1
0
mirror of https://github.com/moparisthebest/mail synced 2024-11-25 18:32:20 -05:00

cleanup strict mode function placement

This commit is contained in:
Tankred Hase 2013-04-02 15:02:57 +02:00
parent 5c0e04cc31
commit ef54dc3aae
12 changed files with 1250 additions and 1295 deletions

View File

@ -1,59 +1,55 @@
(function() { /**
* A Wrapper for Crypto.js's AES-CBC encryption
*/
app.crypto.AesCBC = function() {
'use strict'; 'use strict';
var mode = CryptoJS.mode.CBC; // use CBC mode for Crypto.js
var padding = CryptoJS.pad.Pkcs7; // use Pkcs7/Pkcs5 padding for Crypto.js
/** /**
* A Wrapper for Crypto.js's AES-CBC encryption * Encrypt a String using AES-CBC-Pkcs7 using the provided keysize (e.g. 128, 256)
* @param plaintext [String] The input string in UTF8
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/ */
app.crypto.AesCBC = function() { this.encrypt = function(plaintext, key, iv) {
// parse base64 input to crypto.js WordArrays
var keyWords = CryptoJS.enc.Base64.parse(key);
var ivWords = CryptoJS.enc.Base64.parse(iv);
var plaintextWords = CryptoJS.enc.Utf8.parse(plaintext);
var mode = CryptoJS.mode.CBC; // use CBC mode for Crypto.js var encrypted = CryptoJS.AES.encrypt(plaintextWords, keyWords, {
var padding = CryptoJS.pad.Pkcs7; // use Pkcs7/Pkcs5 padding for Crypto.js iv: ivWords,
mode: mode,
/** padding: padding
* Encrypt a String using AES-CBC-Pkcs7 using the provided keysize (e.g. 128, 256) });
* @param plaintext [String] The input string in UTF8 var ctBase64 = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/
this.encrypt = function(plaintext, key, iv) {
// parse base64 input to crypto.js WordArrays
var keyWords = CryptoJS.enc.Base64.parse(key);
var ivWords = CryptoJS.enc.Base64.parse(iv);
var plaintextWords = CryptoJS.enc.Utf8.parse(plaintext);
var encrypted = CryptoJS.AES.encrypt(plaintextWords, keyWords, {
iv: ivWords,
mode: mode,
padding: padding
});
var ctBase64 = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
return ctBase64;
};
/**
* Decrypt a String using AES-CBC-Pkcs7 using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// parse base64 input to crypto.js WordArrays
var keyWords = CryptoJS.enc.Base64.parse(key);
var ivWords = CryptoJS.enc.Base64.parse(iv);
var decrypted = CryptoJS.AES.decrypt(ciphertext, keyWords, {
iv: ivWords,
mode: mode,
padding: padding
});
var pt = decrypted.toString(CryptoJS.enc.Utf8);
return pt;
};
return ctBase64;
}; };
}()); /**
* Decrypt a String using AES-CBC-Pkcs7 using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// parse base64 input to crypto.js WordArrays
var keyWords = CryptoJS.enc.Base64.parse(key);
var ivWords = CryptoJS.enc.Base64.parse(iv);
var decrypted = CryptoJS.AES.decrypt(ciphertext, keyWords, {
iv: ivWords,
mode: mode,
padding: padding
});
var pt = decrypted.toString(CryptoJS.enc.Utf8);
return pt;
};
};

View File

@ -1,54 +1,50 @@
(function() { /**
* A Wrapper for SJCL's authenticated AES-CCM encryption
*/
app.crypto.AesCCM = function() {
'use strict'; 'use strict';
var adata = []; // authenticated data (empty by default)
var tlen = 64; // The tag length in bits
/** /**
* A Wrapper for SJCL's authenticated AES-CCM encryption * Encrypt a String using AES-CCM using the provided keysize (e.g. 128, 256)
* @param plaintext [String] The input string in UTF8
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/ */
app.crypto.AesCCM = function() { this.encrypt = function(plaintext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var plaintextWords = sjcl.codec.utf8String.toBits(plaintext);
var adata = []; // authenticated data (empty by default) var blockCipher = new sjcl.cipher.aes(keyWords);
var tlen = 64; // The tag length in bits var ciphertext = sjcl.mode.ccm.encrypt(blockCipher, plaintextWords, ivWords, adata, tlen);
var ctBase64 = sjcl.codec.base64.fromBits(ciphertext);
/**
* Encrypt a String using AES-CCM using the provided keysize (e.g. 128, 256)
* @param plaintext [String] The input string in UTF8
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/
this.encrypt = function(plaintext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var plaintextWords = sjcl.codec.utf8String.toBits(plaintext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var ciphertext = sjcl.mode.ccm.encrypt(blockCipher, plaintextWords, ivWords, adata, tlen);
var ctBase64 = sjcl.codec.base64.fromBits(ciphertext);
return ctBase64;
};
/**
* Decrypt a String using AES-CCM using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var ciphertextWords = sjcl.codec.base64.toBits(ciphertext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var decrypted = sjcl.mode.ccm.decrypt(blockCipher, ciphertextWords, ivWords, adata, tlen);
var pt = sjcl.codec.utf8String.fromBits(decrypted);
return pt;
};
return ctBase64;
}; };
}()); /**
* Decrypt a String using AES-CCM using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var ciphertextWords = sjcl.codec.base64.toBits(ciphertext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var decrypted = sjcl.mode.ccm.decrypt(blockCipher, ciphertextWords, ivWords, adata, tlen);
var pt = sjcl.codec.utf8String.fromBits(decrypted);
return pt;
};
};

