plaintext
+ $scope.okToSend = true;
+ $scope.sendBtnText = str.sendBtnClear;
+ $scope.sendBtnSecure = false;
+ }
+ };
+
+ //
+ // Editing attachments
+ //
+
+ $scope.remove = function(attachment) {
+ $scope.attachments.splice($scope.attachments.indexOf(attachment), 1);
+ };
+
+ //
+ // Editing email body
+ //
+
+ $scope.sendToOutbox = function() {
+ var email;
+
+ // build email model for smtp-client
+ email = {
+ from: [{
+ name: emailDao._account.realname,
+ address: emailDao._account.emailAddress
+ }],
+ to: $scope.to.filter(filterEmptyAddresses),
+ cc: $scope.cc.filter(filterEmptyAddresses),
+ bcc: $scope.bcc.filter(filterEmptyAddresses),
+ subject: $scope.subject.trim() ? $scope.subject.trim() : str.fallbackSubject, // Subject line, or the fallback subject, if nothing valid was entered
+ body: $scope.body.trim(), // use parsed plaintext body
+ attachments: $scope.attachments,
+ sentDate: new Date(),
+ headers: {}
};
- //
- // Editing email body
- //
-
- $scope.sendToOutbox = function() {
- var email;
-
- // build email model for smtp-client
- email = {
- from: [{
- name: emailDao._account.realname,
- address: emailDao._account.emailAddress
- }],
- to: $scope.to.filter(filterEmptyAddresses),
- cc: $scope.cc.filter(filterEmptyAddresses),
- bcc: $scope.bcc.filter(filterEmptyAddresses),
- subject: $scope.subject.trim() ? $scope.subject.trim() : str.fallbackSubject, // Subject line, or the fallback subject, if nothing valid was entered
- body: $scope.body.trim(), // use parsed plaintext body
- attachments: $scope.attachments,
- sentDate: new Date(),
- headers: {}
- };
+ if ($scope.inReplyTo) {
+ email.headers['in-reply-to'] = '<' + $scope.inReplyTo + '>';
+ }
- if ($scope.inReplyTo) {
- email.headers['in-reply-to'] = '<' + $scope.inReplyTo + '>';
- }
+ if ($scope.references && $scope.references.length) {
+ email.headers.references = $scope.references.map(function(reference) {
+ return '<' + reference + '>';
+ }).join(' ');
+ }
+
+ // close the writer
+ $scope.state.writer.close();
- if ($scope.references && $scope.references.length) {
- email.headers.references = $scope.references.map(function(reference) {
- return '<' + reference + '>';
- }).join(' ');
+ // persist the email to disk for later sending
+ outbox.put(email, function(err) {
+ if (err) {
+ $scope.onError(err);
+ return;
}
- // close the writer
- $scope.state.writer.close();
+ // if we need to synchronize replyTo.answered = true to imap,
+ // let's do that. otherwise, we're done
+ if (!$scope.replyTo || $scope.replyTo.answered) {
+ return;
+ }
- // persist the email to disk for later sending
- outbox.put(email, function(err) {
- if (err) {
+ $scope.replyTo.answered = true;
+ emailDao.setFlags({
+ folder: currentFolder(),
+ message: $scope.replyTo
+ }, function(err) {
+ if (err && err.code !== 42) {
$scope.onError(err);
return;
}
- // if we need to synchronize replyTo.answered = true to imap,
- // let's do that. otherwise, we're done
- if (!$scope.replyTo || $scope.replyTo.answered) {
- return;
- }
-
- $scope.replyTo.answered = true;
- emailDao.setFlags({
- folder: currentFolder(),
- message: $scope.replyTo
- }, function(err) {
- if (err && err.code !== 42) {
- $scope.onError(err);
- return;
- }
-
- // offline or no error, let's apply the ui changes
- $scope.$apply();
- });
+ // offline or no error, let's apply the ui changes
+ $scope.$apply();
});
+ });
- };
+ };
- //
- // Tag input & Autocomplete
- //
+ //
+ // Tag input & Autocomplete
+ //
- $scope.tagStyle = function(recipient) {
- var classes = ['label'];
- if (recipient.secure === false) {
- classes.push('label-primary');
- }
- return classes;
- };
+ $scope.tagStyle = function(recipient) {
+ var classes = ['label'];
+ if (recipient.secure === false) {
+ classes.push('label-primary');
+ }
+ return classes;
+ };
- $scope.lookupAddressBook = function(query) {
- var deferred = $q.defer();
+ $scope.lookupAddressBook = function(query) {
+ var deferred = $q.defer();
- if (!$scope.addressBookCache) {
- // populate address book cache
- keychainDao.listLocalPublicKeys(function(err, keys) {
- if (err) {
- $scope.onError(err);
- return;
- }
+ if (!$scope.addressBookCache) {
+ // populate address book cache
+ keychainDao.listLocalPublicKeys(function(err, keys) {
+ if (err) {
+ $scope.onError(err);
+ return;
+ }
- $scope.addressBookCache = keys.map(function(key) {
- return {
- address: key.userId
- };
- });
- filter();
+ $scope.addressBookCache = keys.map(function(key) {
+ return {
+ address: key.userId
+ };
});
-
- } else {
filter();
- }
-
- // query address book cache
- function filter() {
- var addresses = $scope.addressBookCache.filter(function(i) {
- return i.address.indexOf(query) !== -1;
- });
- deferred.resolve(addresses);
- }
-
- return deferred.promise;
- };
-
- //
- // Helpers
- //
+ });
- function currentFolder() {
- return $scope.state.nav.currentFolder;
+ } else {
+ filter();
}
- /*
- * Visitor to filter out objects without an address property, i.e. empty addresses
- */
- function filterEmptyAddresses(addr) {
- return !!addr.address;
+ // query address book cache
+ function filter() {
+ var addresses = $scope.addressBookCache.filter(function(i) {
+ return i.address.indexOf(query) !== -1;
+ });
+ deferred.resolve(addresses);
}
- };
+ return deferred.promise;
+ };
//
- // Directives
+ // Helpers
//
- var ngModule = angular.module('write', []);
-
- ngModule.directive('focusMe', function($timeout, $parse) {
- return {
- //scope: true, // optionally create a child scope
- link: function(scope, element, attrs) {
- var model = $parse(attrs.focusMe);
- scope.$watch(model, function(value) {
- if (value === true) {
- $timeout(function() {
- var el = element[0];
- el.focus();
- // set cursor to start of textarea
- if (el.type === 'textarea') {
- el.selectionStart = 0;
- el.selectionEnd = 0;
- }
- }, 100);
- }
- });
- }
- };
- });
-
- ngModule.directive('focusInput', function($timeout, $parse) {
- return {
- //scope: true, // optionally create a child scope
- link: function(scope, element, attrs) {
- var model = $parse(attrs.focusInput);
- scope.$watch(model, function(value) {
- if (value === true) {
- $timeout(function() {
- element.find('input').first().focus();
- }, 100);
- }
- });
- }
- };
- });
-
- ngModule.directive('focusInputOnClick', function() {
- return {
- //scope: true, // optionally create a child scope
- link: function(scope, element) {
- element.on('click', function() {
- element.find('input').first().focus();
- });
- }
- };
- });
-
- ngModule.directive('attachmentInput', function() {
- return function(scope, elm) {
- elm.on('change', function(e) {
- for (var i = 0; i < e.target.files.length; i++) {
- addAttachment(e.target.files.item(i));
+ function currentFolder() {
+ return $scope.state.nav.currentFolder;
+ }
+
+ /*
+ * Visitor to filter out objects without an address property, i.e. empty addresses
+ */
+ function filterEmptyAddresses(addr) {
+ return !!addr.address;
+ }
+};
+
+
+//
+// Directives
+//
+
+var ngModule = angular.module('write', []);
+
+ngModule.directive('focusMe', function($timeout, $parse) {
+ return {
+ //scope: true, // optionally create a child scope
+ link: function(scope, element, attrs) {
+ var model = $parse(attrs.focusMe);
+ scope.$watch(model, function(value) {
+ if (value === true) {
+ $timeout(function() {
+ var el = element[0];
+ el.focus();
+ // set cursor to start of textarea
+ if (el.type === 'textarea') {
+ el.selectionStart = 0;
+ el.selectionEnd = 0;
+ }
+ }, 100);
+ }
+ });
+ }
+ };
+});
+
+ngModule.directive('focusInput', function($timeout, $parse) {
+ return {
+ //scope: true, // optionally create a child scope
+ link: function(scope, element, attrs) {
+ var model = $parse(attrs.focusInput);
+ scope.$watch(model, function(value) {
+ if (value === true) {
+ $timeout(function() {
+ element.find('input').first().focus();
+ }, 100);
}
});
+ }
+ };
+});
+
+ngModule.directive('focusInputOnClick', function() {
+ return {
+ //scope: true, // optionally create a child scope
+ link: function(scope, element) {
+ element.on('click', function() {
+ element.find('input').first().focus();
+ });
+ }
+ };
+});
- function addAttachment(file) {
- var reader = new FileReader();
- reader.onload = function(e) {
- scope.attachments.push({
- filename: file.name,
- mimeType: file.type,
- content: new Uint8Array(e.target.result)
- });
- scope.$digest();
- };
- reader.readAsArrayBuffer(file);
+ngModule.directive('attachmentInput', function() {
+ return function(scope, elm) {
+ elm.on('change', function(e) {
+ for (var i = 0; i < e.target.files.length; i++) {
+ addAttachment(e.target.files.item(i));
}
- };
- });
-
- ngModule.directive('attachmentBtn', function() {
- return function(scope, elm) {
- elm.on('click touchstart', function(e) {
- e.preventDefault();
- document.querySelector('#attachment-input').click();
- });
- };
- });
+ });
+
+ function addAttachment(file) {
+ var reader = new FileReader();
+ reader.onload = function(e) {
+ scope.attachments.push({
+ filename: file.name,
+ mimeType: file.type,
+ content: new Uint8Array(e.target.result)
+ });
+ scope.$digest();
+ };
+ reader.readAsArrayBuffer(file);
+ }
+ };
+});
+
+ngModule.directive('attachmentBtn', function() {
+ return function(scope, elm) {
+ elm.on('click touchstart', function(e) {
+ e.preventDefault();
+ document.querySelector('#attachment-input').click();
+ });
+ };
+});
- return WriteCtrl;
-});
\ No newline at end of file
+module.exports = WriteCtrl;
\ No newline at end of file
diff --git a/src/js/crypto/crypto.js b/src/js/crypto/crypto.js
index 7b09f53..f19093a 100644
--- a/src/js/crypto/crypto.js
+++ b/src/js/crypto/crypto.js
@@ -2,122 +2,119 @@
* High level crypto api that invokes native crypto (if available) and
* gracefully degrades to JS crypto (if unavailable)
*/
-define(function(require) {
- 'use strict';
- var aes = require('js/crypto/aes-gcm'),
- pbkdf2 = require('js/crypto/pbkdf2'),
- config = require('js/app-config').config,
- axe = require('axe');
+'use strict';
- var PBKDF2_WORKER = '/crypto/pbkdf2-worker.js';
+var aes = require('crypto-lib').aes,
+ pbkdf2 = require('./pbkdf2'),
+ config = require('../app-config').config,
+ axe = require('axe-logger');
- var Crypto = function() {};
+var Crypto = function() {};
- /**
- * Encrypt plaintext using AES-GCM.
- * @param {String} plaintext The input string in UTF-16
- * @param {String} key The base64 encoded key
- * @param {String} iv The base64 encoded IV
- * @param {Function} callback(error, ciphertext)
- * @return {String} The base64 encoded ciphertext
- */
- Crypto.prototype.encrypt = function(plaintext, key, iv, callback) {
- var ct;
+/**
+ * Encrypt plaintext using AES-GCM.
+ * @param {String} plaintext The input string in UTF-16
+ * @param {String} key The base64 encoded key
+ * @param {String} iv The base64 encoded IV
+ * @param {Function} callback(error, ciphertext)
+ * @return {String} The base64 encoded ciphertext
+ */
+Crypto.prototype.encrypt = function(plaintext, key, iv, callback) {
+ var ct;
- try {
- ct = aes.encrypt(plaintext, key, iv);
- } catch (err) {
- callback(err);
- return;
- }
+ try {
+ ct = aes.encrypt(plaintext, key, iv);
+ } catch (err) {
+ callback(err);
+ return;
+ }
- callback(null, ct);
- };
+ callback(null, ct);
+};
- /**
- * Decrypt ciphertext suing AES-GCM
- * @param {String} ciphertext The base64 encoded ciphertext
- * @param {String} key The base64 encoded key
- * @param {String} iv The base64 encoded IV
- * @param {Function} callback(error, plaintext)
- * @return {String} The decrypted plaintext in UTF-16
- */
- Crypto.prototype.decrypt = function(ciphertext, key, iv, callback) {
- var pt;
+/**
+ * Decrypt ciphertext suing AES-GCM
+ * @param {String} ciphertext The base64 encoded ciphertext
+ * @param {String} key The base64 encoded key
+ * @param {String} iv The base64 encoded IV
+ * @param {Function} callback(error, plaintext)
+ * @return {String} The decrypted plaintext in UTF-16
+ */
+Crypto.prototype.decrypt = function(ciphertext, key, iv, callback) {
+ var pt;
- try {
- pt = aes.decrypt(ciphertext, key, iv);
- } catch (err) {
- callback(err);
- return;
- }
+ try {
+ pt = aes.decrypt(ciphertext, key, iv);
+ } catch (err) {
+ callback(err);
+ return;
+ }
- callback(null, pt);
- };
+ callback(null, pt);
+};
- /**
- * Do PBKDF2 key derivation in a WebWorker thread
- */
- Crypto.prototype.deriveKey = function(password, salt, keySize, callback) {
- startWorker({
- script: PBKDF2_WORKER,
- args: {
- password: password,
- salt: salt,
- keySize: keySize
- },
- callback: callback,
- noWorker: function() {
- return pbkdf2.getKey(password, salt, keySize);
- }
- });
- };
+/**
+ * Do PBKDF2 key derivation in a WebWorker thread
+ */
+Crypto.prototype.deriveKey = function(password, salt, keySize, callback) {
+ startWorker({
+ script: config.workerPath + '/pbkdf2-worker.min.js',
+ args: {
+ password: password,
+ salt: salt,
+ keySize: keySize
+ },
+ callback: callback,
+ noWorker: function() {
+ return pbkdf2.getKey(password, salt, keySize);
+ }
+ });
+};
- //
- // helper functions
- //
+//
+// helper functions
+//
- function startWorker(options) {
- // check for WebWorker support
- if (window.Worker) {
- // init webworker thread
- var worker = new Worker(config.workerPath + options.script);
- worker.onmessage = function(e) {
- if (e.data.err) {
- options.callback(e.data.err);
- return;
- }
- // return result from the worker
- options.callback(null, e.data);
- };
- worker.onerror = function(e) {
- // show error message in logger
- axe.error('Error handling web worker: Line ' + e.lineno + ' in ' + e.filename + ': ' + e.message);
- // return error
- options.callback({
- errMsg: (e.message) ? e.message : e
- });
+function startWorker(options) {
+ // check for WebWorker support
+ if (window.Worker) {
+ // init webworker thread
+ var worker = new Worker(options.script);
+ worker.onmessage = function(e) {
+ if (e.data.err) {
+ options.callback(e.data.err);
return;
- };
- // send data to the worker
- worker.postMessage(options.args);
- return;
- }
-
- // no WebWorker support... do synchronous call
- var result;
- try {
- result = options.noWorker();
- } catch (e) {
+ }
+ // return result from the worker
+ options.callback(null, e.data);
+ };
+ worker.onerror = function(e) {
+ // show error message in logger
+ axe.error('Error handling web worker: Line ' + e.lineno + ' in ' + e.filename + ': ' + e.message);
// return error
options.callback({
errMsg: (e.message) ? e.message : e
});
return;
- }
- options.callback(null, result);
+ };
+ // send data to the worker
+ worker.postMessage(options.args);
+ return;
+ }
+
+ // no WebWorker support... do synchronous call
+ var result;
+ try {
+ result = options.noWorker();
+ } catch (e) {
+ // return error
+ options.callback({
+ errMsg: (e.message) ? e.message : e
+ });
+ return;
}
+ options.callback(null, result);
+}
- return Crypto;
-});
\ No newline at end of file
+module.exports = Crypto;
\ No newline at end of file
diff --git a/src/js/crypto/pbkdf2-worker.js b/src/js/crypto/pbkdf2-worker.js
index fd71a41..d9107d0 100644
--- a/src/js/crypto/pbkdf2-worker.js
+++ b/src/js/crypto/pbkdf2-worker.js
@@ -1,38 +1,25 @@
-(function() {
- 'use strict';
+'use strict';
- // import web worker dependencies
- importScripts('../../lib/require.js');
+importScripts('forge.min.js');
- /**
- * In the web worker thread context, 'this' and 'self' can be used as a global
- * variable namespace similar to the 'window' object in the main thread
- */
- self.onmessage = function(e) {
- // fetch dependencies via require.js
- require(['../../require-config'], function() {
- require.config({
- baseUrl: '../../lib'
- });
+var pbkdf2 = require('./pbkdf2');
- require(['js/crypto/pbkdf2'], function(pbkdf2) {
+/**
+ * In the web worker thread context, 'this' and 'self' can be used as a global
+ * variable namespace similar to the 'window' object in the main thread
+ */
+self.onmessage = function(e) {
+ var i = e.data,
+ key = null;
- var i = e.data,
- key = null;
+ if (i.password && i.salt && i.keySize) {
+ // start deriving key
+ key = pbkdf2.getKey(i.password, i.salt, i.keySize);
- if (i.password && i.salt && i.keySize) {
- // start deriving key
- key = pbkdf2.getKey(i.password, i.salt, i.keySize);
+ } else {
+ throw 'Not all arguments for web worker crypto are defined!';
+ }
- } else {
- throw 'Not all arguments for web worker crypto are defined!';
- }
-
- // pass output back to main thread
- self.postMessage(key);
-
- });
- });
- };
-
-}());
\ No newline at end of file
+ // pass output back to main thread
+ self.postMessage(key);
+};
\ No newline at end of file
diff --git a/src/js/crypto/pbkdf2.js b/src/js/crypto/pbkdf2.js
index 3a0b12a..e4403a2 100644
--- a/src/js/crypto/pbkdf2.js
+++ b/src/js/crypto/pbkdf2.js
@@ -1,25 +1,24 @@
/**
* A Wrapper for Forge's PBKDF2 function
*/
-define(['forge'], function(forge) {
- 'use strict';
- var self = {};
+'use strict';
- /**
- * PBKDF2-HMAC-SHA256 key derivation with a random salt and 10000 iterations
- * @param {String} password The password in UTF8
- * @param {String} salt The base64 encoded salt
- * @param {String} keySize The key size in bits
- * @return {String} The base64 encoded key
- */
- self.getKey = function(password, salt, keySize) {
- var saltUtf8 = forge.util.decode64(salt);
- var md = forge.md.sha256.create();
- var key = forge.pkcs5.pbkdf2(password, saltUtf8, 10000, keySize / 8, md);
+var pbkdf2 = {};
- return forge.util.encode64(key);
- };
+/**
+ * PBKDF2-HMAC-SHA256 key derivation with a random salt and 10000 iterations
+ * @param {String} password The password in UTF8
+ * @param {String} salt The base64 encoded salt
+ * @param {String} keySize The key size in bits
+ * @return {String} The base64 encoded key
+ */
+pbkdf2.getKey = function(password, salt, keySize) {
+ var saltUtf8 = forge.util.decode64(salt);
+ var md = forge.md.sha256.create();
+ var key = forge.pkcs5.pbkdf2(password, saltUtf8, 10000, keySize / 8, md);
+
+ return forge.util.encode64(key);
+};
- return self;
-});
\ No newline at end of file
+module.exports = pbkdf2;
\ No newline at end of file
diff --git a/src/js/crypto/pgp.js b/src/js/crypto/pgp.js
index 2a50b80..7be0fd4 100644
--- a/src/js/crypto/pgp.js
+++ b/src/js/crypto/pgp.js
@@ -1,452 +1,450 @@
/**
* High level crypto api that handles all calls to OpenPGP.js
*/
-define(function(require) {
- 'use strict';
- var openpgp = require('openpgp'),
- util = require('openpgp').util,
- config = require('js/app-config').config;
+'use strict';
- var PGP = function() {
- openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha256;
- openpgp.initWorker(config.workerPath + '/../lib/openpgp/openpgp.worker.js');
- };
+var util = openpgp.util,
+ config = require('../app-config').config;
- /**
- * Generate a key pair for the user
- */
- PGP.prototype.generateKeys = function(options, callback) {
- var userId, passphrase;
+var PGP = function() {
+ openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha256;
+ openpgp.initWorker(config.workerPath + '/openpgp.worker.js');
+};
- if (!util.emailRegEx.test(options.emailAddress) || !options.keySize) {
- callback(new Error('Crypto init failed. Not all options set!'));
+/**
+ * Generate a key pair for the user
+ */
+PGP.prototype.generateKeys = function(options, callback) {
+ var userId, passphrase;
+
+ if (!util.emailRegEx.test(options.emailAddress) || !options.keySize) {
+ callback(new Error('Crypto init failed. Not all options set!'));
+ return;
+ }
+
+ // generate keypair
+ userId = 'Whiteout User <' + options.emailAddress + '>';
+ passphrase = (options.passphrase) ? options.passphrase : undefined;
+ openpgp.generateKeyPair({
+ keyType: 1, // (keytype 1=RSA)
+ numBits: options.keySize,
+ userId: userId,
+ passphrase: passphrase
+ }, onGenerated);
+
+ function onGenerated(err, keys) {
+ if (err) {
+ callback(new Error('Keygeneration failed!'));
return;
}
- // generate keypair
- userId = 'Whiteout User <' + options.emailAddress + '>';
- passphrase = (options.passphrase) ? options.passphrase : undefined;
- openpgp.generateKeyPair({
- keyType: 1, // (keytype 1=RSA)
- numBits: options.keySize,
- userId: userId,
- passphrase: passphrase
- }, onGenerated);
-
- function onGenerated(err, keys) {
- if (err) {
- callback(new Error('Keygeneration failed!'));
- return;
- }
-
- callback(null, {
- keyId: keys.key.primaryKey.getKeyId().toHex().toUpperCase(),
- privateKeyArmored: keys.privateKeyArmored,
- publicKeyArmored: keys.publicKeyArmored
- });
- }
- };
+ callback(null, {
+ keyId: keys.key.primaryKey.getKeyId().toHex().toUpperCase(),
+ privateKeyArmored: keys.privateKeyArmored,
+ publicKeyArmored: keys.publicKeyArmored
+ });
+ }
+};
- /**
- * Show a user's fingerprint
- */
- PGP.prototype.getFingerprint = function(keyArmored) {
- function fingerprint(key) {
- return key.primaryKey.getFingerprint().toUpperCase();
- }
+/**
+ * Show a user's fingerprint
+ */
+PGP.prototype.getFingerprint = function(keyArmored) {
+ function fingerprint(key) {
+ return key.primaryKey.getFingerprint().toUpperCase();
+ }
- // process armored key input
- if (keyArmored) {
- return fingerprint(openpgp.key.readArmored(keyArmored).keys[0]);
- }
+ // process armored key input
+ if (keyArmored) {
+ return fingerprint(openpgp.key.readArmored(keyArmored).keys[0]);
+ }
- if (!this._publicKey) {
- throw new Error('No public key set for fingerprint generation!');
- }
+ if (!this._publicKey) {
+ throw new Error('No public key set for fingerprint generation!');
+ }
- // get local fingerpring
- return fingerprint(this._publicKey);
- };
+ // get local fingerpring
+ return fingerprint(this._publicKey);
+};
- /**
- * Show a user's key id.
- */
- PGP.prototype.getKeyId = function(keyArmored) {
- var key, pubKeyId, privKeyId;
+/**
+ * Show a user's key id.
+ */
+PGP.prototype.getKeyId = function(keyArmored) {
+ var key, pubKeyId, privKeyId;
- // process armored key input
- if (keyArmored) {
- key = openpgp.key.readArmored(keyArmored).keys[0];
- return key.primaryKey.getKeyId().toHex().toUpperCase();
- }
+ // process armored key input
+ if (keyArmored) {
+ key = openpgp.key.readArmored(keyArmored).keys[0];
+ return key.primaryKey.getKeyId().toHex().toUpperCase();
+ }
- // check already imported keys
- if (!this._privateKey || !this._publicKey) {
- throw new Error('Cannot read key IDs... keys not set!');
- }
+ // check already imported keys
+ if (!this._privateKey || !this._publicKey) {
+ throw new Error('Cannot read key IDs... keys not set!');
+ }
- pubKeyId = this._publicKey.primaryKey.getKeyId().toHex().toUpperCase();
- privKeyId = this._privateKey.primaryKey.getKeyId().toHex().toUpperCase();
+ pubKeyId = this._publicKey.primaryKey.getKeyId().toHex().toUpperCase();
+ privKeyId = this._privateKey.primaryKey.getKeyId().toHex().toUpperCase();
- if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
- throw new Error('Key IDs do not match!');
- }
+ if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
+ throw new Error('Key IDs do not match!');
+ }
- return pubKeyId;
- };
+ return pubKeyId;
+};
- /**
- * Read all relevant params of an armored key.
- */
- PGP.prototype.getKeyParams = function(keyArmored) {
- var key, packet, userIds;
-
- // process armored key input
- if (keyArmored) {
- key = openpgp.key.readArmored(keyArmored).keys[0];
- } else if (this._publicKey) {
- key = this._publicKey;
- } else {
- throw new Error('Cannot read key params... keys not set!');
- }
+/**
+ * Read all relevant params of an armored key.
+ */
+PGP.prototype.getKeyParams = function(keyArmored) {
+ var key, packet, userIds;
+
+ // process armored key input
+ if (keyArmored) {
+ key = openpgp.key.readArmored(keyArmored).keys[0];
+ } else if (this._publicKey) {
+ key = this._publicKey;
+ } else {
+ throw new Error('Cannot read key params... keys not set!');
+ }
- packet = key.primaryKey;
+ packet = key.primaryKey;
- // read user names and email addresses
- userIds = [];
- key.getUserIds().forEach(function(userId) {
- userIds.push({
- name: userId.split('<')[0].trim(),
- emailAddress: userId.split('<')[1].split('>')[0].trim()
- });
+ // read user names and email addresses
+ userIds = [];
+ key.getUserIds().forEach(function(userId) {
+ userIds.push({
+ name: userId.split('<')[0].trim(),
+ emailAddress: userId.split('<')[1].split('>')[0].trim()
});
-
- return {
- _id: packet.getKeyId().toHex().toUpperCase(),
- userId: userIds[0].emailAddress, // the primary (first) email address of the key
- userIds: userIds, // a dictonary of all the key's name/address pairs
- fingerprint: packet.getFingerprint().toUpperCase(),
- algorithm: packet.algorithm,
- bitSize: packet.getBitSize(),
- created: packet.created,
- };
+ });
+
+ return {
+ _id: packet.getKeyId().toHex().toUpperCase(),
+ userId: userIds[0].emailAddress, // the primary (first) email address of the key
+ userIds: userIds, // a dictonary of all the key's name/address pairs
+ fingerprint: packet.getFingerprint().toUpperCase(),
+ algorithm: packet.algorithm,
+ bitSize: packet.getBitSize(),
+ created: packet.created,
};
+};
- /**
- * Extract a public key from a private key
- * @param {String} privateKeyArmored The private PGP key block
- * @return {String} The publick PGP key block
- */
- PGP.prototype.extractPublicKey = function(privateKeyArmored) {
- var privkey = openpgp.key.readArmored(privateKeyArmored).keys[0];
- var pubkey = privkey.toPublic();
- return pubkey.armor();
- };
+/**
+ * Extract a public key from a private key
+ * @param {String} privateKeyArmored The private PGP key block
+ * @return {String} The publick PGP key block
+ */
+PGP.prototype.extractPublicKey = function(privateKeyArmored) {
+ var privkey = openpgp.key.readArmored(privateKeyArmored).keys[0];
+ var pubkey = privkey.toPublic();
+ return pubkey.armor();
+};
- /**
- * Import the user's key pair
- */
- PGP.prototype.importKeys = function(options, callback) {
- var pubKeyId, privKeyId, self = this;
+/**
+ * Import the user's key pair
+ */
+PGP.prototype.importKeys = function(options, callback) {
+ var pubKeyId, privKeyId, self = this;
- // check options
- if (!options.privateKeyArmored || !options.publicKeyArmored) {
- callback(new Error('Importing keys failed. Not all options set!'));
- return;
- }
+ // check options
+ if (!options.privateKeyArmored || !options.publicKeyArmored) {
+ callback(new Error('Importing keys failed. Not all options set!'));
+ return;
+ }
- function resetKeys() {
- self._publicKey = undefined;
- self._privateKey = undefined;
- }
+ function resetKeys() {
+ self._publicKey = undefined;
+ self._privateKey = undefined;
+ }
- // read armored keys
- try {
- this._publicKey = openpgp.key.readArmored(options.publicKeyArmored).keys[0];
- this._privateKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
- } catch (e) {
- resetKeys();
- callback(new Error('Importing keys failed. Parsing error!'));
- return;
- }
+ // read armored keys
+ try {
+ this._publicKey = openpgp.key.readArmored(options.publicKeyArmored).keys[0];
+ this._privateKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
+ } catch (e) {
+ resetKeys();
+ callback(new Error('Importing keys failed. Parsing error!'));
+ return;
+ }
- // decrypt private key with passphrase
- if (!this._privateKey.decrypt(options.passphrase)) {
- resetKeys();
- callback(new Error('Incorrect passphrase!'));
- return;
- }
+ // decrypt private key with passphrase
+ if (!this._privateKey.decrypt(options.passphrase)) {
+ resetKeys();
+ callback(new Error('Incorrect passphrase!'));
+ return;
+ }
- // check if keys have the same id
- pubKeyId = this._publicKey.primaryKey.getKeyId().toHex();
- privKeyId = this._privateKey.primaryKey.getKeyId().toHex();
- if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
- resetKeys();
- callback(new Error('Key IDs dont match!'));
- return;
- }
+ // check if keys have the same id
+ pubKeyId = this._publicKey.primaryKey.getKeyId().toHex();
+ privKeyId = this._privateKey.primaryKey.getKeyId().toHex();
+ if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
+ resetKeys();
+ callback(new Error('Key IDs dont match!'));
+ return;
+ }
- callback();
- };
+ callback();
+};
- /**
- * Export the user's key pair
- */
- PGP.prototype.exportKeys = function(callback) {
- if (!this._publicKey || !this._privateKey) {
- callback(new Error('Could not export keys!'));
- return;
- }
+/**
+ * Export the user's key pair
+ */
+PGP.prototype.exportKeys = function(callback) {
+ if (!this._publicKey || !this._privateKey) {
+ callback(new Error('Could not export keys!'));
+ return;
+ }
- callback(null, {
- keyId: this._publicKey.primaryKey.getKeyId().toHex().toUpperCase(),
- privateKeyArmored: this._privateKey.armor(),
- publicKeyArmored: this._publicKey.armor()
- });
- };
+ callback(null, {
+ keyId: this._publicKey.primaryKey.getKeyId().toHex().toUpperCase(),
+ privateKeyArmored: this._privateKey.armor(),
+ publicKeyArmored: this._publicKey.armor()
+ });
+};
- /**
- * Change the passphrase of an ascii armored private key.
- */
- PGP.prototype.changePassphrase = function(options, callback) {
- var privKey, packets, newPassphrase, newKeyArmored;
+/**
+ * Change the passphrase of an ascii armored private key.
+ */
+PGP.prototype.changePassphrase = function(options, callback) {
+ var privKey, packets, newPassphrase, newKeyArmored;
- // set undefined instead of empty string as passphrase
- newPassphrase = (options.newPassphrase) ? options.newPassphrase : undefined;
+ // set undefined instead of empty string as passphrase
+ newPassphrase = (options.newPassphrase) ? options.newPassphrase : undefined;
- if (!options.privateKeyArmored) {
- callback(new Error('Private key must be specified to change passphrase!'));
- return;
- }
+ if (!options.privateKeyArmored) {
+ callback(new Error('Private key must be specified to change passphrase!'));
+ return;
+ }
- if (options.oldPassphrase === newPassphrase ||
- (!options.oldPassphrase && !newPassphrase)) {
- callback(new Error('New and old passphrase are the same!'));
- return;
- }
+ if (options.oldPassphrase === newPassphrase ||
+ (!options.oldPassphrase && !newPassphrase)) {
+ callback(new Error('New and old passphrase are the same!'));
+ return;
+ }
- // read armored key
- try {
- privKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
- } catch (e) {
- callback(new Error('Importing key failed. Parsing error!'));
- return;
- }
+ // read armored key
+ try {
+ privKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
+ } catch (e) {
+ callback(new Error('Importing key failed. Parsing error!'));
+ return;
+ }
- // decrypt private key with passphrase
- if (!privKey.decrypt(options.oldPassphrase)) {
- callback(new Error('Old passphrase incorrect!'));
- return;
- }
+ // decrypt private key with passphrase
+ if (!privKey.decrypt(options.oldPassphrase)) {
+ callback(new Error('Old passphrase incorrect!'));
+ return;
+ }
- // encrypt key with new passphrase
- try {
- packets = privKey.getAllKeyPackets();
- for (var i = 0; i < packets.length; i++) {
- packets[i].encrypt(newPassphrase);
- }
- newKeyArmored = privKey.armor();
- } catch (e) {
- callback(new Error('Setting new passphrase failed!'));
- return;
+ // encrypt key with new passphrase
+ try {
+ packets = privKey.getAllKeyPackets();
+ for (var i = 0; i < packets.length; i++) {
+ packets[i].encrypt(newPassphrase);
}
+ newKeyArmored = privKey.armor();
+ } catch (e) {
+ callback(new Error('Setting new passphrase failed!'));
+ return;
+ }
- // check if new passphrase really works
- if (!privKey.decrypt(newPassphrase)) {
- callback(new Error('Decrypting key with new passphrase failed!'));
- return;
- }
+ // check if new passphrase really works
+ if (!privKey.decrypt(newPassphrase)) {
+ callback(new Error('Decrypting key with new passphrase failed!'));
+ return;
+ }
- callback(null, newKeyArmored);
- };
+ callback(null, newKeyArmored);
+};
- /**
- * Encrypt and sign a pgp message for a list of receivers
- */
- PGP.prototype.encrypt = function(plaintext, publicKeysArmored, callback) {
- var publicKeys;
+/**
+ * Encrypt and sign a pgp message for a list of receivers
+ */
+PGP.prototype.encrypt = function(plaintext, publicKeysArmored, callback) {
+ var publicKeys;
- // check keys
- if (!this._privateKey) {
- callback(new Error('Error encrypting. Keys must be set!'));
- return;
- }
+ // check keys
+ if (!this._privateKey) {
+ callback(new Error('Error encrypting. Keys must be set!'));
+ return;
+ }
- // parse armored public keys
- try {
- if (publicKeysArmored && publicKeysArmored.length) {
- publicKeys = [];
- publicKeysArmored.forEach(function(pubkeyArmored) {
- publicKeys = publicKeys.concat(openpgp.key.readArmored(pubkeyArmored).keys);
- });
- }
- } catch (err) {
- callback(new Error('Error encrypting plaintext!'));
- return;
+ // parse armored public keys
+ try {
+ if (publicKeysArmored && publicKeysArmored.length) {
+ publicKeys = [];
+ publicKeysArmored.forEach(function(pubkeyArmored) {
+ publicKeys = publicKeys.concat(openpgp.key.readArmored(pubkeyArmored).keys);
+ });
}
+ } catch (err) {
+ callback(new Error('Error encrypting plaintext!'));
+ return;
+ }
- if (publicKeys) {
- // encrypt and sign the plaintext
- openpgp.signAndEncryptMessage(publicKeys, this._privateKey, plaintext, callback);
+ if (publicKeys) {
+ // encrypt and sign the plaintext
+ openpgp.signAndEncryptMessage(publicKeys, this._privateKey, plaintext, callback);
+ } else {
+ // if no public keys are available encrypt for myself
+ openpgp.signAndEncryptMessage([this._publicKey], this._privateKey, plaintext, callback);
+ }
+};
+
+/**
+ * Decrypts a ciphertext
+ * @param {String} ciphertext The encrypted PGP message block
+ * @param {String} publicKeyArmored The public key used to sign the message
+ * @param {Function} callback(error, plaintext, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
+ */
+PGP.prototype.decrypt = function(ciphertext, publicKeyArmored, callback) {
+ var publicKeys, message;
+
+ // check keys
+ if (!this._privateKey) {
+ callback(new Error('Error decrypting. Keys must be set!'));
+ return;
+ }
+
+ // read keys and ciphertext message
+ try {
+ if (publicKeyArmored) {
+ // parse public keys if available ...
+ publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
} else {
- // if no public keys are available encrypt for myself
- openpgp.signAndEncryptMessage([this._publicKey], this._privateKey, plaintext, callback);
+ // use own public key to know if signatures are available
+ publicKeys = [this._publicKey];
}
- };
+ message = openpgp.message.readArmored(ciphertext);
+ } catch (err) {
+ callback(new Error('Error parsing encrypted PGP message!'));
+ return;
+ }
- /**
- * Decrypts a ciphertext
- * @param {String} ciphertext The encrypted PGP message block
- * @param {String} publicKeyArmored The public key used to sign the message
- * @param {Function} callback(error, plaintext, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
- */
- PGP.prototype.decrypt = function(ciphertext, publicKeyArmored, callback) {
- var publicKeys, message;
-
- // check keys
- if (!this._privateKey) {
- callback(new Error('Error decrypting. Keys must be set!'));
- return;
- }
+ // decrypt and verify pgp message
+ openpgp.decryptAndVerifyMessage(this._privateKey, publicKeys, message, onDecrypted);
- // read keys and ciphertext message
- try {
- if (publicKeyArmored) {
- // parse public keys if available ...
- publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
- } else {
- // use own public key to know if signatures are available
- publicKeys = [this._publicKey];
- }
- message = openpgp.message.readArmored(ciphertext);
- } catch (err) {
- callback(new Error('Error parsing encrypted PGP message!'));
+ function onDecrypted(err, decrypted) {
+ if (err) {
+ callback(new Error('Error decrypting and verifying PGP message!'));
return;
}
- // decrypt and verify pgp message
- openpgp.decryptAndVerifyMessage(this._privateKey, publicKeys, message, onDecrypted);
-
- function onDecrypted(err, decrypted) {
- if (err) {
- callback(new Error('Error decrypting and verifying PGP message!'));
- return;
- }
+ // return decrypted plaintext
+ callback(null, decrypted.text, checkSignatureValidity(decrypted.signatures));
+ }
+};
- // return decrypted plaintext
- callback(null, decrypted.text, checkSignatureValidity(decrypted.signatures));
- }
- };
+/**
+ * Verifies a clearsigned message
+ * @param {String} clearSignedText The clearsigned text, usually from a signed pgp/inline message
+ * @param {String} publicKeyArmored The public key used to signed the message
+ * @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
+ */
+PGP.prototype.verifyClearSignedMessage = function(clearSignedText, publicKeyArmored, callback) {
+ var publicKeys,
+ message;
+
+ // check keys
+ if (!this._privateKey) {
+ callback(new Error('Error verifying signed PGP message. Keys must be set!'));
+ return;
+ }
- /**
- * Verifies a clearsigned message
- * @param {String} clearSignedText The clearsigned text, usually from a signed pgp/inline message
- * @param {String} publicKeyArmored The public key used to signed the message
- * @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
- */
- PGP.prototype.verifyClearSignedMessage = function(clearSignedText, publicKeyArmored, callback) {
- var publicKeys,
- message;
-
- // check keys
- if (!this._privateKey) {
- callback(new Error('Error verifying signed PGP message. Keys must be set!'));
- return;
+ // read keys and ciphertext message
+ try {
+ if (publicKeyArmored) {
+ // parse public keys if available ...
+ publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
+ } else {
+ // use own public key to know if signatures are available
+ publicKeys = [this._publicKey];
}
+ message = openpgp.cleartext.readArmored(clearSignedText);
+ } catch (err) {
+ callback(new Error('Error verifying signed PGP message!'));
+ return;
+ }
- // read keys and ciphertext message
- try {
- if (publicKeyArmored) {
- // parse public keys if available ...
- publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
- } else {
- // use own public key to know if signatures are available
- publicKeys = [this._publicKey];
- }
- message = openpgp.cleartext.readArmored(clearSignedText);
- } catch (err) {
- callback(new Error('Error verifying signed PGP message!'));
+ openpgp.verifyClearSignedMessage(publicKeys, message, function(err, result) {
+ if (err) {
+ callback(new Error('Error verifying PGP message!'));
return;
}
- openpgp.verifyClearSignedMessage(publicKeys, message, function(err, result) {
- if (err) {
- callback(new Error('Error verifying PGP message!'));
- return;
- }
+ callback(null, checkSignatureValidity(result.signatures));
+ });
+};
- callback(null, checkSignatureValidity(result.signatures));
- });
- };
+/**
+ * Verifies a message with a detached signature
+ * @param {String} message The signed text, usually from a signed pgp/mime message
+ * @param {String} pgpSignature The detached signature, usually from a signed pgp/mime message
+ * @param {String} publicKeyArmored The public key used to signed the message
+ * @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
+ */
+PGP.prototype.verifySignedMessage = function(message, pgpSignature, publicKeyArmored, callback) {
+ var publicKeys;
- /**
- * Verifies a message with a detached signature
- * @param {String} message The signed text, usually from a signed pgp/mime message
- * @param {String} pgpSignature The detached signature, usually from a signed pgp/mime message
- * @param {String} publicKeyArmored The public key used to signed the message
- * @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
- */
- PGP.prototype.verifySignedMessage = function(message, pgpSignature, publicKeyArmored, callback) {
- var publicKeys;
-
- // check keys
- if (!this._privateKey) {
- callback(new Error('Error verifying signed PGP message. Keys must be set!'));
- return;
- }
+ // check keys
+ if (!this._privateKey) {
+ callback(new Error('Error verifying signed PGP message. Keys must be set!'));
+ return;
+ }
- // read keys and ciphertext message
- try {
- if (publicKeyArmored) {
- // parse public keys if available ...
- publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
- } else {
- // use own public key to know if signatures are available
- publicKeys = [this._publicKey];
- }
- } catch (err) {
- callback(new Error('Error verifying signed PGP message!'));
- return;
+ // read keys and ciphertext message
+ try {
+ if (publicKeyArmored) {
+ // parse public keys if available ...
+ publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
+ } else {
+ // use own public key to know if signatures are available
+ publicKeys = [this._publicKey];
}
+ } catch (err) {
+ callback(new Error('Error verifying signed PGP message!'));
+ return;
+ }
- var signatures;
- try {
- var msg = openpgp.message.readSignedContent(message, pgpSignature);
- signatures = msg.verify(publicKeys);
- } catch (err) {
- callback(new Error('Error verifying signed PGP message!'));
- return;
- }
+ var signatures;
+ try {
+ var msg = openpgp.message.readSignedContent(message, pgpSignature);
+ signatures = msg.verify(publicKeys);
+ } catch (err) {
+ callback(new Error('Error verifying signed PGP message!'));
+ return;
+ }
- callback(null, checkSignatureValidity(signatures));
- };
+ callback(null, checkSignatureValidity(signatures));
+};
- /**
- * Checks signature validity
- * @param {Object} decrypted OpenPGP.js Signature array
- * @return {undefined|null|true|false}
- * If signatures array is empty (the message was not signed), returns undefined
- * If you're using the wrong public key, returns null.
- * If signatures are invalid, returns false.
- * If everything is in order, returns true
- */
- function checkSignatureValidity(signatures) {
- if (!signatures.length) {
- // signatures array is empty (the message was not signed)
- return;
- }
+/**
+ * Checks signature validity
+ * @param {Object} decrypted OpenPGP.js Signature array
+ * @return {undefined|null|true|false}
+ * If signatures array is empty (the message was not signed), returns undefined
+ * If you're using the wrong public key, returns null.
+ * If signatures are invalid, returns false.
+ * If everything is in order, returns true
+ */
+function checkSignatureValidity(signatures) {
+ if (!signatures.length) {
+ // signatures array is empty (the message was not signed)
+ return;
+ }
- for (var i = 0; i < signatures.length; i++) {
- if (signatures[i].valid !== true) { // null | false
- // you're using the wrong public key or signatures are invalid
- return signatures[i].valid;
- }
+ for (var i = 0; i < signatures.length; i++) {
+ if (signatures[i].valid !== true) { // null | false
+ // you're using the wrong public key or signatures are invalid
+ return signatures[i].valid;
}
-
- // everything is in order
- return true;
}
- return PGP;
-});
\ No newline at end of file
+ // everything is in order
+ return true;
+}
+
+module.exports = PGP;
\ No newline at end of file
diff --git a/src/js/dao/admin-dao.js b/src/js/dao/admin-dao.js
index dfd7d4f..9209c3b 100644
--- a/src/js/dao/admin-dao.js
+++ b/src/js/dao/admin-dao.js
@@ -1,63 +1,61 @@
-define(function() {
- 'use strict';
-
- var AdminDAO = function(restDao) {
- this._restDao = restDao;
- };
-
- /**
- * Create a new email account.
- * @param {String} options.emailAddress The desired email address
- * @param {String} options.password The password to be used for the account.
- * @param {String} options.phone The user's mobile phone number (required for verification and password reset).
- * @param {Function} callback(error)
- */
- AdminDAO.prototype.createUser = function(options, callback) {
- var uri;
-
- if (!options.emailAddress || !options.password || !options.phone) {
- callback(new Error('Incomplete arguments!'));
+'use strict';
+
+var AdminDAO = function(restDao) {
+ this._restDao = restDao;
+};
+
+/**
+ * Create a new email account.
+ * @param {String} options.emailAddress The desired email address
+ * @param {String} options.password The password to be used for the account.
+ * @param {String} options.phone The user's mobile phone number (required for verification and password reset).
+ * @param {Function} callback(error)
+ */
+AdminDAO.prototype.createUser = function(options, callback) {
+ var uri;
+
+ if (!options.emailAddress || !options.password || !options.phone) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/user';
+ this._restDao.post(options, uri, function(err) {
+ if (err && err.code === 409) {
+ callback(new Error('User name is already taken!'));
+ return;
+ } else if (err) {
+ callback(new Error('Error creating new user!'));
return;
}
- uri = '/user';
- this._restDao.post(options, uri, function(err) {
- if (err && err.code === 409) {
- callback(new Error('User name is already taken!'));
- return;
- } else if (err) {
- callback(new Error('Error creating new user!'));
- return;
- }
-
+ callback();
+ });
+};
+
+/**
+ * Verify a user's phone number by confirming a token to the server.
+ * @param {String} options.emailAddress The desired email address
+ * @param {String} options.token The validation token.
+ * @param {Function} callback(error)
+ */
+AdminDAO.prototype.validateUser = function(options, callback) {
+ var uri;
+
+ if (!options.emailAddress || !options.token) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/user/validate';
+ this._restDao.post(options, uri, function(err) {
+ if (!err || (err && err.code === 202)) {
+ // success
callback();
- });
- };
-
- /**
- * Verify a user's phone number by confirming a token to the server.
- * @param {String} options.emailAddress The desired email address
- * @param {String} options.token The validation token.
- * @param {Function} callback(error)
- */
- AdminDAO.prototype.validateUser = function(options, callback) {
- var uri;
-
- if (!options.emailAddress || !options.token) {
- callback(new Error('Incomplete arguments!'));
- return;
+ } else {
+ callback(new Error('Validation failed!'));
}
+ });
+};
- uri = '/user/validate';
- this._restDao.post(options, uri, function(err) {
- if (!err || (err && err.code === 202)) {
- // success
- callback();
- } else {
- callback(new Error('Validation failed!'));
- }
- });
- };
-
- return AdminDAO;
-});
\ No newline at end of file
+module.exports = AdminDAO;
\ No newline at end of file
diff --git a/src/js/dao/devicestorage-dao.js b/src/js/dao/devicestorage-dao.js
index 9522ead..8acb14d 100644
--- a/src/js/dao/devicestorage-dao.js
+++ b/src/js/dao/devicestorage-dao.js
@@ -1,97 +1,93 @@
/**
- * High level storage api that handles all persistence on the device. If
- * SQLcipher/SQLite is available, all data is securely persisted there,
- * through transparent encryption. If not, the crypto API is
- * used to encrypt data on the fly before persisting via a JSON store.
+ * High level storage api that handles all persistence on the device.
*/
-define(function() {
- 'use strict';
-
- var DeviceStorageDAO = function(localDbDao) {
- this._localDbDao = localDbDao;
- };
-
- DeviceStorageDAO.prototype.init = function(emailAddress, callback) {
- this._localDbDao.init(emailAddress, callback);
- };
-
- /**
- * Stores a list of encrypted items in the object store
- * @param list [Array] The list of items to be persisted
- * @param type [String] The type of item to be persisted e.g. 'email'
- */
- DeviceStorageDAO.prototype.storeList = function(list, type, callback) {
- var key, items = [];
-
- // nothing to store
- if (!list || list.length === 0) {
- callback();
- return;
- }
- // validate type
- if (!type) {
- callback({
- errMsg: 'Type is not set!'
- });
- return;
- }
-
- // format items for batch storing in dao
- list.forEach(function(i) {
- key = createKey(i, type);
-
- items.push({
- key: key,
- object: i
- });
+
+'use strict';
+
+var DeviceStorageDAO = function(localDbDao) {
+ this._localDbDao = localDbDao;
+};
+
+DeviceStorageDAO.prototype.init = function(emailAddress, callback) {
+ this._localDbDao.init(emailAddress, callback);
+};
+
+/**
+ * Stores a list of encrypted items in the object store
+ * @param list [Array] The list of items to be persisted
+ * @param type [String] The type of item to be persisted e.g. 'email'
+ */
+DeviceStorageDAO.prototype.storeList = function(list, type, callback) {
+ var key, items = [];
+
+ // nothing to store
+ if (!list || list.length === 0) {
+ callback();
+ return;
+ }
+ // validate type
+ if (!type) {
+ callback({
+ errMsg: 'Type is not set!'
+ });
+ return;
+ }
+
+ // format items for batch storing in dao
+ list.forEach(function(i) {
+ key = createKey(i, type);
+
+ items.push({
+ key: key,
+ object: i
});
+ });
+
+ this._localDbDao.batch(items, callback);
+};
- this._localDbDao.batch(items, callback);
- };
-
- /**
- * Deletes items of a certain type from storage
- */
- DeviceStorageDAO.prototype.removeList = function(type, callback) {
- this._localDbDao.removeList(type, callback);
- };
-
- /**
- * List stored items of a given type
- * @param type [String] The type of item e.g. 'email'
- * @param offset [Number] The offset of items to fetch (0 is the last stored item)
- * @param num [Number] The number of items to fetch (null means fetch all)
- */
- DeviceStorageDAO.prototype.listItems = function(type, offset, num, callback) {
- // fetch all items of a certain type from the data-store
- this._localDbDao.list(type, offset, num, callback);
- };
-
- /**
- * Clear the whole device data-store
- */
- DeviceStorageDAO.prototype.clear = function(callback) {
- this._localDbDao.clear(callback);
- };
-
- //
- // helper functions
- //
-
- function createKey(i, type) {
- var key;
-
- // put uid in key if available... for easy querying
- if (i.uid) {
- key = type + '_' + i.uid;
- } else if (i.id) {
- key = type + '_' + i.id;
- } else {
- key = type;
- }
-
- return key;
+/**
+ * Deletes items of a certain type from storage
+ */
+DeviceStorageDAO.prototype.removeList = function(type, callback) {
+ this._localDbDao.removeList(type, callback);
+};
+
+/**
+ * List stored items of a given type
+ * @param type [String] The type of item e.g. 'email'
+ * @param offset [Number] The offset of items to fetch (0 is the last stored item)
+ * @param num [Number] The number of items to fetch (null means fetch all)
+ */
+DeviceStorageDAO.prototype.listItems = function(type, offset, num, callback) {
+ // fetch all items of a certain type from the data-store
+ this._localDbDao.list(type, offset, num, callback);
+};
+
+/**
+ * Clear the whole device data-store
+ */
+DeviceStorageDAO.prototype.clear = function(callback) {
+ this._localDbDao.clear(callback);
+};
+
+//
+// helper functions
+//
+
+function createKey(i, type) {
+ var key;
+
+ // put uid in key if available... for easy querying
+ if (i.uid) {
+ key = type + '_' + i.uid;
+ } else if (i.id) {
+ key = type + '_' + i.id;
+ } else {
+ key = type;
}
- return DeviceStorageDAO;
-});
\ No newline at end of file
+ return key;
+}
+
+module.exports = DeviceStorageDAO;
\ No newline at end of file
diff --git a/src/js/dao/email-dao.js b/src/js/dao/email-dao.js
index 3207882..a64d3b1 100644
--- a/src/js/dao/email-dao.js
+++ b/src/js/dao/email-dao.js
@@ -1,190 +1,224 @@
-define(function(require) {
- 'use strict';
-
- var util = require('js/crypto/util'),
- _ = require('underscore'),
- config = require('js/app-config').config,
- str = require('js/app-config').string;
-
-
- //
- //
- // Constants
- //
- //
-
- var FOLDER_DB_TYPE = 'folders';
-
- var SYNC_TYPE_NEW = 'new';
- var SYNC_TYPE_DELETED = 'deleted';
- var SYNC_TYPE_MSGS = 'messages';
-
- var FOLDER_TYPE_INBOX = 'Inbox';
- var FOLDER_TYPE_SENT = 'Sent';
- var FOLDER_TYPE_DRAFTS = 'Drafts';
- var FOLDER_TYPE_TRASH = 'Trash';
-
- var MSG_ATTR_UID = 'uid';
- var MSG_PART_ATTR_CONTENT = 'content';
- var MSG_PART_TYPE_ATTACHMENT = 'attachment';
- var MSG_PART_TYPE_ENCRYPTED = 'encrypted';
- var MSG_PART_TYPE_SIGNED = 'signed';
- var MSG_PART_TYPE_TEXT = 'text';
- var MSG_PART_TYPE_HTML = 'html';
-
- //
- //
- // Email Dao
- //
- //
-
- /**
- * High-level data access object that orchestrates everything around the handling of encrypted mails:
- * PGP de-/encryption, receiving via IMAP, sending via SMTP, MIME parsing, local db persistence
- *
- * @param {Object} keychain The keychain DAO handles keys transparently
- * @param {Object} pgp Orchestrates decryption
- * @param {Object} devicestorage Handles persistence to the local indexed db
- * @param {Object} pgpbuilder Generates and encrypts MIME and SMTP messages
- * @param {Object} mailreader Parses MIME messages received from IMAP
- */
- var EmailDAO = function(keychain, pgp, devicestorage, pgpbuilder, mailreader) {
- this._keychain = keychain;
- this._pgp = pgp;
- this._devicestorage = devicestorage;
- this._pgpbuilder = pgpbuilder;
- this._mailreader = mailreader;
- };
-
-
- //
- //
- // Public API
- //
- //
-
-
- /**
- * Initializes the email dao:
- * - validates the email address
- * - retrieves the user's key pair (if available)
- * - initializes _account.folders with the content from memory
- *
- * @param {Object} options.account The account
- * @param {String} options.account.emailAddress The user's id
- * @param {Function} callback(error, keypair) Invoked with the keypair or error information when the email dao is initialized
- */
- EmailDAO.prototype.init = function(options, callback) {
- var self = this,
- keypair;
+'use strict';
+
+var util = require('crypto-lib').util,
+ config = require('../app-config').config,
+ str = require('../app-config').string;
+
+//
+//
+// Constants
+//
+//
+
+var FOLDER_DB_TYPE = 'folders';
+
+var SYNC_TYPE_NEW = 'new';
+var SYNC_TYPE_DELETED = 'deleted';
+var SYNC_TYPE_MSGS = 'messages';
+
+var FOLDER_TYPE_INBOX = 'Inbox';
+var FOLDER_TYPE_SENT = 'Sent';
+var FOLDER_TYPE_DRAFTS = 'Drafts';
+var FOLDER_TYPE_TRASH = 'Trash';
+
+var MSG_ATTR_UID = 'uid';
+var MSG_PART_ATTR_CONTENT = 'content';
+var MSG_PART_TYPE_ATTACHMENT = 'attachment';
+var MSG_PART_TYPE_ENCRYPTED = 'encrypted';
+var MSG_PART_TYPE_SIGNED = 'signed';
+var MSG_PART_TYPE_TEXT = 'text';
+var MSG_PART_TYPE_HTML = 'html';
+
+//
+//
+// Email Dao
+//
+//
+
+/**
+ * High-level data access object that orchestrates everything around the handling of encrypted mails:
+ * PGP de-/encryption, receiving via IMAP, sending via SMTP, MIME parsing, local db persistence
+ *
+ * @param {Object} keychain The keychain DAO handles keys transparently
+ * @param {Object} pgp Orchestrates decryption
+ * @param {Object} devicestorage Handles persistence to the local indexed db
+ * @param {Object} pgpbuilder Generates and encrypts MIME and SMTP messages
+ * @param {Object} mailreader Parses MIME messages received from IMAP
+ */
+var EmailDAO = function(keychain, pgp, devicestorage, pgpbuilder, mailreader) {
+ this._keychain = keychain;
+ this._pgp = pgp;
+ this._devicestorage = devicestorage;
+ this._pgpbuilder = pgpbuilder;
+ this._mailreader = mailreader;
+};
+
+
+//
+//
+// Public API
+//
+//
+
+
+/**
+ * Initializes the email dao:
+ * - validates the email address
+ * - retrieves the user's key pair (if available)
+ * - initializes _account.folders with the content from memory
+ *
+ * @param {Object} options.account The account
+ * @param {String} options.account.emailAddress The user's id
+ * @param {Function} callback(error, keypair) Invoked with the keypair or error information when the email dao is initialized
+ */
+EmailDAO.prototype.init = function(options, callback) {
+ var self = this,
+ keypair;
+
+ self._account = options.account;
+ self._account.busy = 0; // triggers the spinner
+ self._account.online = false;
+ self._account.loggingIn = false;
+
+ // validate email address
+ var emailAddress = self._account.emailAddress;
+ if (!util.validateEmailAddress(emailAddress)) {
+ callback({
+ errMsg: 'The user email address must be specified!'
+ });
+ return;
+ }
- self._account = options.account;
- self._account.busy = 0; // triggers the spinner
- self._account.online = false;
- self._account.loggingIn = false;
+ // init keychain and then crypto module
+ initKeychain();
- // validate email address
- var emailAddress = self._account.emailAddress;
- if (!util.validateEmailAddress(emailAddress)) {
- callback({
- errMsg: 'The user email address must be specified!'
- });
- return;
- }
+ function initKeychain() {
+ // call getUserKeyPair to read/sync keypair with devicestorage/cloud
+ self._keychain.getUserKeyPair(emailAddress, function(err, storedKeypair) {
+ if (err) {
+ callback(err);
+ return;
+ }
- // init keychain and then crypto module
- initKeychain();
+ keypair = storedKeypair;
+ initFolders();
+ });
+ }
- function initKeychain() {
- // call getUserKeyPair to read/sync keypair with devicestorage/cloud
- self._keychain.getUserKeyPair(emailAddress, function(err, storedKeypair) {
- if (err) {
- callback(err);
- return;
- }
+ function initFolders() {
+ // try init folders from memory, since imap client not initiated yet
+ self._initFoldersFromDisk(function(err) {
+ // dont handle offline case this time
+ if (err && err.code !== 42) {
+ callback(err);
+ return;
+ }
- keypair = storedKeypair;
- initFolders();
- });
+ callback(null, keypair);
+ });
+ }
+};
+
+/**
+ * Unlocks the keychain by either decrypting an existing private key or generating a new keypair
+ * @param {String} options.passphrase The passphrase to decrypt the private key
+ * @param {Function} callback(error) Invoked when the the keychain is unlocked or when an error occurred buring unlocking
+ */
+EmailDAO.prototype.unlock = function(options, callback) {
+ var self = this;
+
+ if (options.keypair) {
+ // import existing key pair into crypto module
+ handleExistingKeypair(options.keypair);
+ return;
+ }
+
+ // no keypair for is stored for the user... generate a new one
+ self._pgp.generateKeys({
+ emailAddress: self._account.emailAddress,
+ keySize: self._account.asymKeySize,
+ passphrase: options.passphrase
+ }, function(err, generatedKeypair) {
+ if (err) {
+ callback(err);
+ return;
}
- function initFolders() {
- // try init folders from memory, since imap client not initiated yet
- self._initFoldersFromDisk(function(err) {
- // dont handle offline case this time
- if (err && err.code !== 42) {
- callback(err);
- return;
- }
+ handleGenerated(generatedKeypair);
+ });
- callback(null, keypair);
- });
+ function handleExistingKeypair(keypair) {
+ var privKeyParams, pubKeyParams;
+ try {
+ privKeyParams = self._pgp.getKeyParams(keypair.privateKey.encryptedKey);
+ pubKeyParams = self._pgp.getKeyParams(keypair.publicKey.publicKey);
+ } catch (e) {
+ callback(new Error('Error reading key params!'));
+ return;
}
- };
- /**
- * Unlocks the keychain by either decrypting an existing private key or generating a new keypair
- * @param {String} options.passphrase The passphrase to decrypt the private key
- * @param {Function} callback(error) Invoked when the the keychain is unlocked or when an error occurred buring unlocking
- */
- EmailDAO.prototype.unlock = function(options, callback) {
- var self = this;
+ // check if key IDs match
+ if (!keypair.privateKey._id || keypair.privateKey._id !== keypair.publicKey._id || keypair.privateKey._id !== privKeyParams._id || keypair.publicKey._id !== pubKeyParams._id) {
+ callback(new Error('Key IDs dont match!'));
+ return;
+ }
- if (options.keypair) {
- // import existing key pair into crypto module
- handleExistingKeypair(options.keypair);
+ // check that key userIds contain email address of user account
+ var matchingPrivUserId = _.findWhere(privKeyParams.userIds, {
+ emailAddress: self._account.emailAddress
+ });
+ var matchingPubUserId = _.findWhere(pubKeyParams.userIds, {
+ emailAddress: self._account.emailAddress
+ });
+
+ if (!matchingPrivUserId || !matchingPubUserId || keypair.privateKey.userId !== self._account.emailAddress || keypair.publicKey.userId !== self._account.emailAddress) {
+ callback(new Error('User IDs dont match!'));
return;
}
- // no keypair for is stored for the user... generate a new one
- self._pgp.generateKeys({
- emailAddress: self._account.emailAddress,
- keySize: self._account.asymKeySize,
- passphrase: options.passphrase
- }, function(err, generatedKeypair) {
+ // import existing key pair into crypto module
+ self._pgp.importKeys({
+ passphrase: options.passphrase,
+ privateKeyArmored: keypair.privateKey.encryptedKey,
+ publicKeyArmored: keypair.publicKey.publicKey
+ }, function(err) {
if (err) {
callback(err);
return;
}
- handleGenerated(generatedKeypair);
+ // set decrypted privateKey to pgpMailer
+ self._pgpbuilder._privateKey = self._pgp._privateKey;
+ callback();
});
+ }
- function handleExistingKeypair(keypair) {
- var privKeyParams, pubKeyParams;
- try {
- privKeyParams = self._pgp.getKeyParams(keypair.privateKey.encryptedKey);
- pubKeyParams = self._pgp.getKeyParams(keypair.publicKey.publicKey);
- } catch (e) {
- callback(new Error('Error reading key params!'));
- return;
- }
-
- // check if key IDs match
- if (!keypair.privateKey._id || keypair.privateKey._id !== keypair.publicKey._id || keypair.privateKey._id !== privKeyParams._id || keypair.publicKey._id !== pubKeyParams._id) {
- callback(new Error('Key IDs dont match!'));
- return;
- }
-
- // check that key userIds contain email address of user account
- var matchingPrivUserId = _.findWhere(privKeyParams.userIds, {
- emailAddress: self._account.emailAddress
- });
- var matchingPubUserId = _.findWhere(pubKeyParams.userIds, {
- emailAddress: self._account.emailAddress
- });
-
- if (!matchingPrivUserId || !matchingPubUserId || keypair.privateKey.userId !== self._account.emailAddress || keypair.publicKey.userId !== self._account.emailAddress) {
- callback(new Error('User IDs dont match!'));
+ function handleGenerated(generatedKeypair) {
+ // import the new key pair into crypto module
+ self._pgp.importKeys({
+ passphrase: options.passphrase,
+ privateKeyArmored: generatedKeypair.privateKeyArmored,
+ publicKeyArmored: generatedKeypair.publicKeyArmored
+ }, function(err) {
+ if (err) {
+ callback(err);
return;
}
- // import existing key pair into crypto module
- self._pgp.importKeys({
- passphrase: options.passphrase,
- privateKeyArmored: keypair.privateKey.encryptedKey,
- publicKeyArmored: keypair.publicKey.publicKey
- }, function(err) {
+ // persist newly generated keypair
+ var newKeypair = {
+ publicKey: {
+ _id: generatedKeypair.keyId,
+ userId: self._account.emailAddress,
+ publicKey: generatedKeypair.publicKeyArmored
+ },
+ privateKey: {
+ _id: generatedKeypair.keyId,
+ userId: self._account.emailAddress,
+ encryptedKey: generatedKeypair.privateKeyArmored
+ }
+ };
+ self._keychain.putUserKeyPair(newKeypair, function(err) {
if (err) {
callback(err);
return;
@@ -194,382 +228,275 @@ define(function(require) {
self._pgpbuilder._privateKey = self._pgp._privateKey;
callback();
});
- }
-
- function handleGenerated(generatedKeypair) {
- // import the new key pair into crypto module
- self._pgp.importKeys({
- passphrase: options.passphrase,
- privateKeyArmored: generatedKeypair.privateKeyArmored,
- publicKeyArmored: generatedKeypair.publicKeyArmored
- }, function(err) {
- if (err) {
- callback(err);
- return;
- }
-
- // persist newly generated keypair
- var newKeypair = {
- publicKey: {
- _id: generatedKeypair.keyId,
- userId: self._account.emailAddress,
- publicKey: generatedKeypair.publicKeyArmored
- },
- privateKey: {
- _id: generatedKeypair.keyId,
- userId: self._account.emailAddress,
- encryptedKey: generatedKeypair.privateKeyArmored
- }
- };
- self._keychain.putUserKeyPair(newKeypair, function(err) {
- if (err) {
- callback(err);
- return;
- }
-
- // set decrypted privateKey to pgpMailer
- self._pgpbuilder._privateKey = self._pgp._privateKey;
- callback();
- });
- });
- }
- };
-
- /**
- * Opens a folder in IMAP so that we can receive updates for it.
- * Please note that this is a no-op if you try to open the outbox, since it is not an IMAP folder
- * but a virtual folder that only exists on disk.
- *
- * @param {Object} options.folder The folder to be opened
- * @param {Function} callback(error) Invoked when the folder has been opened
- */
- EmailDAO.prototype.openFolder = function(options, callback) {
- var self = this,
- err;
+ });
+ }
+};
+
+/**
+ * Opens a folder in IMAP so that we can receive updates for it.
+ * Please note that this is a no-op if you try to open the outbox, since it is not an IMAP folder
+ * but a virtual folder that only exists on disk.
+ *
+ * @param {Object} options.folder The folder to be opened
+ * @param {Function} callback(error) Invoked when the folder has been opened
+ */
+EmailDAO.prototype.openFolder = function(options, callback) {
+ var self = this,
+ err;
+
+ if (!self._account.online) {
+ err = new Error('Client is currently offline!');
+ err.code = 42;
+ callback(err);
+ return;
+ }
- if (!self._account.online) {
- err = new Error('Client is currently offline!');
- err.code = 42;
- callback(err);
- return;
- }
+ if (options.folder.path === config.outboxMailboxPath) {
+ return;
+ }
- if (options.folder.path === config.outboxMailboxPath) {
+ this._imapClient.selectMailbox({
+ path: options.folder.path
+ }, callback);
+};
+
+/**
+ * Synchronizes a folder's contents from disk to memory, i.e. if
+ * a message has disappeared from the disk, this method will remove it from folder.messages, and
+ * it adds any messages from disk to memory the are not yet in folder.messages
+ *
+ * @param {Object} options.folder The folder to synchronize
+ * @param {Function} callback [description]
+ */
+EmailDAO.prototype.refreshFolder = function(options, callback) {
+ var self = this,
+ folder = options.folder;
+
+ self.busy();
+ folder.messages = folder.messages || [];
+ self._localListMessages({
+ folder: folder
+ }, function(err, storedMessages) {
+ if (err) {
+ done(err);
return;
}
- this._imapClient.selectMailbox({
- path: options.folder.path
- }, callback);
- };
-
- /**
- * Synchronizes a folder's contents from disk to memory, i.e. if
- * a message has disappeared from the disk, this method will remove it from folder.messages, and
- * it adds any messages from disk to memory the are not yet in folder.messages
- *
- * @param {Object} options.folder The folder to synchronize
- * @param {Function} callback [description]
- */
- EmailDAO.prototype.refreshFolder = function(options, callback) {
- var self = this,
- folder = options.folder;
-
- self.busy();
- folder.messages = folder.messages || [];
- self._localListMessages({
- folder: folder
- }, function(err, storedMessages) {
- if (err) {
- done(err);
- return;
+ var storedUids = _.pluck(storedMessages, MSG_ATTR_UID),
+ memoryUids = _.pluck(folder.messages, MSG_ATTR_UID),
+ newUids = _.difference(storedUids, memoryUids), // uids of messages that are not yet in memory
+ removedUids = _.difference(memoryUids, storedUids); // uids of messages that are no longer stored on the disk
+
+ // which messages are new on the disk that are not yet in memory?
+ _.filter(storedMessages, function(msg) {
+ return _.contains(newUids, msg.uid);
+ }).forEach(function(newMessage) {
+ // remove the body parts to not load unnecessary data to memory
+ // however, don't do that for the outbox. load the full message there.
+ if (folder.path !== config.outboxMailboxPath) {
+ delete newMessage.bodyParts;
}
- var storedUids = _.pluck(storedMessages, MSG_ATTR_UID),
- memoryUids = _.pluck(folder.messages, MSG_ATTR_UID),
- newUids = _.difference(storedUids, memoryUids), // uids of messages that are not yet in memory
- removedUids = _.difference(memoryUids, storedUids); // uids of messages that are no longer stored on the disk
-
- // which messages are new on the disk that are not yet in memory?
- _.filter(storedMessages, function(msg) {
- return _.contains(newUids, msg.uid);
- }).forEach(function(newMessage) {
- // remove the body parts to not load unnecessary data to memory
- // however, don't do that for the outbox. load the full message there.
- if (folder.path !== config.outboxMailboxPath) {
- delete newMessage.bodyParts;
- }
+ folder.messages.push(newMessage);
+ });
- folder.messages.push(newMessage);
- });
+ // which messages are no longer on disk, i.e. have been removed/sent/...
+ _.filter(folder.messages, function(msg) {
+ return _.contains(removedUids, msg.uid);
+ }).forEach(function(removedMessage) {
+ // remove the message
+ var index = folder.messages.indexOf(removedMessage);
+ folder.messages.splice(index, 1);
+ });
- // which messages are no longer on disk, i.e. have been removed/sent/...
- _.filter(folder.messages, function(msg) {
- return _.contains(removedUids, msg.uid);
- }).forEach(function(removedMessage) {
- // remove the message
- var index = folder.messages.indexOf(removedMessage);
- folder.messages.splice(index, 1);
- });
+ done();
+ });
- done();
+ function done(err) {
+ self.done(); // stop the spinner
+ updateUnreadCount(folder); // update the unread count
+ callback(err);
+ }
+};
+
+/**
+ * Fetches a message's headers from IMAP.
+ *
+ * NB! If we fetch a message whose subject line correspond's to that of a verification message,
+ * we try to verify that, and if that worked, we delete the verified message from IMAP.
+ *
+ * @param {Object} options.folder The folder for which to fetch the message
+ * @param {Function} callback(error) Invoked when the message is persisted and added to folder.messages
+ */
+EmailDAO.prototype.fetchMessages = function(options, callback) {
+ var self = this,
+ folder = options.folder;
+
+ self.busy();
+
+ if (!self._account.online) {
+ done({
+ errMsg: 'Client is currently offline!',
+ code: 42
});
+ return;
+ }
- function done(err) {
- self.done(); // stop the spinner
- updateUnreadCount(folder); // update the unread count
- callback(err);
+ // list the messages starting from the lowest new uid to the highest new uid
+ self._imapListMessages(options, function(err, messages) {
+ if (err) {
+ done(err);
+ return;
}
- };
- /**
- * Fetches a message's headers from IMAP.
- *
- * NB! If we fetch a message whose subject line correspond's to that of a verification message,
- * we try to verify that, and if that worked, we delete the verified message from IMAP.
- *
- * @param {Object} options.folder The folder for which to fetch the message
- * @param {Function} callback(error) Invoked when the message is persisted and added to folder.messages
- */
- EmailDAO.prototype.fetchMessages = function(options, callback) {
- var self = this,
- folder = options.folder;
+ // if there are verification messages in the synced messages, handle it
+ var verificationMessages = _.filter(messages, function(message) {
+ return message.subject === str.verificationSubject;
+ });
- self.busy();
+ // if there are verification messages, continue after we've tried to verify
+ if (verificationMessages.length > 0) {
+ var after = _.after(verificationMessages.length, storeHeaders);
- if (!self._account.online) {
- done({
- errMsg: 'Client is currently offline!',
- code: 42
+ verificationMessages.forEach(function(verificationMessage) {
+ handleVerification(verificationMessage, function(err, isValid) {
+ // if it was NOT a valid verification mail, do nothing
+ // if an error occurred and the mail was a valid verification mail,
+ // keep the mail in the list so the user can see it and verify manually
+ if (!isValid || err) {
+ after();
+ return;
+ }
+
+ // if verification worked, we remove the mail from the list.
+ messages.splice(messages.indexOf(verificationMessage), 1);
+ after();
+ });
});
return;
}
- // list the messages starting from the lowest new uid to the highest new uid
- self._imapListMessages(options, function(err, messages) {
- if (err) {
- done(err);
- return;
- }
+ // no verification messages, just proceed as usual
+ storeHeaders();
- // if there are verification messages in the synced messages, handle it
- var verificationMessages = _.filter(messages, function(message) {
- return message.subject === str.verificationSubject;
- });
-
- // if there are verification messages, continue after we've tried to verify
- if (verificationMessages.length > 0) {
- var after = _.after(verificationMessages.length, storeHeaders);
-
- verificationMessages.forEach(function(verificationMessage) {
- handleVerification(verificationMessage, function(err, isValid) {
- // if it was NOT a valid verification mail, do nothing
- // if an error occurred and the mail was a valid verification mail,
- // keep the mail in the list so the user can see it and verify manually
- if (!isValid || err) {
- after();
- return;
- }
-
- // if verification worked, we remove the mail from the list.
- messages.splice(messages.indexOf(verificationMessage), 1);
- after();
- });
- });
+ function storeHeaders() {
+ if (_.isEmpty(messages)) {
+ // nothing to do, we're done here
+ done();
return;
}
- // no verification messages, just proceed as usual
- storeHeaders();
-
- function storeHeaders() {
- if (_.isEmpty(messages)) {
- // nothing to do, we're done here
- done();
+ // persist the encrypted message to the local storage
+ self._localStoreMessages({
+ folder: folder,
+ emails: messages
+ }, function(err) {
+ if (err) {
+ done(err);
return;
}
- // persist the encrypted message to the local storage
- self._localStoreMessages({
- folder: folder,
- emails: messages
- }, function(err) {
- if (err) {
- done(err);
- return;
- }
-
- // this enables us to already show the attachment clip in the message list ui
- messages.forEach(function(message) {
- message.attachments = message.bodyParts.filter(function(bodyPart) {
- return bodyPart.type === MSG_PART_TYPE_ATTACHMENT;
- });
+ // this enables us to already show the attachment clip in the message list ui
+ messages.forEach(function(message) {
+ message.attachments = message.bodyParts.filter(function(bodyPart) {
+ return bodyPart.type === MSG_PART_TYPE_ATTACHMENT;
});
-
- [].unshift.apply(folder.messages, messages); // add the new messages to the folder
- updateUnreadCount(folder); // update the unread count
-
- // notify about new messages only for the inbox
- if (folder.type === FOLDER_TYPE_INBOX) {
- self.onIncomingMessage(messages);
- }
- done();
});
- }
- });
- function done(err) {
- self.done(); // stop the spinner
- callback(err);
- }
+ [].unshift.apply(folder.messages, messages); // add the new messages to the folder
+ updateUnreadCount(folder); // update the unread count
- // Handles verification of public keys, deletion of messages with verified keys
- function handleVerification(message, localCallback) {
- self._getBodyParts({
- folder: folder,
- uid: message.uid,
- bodyParts: message.bodyParts
- }, function(error, parsedBodyParts) {
- // we could not stream the text to determine if the verification was valid or not
- // so handle it as if it were valid
- if (error) {
- localCallback(error, true);
- return;
+ // notify about new messages only for the inbox
+ if (folder.type === FOLDER_TYPE_INBOX) {
+ self.onIncomingMessage(messages);
}
-
- var body = _.pluck(filterBodyParts(parsedBodyParts, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n'),
- verificationUrlPrefix = config.cloudUrl + config.verificationUrl,
- uuid = body.split(verificationUrlPrefix).pop().substr(0, config.verificationUuidLength),
- uuidRegex = /[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/;
-
- // there's no valid uuid in the message, so forget about it
- if (!uuidRegex.test(uuid)) {
- localCallback(null, false);
- return;
- }
-
- // there's a valid uuid in the message, so try to verify it
- self._keychain.verifyPublicKey(uuid, function(err) {
- if (err) {
- localCallback({
- errMsg: 'Verifying your public key failed: ' + err.errMsg
- }, true);
- return;
- }
-
- // public key has been verified, delete the message
- self._imapDeleteMessage({
- folder: folder,
- uid: message.uid
- }, function() {
- // if we could successfully not delete the message or not doesn't matter.
- // just don't show it in whiteout and keep quiet about it
- localCallback(null, true);
- });
- });
+ done();
});
}
- };
+ });
- /**
- * Delete a message from IMAP, disk and folder.messages.
- *
- * Please note that this deletes from disk only if you delete from the outbox,
- * since it is not an IMAP folder but a virtual folder that only exists on disk.
- *
- * @param {Object} options.folder The folder from which to delete the messages
- * @param {Object} options.message The message that should be deleted
- * @param {Boolean} options.localOnly Indicated if the message should not be removed from IMAP
- * @param {Function} callback(error) Invoked when the message was delete, or an error occurred
- */
- EmailDAO.prototype.deleteMessage = function(options, callback) {
- var self = this,
- folder = options.folder,
- message = options.message;
-
- self.busy();
-
- folder.messages.splice(folder.messages.indexOf(message), 1);
+ function done(err) {
+ self.done(); // stop the spinner
+ callback(err);
+ }
- // delete only locally
- if (options.localOnly || options.folder.path === config.outboxMailboxPath) {
- deleteLocal();
- return;
- }
+ // Handles verification of public keys, deletion of messages with verified keys
+ function handleVerification(message, localCallback) {
+ self._getBodyParts({
+ folder: folder,
+ uid: message.uid,
+ bodyParts: message.bodyParts
+ }, function(error, parsedBodyParts) {
+ // we could not stream the text to determine if the verification was valid or not
+ // so handle it as if it were valid
+ if (error) {
+ localCallback(error, true);
+ return;
+ }
- deleteImap();
+ var body = _.pluck(filterBodyParts(parsedBodyParts, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n'),
+ verificationUrlPrefix = config.cloudUrl + config.verificationUrl,
+ uuid = body.split(verificationUrlPrefix).pop().substr(0, config.verificationUuidLength),
+ uuidRegex = /[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/;
- function deleteImap() {
- if (!self._account.online) {
- // no action if we're not online
- done({
- errMsg: 'Client is currently offline!',
- code: 42
- });
+ // there's no valid uuid in the message, so forget about it
+ if (!uuidRegex.test(uuid)) {
+ localCallback(null, false);
return;
}
- // delete from IMAP
- self._imapDeleteMessage({
- folder: folder,
- uid: message.uid
- }, function(err) {
+ // there's a valid uuid in the message, so try to verify it
+ self._keychain.verifyPublicKey(uuid, function(err) {
if (err) {
- done(err);
+ localCallback({
+ errMsg: 'Verifying your public key failed: ' + err.errMsg
+ }, true);
return;
}
- deleteLocal();
+ // public key has been verified, delete the message
+ self._imapDeleteMessage({
+ folder: folder,
+ uid: message.uid
+ }, function() {
+ // if we could successfully not delete the message or not doesn't matter.
+ // just don't show it in whiteout and keep quiet about it
+ localCallback(null, true);
+ });
});
- }
-
- function deleteLocal() {
- // delete from indexed db
- self._localDeleteMessage({
- folder: folder,
- uid: message.uid
- }, done);
- }
-
- function done(err) {
- self.done(); // stop the spinner
- if (err) {
- folder.messages.unshift(message); // re-add the message to the folder in case of an error
- }
- updateUnreadCount(folder); // update the unread count, if necessary
- callback(err);
- }
- };
-
- /**
- * Updates a message's 'unread' and 'answered' flags
- *
- * Please note if you set flags on disk only if you delete from the outbox,
- * since it is not an IMAP folder but a virtual folder that only exists on disk.
- *
- * @param {[type]} options [description]
- * @param {Function} callback [description]
- */
- EmailDAO.prototype.setFlags = function(options, callback) {
- var self = this,
- folder = options.folder,
- message = options.message;
-
- self.busy(); // start the spinner
+ });
+ }
+};
+
+/**
+ * Delete a message from IMAP, disk and folder.messages.
+ *
+ * Please note that this deletes from disk only if you delete from the outbox,
+ * since it is not an IMAP folder but a virtual folder that only exists on disk.
+ *
+ * @param {Object} options.folder The folder from which to delete the messages
+ * @param {Object} options.message The message that should be deleted
+ * @param {Boolean} options.localOnly Indicated if the message should not be removed from IMAP
+ * @param {Function} callback(error) Invoked when the message was delete, or an error occurred
+ */
+EmailDAO.prototype.deleteMessage = function(options, callback) {
+ var self = this,
+ folder = options.folder,
+ message = options.message;
+
+ self.busy();
+
+ folder.messages.splice(folder.messages.indexOf(message), 1);
+
+ // delete only locally
+ if (options.localOnly || options.folder.path === config.outboxMailboxPath) {
+ deleteLocal();
+ return;
+ }
- // no-op if the message if not present anymore (for whatever reason)
- if (folder.messages.indexOf(message) < 0) {
- self.done(); // stop the spinner
- return;
- }
-
- // don't do a roundtrip to IMAP,
- // especially if you want to mark outbox messages
- if (options.localOnly || options.folder.path === config.outboxMailboxPath) {
- markStorage();
- return;
- }
+ deleteImap();
+ function deleteImap() {
if (!self._account.online) {
// no action if we're not online
done({
@@ -579,1153 +506,1222 @@ define(function(require) {
return;
}
- markImap();
-
- function markImap() {
- // mark a message unread/answered on IMAP
- self._imapMark({
- folder: folder,
- uid: options.message.uid,
- unread: options.message.unread,
- answered: options.message.answered
- }, function(err) {
- if (err) {
- done(err);
- return;
- }
-
- markStorage();
- });
- }
-
- function markStorage() {
- // angular pollutes that data transfer objects with helper properties (e.g. $$hashKey),
- // which we do not want to persist to disk. in order to avoid that, we load the pristine
- // message from disk, change the flags and re-persist it to disk
- self._localListMessages({
- folder: folder,
- uid: options.message.uid,
- }, function(err, storedMessages) {
- if (err) {
- done(err);
- return;
- }
-
- // set the flags
- var storedMessage = storedMessages[0];
- storedMessage.unread = options.message.unread;
- storedMessage.answered = options.message.answered;
- storedMessage.modseq = options.message.modseq || storedMessage.modseq;
-
- // store
- self._localStoreMessages({
- folder: folder,
- emails: [storedMessage]
- }, done);
- });
- }
-
- function done(err) {
- self.done(); // stop the spinner
- updateUnreadCount(folder); // update the unread count
- callback(err);
- }
- };
-
- /**
- * Streams message content
- * @param {Object} options.message The message for which to retrieve the body
- * @param {Object} options.folder The IMAP folder
- * @param {Function} callback(error, message) Invoked when the message is streamed, or provides information if an error occurred
- */
- EmailDAO.prototype.getBody = function(options, callback) {
- var self = this,
- message = options.message,
- folder = options.folder;
-
- // the message either already has a body or is fetching it right now, so no need to become active here
- if (message.loadingBody || typeof message.body !== 'undefined') {
- return;
- }
-
- message.loadingBody = true;
-
- self.busy();
-
- /*
- * read this before inspecting the method!
- *
- * you will wonder about the round trip to the disk where we load the persisted object. there are two reasons for this behavior:
- * 1) if you work with a message that was loaded from the disk, we strip the message.bodyParts array,
- * because it is not really necessary to keep everything in memory
- * 2) the message in memory is polluted by angular. angular tracks ordering of a list by adding a property
- * to the model. this property is auto generated and must not be persisted.
- */
-
- retrieveContent();
-
- function retrieveContent() {
- // load the local message from memory
- self._localListMessages({
- folder: folder,
- uid: message.uid
- }, function(err, localMessages) {
- if (err || localMessages.length === 0) {
- done(err);
- return;
- }
-
- var localMessage = localMessages[0];
-
- // treat attachment and non-attachment body parts separately:
- // we need to fetch the content for non-attachment body parts (encrypted, signed, text, html, resources referenced from the html)
- // but we spare the effort and fetch attachment content later upon explicit user request.
- var contentParts = localMessage.bodyParts.filter(function(bodyPart) {
- return bodyPart.type !== MSG_PART_TYPE_ATTACHMENT || (bodyPart.type === MSG_PART_TYPE_ATTACHMENT && bodyPart.id);
- });
- var attachmentParts = localMessage.bodyParts.filter(function(bodyPart) {
- return bodyPart.type === MSG_PART_TYPE_ATTACHMENT && !bodyPart.id;
- });
-
- // do we need to fetch content from the imap server?
- var needsFetch = false;
- contentParts.forEach(function(part) {
- needsFetch = (typeof part.content === 'undefined');
- });
-
- if (!needsFetch) {
- // if we have all the content we need,
- // we can extract the content
- message.bodyParts = localMessage.bodyParts;
- extractContent();
- return;
- }
+ // delete from IMAP
+ self._imapDeleteMessage({
+ folder: folder,
+ uid: message.uid
+ }, function(err) {
+ if (err) {
+ done(err);
+ return;
+ }
- // get the raw content from the imap server
- self._getBodyParts({
- folder: folder,
- uid: localMessage.uid,
- bodyParts: contentParts
- }, function(err, parsedBodyParts) {
- if (err) {
- done(err);
- return;
- }
+ deleteLocal();
+ });
+ }
- // piece together the parsed bodyparts and the empty attachments which have not been parsed
- message.bodyParts = parsedBodyParts.concat(attachmentParts);
- localMessage.bodyParts = parsedBodyParts.concat(attachmentParts);
-
- // persist it to disk
- self._localStoreMessages({
- folder: folder,
- emails: [localMessage]
- }, function(error) {
- if (error) {
- done(error);
- return;
- }
+ function deleteLocal() {
+ // delete from indexed db
+ self._localDeleteMessage({
+ folder: folder,
+ uid: message.uid
+ }, done);
+ }
- // extract the content
- extractContent();
- });
- });
- });
+ function done(err) {
+ self.done(); // stop the spinner
+ if (err) {
+ folder.messages.unshift(message); // re-add the message to the folder in case of an error
}
+ updateUnreadCount(folder); // update the unread count, if necessary
+ callback(err);
+ }
+};
+
+/**
+ * Updates a message's 'unread' and 'answered' flags
+ *
+ * Please note if you set flags on disk only if you delete from the outbox,
+ * since it is not an IMAP folder but a virtual folder that only exists on disk.
+ *
+ * @param {[type]} options [description]
+ * @param {Function} callback [description]
+ */
+EmailDAO.prototype.setFlags = function(options, callback) {
+ var self = this,
+ folder = options.folder,
+ message = options.message;
+
+ self.busy(); // start the spinner
+
+ // no-op if the message if not present anymore (for whatever reason)
+ if (folder.messages.indexOf(message) < 0) {
+ self.done(); // stop the spinner
+ return;
+ }
- function extractContent() {
- if (message.encrypted) {
- // show the encrypted message
- message.body = filterBodyParts(message.bodyParts, MSG_PART_TYPE_ENCRYPTED)[0].content;
- return done();
- }
-
- var root = message.bodyParts;
-
- if (message.signed) {
- // PGP/MIME signed
- var signedRoot = filterBodyParts(message.bodyParts, MSG_PART_TYPE_SIGNED)[0]; // in case of a signed message, you only want to show the signed content and ignore the rest
- message.signedMessage = signedRoot.signedMessage;
- message.signature = signedRoot.signature;
- root = signedRoot.content;
- }
-
- var body = _.pluck(filterBodyParts(root, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n');
+ // don't do a roundtrip to IMAP,
+ // especially if you want to mark outbox messages
+ if (options.localOnly || options.folder.path === config.outboxMailboxPath) {
+ markStorage();
+ return;
+ }
- /*
- * if the message is plain text and contains pgp/inline, we are only interested in the encrypted
- * content, the rest (corporate mail footer, attachments, etc.) is discarded.
- * "-----BEGIN/END (...)-----" must be at the start/end of a line,
- * the regex must not match a pgp block in a plain text reply or forward of a pgp/inline message,
- * the encryption will break for replies/forward, because "> " corrupts the PGP block with non-radix-64 characters,
- */
- var pgpInlineMatch = /^-{5}BEGIN PGP MESSAGE-{5}[\s\S]*-{5}END PGP MESSAGE-{5}$/im.exec(body);
- if (pgpInlineMatch) {
- message.body = pgpInlineMatch[0]; // show the plain text content
- message.encrypted = true; // signal the ui that we're handling encrypted content
-
- // replace the bodyParts info with an artificial bodyPart of type "encrypted"
- message.bodyParts = [{
- type: MSG_PART_TYPE_ENCRYPTED,
- content: pgpInlineMatch[0],
- _isPgpInline: true // used internally to avoid trying to parse non-MIME text with the mailreader
- }];
- return done();
- }
+ if (!self._account.online) {
+ // no action if we're not online
+ done({
+ errMsg: 'Client is currently offline!',
+ code: 42
+ });
+ return;
+ }
- /*
- * any content before/after the PGP block will be discarded,
- * "-----BEGIN/END (...)-----" must be at the start/end of a line,
- * after the hash (and possibly other) arbitrary headers, the signed payload begins,
- * the text is followed by a final \n and then the pgp signature begins
- * untrusted attachments and html is ignored
- */
- var clearSignedMatch = /^-{5}BEGIN PGP SIGNED MESSAGE-{5}\nHash:[ ][^\n]+\n(?:[A-Za-z]+:[ ][^\n]+\n)*\n([\s\S]*)\n-{5}BEGIN PGP SIGNATURE-{5}[\S\s]*-{5}END PGP SIGNATURE-{5}$/im.exec(body);
- if (clearSignedMatch) {
- // PGP/INLINE signed
- message.signed = true;
- message.clearSignedMessage = clearSignedMatch[0];
- body = clearSignedMatch[1];
- }
+ markImap();
- if (!message.signed) {
- // message is not signed, so we're done here
- return setBody();
+ function markImap() {
+ // mark a message unread/answered on IMAP
+ self._imapMark({
+ folder: folder,
+ uid: options.message.uid,
+ unread: options.message.unread,
+ answered: options.message.answered
+ }, function(err) {
+ if (err) {
+ done(err);
+ return;
}
- // check the signatures for signed messages
- self._checkSignatures(message, function(err, signaturesValid) {
- if (err) {
- return done(err);
- }
-
- message.signaturesValid = signaturesValid;
- setBody();
- });
-
- function setBody() {
- message.body = body;
- if (!message.clearSignedMessage) {
- message.attachments = filterBodyParts(root, MSG_PART_TYPE_ATTACHMENT);
- message.html = _.pluck(filterBodyParts(root, MSG_PART_TYPE_HTML), MSG_PART_ATTR_CONTENT).join('\n');
- inlineExternalImages(message);
- }
+ markStorage();
+ });
+ }
- done();
+ function markStorage() {
+ // angular pollutes that data transfer objects with helper properties (e.g. $$hashKey),
+ // which we do not want to persist to disk. in order to avoid that, we load the pristine
+ // message from disk, change the flags and re-persist it to disk
+ self._localListMessages({
+ folder: folder,
+ uid: options.message.uid,
+ }, function(err, storedMessages) {
+ if (err) {
+ done(err);
+ return;
}
- }
+ // set the flags
+ var storedMessage = storedMessages[0];
+ storedMessage.unread = options.message.unread;
+ storedMessage.answered = options.message.answered;
+ storedMessage.modseq = options.message.modseq || storedMessage.modseq;
- function done(err) {
- self.done();
- message.loadingBody = false;
- callback(err, err ? undefined : message);
- }
- };
-
- EmailDAO.prototype._checkSignatures = function(message, callback) {
- var self = this;
+ // store
+ self._localStoreMessages({
+ folder: folder,
+ emails: [storedMessage]
+ }, done);
+ });
+ }
- self._keychain.getReceiverPublicKey(message.from[0].address, function(err, senderPublicKey) {
- if (err) {
- return callback(err);
- }
+ function done(err) {
+ self.done(); // stop the spinner
+ updateUnreadCount(folder); // update the unread count
+ callback(err);
+ }
+};
+
+/**
+ * Streams message content
+ * @param {Object} options.message The message for which to retrieve the body
+ * @param {Object} options.folder The IMAP folder
+ * @param {Function} callback(error, message) Invoked when the message is streamed, or provides information if an error occurred
+ */
+EmailDAO.prototype.getBody = function(options, callback) {
+ var self = this,
+ message = options.message,
+ folder = options.folder;
+
+ // the message either already has a body or is fetching it right now, so no need to become active here
+ if (message.loadingBody || typeof message.body !== 'undefined') {
+ return;
+ }
- // get the receiver's public key to check the message signature
- var senderKey = senderPublicKey ? senderPublicKey.publicKey : undefined;
+ message.loadingBody = true;
- if (message.clearSignedMessage) {
- self._pgp.verifyClearSignedMessage(message.clearSignedMessage, senderKey, callback);
- } else if (message.signedMessage && message.signature) {
- self._pgp.verifySignedMessage(message.signedMessage, message.signature, senderKey, callback);
- } else {
- callback(null, undefined);
- }
- });
- };
+ self.busy();
- /**
- * Retrieves an attachment matching a body part for a given uid and a folder
+ /*
+ * read this before inspecting the method!
*
- * @param {Object} options.folder The folder where to find the attachment
- * @param {Number} options.uid The uid for the message the attachment body part belongs to
- * @param {Object} options.attachment The attachment body part to fetch and parse from IMAP
- * @param {Function} callback(error, attachment) Invoked when the attachment body part was retrieved and parsed, or an error occurred
+ * you will wonder about the round trip to the disk where we load the persisted object. there are two reasons for this behavior:
+ * 1) if you work with a message that was loaded from the disk, we strip the message.bodyParts array,
+ * because it is not really necessary to keep everything in memory
+ * 2) the message in memory is polluted by angular. angular tracks ordering of a list by adding a property
+ * to the model. this property is auto generated and must not be persisted.
*/
- EmailDAO.prototype.getAttachment = function(options, callback) {
- var self = this,
- attachment = options.attachment;
- self.busy();
- attachment.busy = true;
- self._getBodyParts({
- folder: options.folder,
- uid: options.uid,
- bodyParts: [attachment]
- }, function(err, parsedBodyParts) {
- attachment.busy = false;
- if (err) {
- callback(err);
+ retrieveContent();
+
+ function retrieveContent() {
+ // load the local message from memory
+ self._localListMessages({
+ folder: folder,
+ uid: message.uid
+ }, function(err, localMessages) {
+ if (err || localMessages.length === 0) {
+ done(err);
return;
}
- self.done();
- // add the content to the original object
- attachment.content = parsedBodyParts[0].content;
- callback(err, err ? undefined : attachment);
- });
- };
- /**
- * Decrypts a message and replaces sets the decrypted plaintext as the message's body, html, or attachment, respectively.
- * The first encrypted body part's ciphertext (in the content property) will be decrypted.
- *
- * @param {Object} options.message The message
- * @param {Function} callback(error, message)
- */
- EmailDAO.prototype.decryptBody = function(options, callback) {
- var self = this,
- message = options.message;
+ var localMessage = localMessages[0];
- // the message is decrypting has no body, is not encrypted or has already been decrypted
- if (!message.bodyParts || message.decryptingBody || !message.body || !message.encrypted || message.decrypted) {
- callback(null, message);
- return;
- }
+ // treat attachment and non-attachment body parts separately:
+ // we need to fetch the content for non-attachment body parts (encrypted, signed, text, html, resources referenced from the html)
+ // but we spare the effort and fetch attachment content later upon explicit user request.
+ var contentParts = localMessage.bodyParts.filter(function(bodyPart) {
+ return bodyPart.type !== MSG_PART_TYPE_ATTACHMENT || (bodyPart.type === MSG_PART_TYPE_ATTACHMENT && bodyPart.id);
+ });
+ var attachmentParts = localMessage.bodyParts.filter(function(bodyPart) {
+ return bodyPart.type === MSG_PART_TYPE_ATTACHMENT && !bodyPart.id;
+ });
- message.decryptingBody = true;
+ // do we need to fetch content from the imap server?
+ var needsFetch = false;
+ contentParts.forEach(function(part) {
+ needsFetch = (typeof part.content === 'undefined');
+ });
- self.busy();
- // get the sender's public key for signature checking
- self._keychain.getReceiverPublicKey(message.from[0].address, function(err, senderPublicKey) {
- if (err) {
- return done(err);
+ if (!needsFetch) {
+ // if we have all the content we need,
+ // we can extract the content
+ message.bodyParts = localMessage.bodyParts;
+ extractContent();
+ return;
}
- // get the receiver's public key to check the message signature
- var encryptedNode = filterBodyParts(message.bodyParts, MSG_PART_TYPE_ENCRYPTED)[0];
- var senderKey = senderPublicKey ? senderPublicKey.publicKey : undefined;
- self._pgp.decrypt(encryptedNode.content, senderKey, function(err, decrypted, signaturesValid) {
- if (err || !decrypted) {
- return showError(err.message || 'An error occurred during the decryption.');
- }
-
- // if the decryption worked and signatures are present, everything's fine.
- // no error is thrown if signatures are not present
- message.signed = typeof signaturesValid !== 'undefined';
- message.signaturesValid = signaturesValid;
-
- // if the encrypted node contains pgp/inline, we must not parse it
- // with the mailreader as it is not well-formed MIME
- if (encryptedNode._isPgpInline) {
- message.body = decrypted;
- message.decrypted = true;
- return done();
+ // get the raw content from the imap server
+ self._getBodyParts({
+ folder: folder,
+ uid: localMessage.uid,
+ bodyParts: contentParts
+ }, function(err, parsedBodyParts) {
+ if (err) {
+ done(err);
+ return;
}
- // the mailparser works on the .raw property
- encryptedNode.raw = decrypted;
-
- // parse the decrypted raw content in the mailparser
- self._mailreader.parse({
- bodyParts: [encryptedNode]
- }, function(err, root) {
- if (err) {
- return showError(err.errMsg || err.message);
- }
-
- if (!message.signed) {
- // message had no signature in the ciphertext, so there's a little extra effort to be done here
- // is there a signed MIME node?
- var signedRoot = filterBodyParts(root, MSG_PART_TYPE_SIGNED)[0];
- if (!signedRoot) {
- // no signed MIME node, obviously an unsigned PGP/MIME message
- return setBody();
- }
+ // piece together the parsed bodyparts and the empty attachments which have not been parsed
+ message.bodyParts = parsedBodyParts.concat(attachmentParts);
+ localMessage.bodyParts = parsedBodyParts.concat(attachmentParts);
- // if there is something signed in here, we're only interested in the signed content
- message.signedMessage = signedRoot.signedMessage;
- message.signature = signedRoot.signature;
- root = signedRoot.content;
-
- // check the signatures for encrypted messages
- self._checkSignatures(message, function(err, signaturesValid) {
- if (err) {
- return done(err);
- }
-
- message.signed = typeof signaturesValid !== 'undefined';
- message.signaturesValid = signaturesValid;
- setBody();
- });
+ // persist it to disk
+ self._localStoreMessages({
+ folder: folder,
+ emails: [localMessage]
+ }, function(error) {
+ if (error) {
+ done(error);
return;
}
- // message had a signature in the ciphertext, so we're done here
- setBody();
-
- function setBody() {
- // we have successfully interpreted the descrypted message,
- // so let's update the views on the message parts
- message.body = _.pluck(filterBodyParts(root, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n');
- message.html = _.pluck(filterBodyParts(root, MSG_PART_TYPE_HTML), MSG_PART_ATTR_CONTENT).join('\n');
- message.attachments = _.reject(filterBodyParts(root, MSG_PART_TYPE_ATTACHMENT), function(attmt) {
- // remove the pgp-signature from the attachments
- return attmt.mimeType === "application/pgp-signature";
- });
- inlineExternalImages(message);
-
- message.decrypted = true;
-
- // we're done here!
- done();
- }
+ // extract the content
+ extractContent();
});
});
});
+ }
- function showError(msg) {
- message.body = msg;
- message.decrypted = true; // display error msg in body
- done();
+ function extractContent() {
+ if (message.encrypted) {
+ // show the encrypted message
+ message.body = filterBodyParts(message.bodyParts, MSG_PART_TYPE_ENCRYPTED)[0].content;
+ return done();
}
- function done(err) {
- self.done();
- message.decryptingBody = false;
- callback(err, err ? undefined : message);
- }
- };
+ var root = message.bodyParts;
- /**
- * Encrypted (if necessary) and sends a message with a predefined clear text greeting.
- *
- * @param {Object} options.email The message to be sent
- * @param {Function} callback(error) Invoked when the message was sent, or an error occurred
- */
- EmailDAO.prototype.sendEncrypted = function(options, callback) {
- var self = this;
-
- if (!self._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
- });
- return;
+ if (message.signed) {
+ // PGP/MIME signed
+ var signedRoot = filterBodyParts(message.bodyParts, MSG_PART_TYPE_SIGNED)[0]; // in case of a signed message, you only want to show the signed content and ignore the rest
+ message.signedMessage = signedRoot.signedMessage;
+ message.signature = signedRoot.signature;
+ root = signedRoot.content;
}
- self.busy();
- // mime encode, sign, encrypt and send email via smtp
- self._pgpMailer.send({
- encrypt: true,
- smtpclient: options.smtpclient, // filled solely in the integration test, undefined in normal usage
- mail: options.email,
- publicKeysArmored: options.email.publicKeysArmored
- }, function(err, rfcText) {
- if (err) {
- return callback(err);
- }
-
- // upload the sent message to the sent folder if necessary
- var sentFolder = _.findWhere(self._account.folders, {
- type: FOLDER_TYPE_SENT
- });
-
- if (self.ignoreUploadOnSent || !sentFolder || !rfcText) {
- self.done();
- return callback();
- }
-
- self._imapClient.uploadMessage({
- path: sentFolder.path,
- message: rfcText
- }, function(err) {
- self.done();
- callback(err);
- });
- });
- };
+ var body = _.pluck(filterBodyParts(root, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n');
- /**
- * Sends a signed message in the plain
- *
- * @param {Object} options.email The message to be sent
- * @param {Function} callback(error) Invoked when the message was sent, or an error occurred
- */
- EmailDAO.prototype.sendPlaintext = function(options, callback) {
- var self = this;
+ /*
+ * if the message is plain text and contains pgp/inline, we are only interested in the encrypted
+ * content, the rest (corporate mail footer, attachments, etc.) is discarded.
+ * "-----BEGIN/END (...)-----" must be at the start/end of a line,
+ * the regex must not match a pgp block in a plain text reply or forward of a pgp/inline message,
+ * the encryption will break for replies/forward, because "> " corrupts the PGP block with non-radix-64 characters,
+ */
+ var pgpInlineMatch = /^-{5}BEGIN PGP MESSAGE-{5}[\s\S]*-{5}END PGP MESSAGE-{5}$/im.exec(body);
+ if (pgpInlineMatch) {
+ message.body = pgpInlineMatch[0]; // show the plain text content
+ message.encrypted = true; // signal the ui that we're handling encrypted content
+
+ // replace the bodyParts info with an artificial bodyPart of type "encrypted"
+ message.bodyParts = [{
+ type: MSG_PART_TYPE_ENCRYPTED,
+ content: pgpInlineMatch[0],
+ _isPgpInline: true // used internally to avoid trying to parse non-MIME text with the mailreader
+ }];
+ return done();
+ }
- if (!self._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
- });
- return;
+ /*
+ * any content before/after the PGP block will be discarded,
+ * "-----BEGIN/END (...)-----" must be at the start/end of a line,
+ * after the hash (and possibly other) arbitrary headers, the signed payload begins,
+ * the text is followed by a final \n and then the pgp signature begins
+ * untrusted attachments and html is ignored
+ */
+ var clearSignedMatch = /^-{5}BEGIN PGP SIGNED MESSAGE-{5}\nHash:[ ][^\n]+\n(?:[A-Za-z]+:[ ][^\n]+\n)*\n([\s\S]*)\n-{5}BEGIN PGP SIGNATURE-{5}[\S\s]*-{5}END PGP SIGNATURE-{5}$/im.exec(body);
+ if (clearSignedMatch) {
+ // PGP/INLINE signed
+ message.signed = true;
+ message.clearSignedMessage = clearSignedMatch[0];
+ body = clearSignedMatch[1];
}
- self.busy();
- // add suffix to plaintext mail
- options.email.body += str.signature + config.cloudUrl + '/' + self._account.emailAddress;
+ if (!message.signed) {
+ // message is not signed, so we're done here
+ return setBody();
+ }
- // mime encode, sign and send email via smtp
- self._pgpMailer.send({
- smtpclient: options.smtpclient, // filled solely in the integration test, undefined in normal usage
- mail: options.email
- }, function(err, rfcText) {
+ // check the signatures for signed messages
+ self._checkSignatures(message, function(err, signaturesValid) {
if (err) {
- return callback(err);
+ return done(err);
}
- // upload the sent message to the sent folder if necessary
- var sentFolder = _.findWhere(self._account.folders, {
- type: FOLDER_TYPE_SENT
- });
+ message.signaturesValid = signaturesValid;
+ setBody();
+ });
- if (self.ignoreUploadOnSent || !sentFolder || !rfcText) {
- self.done();
- return callback();
+ function setBody() {
+ message.body = body;
+ if (!message.clearSignedMessage) {
+ message.attachments = filterBodyParts(root, MSG_PART_TYPE_ATTACHMENT);
+ message.html = _.pluck(filterBodyParts(root, MSG_PART_TYPE_HTML), MSG_PART_ATTR_CONTENT).join('\n');
+ inlineExternalImages(message);
}
- self._imapClient.uploadMessage({
- path: sentFolder.path,
- message: rfcText
- }, function(err) {
- self.done();
- callback(err);
- });
- });
- };
+ done();
+ }
+ }
- /**
- * Signs and encrypts a message
- *
- * @param {Object} options.email The message to be encrypted
- * @param {Function} callback(error, message) Invoked when the message was encrypted, or an error occurred
- */
- EmailDAO.prototype.encrypt = function(options, callback) {
- var self = this;
- self.busy();
- self._pgpbuilder.encrypt(options, function(err) {
- self.done();
- callback(err);
- });
+ function done(err) {
+ self.done();
+ message.loadingBody = false;
+ callback(err, err ? undefined : message);
+ }
+};
- };
+EmailDAO.prototype._checkSignatures = function(message, callback) {
+ var self = this;
+ self._keychain.getReceiverPublicKey(message.from[0].address, function(err, senderPublicKey) {
+ if (err) {
+ return callback(err);
+ }
- //
- //
- // Event Handlers
- //
- //
+ // get the receiver's public key to check the message signature
+ var senderKey = senderPublicKey ? senderPublicKey.publicKey : undefined;
+ if (message.clearSignedMessage) {
+ self._pgp.verifyClearSignedMessage(message.clearSignedMessage, senderKey, callback);
+ } else if (message.signedMessage && message.signature) {
+ self._pgp.verifySignedMessage(message.signedMessage, message.signature, senderKey, callback);
+ } else {
+ callback(null, undefined);
+ }
+ });
+};
+
+/**
+ * Retrieves an attachment matching a body part for a given uid and a folder
+ *
+ * @param {Object} options.folder The folder where to find the attachment
+ * @param {Number} options.uid The uid for the message the attachment body part belongs to
+ * @param {Object} options.attachment The attachment body part to fetch and parse from IMAP
+ * @param {Function} callback(error, attachment) Invoked when the attachment body part was retrieved and parsed, or an error occurred
+ */
+EmailDAO.prototype.getAttachment = function(options, callback) {
+ var self = this,
+ attachment = options.attachment;
+
+ self.busy();
+ attachment.busy = true;
+ self._getBodyParts({
+ folder: options.folder,
+ uid: options.uid,
+ bodyParts: [attachment]
+ }, function(err, parsedBodyParts) {
+ attachment.busy = false;
+ if (err) {
+ callback(err);
+ return;
+ }
+ self.done();
+ // add the content to the original object
+ attachment.content = parsedBodyParts[0].content;
+ callback(err, err ? undefined : attachment);
+ });
+};
+
+/**
+ * Decrypts a message and replaces sets the decrypted plaintext as the message's body, html, or attachment, respectively.
+ * The first encrypted body part's ciphertext (in the content property) will be decrypted.
+ *
+ * @param {Object} options.message The message
+ * @param {Function} callback(error, message)
+ */
+EmailDAO.prototype.decryptBody = function(options, callback) {
+ var self = this,
+ message = options.message;
+
+ // the message is decrypting has no body, is not encrypted or has already been decrypted
+ if (!message.bodyParts || message.decryptingBody || !message.body || !message.encrypted || message.decrypted) {
+ callback(null, message);
+ return;
+ }
- /**
- * This handler should be invoked when navigator.onLine === true. It will try to connect a
- * given instance of the imap client. If the connection attempt was successful, it will
- * update the locally available folders with the newly received IMAP folder listing.