View File

@ -1,54 +1,50 @@
(function() { /**
* A Wrapper for SJCL's authenticated AES-GCM encryption
*/
app.crypto.AesGCM = function() {
'use strict'; 'use strict';
var adata = []; // authenticated data (empty by default)
var tlen = 128; // The tag length in bits
/** /**
* A Wrapper for SJCL's authenticated AES-GCM encryption * Encrypt a String using AES-GCM using the provided keysize (e.g. 128, 256)
* @param plaintext [String] The input string in UTF8
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/ */
app.crypto.AesGCM = function() { this.encrypt = function(plaintext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var plaintextWords = sjcl.codec.utf8String.toBits(plaintext);
var adata = []; // authenticated data (empty by default) var blockCipher = new sjcl.cipher.aes(keyWords);
var tlen = 128; // The tag length in bits var ciphertext = sjcl.mode.gcm.encrypt(blockCipher, plaintextWords, ivWords, adata, tlen);
var ctBase64 = sjcl.codec.base64.fromBits(ciphertext);
/**
* Encrypt a String using AES-GCM using the provided keysize (e.g. 128, 256)
* @param plaintext [String] The input string in UTF8
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The base64 encoded ciphertext
*/
this.encrypt = function(plaintext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var plaintextWords = sjcl.codec.utf8String.toBits(plaintext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var ciphertext = sjcl.mode.gcm.encrypt(blockCipher, plaintextWords, ivWords, adata, tlen);
var ctBase64 = sjcl.codec.base64.fromBits(ciphertext);
return ctBase64;
};
/**
* Decrypt a String using AES-GCM using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var ciphertextWords = sjcl.codec.base64.toBits(ciphertext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var decrypted = sjcl.mode.gcm.decrypt(blockCipher, ciphertextWords, ivWords, adata, tlen);
var pt = sjcl.codec.utf8String.fromBits(decrypted);
return pt;
};
return ctBase64;
}; };
}()); /**
* Decrypt a String using AES-GCM using the provided keysize (e.g. 128, 256)
* @param ciphertext [String] The base64 encoded ciphertext
* @param key [String] The base64 encoded key
* @param iv [String] The base64 encoded IV
* @return [String] The decrypted plaintext in UTF8
*/
this.decrypt = function(ciphertext, key, iv) {
// convert parameters to WordArrays
var keyWords = sjcl.codec.base64.toBits(key);
var ivWords = sjcl.codec.base64.toBits(iv);
var ciphertextWords = sjcl.codec.base64.toBits(ciphertext);
var blockCipher = new sjcl.cipher.aes(keyWords);
var decrypted = sjcl.mode.gcm.decrypt(blockCipher, ciphertextWords, ivWords, adata, tlen);
var pt = sjcl.codec.utf8String.fromBits(decrypted);
return pt;
};
};