- *
- * @param {Object} options.imapClient The IMAP client used to receive messages
- * @param {Object} options.pgpMailer The SMTP client used to send messages
- * @param {Function} callback [description]
- */
- EmailDAO.prototype.onConnect = function(options, callback) {
- var self = this;
+ message.decryptingBody = true;
- self._account.loggingIn = true;
+ self.busy();
+ // get the sender's public key for signature checking
+ self._keychain.getReceiverPublicKey(message.from[0].address, function(err, senderPublicKey) {
+ if (err) {
+ return done(err);
+ }
- self._imapClient = options.imapClient;
- self._pgpMailer = options.pgpMailer;
+ // get the receiver's public key to check the message signature
+ var encryptedNode = filterBodyParts(message.bodyParts, MSG_PART_TYPE_ENCRYPTED)[0];
+ var senderKey = senderPublicKey ? senderPublicKey.publicKey : undefined;
+ self._pgp.decrypt(encryptedNode.content, senderKey, function(err, decrypted, signaturesValid) {
+ if (err || !decrypted) {
+ return showError(err.message || 'An error occurred during the decryption.');
+ }
- self._imapClient.login(function(err) {
- self._account.loggingIn = false;
+ // if the decryption worked and signatures are present, everything's fine.
+ // no error is thrown if signatures are not present
+ message.signed = typeof signaturesValid !== 'undefined';
+ message.signaturesValid = signaturesValid;
- if (err) {
- callback(err);
- return;
+ // if the encrypted node contains pgp/inline, we must not parse it
+ // with the mailreader as it is not well-formed MIME
+ if (encryptedNode._isPgpInline) {
+ message.body = decrypted;
+ message.decrypted = true;
+ return done();
}
- // init folders
- self._initFoldersFromImap(function(err) {
+ // the mailparser works on the .raw property
+ encryptedNode.raw = decrypted;
+
+ // parse the decrypted raw content in the mailparser
+ self._mailreader.parse({
+ bodyParts: [encryptedNode]
+ }, function(err, root) {
if (err) {
- callback(err);
- return;
+ return showError(err.errMsg || err.message);
}
- // attach sync update handler
- self._imapClient.onSyncUpdate = self._onSyncUpdate.bind(self);
-
- // fill the imap mailboxCache with information we have locally available:
- // - highest locally available moseq
- // - list of locally available uids
- // - highest locally available uid
- // - next expected uid
- var mailboxCache = {};
- self._account.folders.forEach(function(folder) {
- if (folder.messages.length === 0) {
- return;
+ if (!message.signed) {
+ // message had no signature in the ciphertext, so there's a little extra effort to be done here
+ // is there a signed MIME node?
+ var signedRoot = filterBodyParts(root, MSG_PART_TYPE_SIGNED)[0];
+ if (!signedRoot) {
+ // no signed MIME node, obviously an unsigned PGP/MIME message
+ return setBody();
}
- var uids, highestModseq, lastUid;
+ // if there is something signed in here, we're only interested in the signed content
+ message.signedMessage = signedRoot.signedMessage;
+ message.signature = signedRoot.signature;
+ root = signedRoot.content;
- uids = _.pluck(folder.messages, MSG_ATTR_UID).sort(function(a, b) {
- return a - b;
+ // check the signatures for encrypted messages
+ self._checkSignatures(message, function(err, signaturesValid) {
+ if (err) {
+ return done(err);
+ }
+
+ message.signed = typeof signaturesValid !== 'undefined';
+ message.signaturesValid = signaturesValid;
+ setBody();
});
- lastUid = uids[uids.length - 1];
-
- highestModseq = _.pluck(folder.messages, 'modseq').sort(function(a, b) {
- return a - b;
- }).pop();
-
- mailboxCache[folder.path] = {
- exists: lastUid,
- uidNext: lastUid + 1,
- uidlist: uids,
- highestModseq: highestModseq
- };
- });
- self._imapClient.mailboxCache = mailboxCache;
+ return;
+ }
- // set status to online after setting cache to prevent race condition
- self._account.online = true;
+ // message had a signature in the ciphertext, so we're done here
+ setBody();
- // set up the imap client to listen for changes in the inbox
- var inbox = _.findWhere(self._account.folders, {
- type: FOLDER_TYPE_INBOX
- });
+ function setBody() {
+ // we have successfully interpreted the descrypted message,
+ // so let's update the views on the message parts
+ message.body = _.pluck(filterBodyParts(root, MSG_PART_TYPE_TEXT), MSG_PART_ATTR_CONTENT).join('\n');
+ message.html = _.pluck(filterBodyParts(root, MSG_PART_TYPE_HTML), MSG_PART_ATTR_CONTENT).join('\n');
+ message.attachments = _.reject(filterBodyParts(root, MSG_PART_TYPE_ATTACHMENT), function(attmt) {
+ // remove the pgp-signature from the attachments
+ return attmt.mimeType === "application/pgp-signature";
+ });
+ inlineExternalImages(message);
- if (!inbox) {
- return callback();
- }
+ message.decrypted = true;
- self._imapClient.listenForChanges({
- path: inbox.path
- }, callback);
+ // we're done here!
+ done();
+ }
});
});
- };
+ });
- /**
- * This handler should be invoked when navigator.onLine === false.
- * It will discard the imap client and pgp mailer
- */
- EmailDAO.prototype.onDisconnect = function(callback) {
- var self = this;
+ function showError(msg) {
+ message.body = msg;
+ message.decrypted = true; // display error msg in body
+ done();
+ }
- // logout of imap-client
- self._imapClient.logout(function() {
- // ignore error, because it's not problem if logout fails
- if (callback) {
- callback();
- }
+ function done(err) {
+ self.done();
+ message.decryptingBody = false;
+ callback(err, err ? undefined : message);
+ }
+};
+
+/**
+ * Encrypted (if necessary) and sends a message with a predefined clear text greeting.
+ *
+ * @param {Object} options.email The message to be sent
+ * @param {Function} callback(error) Invoked when the message was sent, or an error occurred
+ */
+EmailDAO.prototype.sendEncrypted = function(options, callback) {
+ var self = this;
+
+ if (!self._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
});
+ return;
+ }
- // discard clients
- self._account.online = false;
- self._imapClient = undefined;
- self._pgpMailer = undefined;
- };
-
- /**
- * The are updates in the IMAP folder of the following type
- * - 'new': a list of uids that are newly available
- * - 'deleted': a list of uids that were deleted from IMAP available
- * - 'messages': a list of messages (uid + flags) that where changes are available
- *
- * @param {String} options.type The type of the update
- * @param {String} options.path The mailbox for which updates are available
- * @param {Array} options.list Array containing update information. Number (uid) or mail with Object (uid and flags), respectively
- */
- EmailDAO.prototype._onSyncUpdate = function(options) {
- var self = this;
+ self.busy();
+ // mime encode, sign, encrypt and send email via smtp
+ self._pgpMailer.send({
+ encrypt: true,
+ smtpclient: options.smtpclient, // filled solely in the integration test, undefined in normal usage
+ mail: options.email,
+ publicKeysArmored: options.email.publicKeysArmored
+ }, function(err, rfcText) {
+ if (err) {
+ return callback(err);
+ }
- var folder = _.findWhere(self._account.folders, {
- path: options.path
+ // upload the sent message to the sent folder if necessary
+ var sentFolder = _.findWhere(self._account.folders, {
+ type: FOLDER_TYPE_SENT
});
- if (!folder) {
- // ignore updates for an unknown folder
- return;
+ if (self.ignoreUploadOnSent || !sentFolder || !rfcText) {
+ self.done();
+ return callback();
}
- if (options.type === SYNC_TYPE_NEW) {
- // new messages available on imap, fetch from imap and store to disk and memory
- self.fetchMessages({
- folder: folder,
- firstUid: Math.min.apply(null, options.list),
- lastUid: Math.max.apply(null, options.list)
- }, self.onError.bind(self));
- } else if (options.type === SYNC_TYPE_DELETED) {
- // messages have been deleted, remove from local storage and memory
- options.list.forEach(function(uid) {
- var message = _.findWhere(folder.messages, {
- uid: uid
- });
-
- if (!message) {
- return;
- }
-
- self.deleteMessage({
- folder: folder,
- message: message,
- localOnly: true
- }, self.onError.bind(self));
- });
- } else if (options.type === SYNC_TYPE_MSGS) {
- // NB! several possible reasons why this could be called.
- // if a message in the array has uid value and flag array, it had a possible flag update
- options.list.forEach(function(changedMsg) {
- if (!changedMsg.uid || !changedMsg.flags) {
- return;
- }
-
- var message = _.findWhere(folder.messages, {
- uid: changedMsg.uid
- });
-
- if (!message) {
- return;
- }
-
- // update unread, answered, modseq to the latest info
- message.answered = changedMsg.flags.indexOf('\\Answered') > -1;
- message.unread = changedMsg.flags.indexOf('\\Seen') === -1;
- message.modseq = changedMsg.modseq;
-
- self.setFlags({
- folder: folder,
- message: message,
- localOnly: true
- }, self.onError.bind(self));
- });
+ self._imapClient.uploadMessage({
+ path: sentFolder.path,
+ message: rfcText
+ }, function(err) {
+ self.done();
+ callback(err);
+ });
+ });
+};
+
+/**
+ * Sends a signed message in the plain
+ *
+ * @param {Object} options.email The message to be sent
+ * @param {Function} callback(error) Invoked when the message was sent, or an error occurred
+ */
+EmailDAO.prototype.sendPlaintext = function(options, callback) {
+ var self = this;
+
+ if (!self._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
+ });
+ return;
+ }
+ self.busy();
+
+ // add suffix to plaintext mail
+ options.email.body += str.signature + config.cloudUrl + '/' + self._account.emailAddress;
+
+ // mime encode, sign and send email via smtp
+ self._pgpMailer.send({
+ smtpclient: options.smtpclient, // filled solely in the integration test, undefined in normal usage
+ mail: options.email
+ }, function(err, rfcText) {
+ if (err) {
+ return callback(err);
}
- };
-
-
- //
- //
- // Internal API
- //
- //
-
-
- /**
- * Updates the folder information from memory, and adds/removes folders in account.folders.
- * The locally available messages are loaded from memory
- *
- * @param {Function} callback Invoked when the folders are up to date
- */
- EmailDAO.prototype._initFoldersFromDisk = function(callback) {
- var self = this;
- self.busy(); // start the spinner
+ // upload the sent message to the sent folder if necessary
+ var sentFolder = _.findWhere(self._account.folders, {
+ type: FOLDER_TYPE_SENT
+ });
- // fetch list from local cache
- self._devicestorage.listItems(FOLDER_DB_TYPE, 0, null, function(err, stored) {
- if (err) {
- return done(err);
- }
+ if (self.ignoreUploadOnSent || !sentFolder || !rfcText) {
+ self.done();
+ return callback();
+ }
- self._account.folders = stored[0] || [];
- self._initMessagesFromDisk(done);
+ self._imapClient.uploadMessage({
+ path: sentFolder.path,
+ message: rfcText
+ }, function(err) {
+ self.done();
+ callback(err);
});
+ });
+};
+
+/**
+ * Signs and encrypts a message
+ *
+ * @param {Object} options.email The message to be encrypted
+ * @param {Function} callback(error, message) Invoked when the message was encrypted, or an error occurred
+ */
+EmailDAO.prototype.encrypt = function(options, callback) {
+ var self = this;
+
+ self.busy();
+ self._pgpbuilder.encrypt(options, function(err) {
+ self.done();
+ callback(err);
+ });
+
+};
+
+
+//
+//
+// Event Handlers
+//
+//
+
+
+/**
+ * This handler should be invoked when navigator.onLine === true. It will try to connect a
+ * given instance of the imap client. If the connection attempt was successful, it will
+ * update the locally available folders with the newly received IMAP folder listing.
+ *
+ * @param {Object} options.imapClient The IMAP client used to receive messages
+ * @param {Object} options.pgpMailer The SMTP client used to send messages
+ * @param {Function} callback [description]
+ */
+EmailDAO.prototype.onConnect = function(options, callback) {
+ var self = this;
+
+ self._account.loggingIn = true;
+
+ self._imapClient = options.imapClient;
+ self._pgpMailer = options.pgpMailer;
+
+ self._imapClient.login(function(err) {
+ self._account.loggingIn = false;
- function done(err) {
- self.done(); // stop the spinner
+ if (err) {
callback(err);
+ return;
}
- };
-
- /**
- * Updates the folder information from imap (if we're online). Adds/removes folders in account.folders,
- * if we added/removed folder in IMAP. If we have an uninitialized folder that lacks folder.messages,
- * all the locally available messages are loaded from memory.
- *
- * @param {Function} callback Invoked when the folders are up to date
- */
- EmailDAO.prototype._initFoldersFromImap = function(callback) {
- var self = this;
- self.busy(); // start the spinner
-
- // fetch list from imap server
- self._imapClient.listWellKnownFolders(function(err, wellKnownFolders) {
+ // init folders
+ self._initFoldersFromImap(function(err) {
if (err) {
- return done(err);
+ callback(err);
+ return;
}
- // initialize the folders to something meaningful if that hasn't already happened
- self._account.folders = self._account.folders || [];
-
- // smuggle the outbox into the well known folders, which is obv not present on imap...
- wellKnownFolders[config.outboxMailboxType] = [{
- name: config.outboxMailboxName,
- type: config.outboxMailboxType,
- path: config.outboxMailboxPath
- }];
-
- // indicates if we need to persist anything to disk
- var foldersChanged = false;
+ // attach sync update handler
+ self._imapClient.onSyncUpdate = self._onSyncUpdate.bind(self);
+
+ // fill the imap mailboxCache with information we have locally available:
+ // - highest locally available moseq
+ // - list of locally available uids
+ // - highest locally available uid
+ // - next expected uid
+ var mailboxCache = {};
+ self._account.folders.forEach(function(folder) {
+ if (folder.messages.length === 0) {
+ return;
+ }
- // the folders listed in the navigation pane
- [FOLDER_TYPE_INBOX, FOLDER_TYPE_SENT, config.outboxMailboxType, FOLDER_TYPE_DRAFTS, FOLDER_TYPE_TRASH].forEach(function(mbxType) {
- var localFolderWithType, imapFolderWithPath;
+ var uids, highestModseq, lastUid;
- // check if there is a folder of this type locally available
- localFolderWithType = _.findWhere(self._account.folders, {
- type: mbxType
+ uids = _.pluck(folder.messages, MSG_ATTR_UID).sort(function(a, b) {
+ return a - b;
});
+ lastUid = uids[uids.length - 1];
- if (localFolderWithType) {
- // we have a local folder available, so let's check if this folder still exists on imap
-
- imapFolderWithPath = _.findWhere(wellKnownFolders[mbxType], {
- path: localFolderWithType.path
- });
-
- if (imapFolderWithPath) {
- // folder present on imap, no need to update.
- return;
- }
+ highestModseq = _.pluck(folder.messages, 'modseq').sort(function(a, b) {
+ return a - b;
+ }).pop();
- // folder not present on imap, so remove the folder and see if there are any updates for this folder type
- self._account.folders.splice(self._account.folders.indexOf(localFolderWithType), 1);
- foldersChanged = true;
- }
+ mailboxCache[folder.path] = {
+ exists: lastUid,
+ uidNext: lastUid + 1,
+ uidlist: uids,
+ highestModseq: highestModseq
+ };
+ });
+ self._imapClient.mailboxCache = mailboxCache;
- if (!wellKnownFolders[mbxType] || !wellKnownFolders[mbxType].length) {
- // no imap folders of the respective mailbox type, so nothing to do here
- return;
- }
+ // set status to online after setting cache to prevent race condition
+ self._account.online = true;
- /**
- * we have no local folder of the type, so do something intelligent,
- * i.e. take the first folder of the respective type
- */
- self._account.folders.push(wellKnownFolders[mbxType][0]);
- foldersChanged = true;
+ // set up the imap client to listen for changes in the inbox
+ var inbox = _.findWhere(self._account.folders, {
+ type: FOLDER_TYPE_INBOX
});
- // if folders have not changed, can fill them with messages directly
- if (!foldersChanged) {
- return self._initMessagesFromDisk(done);
+ if (!inbox) {
+ return callback();
}
- // persist encrypted list in device storage
- // note: the folders in the ui also include the messages array, so let's create a clean array here
- var folders = self._account.folders.map(function(folder) {
- return {
- name: folder.name,
- path: folder.path,
- type: folder.type
- };
- });
- self._devicestorage.storeList([folders], FOLDER_DB_TYPE, function(err) {
- if (err) {
- return done(err);
- }
-
- self._initMessagesFromDisk(done);
- });
+ self._imapClient.listenForChanges({
+ path: inbox.path
+ }, callback);
});
-
- function done(err) {
- self.done(); // stop the spinner
- callback(err);
+ });
+};
+
+/**
+ * This handler should be invoked when navigator.onLine === false.
+ * It will discard the imap client and pgp mailer
+ */
+EmailDAO.prototype.onDisconnect = function(callback) {
+ var self = this;
+
+ // logout of imap-client
+ self._imapClient.logout(function() {
+ // ignore error, because it's not problem if logout fails
+ if (callback) {
+ callback();
}
- };
+ });
+
+ // discard clients
+ self._account.online = false;
+ self._imapClient = undefined;
+ self._pgpMailer = undefined;
+};
+
+/**
+ * The are updates in the IMAP folder of the following type
+ * - 'new': a list of uids that are newly available
+ * - 'deleted': a list of uids that were deleted from IMAP available
+ * - 'messages': a list of messages (uid + flags) that where changes are available
+ *
+ * @param {String} options.type The type of the update
+ * @param {String} options.path The mailbox for which updates are available
+ * @param {Array} options.list Array containing update information. Number (uid) or mail with Object (uid and flags), respectively
+ */
+EmailDAO.prototype._onSyncUpdate = function(options) {
+ var self = this;
+
+ var folder = _.findWhere(self._account.folders, {
+ path: options.path
+ });
+
+ if (!folder) {
+ // ignore updates for an unknown folder
+ return;
+ }
- /**
- * Fill uninitialized folders with the locally available messages.
- *
- * @param {Function} callback Invoked when the folders are filled with messages
- */
- EmailDAO.prototype._initMessagesFromDisk = function(callback) {
- var self = this;
+ if (options.type === SYNC_TYPE_NEW) {
+ // new messages available on imap, fetch from imap and store to disk and memory
+ self.fetchMessages({
+ folder: folder,
+ firstUid: Math.min.apply(null, options.list),
+ lastUid: Math.max.apply(null, options.list)
+ }, self.onError.bind(self));
+ } else if (options.type === SYNC_TYPE_DELETED) {
+ // messages have been deleted, remove from local storage and memory
+ options.list.forEach(function(uid) {
+ var message = _.findWhere(folder.messages, {
+ uid: uid
+ });
- if (!self._account.folders || self._account.folders.length === 0) {
- return callback();
- }
+ if (!message) {
+ return;
+ }
+
+ self.deleteMessage({
+ folder: folder,
+ message: message,
+ localOnly: true
+ }, self.onError.bind(self));
+ });
+ } else if (options.type === SYNC_TYPE_MSGS) {
+ // NB! several possible reasons why this could be called.
+ // if a message in the array has uid value and flag array, it had a possible flag update
+ options.list.forEach(function(changedMsg) {
+ if (!changedMsg.uid || !changedMsg.flags) {
+ return;
+ }
- var after = _.after(self._account.folders.length, callback);
+ var message = _.findWhere(folder.messages, {
+ uid: changedMsg.uid
+ });
- self._account.folders.forEach(function(folder) {
- if (folder.messages) {
- // the folder is already initialized
- return after();
+ if (!message) {
+ return;
}
- // sync messages from disk to the folder model
- self.refreshFolder({
- folder: folder
- }, function(err) {
- if (err) {
- return callback(err);
- }
+ // update unread, answered, modseq to the latest info
+ message.answered = changedMsg.flags.indexOf('\\Answered') > -1;
+ message.unread = changedMsg.flags.indexOf('\\Seen') === -1;
+ message.modseq = changedMsg.modseq;
- after();
- });
+ self.setFlags({
+ folder: folder,
+ message: message,
+ localOnly: true
+ }, self.onError.bind(self));
});
- };
+ }
+};
- EmailDAO.prototype.busy = function() {
- this._account.busy++;
- };
- EmailDAO.prototype.done = function() {
- if (this._account.busy > 0) {
- this._account.busy--;
- }
- };
+//
+//
+// Internal API
+//
+//
+/**
+ * Updates the folder information from memory, and adds/removes folders in account.folders.
+ * The locally available messages are loaded from memory
+ *
+ * @param {Function} callback Invoked when the folders are up to date
+ */
+EmailDAO.prototype._initFoldersFromDisk = function(callback) {
+ var self = this;
- //
- //
- // IMAP API
- //
- //
+ self.busy(); // start the spinner
- /**
- * Mark messages as un-/read or un-/answered on IMAP
- *
- * @param {Object} options.folder The folder where to find the message
- * @param {Number} options.uid The uid for which to change the flags
- * @param {Number} options.unread Un-/Read flag
- * @param {Number} options.answered Un-/Answered flag
- */
- EmailDAO.prototype._imapMark = function(options, callback) {
- if (!this._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
- });
- return;
+ // fetch list from local cache
+ self._devicestorage.listItems(FOLDER_DB_TYPE, 0, null, function(err, stored) {
+ if (err) {
+ return done(err);
}
- options.path = options.folder.path;
- this._imapClient.updateFlags(options, callback);
- };
+ self._account.folders = stored[0] || [];
+ self._initMessagesFromDisk(done);
+ });
- /**
- * If we're in the trash folder or no trash folder is available, this deletes a message from IMAP.
- * Otherwise, it moves a message to the trash folder.
- *
- * @param {Object} options.folder The folder where to find the message
- * @param {Number} options.uid The uid of the message
- * @param {Function} callback(error) Callback with an error object in case something went wrong.
- */
- EmailDAO.prototype._imapDeleteMessage = function(options, callback) {
- if (!this._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
- });
- return;
+ function done(err) {
+ self.done(); // stop the spinner
+ callback(err);
+ }
+};
+
+/**
+ * Updates the folder information from imap (if we're online). Adds/removes folders in account.folders,
+ * if we added/removed folder in IMAP. If we have an uninitialized folder that lacks folder.messages,
+ * all the locally available messages are loaded from memory.
+ *
+ * @param {Function} callback Invoked when the folders are up to date
+ */
+EmailDAO.prototype._initFoldersFromImap = function(callback) {
+ var self = this;
+
+ self.busy(); // start the spinner
+
+ // fetch list from imap server
+ self._imapClient.listWellKnownFolders(function(err, wellKnownFolders) {
+ if (err) {
+ return done(err);
}
- var trash = _.findWhere(this._account.folders, {
- type: FOLDER_TYPE_TRASH
- });
-
- // there's no known trash folder to move the mail to or we're in the trash folder, so we can purge the message
- if (!trash || options.folder === trash) {
- this._imapClient.deleteMessage({
- path: options.folder.path,
- uid: options.uid
- }, callback);
+ // initialize the folders to something meaningful if that hasn't already happened
+ self._account.folders = self._account.folders || [];
- return;
- }
+ // smuggle the outbox into the well known folders, which is obv not present on imap...
+ wellKnownFolders[config.outboxMailboxType] = [{
+ name: config.outboxMailboxName,
+ type: config.outboxMailboxType,
+ path: config.outboxMailboxPath
+ }];
- // move the message to the trash folder
- this._imapClient.moveMessage({
- path: options.folder.path,
- destination: trash.path,
- uid: options.uid
- }, callback);
- };
+ // indicates if we need to persist anything to disk
+ var foldersChanged = false;
- /**
- * Get list messsage headers without the body
- *
- * @param {String} options.folder The folder
- * @param {Number} options.firstUid The lower bound of the uid (inclusive)
- * @param {Number} options.lastUid The upper bound of the uid range (inclusive)
- * @param {Function} callback (error, messages) The callback when the imap client is done fetching message metadata
- */
- EmailDAO.prototype._imapListMessages = function(options, callback) {
- var self = this;
+ // the folders listed in the navigation pane
+ [FOLDER_TYPE_INBOX, FOLDER_TYPE_SENT, config.outboxMailboxType, FOLDER_TYPE_DRAFTS, FOLDER_TYPE_TRASH].forEach(function(mbxType) {
+ var localFolderWithType, imapFolderWithPath;
- if (!this._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
+ // check if there is a folder of this type locally available
+ localFolderWithType = _.findWhere(self._account.folders, {
+ type: mbxType
});
- return;
- }
- options.path = options.folder.path;
- self._imapClient.listMessages(options, callback);
- };
+ if (localFolderWithType) {
+ // we have a local folder available, so let's check if this folder still exists on imap
- /**
- * Stream an email messsage's body
- * @param {String} options.folder The folder
- * @param {String} options.uid the message's uid
- * @param {Object} options.bodyParts The message, as retrieved by _imapListMessages
- * @param {Function} callback (error, message) The callback when the imap client is done streaming message text content
- */
- EmailDAO.prototype._getBodyParts = function(options, callback) {
- var self = this;
+ imapFolderWithPath = _.findWhere(wellKnownFolders[mbxType], {
+ path: localFolderWithType.path
+ });
- if (!self._account.online) {
- callback({
- errMsg: 'Client is currently offline!',
- code: 42
- });
- return;
- }
+ if (imapFolderWithPath) {
+ // folder present on imap, no need to update.
+ return;
+ }
- options.path = options.folder.path;
- self._imapClient.getBodyParts(options, function(err) {
- if (err) {
- callback(err);
+ // folder not present on imap, so remove the folder and see if there are any updates for this folder type
+ self._account.folders.splice(self._account.folders.indexOf(localFolderWithType), 1);
+ foldersChanged = true;
+ }
+
+ if (!wellKnownFolders[mbxType] || !wellKnownFolders[mbxType].length) {
+ // no imap folders of the respective mailbox type, so nothing to do here
return;
}
- // interpret the raw content of the email
- self._mailreader.parse(options, callback);
+
+ /**
+ * we have no local folder of the type, so do something intelligent,
+ * i.e. take the first folder of the respective type
+ */
+ self._account.folders.push(wellKnownFolders[mbxType][0]);
+ foldersChanged = true;
});
- };
+ // if folders have not changed, can fill them with messages directly
+ if (!foldersChanged) {
+ return self._initMessagesFromDisk(done);
+ }
- //
- //
- // Local Storage API
- //
- //
+ // persist encrypted list in device storage
+ // note: the folders in the ui also include the messages array, so let's create a clean array here
+ var folders = self._account.folders.map(function(folder) {
+ return {
+ name: folder.name,
+ path: folder.path,
+ type: folder.type
+ };
+ });
+ self._devicestorage.storeList([folders], FOLDER_DB_TYPE, function(err) {
+ if (err) {
+ return done(err);
+ }
+ self._initMessagesFromDisk(done);
+ });
+ });
- /**
- * List the locally available items form the indexed db stored under "email_[FOLDER PATH]_[MESSAGE UID]" (if a message was provided),
- * or "email_[FOLDER PATH]", respectively
- *
- * @param {Object} options.folder The folder for which to list the content
- * @param {Object} options.uid A specific uid to look up locally in the folder
- * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
- */
- EmailDAO.prototype._localListMessages = function(options, callback) {
- var dbType = 'email_' + options.folder.path + (options.uid ? '_' + options.uid : '');
- this._devicestorage.listItems(dbType, 0, null, callback);
- };
+ function done(err) {
+ self.done(); // stop the spinner
+ callback(err);
+ }
+};
+
+/**
+ * Fill uninitialized folders with the locally available messages.
+ *
+ * @param {Function} callback Invoked when the folders are filled with messages
+ */
+EmailDAO.prototype._initMessagesFromDisk = function(callback) {
+ var self = this;
+
+ if (!self._account.folders || self._account.folders.length === 0) {
+ return callback();
+ }
- /**
- * Stores a bunch of messages to the indexed db. The messages are stored under "email_[FOLDER PATH]_[MESSAGE UID]"
- *
- * @param {Object} options.folder The folder for which to list the content
- * @param {Array} options.messages The messages to store
- * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
- */
- EmailDAO.prototype._localStoreMessages = function(options, callback) {
- var dbType = 'email_' + options.folder.path;
- this._devicestorage.storeList(options.emails, dbType, callback);
- };
+ var after = _.after(self._account.folders.length, callback);
- /**
- * Stores a bunch of messages to the indexed db. The messages are stored under "email_[FOLDER PATH]_[MESSAGE UID]"
- *
- * @param {Object} options.folder The folder for which to list the content
- * @param {Array} options.messages The messages to store
- * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
- */
- EmailDAO.prototype._localDeleteMessage = function(options, callback) {
- var path = options.folder.path,
- uid = options.uid,
- id = options.id;
-
- if (!path || !(uid || id)) {
- callback({
- errMsg: 'Invalid options!'
- });
- return;
+ self._account.folders.forEach(function(folder) {
+ if (folder.messages) {
+ // the folder is already initialized
+ return after();
}
- var dbType = 'email_' + path + '_' + (uid || id);
- this._devicestorage.removeList(dbType, callback);
- };
+ // sync messages from disk to the folder model
+ self.refreshFolder({
+ folder: folder
+ }, function(err) {
+ if (err) {
+ return callback(err);
+ }
+
+ after();
+ });
+ });
+};
+
+EmailDAO.prototype.busy = function() {
+ this._account.busy++;
+};
+EmailDAO.prototype.done = function() {
+ if (this._account.busy > 0) {
+ this._account.busy--;
+ }
+};
+
+
+
+//
+//
+// IMAP API
+//
+//
+
+/**
+ * Mark messages as un-/read or un-/answered on IMAP
+ *
+ * @param {Object} options.folder The folder where to find the message
+ * @param {Number} options.uid The uid for which to change the flags
+ * @param {Number} options.unread Un-/Read flag
+ * @param {Number} options.answered Un-/Answered flag
+ */
+EmailDAO.prototype._imapMark = function(options, callback) {
+ if (!this._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
+ });
+ return;
+ }
- //
- //
- // Helper Functions
- //
- //
+ options.path = options.folder.path;
+ this._imapClient.updateFlags(options, callback);
+};
+
+/**
+ * If we're in the trash folder or no trash folder is available, this deletes a message from IMAP.
+ * Otherwise, it moves a message to the trash folder.
+ *
+ * @param {Object} options.folder The folder where to find the message
+ * @param {Number} options.uid The uid of the message
+ * @param {Function} callback(error) Callback with an error object in case something went wrong.
+ */
+EmailDAO.prototype._imapDeleteMessage = function(options, callback) {
+ if (!this._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
+ });
+ return;
+ }
+ var trash = _.findWhere(this._account.folders, {
+ type: FOLDER_TYPE_TRASH
+ });
- /**
- * Updates a folder's unread count:
- * - For the outbox, that's the total number of messages,
- * - For every other folder, it's the number of unread messages
- */
- function updateUnreadCount(folder) {
- var allMsgs = folder.messages.length,
- unreadMsgs = _.filter(folder.messages, function(msg) {
- return msg.unread;
- }).length;
+ // there's no known trash folder to move the mail to or we're in the trash folder, so we can purge the message
+ if (!trash || options.folder === trash) {
+ this._imapClient.deleteMessage({
+ path: options.folder.path,
+ uid: options.uid
+ }, callback);
- folder.count = folder.path === config.outboxMailboxPath ? allMsgs : unreadMsgs;
+ return;
}
- /**
- * Helper function that recursively traverses the body parts tree. Looks for bodyParts that match the provided type and aggregates them
- *
- * @param {Array} bodyParts The bodyParts array
- * @param {String} type The type to look up
- * @param {undefined} result Leave undefined, only used for recursion
- */
- function filterBodyParts(bodyParts, type, result) {
- result = result || [];
- bodyParts.forEach(function(part) {
- if (part.type === type) {
- result.push(part);
- } else if (Array.isArray(part.content)) {
- filterBodyParts(part.content, type, result);
- }
+ // move the message to the trash folder
+ this._imapClient.moveMessage({
+ path: options.folder.path,
+ destination: trash.path,
+ uid: options.uid
+ }, callback);
+};
+
+/**
+ * Get list messsage headers without the body
+ *
+ * @param {String} options.folder The folder
+ * @param {Number} options.firstUid The lower bound of the uid (inclusive)
+ * @param {Number} options.lastUid The upper bound of the uid range (inclusive)
+ * @param {Function} callback (error, messages) The callback when the imap client is done fetching message metadata
+ */
+EmailDAO.prototype._imapListMessages = function(options, callback) {
+ var self = this;
+
+ if (!this._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
});
- return result;
+ return;
}
- /**
- * Helper function that looks through the HTML content for 
and
- * inlines the images linked internally. Manipulates message.html as a side-effect.
- * If no attachment matching the internal reference is found, or constructing a data
- * uri fails, just remove the source.
- *
- * @param {Object} message DTO
- */
- function inlineExternalImages(message) {
- message.html = message.html.replace(/(]+\bsrc=['"])cid:([^'">]+)(['"])/ig, function(match, prefix, src, suffix) {
- var localSource = '',
- payload = '';
+ options.path = options.folder.path;
+ self._imapClient.listMessages(options, callback);
+};
+
+/**
+ * Stream an email messsage's body
+ * @param {String} options.folder The folder
+ * @param {String} options.uid the message's uid
+ * @param {Object} options.bodyParts The message, as retrieved by _imapListMessages
+ * @param {Function} callback (error, message) The callback when the imap client is done streaming message text content
+ */
+EmailDAO.prototype._getBodyParts = function(options, callback) {
+ var self = this;
+
+ if (!self._account.online) {
+ callback({
+ errMsg: 'Client is currently offline!',
+ code: 42
+ });
+ return;
+ }
- var internalReference = _.findWhere(message.attachments, {
- id: src
- });
+ options.path = options.folder.path;
+ self._imapClient.getBodyParts(options, function(err) {
+ if (err) {
+ callback(err);
+ return;
+ }
+ // interpret the raw content of the email
+ self._mailreader.parse(options, callback);
+ });
+};
+
+
+//
+//
+// Local Storage API
+//
+//
+
+
+/**
+ * List the locally available items form the indexed db stored under "email_[FOLDER PATH]_[MESSAGE UID]" (if a message was provided),
+ * or "email_[FOLDER PATH]", respectively
+ *
+ * @param {Object} options.folder The folder for which to list the content
+ * @param {Object} options.uid A specific uid to look up locally in the folder
+ * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
+ */
+EmailDAO.prototype._localListMessages = function(options, callback) {
+ var dbType = 'email_' + options.folder.path + (options.uid ? '_' + options.uid : '');
+ this._devicestorage.listItems(dbType, 0, null, callback);
+};
+
+/**
+ * Stores a bunch of messages to the indexed db. The messages are stored under "email_[FOLDER PATH]_[MESSAGE UID]"
+ *
+ * @param {Object} options.folder The folder for which to list the content
+ * @param {Array} options.messages The messages to store
+ * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
+ */
+EmailDAO.prototype._localStoreMessages = function(options, callback) {
+ var dbType = 'email_' + options.folder.path;
+ this._devicestorage.storeList(options.emails, dbType, callback);
+};
+
+/**
+ * Stores a bunch of messages to the indexed db. The messages are stored under "email_[FOLDER PATH]_[MESSAGE UID]"
+ *
+ * @param {Object} options.folder The folder for which to list the content
+ * @param {Array} options.messages The messages to store
+ * @param {Function} callback(error, list) Invoked with the results of the query, or further information, if an error occurred
+ */
+EmailDAO.prototype._localDeleteMessage = function(options, callback) {
+ var path = options.folder.path,
+ uid = options.uid,
+ id = options.id;
+
+ if (!path || !(uid || id)) {
+ callback({
+ errMsg: 'Invalid options!'
+ });
+ return;
+ }
- if (internalReference) {
- for (var i = 0; i < internalReference.content.byteLength; i++) {
- payload += String.fromCharCode(internalReference.content[i]);
- }
+ var dbType = 'email_' + path + '_' + (uid || id);
+ this._devicestorage.removeList(dbType, callback);
+};
+
+
+//
+//
+// Helper Functions
+//
+//
+
+
+/**
+ * Updates a folder's unread count:
+ * - For the outbox, that's the total number of messages,
+ * - For every other folder, it's the number of unread messages
+ */
+function updateUnreadCount(folder) {
+ var allMsgs = folder.messages.length,
+ unreadMsgs = _.filter(folder.messages, function(msg) {
+ return msg.unread;
+ }).length;
+
+ folder.count = folder.path === config.outboxMailboxPath ? allMsgs : unreadMsgs;
+}
+
+/**
+ * Helper function that recursively traverses the body parts tree. Looks for bodyParts that match the provided type and aggregates them
+ *
+ * @param {Array} bodyParts The bodyParts array
+ * @param {String} type The type to look up
+ * @param {undefined} result Leave undefined, only used for recursion
+ */
+function filterBodyParts(bodyParts, type, result) {
+ result = result || [];
+ bodyParts.forEach(function(part) {
+ if (part.type === type) {
+ result.push(part);
+ } else if (Array.isArray(part.content)) {
+ filterBodyParts(part.content, type, result);
+ }
+ });
+ return result;
+}
+
+/**
+ * Helper function that looks through the HTML content for and
+ * inlines the images linked internally. Manipulates message.html as a side-effect.
+ * If no attachment matching the internal reference is found, or constructing a data
+ * uri fails, just remove the source.
+ *
+ * @param {Object} message DTO
+ */
+function inlineExternalImages(message) {
+ message.html = message.html.replace(/(]+\bsrc=['"])cid:([^'">]+)(['"])/ig, function(match, prefix, src, suffix) {
+ var localSource = '',
+ payload = '';
+
+ var internalReference = _.findWhere(message.attachments, {
+ id: src
+ });
- try {
- localSource = 'data:application/octet-stream;base64,' + btoa(payload); // try to replace the source
- } catch (e) {}
+ if (internalReference) {
+ for (var i = 0; i < internalReference.content.byteLength; i++) {
+ payload += String.fromCharCode(internalReference.content[i]);
}
- return prefix + localSource + suffix;
- });
- }
+ try {
+ localSource = 'data:application/octet-stream;base64,' + btoa(payload); // try to replace the source
+ } catch (e) {}
+ }
+
+ return prefix + localSource + suffix;
+ });
+}
- return EmailDAO;
-});
\ No newline at end of file
+module.exports = EmailDAO;
\ No newline at end of file
diff --git a/src/js/dao/invitation-dao.js b/src/js/dao/invitation-dao.js
index f7013de..41e16ab 100644
--- a/src/js/dao/invitation-dao.js
+++ b/src/js/dao/invitation-dao.js
@@ -1,62 +1,60 @@
-define(function() {
- 'use strict';
-
- /**
- * The InvitationDAO is a high level Data Access Object that access the invitation service REST endpoint.
- * @param {Object} restDao The REST Data Access Object abstraction
- */
- var InvitationDAO = function(restDao) {
- this._restDao = restDao;
- };
-
- //
- // Constants
- //
-
- InvitationDAO.INVITE_MISSING = 1;
- InvitationDAO.INVITE_PENDING = 2;
- InvitationDAO.INVITE_SUCCESS = 4;
-
- //
- // API
- //
-
- /**
- * Notes an invite for the recipient by the sender in the invitation web service
- * @param {String} options.recipient User ID of the recipient
- * @param {String} options.sender User ID of the sender
- * @param {Function} callback(error, status) Returns information if the invitation worked (INVITE_SUCCESS), if an invitation is already pendin (INVITE_PENDING), or information if an error occurred.
- */
- InvitationDAO.prototype.invite = function(options, callback) {
- if (typeof options !== 'object' || typeof options.recipient !== 'string' || typeof options.recipient !== 'string') {
- callback({
- errMsg: 'erroneous usage of api: incorrect parameters!'
- });
+'use strict';
+
+/**
+ * The InvitationDAO is a high level Data Access Object that access the invitation service REST endpoint.
+ * @param {Object} restDao The REST Data Access Object abstraction
+ */
+var InvitationDAO = function(restDao) {
+ this._restDao = restDao;
+};
+
+//
+// Constants
+//
+
+InvitationDAO.INVITE_MISSING = 1;
+InvitationDAO.INVITE_PENDING = 2;
+InvitationDAO.INVITE_SUCCESS = 4;
+
+//
+// API
+//
+
+/**
+ * Notes an invite for the recipient by the sender in the invitation web service
+ * @param {String} options.recipient User ID of the recipient
+ * @param {String} options.sender User ID of the sender
+ * @param {Function} callback(error, status) Returns information if the invitation worked (INVITE_SUCCESS), if an invitation is already pendin (INVITE_PENDING), or information if an error occurred.
+ */
+InvitationDAO.prototype.invite = function(options, callback) {
+ if (typeof options !== 'object' || typeof options.recipient !== 'string' || typeof options.recipient !== 'string') {
+ callback({
+ errMsg: 'erroneous usage of api: incorrect parameters!'
+ });
+ return;
+ }
+
+ var uri = '/invitation/recipient/' + options.recipient + '/sender/' + options.sender;
+ this._restDao.put({}, uri, completed);
+
+ function completed(error, res, status) {
+ if (error) {
+ callback(error);
return;
}
- var uri = '/invitation/recipient/' + options.recipient + '/sender/' + options.sender;
- this._restDao.put({}, uri, completed);
-
- function completed(error, res, status) {
- if (error) {
- callback(error);
- return;
- }
-
- if (status === 201) {
- callback(null, InvitationDAO.INVITE_SUCCESS);
- return;
- } else if (status === 304) {
- callback(null, InvitationDAO.INVITE_PENDING);
- return;
- }
-
- callback({
- errMsg: 'unexpected invitation state'
- });
+ if (status === 201) {
+ callback(null, InvitationDAO.INVITE_SUCCESS);
+ return;
+ } else if (status === 304) {
+ callback(null, InvitationDAO.INVITE_PENDING);
+ return;
}
- };
- return InvitationDAO;
-});
\ No newline at end of file
+ callback({
+ errMsg: 'unexpected invitation state'
+ });
+ }
+};
+
+module.exports = InvitationDAO;
\ No newline at end of file
diff --git a/src/js/dao/keychain-dao.js b/src/js/dao/keychain-dao.js
index 7b070c1..298fff3 100644
--- a/src/js/dao/keychain-dao.js
+++ b/src/js/dao/keychain-dao.js
@@ -2,937 +2,935 @@
* A high-level Data-Access Api for handling Keypair synchronization
* between the cloud service and the device's local storage
*/
-define(function(require) {
- 'use strict';
-
- var _ = require('underscore'),
- util = require('js/crypto/util'),
- config = require('js/app-config').config;
-
- var DB_PUBLICKEY = 'publickey',
- DB_PRIVATEKEY = 'privatekey',
- DB_DEVICENAME = 'devicename',
- DB_DEVICE_SECRET = 'devicesecret';
-
- var KeychainDAO = function(localDbDao, publicKeyDao, privateKeyDao, crypto, pgp) {
- this._localDbDao = localDbDao;
- this._publicKeyDao = publicKeyDao;
- this._privateKeyDao = privateKeyDao;
- this._crypto = crypto;
- this._pgp = pgp;
- };
-
- //
- // Public key functions
- //
-
- /**
- * Verifies the public key of a user o nthe public key store
- * @param {String} uuid The uuid to verify the key
- * @param {Function} callback(error) Callback with an optional error object when the verification is done. If the was an error, the error object contains the information for it.
- */
- KeychainDAO.prototype.verifyPublicKey = function(uuid, callback) {
- this._publicKeyDao.verify(uuid, callback);
- };
-
- /**
- * Get an array of public keys by looking in local storage and
- * fetching missing keys from the cloud service.
- * @param ids [Array] the key ids as [{_id, userId}]
- * @return [PublicKeyCollection] The requiested public keys
- */
- KeychainDAO.prototype.getPublicKeys = function(ids, callback) {
- var self = this,
- after, already, pubkeys = [];
-
- // return empty array if key ids are emtpy
- if (ids.length < 1) {
- callback(null, pubkeys);
- return;
- }
- after = _.after(ids.length, function() {
- callback(null, pubkeys);
- });
+'use strict';
- _.each(ids, function(i) {
- // lookup locally and in storage
- self.lookupPublicKey(i._id, function(err, pubkey) {
- if (err || !pubkey) {
- callback({
- errMsg: 'Error looking up public key!',
- err: err
- });
- return;
- }
+var util = require('crypto-lib').util,
+ config = require('../app-config').config;
+
+var DB_PUBLICKEY = 'publickey',
+ DB_PRIVATEKEY = 'privatekey',
+ DB_DEVICENAME = 'devicename',
+ DB_DEVICE_SECRET = 'devicesecret';
+
+var KeychainDAO = function(localDbDao, publicKeyDao, privateKeyDao, crypto, pgp) {
+ this._localDbDao = localDbDao;
+ this._publicKeyDao = publicKeyDao;
+ this._privateKeyDao = privateKeyDao;
+ this._crypto = crypto;
+ this._pgp = pgp;
+};
+
+//
+// Public key functions
+//
+
+/**
+ * Verifies the public key of a user o nthe public key store
+ * @param {String} uuid The uuid to verify the key
+ * @param {Function} callback(error) Callback with an optional error object when the verification is done. If the was an error, the error object contains the information for it.
+ */
+KeychainDAO.prototype.verifyPublicKey = function(uuid, callback) {
+ this._publicKeyDao.verify(uuid, callback);
+};
- // check if public key with that id has already been fetched
- already = null;
- already = _.findWhere(pubkeys, {
- _id: i._id
+/**
+ * Get an array of public keys by looking in local storage and
+ * fetching missing keys from the cloud service.
+ * @param ids [Array] the key ids as [{_id, userId}]
+ * @return [PublicKeyCollection] The requiested public keys
+ */
+KeychainDAO.prototype.getPublicKeys = function(ids, callback) {
+ var self = this,
+ after, already, pubkeys = [];
+
+ // return empty array if key ids are emtpy
+ if (ids.length < 1) {
+ callback(null, pubkeys);
+ return;
+ }
+
+ after = _.after(ids.length, function() {
+ callback(null, pubkeys);
+ });
+
+ _.each(ids, function(i) {
+ // lookup locally and in storage
+ self.lookupPublicKey(i._id, function(err, pubkey) {
+ if (err || !pubkey) {
+ callback({
+ errMsg: 'Error looking up public key!',
+ err: err
});
- if (!already) {
- pubkeys.push(pubkey);
- }
+ return;
+ }
- after(); // asynchronously iterate through objects
+ // check if public key with that id has already been fetched
+ already = null;
+ already = _.findWhere(pubkeys, {
+ _id: i._id
});
+ if (!already) {
+ pubkeys.push(pubkey);
+ }
+
+ after(); // asynchronously iterate through objects
});
- };
-
- /**
- * Checks for public key updates of a given user id
- * @param {String} userId The user id (email address) for which to check the key
- * @param {Function} callback(error, key) Invoked when the key has been updated or an error occurred
- */
- KeychainDAO.prototype.refreshKeyForUserId = function(userId, callback) {
- var self = this;
-
- // get the public key corresponding to the userId
- self.getReceiverPublicKey(userId, function(err, localKey) {
- if (!localKey || !localKey._id) {
- // there is no key available, no need to refresh
- callback();
+ });
+};
+
+/**
+ * Checks for public key updates of a given user id
+ * @param {String} userId The user id (email address) for which to check the key
+ * @param {Function} callback(error, key) Invoked when the key has been updated or an error occurred
+ */
+KeychainDAO.prototype.refreshKeyForUserId = function(userId, callback) {
+ var self = this;
+
+ // get the public key corresponding to the userId
+ self.getReceiverPublicKey(userId, function(err, localKey) {
+ if (!localKey || !localKey._id) {
+ // there is no key available, no need to refresh
+ callback();
+ return;
+ }
+
+ // no need to refresh manually imported public keys
+ if (localKey.imported) {
+ callback(null, localKey);
+ return;
+ }
+
+ // check if the key id still exists on the key server
+ checkKeyExists(localKey);
+ });
+
+ // checks if the user's key has been revoked by looking up the key id
+ function checkKeyExists(localKey) {
+ self._publicKeyDao.get(localKey._id, function(err, cloudKey) {
+ if (err && err.code === 42) {
+ // we're offline, we're done checking the key
+ callback(null, localKey);
+ return;
+ }
+
+ if (err) {
+ // there was an error, exit and inform
+ callback(err);
return;
}
- // no need to refresh manually imported public keys
- if (localKey.imported) {
+ if (cloudKey && cloudKey._id === localKey._id) {
+ // the key is present on the server, all is well
callback(null, localKey);
return;
}
- // check if the key id still exists on the key server
- checkKeyExists(localKey);
+ // the key has changed, update the key
+ updateKey(localKey);
});
+ }
- // checks if the user's key has been revoked by looking up the key id
- function checkKeyExists(localKey) {
- self._publicKeyDao.get(localKey._id, function(err, cloudKey) {
- if (err && err.code === 42) {
- // we're offline, we're done checking the key
- callback(null, localKey);
- return;
- }
+ function updateKey(localKey) {
+ // look for an updated key for the user id
+ self._publicKeyDao.getByUserId(userId, function(err, newKey) {
+ // offline?
+ if (err && err.code === 42) {
+ callback(null, localKey);
+ return;
+ }
- if (err) {
- // there was an error, exit and inform
- callback(err);
- return;
- }
+ if (err) {
+ callback(err);
+ return;
+ }
- if (cloudKey && cloudKey._id === localKey._id) {
- // the key is present on the server, all is well
+ // the public key has changed, we need to ask for permission to update the key
+ self.requestPermissionForKeyUpdate({
+ userId: userId,
+ newKey: newKey
+ }, function(granted) {
+ if (!granted) {
+ // permission was not given to update the key, so don't overwrite the old one!
callback(null, localKey);
return;
}
- // the key has changed, update the key
- updateKey(localKey);
+ // permission to update the key was given, so delete the old one and persist the new one
+ self.removeLocalPublicKey(localKey._id, function(err) {
+ if (err || !newKey) {
+ // error or no new key to save
+ callback(err);
+ return;
+ }
+
+ // persist the new key and return it
+ self.saveLocalPublicKey(newKey, function(err) {
+ callback(err, err ? undefined : newKey);
+ });
+ });
});
+
+ });
+ }
+};
+
+/**
+ * Look up a reveiver's public key by user id
+ * @param userId [String] the receiver's email address
+ */
+KeychainDAO.prototype.getReceiverPublicKey = function(userId, callback) {
+ var self = this;
+
+ // search local keyring for public key
+ self._localDbDao.list(DB_PUBLICKEY, 0, null, function(err, allPubkeys) {
+ if (err) {
+ callback(err);
+ return;
}
- function updateKey(localKey) {
- // look for an updated key for the user id
- self._publicKeyDao.getByUserId(userId, function(err, newKey) {
- // offline?
- if (err && err.code === 42) {
- callback(null, localKey);
- return;
- }
+ // query primary email address
+ var pubkey = _.findWhere(allPubkeys, {
+ userId: userId
+ });
- if (err) {
- callback(err);
- return;
+ // query mutliple userIds (for imported public keys)
+ if (!pubkey) {
+ for (var i = 0, match; i < allPubkeys.length; i++) {
+ match = _.findWhere(allPubkeys[i].userIds, {
+ emailAddress: userId
+ });
+ if (match) {
+ pubkey = allPubkeys[i];
+ break;
}
+ }
+ }
- // the public key has changed, we need to ask for permission to update the key
- self.requestPermissionForKeyUpdate({
- userId: userId,
- newKey: newKey
- }, function(granted) {
- if (!granted) {
- // permission was not given to update the key, so don't overwrite the old one!
- callback(null, localKey);
- return;
- }
+ if (pubkey && pubkey._id) {
+ // that user's public key is already in local storage
+ callback(null, pubkey);
+ return;
+ }
- // permission to update the key was given, so delete the old one and persist the new one
- self.removeLocalPublicKey(localKey._id, function(err) {
- if (err || !newKey) {
- // error or no new key to save
- callback(err);
- return;
- }
-
- // persist the new key and return it
- self.saveLocalPublicKey(newKey, function(err) {
- callback(err, err ? undefined : newKey);
- });
- });
- });
+ // no public key by that user id in storage
+ // find from cloud by email address
+ self._publicKeyDao.getByUserId(userId, onKeyReceived);
+ });
- });
+ function onKeyReceived(err, cloudPubkey) {
+ if (err && err.code === 42) {
+ // offline
+ callback();
+ return;
}
- };
- /**
- * Look up a reveiver's public key by user id
- * @param userId [String] the receiver's email address
- */
- KeychainDAO.prototype.getReceiverPublicKey = function(userId, callback) {
- var self = this;
+ if (err) {
+ callback(err);
+ return;
+ }
- // search local keyring for public key
- self._localDbDao.list(DB_PUBLICKEY, 0, null, function(err, allPubkeys) {
+ if (!cloudPubkey) {
+ // public key has been deleted without replacement
+ callback();
+ return;
+ }
+
+ self.saveLocalPublicKey(cloudPubkey, function(err) {
if (err) {
callback(err);
return;
}
- // query primary email address
- var pubkey = _.findWhere(allPubkeys, {
- userId: userId
- });
+ callback(null, cloudPubkey);
+ });
+ }
+};
- // query mutliple userIds (for imported public keys)
- if (!pubkey) {
- for (var i = 0, match; i < allPubkeys.length; i++) {
- match = _.findWhere(allPubkeys[i].userIds, {
- emailAddress: userId
- });
- if (match) {
- pubkey = allPubkeys[i];
- break;
- }
- }
- }
+//
+// Device registration functions
+//
- if (pubkey && pubkey._id) {
- // that user's public key is already in local storage
- callback(null, pubkey);
- return;
- }
+/**
+ * Set the device's memorable name e.g 'iPhone Work'
+ * @param {String} deviceName The device name
+ * @param {Function} callback(error)
+ */
+KeychainDAO.prototype.setDeviceName = function(deviceName, callback) {
+ if (!deviceName) {
+ callback(new Error('Please set a device name!'));
+ return;
+ }
- // no public key by that user id in storage
- // find from cloud by email address
- self._publicKeyDao.getByUserId(userId, onKeyReceived);
- });
+ this._localDbDao.persist(DB_DEVICENAME, deviceName, callback);
+};
- function onKeyReceived(err, cloudPubkey) {
- if (err && err.code === 42) {
- // offline
- callback();
- return;
- }
+/**
+ * Get the device' memorable name from local storage. Throws an error if not set
+ * @param {Function} callback(error, deviceName)
+ * @return {String} The device name
+ */
+KeychainDAO.prototype.getDeviceName = function(callback) {
+ // check if deviceName is already persisted in storage
+ this._localDbDao.read(DB_DEVICENAME, function(err, deviceName) {
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ if (!deviceName) {
+ callback(new Error('Device name not set!'));
+ return;
+ }
+
+ callback(null, deviceName);
+ });
+};
+
+/**
+ * Geneate a device specific key and secret to authenticate to the private key service.
+ * @param {Function} callback(error, deviceSecret:[base64 encoded string])
+ */
+KeychainDAO.prototype.getDeviceSecret = function(callback) {
+ var self = this;
+
+ // generate random deviceSecret or get from storage
+ self._localDbDao.read(DB_DEVICE_SECRET, function(err, storedDevSecret) {
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ if (storedDevSecret) {
+ // a device key is already available locally
+ callback(null, storedDevSecret);
+ return;
+ }
+ // generate random deviceSecret
+ var deviceSecret = util.random(config.symKeySize);
+ // persist deviceSecret to local storage (in plaintext)
+ self._localDbDao.persist(DB_DEVICE_SECRET, deviceSecret, function(err) {
if (err) {
callback(err);
return;
}
- if (!cloudPubkey) {
- // public key has been deleted without replacement
- callback();
- return;
- }
-
- self.saveLocalPublicKey(cloudPubkey, function(err) {
- if (err) {
- callback(err);
- return;
- }
+ callback(null, deviceSecret);
+ });
+ });
+};
- callback(null, cloudPubkey);
- });
- }
- };
-
- //
- // Device registration functions
- //
-
- /**
- * Set the device's memorable name e.g 'iPhone Work'
- * @param {String} deviceName The device name
- * @param {Function} callback(error)
- */
- KeychainDAO.prototype.setDeviceName = function(deviceName, callback) {
- if (!deviceName) {
- callback(new Error('Please set a device name!'));
+/**
+ * Register the device on the private key server. This will give the device access to upload an encrypted private key.
+ * @param {String} options.userId The user's email address
+ * @param {Function} callback(error)
+ */
+KeychainDAO.prototype.registerDevice = function(options, callback) {
+ var self = this,
+ devName;
+
+ // check if deviceName is already persisted in storage
+ self.getDeviceName(function(err, deviceName) {
+ if (err) {
+ callback(err);
return;
}
- this._localDbDao.persist(DB_DEVICENAME, deviceName, callback);
- };
-
- /**
- * Get the device' memorable name from local storage. Throws an error if not set
- * @param {Function} callback(error, deviceName)
- * @return {String} The device name
- */
- KeychainDAO.prototype.getDeviceName = function(callback) {
- // check if deviceName is already persisted in storage
- this._localDbDao.read(DB_DEVICENAME, function(err, deviceName) {
+ requestDeviceRegistration(deviceName);
+ });
+
+ function requestDeviceRegistration(deviceName) {
+ devName = deviceName;
+
+ // request device registration session key
+ self._privateKeyDao.requestDeviceRegistration({
+ userId: options.userId,
+ deviceName: deviceName
+ }, function(err, regSessionKey) {
if (err) {
callback(err);
return;
}
- if (!deviceName) {
- callback(new Error('Device name not set!'));
+ if (!regSessionKey.encryptedRegSessionKey) {
+ callback(new Error('Invalid format for session key!'));
return;
}
- callback(null, deviceName);
+ decryptSessionKey(regSessionKey);
});
- };
+ }
- /**
- * Geneate a device specific key and secret to authenticate to the private key service.
- * @param {Function} callback(error, deviceSecret:[base64 encoded string])
- */
- KeychainDAO.prototype.getDeviceSecret = function(callback) {
- var self = this;
-
- // generate random deviceSecret or get from storage
- self._localDbDao.read(DB_DEVICE_SECRET, function(err, storedDevSecret) {
+ function decryptSessionKey(regSessionKey) {
+ self.lookupPublicKey(config.serverPrivateKeyId, function(err, serverPubkey) {
if (err) {
callback(err);
return;
}
- if (storedDevSecret) {
- // a device key is already available locally
- callback(null, storedDevSecret);
+ if (!serverPubkey || !serverPubkey.publicKey) {
+ callback(new Error('Server public key for device registration not found!'));
return;
}
- // generate random deviceSecret
- var deviceSecret = util.random(config.symKeySize);
- // persist deviceSecret to local storage (in plaintext)
- self._localDbDao.persist(DB_DEVICE_SECRET, deviceSecret, function(err) {
- if (err) {
- callback(err);
- return;
+ // decrypt the session key
+ var ct = regSessionKey.encryptedRegSessionKey;
+ self._pgp.decrypt(ct, serverPubkey.publicKey, function(err, decrypedSessionKey, signaturesValid) {
+ if (err || !signaturesValid) {
+ return callback(err || new Error('Verifying PGP signature failed!'));
}
- callback(null, deviceSecret);
+ uploadDeviceSecret(decrypedSessionKey);
});
});
- };
-
- /**
- * Register the device on the private key server. This will give the device access to upload an encrypted private key.
- * @param {String} options.userId The user's email address
- * @param {Function} callback(error)
- */
- KeychainDAO.prototype.registerDevice = function(options, callback) {
- var self = this,
- devName;
-
- // check if deviceName is already persisted in storage
- self.getDeviceName(function(err, deviceName) {
+ }
+
+ function uploadDeviceSecret(regSessionKey) {
+ // read device secret from local storage
+ self.getDeviceSecret(function(err, deviceSecret) {
if (err) {
callback(err);
return;
}
- requestDeviceRegistration(deviceName);
- });
-
- function requestDeviceRegistration(deviceName) {
- devName = deviceName;
-
- // request device registration session key
- self._privateKeyDao.requestDeviceRegistration({
- userId: options.userId,
- deviceName: deviceName
- }, function(err, regSessionKey) {
+ // generate iv
+ var iv = util.random(config.symIvSize);
+ // encrypt deviceSecret
+ self._crypto.encrypt(deviceSecret, regSessionKey, iv, function(err, encryptedDeviceSecret) {
if (err) {
callback(err);
return;
}
- if (!regSessionKey.encryptedRegSessionKey) {
- callback(new Error('Invalid format for session key!'));
- return;
- }
-
- decryptSessionKey(regSessionKey);
+ // upload encryptedDeviceSecret
+ self._privateKeyDao.uploadDeviceSecret({
+ userId: options.userId,
+ deviceName: devName,
+ encryptedDeviceSecret: encryptedDeviceSecret,
+ iv: iv
+ }, callback);
});
- }
-
- function decryptSessionKey(regSessionKey) {
- self.lookupPublicKey(config.serverPrivateKeyId, function(err, serverPubkey) {
- if (err) {
- callback(err);
- return;
- }
+ });
+ }
+};
- if (!serverPubkey || !serverPubkey.publicKey) {
- callback(new Error('Server public key for device registration not found!'));
- return;
- }
+//
+// Private key functions
+//
- // decrypt the session key
- var ct = regSessionKey.encryptedRegSessionKey;
- self._pgp.decrypt(ct, serverPubkey.publicKey, function(err, decrypedSessionKey, signaturesValid) {
- if (err || !signaturesValid) {
- return callback(err || new Error('Verifying PGP signature failed!'));
- }
+/**
+ * Authenticate to the private key server (required before private PGP key upload).
+ * @param {String} userId The user's email address
+ * @param {Function} callback(error, authSessionKey)
+ * @return {Object} {sessionId:String, sessionKey:[base64 encoded]}
+ */
+KeychainDAO.prototype._authenticateToPrivateKeyServer = function(userId, callback) {
+ var self = this,
+ sessionId;
+
+ // request auth session key required for upload
+ self._privateKeyDao.requestAuthSessionKey({
+ userId: userId
+ }, function(err, authSessionKey) {
+ if (err) {
+ callback(err);
+ return;
+ }
- uploadDeviceSecret(decrypedSessionKey);
- });
- });
+ if (!authSessionKey.encryptedAuthSessionKey || !authSessionKey.encryptedChallenge || !authSessionKey.sessionId) {
+ callback(new Error('Invalid format for session key!'));
+ return;
}
- function uploadDeviceSecret(regSessionKey) {
- // read device secret from local storage
- self.getDeviceSecret(function(err, deviceSecret) {
- if (err) {
- callback(err);
- return;
- }
+ // remember session id for verification
+ sessionId = authSessionKey.sessionId;
- // generate iv
- var iv = util.random(config.symIvSize);
- // encrypt deviceSecret
- self._crypto.encrypt(deviceSecret, regSessionKey, iv, function(err, encryptedDeviceSecret) {
- if (err) {
- callback(err);
- return;
- }
+ decryptSessionKey(authSessionKey);
+ });
- // upload encryptedDeviceSecret
- self._privateKeyDao.uploadDeviceSecret({
- userId: options.userId,
- deviceName: devName,
- encryptedDeviceSecret: encryptedDeviceSecret,
- iv: iv
- }, callback);
- });
- });
- }
- };
-
- //
- // Private key functions
- //
-
- /**
- * Authenticate to the private key server (required before private PGP key upload).
- * @param {String} userId The user's email address
- * @param {Function} callback(error, authSessionKey)
- * @return {Object} {sessionId:String, sessionKey:[base64 encoded]}
- */
- KeychainDAO.prototype._authenticateToPrivateKeyServer = function(userId, callback) {
- var self = this,
- sessionId;
-
- // request auth session key required for upload
- self._privateKeyDao.requestAuthSessionKey({
- userId: userId
- }, function(err, authSessionKey) {
+ function decryptSessionKey(authSessionKey) {
+ self.lookupPublicKey(config.serverPrivateKeyId, function(err, serverPubkey) {
if (err) {
callback(err);
return;
}
- if (!authSessionKey.encryptedAuthSessionKey || !authSessionKey.encryptedChallenge || !authSessionKey.sessionId) {
- callback(new Error('Invalid format for session key!'));
+ if (!serverPubkey || !serverPubkey.publicKey) {
+ callback(new Error('Server public key for authentication not found!'));
return;
}
- // remember session id for verification
- sessionId = authSessionKey.sessionId;
-
- decryptSessionKey(authSessionKey);
- });
-
- function decryptSessionKey(authSessionKey) {
- self.lookupPublicKey(config.serverPrivateKeyId, function(err, serverPubkey) {
- if (err) {
- callback(err);
- return;
- }
-
- if (!serverPubkey || !serverPubkey.publicKey) {
- callback(new Error('Server public key for authentication not found!'));
- return;
+ // decrypt the session key
+ var ct1 = authSessionKey.encryptedAuthSessionKey;
+ self._pgp.decrypt(ct1, serverPubkey.publicKey, function(err, decryptedSessionKey, signaturesValid) {
+ if (err || !signaturesValid) {
+ return callback(err || new Error('Verifying PGP signature failed!'));
}
- // decrypt the session key
- var ct1 = authSessionKey.encryptedAuthSessionKey;
- self._pgp.decrypt(ct1, serverPubkey.publicKey, function(err, decryptedSessionKey, signaturesValid) {
+ // decrypt the challenge
+ var ct2 = authSessionKey.encryptedChallenge;
+ self._pgp.decrypt(ct2, serverPubkey.publicKey, function(err, decryptedChallenge, signaturesValid) {
if (err || !signaturesValid) {
return callback(err || new Error('Verifying PGP signature failed!'));
}
- // decrypt the challenge
- var ct2 = authSessionKey.encryptedChallenge;
- self._pgp.decrypt(ct2, serverPubkey.publicKey, function(err, decryptedChallenge, signaturesValid) {
- if (err || !signaturesValid) {
- return callback(err || new Error('Verifying PGP signature failed!'));
- }
-
- encryptChallenge(decryptedSessionKey, decryptedChallenge);
- });
+ encryptChallenge(decryptedSessionKey, decryptedChallenge);
});
});
- }
+ });
+ }
+
+ function encryptChallenge(sessionKey, challenge) {
+ // get device secret
+ self.getDeviceSecret(function(err, deviceSecret) {
+ if (err) {
+ callback(err);
+ return;
+ }
- function encryptChallenge(sessionKey, challenge) {
- // get device secret
- self.getDeviceSecret(function(err, deviceSecret) {
+ var iv = util.random(config.symIvSize);
+ // encrypt the challenge
+ self._crypto.encrypt(challenge, sessionKey, iv, function(err, encryptedChallenge) {
if (err) {
callback(err);
return;
}
- var iv = util.random(config.symIvSize);
- // encrypt the challenge
- self._crypto.encrypt(challenge, sessionKey, iv, function(err, encryptedChallenge) {
+ // encrypt the device secret
+ self._crypto.encrypt(deviceSecret, sessionKey, iv, function(err, encryptedDeviceSecret) {
if (err) {
callback(err);
return;
}
- // encrypt the device secret
- self._crypto.encrypt(deviceSecret, sessionKey, iv, function(err, encryptedDeviceSecret) {
- if (err) {
- callback(err);
- return;
- }
-
- replyChallenge({
- encryptedChallenge: encryptedChallenge,
- encryptedDeviceSecret: encryptedDeviceSecret,
- iv: iv
- }, sessionKey);
- });
+ replyChallenge({
+ encryptedChallenge: encryptedChallenge,
+ encryptedDeviceSecret: encryptedDeviceSecret,
+ iv: iv
+ }, sessionKey);
});
});
- }
+ });
+ }
+
+ function replyChallenge(response, sessionKey) {
+ // respond to challenge by uploading the with the session key encrypted challenge
+ self._privateKeyDao.verifyAuthentication({
+ userId: userId,
+ sessionId: sessionId,
+ encryptedChallenge: response.encryptedChallenge,
+ encryptedDeviceSecret: response.encryptedDeviceSecret,
+ iv: response.iv
+ }, function(err) {
+ if (err) {
+ callback(err);
+ return;
+ }
- function replyChallenge(response, sessionKey) {
- // respond to challenge by uploading the with the session key encrypted challenge
- self._privateKeyDao.verifyAuthentication({
- userId: userId,
+ callback(null, {
sessionId: sessionId,
- encryptedChallenge: response.encryptedChallenge,
- encryptedDeviceSecret: response.encryptedDeviceSecret,
- iv: response.iv
- }, function(err) {
- if (err) {
- callback(err);
- return;
- }
-
- callback(null, {
- sessionId: sessionId,
- sessionKey: sessionKey
- });
+ sessionKey: sessionKey
});
- }
- };
-
- /**
- * Encrypt and upload the private PGP key to the server.
- * @param {String} options.userId The user's email address
- * @param {String} options.code The randomly generated or self selected code used to derive the key for the encryption of the private PGP key
- * @param {Function} callback(error)
- */
- KeychainDAO.prototype.uploadPrivateKey = function(options, callback) {
- var self = this,
- keySize = config.symKeySize,
- salt;
-
- if (!options.userId || !options.code) {
- callback(new Error('Incomplete arguments!'));
- return;
- }
+ });
+ }
+};
- deriveKey(options.code);
+/**
+ * Encrypt and upload the private PGP key to the server.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.code The randomly generated or self selected code used to derive the key for the encryption of the private PGP key
+ * @param {Function} callback(error)
+ */
+KeychainDAO.prototype.uploadPrivateKey = function(options, callback) {
+ var self = this,
+ keySize = config.symKeySize,
+ salt;
+
+ if (!options.userId || !options.code) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ deriveKey(options.code);
+
+ function deriveKey(code) {
+ // generate random salt
+ salt = util.random(keySize);
+ // derive key from the code using PBKDF2
+ self._crypto.deriveKey(code, salt, keySize, function(err, key) {
+ if (err) {
+ callback(err);
+ return;
+ }
- function deriveKey(code) {
- // generate random salt
- salt = util.random(keySize);
- // derive key from the code using PBKDF2
- self._crypto.deriveKey(code, salt, keySize, function(err, key) {
+ encryptPrivateKey(key);
+ });
+ }
+
+ function encryptPrivateKey(encryptionKey) {
+ // get private key from local storage
+ self.getUserKeyPair(options.userId, function(err, keypair) {
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ var privkeyId = keypair.privateKey._id,
+ pgpBlock = keypair.privateKey.encryptedKey;
+
+ // encrypt the private key with the derived key
+ var iv = util.random(config.symIvSize);
+ self._crypto.encrypt(pgpBlock, encryptionKey, iv, function(err, ct) {
if (err) {
callback(err);
return;
}
- encryptPrivateKey(key);
+ var payload = {
+ _id: privkeyId,
+ userId: options.userId,
+ encryptedPrivateKey: ct,
+ salt: salt,
+ iv: iv
+ };
+
+ uploadPrivateKey(payload);
});
- }
+ });
+ }
- function encryptPrivateKey(encryptionKey) {
- // get private key from local storage
- self.getUserKeyPair(options.userId, function(err, keypair) {
+ function uploadPrivateKey(payload) {
+ // authenticate to server for upload
+ self._authenticateToPrivateKeyServer(options.userId, function(err, authSessionKey) {
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ // encrypt encryptedPrivateKey again using authSessionKey
+ var pt = payload.encryptedPrivateKey,
+ iv = payload.iv,
+ key = authSessionKey.sessionKey;
+ self._crypto.encrypt(pt, key, iv, function(err, ct) {
if (err) {
callback(err);
return;
}
- var privkeyId = keypair.privateKey._id,
- pgpBlock = keypair.privateKey.encryptedKey;
-
- // encrypt the private key with the derived key
- var iv = util.random(config.symIvSize);
- self._crypto.encrypt(pgpBlock, encryptionKey, iv, function(err, ct) {
- if (err) {
- callback(err);
- return;
- }
-
- var payload = {
- _id: privkeyId,
- userId: options.userId,
- encryptedPrivateKey: ct,
- salt: salt,
- iv: iv
- };
+ // replace the encryptedPrivateKey with the double wrapped ciphertext
+ payload.encryptedPrivateKey = ct;
+ // set sessionId
+ payload.sessionId = authSessionKey.sessionId;
- uploadPrivateKey(payload);
- });
+ // upload the encrypted priavet key
+ self._privateKeyDao.upload(payload, callback);
});
- }
+ });
+ }
+};
- function uploadPrivateKey(payload) {
- // authenticate to server for upload
- self._authenticateToPrivateKeyServer(options.userId, function(err, authSessionKey) {
- if (err) {
- callback(err);
- return;
- }
+/**
+ * Request downloading the user's encrypted private key. This will initiate the server to send the recovery token via email/sms to the user.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The private PGP key id
+ * @param {Function} callback(error)
+ */
+KeychainDAO.prototype.requestPrivateKeyDownload = function(options, callback) {
+ this._privateKeyDao.requestDownload(options, callback);
+};
- // encrypt encryptedPrivateKey again using authSessionKey
- var pt = payload.encryptedPrivateKey,
- iv = payload.iv,
- key = authSessionKey.sessionKey;
- self._crypto.encrypt(pt, key, iv, function(err, ct) {
- if (err) {
- callback(err);
- return;
- }
+/**
+ * Query if an encrypted private PGP key exists on the server without initializing the recovery procedure
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The private PGP key id
+ * @param {Function} callback(error)
+ */
+KeychainDAO.prototype.hasPrivateKey = function(options, callback) {
+ this._privateKeyDao.hasPrivateKey(options, callback);
+};
- // replace the encryptedPrivateKey with the double wrapped ciphertext
- payload.encryptedPrivateKey = ct;
- // set sessionId
- payload.sessionId = authSessionKey.sessionId;
+/**
+ * Download the encrypted private PGP key from the server using the recovery token.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The user's email address
+ * @param {String} options.recoveryToken The recovery token acquired via email/sms from the key server
+ * @param {Function} callback(error, encryptedPrivateKey)
+ */
+KeychainDAO.prototype.downloadPrivateKey = function(options, callback) {
+ this._privateKeyDao.download(options, callback);
+};
- // upload the encrypted priavet key
- self._privateKeyDao.upload(payload, callback);
- });
- });
- }
- };
-
- /**
- * Request downloading the user's encrypted private key. This will initiate the server to send the recovery token via email/sms to the user.
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The private PGP key id
- * @param {Function} callback(error)
- */
- KeychainDAO.prototype.requestPrivateKeyDownload = function(options, callback) {
- this._privateKeyDao.requestDownload(options, callback);
- };
-
- /**
- * Query if an encrypted private PGP key exists on the server without initializing the recovery procedure
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The private PGP key id
- * @param {Function} callback(error)
- */
- KeychainDAO.prototype.hasPrivateKey = function(options, callback) {
- this._privateKeyDao.hasPrivateKey(options, callback);
- };
-
- /**
- * Download the encrypted private PGP key from the server using the recovery token.
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The user's email address
- * @param {String} options.recoveryToken The recovery token acquired via email/sms from the key server
- * @param {Function} callback(error, encryptedPrivateKey)
- */
- KeychainDAO.prototype.downloadPrivateKey = function(options, callback) {
- this._privateKeyDao.download(options, callback);
- };
-
- /**
- * This is called after the encrypted private key has successfully been downloaded and it's ready to be decrypted and stored in localstorage.
- * @param {String} options._id The private PGP key id
- * @param {String} options.userId The user's email address
- * @param {String} options.code The randomly generated or self selected code used to derive the key for the decryption of the private PGP key
- * @param {String} options.encryptedPrivateKey The encrypted private PGP key
- * @param {String} options.salt The salt required to derive the code derived key
- * @param {String} options.iv The iv used to encrypt the private PGP key
- * @param {Function} callback(error, keyObject)
- */
- KeychainDAO.prototype.decryptAndStorePrivateKeyLocally = function(options, callback) {
- var self = this,
- code = options.code,
- salt = options.salt,
- keySize = config.symKeySize;
-
- if (!options._id || !options.userId || !options.code || !options.salt || !options.encryptedPrivateKey || !options.iv) {
- callback(new Error('Incomplete arguments!'));
+/**
+ * This is called after the encrypted private key has successfully been downloaded and it's ready to be decrypted and stored in localstorage.
+ * @param {String} options._id The private PGP key id
+ * @param {String} options.userId The user's email address
+ * @param {String} options.code The randomly generated or self selected code used to derive the key for the decryption of the private PGP key
+ * @param {String} options.encryptedPrivateKey The encrypted private PGP key
+ * @param {String} options.salt The salt required to derive the code derived key
+ * @param {String} options.iv The iv used to encrypt the private PGP key
+ * @param {Function} callback(error, keyObject)
+ */
+KeychainDAO.prototype.decryptAndStorePrivateKeyLocally = function(options, callback) {
+ var self = this,
+ code = options.code,
+ salt = options.salt,
+ keySize = config.symKeySize;
+
+ if (!options._id || !options.userId || !options.code || !options.salt || !options.encryptedPrivateKey || !options.iv) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ // derive key from the code and the salt using PBKDF2
+ self._crypto.deriveKey(code, salt, keySize, function(err, key) {
+ if (err) {
+ callback(err);
return;
}
- // derive key from the code and the salt using PBKDF2
- self._crypto.deriveKey(code, salt, keySize, function(err, key) {
+ decryptAndStore(key);
+ });
+
+ function decryptAndStore(derivedKey) {
+ // decrypt the private key with the derived key
+ var ct = options.encryptedPrivateKey,
+ iv = options.iv;
+
+ self._crypto.decrypt(ct, derivedKey, iv, function(err, privateKeyArmored) {
if (err) {
- callback(err);
+ callback(new Error('Invalid keychain code!'));
return;
}
- decryptAndStore(key);
- });
+ // validate pgp key
+ var keyParams;
+ try {
+ keyParams = self._pgp.getKeyParams(privateKeyArmored);
+ } catch (e) {
+ callback(new Error('Error parsing private PGP key!'));
+ return;
+ }
+
+ if (keyParams._id !== options._id || keyParams.userId !== options.userId) {
+ callback(new Error('Private key parameters don\'t match with public key\'s!'));
+ return;
+ }
- function decryptAndStore(derivedKey) {
- // decrypt the private key with the derived key
- var ct = options.encryptedPrivateKey,
- iv = options.iv;
+ var keyObject = {
+ _id: options._id,
+ userId: options.userId,
+ encryptedKey: privateKeyArmored
+ };
- self._crypto.decrypt(ct, derivedKey, iv, function(err, privateKeyArmored) {
+ // store private key locally
+ self.saveLocalPrivateKey(keyObject, function(err) {
if (err) {
- callback(new Error('Invalid keychain code!'));
+ callback(err);
return;
}
- // validate pgp key
- var keyParams;
- try {
- keyParams = self._pgp.getKeyParams(privateKeyArmored);
- } catch (e) {
- callback(new Error('Error parsing private PGP key!'));
- return;
- }
+ callback(null, keyObject);
+ });
+ });
+ }
+};
- if (keyParams._id !== options._id || keyParams.userId !== options.userId) {
- callback(new Error('Private key parameters don\'t match with public key\'s!'));
- return;
- }
+//
+// Keypair functions
+//
- var keyObject = {
- _id: options._id,
- userId: options.userId,
- encryptedKey: privateKeyArmored
- };
+/**
+ * Gets the local user's key either from local storage
+ * or fetches it from the cloud. The private key is encrypted.
+ * If no key pair exists, null is returned.
+ * return [Object] The user's key pair {publicKey, privateKey}
+ */
+KeychainDAO.prototype.getUserKeyPair = function(userId, callback) {
+ var self = this;
- // store private key locally
- self.saveLocalPrivateKey(keyObject, function(err) {
- if (err) {
- callback(err);
- return;
- }
+ // search for user's public key locally
+ self._localDbDao.list(DB_PUBLICKEY, 0, null, function(err, allPubkeys) {
+ if (err) {
+ callback(err);
+ return;
+ }
- callback(null, keyObject);
- });
- });
+ var pubkey = _.findWhere(allPubkeys, {
+ userId: userId
+ });
+
+ if (pubkey && pubkey._id) {
+ // that user's public key is already in local storage...
+ // sync keypair to the cloud
+ syncKeypair(pubkey._id);
+ return;
}
- };
-
- //
- // Keypair functions
- //
-
- /**
- * Gets the local user's key either from local storage
- * or fetches it from the cloud. The private key is encrypted.
- * If no key pair exists, null is returned.
- * return [Object] The user's key pair {publicKey, privateKey}
- */
- KeychainDAO.prototype.getUserKeyPair = function(userId, callback) {
- var self = this;
-
- // search for user's public key locally
- self._localDbDao.list(DB_PUBLICKEY, 0, null, function(err, allPubkeys) {
+
+ // no public key by that user id in storage
+ // find from cloud by email address
+ self._publicKeyDao.getByUserId(userId, function(err, cloudPubkey) {
if (err) {
callback(err);
return;
}
- var pubkey = _.findWhere(allPubkeys, {
- userId: userId
- });
+ if (cloudPubkey && cloudPubkey._id) {
+ // there is a public key for that user already in the cloud...
+ // sync keypair to local storage
+ syncKeypair(cloudPubkey._id);
+ return;
+ }
- if (pubkey && pubkey._id) {
- // that user's public key is already in local storage...
- // sync keypair to the cloud
- syncKeypair(pubkey._id);
+ // continue without keypair... generate in crypto.js
+ callback();
+ });
+ });
+
+ function syncKeypair(keypairId) {
+ // persist key pair in local storage
+ self.lookupPublicKey(keypairId, function(err, savedPubkey) {
+ if (err) {
+ callback(err);
return;
}
- // no public key by that user id in storage
- // find from cloud by email address
- self._publicKeyDao.getByUserId(userId, function(err, cloudPubkey) {
+ // persist private key in local storage
+ self.lookupPrivateKey(keypairId, function(err, savedPrivkey) {
+ var keys = {};
+
if (err) {
callback(err);
return;
}
- if (cloudPubkey && cloudPubkey._id) {
- // there is a public key for that user already in the cloud...
- // sync keypair to local storage
- syncKeypair(cloudPubkey._id);
- return;
+ if (savedPubkey && savedPubkey.publicKey) {
+ keys.publicKey = savedPubkey;
}
- // continue without keypair... generate in crypto.js
- callback();
- });
- });
-
- function syncKeypair(keypairId) {
- // persist key pair in local storage
- self.lookupPublicKey(keypairId, function(err, savedPubkey) {
- if (err) {
- callback(err);
- return;
+ if (savedPrivkey && savedPrivkey.encryptedKey) {
+ keys.privateKey = savedPrivkey;
}
- // persist private key in local storage
- self.lookupPrivateKey(keypairId, function(err, savedPrivkey) {
- var keys = {};
+ callback(null, keys);
+ });
+ });
+ }
+};
- if (err) {
- callback(err);
- return;
- }
+/**
+ * Checks to see if the user's key pair is stored both
+ * locally and in the cloud and persist arccordingly
+ * @param [Object] The user's key pair {publicKey, privateKey}
+ */
+KeychainDAO.prototype.putUserKeyPair = function(keypair, callback) {
+ var self = this;
- if (savedPubkey && savedPubkey.publicKey) {
- keys.publicKey = savedPubkey;
- }
+ // validate input
+ if (!keypair || !keypair.publicKey || !keypair.privateKey || !keypair.publicKey.userId || keypair.publicKey.userId !== keypair.privateKey.userId) {
+ callback({
+ errMsg: 'Incorrect input!'
+ });
+ return;
+ }
- if (savedPrivkey && savedPrivkey.encryptedKey) {
- keys.privateKey = savedPrivkey;
- }
+ // don't check the user's own public key for deletion in refreshKeyForUserId
+ keypair.publicKey.imported = true;
- callback(null, keys);
- });
- });
- }
- };
-
- /**
- * Checks to see if the user's key pair is stored both
- * locally and in the cloud and persist arccordingly
- * @param [Object] The user's key pair {publicKey, privateKey}
- */
- KeychainDAO.prototype.putUserKeyPair = function(keypair, callback) {
- var self = this;
-
- // validate input
- if (!keypair || !keypair.publicKey || !keypair.privateKey || !keypair.publicKey.userId || keypair.publicKey.userId !== keypair.privateKey.userId) {
- callback({
- errMsg: 'Incorrect input!'
- });
+ // store public key locally
+ self.saveLocalPublicKey(keypair.publicKey, function(err) {
+ if (err) {
+ callback(err);
return;
}
- // don't check the user's own public key for deletion in refreshKeyForUserId
- keypair.publicKey.imported = true;
-
- // store public key locally
- self.saveLocalPublicKey(keypair.publicKey, function(err) {
+ // persist public key in cloud storage
+ self._publicKeyDao.put(keypair.publicKey, function(err) {
+ // validate result
if (err) {
callback(err);
return;
}
- // persist public key in cloud storage
- self._publicKeyDao.put(keypair.publicKey, function(err) {
- // validate result
- if (err) {
- callback(err);
- return;
- }
-
- // store private key locally
- self.saveLocalPrivateKey(keypair.privateKey, callback);
- });
+ // store private key locally
+ self.saveLocalPrivateKey(keypair.privateKey, callback);
});
- };
+ });
+};
- //
- // Helper functions
- //
+//
+// Helper functions
+//
- KeychainDAO.prototype.lookupPublicKey = function(id, callback) {
- var self = this;
+KeychainDAO.prototype.lookupPublicKey = function(id, callback) {
+ var self = this;
- if (!id) {
- callback({
- errMsg: 'ID must be set for public key query!'
- });
+ if (!id) {
+ callback({
+ errMsg: 'ID must be set for public key query!'
+ });
+ return;
+ }
+
+ // lookup in local storage
+ self._localDbDao.read(DB_PUBLICKEY + '_' + id, function(err, pubkey) {
+ if (err) {
+ callback(err);
return;
}
- // lookup in local storage
- self._localDbDao.read(DB_PUBLICKEY + '_' + id, function(err, pubkey) {
+ if (pubkey) {
+ callback(null, pubkey);
+ return;
+ }
+
+ // fetch from cloud storage
+ self._publicKeyDao.get(id, function(err, cloudPubkey) {
if (err) {
callback(err);
return;
}
- if (pubkey) {
- callback(null, pubkey);
- return;
- }
-
- // fetch from cloud storage
- self._publicKeyDao.get(id, function(err, cloudPubkey) {
+ // cache public key in cache
+ self.saveLocalPublicKey(cloudPubkey, function(err) {
if (err) {
callback(err);
return;
}
- // cache public key in cache
- self.saveLocalPublicKey(cloudPubkey, function(err) {
- if (err) {
- callback(err);
- return;
- }
-
- callback(null, cloudPubkey);
- });
+ callback(null, cloudPubkey);
});
});
- };
-
- /**
- * List all the locally stored public keys
- */
- KeychainDAO.prototype.listLocalPublicKeys = function(callback) {
- // search local keyring for public key
- this._localDbDao.list(DB_PUBLICKEY, 0, null, callback);
- };
-
- KeychainDAO.prototype.removeLocalPublicKey = function(id, callback) {
- this._localDbDao.remove(DB_PUBLICKEY + '_' + id, callback);
- };
-
- KeychainDAO.prototype.lookupPrivateKey = function(id, callback) {
- // lookup in local storage
- this._localDbDao.read(DB_PRIVATEKEY + '_' + id, callback);
- };
-
- KeychainDAO.prototype.saveLocalPublicKey = function(pubkey, callback) {
- // persist public key (email, _id)
- var pkLookupKey = DB_PUBLICKEY + '_' + pubkey._id;
- this._localDbDao.persist(pkLookupKey, pubkey, callback);
- };
-
- KeychainDAO.prototype.saveLocalPrivateKey = function(privkey, callback) {
- // persist private key (email, _id)
- var prkLookupKey = DB_PRIVATEKEY + '_' + privkey._id;
- this._localDbDao.persist(prkLookupKey, privkey, callback);
- };
-
- return KeychainDAO;
-});
\ No newline at end of file
+ });
+};
+
+/**
+ * List all the locally stored public keys
+ */
+KeychainDAO.prototype.listLocalPublicKeys = function(callback) {
+ // search local keyring for public key
+ this._localDbDao.list(DB_PUBLICKEY, 0, null, callback);
+};
+
+KeychainDAO.prototype.removeLocalPublicKey = function(id, callback) {
+ this._localDbDao.remove(DB_PUBLICKEY + '_' + id, callback);
+};
+
+KeychainDAO.prototype.lookupPrivateKey = function(id, callback) {
+ // lookup in local storage
+ this._localDbDao.read(DB_PRIVATEKEY + '_' + id, callback);
+};
+
+KeychainDAO.prototype.saveLocalPublicKey = function(pubkey, callback) {
+ // persist public key (email, _id)
+ var pkLookupKey = DB_PUBLICKEY + '_' + pubkey._id;
+ this._localDbDao.persist(pkLookupKey, pubkey, callback);
+};
+
+KeychainDAO.prototype.saveLocalPrivateKey = function(privkey, callback) {
+ // persist private key (email, _id)
+ var prkLookupKey = DB_PRIVATEKEY + '_' + privkey._id;
+ this._localDbDao.persist(prkLookupKey, privkey, callback);
+};
+
+module.exports = KeychainDAO;
\ No newline at end of file
diff --git a/src/js/dao/lawnchair-dao.js b/src/js/dao/lawnchair-dao.js
index bee484f..685c7f2 100644
--- a/src/js/dao/lawnchair-dao.js
+++ b/src/js/dao/lawnchair-dao.js
@@ -1,222 +1,216 @@
/**
* Handles generic caching of JSON objects in a lawnchair adapter
*/
-define(function(require) {
- 'use strict';
- var _ = require('underscore'),
- Lawnchair = require('lawnchair');
- require('lawnchairSQL');
- require('lawnchairIDB');
+'use strict';
- var LawnchairDAO = function() {};
+var LawnchairDAO = function() {};
- LawnchairDAO.prototype.init = function(dbName, callback) {
- if (!dbName) {
+LawnchairDAO.prototype.init = function(dbName, callback) {
+ if (!dbName) {
+ callback({
+ errMsg: 'Lawnchair DB name must be specified!'
+ });
+ return;
+ }
+
+ this._db = new Lawnchair({
+ name: dbName
+ }, function(lc) {
+ if (!lc) {
callback({
- errMsg: 'Lawnchair DB name must be specified!'
+ errMsg: 'Lawnchair init failed!'
});
return;
}
- this._db = new Lawnchair({
- name: dbName
- }, function(lc) {
- if (!lc) {
- callback({
- errMsg: 'Lawnchair init failed!'
- });
- return;
- }
+ callback();
+ });
+};
- callback();
+/**
+ * Create or update an object
+ */
+LawnchairDAO.prototype.persist = function(key, object, callback) {
+ if (!key || !object) {
+ callback({
+ errMsg: 'Key and Object must be set!'
});
- };
-
- /**
- * Create or update an object
- */
- LawnchairDAO.prototype.persist = function(key, object, callback) {
- if (!key || !object) {
+ return;
+ }
+
+ this._db.save({
+ key: key,
+ object: object
+ }, function(persisted) {
+ if (persisted.key !== key) {
callback({
- errMsg: 'Key and Object must be set!'
+ errMsg: 'Persisting failed!'
});
return;
}
- this._db.save({
- key: key,
- object: object
- }, function(persisted) {
- if (persisted.key !== key) {
- callback({
- errMsg: 'Persisting failed!'
- });
- return;
- }
+ callback();
+ });
+};
- callback();
+/**
+ * Persist a bunch of items at once
+ */
+LawnchairDAO.prototype.batch = function(list, callback) {
+ if (!(list instanceof Array)) {
+ callback({
+ errMsg: 'Input must be of type Array!'
});
- };
+ return;
+ }
- /**
- * Persist a bunch of items at once
- */
- LawnchairDAO.prototype.batch = function(list, callback) {
- if (!(list instanceof Array)) {
+ this._db.batch(list, function(res) {
+ if (!res) {
callback({
- errMsg: 'Input must be of type Array!'
+ errMsg: 'Persisting batch failed!'
});
return;
}
- this._db.batch(list, function(res) {
- if (!res) {
- callback({
- errMsg: 'Persisting batch failed!'
- });
- return;
- }
+ callback();
+ });
+};
- callback();
+/**
+ * Read a single item by its key
+ */
+LawnchairDAO.prototype.read = function(key, callback) {
+ if (!key) {
+ callback({
+ errMsg: 'Key must be specified!'
});
- };
+ return;
+ }
- /**
- * Read a single item by its key
- */
- LawnchairDAO.prototype.read = function(key, callback) {
- if (!key) {
- callback({
- errMsg: 'Key must be specified!'
- });
- return;
+ this._db.get(key, function(o) {
+ if (o) {
+ callback(null, o.object);
+ } else {
+ callback();
}
+ });
+};
- this._db.get(key, function(o) {
- if (o) {
- callback(null, o.object);
- } else {
- callback();
- }
+/**
+ * List all the items of a certain type
+ * @param type [String] The type of item e.g. 'email'
+ * @param offset [Number] The offset of items to fetch (0 is the last stored item)
+ * @param num [Number] The number of items to fetch (null means fetch all)
+ */
+LawnchairDAO.prototype.list = function(type, offset, num, callback) {
+ var self = this,
+ i, from, to,
+ matchingKeys = [],
+ intervalKeys = [],
+ list = [];
+
+ // validate input
+ if (!type || typeof offset === 'undefined' || typeof num === 'undefined') {
+ callback({
+ errMsg: 'Args not is not set!'
});
- };
-
- /**
- * List all the items of a certain type
- * @param type [String] The type of item e.g. 'email'
- * @param offset [Number] The offset of items to fetch (0 is the last stored item)
- * @param num [Number] The number of items to fetch (null means fetch all)
- */
- LawnchairDAO.prototype.list = function(type, offset, num, callback) {
- var self = this,
- i, from, to,
- matchingKeys = [],
- intervalKeys = [],
- list = [];
-
- // validate input
- if (!type || typeof offset === 'undefined' || typeof num === 'undefined') {
- callback({
- errMsg: 'Args not is not set!'
- });
- return;
- }
+ return;
+ }
- // get all keys
- self._db.keys(function(keys) {
+ // get all keys
+ self._db.keys(function(keys) {
- // check if key begins with type
- keys.forEach(function(key) {
- if (key.indexOf(type) === 0) {
- matchingKeys.push(key);
- }
- });
-
- // sort keys
- matchingKeys.sort();
-
- // set window of items to fetch
- // if num is null, list all items
- from = (num) ? matchingKeys.length - offset - num : 0;
- to = matchingKeys.length - 1 - offset;
- // filter items within requested interval
- for (i = 0; i < matchingKeys.length; i++) {
- if (i >= from && i <= to) {
- intervalKeys.push(matchingKeys[i]);
- }
+ // check if key begins with type
+ keys.forEach(function(key) {
+ if (key.indexOf(type) === 0) {
+ matchingKeys.push(key);
}
+ });
- // return if there are no matching keys
- if (intervalKeys.length === 0) {
- callback(null, list);
- return;
+ // sort keys
+ matchingKeys.sort();
+
+ // set window of items to fetch
+ // if num is null, list all items
+ from = (num) ? matchingKeys.length - offset - num : 0;
+ to = matchingKeys.length - 1 - offset;
+ // filter items within requested interval
+ for (i = 0; i < matchingKeys.length; i++) {
+ if (i >= from && i <= to) {
+ intervalKeys.push(matchingKeys[i]);
}
+ }
- // fetch all items from data-store with matching key
- self._db.get(intervalKeys, function(intervalList) {
- intervalList.forEach(function(item) {
- list.push(item.object);
- });
+ // return if there are no matching keys
+ if (intervalKeys.length === 0) {
+ callback(null, list);
+ return;
+ }
- // return only the interval between offset and num
- callback(null, list);
+ // fetch all items from data-store with matching key
+ self._db.get(intervalKeys, function(intervalList) {
+ intervalList.forEach(function(item) {
+ list.push(item.object);
});
+ // return only the interval between offset and num
+ callback(null, list);
});
- };
-
- /**
- * Removes an object liter from local storage by its key (delete)
- */
- LawnchairDAO.prototype.remove = function(key, callback) {
- this._db.remove(key, callback);
- };
-
- /**
- * Removes an object liter from local storage by its key (delete)
- */
- LawnchairDAO.prototype.removeList = function(type, callback) {
- var self = this,
- matchingKeys = [],
- after;
-
- // validate type
- if (!type) {
- callback({
- errMsg: 'Type is not set!'
- });
- return;
- }
- // get all keys
- self._db.keys(function(keys) {
- // check if key begins with type
- keys.forEach(function(key) {
- if (key.indexOf(type) === 0) {
- matchingKeys.push(key);
- }
- });
+ });
+};
- if (matchingKeys.length < 1) {
- callback();
- return;
+/**
+ * Removes an object liter from local storage by its key (delete)
+ */
+LawnchairDAO.prototype.remove = function(key, callback) {
+ this._db.remove(key, callback);
+};
+
+/**
+ * Removes an object liter from local storage by its key (delete)
+ */
+LawnchairDAO.prototype.removeList = function(type, callback) {
+ var self = this,
+ matchingKeys = [],
+ after;
+
+ // validate type
+ if (!type) {
+ callback({
+ errMsg: 'Type is not set!'
+ });
+ return;
+ }
+
+ // get all keys
+ self._db.keys(function(keys) {
+ // check if key begins with type
+ keys.forEach(function(key) {
+ if (key.indexOf(type) === 0) {
+ matchingKeys.push(key);
}
+ });
- // remove all matching keys
- after = _.after(matchingKeys.length, callback);
- _.each(matchingKeys, function(key) {
- self._db.remove(key, after);
- });
+ if (matchingKeys.length < 1) {
+ callback();
+ return;
+ }
+
+ // remove all matching keys
+ after = _.after(matchingKeys.length, callback);
+ _.each(matchingKeys, function(key) {
+ self._db.remove(key, after);
});
- };
+ });
+};
- /**
- * Clears the whole local storage cache
- */
- LawnchairDAO.prototype.clear = function(callback) {
- this._db.nuke(callback);
- };
+/**
+ * Clears the whole local storage cache
+ */
+LawnchairDAO.prototype.clear = function(callback) {
+ this._db.nuke(callback);
+};
- return LawnchairDAO;
-});
\ No newline at end of file
+module.exports = LawnchairDAO;
\ No newline at end of file
diff --git a/src/js/dao/privatekey-dao.js b/src/js/dao/privatekey-dao.js
index 5d8ba49..8657790 100644
--- a/src/js/dao/privatekey-dao.js
+++ b/src/js/dao/privatekey-dao.js
@@ -1,198 +1,196 @@
-define(function() {
- 'use strict';
-
- var PrivateKeyDAO = function(restDao) {
- this._restDao = restDao;
- };
-
- //
- // Device registration functions
- //
-
- /**
- * Request registration of a new device by fetching registration session key.
- * @param {String} options.userId The user's email address
- * @param {String} options.deviceName The device's memorable name
- * @param {Function} callback(error, regSessionKey)
- * @return {Object} {encryptedRegSessionKey:[base64]}
- */
- PrivateKeyDAO.prototype.requestDeviceRegistration = function(options, callback) {
- var uri;
-
- if (!options.userId || !options.deviceName) {
- callback(new Error('Incomplete arguments!'));
+'use strict';
+
+var PrivateKeyDAO = function(restDao) {
+ this._restDao = restDao;
+};
+
+//
+// Device registration functions
+//
+
+/**
+ * Request registration of a new device by fetching registration session key.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.deviceName The device's memorable name
+ * @param {Function} callback(error, regSessionKey)
+ * @return {Object} {encryptedRegSessionKey:[base64]}
+ */
+PrivateKeyDAO.prototype.requestDeviceRegistration = function(options, callback) {
+ var uri;
+
+ if (!options.userId || !options.deviceName) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/device/user/' + options.userId + '/devicename/' + options.deviceName;
+ this._restDao.post(undefined, uri, callback);
+};
+
+/**
+ * Authenticate device registration by uploading the deviceSecret encrypted with the regSessionKeys.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.deviceName The device's memorable name
+ * @param {String} options.encryptedDeviceSecret The base64 encoded encrypted device secret
+ * @param {String} options.iv The iv used for encryption
+ * @param {Function} callback(error)
+ */
+PrivateKeyDAO.prototype.uploadDeviceSecret = function(options, callback) {
+ var uri;
+
+ if (!options.userId || !options.deviceName || !options.encryptedDeviceSecret || !options.iv) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/device/user/' + options.userId + '/devicename/' + options.deviceName;
+ this._restDao.put(options, uri, callback);
+};
+
+//
+// Private key functions
+//
+
+/**
+ * Request authSessionKeys required for upload the encrypted private PGP key.
+ * @param {String} options.userId The user's email address
+ * @param {Function} callback(error, authSessionKey)
+ * @return {Object} {sessionId, encryptedAuthSessionKey:[base64 encoded], encryptedChallenge:[base64 encoded]}
+ */
+PrivateKeyDAO.prototype.requestAuthSessionKey = function(options, callback) {
+ var uri;
+
+ if (!options.userId) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/auth/user/' + options.userId;
+ this._restDao.post(undefined, uri, callback);
+};
+
+/**
+ * Verifiy authentication by uploading the challenge and deviceSecret encrypted with the authSessionKeys as a response.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.encryptedChallenge The server's base64 encoded challenge encrypted using the authSessionKey
+ * @param {String} options.encryptedDeviceSecret The server's base64 encoded deviceSecret encrypted using the authSessionKey
+ * @param {String} options.iv The iv used for encryption
+ * @param {Function} callback(error)
+ */
+PrivateKeyDAO.prototype.verifyAuthentication = function(options, callback) {
+ var uri;
+
+ if (!options.userId || !options.sessionId || !options.encryptedChallenge || !options.encryptedDeviceSecret || !options.iv) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/auth/user/' + options.userId + '/session/' + options.sessionId;
+ this._restDao.put(options, uri, callback);
+};
+
+/**
+ * Upload the encrypted private PGP key.
+ * @param {String} options._id The hex encoded capital 16 char key id
+ * @param {String} options.userId The user's email address
+ * @param {String} options.encryptedPrivateKey The base64 encoded encrypted private PGP key
+ * @param {String} options.sessionId The session id
+ * @param {Function} callback(error)
+ */
+PrivateKeyDAO.prototype.upload = function(options, callback) {
+ var uri;
+
+ if (!options._id || !options.userId || !options.encryptedPrivateKey || !options.sessionId || !options.salt || !options.iv) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/privatekey/user/' + options.userId + '/session/' + options.sessionId;
+ this._restDao.post(options, uri, callback);
+};
+
+/**
+ * Query if an encrypted private PGP key exists on the server without initializing the recovery procedure.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The private PGP key id
+ * @param {Function} callback(error, found)
+ * @return {Boolean} whether the key was found on the server or not.
+ */
+PrivateKeyDAO.prototype.hasPrivateKey = function(options, callback) {
+ if (!options.userId || !options.keyId) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ this._restDao.get({
+ uri: '/privatekey/user/' + options.userId + '/key/' + options.keyId + '?ignoreRecovery=true',
+ }, function(err) {
+ // 404: there is no encrypted private key on the server
+ if (err && err.code !== 200) {
+ callback(null, false);
return;
}
- uri = '/device/user/' + options.userId + '/devicename/' + options.deviceName;
- this._restDao.post(undefined, uri, callback);
- };
-
- /**
- * Authenticate device registration by uploading the deviceSecret encrypted with the regSessionKeys.
- * @param {String} options.userId The user's email address
- * @param {String} options.deviceName The device's memorable name
- * @param {String} options.encryptedDeviceSecret The base64 encoded encrypted device secret
- * @param {String} options.iv The iv used for encryption
- * @param {Function} callback(error)
- */
- PrivateKeyDAO.prototype.uploadDeviceSecret = function(options, callback) {
- var uri;
-
- if (!options.userId || !options.deviceName || !options.encryptedDeviceSecret || !options.iv) {
- callback(new Error('Incomplete arguments!'));
+ if (err) {
+ callback(err);
return;
}
- uri = '/device/user/' + options.userId + '/devicename/' + options.deviceName;
- this._restDao.put(options, uri, callback);
- };
-
- //
- // Private key functions
- //
-
- /**
- * Request authSessionKeys required for upload the encrypted private PGP key.
- * @param {String} options.userId The user's email address
- * @param {Function} callback(error, authSessionKey)
- * @return {Object} {sessionId, encryptedAuthSessionKey:[base64 encoded], encryptedChallenge:[base64 encoded]}
- */
- PrivateKeyDAO.prototype.requestAuthSessionKey = function(options, callback) {
- var uri;
-
- if (!options.userId) {
- callback(new Error('Incomplete arguments!'));
+ callback(null, true);
+ });
+};
+
+/**
+ * Request download for the encrypted private PGP key.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The private PGP key id
+ * @param {Function} callback(error, found)
+ * @return {Boolean} whether the key was found on the server or not.
+ */
+PrivateKeyDAO.prototype.requestDownload = function(options, callback) {
+ if (!options.userId || !options.keyId) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ this._restDao.get({
+ uri: '/privatekey/user/' + options.userId + '/key/' + options.keyId
+ }, function(err) {
+ // 404: there is no encrypted private key on the server
+ if (err && err.code !== 200) {
+ callback(null, false);
return;
}
- uri = '/auth/user/' + options.userId;
- this._restDao.post(undefined, uri, callback);
- };
-
- /**
- * Verifiy authentication by uploading the challenge and deviceSecret encrypted with the authSessionKeys as a response.
- * @param {String} options.userId The user's email address
- * @param {String} options.encryptedChallenge The server's base64 encoded challenge encrypted using the authSessionKey
- * @param {String} options.encryptedDeviceSecret The server's base64 encoded deviceSecret encrypted using the authSessionKey
- * @param {String} options.iv The iv used for encryption
- * @param {Function} callback(error)
- */
- PrivateKeyDAO.prototype.verifyAuthentication = function(options, callback) {
- var uri;
-
- if (!options.userId || !options.sessionId || !options.encryptedChallenge || !options.encryptedDeviceSecret || !options.iv) {
- callback(new Error('Incomplete arguments!'));
+ if (err) {
+ callback(err);
return;
}
- uri = '/auth/user/' + options.userId + '/session/' + options.sessionId;
- this._restDao.put(options, uri, callback);
- };
-
- /**
- * Upload the encrypted private PGP key.
- * @param {String} options._id The hex encoded capital 16 char key id
- * @param {String} options.userId The user's email address
- * @param {String} options.encryptedPrivateKey The base64 encoded encrypted private PGP key
- * @param {String} options.sessionId The session id
- * @param {Function} callback(error)
- */
- PrivateKeyDAO.prototype.upload = function(options, callback) {
- var uri;
-
- if (!options._id || !options.userId || !options.encryptedPrivateKey || !options.sessionId || !options.salt || !options.iv) {
- callback(new Error('Incomplete arguments!'));
- return;
- }
-
- uri = '/privatekey/user/' + options.userId + '/session/' + options.sessionId;
- this._restDao.post(options, uri, callback);
- };
-
- /**
- * Query if an encrypted private PGP key exists on the server without initializing the recovery procedure.
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The private PGP key id
- * @param {Function} callback(error, found)
- * @return {Boolean} whether the key was found on the server or not.
- */
- PrivateKeyDAO.prototype.hasPrivateKey = function(options, callback) {
- if (!options.userId || !options.keyId) {
- callback(new Error('Incomplete arguments!'));
- return;
- }
-
- this._restDao.get({
- uri: '/privatekey/user/' + options.userId + '/key/' + options.keyId + '?ignoreRecovery=true',
- }, function(err) {
- // 404: there is no encrypted private key on the server
- if (err && err.code !== 200) {
- callback(null, false);
- return;
- }
-
- if (err) {
- callback(err);
- return;
- }
-
- callback(null, true);
- });
- };
-
- /**
- * Request download for the encrypted private PGP key.
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The private PGP key id
- * @param {Function} callback(error, found)
- * @return {Boolean} whether the key was found on the server or not.
- */
- PrivateKeyDAO.prototype.requestDownload = function(options, callback) {
- if (!options.userId || !options.keyId) {
- callback(new Error('Incomplete arguments!'));
- return;
- }
-
- this._restDao.get({
- uri: '/privatekey/user/' + options.userId + '/key/' + options.keyId
- }, function(err) {
- // 404: there is no encrypted private key on the server
- if (err && err.code !== 200) {
- callback(null, false);
- return;
- }
-
- if (err) {
- callback(err);
- return;
- }
-
- callback(null, true);
- });
- };
-
- /**
- * Verify the download request for the private PGP key using the recovery token sent via email. This downloads the actual encrypted private key.
- * @param {String} options.userId The user's email address
- * @param {String} options.keyId The private key id
- * @param {String} options.recoveryToken The token proving the user own the email account
- * @param {Function} callback(error, encryptedPrivateKey)
- * @return {Object} {_id:[hex encoded capital 16 char key id], encryptedPrivateKey:[base64 encoded], encryptedUserId: [base64 encoded]}
- */
- PrivateKeyDAO.prototype.download = function(options, callback) {
- var uri;
-
- if (!options.userId || !options.keyId || !options.recoveryToken) {
- callback(new Error('Incomplete arguments!'));
- return;
- }
-
- uri = '/privatekey/user/' + options.userId + '/key/' + options.keyId + '/recovery/' + options.recoveryToken;
- this._restDao.get({
- uri: uri
- }, callback);
- };
-
- return PrivateKeyDAO;
-});
\ No newline at end of file
+ callback(null, true);
+ });
+};
+
+/**
+ * Verify the download request for the private PGP key using the recovery token sent via email. This downloads the actual encrypted private key.
+ * @param {String} options.userId The user's email address
+ * @param {String} options.keyId The private key id
+ * @param {String} options.recoveryToken The token proving the user own the email account
+ * @param {Function} callback(error, encryptedPrivateKey)
+ * @return {Object} {_id:[hex encoded capital 16 char key id], encryptedPrivateKey:[base64 encoded], encryptedUserId: [base64 encoded]}
+ */
+PrivateKeyDAO.prototype.download = function(options, callback) {
+ var uri;
+
+ if (!options.userId || !options.keyId || !options.recoveryToken) {
+ callback(new Error('Incomplete arguments!'));
+ return;
+ }
+
+ uri = '/privatekey/user/' + options.userId + '/key/' + options.keyId + '/recovery/' + options.recoveryToken;
+ this._restDao.get({
+ uri: uri
+ }, callback);
+};
+
+module.exports = PrivateKeyDAO;
\ No newline at end of file
diff --git a/src/js/dao/publickey-dao.js b/src/js/dao/publickey-dao.js
index a2ebba0..0472871 100644
--- a/src/js/dao/publickey-dao.js
+++ b/src/js/dao/publickey-dao.js
@@ -1,105 +1,103 @@
-define(function() {
- 'use strict';
-
- var PublicKeyDAO = function(restDao) {
- this._restDao = restDao;
- };
-
- /**
- * Verify the public key behind the given uuid
- */
- PublicKeyDAO.prototype.verify = function(uuid, callback) {
- var uri = '/verify/' + uuid;
-
- this._restDao.get({
- uri: uri,
- type: 'text'
- }, function(err, res, status) {
- if (err && err.code === 400) {
- // there was an attempt to verify a non-existing public key
- callback();
- return;
- }
-
- callback(err, res, status);
- });
- };
-
- /**
- * Find the user's corresponding public key
- */
- PublicKeyDAO.prototype.get = function(keyId, callback) {
- var uri = '/publickey/key/' + keyId;
-
- this._restDao.get({
- uri: uri
- }, function(err, key) {
- if (err && err.code === 404) {
- callback();
- return;
- }
-
- if (err) {
- callback(err);
- return;
- }
-
- callback(null, (key && key._id) ? key : undefined);
- });
- };
-
- /**
- * Find the user's corresponding public key by email
- */
- PublicKeyDAO.prototype.getByUserId = function(userId, callback) {
- var uri = '/publickey/user/' + userId;
-
- this._restDao.get({
- uri: uri
- }, function(err, keys) {
- // not found
- if (err && err.code === 404) {
- callback();
- return;
- }
-
- if (err) {
- callback(err);
- return;
- }
-
- if (!keys || keys.length < 1) {
- // 'No public key for that user!'