View File

@ -1,249 +1,245 @@
(function() { /**
* High level crypto api that invokes native crypto (if available) and
* gracefully degrades to JS crypto (if unavailable)
*/
app.crypto.Crypto = function(window, util) {
'use strict'; 'use strict';
var symmetricUserKey, // the user's secret key used to encrypt item-keys
aes = new app.crypto.AesCCM(); // use authenticated AES-CCM mode by default
/** /**
* High level crypto api that invokes native crypto (if available) and * Initializes the crypto modules by fetching the user's
* gracefully degrades to JS crypto (if unavailable) * encrypted secret key from storage and storing it in memory.
*/ */
app.crypto.Crypto = function(window, util) { this.init = function(emailAddress, password, keySize, ivSize, callback) {
this.emailAddress = emailAddress;
this.keySize = keySize;
this.ivSize = ivSize;
var symmetricUserKey, // the user's secret key used to encrypt item-keys // derive PBKDF2 from password in web worker thread
aes = new app.crypto.AesCCM(); // use authenticated AES-CCM mode by default this.deriveKey(password, keySize, function(pbkdf2) {
/** // fetch user's encrypted secret key from keychain/storage
* Initializes the crypto modules by fetching the user's var keyStore = new app.dao.LocalStorageDAO(window);
* encrypted secret key from storage and storing it in memory. var storageId = emailAddress + '_encryptedSymmetricKey';
*/ var encryptedKey = keyStore.read(storageId);
this.init = function(emailAddress, password, keySize, ivSize, callback) {
this.emailAddress = emailAddress;
this.keySize = keySize;
this.ivSize = ivSize;
// derive PBKDF2 from password in web worker thread // check if key exists
this.deriveKey(password, keySize, function(pbkdf2) { if (!encryptedKey) {
// generate key, encrypt and persist if none exists
// fetch user's encrypted secret key from keychain/storage symmetricUserKey = util.random(keySize);
var keyStore = new app.dao.LocalStorageDAO(window); var iv = util.random(ivSize);
var storageId = emailAddress + '_encryptedSymmetricKey'; var key = aes.encrypt(symmetricUserKey, pbkdf2, iv);
var encryptedKey = keyStore.read(storageId); keyStore.persist(storageId, {
// check if key exists
if (!encryptedKey) {
// generate key, encrypt and persist if none exists
symmetricUserKey = util.random(keySize);
var iv = util.random(ivSize);
var key = aes.encrypt(symmetricUserKey, pbkdf2, iv);
keyStore.persist(storageId, {
key: key,
iv: iv
});
} else {
// decrypt key
symmetricUserKey = aes.decrypt(encryptedKey.key, pbkdf2, encryptedKey.iv);
}
callback();
});
};
/**
* Do PBKDF2 key derivation in a WebWorker thread
*/
this.deriveKey = function(password, keySize, callback) {
// check for WebWorker support
if (window.Worker) {
// init webworker thread
var worker = new Worker(app.config.workerPath + '/crypto/pbkdf2-worker.js');
worker.addEventListener('message', function(e) {
// return derived key from the worker
callback(e.data);
}, false);
// send plaintext data to the worker
worker.postMessage({
password: password,
keySize: keySize
});
} else {
// no WebWorker support... do synchronous call
var pbkdf2 = new app.crypto.PBKDF2();
var key = pbkdf2.getKey(password, keySize);
callback(key);
}
};
//
// En/Decrypts single item
//
this.aesEncrypt = function(plaintext, key, iv, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'encrypt',
plaintext: plaintext,
key: key, key: key,
iv: iv iv: iv
}); });
} else { } else {
var ct = this.aesEncryptSync(plaintext, key, iv); // decrypt key
callback(ct); symmetricUserKey = aes.decrypt(encryptedKey.key, pbkdf2, encryptedKey.iv);
}
};
this.aesDecrypt = function(ciphertext, key, iv, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'decrypt',
ciphertext: ciphertext,
key: key,
iv: iv
});
} else {
var pt = this.aesDecryptSync(ciphertext, key, iv);
callback(pt);
}
};
this.aesEncryptSync = function(plaintext, key, iv) {
return aes.encrypt(plaintext, key, iv);
};
this.aesDecryptSync = function(ciphertext, key, iv) {
return aes.decrypt(ciphertext, key, iv);
};
//
// En/Decrypt a list of items with AES in a WebWorker thread
//
this.aesEncryptList = function(list, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-batch-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'encrypt',
list: list
});
} else {
var encryptedList = util.encryptList(aes, list);
callback(encryptedList);
}
};
this.aesDecryptList = function(list, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-batch-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'decrypt',
list: list
});
} else {
var decryptedList = util.decryptList(aes, list);
callback(decryptedList);
}
};
//
// En/Decrypt something speficially using the user's secret key
//
this.aesEncryptForUser = function(plaintext, iv, callback) {
var ciphertext = aes.encrypt(plaintext, symmetricUserKey, iv);
callback(ciphertext);
};
this.aesDecryptForUser = function(ciphertext, iv, callback) {
var decrypted = aes.decrypt(ciphertext, symmetricUserKey, iv);
callback(decrypted);
};
this.aesEncryptForUserSync = function(plaintext, iv) {
return aes.encrypt(plaintext, symmetricUserKey, iv);
};
this.aesDecryptForUserSync = function(ciphertext, iv) {
return aes.decrypt(ciphertext, symmetricUserKey, iv);
};
this.aesEncryptListForUser = function(list, callback) {
var i, envelope, envelopes = [],
self = this;
// package objects into batchable envelope format
for (i = 0; i < list.length; i++) {
envelope = {