- callback();
- return;
- }
-
- if (keys.length > 1) {
- callback({
- errMsg: 'That user has multiple public keys!'
- });
- return;
- }
-
- callback(null, keys[0]);
- });
- };
-
- /**
- * Persist the user's publc key
- */
- PublicKeyDAO.prototype.put = function(pubkey, callback) {
- var uri = '/publickey/user/' + pubkey.userId + '/key/' + pubkey._id;
- this._restDao.put(pubkey, uri, callback);
- };
-
- /**
- * Delete the public key from the cloud storage service
- */
- PublicKeyDAO.prototype.remove = function(keyId, callback) {
- var uri = '/publickey/key/' + keyId;
- this._restDao.remove(uri, callback);
- };
-
- return PublicKeyDAO;
-});
\ No newline at end of file
+'use strict';
+
+var PublicKeyDAO = function(restDao) {
+ this._restDao = restDao;
+};
+
+/**
+ * Verify the public key behind the given uuid
+ */
+PublicKeyDAO.prototype.verify = function(uuid, callback) {
+ var uri = '/verify/' + uuid;
+
+ this._restDao.get({
+ uri: uri,
+ type: 'text'
+ }, function(err, res, status) {
+ if (err && err.code === 400) {
+ // there was an attempt to verify a non-existing public key
+ callback();
+ return;
+ }
+
+ callback(err, res, status);
+ });
+};
+
+/**
+ * Find the user's corresponding public key
+ */
+PublicKeyDAO.prototype.get = function(keyId, callback) {
+ var uri = '/publickey/key/' + keyId;
+
+ this._restDao.get({
+ uri: uri
+ }, function(err, key) {
+ if (err && err.code === 404) {
+ callback();
+ return;
+ }
+
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ callback(null, (key && key._id) ? key : undefined);
+ });
+};
+
+/**
+ * Find the user's corresponding public key by email
+ */
+PublicKeyDAO.prototype.getByUserId = function(userId, callback) {
+ var uri = '/publickey/user/' + userId;
+
+ this._restDao.get({
+ uri: uri
+ }, function(err, keys) {
+ // not found
+ if (err && err.code === 404) {
+ callback();
+ return;
+ }
+
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ if (!keys || keys.length < 1) {
+ // 'No public key for that user!'
+ callback();
+ return;
+ }
+
+ if (keys.length > 1) {
+ callback({
+ errMsg: 'That user has multiple public keys!'
+ });
+ return;
+ }
+
+ callback(null, keys[0]);
+ });
+};
+
+/**
+ * Persist the user's publc key
+ */
+PublicKeyDAO.prototype.put = function(pubkey, callback) {
+ var uri = '/publickey/user/' + pubkey.userId + '/key/' + pubkey._id;
+ this._restDao.put(pubkey, uri, callback);
+};
+
+/**
+ * Delete the public key from the cloud storage service
+ */
+PublicKeyDAO.prototype.remove = function(keyId, callback) {
+ var uri = '/publickey/key/' + keyId;
+ this._restDao.remove(uri, callback);
+};
+
+module.exports = PublicKeyDAO;
\ No newline at end of file
diff --git a/src/js/dao/rest-dao.js b/src/js/dao/rest-dao.js
index 686ebc1..26da383 100644
--- a/src/js/dao/rest-dao.js
+++ b/src/js/dao/rest-dao.js
@@ -1,123 +1,121 @@
-define(function(require) {
- 'use strict';
-
- var config = require('js/app-config').config;
+'use strict';
+
+var config = require('../app-config').config;
+
+var RestDAO = function(baseUri) {
+ if (baseUri) {
+ this._baseUri = baseUri;
+ } else {
+ this._baseUri = config.cloudUrl;
+ }
+};
+
+/**
+ * GET (read) request
+ * @param {String} options.uri URI relative to the base uri to perform the GET request with.
+ * @param {String} options.type (optional) The type of data that you're expecting back from the server: json, xml, text. Default: json.
+ */
+RestDAO.prototype.get = function(options, callback) {
+ options.method = 'GET';
+ this._processRequest(options, callback);
+};
+
+/**
+ * POST (create) request
+ */
+RestDAO.prototype.post = function(item, uri, callback) {
+ this._processRequest({
+ method: 'POST',
+ payload: item,
+ uri: uri
+ }, callback);
+};
+
+/**
+ * PUT (update) request
+ */
+RestDAO.prototype.put = function(item, uri, callback) {
+ this._processRequest({
+ method: 'PUT',
+ payload: item,
+ uri: uri
+ }, callback);
+};
+
+/**
+ * DELETE (remove) request
+ */
+RestDAO.prototype.remove = function(uri, callback) {
+ this._processRequest({
+ method: 'DELETE',
+ uri: uri
+ }, callback);
+};
+
+//
+// helper functions
+//
+
+RestDAO.prototype._processRequest = function(options, callback) {
+ var xhr, format;
+
+ if (typeof options.uri === 'undefined') {
+ callback({
+ code: 400,
+ errMsg: 'Bad Request! URI is a mandatory parameter.'
+ });
+ return;
+ }
+
+ options.type = options.type || 'json';
+
+ if (options.type === 'json') {
+ format = 'application/json';
+ } else if (options.type === 'xml') {
+ format = 'application/xml';
+ } else if (options.type === 'text') {
+ format = 'text/plain';
+ } else {
+ callback({
+ code: 400,
+ errMsg: 'Bad Request! Unhandled data type.'
+ });
+ return;
+ }
+
+ xhr = new XMLHttpRequest();
+ xhr.open(options.method, this._baseUri + options.uri);
+ xhr.setRequestHeader('Accept', format);
+ xhr.setRequestHeader('Content-Type', format);
+
+ xhr.onload = function() {
+ var res;
+
+ if (xhr.readyState === 4 && (xhr.status === 200 || xhr.status === 201 || xhr.status === 304)) {
+ if (options.type === 'json') {
+ res = xhr.responseText ? JSON.parse(xhr.responseText) : xhr.responseText;
+ } else {
+ res = xhr.responseText;
+ }
- var RestDAO = function(baseUri) {
- if (baseUri) {
- this._baseUri = baseUri;
- } else {
- this._baseUri = config.cloudUrl;
+ callback(null, res, xhr.status);
+ return;
}
- };
-
- /**
- * GET (read) request
- * @param {String} options.uri URI relative to the base uri to perform the GET request with.
- * @param {String} options.type (optional) The type of data that you're expecting back from the server: json, xml, text. Default: json.
- */
- RestDAO.prototype.get = function(options, callback) {
- options.method = 'GET';
- this._processRequest(options, callback);
- };
- /**
- * POST (create) request
- */
- RestDAO.prototype.post = function(item, uri, callback) {
- this._processRequest({
- method: 'POST',
- payload: item,
- uri: uri
- }, callback);
+ callback({
+ code: xhr.status,
+ errMsg: xhr.statusText
+ });
};
- /**
- * PUT (update) request
- */
- RestDAO.prototype.put = function(item, uri, callback) {
- this._processRequest({
- method: 'PUT',
- payload: item,
- uri: uri
- }, callback);
+ xhr.onerror = function() {
+ callback({
+ code: 42,
+ errMsg: 'Error calling ' + options.method + ' on ' + options.uri
+ });
};
- /**
- * DELETE (remove) request
- */
- RestDAO.prototype.remove = function(uri, callback) {
- this._processRequest({
- method: 'DELETE',
- uri: uri
- }, callback);
- };
-
- //
- // helper functions
- //
-
- RestDAO.prototype._processRequest = function(options, callback) {
- var xhr, format;
-
- if (typeof options.uri === 'undefined') {
- callback({
- code: 400,
- errMsg: 'Bad Request! URI is a mandatory parameter.'
- });
- return;
- }
-
- options.type = options.type || 'json';
-
- if (options.type === 'json') {
- format = 'application/json';
- } else if (options.type === 'xml') {
- format = 'application/xml';
- } else if (options.type === 'text') {
- format = 'text/plain';
- } else {
- callback({
- code: 400,
- errMsg: 'Bad Request! Unhandled data type.'
- });
- return;
- }
-
- xhr = new XMLHttpRequest();
- xhr.open(options.method, this._baseUri + options.uri);
- xhr.setRequestHeader('Accept', format);
- xhr.setRequestHeader('Content-Type', format);
-
- xhr.onload = function() {
- var res;
-
- if (xhr.readyState === 4 && (xhr.status === 200 || xhr.status === 201 || xhr.status === 304)) {
- if (options.type === 'json') {
- res = xhr.responseText ? JSON.parse(xhr.responseText) : xhr.responseText;
- } else {
- res = xhr.responseText;
- }
-
- callback(null, res, xhr.status);
- return;
- }
-
- callback({
- code: xhr.status,
- errMsg: xhr.statusText
- });
- };
-
- xhr.onerror = function() {
- callback({
- code: 42,
- errMsg: 'Error calling ' + options.method + ' on ' + options.uri
- });
- };
-
- xhr.send(options.payload ? JSON.stringify(options.payload) : undefined);
- };
+ xhr.send(options.payload ? JSON.stringify(options.payload) : undefined);
+};
- return RestDAO;
-});
\ No newline at end of file
+module.exports = RestDAO;
\ No newline at end of file
diff --git a/src/js/util/backbutton-handler.js b/src/js/util/backbutton-handler.js
index 66b92a7..2990bc7 100644
--- a/src/js/util/backbutton-handler.js
+++ b/src/js/util/backbutton-handler.js
@@ -1,57 +1,55 @@
-define(function(require) {
- 'use strict';
+'use strict';
- var axe = require('axe'),
- DEBUG_TAG = 'backbutton handler';
+var axe = require('axe-logger'),
+ DEBUG_TAG = 'backbutton handler';
- /**
- * The back button handler introduces meaningful behavior fo rthe back button:
- * if there's an open lightbox, close it;
- * if the reader is open in mobile mode, close it;
- * if the navigation is open, close it;
- * if there's nothing else open, shut down the app;
- *
- * @type {Object}
- */
- var backBtnHandler = {
- attachHandler: function(scope) {
- this.scope = scope;
- },
- start: function() {
- document.addEventListener("backbutton", handleBackButton, false);
- },
- stop: function() {
- document.removeEventListener("backbutton", handleBackButton, false);
- }
- };
+/**
+ * The back button handler introduces meaningful behavior fo rthe back button:
+ * if there's an open lightbox, close it;
+ * if the reader is open in mobile mode, close it;
+ * if the navigation is open, close it;
+ * if there's nothing else open, shut down the app;
+ *
+ * @type {Object}
+ */
+var backBtnHandler = {
+ attachHandler: function(scope) {
+ this.scope = scope;
+ },
+ start: function() {
+ document.addEventListener("backbutton", handleBackButton, false);
+ },
+ stop: function() {
+ document.removeEventListener("backbutton", handleBackButton, false);
+ }
+};
- function handleBackButton(event) {
- axe.debug(DEBUG_TAG, 'back button pressed');
+function handleBackButton(event) {
+ axe.debug(DEBUG_TAG, 'back button pressed');
- // this disarms the default behavior which we NEVER want
- event.preventDefault();
- event.stopPropagation();
+ // this disarms the default behavior which we NEVER want
+ event.preventDefault();
+ event.stopPropagation();
- if (backBtnHandler.scope.state.lightbox) {
- // closes the lightbox (error msgs, writer, ...)
- backBtnHandler.scope.state.lightbox = undefined;
- axe.debug(DEBUG_TAG, 'lightbox closed');
- backBtnHandler.scope.$apply();
- } else if (backBtnHandler.scope.state.read && backBtnHandler.scope.state.read.open) {
- // closes the reader
- backBtnHandler.scope.state.read.toggle(false);
- axe.debug(DEBUG_TAG, 'reader closed');
- backBtnHandler.scope.$apply();
- } else if (backBtnHandler.scope.state.nav && backBtnHandler.scope.state.nav.open) {
- // closes the navigation
- backBtnHandler.scope.state.nav.toggle(false);
- axe.debug(DEBUG_TAG, 'navigation closed');
- backBtnHandler.scope.$apply();
- } else {
- // exits the app
- navigator.app.exitApp();
- }
+ if (backBtnHandler.scope.state.lightbox) {
+ // closes the lightbox (error msgs, writer, ...)
+ backBtnHandler.scope.state.lightbox = undefined;
+ axe.debug(DEBUG_TAG, 'lightbox closed');
+ backBtnHandler.scope.$apply();
+ } else if (backBtnHandler.scope.state.read && backBtnHandler.scope.state.read.open) {
+ // closes the reader
+ backBtnHandler.scope.state.read.toggle(false);
+ axe.debug(DEBUG_TAG, 'reader closed');
+ backBtnHandler.scope.$apply();
+ } else if (backBtnHandler.scope.state.nav && backBtnHandler.scope.state.nav.open) {
+ // closes the navigation
+ backBtnHandler.scope.state.nav.toggle(false);
+ axe.debug(DEBUG_TAG, 'navigation closed');
+ backBtnHandler.scope.$apply();
+ } else {
+ // exits the app
+ navigator.app.exitApp();
}
+}
- return backBtnHandler;
-});
\ No newline at end of file
+module.exports = backBtnHandler;
\ No newline at end of file
diff --git a/src/js/util/connection-doctor.js b/src/js/util/connection-doctor.js
index 43e047a..eeeccb5 100644
--- a/src/js/util/connection-doctor.js
+++ b/src/js/util/connection-doctor.js
@@ -1,295 +1,298 @@
-define(function(require) {
- 'use strict';
-
- var TCPSocket = require('tcp-socket'),
- appConfig = require('js/app-config'),
- cfg = appConfig.config,
- strings = appConfig.string,
- ImapClient = require('imap-client'),
- SmtpClient = require('smtpclient');
-
- /**
- * The connection doctor can check your connection. In essence, it reconstructs what happens when
- * the app goes online in an abbreviated way. You need to configure() the instance with the IMAP/SMTP
- * credentials before running check()!
- *
- * @constructor
- */
- var ConnectionDoctor = function() {};
-
-
- //
- // Error codes
- //
-
- var OFFLINE = ConnectionDoctor.OFFLINE = 42;
- var TLS_WRONG_CERT = ConnectionDoctor.TLS_WRONG_CERT = 43;
- var HOST_UNREACHABLE = ConnectionDoctor.HOST_UNREACHABLE = 44;
- var HOST_TIMEOUT = ConnectionDoctor.HOST_TIMEOUT = 45;
- var AUTH_REJECTED = ConnectionDoctor.AUTH_REJECTED = 46;
- var NO_INBOX = ConnectionDoctor.NO_INBOX = 47;
- var GENERIC_ERROR = ConnectionDoctor.GENERIC_ERROR = 48;
-
-
- //
- // Public API
- //
-
- /**
- * Configures the connection doctor
- *
- * @param {Object} credentials.imap IMAP configuration (host:string, port:number, secure:boolean, ignoreTLS:boolean)
- * @param {Object} credentials.smtp SMTP configuration (host:string, port:number, secure:boolean, ignoreTLS:boolean)
- * @param {String} credentials.username
- * @param {String} credentials.password
- */
- ConnectionDoctor.prototype.configure = function(credentials) {
- this.credentials = credentials;
-
- // internal members
- this._imap = new ImapClient({
- host: this.credentials.imap.host,
- port: this.credentials.imap.port,
- secure: this.credentials.imap.secure,
- ignoreTLS: this.credentials.imap.ignoreTLS,
- ca: this.credentials.imap.ca,
- auth: {
- user: this.credentials.username,
- pass: this.credentials.password,
- xoauth2: this.credentials.xoauth2
- }
- });
-
- this._smtp = new SmtpClient(this.credentials.smtp.host, this.credentials.smtp.port, {
- useSecureTransport: this.credentials.smtp.secure,
- ignoreTLS: this.credentials.smtp.ignoreTLS,
- ca: this.credentials.smtp.ca,
- auth: {
- user: this.credentials.username,
- pass: this.credentials.password,
- xoauth2: this.credentials.xoauth2
- }
- });
- };
+'use strict';
+
+var TCPSocket = require('tcp-socket'),
+ appConfig = require('../app-config'),
+ cfg = appConfig.config,
+ strings = appConfig.string,
+ ImapClient = require('imap-client'),
+ SmtpClient = require('wo-smtpclient');
+
+/**
+ * The connection doctor can check your connection. In essence, it reconstructs what happens when
+ * the app goes online in an abbreviated way. You need to configure() the instance with the IMAP/SMTP
+ * credentials before running check()!
+ *
+ * @constructor
+ */
+var ConnectionDoctor = function() {};
+
+
+//
+// Error codes
+//
+
+var OFFLINE = ConnectionDoctor.OFFLINE = 42;
+var TLS_WRONG_CERT = ConnectionDoctor.TLS_WRONG_CERT = 43;
+var HOST_UNREACHABLE = ConnectionDoctor.HOST_UNREACHABLE = 44;
+var HOST_TIMEOUT = ConnectionDoctor.HOST_TIMEOUT = 45;
+var AUTH_REJECTED = ConnectionDoctor.AUTH_REJECTED = 46;
+var NO_INBOX = ConnectionDoctor.NO_INBOX = 47;
+var GENERIC_ERROR = ConnectionDoctor.GENERIC_ERROR = 48;
+
+
+var WORKER_PATH = cfg.workerPath + '/tcp-socket-tls-worker.min.js';
+
+//
+// Public API
+//
+
+/**
+ * Configures the connection doctor
+ *
+ * @param {Object} credentials.imap IMAP configuration (host:string, port:number, secure:boolean, ignoreTLS:boolean)
+ * @param {Object} credentials.smtp SMTP configuration (host:string, port:number, secure:boolean, ignoreTLS:boolean)
+ * @param {String} credentials.username
+ * @param {String} credentials.password
+ */
+ConnectionDoctor.prototype.configure = function(credentials) {
+ this.credentials = credentials;
+
+ // internal members
+ this._imap = new ImapClient({
+ host: this.credentials.imap.host,
+ port: this.credentials.imap.port,
+ secure: this.credentials.imap.secure,
+ ignoreTLS: this.credentials.imap.ignoreTLS,
+ ca: this.credentials.imap.ca,
+ tlsWorkerPath: WORKER_PATH,
+ auth: {
+ user: this.credentials.username,
+ pass: this.credentials.password,
+ xoauth2: this.credentials.xoauth2
+ }
+ });
+
+ this._smtp = new SmtpClient(this.credentials.smtp.host, this.credentials.smtp.port, {
+ useSecureTransport: this.credentials.smtp.secure,
+ ignoreTLS: this.credentials.smtp.ignoreTLS,
+ ca: this.credentials.smtp.ca,
+ tlsWorkerPath: WORKER_PATH,
+ auth: {
+ user: this.credentials.username,
+ pass: this.credentials.password,
+ xoauth2: this.credentials.xoauth2
+ }
+ });
+};
+
+/**
+ * It conducts the following tests for IMAP and SMTP, respectively:
+ * 1) Check if browser is online
+ * 2) Connect to host:port via TCP/TLS
+ * 3) Login to the server
+ * 4) Perform some basic commands (e.g. list folders)
+ * 5) Exposes error codes
+ *
+ * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
+ */
+ConnectionDoctor.prototype.check = function(callback) {
+ var self = this;
+
+ if (!self.credentials) {
+ return callback(new Error('You need to configure() the connection doctor first!'));
+ }
- /**
- * It conducts the following tests for IMAP and SMTP, respectively:
- * 1) Check if browser is online
- * 2) Connect to host:port via TCP/TLS
- * 3) Login to the server
- * 4) Perform some basic commands (e.g. list folders)
- * 5) Exposes error codes
- *
- * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
- */
- ConnectionDoctor.prototype.check = function(callback) {
- var self = this;
-
- if (!self.credentials) {
- return callback(new Error('You need to configure() the connection doctor first!'));
+ self._checkOnline(function(error) {
+ if (error) {
+ return callback(error);
}
- self._checkOnline(function(error) {
+ self._checkReachable(self.credentials.imap, function(error) {
if (error) {
return callback(error);
}
- self._checkReachable(self.credentials.imap, function(error) {
+ self._checkReachable(self.credentials.smtp, function(error) {
if (error) {
return callback(error);
}
- self._checkReachable(self.credentials.smtp, function(error) {
+ self._checkImap(function(error) {
if (error) {
return callback(error);
}
- self._checkImap(function(error) {
- if (error) {
- return callback(error);
- }
-
- self._checkSmtp(callback);
- });
+ self._checkSmtp(callback);
});
});
});
+ });
+};
+
+
+//
+// Internal API
+//
+
+/**
+ * Checks if the browser is online
+ *
+ * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if browser is offline
+ */
+ConnectionDoctor.prototype._checkOnline = function(callback) {
+ if (navigator.onLine) {
+ callback();
+ } else {
+ callback(createError(OFFLINE, strings.connDocOffline));
+ }
+};
+
+/**
+ * Checks if a host is reachable via TCP
+ *
+ * @param {String} options.host
+ * @param {Number} options.port
+ * @param {Boolean} options.secure
+ * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
+ */
+ConnectionDoctor.prototype._checkReachable = function(options, callback) {
+ var socket,
+ error, // remember the error message
+ timeout, // remember the timeout object
+ host = options.host + ':' + options.port,
+ hasTimedOut = false; // prevents multiple callbacks
+
+ timeout = setTimeout(function() {
+ hasTimedOut = true;
+ callback(createError(HOST_TIMEOUT, strings.connDocHostTimeout.replace('{0}', host).replace('{1}', cfg.connDocTimeout)));
+ }, cfg.connDocTimeout);
+
+ socket = TCPSocket.open(options.host, options.port, {
+ binaryType: 'arraybuffer',
+ useSecureTransport: options.secure,
+ ca: options.ca,
+ tlsWorkerPath: WORKER_PATH
+ });
+
+ socket.ondata = function() {}; // we don't actually care about the data
+
+ // [WO-625] Mozilla forbids extensions to the TCPSocket object,
+ // throws an exception when assigned unexpected callback functions.
+ // The exception can be safely ignored since we need the callback
+ // for the other shims
+ try {
+ socket.oncert = function() {
+ if (options.ca) {
+ // the certificate we already have is outdated
+ error = createError(TLS_WRONG_CERT, strings.connDocTlsWrongCert.replace('{0}', host));
+ }
+ };
+ } catch (e) {}
+
+ socket.onerror = function(e) {
+ if (!error) {
+ error = createError(HOST_UNREACHABLE, strings.connDocHostUnreachable.replace('{0}', host), e.data);
+ }
};
+ socket.onopen = function() {
+ socket.close();
+ };
- //
- // Internal API
- //
+ socket.onclose = function() {
+ if (!hasTimedOut) {
+ clearTimeout(timeout);
+ callback(error);
+ }
+ };
+};
+
+/**
+ * Checks if an IMAP server is reachable, accepts the credentials, can list folders and has an inbox and logs out.
+ * Adds the certificate to the IMAP settings if not provided.
+ *
+ * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
+ */
+ConnectionDoctor.prototype._checkImap = function(callback) {
+ var self = this,
+ loggedIn = false,
+ host = self.credentials.imap.host + ':' + self.credentials.imap.port;
+
+
+ self._imap.onCert = function(pemEncodedCert) {
+ if (!self.credentials.imap.ca) {
+ self.credentials.imap.ca = pemEncodedCert;
+ }
+ };
- /**
- * Checks if the browser is online
- *
- * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if browser is offline
- */
- ConnectionDoctor.prototype._checkOnline = function(callback) {
- if (navigator.onLine) {
- callback();
+ // login and logout do not use error objects in the callback, but rather invoke
+ // the global onError handler, so we need to track if login was successful
+ self._imap.onError = function(error) {
+ if (!loggedIn) {
+ callback(createError(AUTH_REJECTED, strings.connDocAuthRejected.replace('{0}', host), error));
} else {
- callback(createError(OFFLINE, strings.connDocOffline));
+ callback(createError(GENERIC_ERROR, strings.connDocGenericError.replace('{0}', host).replace('{1}', error.message), error));
}
};
- /**
- * Checks if a host is reachable via TCP
- *
- * @param {String} options.host
- * @param {Number} options.port
- * @param {Boolean} options.secure
- * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
- */
- ConnectionDoctor.prototype._checkReachable = function(options, callback) {
- var socket,
- error, // remember the error message
- timeout, // remember the timeout object
- host = options.host + ':' + options.port,
- hasTimedOut = false; // prevents multiple callbacks
-
- timeout = setTimeout(function() {
- hasTimedOut = true;
- callback(createError(HOST_TIMEOUT, strings.connDocHostTimeout.replace('{0}', host).replace('{1}', cfg.connDocTimeout)));
- }, cfg.connDocTimeout);
-
- socket = TCPSocket.open(options.host, options.port, {
- binaryType: 'arraybuffer',
- useSecureTransport: options.secure,
- ca: options.ca
- });
-
- socket.ondata = function() {}; // we don't actually care about the data
-
- // [WO-625] Mozilla forbids extensions to the TCPSocket object,
- // throws an exception when assigned unexpected callback functions.
- // The exception can be safely ignored since we need the callback
- // for the other shims
- try {
- socket.oncert = function() {
- if (options.ca) {
- // the certificate we already have is outdated
- error = createError(TLS_WRONG_CERT, strings.connDocTlsWrongCert.replace('{0}', host));
- }
- };
- } catch (e) {}
-
- socket.onerror = function(e) {
- if (!error) {
- error = createError(HOST_UNREACHABLE, strings.connDocHostUnreachable.replace('{0}', host), e.data);
- }
- };
-
- socket.onopen = function() {
- socket.close();
- };
+ self._imap.login(function() {
+ loggedIn = true;
- socket.onclose = function() {
- if (!hasTimedOut) {
- clearTimeout(timeout);
- callback(error);
- }
- };
- };
-
- /**
- * Checks if an IMAP server is reachable, accepts the credentials, can list folders and has an inbox and logs out.
- * Adds the certificate to the IMAP settings if not provided.
- *
- * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
- */
- ConnectionDoctor.prototype._checkImap = function(callback) {
- var self = this,
- loggedIn = false,
- host = self.credentials.imap.host + ':' + self.credentials.imap.port;
-
-
- self._imap.onCert = function(pemEncodedCert) {
- if (!self.credentials.imap.ca) {
- self.credentials.imap.ca = pemEncodedCert;
+ self._imap.listWellKnownFolders(function(error, wellKnownFolders) {
+ if (error) {
+ return callback(createError(GENERIC_ERROR, strings.connDocGenericError.replace('{0}', host).replace('{1}', error.message), error));
}
- };
- // login and logout do not use error objects in the callback, but rather invoke
- // the global onError handler, so we need to track if login was successful
- self._imap.onError = function(error) {
- if (!loggedIn) {
- callback(createError(AUTH_REJECTED, strings.connDocAuthRejected.replace('{0}', host), error));
- } else {
- callback(createError(GENERIC_ERROR, strings.connDocGenericError.replace('{0}', host).replace('{1}', error.message), error));
+ if (wellKnownFolders.Inbox.length === 0) {
+ // the client needs at least an inbox folder to work properly
+ return callback(createError(NO_INBOX, strings.connDocNoInbox.replace('{0}', host)));
}
- };
-
- self._imap.login(function() {
- loggedIn = true;
-
- self._imap.listWellKnownFolders(function(error, wellKnownFolders) {
- if (error) {
- return callback(createError(GENERIC_ERROR, strings.connDocGenericError.replace('{0}', host).replace('{1}', error.message), error));
- }
- if (wellKnownFolders.Inbox.length === 0) {
- // the client needs at least an inbox folder to work properly
- return callback(createError(NO_INBOX, strings.connDocNoInbox.replace('{0}', host)));
- }
-
- self._imap.logout(function() {
- callback();
- });
+ self._imap.logout(function() {
+ callback();
});
});
+ });
+};
+
+/**
+ * Checks if an SMTP server is reachable and accepts the credentials and logs out.
+ * Adds the certificate to the SMTP settings if not provided.
+ *
+ * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
+ */
+ConnectionDoctor.prototype._checkSmtp = function(callback) {
+ var self = this,
+ host = self.credentials.smtp.host + ':' + self.credentials.smtp.port,
+ errored = false; // tracks if we need to invoke the callback at onclose or not
+
+ self._smtp.oncert = function(pemEncodedCert) {
+ if (!self.credentials.smtp.ca) {
+ self.credentials.smtp.ca = pemEncodedCert;
+ }
};
- /**
- * Checks if an SMTP server is reachable and accepts the credentials and logs out.
- * Adds the certificate to the SMTP settings if not provided.
- *
- * @param {Function} callback(error) Invoked when the test suite passed, or with an error object if something went wrong
- */
- ConnectionDoctor.prototype._checkSmtp = function(callback) {
- var self = this,
- host = self.credentials.smtp.host + ':' + self.credentials.smtp.port,
- errored = false; // tracks if we need to invoke the callback at onclose or not
-
- self._smtp.oncert = function(pemEncodedCert) {
- if (!self.credentials.smtp.ca) {
- self.credentials.smtp.ca = pemEncodedCert;
- }
- };
-
- self._smtp.onerror = function(error) {
- if (error) {
- errored = true;
- callback(createError(AUTH_REJECTED, strings.connDocAuthRejected.replace('{0}', host), error));
- }
- };
-
- self._smtp.onidle = function() {
- self._smtp.quit();
- };
+ self._smtp.onerror = function(error) {
+ if (error) {
+ errored = true;
+ callback(createError(AUTH_REJECTED, strings.connDocAuthRejected.replace('{0}', host), error));
+ }
+ };
- self._smtp.onclose = function() {
- if (!errored) {
- callback();
- }
- };
+ self._smtp.onidle = function() {
+ self._smtp.quit();
+ };
- self._smtp.connect();
+ self._smtp.onclose = function() {
+ if (!errored) {
+ callback();
+ }
};
+ self._smtp.connect();
+};
- //
- // Helper Functions
- //
- function createError(code, message, underlyingError) {
- var error = new Error(message);
- error.code = code;
- error.underlyingError = underlyingError;
+//
+// Helper Functions
+//
- return error;
- }
+function createError(code, message, underlyingError) {
+ var error = new Error(message);
+ error.code = code;
+ error.underlyingError = underlyingError;
+
+ return error;
+}
- return ConnectionDoctor;
-});
\ No newline at end of file
+module.exports = ConnectionDoctor;
diff --git a/src/js/util/download.js b/src/js/util/download.js
index 2ca1846..a8bf537 100644
--- a/src/js/util/download.js
+++ b/src/js/util/download.js
@@ -1,60 +1,58 @@
-define(function(require) {
- 'use strict';
+'use strict';
- var util = require('js/crypto/util');
+var util = require('crypto-lib').util;
- var dl = {};
+var dl = {};
- dl.createDownload = function(options) {
- var contentType = options.contentType || 'application/octet-stream';
- var filename = options.filename || 'file';
- var content = options.content;
- var a = document.createElement('a');
- var supportsBlob;
+dl.createDownload = function(options) {
+ var contentType = options.contentType || 'application/octet-stream';
+ var filename = options.filename || 'file';
+ var content = options.content;
+ var a = document.createElement('a');
+ var supportsBlob;
- try {
- supportsBlob = !!new Blob();
- } catch (e) {}
+ try {
+ supportsBlob = !!new Blob();
+ } catch (e) {}
- if (typeof a.download !== "undefined" && supportsBlob) {
- // ff 30+, chrome 27+ (android: 37+)
- document.body.appendChild(a);
- a.style = "display: none";
- a.href = window.URL.createObjectURL(new Blob([content], {
- type: contentType
- }));
- a.download = filename;
- a.click();
- setTimeout(function() {
- window.URL.revokeObjectURL(a.href);
- document.body.removeChild(a);
- }, 10); // arbitrary, just get it off the main thread
- } else if (window.navigator.msSaveBlob) {
- // ie 10+
- window.navigator.msSaveBlob(new Blob([content], {
- type: contentType
- }), filename);
- } else if (supportsBlob) {
- // safari actually makes no sense:
- // - you can't open a new window
- // - the file system api is dead
- // - download attribute doesn't work
- // - behaves randomly (opens a new tab or doesn't, downloads stuff or doesn't, ...)
- var url = window.URL.createObjectURL(new Blob([content], {
- type: contentType
- }));
- var newTab = window.open(url, "_blank");
- if (!newTab) {
- window.location.href = url;
- }
- } else {
- // anything else, where anything at all is better than nothing
- if (typeof content !== "string" && content.buffer) {
- content = util.arrBuf2BinStr(content.buffer);
- }
- window.open('data:' + contentType + ';base64,' + btoa(content), "_blank");
+ if (typeof a.download !== "undefined" && supportsBlob) {
+ // ff 30+, chrome 27+ (android: 37+)
+ document.body.appendChild(a);
+ a.style = "display: none";
+ a.href = window.URL.createObjectURL(new Blob([content], {
+ type: contentType
+ }));
+ a.download = filename;
+ a.click();
+ setTimeout(function() {
+ window.URL.revokeObjectURL(a.href);
+ document.body.removeChild(a);
+ }, 10); // arbitrary, just get it off the main thread
+ } else if (window.navigator.msSaveBlob) {
+ // ie 10+
+ window.navigator.msSaveBlob(new Blob([content], {
+ type: contentType
+ }), filename);
+ } else if (supportsBlob) {
+ // safari actually makes no sense:
+ // - you can't open a new window
+ // - the file system api is dead
+ // - download attribute doesn't work
+ // - behaves randomly (opens a new tab or doesn't, downloads stuff or doesn't, ...)
+ var url = window.URL.createObjectURL(new Blob([content], {
+ type: contentType
+ }));
+ var newTab = window.open(url, "_blank");
+ if (!newTab) {
+ window.location.href = url;
}
- };
+ } else {
+ // anything else, where anything at all is better than nothing
+ if (typeof content !== "string" && content.buffer) {
+ content = util.arrBuf2BinStr(content.buffer);
+ }
+ window.open('data:' + contentType + ';base64,' + btoa(content), "_blank");
+ }
+};
- return dl;
-});
\ No newline at end of file
+module.exports = dl;
\ No newline at end of file
diff --git a/src/js/util/error.js b/src/js/util/error.js
index 965557b..a7b4e5c 100644
--- a/src/js/util/error.js
+++ b/src/js/util/error.js
@@ -1,35 +1,33 @@
-define(function(require) {
- 'use strict';
+'use strict';
- var axe = require('axe');
+var axe = require('axe-logger');
- var er = {};
- er.attachHandler = function(scope) {
- scope.onError = function(options) {
- if (!options) {
- scope.$apply();
- return;
- }
+var er = {};
+er.attachHandler = function(scope) {
+ scope.onError = function(options) {
+ if (!options) {
+ scope.$apply();
+ return;
+ }
- axe.error((options.errMsg || options.message) + (options.stack ? ('\n' + options.stack) : ''));
+ axe.error((options.errMsg || options.message) + (options.stack ? ('\n' + options.stack) : ''));
- scope.state.dialog = {
- open: true,
- title: options.title || 'Error',
- message: options.errMsg || options.message,
- faqLink: options.faqLink,
- positiveBtnStr: options.positiveBtnStr || 'Ok',
- negativeBtnStr: options.negativeBtnStr || 'Cancel',
- showNegativeBtn: options.showNegativeBtn || false,
- showBugReporter: (typeof options.showBugReporter !== 'undefined' ? options.showBugReporter : !options.title), // if title is set, presume it's not an error by default
- callback: options.callback
- };
- // don't call apply for synchronous calls
- if (!options.sync) {
- scope.$apply();
- }
+ scope.state.dialog = {
+ open: true,
+ title: options.title || 'Error',
+ message: options.errMsg || options.message,
+ faqLink: options.faqLink,
+ positiveBtnStr: options.positiveBtnStr || 'Ok',
+ negativeBtnStr: options.negativeBtnStr || 'Cancel',
+ showNegativeBtn: options.showNegativeBtn || false,
+ showBugReporter: (typeof options.showBugReporter !== 'undefined' ? options.showBugReporter : !options.title), // if title is set, presume it's not an error by default
+ callback: options.callback
};
+ // don't call apply for synchronous calls
+ if (!options.sync) {
+ scope.$apply();
+ }
};
+};
- return er;
-});
\ No newline at end of file
+module.exports = er;
\ No newline at end of file
diff --git a/src/js/util/notification.js b/src/js/util/notification.js
index 8c4a7cc..f3663b9 100644
--- a/src/js/util/notification.js
+++ b/src/js/util/notification.js
@@ -1,60 +1,58 @@
-define(function(require) {
- 'use strict';
+'use strict';
+
+var cfg = require('../app-config').config;
+
+var notif = {};
+
+if (window.Notification) {
+ notif.hasPermission = Notification.permission === "granted";
+}
+
+/**
+ * Creates a notification. Requests permission if not already granted
+ *
+ * @param {String} options.title The notification title
+ * @param {String} options.message The notification message
+ * @param {Number} options.timeout (optional) Timeout when the notification is closed in milliseconds
+ * @param {Function} options.onClick (optional) callback when the notification is clicked
+ * @returns {Notification} A notification instance
+ */
+notif.create = function(options) {
+ options.onClick = options.onClick || function() {};
+
+ if (!window.Notification) {
+ return;
+ }
- var cfg = require('js/app-config').config;
+ if (!notif.hasPermission) {
+ // don't wait until callback returns
+ Notification.requestPermission(function(permission) {
+ if (permission === "granted") {
+ notif.hasPermission = true;
+ }
+ });
+ }
- var self = {};
+ var notification = new Notification(options.title, {
+ body: options.message,
+ icon: cfg.iconPath
+ });
+ notification.onclick = function() {
+ window.focus();
+ options.onClick();
+ };
- if (window.Notification) {
- self.hasPermission = Notification.permission === "granted";
+ if (options.timeout > 0) {
+ setTimeout(function() {
+ notification.close();
+ }, options.timeout);
}
- /**
- * Creates a notification. Requests permission if not already granted
- *
- * @param {String} options.title The notification title
- * @param {String} options.message The notification message
- * @param {Number} options.timeout (optional) Timeout when the notification is closed in milliseconds
- * @param {Function} options.onClick (optional) callback when the notification is clicked
- * @returns {Notification} A notification instance
- */
- self.create = function(options) {
- options.onClick = options.onClick || function() {};
-
- if (!window.Notification) {
- return;
- }
-
- if (!self.hasPermission) {
- // don't wait until callback returns
- Notification.requestPermission(function(permission) {
- if (permission === "granted") {
- self.hasPermission = true;
- }
- });
- }
-
- var notification = new Notification(options.title, {
- body: options.message,
- icon: cfg.iconPath
- });
- notification.onclick = function() {
- window.focus();
- options.onClick();
- };
-
- if (options.timeout > 0) {
- setTimeout(function() {
- notification.close();
- }, options.timeout);
- }
-
- return notification;
- };
+ return notification;
+};
- self.close = function(notification) {
- notification.close();
- };
+notif.close = function(notification) {
+ notification.close();
+};
- return self;
-});
\ No newline at end of file
+module.exports = notif;
\ No newline at end of file
diff --git a/src/js/util/oauth.js b/src/js/util/oauth.js
index 8762347..f67be7c 100644
--- a/src/js/util/oauth.js
+++ b/src/js/util/oauth.js
@@ -1,101 +1,99 @@
-define(function() {
- 'use strict';
+'use strict';
- var OAuth = function(googleApi) {
- this._googleApi = googleApi;
- };
+var OAuth = function(googleApi) {
+ this._googleApi = googleApi;
+};
+
+/**
+ * Check if chrome.identity api is supported
+ * @return {Boolean} If is supported
+ */
+OAuth.prototype.isSupported = function() {
+ return !!(window.chrome && chrome.identity);
+};
- /**
- * Check if chrome.identity api is supported
- * @return {Boolean} If is supported
- */
- OAuth.prototype.isSupported = function() {
- return !!(window.chrome && chrome.identity);
+/**
+ * Request an OAuth token from chrome for gmail users
+ * @param {String} emailAddress The user's email address (optional)
+ */
+OAuth.prototype.getOAuthToken = function(emailAddress, callback) {
+ var idOptions = {
+ interactive: true
};
- /**
- * Request an OAuth token from chrome for gmail users
- * @param {String} emailAddress The user's email address (optional)
- */
- OAuth.prototype.getOAuthToken = function(emailAddress, callback) {
- var idOptions = {
- interactive: true
- };
+ // check which runtime the app is running under
+ chrome.runtime.getPlatformInfo(function(platformInfo) {
+ if (chrome.runtime.lastError || !platformInfo) {
+ callback(new Error('Error getting chrome platform info!'));
+ return;
+ }
- // check which runtime the app is running under
- chrome.runtime.getPlatformInfo(function(platformInfo) {
- if (chrome.runtime.lastError || !platformInfo) {
- callback(new Error('Error getting chrome platform info!'));
- return;
- }
+ if (emailAddress && platformInfo.os.indexOf('android') !== -1) {
+ // set accountHint so that native Android account picker does not show up each time
+ idOptions.accountHint = emailAddress;
+ }
- if (emailAddress && platformInfo.os.indexOf('android') !== -1) {
- // set accountHint so that native Android account picker does not show up each time
- idOptions.accountHint = emailAddress;
+ // get OAuth Token from chrome
+ chrome.identity.getAuthToken(idOptions, function(token) {
+ if (chrome.runtime.lastError || !token) {
+ callback({
+ errMsg: 'Error fetching an OAuth token for the user!'
+ });
+ return;
}
- // get OAuth Token from chrome
- chrome.identity.getAuthToken(idOptions, function(token) {
- if (chrome.runtime.lastError || !token) {
- callback({
- errMsg: 'Error fetching an OAuth token for the user!'
- });
- return;
- }
-
- callback(null, token);
- });
+ callback(null, token);
});
- };
+ });
+};
- /**
- * Remove an old OAuth token and get a new one.
- * @param {String} options.oldToken The old token to be removed
- * @param {String} options.emailAddress The user's email address (optional)
- */
- OAuth.prototype.refreshToken = function(options, callback) {
- var self = this;
+/**
+ * Remove an old OAuth token and get a new one.
+ * @param {String} options.oldToken The old token to be removed
+ * @param {String} options.emailAddress The user's email address (optional)
+ */
+OAuth.prototype.refreshToken = function(options, callback) {
+ var self = this;
- if (!options.oldToken) {
- callback(new Error('oldToken option not set!'));
- return;
- }
+ if (!options.oldToken) {
+ callback(new Error('oldToken option not set!'));
+ return;
+ }
- // remove cached token
- chrome.identity.removeCachedAuthToken({
- token: options.oldToken
- }, function() {
- // get a new token
- self.getOAuthToken(options.emailAddress, callback);
+ // remove cached token
+ chrome.identity.removeCachedAuthToken({
+ token: options.oldToken
+ }, function() {
+ // get a new token
+ self.getOAuthToken(options.emailAddress, callback);
+ });
+};
+
+/**
+ * Get email address from google api
+ * @param {String} token The oauth token
+ */
+OAuth.prototype.queryEmailAddress = function(token, callback) {
+ if (!token) {
+ callback({
+ errMsg: 'Invalid OAuth token!'
});
- };
+ return;
+ }
- /**
- * Get email address from google api
- * @param {String} token The oauth token
- */
- OAuth.prototype.queryEmailAddress = function(token, callback) {
- if (!token) {
+ // fetch gmail user's email address from the Google Authorization Server
+ this._googleApi.get({
+ uri: '/oauth2/v3/userinfo?access_token=' + token
+ }, function(err, info) {
+ if (err || !info || !info.email) {
callback({
- errMsg: 'Invalid OAuth token!'
+ errMsg: 'Error looking up email address on google api!'
});
return;
}
- // fetch gmail user's email address from the Google Authorization Server
- this._googleApi.get({
- uri: '/oauth2/v3/userinfo?access_token=' + token
- }, function(err, info) {
- if (err || !info || !info.email) {
- callback({
- errMsg: 'Error looking up email address on google api!'
- });
- return;
- }
-
- callback(null, info.email);
- });
- };
+ callback(null, info.email);
+ });
+};
- return OAuth;
-});
\ No newline at end of file
+module.exports = OAuth;
\ No newline at end of file
diff --git a/src/js/util/update/update-handler.js b/src/js/util/update/update-handler.js
index a34252a..0928cbf 100644
--- a/src/js/util/update/update-handler.js
+++ b/src/js/util/update/update-handler.js
@@ -1,132 +1,130 @@
-define(function(require) {
- 'use strict';
-
- var axe = require('axe'),
- cfg = require('js/app-config').config,
- updateV1 = require('js/util/update/update-v1'),
- updateV2 = require('js/util/update/update-v2'),
- updateV3 = require('js/util/update/update-v3'),
- updateV4 = require('js/util/update/update-v4'),
- updateV5 = require('js/util/update/update-v5');
-
- /**
- * Handles database migration
- */
- var UpdateHandler = function(appConfigStorage, userStorage, auth) {
- this._appConfigStorage = appConfigStorage;
- this._userStorage = userStorage;
- this._updateScripts = [updateV1, updateV2, updateV3, updateV4, updateV5];
- this._auth = auth;
- };
-
- /**
- * Executes all the necessary updates
- * @param {Function} callback(error) Invoked when all the database updates were executed, or if an error occurred
- */
- UpdateHandler.prototype.update = function(callback) {
- var self = this,
- currentVersion = 0,
- targetVersion = cfg.dbVersion,
- versionDbType = 'dbVersion';
-
- self._appConfigStorage.listItems(versionDbType, 0, null, function(err, items) {
- if (err) {
- callback(err);
- return;
- }
-
- // parse the database version number
- if (items && items.length > 0) {
- currentVersion = parseInt(items[0], 10);
- }
-
- self._applyUpdate({
- currentVersion: currentVersion,
- targetVersion: targetVersion
- }, callback);
- });
- };
-
- /**
- * Schedules necessary updates and executes thom in order
- */
- UpdateHandler.prototype._applyUpdate = function(options, callback) {
- var self = this,
- scriptOptions,
- queue = [];
-
- if (options.currentVersion >= options.targetVersion) {
- // the current database version is up to date
- callback();
+'use strict';
+
+var axe = require('axe-logger'),
+ cfg = require('../../app-config').config,
+ updateV1 = require('./update-v1'),
+ updateV2 = require('./update-v2'),
+ updateV3 = require('./update-v3'),
+ updateV4 = require('./update-v4'),
+ updateV5 = require('./update-v5');
+
+/**
+ * Handles database migration
+ */
+var UpdateHandler = function(appConfigStorage, userStorage, auth) {
+ this._appConfigStorage = appConfigStorage;
+ this._userStorage = userStorage;
+ this._updateScripts = [updateV1, updateV2, updateV3, updateV4, updateV5];
+ this._auth = auth;
+};
+
+/**
+ * Executes all the necessary updates
+ * @param {Function} callback(error) Invoked when all the database updates were executed, or if an error occurred
+ */
+UpdateHandler.prototype.update = function(callback) {
+ var self = this,
+ currentVersion = 0,
+ targetVersion = cfg.dbVersion,
+ versionDbType = 'dbVersion';
+
+ self._appConfigStorage.listItems(versionDbType, 0, null, function(err, items) {
+ if (err) {
+ callback(err);
return;
}
- scriptOptions = {
- appConfigStorage: self._appConfigStorage,
- userStorage: self._userStorage,
- auth: self._auth
- };
-
- // add all the necessary database updates to the queue
- for (var i = options.currentVersion; i < options.targetVersion; i++) {
- queue.push(self._updateScripts[i]);
+ // parse the database version number
+ if (items && items.length > 0) {
+ currentVersion = parseInt(items[0], 10);
}
- // takes the next update from the queue and executes it
- function executeNextUpdate(err) {
- if (err) {
- callback(err);
- return;
- }
+ self._applyUpdate({
+ currentVersion: currentVersion,
+ targetVersion: targetVersion
+ }, callback);
+ });
+};
+
+/**
+ * Schedules necessary updates and executes thom in order
+ */
+UpdateHandler.prototype._applyUpdate = function(options, callback) {
+ var self = this,
+ scriptOptions,
+ queue = [];
+
+ if (options.currentVersion >= options.targetVersion) {
+ // the current database version is up to date
+ callback();
+ return;
+ }
+
+ scriptOptions = {
+ appConfigStorage: self._appConfigStorage,
+ userStorage: self._userStorage,
+ auth: self._auth
+ };
- if (queue.length < 1) {
- // we're done
- callback();
- return;
- }
+ // add all the necessary database updates to the queue
+ for (var i = options.currentVersion; i < options.targetVersion; i++) {
+ queue.push(self._updateScripts[i]);
+ }
- // process next update
- var script = queue.shift();
- script(scriptOptions, executeNextUpdate);
+ // takes the next update from the queue and executes it
+ function executeNextUpdate(err) {
+ if (err) {
+ callback(err);
+ return;
}
- executeNextUpdate();
- };
+ if (queue.length < 1) {
+ // we're done
+ callback();
+ return;
+ }
- /**
- * Check application version and update correspondingly
- */
- UpdateHandler.prototype.checkForUpdate = function(dialog) {
- // Chrome Packaged App
- if (typeof window.chrome !== 'undefined' && chrome.runtime && chrome.runtime.onUpdateAvailable) {
- // check for Chrome app update and restart
- chrome.runtime.onUpdateAvailable.addListener(function(details) {
- axe.debug('New Chrome App update... requesting reload.');
- // Chrome downloaded a new app version
- dialog({
- title: 'Update available',
- message: 'A new version ' + details.version + ' of the app is available. Restart the app to update?',
- positiveBtnStr: 'Restart',
- negativeBtnStr: 'Not now',
- showNegativeBtn: true,
- callback: function(agree) {
- if (agree) {
- chrome.runtime.reload();
- }
+ // process next update
+ var script = queue.shift();
+ script(scriptOptions, executeNextUpdate);
+ }
+
+ executeNextUpdate();
+};
+
+/**
+ * Check application version and update correspondingly
+ */
+UpdateHandler.prototype.checkForUpdate = function(dialog) {
+ // Chrome Packaged App
+ if (typeof window.chrome !== 'undefined' && chrome.runtime && chrome.runtime.onUpdateAvailable) {
+ // check for Chrome app update and restart
+ chrome.runtime.onUpdateAvailable.addListener(function(details) {
+ axe.debug('New Chrome App update... requesting reload.');
+ // Chrome downloaded a new app version
+ dialog({
+ title: 'Update available',
+ message: 'A new version ' + details.version + ' of the app is available. Restart the app to update?',
+ positiveBtnStr: 'Restart',
+ negativeBtnStr: 'Not now',
+ showNegativeBtn: true,
+ callback: function(agree) {
+ if (agree) {
+ chrome.runtime.reload();
}
- });
- });
- chrome.runtime.requestUpdateCheck(function(status) {
- if (status === "update_found") {
- axe.debug("Update pending...");
- } else if (status === "no_update") {
- axe.debug("No update found.");
- } else if (status === "throttled") {
- axe.debug("Checking updates too frequently.");
}
});
- }
- };
+ });
+ chrome.runtime.requestUpdateCheck(function(status) {
+ if (status === "update_found") {
+ axe.debug("Update pending...");
+ } else if (status === "no_update") {
+ axe.debug("No update found.");
+ } else if (status === "throttled") {
+ axe.debug("Checking updates too frequently.");
+ }
+ });
+ }
+};
- return UpdateHandler;
-});
\ No newline at end of file
+module.exports = UpdateHandler;
\ No newline at end of file
diff --git a/src/js/util/update/update-v1.js b/src/js/util/update/update-v1.js
index 942b9a6..2e04afa 100644
--- a/src/js/util/update/update-v1.js
+++ b/src/js/util/update/update-v1.js
@@ -1,29 +1,27 @@
-define(function() {
- 'use strict';
+'use strict';
- /**
- * Update handler for transition database version 0 -> 1
- *
- * In database version 1, the stored email objects have to be purged, otherwise
- * every non-prefixed mail in the IMAP folders would be nuked due to the implementation
- * of the delta sync.
- */
- function updateV1(options, callback) {
- var emailDbType = 'email_',
- versionDbType = 'dbVersion',
- postUpdateDbVersion = 1;
+/**
+ * Update handler for transition database version 0 -> 1
+ *
+ * In database version 1, the stored email objects have to be purged, otherwise
+ * every non-prefixed mail in the IMAP folders would be nuked due to the implementation
+ * of the delta sync.
+ */
+function updateV1(options, callback) {
+ var emailDbType = 'email_',
+ versionDbType = 'dbVersion',
+ postUpdateDbVersion = 1;
- // remove the emails
- options.userStorage.removeList(emailDbType, function(err) {
- if (err) {
- callback(err);
- return;
- }
+ // remove the emails
+ options.userStorage.removeList(emailDbType, function(err) {
+ if (err) {
+ callback(err);
+ return;
+ }
- // update the database version to postUpdateDbVersion
- options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
- });
- }
+ // update the database version to postUpdateDbVersion
+ options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
+ });
+}
- return updateV1;
-});
\ No newline at end of file
+module.exports = updateV1;
\ No newline at end of file
diff --git a/src/js/util/update/update-v2.js b/src/js/util/update/update-v2.js
index 03fdf50..9ebd0d6 100644
--- a/src/js/util/update/update-v2.js
+++ b/src/js/util/update/update-v2.js
@@ -1,28 +1,26 @@
-define(function() {
- 'use strict';
+'use strict';
- /**
- * Update handler for transition database version 1 -> 2
- *
- * In database version 2, the stored email objects have to be purged, because the
- * new data model stores information about the email structure in the property 'bodyParts'.
- */
- function updateV2(options, callback) {
- var emailDbType = 'email_',
- versionDbType = 'dbVersion',
- postUpdateDbVersion = 2;
+/**
+ * Update handler for transition database version 1 -> 2
+ *
+ * In database version 2, the stored email objects have to be purged, because the
+ * new data model stores information about the email structure in the property 'bodyParts'.
+ */
+function updateV2(options, callback) {
+ var emailDbType = 'email_',
+ versionDbType = 'dbVersion',
+ postUpdateDbVersion = 2;
- // remove the emails
- options.userStorage.removeList(emailDbType, function(err) {
- if (err) {
- callback(err);
- return;
- }
+ // remove the emails
+ options.userStorage.removeList(emailDbType, function(err) {
+ if (err) {
+ callback(err);
+ return;
+ }
- // update the database version to postUpdateDbVersion
- options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
- });
- }
+ // update the database version to postUpdateDbVersion
+ options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
+ });
+}
- return updateV2;
-});
\ No newline at end of file
+module.exports = updateV2;
\ No newline at end of file
diff --git a/src/js/util/update/update-v3.js b/src/js/util/update/update-v3.js
index dfc49ff..3408bf6 100644
--- a/src/js/util/update/update-v3.js
+++ b/src/js/util/update/update-v3.js
@@ -1,28 +1,26 @@
-define(function() {
- 'use strict';
+'use strict';
- /**
- * Update handler for transition database version 2 -> 3
- *
- * In database version 3, we introduced new flags to the messages, also
- * the outbox uses artificial uids
- */
- function update(options, callback) {
- var emailDbType = 'email_',
- versionDbType = 'dbVersion',
- postUpdateDbVersion = 3;
+/**
+ * Update handler for transition database version 2 -> 3
+ *
+ * In database version 3, we introduced new flags to the messages, also
+ * the outbox uses artificial uids
+ */
+function update(options, callback) {
+ var emailDbType = 'email_',
+ versionDbType = 'dbVersion',
+ postUpdateDbVersion = 3;
- // remove the emails
- options.userStorage.removeList(emailDbType, function(err) {
- if (err) {
- callback(err);
- return;
- }
+ // remove the emails
+ options.userStorage.removeList(emailDbType, function(err) {
+ if (err) {
+ callback(err);
+ return;
+ }
- // update the database version to postUpdateDbVersion
- options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
- });
- }
+ // update the database version to postUpdateDbVersion
+ options.appConfigStorage.storeList([postUpdateDbVersion], versionDbType, callback);
+ });
+}
- return update;
-});
\ No newline at end of file
+module.exports = update;
\ No newline at end of file
diff --git a/src/js/util/update/update-v4.js b/src/js/util/update/update-v4.js
index 54af103..0a02a06 100644
--- a/src/js/util/update/update-v4.js
+++ b/src/js/util/update/update-v4.js
@@ -1,91 +1,89 @@
-define(function(require) {
- 'use strict';
-
- var config = require('js/app-config').config;
-
-
- /**
- * Update handler for transition database version 3 -> 4
- *
- * In database version 4, we need to add a "provider" flag to the
- * indexeddb. only gmail was allowed as a mail service provider before,
- * so let's add this...
- */
- function update(options, callback) {
- var VERSION_DB_TYPE = 'dbVersion',
- EMAIL_ADDR_DB_KEY = 'emailaddress',
- USERNAME_DB_KEY = 'username',
- PROVIDER_DB_KEY = 'provider',
- IMAP_DB_KEY = 'imap',
- SMTP_DB_KEY = 'smtp',
- REALNAME_DB_KEY = 'realname',
- POST_UPDATE_DB_VERSION = 4;
-
-
- var imap = config.gmail.imap,
- smtp = config.gmail.smtp;
-
- // load the email address (if existing)
- loadFromDB(EMAIL_ADDR_DB_KEY, function(err, emailAddress) {
+'use strict';
+
+var config = require('../../app-config').config;
+
+
+/**
+ * Update handler for transition database version 3 -> 4
+ *
+ * In database version 4, we need to add a "provider" flag to the
+ * indexeddb. only gmail was allowed as a mail service provider before,
+ * so let's add this...
+ */
+function update(options, callback) {
+ var VERSION_DB_TYPE = 'dbVersion',
+ EMAIL_ADDR_DB_KEY = 'emailaddress',
+ USERNAME_DB_KEY = 'username',
+ PROVIDER_DB_KEY = 'provider',
+ IMAP_DB_KEY = 'imap',
+ SMTP_DB_KEY = 'smtp',
+ REALNAME_DB_KEY = 'realname',
+ POST_UPDATE_DB_VERSION = 4;
+
+
+ var imap = config.gmail.imap,
+ smtp = config.gmail.smtp;
+
+ // load the email address (if existing)
+ loadFromDB(EMAIL_ADDR_DB_KEY, function(err, emailAddress) {
+ if (err) {
+ return callback(err);
+ }
+
+ // load the provider (if existing)
+ loadFromDB(PROVIDER_DB_KEY, function(err, provider) {
if (err) {
return callback(err);
}
- // load the provider (if existing)
- loadFromDB(PROVIDER_DB_KEY, function(err, provider) {
- if (err) {
- return callback(err);
- }
+ // if there is an email address without a provider, we need to add the missing provider entry
+ // for any other situation, we're good.
- // if there is an email address without a provider, we need to add the missing provider entry
- // for any other situation, we're good.
+ if (!(emailAddress && !provider)) {
+ // update the database version to POST_UPDATE_DB_VERSION
+ return options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
+ }
- if (!(emailAddress && !provider)) {
- // update the database version to POST_UPDATE_DB_VERSION
- return options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
+ // add the missing provider key
+ options.appConfigStorage.storeList(['gmail'], PROVIDER_DB_KEY, function(err) {
+ if (err) {
+ return callback(err);
}
- // add the missing provider key
- options.appConfigStorage.storeList(['gmail'], PROVIDER_DB_KEY, function(err) {
+ // add the missing user name key
+ options.appConfigStorage.storeList([emailAddress], USERNAME_DB_KEY, function(err) {
if (err) {
return callback(err);
}
- // add the missing user name key
- options.appConfigStorage.storeList([emailAddress], USERNAME_DB_KEY, function(err) {
+ // add the missing imap host info key
+ options.appConfigStorage.storeList([imap], IMAP_DB_KEY, function(err) {
if (err) {
return callback(err);
}
- // add the missing imap host info key
- options.appConfigStorage.storeList([imap], IMAP_DB_KEY, function(err) {
+ // add the missing empty real name
+ options.appConfigStorage.storeList([''], REALNAME_DB_KEY, function(err) {
if (err) {
return callback(err);
}
- // add the missing empty real name
- options.appConfigStorage.storeList([''], REALNAME_DB_KEY, function(err) {
+ // add the missing smtp host info key
+ options.appConfigStorage.storeList([smtp], SMTP_DB_KEY, function(err) {
if (err) {
return callback(err);
}
- // add the missing smtp host info key
- options.appConfigStorage.storeList([smtp], SMTP_DB_KEY, function(err) {
+ // reload the credentials
+ options.auth.initialized = false;
+ options.auth._loadCredentials(function(err) {
if (err) {
return callback(err);
}
- // reload the credentials
- options.auth.initialized = false;
- options.auth._loadCredentials(function(err) {
- if (err) {
- return callback(err);
- }
-
- // update the database version to POST_UPDATE_DB_VERSION
- options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
- });
+ // update the database version to POST_UPDATE_DB_VERSION
+ options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
});
});
});
@@ -93,13 +91,13 @@ define(function(require) {
});
});
});
+ });
- function loadFromDB(key, callback) {
- options.appConfigStorage.listItems(key, 0, null, function(err, cachedItems) {
- callback(err, (!err && cachedItems && cachedItems[0]));
- });
- }
+ function loadFromDB(key, callback) {
+ options.appConfigStorage.listItems(key, 0, null, function(err, cachedItems) {
+ callback(err, (!err && cachedItems && cachedItems[0]));
+ });
}
+}
- return update;
-});
\ No newline at end of file
+module.exports = update;
\ No newline at end of file
diff --git a/src/js/util/update/update-v5.js b/src/js/util/update/update-v5.js
index ef3a035..5284b10 100644
--- a/src/js/util/update/update-v5.js
+++ b/src/js/util/update/update-v5.js
@@ -1,56 +1,54 @@
-define(function() {
- 'use strict';
-
- var FOLDER_TYPE_INBOX = 'Inbox';
- var FOLDER_TYPE_SENT = 'Sent';
- var FOLDER_TYPE_DRAFTS = 'Drafts';
- var FOLDER_TYPE_TRASH = 'Trash';
-
- var FOLDER_DB_TYPE = 'folders';
- var VERSION_DB_TYPE = 'dbVersion';
+'use strict';
+
+var FOLDER_TYPE_INBOX = 'Inbox';
+var FOLDER_TYPE_SENT = 'Sent';
+var FOLDER_TYPE_DRAFTS = 'Drafts';
+var FOLDER_TYPE_TRASH = 'Trash';
+
+var FOLDER_DB_TYPE = 'folders';
+var VERSION_DB_TYPE = 'dbVersion';
+
+var POST_UPDATE_DB_VERSION = 5;
+
+/**
+ * Update handler for transition database version 4 -> 5
+ *
+ * Due to an overlooked issue, there may be multiple folders, e.g. for sent mails.
+ * This removes the "duplicate" folders.
+ */
+function update(options, callback) {
+
+ // remove the emails
+ options.userStorage.listItems(FOLDER_DB_TYPE, 0, null, function(err, stored) {
+ if (err) {
+ return callback(err);
+ }
+
+ var folders = stored[0] || [];
+ [FOLDER_TYPE_INBOX, FOLDER_TYPE_SENT, FOLDER_TYPE_DRAFTS, FOLDER_TYPE_TRASH].forEach(function(mbxType) {
+ var foldersForType = folders.filter(function(mbx) {
+ return mbx.type === mbxType;
+ });
- var POST_UPDATE_DB_VERSION = 5;
+ if (foldersForType.length <= 1) {
+ return; // nothing to do here
+ }
- /**
- * Update handler for transition database version 4 -> 5
- *
- * Due to an overlooked issue, there may be multiple folders, e.g. for sent mails.
- * This removes the "duplicate" folders.
- */
- function update(options, callback) {
+ // remove duplicate folders
+ for (var i = 1; i < foldersForType.length; i++) {
+ folders.splice(folders.indexOf(foldersForType[i]), 1);
+ }
+ });
- // remove the emails
- options.userStorage.listItems(FOLDER_DB_TYPE, 0, null, function(err, stored) {
+ options.userStorage.storeList([folders], FOLDER_DB_TYPE, function(err) {
if (err) {
return callback(err);
}
- var folders = stored[0] || [];
- [FOLDER_TYPE_INBOX, FOLDER_TYPE_SENT, FOLDER_TYPE_DRAFTS, FOLDER_TYPE_TRASH].forEach(function(mbxType) {
- var foldersForType = folders.filter(function(mbx) {
- return mbx.type === mbxType;
- });
-
- if (foldersForType.length <= 1) {
- return; // nothing to do here
- }
-
- // remove duplicate folders
- for (var i = 1; i < foldersForType.length; i++) {
- folders.splice(folders.indexOf(foldersForType[i]), 1);
- }
- });
-
- options.userStorage.storeList([folders], FOLDER_DB_TYPE, function(err) {
- if (err) {
- return callback(err);
- }
-
- // update the database version to POST_UPDATE_DB_VERSION
- options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
- });
+ // update the database version to POST_UPDATE_DB_VERSION
+ options.appConfigStorage.storeList([POST_UPDATE_DB_VERSION], VERSION_DB_TYPE, callback);
});
- }
+ });
+}
- return update;
-});
\ No newline at end of file
+module.exports = update;
\ No newline at end of file
diff --git a/src/lib/forge/forge.min.js b/src/lib/forge/forge.min.js
index a0d39aa..848d33e 100644
--- a/src/lib/forge/forge.min.js
+++ b/src/lib/forge/forge.min.js
@@ -1 +1 @@
-(function(e,t){typeof define=="function"&&define.amd?define([],t):e.forge=t()})(this,function(){var e,t,n;return function(r){function v(e,t){return h.call(e,t)}function m(e,t){var n,r,i,s,o,u,a,f,c,h,p,v=t&&t.split("/"),m=l.map,g=m&&m["*"]||{};if(e&&e.charAt(0)===".")if(t){v=v.slice(0,v.length-1),e=e.split("/"),o=e.length-1,l.nodeIdCompat&&d.test(e[o])&&(e[o]=e[o].replace(d,"")),e=v.concat(e);for(c=0;c0&&(e.splice(c-1,2),c-=2)}}e=e.join("/")}else e.indexOf("./")===0&&(e=e.substring(2));if((v||g)&&m){n=e.split("/");for(c=n.length;c>0;c-=1){r=n.slice(0,c).join("/");if(v)for(h=v.length;h>0;h-=1){i=m[v.slice(0,h).join("/")];if(i){i=i[r];if(i){s=i,u=c;break}}}if(s)break;!a&&g&&g[r]&&(a=g[r],f=c)}!s&&a&&(s=a,u=f),s&&(n.splice(0,u,s),e=n.join("/"))}return e}function g(e,t){return function(){return s.apply(r,p.call(arguments,0).concat([e,t]))}}function y(e){return function(t){return m(t,e)}}function b(e){return function(t){a[e]=t}}function w(e){if(v(f,e)){var t=f[e];delete f[e],c[e]=!0,i.apply(r,t)}if(!v(a,e)&&!v(c,e))throw new Error("No "+e);return a[e]}function E(e){var t,n=e?e.indexOf("!"):-1;return n>-1&&(t=e.substring(0,n),e=e.substring(n+1,e.length)),[t,e]}function S(e){return function(){return l&&l.config&&l.config[e]||{}}}var i,s,o,u,a={},f={},l={},c={},h=Object.prototype.hasOwnProperty,p=[].slice,d=/\.js$/;o=function(e,t){var n,r=E(e),i=r[0];return e=r[1],i&&(i=m(i,t),n=w(i)),i?n&&n.normalize?e=n.normalize(e,y(t)):e=m(e,t):(e=m(e,t),r=E(e),i=r[0],e=r[1],i&&(n=w(i))),{f:i?i+"!"+e:e,n:e,pr:i,p:n}},u={require:function(e){return g(e)},exports:function(e){var t=a[e];return typeof t!="undefined"?t:a[e]={}},module:function(e){return{id:e,uri:"",exports:a[e],config:S(e)}}},i=function(e,t,n,i){var s,l,h,p,d,m=[],y=typeof n,E;i=i||e;if(y==="undefined"||y==="function"){t=!t.length&&n.length?["require","exports","module"]:t;for(d=0;d0)t&1&&(n+=e),t>>>=1,t>0&&(e+=e);return this.data=n,this},t.ByteStringBuffer.prototype.putBytes=function(e){return this.data+=e,this},t.ByteStringBuffer.prototype.putString=function(e){return this.data+=t.encodeUtf8(e),this},t.ByteStringBuffer.prototype.putInt16=function(e){return this.data+=String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt24=function(e){return this.data+=String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt32=function(e){return this.data+=String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt16Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255),this},t.ByteStringBuffer.prototype.putInt24Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255),this},t.ByteStringBuffer.prototype.putInt32Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>24&255),this},t.ByteStringBuffer.prototype.putInt=function(e,t){do t-=8,this.data+=String.fromCharCode(e>>t&255);while(t>0);return this},t.ByteStringBuffer.prototype.putSignedInt=function(e,t){return e<0&&(e+=2<0);return t},t.ByteStringBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),n=2<=n&&(t-=n<<1),t},t.ByteStringBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},t.ByteStringBuffer.prototype.bytes=function(e){return typeof e=="undefined"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},t.ByteStringBuffer.prototype.at=function(e){return this.data.charCodeAt(this.read+e)},t.ByteStringBuffer.prototype.setAt=function(e,t){return this.data=this.data.substr(0,this.read+e)+String.fromCharCode(t)+this.data.substr(this.read+e+1),this},t.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},t.ByteStringBuffer.prototype.copy=function(){var e=t.createBuffer(this.data);return e.read=this.read,e},t.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},t.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},t.ByteStringBuffer.prototype.truncate=function(e){var t=Math.max(0,this.length()-e);return this.data=this.data.substr(this.read,t),this.read=0,this},t.ByteStringBuffer.prototype.toHex=function(){var e="";for(var t=this.read;t=e)return this;t=Math.max(t||this.growSize,e);var n=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),r=new Uint8Array(this.length()+t);return r.set(n),this.data=new DataView(r.buffer),this},t.DataBuffer.prototype.putByte=function(e){return this.accommodate(1),this.data.setUint8(this.write++,e),this},t.DataBuffer.prototype.fillWithByte=function(e,t){this.accommodate(t);for(var n=0;n>8&65535),this.data.setInt8(this.write,e>>16&255),this.write+=3,this},t.DataBuffer.prototype.putInt32=function(e){return this.accommodate(4),this.data.setInt32(this.write,e),this.write+=4,this},t.DataBuffer.prototype.putInt16Le=function(e){return this.accommodate(2),this.data.setInt16(this.write,e,!0),this.write+=2,this},t.DataBuffer.prototype.putInt24Le=function(e){return this.accommodate(3),this.data.setInt8(this.write,e>>16&255),this.data.setInt16(this.write,e>>8&65535,!0),this.write+=3,this},t.DataBuffer.prototype.putInt32Le=function(e){return this.accommodate(4),this.data.setInt32(this.write,e,!0),this.write+=4,this},t.DataBuffer.prototype.putInt=function(e,t){this.accommodate(t/8);do t-=8,this.data.setInt8(this.write++,e>>t&255);while(t>0);return this},t.DataBuffer.prototype.putSignedInt=function(e,t){return this.accommodate(t/8),e<0&&(e+=2<0);return t},t.DataBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),n=2<=n&&(t-=n<<1),t},t.DataBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},t.DataBuffer.prototype.bytes=function(e){return typeof e=="undefined"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},t.DataBuffer.prototype.at=function(e){return this.data.getUint8(this.read+e)},t.DataBuffer.prototype.setAt=function(e,t){return this.data.setUint8(e,t),this},t.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},t.DataBuffer.prototype.copy=function(){return new t.DataBuffer(this)},t.DataBuffer.prototype.compact=function(){if(this.read>0){var e=new Uint8Array(this.data.buffer,this.read),t=new Uint8Array(e.byteLength);t.set(e),this.data=new DataView(t),this.write-=this.read,this.read=0}return this},t.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},t.DataBuffer.prototype.truncate=function(e){return this.write=Math.max(0,this.length()-e),this.read=Math.min(this.read,this.write),this},t.DataBuffer.prototype.toHex=function(){var e="";for(var t=this.read;t0)t&1&&(n+=e),t>>>=1,t>0&&(e+=e);return n},t.xorBytes=function(e,t,n){var r="",i="",s="",o=0,u=0;for(;n>0;--n,++o)i=e.charCodeAt(o)^t.charCodeAt(o),u>=10&&(r+=s,s="",u=0),s+=String.fromCharCode(i),++u;return r+=s,r},t.hexToBytes=function(e){var t="",n=0;e.length&!0&&(n=1,t+=String.fromCharCode(parseInt(e[0],16)));for(;n>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255)};var s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",o=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51];t.encode64=function(e,t){var n="",r="",i,o,u,a=0;while(a>2),n+=s.charAt((i&3)<<4|o>>4),isNaN(o)?n+="==":(n+=s.charAt((o&15)<<2|u>>6),n+=isNaN(u)?"=":s.charAt(u&63)),t&&n.length>t&&(r+=n.substr(0,t)+"\r\n",n=n.substr(t));return r+=n,r},t.decode64=function(e){e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");var t="",n,r,i,s,u=0;while(u>4),i!==64&&(t+=String.fromCharCode((r&15)<<4|i>>2),s!==64&&(t+=String.fromCharCode((i&3)<<6|s)));return t},t.encodeUtf8=function(e){return unescape(encodeURIComponent(e))},t.decodeUtf8=function(e){return decodeURIComponent(escape(e))},t.binary={raw:{},hex:{},base64:{}},t.binary.raw.encode=function(e){return String.fromCharCode.apply(null,e)},t.binary.raw.decode=function(e,t,n){var r=t;r||(r=new Uint8Array(e.length)),n=n||0;var i=n;for(var s=0;s>2),n+=s.charAt((i&3)<<4|o>>4),isNaN(o)?n+="==":(n+=s.charAt((o&15)<<2|u>>6),n+=isNaN(u)?"=":s.charAt(u&63)),t&&n.length>t&&(r+=n.substr(0,t)+"\r\n",n=n.substr(t));return r+=n,r},t.binary.base64.decode=function(e,t,n){var r=t;r||(r=new Uint8Array(Math.ceil(e.length/4)*3)),e=e.replace(/[^A-Za-z0-9\+\/\=]/g,""),n=n||0;var i,s,u,a,f=0,l=n;while(f>4,u!==64&&(t[l++]=(s&15)<<4|u>>2,a!==64&&(t[l++]=(u&3)<<6|a));return t?l-n:t},t.text={utf8:{},utf16:{}},t.text.utf8.encode=function(e,n,r){e=t.encodeUtf8(e);var i=n;i||(i=new Uint8Array(e.length)),r=r||0;var s=r;for(var o=0;o0?(s=n[r].substring(0,i),o=n[r].substring(i+1)):(s=n[r],o=null),s in t||(t[s]=[]),!(s in Object.prototype)&&o!==null&&t[s].push(unescape(o))}return t},n;return typeof e=="undefined"?(d===null&&(typeof window=="undefined"?d={}:d=t(window.location.search.substring(1))),n=d):n=t(e),n},t.parseFragment=function(e){var n=e,r="",i=e.indexOf("?");i>0&&(n=e.substring(0,i),r=e.substring(i+1));var s=n.split("/");s.length>0&&s[0]===""&&s.shift();var o=r===""?{}:t.getQueryVariables(r);return{pathString:n,queryString:r,path:s,query:o}},t.makeRequest=function(e){var n=t.parseFragment(e),r={path:n.pathString,query:n.queryString,getPath:function(e){return typeof e=="undefined"?n.path:n.path[e]},getQuery:function(e,t){var r;return typeof e=="undefined"?r=n.query:(r=n.query[e],r&&typeof t!="undefined"&&(r=r[t])),r},getQueryLast:function(e,t){var n,i=r.getQuery(e);return i?n=i[i.length-1]:n=t,n}};return r},t.makeLink=function(e,t,n){e=jQuery.isArray(e)?e.join("/"):e;var r=jQuery.param(t||{});return n=n||"",e+(r.length>0?"?"+r:"")+(n.length>0?"#"+n:"")},t.setPath=function(e,t,n){if(typeof e=="object"&&e!==null){var r=0,i=t.length;while(r0&&s.push(r),o=t.lastIndex;var u=n[0][1];switch(u){case"s":case"o":i");break;case"%":s.push("%");break;default:s.push("<%"+u+"?>")}}return s.push(e.substring(o)),s.join("")},t.formatNumber=function(e,t,n,r){var i=e,s=isNaN(t=Math.abs(t))?2:t,o=n===undefined?",":n,u=r===undefined?".":r,a=i<0?"-":"",f=parseInt(i=Math.abs(+i||0).toFixed(s),10)+"",l=f.length>3?f.length%3:0;return a+(l?f.substr(0,l)+u:"")+f.substr(l).replace(/(\d{3})(?=\d)/g,"$1"+u)+(s?o+Math.abs(i-f).toFixed(s).slice(2):"")},t.formatSize=function(e){return e>=1073741824?e=t.formatNumber(e/1073741824,2,".","")+" GiB":e>=1048576?e=t.formatNumber(e/1048576,2,".","")+" MiB":e>=1024?e=t.formatNumber(e/1024,0)+" KiB":e=t.formatNumber(e,0)+" bytes",e},t.bytesFromIP=function(e){return e.indexOf(".")!==-1?t.bytesFromIPv4(e):e.indexOf(":")!==-1?t.bytesFromIPv6(e):null},t.bytesFromIPv4=function(e){e=e.split(".");if(e.length!==4)return null;var n=t.createBuffer();for(var r=0;rr[i].end-r[i].start&&(i=r.length-1))}n.push(o)}if(r.length>0){var f=r[i];f.end-f.start>0&&(n.splice(f.start,f.end-f.start+1,""),f.start===0&&n.unshift(""),f.end===7&&n.push(""))}return n.join(":")},t.estimateCores=function(e,n){function i(e,u,a){if(u===0){var f=Math.floor(e.reduce(function(e,t){return e+t},0)/e.length);return t.cores=Math.max(1,f),URL.revokeObjectURL(r),n(null,t.cores)}s(a,function(t,n){e.push(o(a,n)),i(e,u-1,a)})}function s(e,t){var n=[],i=[];for(var s=0;su.st&&i.sti.st&&u.st=this.blockSize||this._input.length()>0&&this._finish)this._op.call(this.mode,this._input,this.output);this._input.compact()},t.prototype.finish=function(e){e&&this.mode.name==="CBC"&&(this.mode.pad=function(t){return e(this.blockSize,t,!1)},this.mode.unpad=function(t){return e(this.blockSize,t,!0)});var t={};return t.decrypt=this._decrypt,t.overflow=this._input.length()%this.blockSize,!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,t)?!1:(this._finish=!0,this.update(),this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,t)?!1:this.mode.afterFinish&&!this.mode.afterFinish(this.output,t)?!1:!0)}}var r="cipher";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o4){var n=t;t=e.util.createBuffer();for(var r=0;r0)return!1;var n=e.length(),r=e.at(n-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},t.cbc=function(e){e=e||{},this.name="CBC",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=new Array(this._blocks),this._outBlock=new Array(this._blocks)},t.cbc.prototype.start=function(e){if(e.iv===null){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else{if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._prev=this._iv.slice(0)}},t.cbc.prototype.encrypt=function(e,t){for(var n=0;n0)return!1;var n=e.length(),r=e.at(n-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},t.cfb=function(e){e=e||{},this.name="CFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.cfb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.cfb.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.ofb=function(e){e=e||{},this.name="OFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.ofb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.ofb.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.ctr=function(e){e=e||{},this.name="CTR",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.ctr.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.ctr.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock),r(this._inBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.gcm=function(e){e=e||{},this.name="GCM",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=new Array(this._blocks),this._outBlock=new Array(this._blocks),this._R=3774873600},t.gcm.prototype.start=function(t){if(!("iv"in t))throw new Error("Invalid IV parameter.");var n=e.util.createBuffer(t.iv);this._cipherLength=0;var s;"additionalData"in t?s=e.util.createBuffer(t.additionalData):s=e.util.createBuffer(),"tagLength"in t?this._tagLength=t.tagLength:this._tagLength=128,this._tag=null;if(t.decrypt){this._tag=e.util.createBuffer(t.tag).getBytes();if(this._tag.length!==this._tagLength/8)throw new Error("Authentication tag does not match tag length.")}this._hashBlock=new Array(this._blocks),this.tag=null,this._hashSubkey=new Array(this._blocks),this.cipher.encrypt([0,0,0,0],this._hashSubkey),this.componentBits=4,this._m=this.generateHashTable(this._hashSubkey,this.componentBits);var o=n.length();if(o===12)this._j0=[n.getInt32(),n.getInt32(),n.getInt32(),1];else{this._j0=[0,0,0,0];while(n.length()>0)this._j0=this.ghash(this._hashSubkey,this._j0,[n.getInt32(),n.getInt32(),n.getInt32(),n.getInt32()]);this._j0=this.ghash(this._hashSubkey,this._j0,[0,0].concat(i(o*8)))}this._inBlock=this._j0.slice(0),r(this._inBlock),s=e.util.createBuffer(s),this._aDataLength=i(s.length()*8);var u=s.length()%this.blockSize;u&&s.fillWithByte(0,this.blockSize-u),this._s=[0,0,0,0];while(s.length()>0)this._s=this.ghash(this._hashSubkey,this._s,[s.getInt32(),s.getInt32(),s.getInt32(),s.getInt32()])},t.gcm.prototype.encrypt=function(t,n){this.cipher.encrypt(this._inBlock,this._outBlock),r(this._inBlock);var i=t.length();for(var s=0;s0;--r)t[r]=e[r]>>>1|(e[r-1]&1)<<31;t[0]=e[0]>>>1,n&&(t[0]^=this._R)},t.gcm.prototype.tableMultiply=function(e){var t=[0,0,0,0];for(var n=0;n<32;++n){var r=n/8|0,i=e[r]>>>(7-n%8)*4&15,s=this._m[n][i];t[0]^=s[0],t[1]^=s[1],t[2]^=s[2],t[3]^=s[3]}return t},t.gcm.prototype.ghash=function(e,t,n){return t[0]^=n[0],t[1]^=n[1],t[2]^=n[2],t[3]^=n[3],this.tableMultiply(t)},t.gcm.prototype.generateHashTable=function(e,t){var n=8/t,r=4*n,i=16*n,s=new Array(i);for(var o=0;o>>1,i=new Array(n);i[r]=e.slice(0);var s=r>>>1;while(s>0)this.pow(i[2*s],i[s]=[]),s>>=1;s=2;while(s>8^p&255^99,i[r]=p,s[p]=r,d=e[p],l=e[r],c=e[l],h=e[c],v=d<<24^p<<16^p<<8^(p^d),m=(l^c^h)<<24^(r^h)<<16^(r^c^h)<<8^(r^l^h);for(var g=0;g<4;++g)u[g][r]=v,a[g][p]=m,v=v<<24|v>>>8,m=m<<24|m>>>8;r===0?r=f=1:(r=l^e[e[e[l^h]]],f^=e[e[f]])}}function l(e,t){var n=e.slice(0),s,u=1,f=n.length,l=f+6+1,c=r*l;for(var h=f;h>>16&255]<<24^i[s>>>8&255]<<16^i[s&255]<<8^i[s>>>24]^o[u]<<24,u++):f>6&&h%f===4&&(s=i[s>>>24]<<24^i[s>>>16&255]<<16^i[s>>>8&255]<<8^i[s&255]),n[h]=n[h-f]^s;if(t){var p,d=a[0],v=a[1],m=a[2],g=a[3],y=n.slice(0);c=n.length;for(var h=0,b=c-r;h>>24]]^v[i[p>>>16&255]]^m[i[p>>>8&255]]^g[i[p&255]];n=y}return n}function c(e,t,n,r){var o=e.length/4-1,f,l,c,h,p;r?(f=a[0],l=a[1],c=a[2],h=a[3],p=s):(f=u[0],l=u[1],c=u[2],h=u[3],p=i);var d,v,m,g,y,b,w;d=t[0]^e[0],v=t[r?3:1]^e[1],m=t[2]^e[2],g=t[r?1:3]^e[3];var E=3;for(var S=1;S>>24]^l[v>>>16&255]^c[m>>>8&255]^h[g&255]^e[++E],b=f[v>>>24]^l[m>>>16&255]^c[g>>>8&255]^h[d&255]^e[++E],w=f[m>>>24]^l[g>>>16&255]^c[d>>>8&255]^h[v&255]^e[++E],g=f[g>>>24]^l[d>>>16&255]^c[v>>>8&255]^h[m&255]^e[++E],d=y,v=b,m=w;n[0]=p[d>>>24]<<24^p[v>>>16&255]<<16^p[m>>>8&255]<<8^p[g&255]^e[++E],n[r?3:1]=p[v>>>24]<<24^p[m>>>16&255]<<16^p[g>>>8&255]<<8^p[d&255]^e[++E],n[2]=p[m>>>24]<<24^p[g>>>16&255]<<16^p[d>>>8&255]<<8^p[v&255]^e[++E],n[r?1:3]=p[g>>>24]<<24^p[d>>>16&255]<<16^p[v>>>8&255]<<8^p[m&255]^e[++E]}function h(t){t=t||{};var n=(t.mode||"CBC").toUpperCase(),r="AES-"+n,i;t.decrypt?i=e.cipher.createDecipher(r,t.key):i=e.cipher.createCipher(r,t.key);var s=i.start;return i.start=function(t,n){var r=null;n instanceof e.util.ByteBuffer&&(r=n,n={}),n=n||{},n.output=r,n.iv=t,s.call(i,n)},i}e.aes=e.aes||{},e.aes.startEncrypting=function(e,t,n,r){var i=h({key:e,output:n,decrypt:!1,mode:r});return i.start(t),i},e.aes.createEncryptionCipher=function(e,t){return h({key:e,output:null,decrypt:!1,mode:t})},e.aes.startDecrypting=function(e,t,n,r){var i=h({key:e,output:n,decrypt:!0,mode:r});return i.start(t),i},e.aes.createDecryptionCipher=function(e,t){return h({key:e,output:null,decrypt:!0,mode:t})},e.aes.Algorithm=function(e,t){n||f();var r=this;r.name=e,r.mode=new t({blockSize:16,cipher:{encrypt:function(e,t){return c(r._w,e,t,!1)},decrypt:function(e,t){return c(r._w,e,t,!0)}}}),r._init=!1},e.aes.Algorithm.prototype.initialize=function(t){if(this._init)return;var n=t.key,r;if(typeof n!="string"||n.length!==16&&n.length!==24&&n.length!==32){if(e.util.isArray(n)&&(n.length===16||n.length===24||n.length===32)){r=n,n=e.util.createBuffer();for(var i=0;i>>=2;for(var i=0;i1){var p=r.read,d=r.getByte();if(d===0){o=r.getByte();var v=o&192;if(v===t.Class.UNIVERSAL||v===t.Class.CONTEXT_SPECIFIC)try{var m=n(r);h=m===f-(r.read-p),h&&(++p,--f)}catch(g){}}r.read=p}if(h){l=[];if(f===undefined)for(;;){if(r.bytes(2)===String.fromCharCode(0,0)){r.getBytes(2);break}l.push(t.fromDer(r,i))}else{var y=r.length();while(f>0)l.push(t.fromDer(r,i)),f-=y-r.length(),y=r.length()}}else{if(f===undefined){if(i)throw new Error("Non-constructed ASN.1 object of indefinite length.");f=r.length()}if(a===t.Type.BMPSTRING){l="";for(var b=0;b>>=8;while(u>0);r.putByte(a.length|128);for(var o=a.length-1;o>=0;--o)r.putByte(a.charCodeAt(o))}return r.putBuffer(s),r},t.oidToDer=function(t){var n=t.split("."),r=e.util.createBuffer();r.putByte(40*parseInt(n[0],10)+parseInt(n[1],10));var i,s,o,u;for(var a=2;a>>=7,i||(u|=128),s.push(u),i=!1;while(o>0);for(var f=s.length-1;f>=0;--f)r.putByte(s[f])}return r},t.derToOid=function(t){var n;typeof t=="string"&&(t=e.util.createBuffer(t));var r=t.getByte();n=Math.floor(r/40)+"."+r%40;var i=0;while(t.length()>0)r=t.getByte(),i<<=7,r&128?i+=r&127:(n+="."+(i+r),i=0);return n},t.utcTimeToDate=function(e){var t=new Date,n=parseInt(e.substr(0,2),10);n=n>=50?1900+n:2e3+n;var r=parseInt(e.substr(2,2),10)-1,i=parseInt(e.substr(4,2),10),s=parseInt(e.substr(6,2),10),o=parseInt(e.substr(8,2),10),u=0;if(e.length>11){var a=e.charAt(10),f=10;a!=="+"&&a!=="-"&&(u=parseInt(e.substr(10,2),10),f+=2)}t.setUTCFullYear(n,r,i),t.setUTCHours(s,o,u,0);if(f){a=e.charAt(f);if(a==="+"||a==="-"){var l=parseInt(e.substr(f+1,2),10),c=parseInt(e.substr(f+4,2),10),h=l*60+c;h*=6e4,a==="+"?t.setTime(+t-h):t.setTime(+t+h)}}return t},t.generalizedTimeToDate=function(e){var t=new Date,n=parseInt(e.substr(0,4),10),r=parseInt(e.substr(4,2),10)-1,i=parseInt(e.substr(6,2),10),s=parseInt(e.substr(8,2),10),o=parseInt(e.substr(10,2),10),u=parseInt(e.substr(12,2),10),a=0,f=0,l=!1;e.charAt(e.length-1)==="Z"&&(l=!0);var c=e.length-5,h=e.charAt(c);if(h==="+"||h==="-"){var p=parseInt(e.substr(c+1,2),10),d=parseInt(e.substr(c+4,2),10);f=p*60+d,f*=6e4,h==="+"&&(f*=-1),l=!0}return e.charAt(14)==="."&&(a=parseFloat(e.substr(14),10)*1e3),l?(t.setUTCFullYear(n,r,i),t.setUTCHours(s,o,u,a),t.setTime(+t+f)):(t.setFullYear(n,r,i),t.setHours(s,o,u,a)),t},t.dateToUtcTime=function(e){var t="",n=[];n.push((""+e.getUTCFullYear()).substr(2)),n.push(""+(e.getUTCMonth()+1)),n.push(""+e.getUTCDate()),n.push(""+e.getUTCHours()),n.push(""+e.getUTCMinutes()),n.push(""+e.getUTCSeconds());for(var r=0;r=-128&&t<128)return n.putSignedInt(t,8);if(t>=-32768&&t<32768)return n.putSignedInt(t,16);if(t>=-8388608&&t<8388608)return n.putSignedInt(t,24);if(t>=-2147483648&&t<2147483648)return n.putSignedInt(t,32);var r=new Error("Integer too large; max is 32-bits.");throw r.integer=t,r},t.derToInteger=function(t){typeof t=="string"&&(t=e.util.createBuffer(t));var n=t.length()*8;if(n>32)throw new Error("Integer too large; max is 32-bits.");return t.getSignedInt(n)},t.validate=function(n,r,i,s){var o=!1;if(n.tagClass!==r.tagClass&&typeof r.tagClass!="undefined"||n.type!==r.type&&typeof r.type!="undefined")s&&(n.tagClass!==r.tagClass&&s.push("["+r.name+"] "+'Expected tag class "'+r.tagClass+'", got "'+n.tagClass+'"'),n.type!==r.type&&s.push("["+r.name+"] "+'Expected type "'+r.type+'", got "'+n.type+'"'));else if(n.constructed===r.constructed||typeof r.constructed=="undefined"){o=!0;if(r.value&&e.util.isArray(r.value)){var u=0;for(var a=0;o&&a0&&(o+="\n");var u="";for(var a=0;a=64){u=e.h0,a=e.h1,f=e.h2,l=e.h3;for(p=0;p<16;++p)t[p]=n.getInt32Le(),c=l^a&(f^l),o=u+c+s[p]+t[p],h=i[p],u=l,l=f,f=a,a+=o<>>32-h;for(;p<32;++p)c=f^l&(a^f),o=u+c+s[p]+t[r[p]],h=i[p],u=l,l=f,f=a,a+=o<>>32-h;for(;p<48;++p)c=a^f^l,o=u+c+s[p]+t[r[p]],h=i[p],u=l,l=f,f=a,a+=o<>>32-h;for(;p<64;++p)c=f^(a|~l),o=u+c+s[p]+t[r[p]],h=i[p],u=l,l=f,f=a,a+=o<>>32-h;e.h0=e.h0+u|0,e.h1=e.h1+a|0,e.h2=e.h2+f|0,e.h3=e.h3+l|0,d-=64}}var t=e.md5=e.md5||{};e.md=e.md||{},e.md.algorithms=e.md.algorithms||{},e.md.md5=e.md.algorithms.md5=t,t.create=function(){o||u();var t=null,r=e.util.createBuffer(),i=new Array(16),s={algorithm:"md5",blockLength:64,digestLength:16,messageLength:0,messageLength64:[0,0]};return s.start=function(){return s.messageLength=0,s.messageLength64=[0,0],r=e.util.createBuffer(),t={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878},s},s.start(),s.update=function(n,o){return o==="utf8"&&(n=e.util.encodeUtf8(n)),s.messageLength+=n.length,s.messageLength64[0]+=n.length/4294967296>>>0,s.messageLength64[1]+=n.length>>>0,r.putBytes(n),a(t,i,r),(r.read>2048||r.length()===0)&&r.compact(),s},s.digest=function(){var o=e.util.createBuffer();o.putBytes(r.bytes()),o.putBytes(n.substr(0,64-(s.messageLength64[1]+8&63))),o.putInt32Le(s.messageLength64[1]<<3),o.putInt32Le(s.messageLength64[0]<<3|s.messageLength64[0]>>>28);var u={h0:t.h0,h1:t.h1,h2:t.h2,h3:t.h3};a(u,i,o);var f=e.util.createBuffer();return f.putInt32Le(u.h0),f.putInt32Le(u.h1),f.putInt32Le(u.h2),f.putInt32Le(u.h3),f},s};var n=null,r=null,i=null,s=null,o=!1}var r="md5";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=64){i=e.h0,s=e.h1,o=e.h2,u=e.h3,a=e.h4;for(l=0;l<16;++l)r=n.getInt32(),t[l]=r,f=u^s&(o^u),r=(i<<5|i>>>27)+f+a+1518500249+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;for(;l<20;++l)r=t[l-3]^t[l-8]^t[l-14]^t[l-16],r=r<<1|r>>>31,t[l]=r,f=u^s&(o^u),r=(i<<5|i>>>27)+f+a+1518500249+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;for(;l<32;++l)r=t[l-3]^t[l-8]^t[l-14]^t[l-16],r=r<<1|r>>>31,t[l]=r,f=s^o^u,r=(i<<5|i>>>27)+f+a+1859775393+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;for(;l<40;++l)r=t[l-6]^t[l-16]^t[l-28]^t[l-32],r=r<<2|r>>>30,t[l]=r,f=s^o^u,r=(i<<5|i>>>27)+f+a+1859775393+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;for(;l<60;++l)r=t[l-6]^t[l-16]^t[l-28]^t[l-32],r=r<<2|r>>>30,t[l]=r,f=s&o|u&(s^o),r=(i<<5|i>>>27)+f+a+2400959708+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;for(;l<80;++l)r=t[l-6]^t[l-16]^t[l-28]^t[l-32],r=r<<2|r>>>30,t[l]=r,f=s^o^u,r=(i<<5|i>>>27)+f+a+3395469782+r,a=u,u=o,o=s<<30|s>>>2,s=i,i=r;e.h0=e.h0+i|0,e.h1=e.h1+s|0,e.h2=e.h2+o|0,e.h3=e.h3+u|0,e.h4=e.h4+a|0,c-=64}}var t=e.sha1=e.sha1||{};e.md=e.md||{},e.md.algorithms=e.md.algorithms||{},e.md.sha1=e.md.algorithms.sha1=t,t.create=function(){r||i();var t=null,o=e.util.createBuffer(),u=new Array(80),a={algorithm:"sha1",blockLength:64,digestLength:20,messageLength:0,messageLength64:[0,0]};return a.start=function(){return a.messageLength=0,a.messageLength64=[0,0],o=e.util.createBuffer(),t={h0:1732584193,h1:4023233417,h2:2562383102,h3:271733878,h4:3285377520},a},a.start(),a.update=function(n,r){return r==="utf8"&&(n=e.util.encodeUtf8(n)),a.messageLength+=n.length,a.messageLength64[0]+=n.length/4294967296>>>0,a.messageLength64[1]+=n.length>>>0,o.putBytes(n),s(t,u,o),(o.read>2048||o.length()===0)&&o.compact(),a},a.digest=function(){var r=e.util.createBuffer();r.putBytes(o.bytes()),r.putBytes(n.substr(0,64-(a.messageLength64[1]+8&63))),r.putInt32(a.messageLength64[0]<<3|a.messageLength64[0]>>>28),r.putInt32(a.messageLength64[1]<<3);var i={h0:t.h0,h1:t.h1,h2:t.h2,h3:t.h3,h4:t.h4};s(i,u,r);var f=e.util.createBuffer();return f.putInt32(i.h0),f.putInt32(i.h1),f.putInt32(i.h2),f.putInt32(i.h3),f.putInt32(i.h4),f},a};var n=null,r=!1}var r="sha1";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=64){for(l=0;l<16;++l)t[l]=n.getInt32();for(;l<64;++l)r=t[l-2],r=(r>>>17|r<<15)^(r>>>19|r<<13)^r>>>10,s=t[l-15],s=(s>>>7|s<<25)^(s>>>18|s<<14)^s>>>3,t[l]=r+t[l-7]+s+t[l-16]|0;c=e.h0,h=e.h1,p=e.h2,d=e.h3,v=e.h4,m=e.h5,g=e.h6,y=e.h7;for(l=0;l<64;++l)u=(v>>>6|v<<26)^(v>>>11|v<<21)^(v>>>25|v<<7),a=g^v&(m^g),o=(c>>>2|c<<30)^(c>>>13|c<<19)^(c>>>22|c<<10),f=c&h|p&(c^h),r=y+u+a+i[l]+t[l],s=o+f,y=g,g=m,m=v,v=d+r|0,d=p,p=h,h=c,c=r+s|0;e.h0=e.h0+c|0,e.h1=e.h1+h|0,e.h2=e.h2+p|0,e.h3=e.h3+d|0,e.h4=e.h4+v|0,e.h5=e.h5+m|0,e.h6=e.h6+g|0,e.h7=e.h7+y|0,b-=64}}var t=e.sha256=e.sha256||{};e.md=e.md||{},e.md.algorithms=e.md.algorithms||{},e.md.sha256=e.md.algorithms.sha256=t,t.create=function(){r||s();var t=null,i=e.util.createBuffer(),u=new Array(64),a={algorithm:"sha256",blockLength:64,digestLength:32,messageLength:0,messageLength64:[0,0]};return a.start=function(){return a.messageLength=0,a.messageLength64=[0,0],i=e.util.createBuffer(),t={h0:1779033703,h1:3144134277,h2:1013904242,h3:2773480762,h4:1359893119,h5:2600822924,h6:528734635,h7:1541459225},a},a.start(),a.update=function(n,r){return r==="utf8"&&(n=e.util.encodeUtf8(n)),a.messageLength+=n.length,a.messageLength64[0]+=n.length/4294967296>>>0,a.messageLength64[1]+=n.length>>>0,i.putBytes(n),o(t,u,i),(i.read>2048||i.length()===0)&&i.compact(),a},a.digest=function(){var r=e.util.createBuffer();r.putBytes(i.bytes()),r.putBytes(n.substr(0,64-(a.messageLength64[1]+8&63))),r.putInt32(a.messageLength64[0]<<3|a.messageLength64[0]>>>28),r.putInt32(a.messageLength64[1]<<3);var s={h0:t.h0,h1:t.h1,h2:t.h2,h3:t.h3,h4:t.h4,h5:t.h5,h6:t.h6,h7:t.h7};o(s,u,r);var f=e.util.createBuffer();return f.putInt32(s.h0),f.putInt32(s.h1),f.putInt32(s.h2),f.putInt32(s.h3),f.putInt32(s.h4),f.putInt32(s.h5),f.putInt32(s.h6),f.putInt32(s.h7),f},a};var n=null,r=!1,i=null}var r="sha256";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=128){for(_=0;_<16;++_)t[_][0]=n.getInt32()>>>0,t[_][1]=n.getInt32()>>>0;for(;_<80;++_)H=t[_-2],D=H[0],P=H[1],r=((D>>>19|P<<13)^(P>>>29|D<<3)^D>>>6)>>>0,i=((D<<13|P>>>19)^(P<<3|D>>>29)^(D<<26|P>>>6))>>>0,j=t[_-15],D=j[0],P=j[1],o=((D>>>1|P<<31)^(D>>>8|P<<24)^D>>>7)>>>0,u=((D<<31|P>>>1)^(D<<24|P>>>8)^(D<<25|P>>>7))>>>0,B=t[_-7],F=t[_-16],P=i+B[1]+u+F[1],t[_][0]=r+B[0]+o+F[0]+(P/4294967296>>>0)>>>0,t[_][1]=P>>>0;m=e[0][0],g=e[0][1],y=e[1][0],b=e[1][1],w=e[2][0],E=e[2][1],S=e[3][0],x=e[3][1],T=e[4][0],N=e[4][1],C=e[5][0],k=e[5][1],L=e[6][0],A=e[6][1],O=e[7][0],M=e[7][1];for(_=0;_<80;++_)l=((T>>>14|N<<18)^(T>>>18|N<<14)^(N>>>9|T<<23))>>>0,c=((T<<18|N>>>14)^(T<<14|N>>>18)^(N<<23|T>>>9))>>>0,h=(L^T&(C^L))>>>0,p=(A^N&(k^A))>>>0,a=((m>>>28|g<<4)^(g>>>2|m<<30)^(g>>>7|m<<25))>>>0,f=((m<<4|g>>>28)^(g<<30|m>>>2)^(g<<25|m>>>7))>>>0,d=(m&y|w&(m^y))>>>0,v=(g&b|E&(g^b))>>>0,P=M+c+p+s[_][1]+t[_][1],r=O+l+h+s[_][0]+t[_][0]+(P/4294967296>>>0)>>>0,i=P>>>0,P=f+v,o=a+d+(P/4294967296>>>0)>>>0,u=P>>>0,O=L,M=A,L=C,A=k,C=T,k=N,P=x+i,T=S+r+(P/4294967296>>>0)>>>0,N=P>>>0,S=w,x=E,w=y,E=b,y=m,b=g,P=i+u,m=r+o+(P/4294967296>>>0)>>>0,g=P>>>0;P=e[0][1]+g,e[0][0]=e[0][0]+m+(P/4294967296>>>0)>>>0,e[0][1]=P>>>0,P=e[1][1]+b,e[1][0]=e[1][0]+y+(P/4294967296>>>0)>>>0,e[1][1]=P>>>0,P=e[2][1]+E,e[2][0]=e[2][0]+w+(P/4294967296>>>0)>>>0,e[2][1]=P>>>0,P=e[3][1]+x,e[3][0]=e[3][0]+S+(P/4294967296>>>0)>>>0,e[3][1]=P>>>0,P=e[4][1]+N,e[4][0]=e[4][0]+T+(P/4294967296>>>0)>>>0,e[4][1]=P>>>0,P=e[5][1]+k,e[5][0]=e[5][0]+C+(P/4294967296>>>0)>>>0,e[5][1]=P>>>0,P=e[6][1]+A,e[6][0]=e[6][0]+L+(P/4294967296>>>0)>>>0,e[6][1]=P>>>0,P=e[7][1]+M,e[7][0]=e[7][0]+O+(P/4294967296>>>0)>>>0,e[7][1]=P>>>0,I-=128}}var t=e.sha512=e.sha512||{};e.md=e.md||{},e.md.algorithms=e.md.algorithms||{},e.md.sha512=e.md.algorithms.sha512=t;var n=e.sha384=e.sha512.sha384=e.sha512.sha384||{};n.create=function(){return t.create("SHA-384")},e.md.sha384=e.md.algorithms.sha384=n,e.sha512.sha256=e.sha512.sha256||{create:function(){return t.create("SHA-512/256")}},e.md["sha512/256"]=e.md.algorithms["sha512/256"]=e.sha512.sha256,e.sha512.sha224=e.sha512.sha224||{create:function(){return t.create("SHA-512/224")}},e.md["sha512/224"]=e.md.algorithms["sha512/224"]=e.sha512.sha224,t.create=function(t){i||u(),typeof t=="undefined"&&(t="SHA-512");if(t in o){var n=o[t],s=null,f=e.util.createBuffer(),l=new Array(80);for(var c=0;c<80;++c)l[c]=new Array(2);var h={algorithm:t.replace("-","").toLowerCase(),blockLength:128,digestLength:64,messageLength:0,messageLength128:[0,0,0,0]};return h.start=function(){h.messageLength=0,h.messageLength128=[0,0,0,0],f=e.util.createBuffer(),s=new Array(n.length);for(var t=0;t>>0,r>>>0];for(var i=3;i>=0;--i)h.messageLength128[i]+=r[1],r[1]=r[0]+(h.messageLength128[i]/4294967296>>>0),h.messageLength128[i]=h.messageLength128[i]>>>0,r[0]=r[1]/4294967296>>>0;return f.putBytes(t),a(s,l,f),(f.read>2048||f.length()===0)&&f.compact(),h},h.digest=function(){var n=e.util.createBuffer();n.putBytes(f.bytes()),n.putBytes(r.substr(0,128-(h.messageLength128[3]+16&127)));var i=[];for(var o=0;o<3;++o)i[o]=h.messageLength128[o]<<3|h.messageLength128[o-1]>>>28;i[3]=h.messageLength128[3]<<3,n.putInt32(i[0]),n.putInt32(i[1]),n.putInt32(i[2]),n.putInt32(i[3]);var u=new Array(s.length);for(var o=0;on.blockLength&&(n.start(),n.update(o.bytes()),o=n.digest()),r=e.util.createBuffer(),i=e.util.createBuffer(),f=o.length();for(var a=0;a65&&o!==-1){var u=t[o];u===","?(++o,t=t.substr(0,o)+"\r\n "+t.substr(o)):t=t.substr(0,o)+"\r\n"+u+t.substr(o+1),s=i-o-1,o=-1,++i}else if(t[i]===" "||t[i]===" "||t[i]===",")o=i;return t}function r(e){return e.replace(/^\s+/,"")}var t=e.pem=e.pem||{};t.encode=function(t,r){r=r||{};var i="-----BEGIN "+t.type+"-----\r\n",s;t.procType&&(s={name:"Proc-Type",values:[String(t.procType.version),t.procType.type]},i+=n(s)),t.contentDomain&&(s={name:"Content-Domain",values:[t.contentDomain]},i+=n(s)),t.dekInfo&&(s={name:"DEK-Info",values:[t.dekInfo.algorithm]},t.dekInfo.parameters&&s.values.push(t.dekInfo.parameters),i+=n(s));if(t.headers)for(var o=0;o8?3:1,m=[],g=[0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0],y=0,b;for(var w=0;w>>4^S)&252645135,S^=b,E^=b<<4,b=(S>>>-16^E)&65535,E^=b,S^=b<<-16,b=(E>>>2^S)&858993459,S^=b,E^=b<<2,b=(S>>>-16^E)&65535,E^=b,S^=b<<-16,b=(E>>>1^S)&1431655765,S^=b,E^=b<<1,b=(S>>>8^E)&16711935,E^=b,S^=b<<8,b=(E>>>1^S)&1431655765,S^=b,E^=b<<1,b=E<<8|S>>>20&240,E=S<<24|S<<8&16711680|S>>>8&65280|S>>>24&240,S=b;for(var x=0;x>>26,S=S<<2|S>>>26):(E=E<<1|E>>>27,S=S<<1|S>>>27),E&=-15,S&=-15;var T=t[E>>>28]|n[E>>>24&15]|r[E>>>20&15]|i[E>>>16&15]|s[E>>>12&15]|o[E>>>8&15]|u[E>>>4&15],N=a[S>>>28]|f[S>>>24&15]|l[S>>>20&15]|c[S>>>16&15]|h[S>>>12&15]|p[S>>>8&15]|d[S>>>4&15];b=(N>>>16^T)&65535,m[y++]=T^b,m[y++]=N^b<<16}}return m}function c(e,t,l,c){var h=e.length===32?3:9,p;h===3?p=c?[30,-2,-2]:[0,32,2]:p=c?[94,62,-2,32,64,2,30,-2,-2]:[0,32,2,62,30,-2,64,96,2];var d,v=t[0],m=t[1];d=(v>>>4^m)&252645135,m^=d,v^=d<<4,d=(v>>>16^m)&65535,m^=d,v^=d<<16,d=(m>>>2^v)&858993459,v^=d,m^=d<<2,d=(m>>>8^v)&16711935,v^=d,m^=d<<8,d=(v>>>1^m)&1431655765,m^=d,v^=d<<1,v=v<<1|v>>>31,m=m<<1|m>>>31;for(var g=0;g>>4|m<<28)^e[w+1];d=v,v=m,m=d^(r[E>>>24&63]|s[E>>>16&63]|u[E>>>8&63]|f[E&63]|n[S>>>24&63]|i[S>>>16&63]|o[S>>>8&63]|a[S&63])}d=v,v=m,m=d}v=v>>>1|v<<31,m=m>>>1|m<<31,d=(v>>>1^m)&1431655765,m^=d,v^=d<<1,d=(m>>>8^v)&16711935,v^=d,m^=d<<8,d=(m>>>2^v)&858993459,v^=d,m^=d<<2,d=(v>>>16^m)&65535,m^=d,v^=d<<16,d=(v>>>4^m)&252645135,m^=d,v^=d<<4,l[0]=v,l[1]=m}function h(t){t=t||{};var n=(t.mode||"CBC").toUpperCase(),r="DES-"+n,i;t.decrypt?i=e.cipher.createDecipher(r,t.key):i=e.cipher.createCipher(r,t.key);var s=i.start;return i.start=function(t,n){var r=null;n instanceof e.util.ByteBuffer&&(r=n,n={}),n=n||{},n.output=r,n.iv=t,s.call(i,n)},i}e.des=e.des||{},e.des.startEncrypting=function(e,t,n,r){var i=h({key:e,output:n,decrypt:!1,mode:r||(t===null?"ECB":"CBC")});return i.start(t),i},e.des.createEncryptionCipher=function(e,t){return h({key:e,output:null,decrypt:!1,mode:t})},e.des.startDecrypting=function(e,t,n,r){var i=h({key:e,output:n,decrypt:!0,mode:r||(t===null?"ECB":"CBC")});return i.start(t),i},e.des.createDecryptionCipher=function(e,t){return h({key:e,output:null,decrypt:!0,mode:t})},e.des.Algorithm=function(e,t){var n=this;n.name=e,n.mode=new t({blockSize:8,cipher:{encrypt:function(e,t){return c(n._keys,e,t,!1)},decrypt:function(e,t){return c(n._keys,e,t,!0)}}}),n._init=!1},e.des.Algorithm.prototype.initialize=function(t){if(this._init)return;var n=e.util.createBuffer(t.key);if(this.name.indexOf("3DES")===0&&n.length()!