id: list[i].id,
plaintext: list[i],
key: util.random(self.keySize),
iv: util.random(self.ivSize)
};
envelopes.push(envelope);
} }
// encrypt list callback();
this.aesEncryptList(envelopes, function(encryptedList) { });
// encrypt keys for user
for (i = 0; i < encryptedList.length; i++) {
// process new values
encryptedList[i].itemIV = encryptedList[i].iv;
encryptedList[i].keyIV = util.random(self.ivSize);
encryptedList[i].encryptedKey = self.aesEncryptForUserSync(encryptedList[i].key, encryptedList[i].keyIV);
// delete old ones
delete encryptedList[i].iv;
delete encryptedList[i].key;
}
callback(encryptedList);
});
};
this.aesDecryptListForUser = function(encryptedList, callback) {
var i, list = [];
// decrypt keys for user
for (i = 0; i < encryptedList.length; i++) {
// decrypt item key
encryptedList[i].key = this.aesDecryptForUserSync(encryptedList[i].encryptedKey, encryptedList[i].keyIV);
encryptedList[i].iv = encryptedList[i].itemIV;
// delete old values
delete encryptedList[i].keyIV;
delete encryptedList[i].itemIV;
delete encryptedList[i].encryptedKey;
}
// decrypt list
this.aesDecryptList(encryptedList, function(decryptedList) {
// add plaintext to list
for (i = 0; i < decryptedList.length; i++) {
list.push(decryptedList[i].plaintext);
}
callback(list);
});
};
}; };
}()); /**
* Do PBKDF2 key derivation in a WebWorker thread
*/
this.deriveKey = function(password, keySize, callback) {
// check for WebWorker support
if (window.Worker) {
// init webworker thread
var worker = new Worker(app.config.workerPath + '/crypto/pbkdf2-worker.js');
worker.addEventListener('message', function(e) {
// return derived key from the worker
callback(e.data);
}, false);
// send plaintext data to the worker
worker.postMessage({
password: password,
keySize: keySize
});
} else {
// no WebWorker support... do synchronous call
var pbkdf2 = new app.crypto.PBKDF2();
var key = pbkdf2.getKey(password, keySize);
callback(key);
}
};
//
// En/Decrypts single item
//
this.aesEncrypt = function(plaintext, key, iv, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'encrypt',
plaintext: plaintext,
key: key,
iv: iv
});
} else {
var ct = this.aesEncryptSync(plaintext, key, iv);
callback(ct);
}
};
this.aesDecrypt = function(ciphertext, key, iv, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'decrypt',
ciphertext: ciphertext,
key: key,
iv: iv
});
} else {
var pt = this.aesDecryptSync(ciphertext, key, iv);
callback(pt);
}
};
this.aesEncryptSync = function(plaintext, key, iv) {
return aes.encrypt(plaintext, key, iv);
};
this.aesDecryptSync = function(ciphertext, key, iv) {
return aes.decrypt(ciphertext, key, iv);
};
//
// En/Decrypt a list of items with AES in a WebWorker thread
//
this.aesEncryptList = function(list, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-batch-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'encrypt',
list: list
});
} else {
var encryptedList = util.encryptList(aes, list);
callback(encryptedList);
}
};
this.aesDecryptList = function(list, callback) {
if (window.Worker) {
var worker = new Worker(app.config.workerPath + '/crypto/aes-batch-worker.js');
worker.addEventListener('message', function(e) {
callback(e.data);
}, false);
worker.postMessage({
type: 'decrypt',
list: list
});
} else {
var decryptedList = util.decryptList(aes, list);
callback(decryptedList);
}
};
//
// En/Decrypt something speficially using the user's secret key
//
this.aesEncryptForUser = function(plaintext, iv, callback) {
var ciphertext = aes.encrypt(plaintext, symmetricUserKey, iv);
callback(ciphertext);
};
this.aesDecryptForUser = function(ciphertext, iv, callback) {
var decrypted = aes.decrypt(ciphertext, symmetricUserKey, iv);
callback(decrypted);
};
this.aesEncryptForUserSync = function(plaintext, iv) {
return aes.encrypt(plaintext, symmetricUserKey, iv);
};
this.aesDecryptForUserSync = function(ciphertext, iv) {
return aes.decrypt(ciphertext, symmetricUserKey, iv);
};
this.aesEncryptListForUser = function(list, callback) {
var i, envelope, envelopes = [],
self = this;
// package objects into batchable envelope format
for (i = 0; i < list.length; i++) {
envelope = {
id: list[i].id,
plaintext: list[i],
key: util.random(self.keySize),
iv: util.random(self.ivSize)
};
envelopes.push(envelope);
}
// encrypt list
this.aesEncryptList(envelopes, function(encryptedList) {
// encrypt keys for user
for (i = 0; i < encryptedList.length; i++) {
// process new values
encryptedList[i].itemIV = encryptedList[i].iv;
encryptedList[i].keyIV = util.random(self.ivSize);
encryptedList[i].encryptedKey = self.aesEncryptForUserSync(encryptedList[i].key, encryptedList[i].keyIV);
// delete old ones
delete encryptedList[i].iv;
delete encryptedList[i].key;
}
callback(encryptedList);
});
};
this.aesDecryptListForUser = function(encryptedList, callback) {
var i, list = [];
// decrypt keys for user
for (i = 0; i < encryptedList.length; i++) {
// decrypt item key
encryptedList[i].key = this.aesDecryptForUserSync(encryptedList[i].encryptedKey, encryptedList[i].keyIV);
encryptedList[i].iv = encryptedList[i].itemIV;
// delete old values
delete encryptedList[i].keyIV;
delete encryptedList[i].itemIV;
delete encryptedList[i].encryptedKey;
}
// decrypt list
this.aesDecryptList(encryptedList, function(decryptedList) {
// add plaintext to list
for (i = 0; i < decryptedList.length; i++) {
list.push(decryptedList[i].plaintext);
}
callback(list);
});
};
};