==24)throw new Error("Invalid Triple-DES key size: "+n.length()*8);this._keys=l(n),this._init=!0},t("DES-ECB",e.cipher.modes.ecb),t("DES-CBC",e.cipher.modes.cbc),t("DES-CFB",e.cipher.modes.cfb),t("DES-OFB",e.cipher.modes.ofb),t("DES-CTR",e.cipher.modes.ctr),t("3DES-ECB",e.cipher.modes.ecb),t("3DES-CBC",e.cipher.modes.cbc),t("3DES-CFB",e.cipher.modes.cfb),t("3DES-OFB",e.cipher.modes.ofb),t("3DES-CTR",e.cipher.modes.ctr);var n=[16843776,0,65536,16843780,16842756,66564,4,65536,1024,16843776,16843780,1024,16778244,16842756,16777216,4,1028,16778240,16778240,66560,66560,16842752,16842752,16778244,65540,16777220,16777220,65540,0,1028,66564,16777216,65536,16843780,4,16842752,16843776,16777216,16777216,1024,16842756,65536,66560,16777220,1024,4,16778244,66564,16843780,65540,16842752,16778244,16777220,1028,66564,16843776,1028,16778240,16778240,0,65540,66560,0,16842756],r=[-2146402272,-2147450880,32768,1081376,1048576,32,-2146435040,-2147450848,-2147483616,-2146402272,-2146402304,-2147483648,-2147450880,1048576,32,-2146435040,1081344,1048608,-2147450848,0,-2147483648,32768,1081376,-2146435072,1048608,-2147483616,0,1081344,32800,-2146402304,-2146435072,32800,0,1081376,-2146435040,1048576,-2147450848,-2146435072,-2146402304,32768,-2146435072,-2147450880,32,-2146402272,1081376,32,32768,-2147483648,32800,-2146402304,1048576,-2147483616,1048608,-2147450848,-2147483616,1048608,1081344,0,-2147450880,32800,-2147483648,-2146435040,-2146402272,1081344],i=[520,134349312,0,134348808,134218240,0,131592,134218240,131080,134217736,134217736,131072,134349320,131080,134348800,520,134217728,8,134349312,512,131584,134348800,134348808,131592,134218248,131584,131072,134218248,8,134349320,512,134217728,134349312,134217728,131080,520,131072,134349312,134218240,0,512,131080,134349320,134218240,134217736,512,0,134348808,134218248,131072,134217728,134349320,8,131592,131584,134217736,134348800,134218248,520,134348800,131592,8,134348808,131584],s=[8396801,8321,8321,128,8396928,8388737,8388609,8193,0,8396800,8396800,8396929,129,0,8388736,8388609,1,8192,8388608,8396801,128,8388608,8193,8320,8388737,1,8320,8388736,8192,8396928,8396929,129,8388736,8388609,8396800,8396929,129,0,0,8396800,8320,8388736,8388737,1,8396801,8321,8321,128,8396929,129,1,8192,8388609,8193,8396928,8388737,8193,8320,8388608,8396801,128,8388608,8192,8396928],o=[256,34078976,34078720,1107296512,524288,256,1073741824,34078720,1074266368,524288,33554688,1074266368,1107296512,1107820544,524544,1073741824,33554432,1074266112,1074266112,0,1073742080,1107820800,1107820800,33554688,1107820544,1073742080,0,1107296256,34078976,33554432,1107296256,524544,524288,1107296512,256,33554432,1073741824,34078720,1107296512,1074266368,33554688,1073741824,1107820544,34078976,1074266368,256,33554432,1107820544,1107820800,524544,1107296256,1107820800,34078720,0,1074266112,1107296256,524544,33554688,1073742080,524288,0,1074266112,34078976,1073742080],u=[536870928,541065216,16384,541081616,541065216,16,541081616,4194304,536887296,4210704,4194304,536870928,4194320,536887296,536870912,16400,0,4194320,536887312,16384,4210688,536887312,16,541065232,541065232,0,4210704,541081600,16400,4210688,541081600,536870912,536887296,16,541065232,4210688,541081616,4194304,16400,536870928,4194304,536887296,536870912,16400,536870928,541081616,4210688,541065216,4210704,541081600,0,541065232,16,16384,541065216,4210704,16384,4194320,536887312,0,541081600,536870912,4194320,536887312],a=[2097152,69206018,67110914,0,2048,67110914,2099202,69208064,69208066,2097152,0,67108866,2,67108864,69206018,2050,67110912,2099202,2097154,67110912,67108866,69206016,69208064,2097154,69206016,2048,2050,69208066,2099200,2,67108864,2099200,67108864,2099200,2097152,67110914,67110914,69206018,69206018,2,2097154,67108864,67110912,2097152,69208064,2050,2099202,69208064,2050,67108866,69208066,69206016,2099200,0,2,69208066,0,2099202,69206016,2048,67108866,67110912,2048,2097154],f=[268439616,4096,262144,268701760,268435456,268439616,64,268435456,262208,268697600,268701760,266240,268701696,266304,4096,64,268697600,268435520,268439552,4160,266240,262208,268697664,268701696,4160,0,0,268697664,268435520,268439552,266304,262144,266304,262144,268701696,4096,64,268697664,4096,266304,268439552,64,268435520,268697600,268697664,268435456,262144,268439616,0,268701760,262208,268435520,268697600,268439552,268439616,0,268701760,266240,266240,4160,4160,262208,268435456,268701696]}var r="des";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o4294967295*o)throw new Error("Derived key is too long.");var u=Math.ceil(i/o),a=i-(u-1)*o,f=e.hmac.create();f.start(s,t);var l="",c,h,p;for(var d=1;d<=u;++d){f.start(null,null),f.update(n),f.update(e.util.int32ToBytes(d)),c=p=f.digest().getBytes();for(var v=2;v<=r;++v)f.start(null,null),f.update(p),h=f.digest().getBytes(),c=e.util.xorBytes(c,h,o),p=h;l+=d=32)return f(),e();var t=32-n.pools[0].messageLength<<5;n.seedFile(t,function(t,r){if(t)return e(t);n.collect(r),f(),e()})}function a(){if(n.pools[0].messageLength>=32)return f();var e=32-n.pools[0].messageLength<<5;n.collect(n.seedFileSync(e)),f()}function f(){var e=n.plugin.md.create();e.update(n.pools[0].digest().getBytes()),n.pools[0].start();var t=1;for(var r=1;r<32;++r)t=t===31?2147483648:t<<2,t%n.reseeds===0&&(e.update(n.pools[r].digest().getBytes()),n.pools[r].start());var i=e.digest().getBytes();e.start(),e.update(i);var s=e.digest().getBytes();n.key=n.plugin.formatKey(i),n.seed=n.plugin.formatSeed(s),n.reseeds=n.reseeds===4294967295?0:n.reseeds+1,n.generated=0}function l(t){var n=null;if(typeof window!="undefined"){var r=window.crypto||window.msCrypto;r&&r.getRandomValues&&(n=function(e){return r.getRandomValues(e)})}var i=e.util.createBuffer();if(n)while(i.length()>16),l+=(f&32767)<<16,l+=f>>15,l=(l&2147483647)+(l>>31),h=l&4294967295;for(var u=0;u<3;++u)c=h>>>(u<<3),c^=Math.floor(Math.random()*256),i.putByte(String.fromCharCode(c&255))}}return i.getBytes(t)}var n={plugin:t,key:null,seed:null,time:null,reseeds:0,generated:0},i=t.md,s=new Array(32);for(var o=0;o<32;++o)s[o]=i.create();return n.pools=s,n.pool=0,n.generate=function(t,r){function l(c){if(c)return r(c);if(f.length()>=t)return r(null,f.getBytes(t));n.generated>1048575&&(n.key=null);if(n.key===null)return e.util.nextTick(function(){u(l)});var h=i(n.key,n.seed);n.generated+=h.length,f.putBytes(h),n.key=o(i(n.key,s(n.seed))),n.seed=a(i(n.key,n.seed)),e.util.setImmediate(l)}if(!r)return n.generateSync(t);var i=n.plugin.cipher,s=n.plugin.increment,o=n.plugin.formatKey,a=n.plugin.formatSeed,f=e.util.createBuffer();n.key=null,l()},n.generateSync=function(t){var r=n.plugin.cipher,i=n.plugin.increment,s=n.plugin.formatKey,o=n.plugin.formatSeed;n.key=null;var u=e.util.createBuffer();while(u.length()1048575&&(n.key=null),n.key===null&&a();var f=r(n.key,n.seed);n.generated+=f.length,u.putBytes(f),n.key=s(r(n.key,i(n.seed))),n.seed=o(r(n.key,n.seed))}return u.getBytes(t)},r?(n.seedFile=function(e,t){r.randomBytes(e,function(e,n){if(e)return t(e);t(null,n.toString())})},n.seedFileSync=function(e){return r.randomBytes(e).toString()}):(n.seedFile=function(e,t){try{t(null,l(e))}catch(n){t(n)}},n.seedFileSync=l),n.collect=function(e){var t=e.length;for(var r=0;r>i&255);n.collect(r)},n.registerWorker=function(e){if(e===self)n.seedFile=function(e,t){function n(e){var r=e.data;r.forge&&r.forge.prng&&(self.removeEventListener("message",n),t(r.forge.prng.err,r.forge.prng.bytes))}self.addEventListener("message",n),self.postMessage({forge:{prng:{needed:e}}})};else{var t=function(t){var r=t.data;r.forge&&r.forge.prng&&n.seedFile(r.forge.prng.needed,function(t,n){e.postMessage({forge:{prng:{err:t,bytes:n}}})})};e.addEventListener("message",t)}},n}}var r="prng";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o>16-t},i=function(e,t){return(e&65535)>>t|e<<16-t&65535};e.rc2=e.rc2||{},e.rc2.expandKey=function(n,r){typeof n=="string"&&(n=e.util.createBuffer(n)),r=r||128;var i=n,s=n.length(),o=r,u=Math.ceil(o/8),a=255>>(o&7),f;for(f=s;f<128;f++)i.putByte(t[i.at(f-1)+i.at(f-s)&255]);i.setAt(128-u,t[i.at(128-u)&a]);for(f=127-u;f>=0;f--)i.setAt(f,t[i.at(f+1)^i.at(f+u)]);return i};var s=function(t,s,o){var u=!1,a=null,f=null,l=null,c,h,p,d,v=[];t=e.rc2.expandKey(t,s);for(p=0;p<64;p++)v.push(t.getInt16Le());o?(c=function(e){for(p=0;p<4;p++)e[p]+=v[d]+(e[(p+3)%4]&e[(p+2)%4])+(~e[(p+3)%4]&e[(p+1)%4]),e[p]=r(e[p],n[p]),d++},h=function(e){for(p=0;p<4;p++)e[p]+=v[e[(p+3)%4]&63]}):(c=function(e){for(p=3;p>=0;p--)e[p]=i(e[p],n[p]),e[p]-=v[d]+(e[(p+3)%4]&e[(p+2)%4])+(~e[(p+3)%4]&e[(p+1)%4]),d--},h=function(e){for(p=3;p>=0;p--)e[p]-=v[e[(p+3)%4]&63]});var m=function(e){var t=[];for(p=0;p<4;p++){var n=a.getInt16Le();l!==null&&(o?n^=l.getInt16Le():l.putInt16Le(n)),t.push(n&65535)}d=o?0:63;for(var r=0;r=8)m([[5,c],[1,h],[6,c],[1,h],[5,c]])},finish:function(e){var t=!0;if(o)if(e)t=e(8,a,!o);else{var n=a.length()===8?8:8-a.length();a.fillWithByte(n,n)}t&&(u=!0,g.update());if(!o){t=a.length()===0;if(t)if(e)t=e(8,f,!o);else{var r=f.length(),i=f.at(r-1);i>r?t=!1:f.truncate(i)}}return t}},g};e.rc2.startEncrypting=function(t,n,r){var i=e.rc2.createEncryptionCipher(t,128);return i.start(n,r),i},e.rc2.createEncryptionCipher=function(e,t){return s(e,t,!0)},e.rc2.startDecrypting=function(t,n,r){var i=e.rc2.createDecryptionCipher(t,128);return i.start(n,r),i},e.rc2.createDecryptionCipher=function(e,t){return s(e,t,!1)}}var r="rc2";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=0){var o=t*this.data[e++]+n.data[r]+i;i=Math.floor(o/67108864),n.data[r++]=o&67108863}return i}function u(e,t,n,r,i,s){var o=t&32767,u=t>>15;while(--s>=0){var a=this.data[e]&32767,f=this.data[e++]>>15,l=u*a+f*o;a=o*a+((l&32767)<<15)+n.data[r]+(i&1073741823),i=(a>>>30)+(l>>>15)+u*f+(i>>>30),n.data[r++]=a&1073741823}return i}function a(e,t,n,r,i,s){var o=t&16383,u=t>>14;while(--s>=0){var a=this.data[e]&16383,f=this.data[e++]>>14,l=u*a+f*o;a=o*a+((l&16383)<<14)+n.data[r]+i,i=(a>>28)+(l>>14)+u*f,n.data[r++]=a&268435455}return i}function d(e){return l.charAt(e)}function v(e,t){var n=c[e.charCodeAt(t)];return n==null?-1:n}function m(e){for(var t=this.t-1;t>=0;--t)e.data[t]=this.data[t];e.t=this.t,e.s=this.s}function g(e){this.t=1,this.s=e<0?-1:0,e>0?this.data[0]=e:e<-1?this.data[0]=e+this.DV:this.t=0}function y(e){var t=s();return t.fromInt(e),t}function b(e,t){var n;if(t==16)n=4;else if(t==8)n=3;else if(t==256)n=8;else if(t==2)n=1;else if(t==32)n=5;else{if(t!=4){this.fromRadix(e,t);return}n=2}this.t=0,this.s=0;var r=e.length,s=!1,o=0;while(--r>=0){var u=n==8?e[r]&255:v(e,r);if(u<0){e.charAt(r)=="-"&&(s=!0);continue}s=!1,o==0?this.data[this.t++]=u:o+n>this.DB?(this.data[this.t-1]|=(u&(1<>this.DB-o):this.data[this.t-1]|=u<=this.DB&&(o-=this.DB)}n==8&&(e[0]&128)!=0&&(this.s=-1,o>0&&(this.data[this.t-1]|=(1<0&&this.data[this.t-1]==e)--this.t}function E(e){if(this.s<0)return"-"+this.negate().toString(e);var t;if(e==16)t=4;else if(e==8)t=3;else if(e==2)t=1;else if(e==32)t=5;else{if(e!=4)return this.toRadix(e);t=2}var n=(1<0){u>u)>0&&(i=!0,s=d(r));while(o>=0)u>(u+=this.DB-t)):(r=this.data[o]>>(u-=t)&n,u<=0&&(u+=this.DB,--o)),r>0&&(i=!0),i&&(s+=d(r))}return i?s:"0"}function S(){var e=s();return i.ZERO.subTo(this,e),e}function x(){return this.s<0?this.negate():this}function T(e){var t=this.s-e.s;if(t!=0)return t;var n=this.t;t=n-e.t;if(t!=0)return this.s<0?-t:t;while(--n>=0)if((t=this.data[n]-e.data[n])!=0)return t;return 0}function N(e){var t=1,n;return(n=e>>>16)!=0&&(e=n,t+=16),(n=e>>8)!=0&&(e=n,t+=8),(n=e>>4)!=0&&(e=n,t+=4),(n=e>>2)!=0&&(e=n,t+=2),(n=e>>1)!=0&&(e=n,t+=1),t}function C(){return this.t<=0?0:this.DB*(this.t-1)+N(this.data[this.t-1]^this.s&this.DM)}function k(e,t){var n;for(n=this.t-1;n>=0;--n)t.data[n+e]=this.data[n];for(n=e-1;n>=0;--n)t.data[n]=0;t.t=this.t+e,t.s=this.s}function L(e,t){for(var n=e;n=0;--u)t.data[u+s+1]=this.data[u]>>r|o,o=(this.data[u]&i)<=0;--u)t.data[u]=0;t.data[s]=o,t.t=this.t+s+1,t.s=this.s,t.clamp()}function O(e,t){t.s=this.s;var n=Math.floor(e/this.DB);if(n>=this.t){t.t=0;return}var r=e%this.DB,i=this.DB-r,s=(1<>r;for(var o=n+1;o>r;r>0&&(t.data[this.t-n-1]|=(this.s&s)<>=this.DB;if(e.t>=this.DB;r+=this.s}else{r+=this.s;while(n>=this.DB;r-=e.s}t.s=r<0?-1:0,r<-1?t.data[n++]=this.DV+r:r>0&&(t.data[n++]=r),t.t=n,t.clamp()}function _(e,t){var n=this.abs(),r=e.abs(),s=n.t;t.t=s+r.t;while(--s>=0)t.data[s]=0;for(s=0;s=0)e.data[n]=0;for(n=0;n=t.DV&&(e.data[n+t.t]-=t.DV,e.data[n+t.t+1]=1)}e.t>0&&(e.data[e.t-1]+=t.am(n,t.data[n],e,2*n,0,1)),e.s=0,e.clamp()}function P(e,t,n){var r=e.abs();if(r.t<=0)return;var o=this.abs();if(o.t0?(r.lShiftTo(l,u),o.lShiftTo(l,n)):(r.copyTo(u),o.copyTo(n));var c=u.t,h=u.data[c-1];if(h==0)return;var p=h*(1<1?u.data[c-2]>>this.F2:0),d=this.FV/p,v=(1<=0&&(n.data[n.t++]=1,n.subTo(b,n)),i.ONE.dlShiftTo(c,b),b.subTo(u,u);while(u.t=0){var w=n.data[--g]==h?this.DM:Math.floor(n.data[g]*d+(n.data[g-1]+m)*v);if((n.data[g]+=u.am(0,w,n,y,0,c))0&&n.rShiftTo(l,n),a<0&&i.ZERO.subTo(n,n)}function H(e){var t=s();return this.abs().divRemTo(e,null,t),this.s<0&&t.compareTo(i.ZERO)>0&&e.subTo(t,t),t}function B(e){this.m=e}function j(e){return e.s<0||e.compareTo(this.m)>=0?e.mod(this.m):e}function F(e){return e}function I(e){e.divRemTo(this.m,null,e)}function q(e,t,n){e.multiplyTo(t,n),this.reduce(n)}function R(e,t){e.squareTo(t),this.reduce(t)}function U(){if(this.t<1)return 0;var e=this.data[0];if((e&1)==0)return 0;var t=e&3;return t=t*(2-(e&15)*t)&15,t=t*(2-(e&255)*t)&255,t=t*(2-((e&65535)*t&65535))&65535,t=t*(2-e*t%this.DV)%this.DV,t>0?this.DV-t:-t}function z(e){this.m=e,this.mp=e.invDigit(),this.mpl=this.mp&32767,this.mph=this.mp>>15,this.um=(1<0&&this.m.subTo(t,t),t}function X(e){var t=s();return e.copyTo(t),this.reduce(t),t}function V(e){while(e.t<=this.mt2)e.data[e.t++]=0;for(var t=0;t>15)*this.mpl&this.um)<<15)&e.DM;n=t+this.m.t,e.data[n]+=this.m.am(0,r,e,t,0,this.m.t);while(e.data[n]>=e.DV)e.data[n]-=e.DV,e.data[++n]++}e.clamp(),e.drShiftTo(this.m.t,e),e.compareTo(this.m)>=0&&e.subTo(this.m,e)}function $(e,t){e.squareTo(t),this.reduce(t)}function J(e,t,n){e.multiplyTo(t,n),this.reduce(n)}function K(){return(this.t>0?this.data[0]&1:this.s)==0}function Q(e,t){if(e>4294967295||e<1)return i.ONE;var n=s(),r=s(),o=t.convert(this),u=N(e)-1;o.copyTo(n);while(--u>=0){t.sqrTo(n,r);if((e&1<0)t.mulTo(r,o,n);else{var a=n;n=r,r=a}}return t.revert(n)}function G(e,t){var n;return e<256||t.isEven()?n=new B(t):n=new z(t),this.exp(e,n)}function Y(){var e=s();return this.copyTo(e),e}function Z(){if(this.s<0){if(this.t==1)return this.data[0]-this.DV;if(this.t==0)return-1}else{if(this.t==1)return this.data[0];if(this.t==0)return 0}return(this.data[1]&(1<<32-this.DB)-1)<>24}function tt(){return this.t==0?this.s:this.data[0]<<16>>16}function nt(e){return Math.floor(Math.LN2*this.DB/Math.log(e))}function rt(){return this.s<0?-1:this.t<=0||this.t==1&&this.data[0]<=0?0:1}function it(e){e==null&&(e=10);if(this.signum()==0||e<2||e>36)return"0";var t=this.chunkSize(e),n=Math.pow(e,t),r=y(n),i=s(),o=s(),u="";this.divRemTo(r,i,o);while(i.signum()>0)u=(n+o.intValue()).toString(e).substr(1)+u,i.divRemTo(r,i,o);return o.intValue().toString(e)+u}function st(e,t){this.fromInt(0),t==null&&(t=10);var n=this.chunkSize(t),r=Math.pow(t,n),s=!1,o=0,u=0;for(var a=0;a=n&&(this.dMultiply(r),this.dAddOffset(u,0),o=0,u=0)}o>0&&(this.dMultiply(Math.pow(t,o)),this.dAddOffset(u,0)),s&&i.ZERO.subTo(this,this)}function ot(e,t,n){if("number"==typeof t)if(e<2)this.fromInt(1);else{this.fromNumber(e,n),this.testBit(e-1)||this.bitwiseTo(i.ONE.shiftLeft(e-1),dt,this),this.isEven()&&this.dAddOffset(1,0);while(!this.isProbablePrime(t))this.dAddOffset(2,0),this.bitLength()>e&&this.subTo(i.ONE.shiftLeft(e-1),this)}else{var r=new Array,s=e&7;r.length=(e>>3)+1,t.nextBytes(r),s>0?r[0]&=(1<0){n>n)!=(this.s&this.DM)>>n&&(t[i++]=r|this.s<=0){n<8?(r=(this.data[e]&(1<>(n+=this.DB-8)):(r=this.data[e]>>(n-=8)&255,n<=0&&(n+=this.DB,--e)),(r&128)!=0&&(r|=-256),i==0&&(this.s&128)!=(r&128)&&++i;if(i>0||r!=this.s)t[i++]=r}}return t}function at(e){return this.compareTo(e)==0}function ft(e){return this.compareTo(e)<0?this:e}function lt(e){return this.compareTo(e)>0?this:e}function ct(e,t,n){var r,i,s=Math.min(e.t,this.t);for(r=0;r>=16,t+=16),(e&255)==0&&(e>>=8,t+=8),(e&15)==0&&(e>>=4,t+=4),(e&3)==0&&(e>>=2,t+=2),(e&1)==0&&++t,t}function Tt(){for(var e=0;e=this.t?this.s!=0:(this.data[t]&1<>=this.DB;if(e.t>=this.DB;r+=this.s}else{r+=this.s;while(n>=this.DB;r+=e.s}t.s=r<0?-1:0,r>0?t.data[n++]=r:r<-1&&(t.data[n++]=this.DV+r),t.t=n,t.clamp()}function Dt(e){var t=s();return this.addTo(e,t),t}function Pt(e){var t=s();return this.subTo(e,t),t}function Ht(e){var t=s();return this.multiplyTo(e,t),t}function Bt(e){var t=s();return this.divRemTo(e,t,null),t}function jt(e){var t=s();return this.divRemTo(e,null,t),t}function Ft(e){var t=s(),n=s();return this.divRemTo(e,t,n),new Array(t,n)}function It(e){this.data[this.t]=this.am(0,e-1,this,0,0,this.t),++this.t,this.clamp()}function qt(e,t){if(e==0)return;while(this.t<=t)this.data[this.t++]=0;this.data[t]+=e;while(this.data[t]>=this.DV)this.data[t]-=this.DV,++t>=this.t&&(this.data[this.t++]=0),++this.data[t]}function Rt(){}function Ut(e){return e}function zt(e,t,n){e.multiplyTo(t,n)}function Wt(e,t){e.squareTo(t)}function Xt(e){return this.exp(e,new Rt)}function Vt(e,t,n){var r=Math.min(this.t+e.t,t);n.s=0,n.t=r;while(r>0)n.data[--r]=0;var i;for(i=n.t-this.t;r=0)n.data[r]=0;for(r=Math.max(t-this.t,0);r2*this.m.t)return e.mod(this.m);if(e.compareTo(this.m)<0)return e;var t=s();return e.copyTo(t),this.reduce(t),t}function Qt(e){return e}function Gt(e){e.drShiftTo(this.m.t-1,this.r2),e.t>this.m.t+1&&(e.t=this.m.t+1,e.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);while(e.compareTo(this.r2)<0)e.dAddOffset(1,this.m.t+1);e.subTo(this.r2,e);while(e.compareTo(this.m)>=0)e.subTo(this.m,e)}function Yt(e,t){e.squareTo(t),this.reduce(t)}function Zt(e,t,n){e.multiplyTo(t,n),this.reduce(n)}function en(e,t){var n=e.bitLength(),r,i=y(1),o;if(n<=0)return i;n<18?r=1:n<48?r=3:n<144?r=4:n<768?r=5:r=6,n<8?o=new B(t):t.isEven()?o=new Jt(t):o=new z(t);var u=new Array,a=3,f=r-1,l=(1<1){var c=s();o.sqrTo(u[1],c);while(a<=l)u[a]=s(),o.mulTo(c,u[a-2],u[a]),a+=2}var h=e.t-1,p,d=!0,v=s(),m;n=N(e.data[h])-1;while(h>=0){n>=f?p=e.data[h]>>n-f&l:(p=(e.data[h]&(1<0&&(p|=e.data[h-1]>>this.DB+n-f)),a=r;while((p&1)==0)p>>=1,--a;(n-=a)<0&&(n+=this.DB,--h);if(d)u[p].copyTo(i),d=!1;else{while(a>1)o.sqrTo(i,v),o.sqrTo(v,i),a-=2;a>0?o.sqrTo(i,v):(m=i,i=v,v=m),o.mulTo(v,u[p],i)}while(h>=0&&(e.data[h]&1<0&&(t.rShiftTo(s,t),n.rShiftTo(s,n));while(t.signum()>0)(i=t.getLowestSetBit())>0&&t.rShiftTo(i,t),(i=n.getLowestSetBit())>0&&n.rShiftTo(i,n),t.compareTo(n)>=0?(t.subTo(n,t),t.rShiftTo(1,t)):(n.subTo(t,n),n.rShiftTo(1,n));return s>0&&n.lShiftTo(s,n),n}function nn(e){if(e<=0)return 0;var t=this.DV%e,n=this.s<0?e-1:0;if(this.t>0)if(t==0)n=this.data[0]%e;else for(var r=this.t-1;r>=0;--r)n=(t*n+this.data[r])%e;return n}function rn(e){var t=e.isEven();if(this.isEven()&&t||e.signum()==0)return i.ZERO;var n=e.clone(),r=this.clone(),s=y(1),o=y(0),u=y(0),a=y(1);while(n.signum()!=0){while(n.isEven()){n.rShiftTo(1,n);if(t){if(!s.isEven()||!o.isEven())s.addTo(this,s),o.subTo(e,o);s.rShiftTo(1,s)}else o.isEven()||o.subTo(e,o);o.rShiftTo(1,o)}while(r.isEven()){r.rShiftTo(1,r);if(t){if(!u.isEven()||!a.isEven())u.addTo(this,u),a.subTo(e,a);u.rShiftTo(1,u)}else a.isEven()||a.subTo(e,a);a.rShiftTo(1,a)}n.compareTo(r)>=0?(n.subTo(r,n),t&&s.subTo(u,s),o.subTo(a,o)):(r.subTo(n,r),t&&u.subTo(s,u),a.subTo(o,a))}return r.compareTo(i.ONE)!=0?i.ZERO:a.compareTo(e)>=0?a.subtract(e):a.signum()<0?(a.addTo(e,a),a.signum()<0?a.add(e):a):a}function un(e){var t,n=this.abs();if(n.t==1&&n.data[0]<=sn[sn.length-1]){for(t=0;t=0);var a=o.modPow(r,this);if(a.compareTo(i.ONE)!=0&&a.compareTo(t)!=0){var f=1;while(f++>24&255,o>>16&255,o>>8&255,o&255);r.start(),r.update(t+u),i+=r.digest().getBytes()}return i.substring(0,n)}var t=e.pkcs1=e.pkcs1||{};t.encode_rsa_oaep=function(t,r,i){var s,o,u,a;typeof i=="string"?(s=i,o=arguments[3]||undefined,u=arguments[4]||undefined):i&&(s=i.label||undefined,o=i.seed||undefined,u=i.md||undefined,i.mgf1&&i.mgf1.md&&(a=i.mgf1.md)),u?u.start():u=e.md.sha1.create(),a||(a=u);var f=Math.ceil(t.n.bitLength()/8),l=f-2*u.digestLength-2;if(r.length>l){var c=new Error("RSAES-OAEP input message length is too long.");throw c.length=r.length,c.maxLength=l,c}s||(s=""),u.update(s,"raw");var h=u.digest(),p="",d=l-r.length;for(var v=0;vt&&(o=f(t,n));if(o.isProbablePrime(c))return s(null,o);o.dAddOffset(r[a++%8],0)}while(h<0||+(new Date)-pt&&(o=f(t,r));var d=o.toString(16);i.target.postMessage({hex:d,workLoad:l}),o.dAddOffset(c,0)}a=Math.max(1,a);var e=[];for(var i=0;is-11){var o=new Error("Message is too long for PKCS#1 v1.5 padding.");throw o.length=t.length,o.max=s-11,o}i.putByte(0),i.putByte(r);var u=s-3-t.length,a;if(r===0||r===1){a=r===0?0:255;for(var f=0;f0){var l=0,c=e.random.getBytes(u);for(var f=0;f1){if(o.getByte()!==255){--o.read;break}++f}}else if(a===2){f=0;while(o.length()>1){if(o.getByte()===0){--o.read;break}++f}}var c=o.getByte();if(c!==0||f!==s-3-o.length())throw new Error("Encryption block is invalid.");return o.getBytes()}function p(n,i,s){function u(){a(n.pBits,function(e,t){if(e)return s(e);n.p=t;if(n.q!==null)return f(e,n.q);a(n.qBits,f)})}function a(t,n){e.prime.generateProbablePrime(t,o,n)}function f(e,i){if(e)return s(e);n.q=i;if(n.p.compareTo(n.q)<0){var o=n.p;n.p=n.q,n.q=o}if(n.p.subtract(t.ONE).gcd(n.e).compareTo(t.ONE)!==0){n.p=null,u();return}if(n.q.subtract(t.ONE).gcd(n.e).compareTo(t.ONE)!==0){n.q=null,a(n.qBits,f);return}n.p1=n.p.subtract(t.ONE),n.q1=n.q.subtract(t.ONE),n.phi=n.p1.multiply(n.q1);if(n.phi.gcd(n.e).compareTo(t.ONE)!==0){n.p=n.q=null,u();return}n.n=n.p.multiply(n.q);if(n.n.bitLength()!==n.bits){n.q=null,a(n.qBits,f);return}var l=n.e.modInverse(n.phi);n.keys={privateKey:r.rsa.setPrivateKey(n.n,n.e,l,n.p,n.q,l.mod(n.p1),l.mod(n.q1),n.q.modInverse(n.p)),publicKey:r.rsa.setPublicKey(n.n,n.e)},s(null,n.keys)}typeof i=="function"&&(s=i,i={}),i=i||{};var o={algorithm:{name:i.algorithm||"PRIMEINC",options:{workers:i.workers||2,workLoad:i.workLoad||100,workerScript:i.workerScript}}};"prng"in i&&(o.prng=i.prng),u()}function d(t){var n=t.toString(16);return n[0]>="8"&&(n="00"+n),e.util.hexToBytes(n)}function v(e){return e<=100?27:e<=150?18:e<=200?15:e<=250?12:e<=300?9:e<=350?8:e<=400?7:e<=500?6:e<=600?5:e<=800?4:e<=1250?3:2}if(typeof t=="undefined")var t=e.jsbn.BigInteger;var n=e.asn1;e.pki=e.pki||{},e.pki.rsa=e.rsa=e.rsa||{};var r=e.pki,i=[6,4,2,4,2,4,6,2],s={name:"PrivateKeyInfo",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,value:[{name:"PrivateKeyInfo.version",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"PrivateKeyInfo.privateKeyAlgorithm",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:n.Class.UNIVERSAL,type:n.Type.OID,constructed:!1,capture:"privateKeyOid"}]},{name:"PrivateKeyInfo",tagClass:n.Class.UNIVERSAL,type:n.Type.OCTETSTRING,constructed:!1,capture:"privateKey"}]},o={name:"RSAPrivateKey",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPrivateKey.version",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyVersion"},{name:"RSAPrivateKey.modulus",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyModulus"},{name:"RSAPrivateKey.publicExponent",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyPublicExponent"},{name:"RSAPrivateKey.privateExponent",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyPrivateExponent"},{name:"RSAPrivateKey.prime1",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyPrime1"},{name:"RSAPrivateKey.prime2",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyPrime2"},{name:"RSAPrivateKey.exponent1",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyExponent1"},{name:"RSAPrivateKey.exponent2",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyExponent2"},{name:"RSAPrivateKey.coefficient",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"privateKeyCoefficient"}]},u={name:"RSAPublicKey",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,value:[{name:"RSAPublicKey.modulus",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"publicKeyModulus"},{name:"RSAPublicKey.exponent",tagClass:n.Class.UNIVERSAL,type:n.Type.INTEGER,constructed:!1,capture:"publicKeyExponent"}]},a=e.pki.rsa.publicKeyValidator={name:"SubjectPublicKeyInfo",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,captureAsn1:"subjectPublicKeyInfo",value:[{name:"SubjectPublicKeyInfo.AlgorithmIdentifier",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,value:[{name:"AlgorithmIdentifier.algorithm",tagClass:n.Class.UNIVERSAL,type:n.Type.OID,constructed:!1,capture:"publicKeyOid"}]},{name:"SubjectPublicKeyInfo.subjectPublicKey",tagClass:n.Class.UNIVERSAL,type:n.Type.BITSTRING,constructed:!1,value:[{name:"SubjectPublicKeyInfo.subjectPublicKey.RSAPublicKey",tagClass:n.Class.UNIVERSAL,type:n.Type.SEQUENCE,constructed:!0,optional:!0,captureAsn1:"rsaPublicKey"}]}]},f=function(e){var t;if(e.algorithm in r.oids){t=r.oids[e.algorithm];var s=n.oidToDer(t).getBytes(),o=n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[]),u=n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[]);u.value.push(n.create(n.Class.UNIVERSAL,n.Type.OID,!1,s)),u.value.push(n.create(n.Class.UNIVERSAL,n.Type.NULL,!1,""));var a=n.create(n.Class.UNIVERSAL,n.Type.OCTETSTRING,!1,e.digest().getBytes());return o.value.push(u),o.value.push(a),n.toDer(o).getBytes()}var i=new Error("Unknown message digest algorithm.");throw i.algorithm=e.algorithm,i},l=function(n,r,i){if(i)return n.modPow(r.e,r.n);if(!r.p||!r.q)return n.modPow(r.d,r.n);r.dP||(r.dP=r.d.mod(r.p.subtract(t.ONE))),r.dQ||(r.dQ=r.d.mod(r.q.subtract(t.ONE))),r.qInv||(r.qInv=r.q.modInverse(r.p));var s;do s=(new t(e.util.bytesToHex(e.random.getBytes(r.n.bitLength()/8)),16)).mod(r.n);while(s.equals(t.ZERO));n=n.multiply(s.modPow(r.e,r.n)).mod(r.n);var o=n.mod(r.p).modPow(r.dP,r.p),u=n.mod(r.q).modPow(r.dQ,r.q);while(o.compareTo(u)<0)o=o.add(r.p);var a=o.subtract(u).multiply(r.qInv).mod(r.p).multiply(r.q).add(u);return a=a.multiply(s.modInverse(r.n)).mod(r.n),a};r.rsa.encrypt=function(n,r,i){var s=i,o,u=Math.ceil(r.n.bitLength()/8);i!==!1&&i!==!0?(s=i===2,o=c(n,r,i)):(o=e.util.createBuffer(),o.putBytes(n));var a=new t(o.toHex(),16),f=l(a,r,s),h=f.toString(16),p=e.util.createBuffer(),d=u-Math.ceil(h.length/2);while(d>0)p.putByte(0),--d;return p.putBytes(e.util.hexToBytes(h)),p.getBytes()},r.rsa.decrypt=function(n,r,i,s){var o=Math.ceil(r.n.bitLength()/8);if(n.length!==o){var u=new Error("Encrypted message length is invalid.");throw u.length=n.length,u.expected=o,u}var a=new t(e.util.createBuffer(n).toHex(),16);if(a.compareTo(r.n)>=0)throw new Error("Encrypted message is invalid.");var f=l(a,r,i),c=f.toString(16),p=e.util.createBuffer(),d=o-Math.ceil(c.length/2);while(d>0)p.putByte(0),--d;return p.putBytes(e.util.hexToBytes(c)),s!==!1?h(p.getBytes(),r,i):p.getBytes()},r.rsa.createKeyPairGenerationState=function(n,r,i){typeof n=="string"&&(n=parseInt(n,10)),n=n||2048,i=i||{};var s=i.prng||e.random,o={nextBytes:function(e){var t=s.getBytesSync(e.length);for(var n=0;n>1,pBits:n-(n>>1),pqState:0,num:null,keys:null},a.e.fromInt(a.eInt),a},r.rsa.stepKeyPairGenerationState=function(e,n){"algorithm"in e||(e.algorithm="PRIMEINC");var s=new t(null);s.fromInt(30);var o=0,u=function(e,t){return e|t},a=+(new Date),f,l=0;while(e.keys===null&&(n<=0||lc?e.pqState=0:e.num.isProbablePrime(v(e.num.bitLength()))?++e.pqState:e.num.dAddOffset(i[o++%8],0):e.pqState===2?e.pqState=e.num.subtract(t.ONE).gcd(e.e).compareTo(t.ONE)===0?3:0:e.pqState===3&&(e.pqState=0,e.p===null?e.p=e.num:e.q=e.num,e.p!==null&&e.q!==null&&++e.state,e.num=null)}else if(e.state===1)e.p.compareTo(e.q)<0&&(e.num=e.p,e.p=e.q,e.q=e.num),++e.state;else if(e.state===2)e.p1=e.p.subtract(t.ONE),e.q1=e.q.subtract(t.ONE),e.phi=e.p1.multiply(e.q1),++e.state;else if(e.state===3)e.phi.gcd(e.e).compareTo(t.ONE)===0?++e.state:(e.p=null,e.q=null,e.state=0);else if(e.state===4)e.n=e.p.multiply(e.q),e.n.bitLength()===e.bits?++e.state:(e.q=null,e.state=0);else if(e.state===5){var p=e.e.modInverse(e.phi);e.keys={privateKey:r.rsa.setPrivateKey(e.n,e.e,p,e.p,e.q,p.mod(e.p1),p.mod(e.q1),e.q.modInverse(e.p)),publicKey:r.rsa.setPublicKey(e.n,e.e)}}f=+(new Date),l+=f-a,a=f}return e.keys!==null},r.rsa.generateKeyPair=function(e,t,n,i){arguments.length===1?typeof e=="object"?(n=e,e=undefined):typeof e=="function"&&(i=e,e=undefined):arguments.length===2?typeof e=="number"?typeof t=="function"?(i=t,t=undefined):typeof t!="number"&&(n=t,t=undefined):(n=e,i=t,e=undefined,t=undefined):arguments.length===3&&(typeof t=="number"?typeof n=="function"&&(i=n,n=undefined):(i=n,n=t,t=undefined)),n=n||{},e===undefined&&(e=n.bits||2048),t===undefined&&(t=n.e||65537);var s=r.rsa.createKeyPairGenerationState(e,t,n);if(!i)return r.rsa.stepKeyPairGenerationState(s,0),s.keys;p(s,n,i)},r.setRsaPublicKey=r.rsa.setPublicKey=function(t,i){var s={n:t,e:i};return s.encrypt=function(t,n,i){typeof n=="string"?n=n.toUpperCase():n===undefined&&(n="RSAES-PKCS1-V1_5");if(n==="RSAES-PKCS1-V1_5")n={encode:function(e,t,n){return c(e,t,2).getBytes()}};else if(n==="RSA-OAEP"||n==="RSAES-OAEP")n={encode:function(t,n){return e.pkcs1.encode_rsa_oaep(n,t,i)}};else if(["RAW","NONE","NULL",null].indexOf(n)!==-1)n={encode:function(e){return e}};else if(typeof n=="string")throw new Error('Unsupported encryption scheme: "'+n+'".');var o=n.encode(t,s,!0);return r.rsa.encrypt(o,s,!0)},s.verify=function(e,t,i){typeof i=="string"?i=i.toUpperCase():i===undefined&&(i="RSASSA-PKCS1-V1_5");if(i==="RSASSA-PKCS1-V1_5")i={verify:function(e,t){t=h(t,s,!0);var r=n.fromDer(t);return e===r.value[1].value}};else if(i==="NONE"||i==="NULL"||i===null)i={verify:function(e,t){return t=h(t,s,!0),e===t}};var o=r.rsa.decrypt(t,s,!0,!1);return i.verify(e,o,s.n.bitLength())},s},r.setRsaPrivateKey=r.rsa.setPrivateKey=function(t,n,i,s,o,u,a,l){var c={n:t,e:n,d:i,p:s,q:o,dP:u,dQ:a,qInv:l};return c.decrypt=function(t,n,i){typeof n=="string"?n=n.toUpperCase():n===undefined&&(n="RSAES-PKCS1-V1_5");var s=r.rsa.decrypt(t,c,!1,!1);if(n==="RSAES-PKCS1-V1_5")n={decode:h};else if(n==="RSA-OAEP"||n==="RSAES-OAEP")n={decode:function(t,n){return e.pkcs1.decode_rsa_oaep(n,t,i)}};else{if(["RAW","NONE","NULL",null].indexOf(n)===-1)throw new Error('Unsupported encryption scheme: "'+n+'".');n={decode:function(e){return e}}}return n.decode(s,c,!1)},c.sign=function(e,t){var n=!1;typeof t=="string"&&(t=t.toUpperCase());if(t===undefined||t==="RSASSA-PKCS1-V1_5")t={encode:f},n=1;else if(t==="NONE"||t==="NULL"||t===null)t={encode:function(){return e}},n=1;var i=t.encode(e,c.n.bitLength());return r.rsa.encrypt(i,c,n)},c},r.wrapRsaPrivateKey=function(e){return n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,n.integerToDer(0).getBytes()),n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.OID,!1,n.oidToDer(r.oids.rsaEncryption).getBytes()),n.create(n.Class.UNIVERSAL,n.Type.NULL,!1,"")]),n.create(n.Class.UNIVERSAL,n.Type.OCTETSTRING,!1,n.toDer(e).getBytes())])},r.privateKeyFromAsn1=function(i){var u={},a=[];n.validate(i,s,u,a)&&(i=n.fromDer(e.util.createBuffer(u.privateKey))),u={},a=[];if(!n.validate(i,o,u,a)){var f=new Error("Cannot read private key. ASN.1 object does not contain an RSAPrivateKey.");throw f.errors=a,f}var l,c,h,p,d,v,m,g;return l=e.util.createBuffer(u.privateKeyModulus).toHex(),c=e.util.createBuffer(u.privateKeyPublicExponent).toHex(),h=e.util.createBuffer(u.privateKeyPrivateExponent).toHex(),p=e.util.createBuffer(u.privateKeyPrime1).toHex(),d=e.util.createBuffer(u.privateKeyPrime2).toHex(),v=e.util.createBuffer(u.privateKeyExponent1).toHex(),m=e.util.createBuffer(u.privateKeyExponent2).toHex(),g=e.util.createBuffer(u.privateKeyCoefficient).toHex(),r.setRsaPrivateKey(new t(l,16),new t(c,16),new t(h,16),new t(p,16),new t(d,16),new t(v,16),new t(m,16),new t(g,16))},r.privateKeyToAsn1=r.privateKeyToRSAPrivateKey=function(e){return n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,n.integerToDer(0).getBytes()),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.n)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.e)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.d)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.p)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.q)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.dP)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.dQ)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.qInv))])},r.publicKeyFromAsn1=function(i){var s={},o=[];if(n.validate(i,a,s,o)){var f=n.derToOid(s.publicKeyOid);if(f!==r.oids.rsaEncryption){var l=new Error("Cannot read public key. Unknown OID.");throw l.oid=f,l}i=s.rsaPublicKey}o=[];if(!n.validate(i,u,s,o)){var l=new Error("Cannot read public key. ASN.1 object does not contain an RSAPublicKey.");throw l.errors=o,l}var c=e.util.createBuffer(s.publicKeyModulus).toHex(),h=e.util.createBuffer(s.publicKeyExponent).toHex();return r.setRsaPublicKey(new t(c,16),new t(h,16))},r.publicKeyToAsn1=r.publicKeyToSubjectPublicKeyInfo=function(e){return n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.OID,!1,n.oidToDer(r.oids.rsaEncryption).getBytes()),n.create(n.Class.UNIVERSAL,n.Type.NULL,!1,"")]),n.create(n.Class.UNIVERSAL,n.Type.BITSTRING,!1,[r.publicKeyToRSAPublicKey(e)])])},r.publicKeyToRSAPublicKey=function(e){return n.create(n.Class.UNIVERSAL,n.Type.SEQUENCE,!0,[n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.n)),n.create(n.Class.UNIVERSAL,n.Type.INTEGER,!1,d(e.e))])}}var r="rsa";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=0;a--)A>>=8,A+=N.at(a)+L.at(a),L.setAt(a,A&255);k.putBuffer(L)}w=k,c.putBuffer(x)}return c.truncate(c.length()-s),c},r.pbe.getCipher=function(e,t,n){switch(e){case r.oids.pkcs5PBES2:return r.pbe.getCipherForPBES2(e,t,n);case r.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:case r.oids["pbewithSHAAnd40BitRC2-CBC"]:return r.pbe.getCipherForPKCS12PBE(e,t,n);default:var i=new Error("Cannot read encrypted PBE data block. Unsupported OID.");throw i.oid=e,i.supportedOids=["pkcs5PBES2","pbeWithSHAAnd3-KeyTripleDES-CBC","pbewithSHAAnd40BitRC2-CBC"],i}},r.pbe.getCipherForPBES2=function(t,i,s){var u={},a=[];if(!n.validate(i,o,u,a)){var f=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw f.errors=a,f}t=n.derToOid(u.kdfOid);if(t!==r.oids.pkcs5PBKDF2){var f=new Error("Cannot read encrypted private key. Unsupported key derivation function OID.");throw f.oid=t,f.supportedOids=["pkcs5PBKDF2"],f}t=n.derToOid(u.encOid);if(t!==r.oids["aes128-CBC"]&&t!==r.oids["aes192-CBC"]&&t!==r.oids["aes256-CBC"]&&t!==r.oids["des-EDE3-CBC"]&&t!==r.oids.desCBC){var f=new Error("Cannot read encrypted private key. Unsupported encryption scheme OID.");throw f.oid=t,f.supportedOids=["aes128-CBC","aes192-CBC","aes256-CBC","des-EDE3-CBC","desCBC"],f}var l=u.kdfSalt,c=e.util.createBuffer(u.kdfIterationCount);c=c.getInt(c.length()<<3);var h,p;switch(r.oids[t]){case"aes128-CBC":h=16,p=e.aes.createDecryptionCipher;break;case"aes192-CBC":h=24,p=e.aes.createDecryptionCipher;break;case"aes256-CBC":h=32,p=e.aes.createDecryptionCipher;break;case"des-EDE3-CBC":h=24,p=e.des.createDecryptionCipher;break;case"desCBC":h=8,p=e.des.createDecryptionCipher}var d=e.pkcs5.pbkdf2(s,l,c,h),v=u.encIv,m=p(d);return m.start(v),m},r.pbe.getCipherForPKCS12PBE=function(t,i,s){var o={},a=[];if(!n.validate(i,u,o,a)){var f=new Error("Cannot read password-based-encryption algorithm parameters. ASN.1 object is not a supported EncryptedPrivateKeyInfo.");throw f.errors=a,f}var l=e.util.createBuffer(o.salt),c=e.util.createBuffer(o.iterations);c=c.getInt(c.length()<<3);var h,p,d;switch(t){case r.oids["pbeWithSHAAnd3-KeyTripleDES-CBC"]:h=24,p=8,d=e.des.startDecrypting;break;case r.oids["pbewithSHAAnd40BitRC2-CBC"]:h=5,p=8,d=function(t,n){var r=e.rc2.createDecryptionCipher(t,40);return r.start(n,null),r};break;default:var f=new Error("Cannot read PKCS #12 PBE data block. Unsupported OID.");throw f.oid=t,f}var v=r.pbe.generatePkcs12Key(s,l,1,c,h),m=r.pbe.generatePkcs12Key(s,l,2,c,p);return d(v,m)}}var r="pbe";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o>8*c-l&255;return w=String.fromCharCode(w.charCodeAt(0)&~E)+w.substr(1),w+v+String.fromCharCode(188)},a.verify=function(t,s,u){var a,f=u-1,l=Math.ceil(f/8);s=s.substr(-l);if(l>8*l-f&255;if((h.charCodeAt(0)&d)!==0)throw new Error("Bits beyond keysize not zero as expected.");var v=r.generate(p,c),m="";for(a=0;a1&&(c=l.value.charCodeAt(1),h=l.value.length>2?l.value.charCodeAt(2):0),s.digitalSignature=(c&128)===128,s.nonRepudiation=(c&64)===64,s.keyEncipherment=(c&32)===32,s.dataEncipherment=(c&16)===16,s.keyAgreement=(c&8)===8,s.keyCertSign=(c&4)===4,s.cRLSign=(c&2)===2,s.encipherOnly=(c&1)===1,s.decipherOnly=(h&128)===128}else if(s.name==="basicConstraints"){var l=t.fromDer(s.value);l.value.length>0&&l.value[0].type===t.Type.BOOLEAN?s.cA=l.value[0].value.charCodeAt(0)!==0:s.cA=!1;var p=null;l.value.length>0&&l.value[0].type===t.Type.INTEGER?p=l.value[0].value:l.value.length>1&&(p=l.value[1].value),p!==null&&(s.pathLenConstraint=t.derToInteger(p))}else if(s.name==="extKeyUsage"){var l=t.fromDer(s.value);for(var d=0;d1&&(c=l.value.charCodeAt(1)),s.client=(c&128)===128,s.server=(c&64)===64,s.email=(c&32)===32,s.objsign=(c&16)===16,s.reserved=(c&8)===8,s.sslCA=(c&4)===4,s.emailCA=(c&2)===2,s.objCA=(c&1)===1}else if(s.name==="subjectAltName"||s.name==="issuerAltName"){s.altNames=[];var m,l=t.fromDer(s.value);for(var g=0;g2)throw new Error("Cannot read notBefore/notAfter validity times; more than two times were provided in the certificate.");if(w.length<2)throw new Error("Cannot read notBefore/notAfter validity times; they were not provided as either UTCTime or GeneralizedTime.");g.validity.notBefore=w[0],g.validity.notAfter=w[1],g.tbsCertificate=u.tbsCertificate;if(s){g.md=null;if(g.signatureOid in r){var v=r[g.signatureOid];switch(v){case"sha1WithRSAEncryption":g.md=e.md.sha1.create();break;case"md5WithRSAEncryption":g.md=e.md.md5.create();break;case"sha256WithRSAEncryption":g.md=e.md.sha256.create();break;case"RSASSA-PSS":g.md=e.md.sha256.create()}}if(g.md===null){var f=new Error("Could not compute certificate digest. Unknown signature OID.");throw f.signatureOid=g.signatureOid,f}var E=t.toDer(g.tbsCertificate);g.md.update(E.getBytes())}var S=e.md.sha1.create();g.issuer.getField=function(e){return l(g.issuer,e)},g.issuer.addField=function(e){m([e]),g.issuer.attributes.push(e)},g.issuer.attributes=n.RDNAttributesAsArray(u.certIssuer,S),u.certIssuerUniqueId&&(g.issuer.uniqueId=u.certIssuerUniqueId),g.issuer.hash=S.digest().toHex();var x=e.md.sha1.create();return g.subject.getField=function(e){return l(g.subject,e)},g.subject.addField=function(e){m([e]),g.subject.attributes.push(e)},g.subject.attributes=n.RDNAttributesAsArray(u.certSubject,x),u.certSubjectUniqueId&&(g.subject.uniqueId=u.certSubjectUniqueId),g.subject.hash=x.digest().toHex(),u.certExtensions?g.extensions=c(u.certExtensions):g.extensions=[],g.publicKey=n.publicKeyFromAsn1(u.subjectPublicKeyInfo),g},n.certificationRequestFromAsn1=function(i,s){var o={},u=[];if(!t.validate(i,f,o,u)){var a=new Error("Cannot read PKCS#10 certificate request. ASN.1 object is not a PKCS#10 CertificationRequest.");throw a.errors=u,a}if(typeof o.csrSignature!="string"){var c="\0";for(var p=0;p0&&i.value.push(d(r.extensions)),i},n.getCertificationRequestInfo=function(e){var r=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.INTEGER,!1,t.integerToDer(e.version).getBytes()),p(e.subject),n.publicKeyToAsn1(e.publicKey),y(e)]);return r},n.distinguishedNameToAsn1=function(e){return p(e)},n.certificateToAsn1=function(e){var r=e.tbsCertificate||n.getTBSCertificate(e);return t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[r,t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(e.signatureOid).getBytes()),g(e.signatureOid,e.signatureParameters)]),t.create(t.Class.UNIVERSAL,t.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},n.certificationRequestToAsn1=function(e){var r=e.certificationRequestInfo||n.getCertificationRequestInfo(e);return t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[r,t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(e.signatureOid).getBytes()),g(e.signatureOid,e.signatureParameters)]),t.create(t.Class.UNIVERSAL,t.Type.BITSTRING,!1,String.fromCharCode(0)+e.signature)])},n.createCaStore=function(t){var r={certs:{}};r.getIssuer=function(t){var i=null;if(!t.issuer.hash){var s=e.md.sha1.create();t.issuer.attributes=n.RDNAttributesAsArray(p(t.issuer),s),t.issuer.hash=s.digest().toHex()}if(t.issuer.hash in r.certs){i=r.certs[t.issuer.hash];if(e.util.isArray(i))throw new Error("Resolving multiple issuer matches not implemented yet.")}return i},r.addCertificate=function(t){typeof t=="string"&&(t=e.pki.certificateFromPem(t));if(!t.subject.hash){var i=e.md.sha1.create();t.subject.attributes=n.RDNAttributesAsArray(p(t.subject),i),t.subject.hash=i.digest().toHex()}if(t.subject.hash in r.certs){var s=r.certs[t.subject.hash];e.util.isArray(s)||(s=[s]),s.push(t)}else r.certs[t.subject.hash]=t};if(t)for(var i=0;ic.validity.notAfter)a={message:"Certificate is not valid yet or has expired.",error:n.certificateError.certificate_expired,notBefore:c.validity.notBefore,notAfter:c.validity.notAfter,now:o};else{var h=!1;if(r.length>0){l=r[0];try{h=l.verify(c)}catch(p){}}else{var d=t.getIssuer(c);if(d===null)a={message:"Certificate is not trusted.",error:n.certificateError.unknown_ca};else{e.util.isArray(d)||(d=[d]);while(!h&&d.length>0){l=d.shift();try{h=l.verify(c)}catch(p){}}}}a===null&&!h&&(a={message:"Certificate signature is invalid.",error:n.certificateError.bad_certificate})}a===null&&!c.isIssuer(l)&&(a={message:"Certificate issuer is invalid.",error:n.certificateError.bad_certificate});if(a===null){var v={keyUsage:!0,basicConstraints:!0};for(var m=0;a===null&&mE&&(a={message:"Certificate basicConstraints pathLenConstraint violated.",error:n.certificateError.bad_certificate})}}var S=a===null?!0:a.error,x=i?i(S,f,s):S;if(x!==!0){S===!0&&(a={message:"The application rejected the certificate.",error:n.certificateError.bad_certificate});if(x||x===0)typeof x=="object"&&!e.util.isArray(x)?(x.message&&(a.message=x.message),x.error&&(a.error=x.error)):typeof x=="string"&&(a.error=x);throw a}a=null,u=!1,++f}while(r.length>0);return!0}}var r="x509";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=0&&i.push(u)}return i}function l(t){if(t.composed||t.constructed){var n=e.util.createBuffer();for(var r=0;r0&&(f=t.create(t.Class.UNIVERSAL,t.Type.SET,!0,h));var p=[],d=[];s!==null&&(e.util.isArray(s)?d=s:d=[s]);var v=[];for(var m=0;m0){var w=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,v),E=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.data).getBytes()),t.create(t.Class.CONTEXT_SPECIFIC,0,!0,[t.create(t.Class.UNIVERSAL,t.Type.OCTETSTRING,!1,t.toDer(w).getBytes())])]);p.push(E)}var S=null;if(i!==null){var x=n.wrapRsaPrivateKey(n.privateKeyToAsn1(i));o===null?S=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.keyBag).getBytes()),t.create(t.Class.CONTEXT_SPECIFIC,0,!0,[x]),f]):S=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.pkcs8ShroudedKeyBag).getBytes()),t.create(t.Class.CONTEXT_SPECIFIC,0,!0,[n.encryptPrivateKeyInfo(x,o,u)]),f]);var T=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[S]),N=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.data).getBytes()),t.create(t.Class.CONTEXT_SPECIFIC,0,!0,[t.create(t.Class.UNIVERSAL,t.Type.OCTETSTRING,!1,t.toDer(T).getBytes())])]);p.push(N)}var C=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,p),k;if(u.useMac){var c=e.md.sha1.create(),L=new e.util.ByteBuffer(e.random.getBytes(u.saltSize)),A=u.count,i=r.generateKey(o,L,3,A,20),O=e.hmac.create();O.start(c,i),O.update(t.toDer(C).getBytes());var M=O.getMac();k=t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.sha1).getBytes()),t.create(t.Class.UNIVERSAL,t.Type.NULL,!1,"")]),t.create(t.Class.UNIVERSAL,t.Type.OCTETSTRING,!1,M.getBytes())]),t.create(t.Class.UNIVERSAL,t.Type.OCTETSTRING,!1,L.getBytes()),t.create(t.Class.UNIVERSAL,t.Type.INTEGER,!1,t.integerToDer(A).getBytes())])}return t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.INTEGER,!1,t.integerToDer(3).getBytes()),t.create(t.Class.UNIVERSAL,t.Type.SEQUENCE,!0,[t.create(t.Class.UNIVERSAL,t.Type.OID,!1,t.oidToDer(n.oids.data).getBytes()),t.create(t.Class.CONTEXT_SPECIFIC,0,!0,[t.create(t.Class.UNIVERSAL,t.Type.OCTETSTRING,!1,t.toDer(C).getBytes())])]),k])},r.generateKey=e.pbe.generatePkcs12Key}var r="pkcs12";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o>1,u=o+(t.length&1),a=t.substr(0,u),f=t.substr(o,u),l=e.util.createBuffer(),c=e.hmac.create();r=n+r;var h=Math.ceil(i/16),p=Math.ceil(i/20);c.start("MD5",a);var d=e.util.createBuffer();l.putBytes(r);for(var v=0;v0&&(a.queue(e,a.createAlert(e,{level:a.Alert.Level.warning,description:a.Alert.Description.no_renegotiation})),a.flush(e)),e.process()},a.parseHelloMessage=function(t,n,r){var i=null,s=t.entity===a.ConnectionEnd.client;if(r<38)t.error(t,{message:s?"Invalid ServerHello message. Message too short.":"Invalid ClientHello message. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});else{var u=n.fragment,f=u.length();i={version:{major:u.getByte(),minor:u.getByte()},random:e.util.createBuffer(u.getBytes(32)),session_id:o(u,1),extensions:[]},s?(i.cipher_suite=u.getBytes(2),i.compression_method=u.getByte()):(i.cipher_suites=o(u,2),i.compression_methods=o(u,1)),f=r-(f-u.length());if(f>0){var l=o(u,2);while(l.length()>0)i.extensions.push({type:[l.getByte(),l.getByte()],data:o(l,2)});if(!s)for(var c=0;c0){var d=p.getByte();if(d!==0)break;t.session.extensions.server_name.serverNameList.push(o(p,2).getBytes())}}}}if(t.session.version)if(i.version.major!==t.session.version.major||i.version.minor!==t.session.version.minor)return t.error(t,{message:"TLS version change is disallowed during renegotiation.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}});if(s)t.session.cipherSuite=a.getCipherSuite(i.cipher_suite);else{var v=e.util.createBuffer(i.cipher_suites.bytes());while(v.length()>0){t.session.cipherSuite=a.getCipherSuite(v.getBytes(2));if(t.session.cipherSuite!