View File

@ -1,28 +1,24 @@
(function() { /**
* A Wrapper for Crypto.js's PBKDF2 function
*/
app.crypto.PBKDF2 = function() {
'use strict'; 'use strict';
/** /**
* A Wrapper for Crypto.js's PBKDF2 function * PBKDF2-HMAC-SHA1 key derivation with a constant salt and 1000 iterations
* @param password [String] The password in UTF8
* @param keySize [Number] The key size in bits
* @return [String] The base64 encoded key
*/ */
app.crypto.PBKDF2 = function() { this.getKey = function(password, keySize) {
var salt = CryptoJS.enc.Base64.parse("vbhmLjC+Ub6MSbhS6/CkOwxB25wvwRkSLP2DzDtYb+4="); // from random 256 bit value
/** var key = CryptoJS.PBKDF2(password, salt, {
* PBKDF2-HMAC-SHA1 key derivation with a constant salt and 1000 iterations keySize: keySize / 32,
* @param password [String] The password in UTF8 iterations: 1000
* @param keySize [Number] The key size in bits });
* @return [String] The base64 encoded key var keyBase64 = CryptoJS.enc.Base64.stringify(key);
*/
this.getKey = function(password, keySize) {
var salt = CryptoJS.enc.Base64.parse("vbhmLjC+Ub6MSbhS6/CkOwxB25wvwRkSLP2DzDtYb+4="); // from random 256 bit value
var key = CryptoJS.PBKDF2(password, salt, {
keySize: keySize / 32,
iterations: 1000
});
var keyBase64 = CryptoJS.enc.Base64.stringify(key);
return keyBase64;
};
return keyBase64;
}; };
}()); };

View File

@ -1,342 +1,338 @@
(function() { /**
* A wrapper for asymmetric OpenPGP encryption logic
*/
app.crypto.PGP = function(window, openpgp, util, server) {
'use strict'; 'use strict';
var self = this,
privateKey, // user's private key
publicKey, // user's public key
passphrase; // user's passphrase used for decryption
openpgp.init(); // initialize OpenPGP.js
//
// Key management
//
/** /**
* A wrapper for asymmetric OpenPGP encryption logic * Check if user already has a public key on the server and if not,
* generate a new keypait for the user
*/ */
app.crypto.PGP = function(window, openpgp, util, server) { self.initKeyPair = function(loginInfo, callback, displayCallback, finishCallback) {
// check if user already has a keypair in local storage
if (loginInfo.publicKeyId) {
// decode base 64 key ID
var keyId = window.atob(loginInfo.publicKeyId);
// read the user's keys from local storage
callback(keyId);
var self = this, } else {
privateKey, // user's private key // user has no key pair yet
publicKey, // user's public key displayCallback(function() {
passphrase; // user's passphrase used for decryption // generate new key pair with 2048 bit RSA keys
var keys = self.generateKeys(2048);
var keyId = keys.privateKey.getKeyId();
openpgp.init(); // initialize OpenPGP.js // display finish
finishCallback(keyId);
//
// Key management
//
/**
* Check if user already has a public key on the server and if not,
* generate a new keypait for the user
*/
self.initKeyPair = function(loginInfo, callback, displayCallback, finishCallback) {
// check if user already has a keypair in local storage
if (loginInfo.publicKeyId) {
// decode base 64 key ID
var keyId = window.atob(loginInfo.publicKeyId);
// read the user's keys from local storage // read the user's keys from local storage
callback(keyId); callback(keyId);
});
}
};
} else { /**
// user has no key pair yet * Generate a key pair for the user
displayCallback(function() { * @param numBits [int] number of bits for the key creation. (should be 1024+, generally)
// generate new key pair with 2048 bit RSA keys * @email [string] user's email address
var keys = self.generateKeys(2048); * @pass [string] a passphrase used to protect the private key
var keyId = keys.privateKey.getKeyId(); */
self.generateKeys = function(numBits) {
// check passphrase
if (!passphrase && passphrase !== '') {
throw 'No passphrase set!';
}
// display finish var userId = 'SafeWith.me User <anonymous@dunno.com>';
finishCallback(keyId); var keys = openpgp.generate_key_pair(1, numBits, userId, passphrase); // keytype 1=RSA
// read the user's keys from local storage
callback(keyId); self.importKeys(keys.publicKeyArmored, keys.privateKeyArmored);
});
} return keys;
};
/**
* Import the users key into the HTML5 local storage
*/
self.importKeys = function(publicKeyArmored, privateKeyArmored) {
// check passphrase
if (!passphrase && passphrase !== '') {
throw 'No passphrase set!';
}
// store keys in html5 local storage
openpgp.keyring.importPrivateKey(privateKeyArmored, passphrase);
openpgp.keyring.importPublicKey(publicKeyArmored);
openpgp.keyring.store();
};
/**
* Export the keys by using the HTML5 FileWriter
*/
self.exportKeys = function(callback) {
// build blob
var buf = util.binStr2ArrBuf(publicKey.armored + privateKey.armored);
var blob = util.arrBuf2Blob(buf, 'text/plain');
// create url
util.createUrl(undefined, blob, callback);
};
/**
* Read the users keys from the browser's HTML5 local storage
* @email [string] user's email address
* @keyId [string] the public key ID in unicode (not base 64)
*/
self.readKeys = function(keyId, callback, errorCallback) {
// read keys from keyring (local storage)
var privKeyQuery = openpgp.keyring.getPrivateKeyForKeyId(keyId)[0];
if (privKeyQuery) {
privateKey = privKeyQuery.key;
}
publicKey = openpgp.keyring.getPublicKeysForKeyId(keyId)[0];
// check keys
if (!publicKey || !privateKey || (publicKey.keyId !== privateKey.keyId)) {
// no amtching keys found in the key store
return false;
}
// read passphrase from local storage if no passphrase is specified
if (!passphrase && passphrase !== '') {
passphrase = window.sessionStorage.getItem(window.btoa(keyId) + 'Passphrase');
}
// check passphrase
if (!passphrase && passphrase !== '') {
return false;
}
// do test encrypt/decrypt to verify passphrase
try {
var testCt = self.asymmetricEncrypt('test');
self.asymmetricDecrypt(testCt);
} catch (e) {
return false;
}
return true;
};
/**
* Generate a new key pair for the user and persist the public key on the server
*/
self.syncKeysToServer = function(email, callback) {
// base64 encode key ID
var keyId = publicKey.keyId;
var encodedKeyId = window.btoa(keyId);
var pubKey = {
keyId: encodedKeyId,
ownerEmail: email,
asciiArmored: publicKey.armored
};
var privKey = {
keyId: encodedKeyId,
ownerEmail: email,
asciiArmored: privateKey.armored
}; };
/** var jsonPublicKey = JSON.stringify(pubKey);
* Generate a key pair for the user var jsonPrivateKey = JSON.stringify(privKey);
* @param numBits [int] number of bits for the key creation. (should be 1024+, generally)
* @email [string] user's email address // first upload public key
* @pass [string] a passphrase used to protect the private key server.xhr({
*/ type: 'POST',
self.generateKeys = function(numBits) { uri: '/ws/publicKeys',
// check passphrase contentType: 'application/json',
if (!passphrase && passphrase !== '') { expected: 201,
throw 'No passphrase set!'; body: jsonPublicKey,
success: function(resp) {
uploadPrivateKeys();
},
error: function(e) {
// if server is not available, just continue
// and read the user's keys from local storage
console.log('Server unavailable: keys were not synced to server!');
callback(keyId);
} }
});
var userId = 'SafeWith.me User <anonymous@dunno.com>'; // then upload private key
var keys = openpgp.generate_key_pair(1, numBits, userId, passphrase); // keytype 1=RSA
self.importKeys(keys.publicKeyArmored, keys.privateKeyArmored); function uploadPrivateKeys() {
return keys;
};
/**
* Import the users key into the HTML5 local storage
*/
self.importKeys = function(publicKeyArmored, privateKeyArmored) {
// check passphrase
if (!passphrase && passphrase !== '') {
throw 'No passphrase set!';
}
// store keys in html5 local storage
openpgp.keyring.importPrivateKey(privateKeyArmored, passphrase);
openpgp.keyring.importPublicKey(publicKeyArmored);
openpgp.keyring.store();
};
/**
* Export the keys by using the HTML5 FileWriter
*/
self.exportKeys = function(callback) {
// build blob
var buf = util.binStr2ArrBuf(publicKey.armored + privateKey.armored);
var blob = util.arrBuf2Blob(buf, 'text/plain');
// create url
util.createUrl(undefined, blob, callback);
};
/**
* Read the users keys from the browser's HTML5 local storage
* @email [string] user's email address
* @keyId [string] the public key ID in unicode (not base 64)
*/
self.readKeys = function(keyId, callback, errorCallback) {
// read keys from keyring (local storage)
var privKeyQuery = openpgp.keyring.getPrivateKeyForKeyId(keyId)[0];
if (privKeyQuery) {
privateKey = privKeyQuery.key;
}
publicKey = openpgp.keyring.getPublicKeysForKeyId(keyId)[0];
// check keys
if (!publicKey || !privateKey || (publicKey.keyId !== privateKey.keyId)) {
// no amtching keys found in the key store
return false;
}
// read passphrase from local storage if no passphrase is specified
if (!passphrase && passphrase !== '') {
passphrase = window.sessionStorage.getItem(window.btoa(keyId) + 'Passphrase');
}
// check passphrase
if (!passphrase && passphrase !== '') {
return false;
}
// do test encrypt/decrypt to verify passphrase
try {
var testCt = self.asymmetricEncrypt('test');
self.asymmetricDecrypt(testCt);
} catch (e) {
return false;
}
return true;
};
/**
* Generate a new key pair for the user and persist the public key on the server
*/
self.syncKeysToServer = function(email, callback) {
// base64 encode key ID