==null)break}}if(t.session.cipherSuite===null)return t.error(t,{message:"No cipher suites in common.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.handshake_failure},cipherSuite:e.util.bytesToHex(i.cipher_suite)});s?t.session.compressionMethod=i.compression_method:t.session.compressionMethod=a.CompressionMethod.none}return i},a.createSecurityParameters=function(e,t){var n=e.entity===a.ConnectionEnd.client,r=t.random.bytes(),i=n?e.session.sp.client_random:r,s=n?r:a.createRandom().getBytes();e.session.sp={entity:e.entity,prf_algorithm:a.PRFAlgorithm.tls_prf_sha256,bulk_cipher_algorithm:null,cipher_type:null,enc_key_length:null,block_length:null,fixed_iv_length:null,record_iv_length:null,mac_algorithm:null,mac_length:null,mac_key_length:null,compression_algorithm:e.session.compressionMethod,pre_master_secret:null,master_secret:null,client_random:i,server_random:s}},a.handleServerHello=function(e,t,n){var r=a.parseHelloMessage(e,t,n);if(e.fail)return;if(!(r.version.minor<=e.version.minor))return e.error(e,{message:"Incompatible TLS version.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}});e.version.minor=r.version.minor,e.session.version=e.version;var i=r.session_id.bytes();i.length>0&&i===e.session.id?(e.expect=d,e.session.resuming=!0,e.session.sp.server_random=r.random.bytes()):(e.expect=l,e.session.resuming=!1,a.createSecurityParameters(e,r)),e.session.id=i,e.process()},a.handleClientHello=function(t,n,r){var i=a.parseHelloMessage(t,n,r);if(t.fail)return;var s=i.session_id.bytes(),o=null;if(t.sessionCache){o=t.sessionCache.getSession(s);if(o===null)s="";else if(o.version.major!==i.version.major||o.version.minor>i.version.minor)o=null,s=""}s.length===0&&(s=e.random.getBytes(32)),t.session.id=s,t.session.clientHelloVersion=i.version,t.session.sp={};if(o)t.version=t.session.version=o.version,t.session.sp=o.sp;else{var u;for(var f=1;f0)u=o(s.certificate_list,3),f=e.asn1.fromDer(u),u=e.pki.certificateFromAsn1(f,!0),l.push(u)}catch(h){return t.error(t,{message:"Could not parse certificate list.",cause:h,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.bad_certificate}})}var p=t.entity===a.ConnectionEnd.client;!p&&t.verifyClient!==!0||l.length!==0?l.length===0?t.expect=p?c:w:(p?t.session.serverCertificate=l[0]:t.session.clientCertificate=l[0],a.verifyCertificateChain(t,l)&&(t.expect=p?c:w)):t.error(t,{message:p?"No server certificate provided.":"No client certificate provided.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}}),t.process()},a.handleServerKeyExchange=function(e,t,n){if(n>0)return e.error(e,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unsupported_certificate}});e.expect=h,e.process()},a.handleClientKeyExchange=function(t,n,r){if(r<48)return t.error(t,{message:"Invalid key parameters. Only RSA is supported.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.unsupported_certificate}});var i=n.fragment,s={enc_pre_master_secret:o(i,2).getBytes()},u=null;if(t.getPrivateKey)try{u=t.getPrivateKey(t,t.session.serverCertificate),u=e.pki.privateKeyFromPem(u)}catch(f){t.error(t,{message:"Could not get private key.",cause:f,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}})}if(u===null)return t.error(t,{message:"No private key set.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}});try{var l=t.session.sp;l.pre_master_secret=u.decrypt(s.enc_pre_master_secret);var c=t.session.clientHelloVersion;if(c.major!==l.pre_master_secret.charCodeAt(0)||c.minor!==l.pre_master_secret.charCodeAt(1))throw new Error("TLS version rollback attack detected.")}catch(f){l.pre_master_secret=e.random.getBytes(48)}t.expect=S,t.session.clientCertificate!==null&&(t.expect=E),t.process()},a.handleCertificateRequest=function(e,t,n){if(n<3)return e.error(e,{message:"Invalid CertificateRequest. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var r=t.fragment,i={certificate_types:o(r,1),certificate_authorities:o(r,2)};e.session.certificateRequest=i,e.expect=p,e.process()},a.handleCertificateVerify=function(t,n,r){if(r<2)return t.error(t,{message:"Invalid CertificateVerify. Message too short.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var i=n.fragment;i.read-=4;var s=i.bytes();i.read+=4;var u={signature:o(i,2).getBytes()},f=e.util.createBuffer();f.putBuffer(t.session.md5.digest()),f.putBuffer(t.session.sha1.digest()),f=f.getBytes();try{var l=t.session.clientCertificate;if(!l.publicKey.verify(f,u.signature,"NONE"))throw new Error("CertificateVerify signature does not match.");t.session.md5.update(s),t.session.sha1.update(s)}catch(c){return t.error(t,{message:"Bad signature in CertificateVerify.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.handshake_failure}})}t.expect=S,t.process()},a.handleServerHelloDone=function(t,n,r){if(r>0)return t.error(t,{message:"Invalid ServerHelloDone message. Invalid length.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.record_overflow}});if(t.serverCertificate===null){var i={message:"No server certificate provided. Not enough security.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.insufficient_security}},s=0,o=t.verify(t,i.alert.description,s,[]);if(o!==!0){if(o||o===0)typeof o=="object"&&!e.util.isArray(o)?(o.message&&(i.message=o.message),o.alert&&(i.alert.description=o.alert)):typeof o=="number"&&(i.alert.description=o);return t.error(t,i)}}t.session.certificateRequest!==null&&(n=a.createRecord(t,{type:a.ContentType.handshake,data:a.createCertificate(t)}),a.queue(t,n)),n=a.createRecord(t,{type:a.ContentType.handshake,data:a.createClientKeyExchange(t)}),a.queue(t,n),t.expect=g;var u=function(e,t){e.session.certificateRequest!==null&&e.session.clientCertificate!==null&&a.queue(e,a.createRecord(e,{type:a.ContentType.handshake,data:a.createCertificateVerify(e,t)})),a.queue(e,a.createRecord(e,{type:a.ContentType.change_cipher_spec,data:a.createChangeCipherSpec()})),e.state.pending=a.createConnectionState(e),e.state.current.write=e.state.pending.write,a.queue(e,a.createRecord(e,{type:a.ContentType.handshake,data:a.createFinished(e)})),e.expect=d,a.flush(e),e.process()};if(t.session.certificateRequest===null||t.session.clientCertificate===null)return u(t,null);a.getClientSignature(t,u)},a.handleChangeCipherSpec=function(e,t){if(t.fragment.getByte()!==1)return e.error(e,{message:"Invalid ChangeCipherSpec message received.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.illegal_parameter}});var n=e.entity===a.ConnectionEnd.client;if(e.session.resuming&&n||!e.session.resuming&&!n)e.state.pending=a.createConnectionState(e);e.state.current.read=e.state.pending.read;if(!e.session.resuming&&n||e.session.resuming&&!n)e.state.pending=null;e.expect=n?v:x,e.process()},a.handleFinished=function(n,r,i){var s=r.fragment;s.read-=4;var o=s.bytes();s.read+=4;var u=r.fragment.getBytes();s=e.util.createBuffer(),s.putBuffer(n.session.md5.digest()),s.putBuffer(n.session.sha1.digest());var f=n.entity===a.ConnectionEnd.client,l=f?"server finished":"client finished",c=n.session.sp,h=12,p=t;s=p(c.master_secret,l,s.getBytes(),h);if(s.getBytes()!==u)return n.error(n,{message:"Invalid verify_data in Finished message.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.decrypt_error}});n.session.md5.update(o),n.session.sha1.update(o);if(n.session.resuming&&f||!n.session.resuming&&!f)a.queue(n,a.createRecord(n,{type:a.ContentType.change_cipher_spec,data:a.createChangeCipherSpec()})),n.state.current.write=n.state.pending.write,n.state.pending=null,a.queue(n,a.createRecord(n,{type:a.ContentType.handshake,data:a.createFinished(n)}));n.expect=f?m:T,n.handshaking=!1,++n.handshakes,n.peerCertificate=f?n.session.serverCertificate:n.session.clientCertificate,a.flush(n),n.isConnected=!0,n.connected(n),n.process()},a.handleAlert=function(e,t){var n=t.fragment,r={level:n.getByte(),description:n.getByte()},i;switch(r.description){case a.Alert.Description.close_notify:i="Connection closed.";break;case a.Alert.Description.unexpected_message:i="Unexpected message.";break;case a.Alert.Description.bad_record_mac:i="Bad record MAC.";break;case a.Alert.Description.decryption_failed:i="Decryption failed.";break;case a.Alert.Description.record_overflow:i="Record overflow.";break;case a.Alert.Description.decompression_failure:i="Decompression failed.";break;case a.Alert.Description.handshake_failure:i="Handshake failure.";break;case a.Alert.Description.bad_certificate:i="Bad certificate.";break;case a.Alert.Description.unsupported_certificate:i="Unsupported certificate.";break;case a.Alert.Description.certificate_revoked:i="Certificate revoked.";break;case a.Alert.Description.certificate_expired:i="Certificate expired.";break;case a.Alert.Description.certificate_unknown:i="Certificate unknown.";break;case a.Alert.Description.illegal_parameter:i="Illegal parameter.";break;case a.Alert.Description.unknown_ca:i="Unknown certificate authority.";break;case a.Alert.Description.access_denied:i="Access denied.";break;case a.Alert.Description.decode_error:i="Decode error.";break;case a.Alert.Description.decrypt_error:i="Decrypt error.";break;case a.Alert.Description.export_restriction:i="Export restriction.";break;case a.Alert.Description.protocol_version:i="Unsupported protocol version.";break;case a.Alert.Description.insufficient_security:i="Insufficient security.";break;case a.Alert.Description.internal_error:i="Internal error.";break;case a.Alert.Description.user_canceled:i="User canceled.";break;case a.Alert.Description.no_renegotiation:i="Renegotiation not supported.";break;default:i="Unknown error."}if(r.description===a.Alert.Description.close_notify)return e.close();e.error(e,{message:i,send:!1,origin:e.entity===a.ConnectionEnd.client?"server":"client",alert:r}),e.process()},a.handleHandshake=function(t,n){var r=n.fragment,i=r.getByte(),s=r.getInt24();if(s>r.length())return t.fragmented=n,n.fragment=e.util.createBuffer(),r.read-=4,t.process();t.fragmented=null,r.read-=4;var o=r.bytes(s+4);r.read+=4,i in q[t.entity][t.expect]?(t.entity===a.ConnectionEnd.server&&!t.open&&!t.fail&&(t.handshaking=!0,t.session={version:null,extensions:{server_name:{serverNameList:[]}},cipherSuite:null,compressionMethod:null,serverCertificate:null,clientCertificate:null,md5:e.md.md5.create(),sha1:e.md.sha1.create()}),i!==a.HandshakeType.hello_request&&i!==a.HandshakeType.certificate_verify&&i!==a.HandshakeType.finished&&(t.session.md5.update(o),t.session.sha1.update(o)),q[t.entity][t.expect][i](t,n,s)):a.handleUnexpected(t,n)},a.handleApplicationData=function(e,t){e.data.putBuffer(t.fragment),e.dataReady(e),e.process()},a.handleHeartbeat=function(t,n){var r=n.fragment,i=r.getByte(),s=r.getInt16(),o=r.getBytes(s);if(i===a.HeartbeatMessageType.heartbeat_request){if(t.handshaking||s>o.length)return t.process();a.queue(t,a.createRecord(t,{type:a.ContentType.heartbeat,data:a.createHeartbeat(a.HeartbeatMessageType.heartbeat_response,o)})),a.flush(t)}else if(i===a.HeartbeatMessageType.heartbeat_response){if(o!==t.expectedHeartbeatPayload)return t.process();t.heartbeatReceived&&t.heartbeatReceived(t,e.util.createBuffer(o))}t.process()};var f=0,l=1,c=2,h=3,p=4,d=5,v=6,m=7,g=8,y=0,b=1,w=2,E=3,S=4,x=5,T=6,N=7,C=a.handleUnexpected,k=a.handleChangeCipherSpec,L=a.handleAlert,A=a.handleHandshake,O=a.handleApplicationData,M=a.handleHeartbeat,_=[];_[a.ConnectionEnd.client]=[[C,L,A,C,M],[C,L,A,C,M],[C,L,A,C,M],[C,L,A,C,M],[C,L,A,C,M],[k,L,C,C,M],[C,L,A,C,M],[C,L,A,O,M],[C,L,A,C,M]],_[a.ConnectionEnd.server]=[[C,L,A,C,M],[C,L,A,C,M],[C,L,A,C,M],[C,L,A,C,M],[k,L,C,C,M],[C,L,A,C,M],[C,L,A,O,M],[C,L,A,C,M]];var D=a.handleHelloRequest,P=a.handleServerHello,H=a.handleCertificate,B=a.handleServerKeyExchange,j=a.handleCertificateRequest,F=a.handleServerHelloDone,I=a.handleFinished,q=[];q[a.ConnectionEnd.client]=[[C,C,P,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,H,B,j,F,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,B,j,F,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,C,j,F,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,C,C,F,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,I],[D,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[D,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C]];var R=a.handleClientHello,U=a.handleClientKeyExchange,z=a.handleCertificateVerify;q[a.ConnectionEnd.server]=[[C,R,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,H,C,C,C,C,C,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,U,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,z,C,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,I],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C],[C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C,C]],a.generateKeys=function(e,n){var r=t,i=n.client_random+n.server_random;e.session.resuming||(n.master_secret=r(n.pre_master_secret,"master secret",i,48).bytes(),n.pre_master_secret=null),i=n.server_random+n.client_random;var s=2*n.mac_key_length+2*n.enc_key_length,o=e.version.major===a.Versions.TLS_1_0.major&&e.version.minor===a.Versions.TLS_1_0.minor;o&&(s+=2*n.fixed_iv_length);var u=r(n.master_secret,"key expansion",i,s),f={client_write_MAC_key:u.getBytes(n.mac_key_length),server_write_MAC_key:u.getBytes(n.mac_key_length),client_write_key:u.getBytes(n.enc_key_length),server_write_key:u.getBytes(n.enc_key_length)};return o&&(f.client_write_IV=u.getBytes(n.fixed_iv_length),f.server_write_IV=u.getBytes(n.fixed_iv_length)),f},a.createConnectionState=function(e){var t=e.entity===a.ConnectionEnd.client,n=function(){var e={sequenceNumber:[0,0],macKey:null,macLength:0,macFunction:null,cipherState:null,cipherFunction:function(e){return!0},compressionState:null,compressFunction:function(e){return!0},updateSequenceNumber:function(){e.sequenceNumber[1]===4294967295?(e.sequenceNumber[1]=0,++e.sequenceNumber[0]):++e.sequenceNumber[1]}};return e},r={read:n(),write:n()};r.read.update=function(e,t){return r.read.cipherFunction(t,r.read)?r.read.compressFunction(e,t,r.read)||e.error(e,{message:"Could not decompress record.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.decompression_failure}}):e.error(e,{message:"Could not decrypt record or bad MAC.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.bad_record_mac}}),!e.fail},r.write.update=function(e,t){return r.write.compressFunction(e,t,r.write)?r.write.cipherFunction(t,r.write)||e.error(e,{message:"Could not encrypt record.",send:!1,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}):e.error(e,{message:"Could not compress record.",send:!1,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}),!e.fail};if(e.session){var o=e.session.sp;e.session.cipherSuite.initSecurityParameters(o),o.keys=a.generateKeys(e,o),r.read.macKey=t?o.keys.server_write_MAC_key:o.keys.client_write_MAC_key,r.write.macKey=t?o.keys.client_write_MAC_key:o.keys.server_write_MAC_key,e.session.cipherSuite.initConnectionState(r,e,o);switch(o.compression_algorithm){case a.CompressionMethod.none:break;case a.CompressionMethod.deflate:r.read.compressFunction=s,r.write.compressFunction=i;break;default:throw new Error("Unsupported compression algorithm.")}}return r},a.createRandom=function(){var t=new Date,n=+t+t.getTimezoneOffset()*6e4,r=e.util.createBuffer();return r.putInt32(n),r.putBytes(e.random.getBytes(28)),r},a.createRecord=function(e,t){if(!t.data)return null;var n={type:t.type,version:{major:e.version.major,minor:e.version.minor},length:t.data.length(),fragment:t.data};return n},a.createAlert=function(t,n){var r=e.util.createBuffer();return r.putByte(n.level),r.putByte(n.description),a.createRecord(t,{type:a.ContentType.alert,data:r})},a.createClientHello=function(t){t.session.clientHelloVersion={major:t.version.major,minor:t.version.minor};var n=e.util.createBuffer();for(var r=0;r0&&(d+=2);var v=t.session.id,m=v.length+1+2+4+28+2+s+1+f+d,g=e.util.createBuffer();return g.putByte(a.HandshakeType.client_hello),g.putInt24(m),g.putByte(t.version.major),g.putByte(t.version.minor),g.putBytes(t.session.sp.client_random),u(g,1,e.util.createBuffer(v)),u(g,2,n),u(g,1,o),d>0&&u(g,2,l),g},a.createServerHello=function(t){var n=t.session.id,r=n.length+1+2+4+28+2+1,i=e.util.createBuffer();return i.putByte(a.HandshakeType.server_hello),i.putInt24(r),i.putByte(t.version.major),i.putByte(t.version.minor),i.putBytes(t.session.sp.server_random),u(i,1,e.util.createBuffer(n)),i.putByte(t.session.cipherSuite.id[0]),i.putByte(t.session.cipherSuite.id[1]),i.putByte(t.session.compressionMethod),i},a.createCertificate=function(t){var n=t.entity===a.ConnectionEnd.client,r=null;if(t.getCertificate){var i;n?i=t.session.certificateRequest:i=t.session.extensions.server_name.serverNameList,r=t.getCertificate(t,i)}var s=e.util.createBuffer();if(r!==null)try{e.util.isArray(r)||(r=[r]);var o=null;for(var f=0;f0&&(r.putByte(a.HandshakeType.server_key_exchange),r.putInt24(n)),r},a.getClientSignature=function(t,n){var r=e.util.createBuffer();r.putBuffer(t.session.md5.digest()),r.putBuffer(t.session.sha1.digest()),r=r.getBytes(),t.getSignature=t.getSignature||function(t,n,r){var i=null;if(t.getPrivateKey)try{i=t.getPrivateKey(t,t.session.clientCertificate),i=e.pki.privateKeyFromPem(i)}catch(s){t.error(t,{message:"Could not get private key.",cause:s,send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}})}i===null?t.error(t,{message:"No private key set.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.internal_error}}):n=i.sign(n,null),r(t,n)},t.getSignature(t,r,n)},a.createCertificateVerify=function(t,n){var r=n.length+2,i=e.util.createBuffer();return i.putByte(a.HandshakeType.certificate_verify),i.putInt24(r),i.putInt16(n.length),i.putBytes(n),i},a.createCertificateRequest=function(t){var n=e.util.createBuffer();n.putByte(1);var r=e.util.createBuffer();for(var i in t.caStore.certs){var s=t.caStore.certs[i],o=e.pki.distinguishedNameToAsn1(s.subject);r.putBuffer(e.asn1.toDer(o))}var f=1+n.length()+2+r.length(),l=e.util.createBuffer();return l.putByte(a.HandshakeType.certificate_request),l.putInt24(f),u(l,1,n),u(l,2,r),l},a.createServerHelloDone=function(t){var n=e.util.createBuffer();return n.putByte(a.HandshakeType.server_hello_done),n.putInt24(0),n},a.createChangeCipherSpec=function(){var t=e.util.createBuffer();return t.putByte(1),t},a.createFinished=function(n){var r=e.util.createBuffer();r.putBuffer(n.session.md5.digest()),r.putBuffer(n.session.sha1.digest());var i=n.entity===a.ConnectionEnd.client,s=n.session.sp,o=12,u=t,f=i?"client finished":"server finished";r=u(s.master_secret,f,r.getBytes(),o);var l=e.util.createBuffer();return l.putByte(a.HandshakeType.finished),l.putInt24(r.length()),l.putBuffer(r),l},a.createHeartbeat=function(t,n,r){typeof r=="undefined"&&(r=n.length);var i=e.util.createBuffer();i.putByte(t),i.putInt16(r),i.putBytes(n);var s=i.length(),o=Math.max(16,s-r-3);return i.putBytes(e.random.getBytes(o)),i},a.queue=function(t,n){if(!n)return;if(n.type===a.ContentType.handshake){var r=n.fragment.bytes();t.session.md5.update(r),t.session.sha1.update(r),r=null}var i;if(n.fragment.length()<=a.MaxFragment)i=[n];else{i=[];var s=n.fragment.bytes();while(s.length>a.MaxFragment)i.push(a.createRecord(t,{type:n.type,data:e.util.createBuffer(s.slice(0,a.MaxFragment))})),s=s.slice(a.MaxFragment);s.length>0&&i.push(a.createRecord(t,{type:n.type,data:e.util.createBuffer(s)}))}for(var o=0;o0&&(i=r.order[0]);if(i!==null&&i in r.cache){n=r.cache[i],delete r.cache[i];for(var s in r.order)if(r.order[s]===i){r.order.splice(s,1);break}}return n},r.setSession=function(t,n){if(r.order.length===r.capacity){var i=r.order.shift();delete r.cache[i]}var i=e.util.bytesToHex(t);r.order.push(i),r.cache[i]=n}}return r},a.createConnection=function(t){var n=null;t.caStore?e.util.isArray(t.caStore)?n=e.pki.createCaStore(t.caStore):n=t.caStore:n=e.pki.createCaStore();var r=t.cipherSuites||null;if(r===null){r=[];for(var i in a.CipherSuites)r.push(a.CipherSuites[i])}var s=t.server||!1?a.ConnectionEnd.server:a.ConnectionEnd.client,o=t.sessionCache?a.createSessionCache(t.sessionCache):null,u={version:{major:a.Version.major,minor:a.Version.minor},entity:s,sessionId:t.sessionId,caStore:n,sessionCache:o,cipherSuites:r,connected:t.connected,virtualHost:t.virtualHost||null,verifyClient:t.verifyClient||!1,verify:t.verify||function(e,t,n,r){return t},getCertificate:t.getCertificate||null,getPrivateKey:t.getPrivateKey||null,getSignature:t.getSignature||null,input:e.util.createBuffer(),tlsData:e.util.createBuffer(),data:e.util.createBuffer(),tlsDataReady:t.tlsDataReady,dataReady:t.dataReady,heartbeatReceived:t.heartbeatReceived,closed:t.closed,error:function(e,n){n.origin=n.origin||(e.entity===a.ConnectionEnd.client?"client":"server"),n.send&&(a.queue(e,a.createAlert(e,n.alert)),a.flush(e));var r=n.fatal!==!1;r&&(e.fail=!0),t.error(e,n),r&&e.close(!1)},deflate:t.deflate||null,inflate:t.inflate||null};u.reset=function(e){u.version={major:a.Version.major,minor:a.Version.minor},u.record=null,u.session=null,u.peerCertificate=null,u.state={pending:null,current:null},u.expect=u.entity===a.ConnectionEnd.client?f:y,u.fragmented=null,u.records=[],u.open=!1,u.handshakes=0,u.handshaking=!1,u.isConnected=!1,u.fail=!e&&typeof e!="undefined",u.input.clear(),u.tlsData.clear(),u.data.clear(),u.state.current=a.createConnectionState(u)},u.reset();var l=function(e,t){var n=t.type-a.ContentType.change_cipher_spec,r=_[e.entity][e.expect];n in r?r[n](e,t):a.handleUnexpected(e,t)},c=function(t){var n=0,r=t.input,i=r.length();if(i<5)n=5-i;else{t.record={type:r.getByte(),version:{major:r.getByte(),minor:r.getByte()},length:r.getInt16(),fragment:e.util.createBuffer(),ready:!1};var s=t.record.version.major===t.version.major;s&&t.session&&t.session.version&&(s=t.record.version.minor===t.version.minor),s||t.error(t,{message:"Incompatible TLS version.",send:!0,alert:{level:a.Alert.Level.fatal,description:a.Alert.Description.protocol_version}})}return n},h=function(e){var t=0,n=e.input,r=n.length();if(r0&&(u.sessionCache&&(n=u.sessionCache.getSession(t)),n===null&&(t="")),t.length===0&&u.sessionCache&&(n=u.sessionCache.getSession(),n!==null&&(t=n.id)),u.session={id:t,version:null,cipherSuite:null,compressionMethod:null,serverCertificate:null,certificateRequest:null,clientCertificate:null,sp:{},md5:e.md.md5.create(),sha1:e.md.sha1.create()},n&&(u.version=n.version,u.session.sp=n.sp),u.session.sp.client_random=a.createRandom().getBytes(),u.open=!0,a.queue(u,a.createRecord(u,{type:a.ContentType.handshake,data:a.createClientHello(u)})),a.flush(u)}},u.process=function(e){var t=0;return e&&u.input.putBytes(e),u.fail||(u.record!==null&&u.record.ready&&u.record.fragment.isEmpty()&&(u.record=null),u.record===null&&(t=c(u)),!u.fail&&u.record!==null&&!u.record.ready&&(t=h(u)),!u.fail&&u.record!==null&&u.record.ready&&l(u,u.record)),t},u.prepare=function(t){return a.queue(u,a.createRecord(u,{type:a.ContentType.application_data,data:e.util.createBuffer(t)})),a.flush(u)},u.prepareHeartbeatRequest=function(t,n){return t instanceof e.util.ByteBuffer&&(t=t.bytes()),typeof n=="undefined"&&(n=t.length),u.expectedHeartbeatPayload=t,a.queue(u,a.createRecord(u,{type:a.ContentType.heartbeat,data:a.createHeartbeat(a.HeartbeatMessageType.heartbeat_request,t,n)})),a.flush(u)},u.close=function(e){if(!u.fail&&u.sessionCache&&u.session){var t={id:u.session.id,version:u.session.version,sp:u.session.sp};t.sp.keys=null,u.sessionCache.setSession(t.id,t)}if(u.open){u.open=!1,u.input.clear();if(u.isConnected||u.handshaking)u.isConnected=u.handshaking=!1,a.queue(u,a.createAlert(u,{level:a.Alert.Level.warning,description:a.Alert.Description.close_notify})),a.flush(u);u.closed(u)}u.reset(e)},u},e.tls=e.tls||{};for(var V in a)typeof a[V]!="function"&&(e.tls[V]=a[V]);e.tls.prf_tls1=t,e.tls.hmac_sha1=r,e.tls.createSessionCache=a.createSessionCache,e.tls.createConnection=a.createConnection}var r="tls";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o=t.Versions.TLS_1_1.minor&&a.output.putBytes(u),a.update(n.fragment),a.finish(i)&&(n.fragment=a.output,n.length=n.fragment.length(),s=!0),s}function i(e,t,n){if(!n){var r=e-t.length()%e;t.fillWithByte(r-1,r)}return!0}function s(e,t,n){var r=!0;if(n){var i=t.length(),s=t.last();for(var o=i-1-s;o=f?(n.fragment=a.output.getBytes(h-f),l=a.output.getBytes(f)):n.fragment=a.output.getBytes(),n.fragment=e.util.createBuffer(n.fragment),n.length=n.fragment.length();var p=r.macFunction(r.macKey,r.sequenceNumber,n);return r.updateSequenceNumber(),i=p===l&&i,i}var t=e.tls;t.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA={id:[0,47],name:"TLS_RSA_WITH_AES_128_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=t.BulkCipherAlgorithm.aes,e.cipher_type=t.CipherType.block,e.enc_key_length=16,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=t.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:n},t.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA={id:[0,53],name:"TLS_RSA_WITH_AES_256_CBC_SHA",initSecurityParameters:function(e){e.bulk_cipher_algorithm=t.BulkCipherAlgorithm.aes,e.cipher_type=t.CipherType.block,e.enc_key_length=32,e.block_length=16,e.fixed_iv_length=16,e.record_iv_length=16,e.mac_algorithm=t.MACAlgorithm.hmac_sha1,e.mac_length=20,e.mac_key_length=20},initConnectionState:n};var o=0}var r="aesCipherSuites";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o="8"&&(r="00"+r);var i=e.util.hexToBytes(r);t.putInt32(i.length),t.putBytes(i)}function r(e,t){e.putInt32(t.length),e.putString(t)}function i(){var t=e.md.sha1.create(),n=arguments.length;for(var r=0;r=1&&e.log.verbose(t,"[%s][%s] init",this.id,this.name,this)};T.prototype.debug=function(n){n=n||"",e.log.debug(t,n,"[%s][%s] task:",this.id,this.name,this,"subtasks:",this.subtasks.length,"queue:",s)},T.prototype.next=function(e,t){typeof e=="function"&&(t=e,e=this.name);var n=new T({run:t,name:e,parent:this});return n.state=l,n.type=this.type,n.successCallback=this.successCallback||null,n.failureCallback=this.failureCallback||null,this.subtasks.push(n),this},T.prototype.parallel=function(t,n){return e.util.isArray(t)&&(n=t,t=this.name),this.next(t,function(r){var i=r;i.block(n.length);var s=function(t,r){e.task.start({type:t,run:function(e){n[r](e)},success:function(e){i.unblock()},failure:function(e){i.unblock()}})};for(var o=0;o0&&(this.state=x[this.state][g])},T.prototype.unblock=function(e){return e=typeof e=="undefined"?1:e,this.blocks-=e,this.blocks===0&&this.state!==p&&(this.state=l,C(this,0)),this.blocks},T.prototype.sleep=function(e){e=typeof e=="undefined"?0:e,this.state=x[this.state][b];var t=this;this.timeoutId=setTimeout(function(){t.timeoutId=null,t.state=l,C(t,0)},e)},T.prototype.wait=function(e){e.wait(this)},T.prototype.wakeup=function(){this.state===h&&(cancelTimeout(this.timeoutId),this.timeoutId=null,this.state=l,C(this,0))},T.prototype.cancel=function(){this.state=x[this.state][E],this.permitsNeeded=0,this.timeoutId!==null&&(cancelTimeout(this.timeoutId),this.timeoutId=null),this.subtasks=[]},T.prototype.fail=function(e){this.error=!0,k(this,!0);if(e)e.error=this.error,e.swapTime=this.swapTime,e.userData=this.userData,C(e,0);else{if(this.parent!==null){var t=this.parent;while(t.parent!==null)t.error=this.error,t.swapTime=this.swapTime,t.userData=this.userData,t=t.parent;k(t,!0)}this.failureCallback&&this.failureCallback(this)}};var N=function(e){e.error=!1,e.state=x[e.state][m],setTimeout(function(){e.state===l&&(e.swapTime=+(new Date),e.run(e),C(e,0))},0)},C=function(e,t){var n=t>u||+(new Date)-e.swapTime>a,r=function(t){t++;if(e.state===l){n&&(e.swapTime=+(new Date));if(e.subtasks.length>0){var r=e.subtasks.shift();r.error=e.error,r.swapTime=e.swapTime,r.userData=e.userData,r.run(r),r.error||C(r,t)}else k(e),e.error||e.parent!==null&&(e.parent.error=e.error,e.parent.swapTime=e.swapTime,e.parent.userData=e.userData,C(e.parent,t))}};n?setTimeout(r,0):r(t)},k=function(i,o){i.state=p,delete r[i.id],n>=1&&e.log.verbose(t,"[%s][%s] finish",i.id,i.name,i),i.parent===null&&(i.type in s?s[i.type].length===0?e.log.error(t,"[%s][%s] task queue empty [%s]",i.id,i.name,i.type):s[i.type][0]!==i?e.log.error(t,"[%s][%s] task not first in queue [%s]",i.id,i.name,i.type):(s[i.type].shift(),s[i.type].length===0?(n>=1&&e.log.verbose(t,"[%s][%s] delete queue [%s]",i.id,i.name,i.type),delete s[i.type]):(n>=1&&e.log.verbose(t,"[%s][%s] queue start next [%s] remain:%s",i.id,i.name,i.type,s[i.type].length),s[i.type][0].start())):e.log.error(t,"[%s][%s] task queue missing [%s]",i.id,i.name,i.type),o||(i.error&&i.failureCallback?i.failureCallback(i):!i.error&&i.successCallback&&i.successCallback(i)))};e.task=e.task||{},e.task.start=function(r){var i=new T({run:r.run,name:r.name||o});i.type=r.type,i.successCallback=r.success||null,i.failureCallback=r.failure||null,i.type in s?s[r.type].push(i):(n>=1&&e.log.verbose(t,"[%s][%s] create queue [%s]",i.id,i.name,i.type),s[i.type]=[i],N(i))},e.task.cancel=function(e){e in s&&(s[e]=[s[e][0]])},e.task.createCondition=function(){var e={tasks:{}};return e.wait=function(t){t.id in e.tasks||(t.block(),e.tasks[t.id]=t)},e.notify=function(){var t=e.tasks;e.tasks={};for(var n in t)t[n].unblock()},e}}var r="task";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o0&&(e.splice(c-1,2),c-=2)}}e=e.join("/")}else e.indexOf("./")===0&&(e=e.substring(2));if((v||g)&&m){n=e.split("/");for(c=n.length;c>0;c-=1){r=n.slice(0,c).join("/");if(v)for(h=v.length;h>0;h-=1){i=m[v.slice(0,h).join("/")];if(i){i=i[r];if(i){s=i,u=c;break}}}if(s)break;!a&&g&&g[r]&&(a=g[r],f=c)}!s&&a&&(s=a,u=f),s&&(n.splice(0,u,s),e=n.join("/"))}return e}function g(e,t){return function(){return s.apply(r,p.call(arguments,0).concat([e,t]))}}function y(e){return function(t){return m(t,e)}}function b(e){return function(t){a[e]=t}}function w(e){if(v(f,e)){var t=f[e];delete f[e],c[e]=!0,i.apply(r,t)}if(!v(a,e)&&!v(c,e))throw new Error("No "+e);return a[e]}function E(e){var t,n=e?e.indexOf("!"):-1;return n>-1&&(t=e.substring(0,n),e=e.substring(n+1,e.length)),[t,e]}function S(e){return function(){return l&&l.config&&l.config[e]||{}}}var i,s,o,u,a={},f={},l={},c={},h=Object.prototype.hasOwnProperty,p=[].slice,d=/\.js$/;o=function(e,t){var n,r=E(e),i=r[0];return e=r[1],i&&(i=m(i,t),n=w(i)),i?n&&n.normalize?e=n.normalize(e,y(t)):e=m(e,t):(e=m(e,t),r=E(e),i=r[0],e=r[1],i&&(n=w(i))),{f:i?i+"!"+e:e,n:e,pr:i,p:n}},u={require:function(e){return g(e)},exports:function(e){var t=a[e];return typeof t!="undefined"?t:a[e]={}},module:function(e){return{id:e,uri:"",exports:a[e],config:S(e)}}},i=function(e,t,n,i){var s,l,h,p,d,m=[],y=typeof n,E;i=i||e;if(y==="undefined"||y==="function"){t=!t.length&&n.length?["require","exports","module"]:t;for(d=0;d0)t&1&&(n+=e),t>>>=1,t>0&&(e+=e);return this.data=n,this},t.ByteStringBuffer.prototype.putBytes=function(e){return this.data+=e,this},t.ByteStringBuffer.prototype.putString=function(e){return this.data+=t.encodeUtf8(e),this},t.ByteStringBuffer.prototype.putInt16=function(e){return this.data+=String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt24=function(e){return this.data+=String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt32=function(e){return this.data+=String.fromCharCode(e>>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255),this},t.ByteStringBuffer.prototype.putInt16Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255),this},t.ByteStringBuffer.prototype.putInt24Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255),this},t.ByteStringBuffer.prototype.putInt32Le=function(e){return this.data+=String.fromCharCode(e&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>24&255),this},t.ByteStringBuffer.prototype.putInt=function(e,t){do t-=8,this.data+=String.fromCharCode(e>>t&255);while(t>0);return this},t.ByteStringBuffer.prototype.putSignedInt=function(e,t){return e<0&&(e+=2<0);return t},t.ByteStringBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),n=2<=n&&(t-=n<<1),t},t.ByteStringBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},t.ByteStringBuffer.prototype.bytes=function(e){return typeof e=="undefined"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},t.ByteStringBuffer.prototype.at=function(e){return this.data.charCodeAt(this.read+e)},t.ByteStringBuffer.prototype.setAt=function(e,t){return this.data=this.data.substr(0,this.read+e)+String.fromCharCode(t)+this.data.substr(this.read+e+1),this},t.ByteStringBuffer.prototype.last=function(){return this.data.charCodeAt(this.data.length-1)},t.ByteStringBuffer.prototype.copy=function(){var e=t.createBuffer(this.data);return e.read=this.read,e},t.ByteStringBuffer.prototype.compact=function(){return this.read>0&&(this.data=this.data.slice(this.read),this.read=0),this},t.ByteStringBuffer.prototype.clear=function(){return this.data="",this.read=0,this},t.ByteStringBuffer.prototype.truncate=function(e){var t=Math.max(0,this.length()-e);return this.data=this.data.substr(this.read,t),this.read=0,this},t.ByteStringBuffer.prototype.toHex=function(){var e="";for(var t=this.read;t=e)return this;t=Math.max(t||this.growSize,e);var n=new Uint8Array(this.data.buffer,this.data.byteOffset,this.data.byteLength),r=new Uint8Array(this.length()+t);return r.set(n),this.data=new DataView(r.buffer),this},t.DataBuffer.prototype.putByte=function(e){return this.accommodate(1),this.data.setUint8(this.write++,e),this},t.DataBuffer.prototype.fillWithByte=function(e,t){this.accommodate(t);for(var n=0;n>8&65535),this.data.setInt8(this.write,e>>16&255),this.write+=3,this},t.DataBuffer.prototype.putInt32=function(e){return this.accommodate(4),this.data.setInt32(this.write,e),this.write+=4,this},t.DataBuffer.prototype.putInt16Le=function(e){return this.accommodate(2),this.data.setInt16(this.write,e,!0),this.write+=2,this},t.DataBuffer.prototype.putInt24Le=function(e){return this.accommodate(3),this.data.setInt8(this.write,e>>16&255),this.data.setInt16(this.write,e>>8&65535,!0),this.write+=3,this},t.DataBuffer.prototype.putInt32Le=function(e){return this.accommodate(4),this.data.setInt32(this.write,e,!0),this.write+=4,this},t.DataBuffer.prototype.putInt=function(e,t){this.accommodate(t/8);do t-=8,this.data.setInt8(this.write++,e>>t&255);while(t>0);return this},t.DataBuffer.prototype.putSignedInt=function(e,t){return this.accommodate(t/8),e<0&&(e+=2<0);return t},t.DataBuffer.prototype.getSignedInt=function(e){var t=this.getInt(e),n=2<=n&&(t-=n<<1),t},t.DataBuffer.prototype.getBytes=function(e){var t;return e?(e=Math.min(this.length(),e),t=this.data.slice(this.read,this.read+e),this.read+=e):e===0?t="":(t=this.read===0?this.data:this.data.slice(this.read),this.clear()),t},t.DataBuffer.prototype.bytes=function(e){return typeof e=="undefined"?this.data.slice(this.read):this.data.slice(this.read,this.read+e)},t.DataBuffer.prototype.at=function(e){return this.data.getUint8(this.read+e)},t.DataBuffer.prototype.setAt=function(e,t){return this.data.setUint8(e,t),this},t.DataBuffer.prototype.last=function(){return this.data.getUint8(this.write-1)},t.DataBuffer.prototype.copy=function(){return new t.DataBuffer(this)},t.DataBuffer.prototype.compact=function(){if(this.read>0){var e=new Uint8Array(this.data.buffer,this.read),t=new Uint8Array(e.byteLength);t.set(e),this.data=new DataView(t),this.write-=this.read,this.read=0}return this},t.DataBuffer.prototype.clear=function(){return this.data=new DataView(new ArrayBuffer(0)),this.read=this.write=0,this},t.DataBuffer.prototype.truncate=function(e){return this.write=Math.max(0,this.length()-e),this.read=Math.min(this.read,this.write),this},t.DataBuffer.prototype.toHex=function(){var e="";for(var t=this.read;t0)t&1&&(n+=e),t>>>=1,t>0&&(e+=e);return n},t.xorBytes=function(e,t,n){var r="",i="",s="",o=0,u=0;for(;n>0;--n,++o)i=e.charCodeAt(o)^t.charCodeAt(o),u>=10&&(r+=s,s="",u=0),s+=String.fromCharCode(i),++u;return r+=s,r},t.hexToBytes=function(e){var t="",n=0;e.length&!0&&(n=1,t+=String.fromCharCode(parseInt(e[0],16)));for(;n>24&255)+String.fromCharCode(e>>16&255)+String.fromCharCode(e>>8&255)+String.fromCharCode(e&255)};var s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",o=[62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,64,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51];t.encode64=function(e,t){var n="",r="",i,o,u,a=0;while(a>2),n+=s.charAt((i&3)<<4|o>>4),isNaN(o)?n+="==":(n+=s.charAt((o&15)<<2|u>>6),n+=isNaN(u)?"=":s.charAt(u&63)),t&&n.length>t&&(r+=n.substr(0,t)+"\r\n",n=n.substr(t));return r+=n,r},t.decode64=function(e){e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");var t="",n,r,i,s,u=0;while(u>4),i!==64&&(t+=String.fromCharCode((r&15)<<4|i>>2),s!==64&&(t+=String.fromCharCode((i&3)<<6|s)));return t},t.encodeUtf8=function(e){return unescape(encodeURIComponent(e))},t.decodeUtf8=function(e){return decodeURIComponent(escape(e))},t.binary={raw:{},hex:{},base64:{}},t.binary.raw.encode=function(e){return String.fromCharCode.apply(null,e)},t.binary.raw.decode=function(e,t,n){var r=t;r||(r=new Uint8Array(e.length)),n=n||0;var i=n;for(var s=0;s>2),n+=s.charAt((i&3)<<4|o>>4),isNaN(o)?n+="==":(n+=s.charAt((o&15)<<2|u>>6),n+=isNaN(u)?"=":s.charAt(u&63)),t&&n.length>t&&(r+=n.substr(0,t)+"\r\n",n=n.substr(t));return r+=n,r},t.binary.base64.decode=function(e,t,n){var r=t;r||(r=new Uint8Array(Math.ceil(e.length/4)*3)),e=e.replace(/[^A-Za-z0-9\+\/\=]/g,""),n=n||0;var i,s,u,a,f=0,l=n;while(f>4,u!==64&&(r[l++]=(s&15)<<4|u>>2,a!==64&&(r[l++]=(u&3)<<6|a));return t?l-n:r},t.text={utf8:{},utf16:{}},t.text.utf8.encode=function(e,n,r){e=t.encodeUtf8(e);var i=n;i||(i=new Uint8Array(e.length)),r=r||0;var s=r;for(var o=0;o0?(s=n[r].substring(0,i),o=n[r].substring(i+1)):(s=n[r],o=null),s in t||(t[s]=[]),!(s in Object.prototype)&&o!==null&&t[s].push(unescape(o))}return t},n;return typeof e=="undefined"?(d===null&&(typeof window=="undefined"?d={}:d=t(window.location.search.substring(1))),n=d):n=t(e),n},t.parseFragment=function(e){var n=e,r="",i=e.indexOf("?");i>0&&(n=e.substring(0,i),r=e.substring(i+1));var s=n.split("/");s.length>0&&s[0]===""&&s.shift();var o=r===""?{}:t.getQueryVariables(r);return{pathString:n,queryString:r,path:s,query:o}},t.makeRequest=function(e){var n=t.parseFragment(e),r={path:n.pathString,query:n.queryString,getPath:function(e){return typeof e=="undefined"?n.path:n.path[e]},getQuery:function(e,t){var r;return typeof e=="undefined"?r=n.query:(r=n.query[e],r&&typeof t!="undefined"&&(r=r[t])),r},getQueryLast:function(e,t){var n,i=r.getQuery(e);return i?n=i[i.length-1]:n=t,n}};return r},t.makeLink=function(e,t,n){e=jQuery.isArray(e)?e.join("/"):e;var r=jQuery.param(t||{});return n=n||"",e+(r.length>0?"?"+r:"")+(n.length>0?"#"+n:"")},t.setPath=function(e,t,n){if(typeof e=="object"&&e!==null){var r=0,i=t.length;while(r0&&s.push(r),o=t.lastIndex;var u=n[0][1];switch(u){case"s":case"o":i");break;case"%":s.push("%");break;default:s.push("<%"+u+"?>")}}return s.push(e.substring(o)),s.join("")},t.formatNumber=function(e,t,n,r){var i=e,s=isNaN(t=Math.abs(t))?2:t,o=n===undefined?",":n,u=r===undefined?".":r,a=i<0?"-":"",f=parseInt(i=Math.abs(+i||0).toFixed(s),10)+"",l=f.length>3?f.length%3:0;return a+(l?f.substr(0,l)+u:"")+f.substr(l).replace(/(\d{3})(?=\d)/g,"$1"+u)+(s?o+Math.abs(i-f).toFixed(s).slice(2):"")},t.formatSize=function(e){return e>=1073741824?e=t.formatNumber(e/1073741824,2,".","")+" GiB":e>=1048576?e=t.formatNumber(e/1048576,2,".","")+" MiB":e>=1024?e=t.formatNumber(e/1024,0)+" KiB":e=t.formatNumber(e,0)+" bytes",e},t.bytesFromIP=function(e){return e.indexOf(".")!==-1?t.bytesFromIPv4(e):e.indexOf(":")!==-1?t.bytesFromIPv6(e):null},t.bytesFromIPv4=function(e){e=e.split(".");if(e.length!==4)return null;var n=t.createBuffer();for(var r=0;rr[i].end-r[i].start&&(i=r.length-1))}n.push(o)}if(r.length>0){var f=r[i];f.end-f.start>0&&(n.splice(f.start,f.end-f.start+1,""),f.start===0&&n.unshift(""),f.end===7&&n.push(""))}return n.join(":")},t.estimateCores=function(e,n){function i(e,u,a){if(u===0){var f=Math.floor(e.reduce(function(e,t){return e+t},0)/e.length);return t.cores=Math.max(1,f),URL.revokeObjectURL(r),n(null,t.cores)}s(a,function(t,n){e.push(o(a,n)),i(e,u-1,a)})}function s(e,t){var n=[],i=[];for(var s=0;su.st&&i.sti.st&&u.st0)return t.cores=navigator.hardwareConcurrency,n(null,t.cores);if(typeof Worker=="undefined")return t.cores=1,n(null,t.cores);if(typeof Blob=="undefined")return t.cores=2,n(null,t.cores);var r=URL.createObjectURL(new Blob(["(",function(){self.addEventListener("message",function(e){var t=Date.now(),n=t+4;while(Date.now()=this.blockSize||this._input.length()>0&&this._finish)this._op.call(this.mode,this._input,this.output);this._input.compact()},t.prototype.finish=function(e){e&&this.mode.name==="CBC"&&(this.mode.pad=function(t){return e(this.blockSize,t,!1)},this.mode.unpad=function(t){return e(this.blockSize,t,!0)});var t={};return t.decrypt=this._decrypt,t.overflow=this._input.length()%this.blockSize,!this._decrypt&&this.mode.pad&&!this.mode.pad(this._input,t)?!1:(this._finish=!0,this.update(),this._decrypt&&this.mode.unpad&&!this.mode.unpad(this.output,t)?!1:this.mode.afterFinish&&!this.mode.afterFinish(this.output,t)?!1:!0)}}var r="cipher";if(typeof n!="function"){if(typeof module!="object"||!module.exports)return typeof forge=="undefined"&&(forge={}),e(forge);var i=!0;n=function(e,n){n(t,module)}}var s,o=function(t,n){n.exports=function(n){var i=s.map(function(e){return t(e)}).concat(e);n=n||{},n.defined=n.defined||{};if(n.defined[r])return n[r];n.defined[r]=!0;for(var o=0;o4){var n=t;t=e.util.createBuffer();for(var r=0;r0)return!1;var n=e.length(),r=e.at(n-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},t.cbc=function(e){e=e||{},this.name="CBC",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=new Array(this._blocks),this._outBlock=new Array(this._blocks)},t.cbc.prototype.start=function(e){if(e.iv===null){if(!this._prev)throw new Error("Invalid IV parameter.");this._iv=this._prev.slice(0)}else{if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._prev=this._iv.slice(0)}},t.cbc.prototype.encrypt=function(e,t){for(var n=0;n0)return!1;var n=e.length(),r=e.at(n-1);return r>this.blockSize<<2?!1:(e.truncate(r),!0)},t.cfb=function(e){e=e||{},this.name="CFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.cfb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.cfb.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.ofb=function(e){e=e||{},this.name="OFB",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.ofb.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.ofb.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.ctr=function(e){e=e||{},this.name="CTR",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=null,this._outBlock=new Array(this._blocks)},t.ctr.prototype.start=function(e){if(!("iv"in e))throw new Error("Invalid IV parameter.");this._iv=n(e.iv),this._inBlock=this._iv.slice(0)},t.ctr.prototype.encrypt=function(e,t){this.cipher.encrypt(this._inBlock,this._outBlock),r(this._inBlock);for(var n=0;n0&&e.truncate(this.blockSize-t.overflow),!0},t.gcm=function(e){e=e||{},this.name="GCM",this.cipher=e.cipher,this.blockSize=e.blockSize||16,this._blocks=this.blockSize/4,this._inBlock=new Array(this._blocks),this._outBlock=new Array(this._blocks),this._R=3774873600},t.gcm.prototype.start=function(t){if(!("iv"in t))throw new Error("Invalid IV parameter.");var n=e.util.createBuffer(t.iv);this._cipherLength=0;var s;"additionalData"in t?s=e.util.createBuffer(t.additionalData):s=e.util.createBuffer(),"tagLength"in t?this._tagLength=t.tagLength:this._tagLength=128,this._tag=null;if(t.decrypt){this._tag=e.util.createBuffer(t.tag).getBytes();if(this._tag.length!==this._tagLength/8)throw new Error("Authentication tag does not match tag length.")}this._hashBlock=new Array(this.