var keyId = publicKey.keyId;
var encodedKeyId = window.btoa(keyId);
var pubKey = {
keyId: encodedKeyId,
ownerEmail: email,
asciiArmored: publicKey.armored
};
var privKey = {
keyId: encodedKeyId,
ownerEmail: email,
asciiArmored: privateKey.armored
};
var jsonPublicKey = JSON.stringify(pubKey);
var jsonPrivateKey = JSON.stringify(privKey);
// first upload public key
server.xhr({ server.xhr({
type: 'POST', type: 'POST',
uri: '/ws/publicKeys', uri: '/ws/privateKeys',
contentType: 'application/json', contentType: 'application/json',
expected: 201, expected: 201,
body: jsonPublicKey, body: jsonPrivateKey,
success: function(resp) { success: function(resp) {
uploadPrivateKeys(); // read the user's keys from local storage
},
error: function(e) {
// if server is not available, just continue
// and read the user's keys from local storage
console.log('Server unavailable: keys were not synced to server!');
callback(keyId); callback(keyId);
} }
}); });
}
};
// then upload private key /**
* Get the keypair from the server and import them into localstorage
*/
self.fetchKeys = function(email, keyId, callback, errCallback) {
var base64Key = window.btoa(keyId);
var encodedKeyId = encodeURIComponent(base64Key);
function uploadPrivateKeys() { // get public key
server.xhr({ server.xhr({
type: 'POST', type: 'GET',
uri: '/ws/privateKeys', uri: '/ws/publicKeys?keyId=' + encodedKeyId,
contentType: 'application/json', expected: 200,
expected: 201, success: function(pubKey) {
body: jsonPrivateKey, getPrivateKey(pubKey);
success: function(resp) { },
// read the user's keys from local storage error: function(e) {
callback(keyId); // if server is not available, just continue
} console.log('Server unavailable: keys could not be fetched from server!');
}); errCallback(e);
} }
}; });
/** // get private key
* Get the keypair from the server and import them into localstorage
*/
self.fetchKeys = function(email, keyId, callback, errCallback) {
var base64Key = window.btoa(keyId);
var encodedKeyId = encodeURIComponent(base64Key);
// get public key function getPrivateKey(pubKey) {
server.xhr({ server.xhr({
type: 'GET', type: 'GET',
uri: '/ws/publicKeys?keyId=' + encodedKeyId, uri: '/ws/privateKeys?keyId=' + encodedKeyId,
expected: 200, expected: 200,
success: function(pubKey) { success: function(privKey) {
getPrivateKey(pubKey); // import keys
}, self.importKeys(pubKey.asciiArmored, privKey.asciiArmored, email);
error: function(e) { callback({
// if server is not available, just continue privateKey: privKey,
console.log('Server unavailable: keys could not be fetched from server!'); publicKey: pubKey
errCallback(e); });
} }
}); });
}
};
// get private key /**
* Get the current user's private key
*/
self.getPrivateKey = function() {
if (!privateKey) {
return undefined;
}
return privateKey.armored;
};
function getPrivateKey(pubKey) { /**
server.xhr({ * Get the current user's public key
type: 'GET', */
uri: '/ws/privateKeys?keyId=' + encodedKeyId, self.getPublicKey = function() {
expected: 200, if (!publicKey) {
success: function(privKey) { return undefined;
// import keys }
self.importKeys(pubKey.asciiArmored, privKey.asciiArmored, email); return publicKey.armored;
callback({ };
privateKey: privKey,
publicKey: pubKey /**
}); * Get the current user's base64 encoded public key ID
} */
}); self.getPublicKeyIdBase64 = function() {
return window.btoa(publicKey.keyId);
};
/**
* Get the user's passphrase for decrypting their private key
*/
self.setPassphrase = function(pass) {
passphrase = pass;
};
/**
* Store the passphrase for the current session
*/
self.rememberPassphrase = function(keyId) {
var base64KeyId = window.btoa(keyId);
window.sessionStorage.setItem(base64KeyId + 'Passphrase', passphrase);
};
//
// Asymmetric crypto
//
/**
* Encrypt a string
* @param customPubKey [PublicKey] (optional) another user's public key for sharing
*/
self.asymmetricEncrypt = function(plaintext, customPubKey) {
var pub_key = null;
if (customPubKey) {
// use a custom set public for e.g. or sharing
pub_key = openpgp.read_publicKey(customPubKey);
} else {
// use the user's local public key
pub_key = openpgp.read_publicKey(publicKey.armored);
}
var ciphertext = openpgp.write_encrypted_message(pub_key, window.btoa(plaintext));
return ciphertext;
};
/**
* Decrypt a string
*/
self.asymmetricDecrypt = function(ciphertext) {
var priv_key = openpgp.read_privateKey(privateKey.armored);
var msg = openpgp.read_message(ciphertext);
var keymat = null;
var sesskey = null;
// Find the private (sub)key for the session key of the message
for (var i = 0; i < msg[0].sessionKeys.length; i++) {
if (priv_key[0].privateKeyPacket.publicKey.getKeyId() == msg[0].sessionKeys[i].keyId.bytes) {
keymat = {
key: priv_key[0],
keymaterial: priv_key[0].privateKeyPacket
};
sesskey = msg[0].sessionKeys[i];
break;
} }
}; for (var j = 0; j < priv_key[0].subKeys.length; j++) {
if (priv_key[0].subKeys[j].publicKey.getKeyId() == msg[0].sessionKeys[i].keyId.bytes) {
/**
* Get the current user's private key
*/
self.getPrivateKey = function() {
if (!privateKey) {
return undefined;
}
return privateKey.armored;
};
/**
* Get the current user's public key
*/
self.getPublicKey = function() {
if (!publicKey) {
return undefined;
}
return publicKey.armored;
};
/**
* Get the current user's base64 encoded public key ID
*/
self.getPublicKeyIdBase64 = function() {
return window.btoa(publicKey.keyId);
};
/**
* Get the user's passphrase for decrypting their private key
*/
self.setPassphrase = function(pass) {
passphrase = pass;
};
/**
* Store the passphrase for the current session
*/
self.rememberPassphrase = function(keyId) {
var base64KeyId = window.btoa(keyId);
window.sessionStorage.setItem(base64KeyId + 'Passphrase', passphrase);
};
//
// Asymmetric crypto
//
/**
* Encrypt a string
* @param customPubKey [PublicKey] (optional) another user's public key for sharing
*/
self.asymmetricEncrypt = function(plaintext, customPubKey) {
var pub_key = null;
if (customPubKey) {
// use a custom set public for e.g. or sharing
pub_key = openpgp.read_publicKey(customPubKey);
} else {
// use the user's local public key
pub_key = openpgp.read_publicKey(publicKey.armored);
}
var ciphertext = openpgp.write_encrypted_message(pub_key, window.btoa(plaintext));
return ciphertext;
};
/**
* Decrypt a string
*/
self.asymmetricDecrypt = function(ciphertext) {
var priv_key = openpgp.read_privateKey(privateKey.armored);
var msg = openpgp.read_message(ciphertext);
var keymat = null;
var sesskey = null;
// Find the private (sub)key for the session key of the message
for (var i = 0; i < msg[0].sessionKeys.length; i++) {
if (priv_key[0].privateKeyPacket.publicKey.getKeyId() == msg[0].sessionKeys[i].keyId.bytes) {
keymat = { keymat = {
key: priv_key[0], key: priv_key[0],
keymaterial: priv_key[0].privateKeyPacket keymaterial: priv_key[0].subKeys[j]
}; };
sesskey = msg[0].sessionKeys[i]; sesskey = msg[0].sessionKeys[i];
break; break;
} }
for (var j = 0; j < priv_key[0].subKeys.length; j++) {
if (priv_key[0].subKeys[j].publicKey.getKeyId() == msg[0].sessionKeys[i].keyId.bytes) {
keymat = {
key: priv_key[0],
keymaterial: priv_key[0].subKeys[j]
};
sesskey = msg[0].sessionKeys[i];
break;
}
}
} }
if (keymat !== null) { }
if (!keymat.keymaterial.decryptSecretMPIs(passphrase)) { if (keymat !== null) {
throw "Passphrase for secrect key was incorrect!"; if (!keymat.keymaterial.decryptSecretMPIs(passphrase)) {
} throw "Passphrase for secrect key was incorrect!";
var decrypted = msg[0].decrypt(keymat, sesskey);
return window.atob(decrypted);
} else {
throw "No private key found!";
} }
};
var decrypted = msg[0].decrypt(keymat, sesskey);
return window.atob(decrypted);
} else {
throw "No private key found!";
}
}; };
}()); };
/** /**
* This function needs to be implemented, since it is used by the openpgp utils * This function needs to be implemented, since it is used by the openpgp utils

View File

@ -1,168 +1,167 @@
(function() { /**
* Various utitity methods for crypto, encoding & decoding
*/
app.crypto.Util = function(window, uuid) {
'use strict'; 'use strict';
app.crypto.Util = function(window, uuid) { /**
* Generates a new RFC 4122 version 4 compliant random UUID
/** */
* Generates a new RFC 4122 version 4 compliant random UUID this.UUID = function() {
*/ return uuid.v4();
this.UUID = function() {
return uuid.v4();
};
/**
* Generates a cryptographically secure random base64-encoded key or IV
* @param keySize [Number] The size of the key in bits (e.g. 128, 256)
* @return [String] The base64 encoded key/IV
*/
this.random = function(keySize) {
var keyBase64, keyBuf;
if (window.crypto && window.crypto.getRandomValues) {
keyBuf = new Uint8Array(keySize / 8);
window.crypto.getRandomValues(keyBuf);
keyBase64 = window.btoa(this.uint8Arr2BinStr(keyBuf));
} else {
sjcl.random.addEntropy((new Date()).valueOf(), 2, "calltime");
keyBuf = sjcl.random.randomWords(keySize / 32, 0);
keyBase64 = sjcl.codec.base64.fromBits(keyBuf);
}
return keyBase64;
};
/**
* Encrypt a list of items
* @param aes [Object] The object implementing the aes mode
* @list list [Array] The list of items to encrypt
*/
this.encryptList = function(aes, list) {
var i, json, ct, outList = [];
for (i = 0; i < list.length; i++) {
// stringify to JSON before encryption
json = JSON.stringify(list[i].plaintext);
ct = aes.encrypt(json, list[i].key, list[i].iv);
outList.push({
id: list[i].id,
ciphertext: ct,
key: list[i].key,
iv: list[i].iv
});
}
return outList;
};
/**
* Decrypt a list of items
* @param aes [Object] The object implementing the aes mode
* @list list [Array] The list of items to decrypt
*/
this.decryptList = function(aes, list) {
var i, json, pt, outList = [];
for (i = 0; i < list.length; i++) {
// decrypt JSON and parse to object literal
json = aes.decrypt(list[i].ciphertext, list[i].key, list[i].iv);
pt = JSON.parse(json);
outList.push({
id: list[i].id,
plaintext: pt,
key: list[i].key,
iv: list[i].iv
});
}
return outList;
};
/**
* Parse a date string with the following format "1900-01-31 18:17:53"
*/
this.parseDate = function(str) {
var parts = str.match(/(\d+)/g);
return new Date(parts[0], parts[1] - 1, parts[2], parts[3], parts[4], parts[5]);
};
/**
* Converts a binary String (e.g. from the FileReader Api) to an ArrayBuffer
* @param str [String] a binary string with integer values (0..255) per character
* @return [ArrayBuffer]
*/
this.binStr2ArrBuf = function(str) {
var b = new ArrayBuffer(str.length);
var buf = new Uint8Array(b);
for (var i = 0; i < b.byteLength; i++) {
buf[i] = str.charCodeAt(i);
}
return b;
};
/**
* Creates a Blob from an ArrayBuffer using the BlobBuilder Api
* @param str [String] a binary string with integer values (0..255) per character
* @return [ArrayBuffer] either a data url or a filesystem url
*/
this.arrBuf2Blob = function(buf, mimeType) {
var b = new Uint8Array(buf);
var blob = new Blob([b], {
type: mimeType
});
return blob;
};
/**
* Creates a binary String from a Blob using the FileReader Api
* @param blob [Blob/File] a blob containing the the binary data
* @return [String] a binary string with integer values (0..255) per character
*/
this.blob2BinStr = function(blob, callback) {
var reader = new FileReader();
reader.onload = function(event) {
callback(event.target.result);
};
reader.readAsBinaryString(blob);
};
/**
* Converts an ArrayBuffer to a binary String. This is a slower alternative to
* conversion with arrBuf2Blob -> blob2BinStr, since these use native apis,
* but it can be used on browsers without the BlodBuilder Api
* @param buf [ArrayBuffer]
* @return [String] a binary string with integer values (0..255) per character
*/
this.arrBuf2BinStr = function(buf) {
var b = new Uint8Array(buf);
var str = '';
for (var i = 0; i < b.byteLength; i++) {
str += String.fromCharCode(b[i]);
}
return str;
};
/**
* Converts a UInt8Array to a binary String.
* @param buf [UInt8Array]
* @return [String] a binary string with integer values (0..255) per character
*/
this.uint8Arr2BinStr = function(buf) {
var str = '';
for (var i = 0; i < buf.byteLength; i++) {
str += String.fromCharCode(buf[i]);
}
return str;
};
}; };
}()); /**
* Generates a cryptographically secure random base64-encoded key or IV
* @param keySize [Number] The size of the key in bits (e.g. 128, 256)
* @return [String] The base64 encoded key/IV
*/
this.random = function(keySize) {
var keyBase64, keyBuf;
if (window.crypto && window.crypto.getRandomValues) {
keyBuf = new Uint8Array(keySize / 8);
window.crypto.getRandomValues(keyBuf);
keyBase64 = window.btoa(this.uint8Arr2BinStr(keyBuf));
} else {
sjcl.random.addEntropy((new Date()).valueOf(), 2, "calltime");
keyBuf = sjcl.random.randomWords(keySize / 32, 0);
keyBase64 = sjcl.codec.base64.fromBits(keyBuf);
}
return keyBase64;
};
/**
* Encrypt a list of items
* @param aes [Object] The object implementing the aes mode
* @list list [Array] The list of items to encrypt
*/
this.encryptList = function(aes, list) {
var i, json, ct, outList = [];
for (i = 0; i < list.length; i++) {
// stringify to JSON before encryption
json = JSON.stringify(list[i].plaintext);
ct = aes.encrypt(json, list[i].key, list[i].iv);
outList.push({
id: list[i].id,
ciphertext: ct,
key: list[i].key,
iv: list[i].iv
});
}
return outList;
};
/**
* Decrypt a list of items
* @param aes [Object] The object implementing the aes mode
* @list list [Array] The list of items to decrypt
*/
this.decryptList = function(aes, list) {
var i, json, pt, outList = [];
for (i = 0; i < list.length; i++) {
// decrypt JSON and parse to object literal
json = aes.decrypt(list[i].ciphertext, list[i].key, list[i].iv);
pt = JSON.parse(json);
outList.push({
id: list[i].id,
plaintext: pt,
key: list[i].key,
iv: list[i].iv
});
}
return outList;
};
/**
* Parse a date string with the following format "1900-01-31 18:17:53"
*/
this.parseDate = function(str) {
var parts = str.match(/(\d+)/g);
return new Date(parts[0], parts[1] - 1, parts[2], parts[3], parts[4], parts[5]);
};
/**
* Converts a binary String (e.g. from the FileReader Api) to an ArrayBuffer
* @param str [String] a binary string with integer values (0..255) per character
* @return [ArrayBuffer]
*/
this.binStr2ArrBuf = function(str) {
var b = new ArrayBuffer(str.length);
var buf = new Uint8Array(b);
for (var i = 0; i < b.byteLength; i++) {
buf[i] = str.charCodeAt(i);
}
return b;
};
/**
* Creates a Blob from an ArrayBuffer using the BlobBuilder Api
* @param str [String] a binary string with integer values (0..255) per character
* @return [ArrayBuffer] either a data url or a filesystem url
*/
this.arrBuf2Blob = function(buf, mimeType) {
var b = new Uint8Array(buf);
var blob = new Blob([b], {
type: mimeType
});
return blob;
};
/**
* Creates a binary String from a Blob using the FileReader Api
* @param blob [Blob/File] a blob containing the the binary data
* @return [String] a binary string with integer values (0..255) per character
*/
this.blob2BinStr = function(blob, callback) {
var reader = new FileReader();
reader.onload = function(event) {
callback(event.target.result);
};
reader.readAsBinaryString(blob);
};
/**
* Converts an ArrayBuffer to a binary String. This is a slower alternative to
* conversion with arrBuf2Blob -> blob2BinStr, since these use native apis,
* but it can be used on browsers without the BlodBuilder Api
* @param buf [ArrayBuffer]
* @return [String] a binary string with integer values (0..255) per character
*/
this.arrBuf2BinStr = function(buf) {
var b = new Uint8Array(buf);
var str = '';
for (var i = 0; i < b.byteLength; i++) {
str += String.fromCharCode(b[i]);
}
return str;
};
/**
* Converts a UInt8Array to a binary String.
* @param buf [UInt8Array]
* @return [String] a binary string with integer values (0..255) per character
*/
this.uint8Arr2BinStr = function(buf) {
var str = '';
for (var i = 0; i < buf.byteLength; i++) {
str += String.fromCharCode(buf[i]);
}
return str;
};
};

View File

@ -1,131 +1,127 @@
(function() { /**
* High level storage api for handling syncing of data to
* and from the cloud.
*/
app.dao.CloudStorage = function(window, $) {
'use strict'; 'use strict';
/** /**
* High level storage api for handling syncing of data to * Lists the encrypted items
* and from the cloud. * @param type [String] The type of item e.g. 'email'
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/ */
app.dao.CloudStorage = function(window, $) { this.listEncryptedItems = function(type, emailAddress, folderName, callback) {
var folder, uri, self = this;
/** // fetch encrypted json objects from cloud service
* Lists the encrypted items uri = app.config.cloudUrl + '/' + type + '/user/' + emailAddress + '/folder/' + folderName;
* @param type [String] The type of item e.g. 'email' $.ajax({
* @param offset [Number] The offset of items to fetch (0 is the last stored item) url: uri,
* @param num [Number] The number of items to fetch (null means fetch all) type: 'GET',
*/ dataType: 'json',
this.listEncryptedItems = function(type, emailAddress, folderName, callback) { success: function(list) {
var folder, uri, self = this; callback(list);
},
error: function(xhr, textStatus, err) {
callback({
error: err,
status: textStatus
});
}
});
};
// fetch encrypted json objects from cloud service /**
uri = app.config.cloudUrl + '/' + type + '/user/' + emailAddress + '/folder/' + folderName; * Persist encrypted user key to cloud service
$.ajax({ */
url: uri, this.persistUserSecretKey = function(emailAddress, callback) {
type: 'GET', // fetch user's encrypted secret key from keychain/storage
dataType: 'json', var keyStore = new app.dao.LocalStorageDAO(window);
success: function(list) { var storageId = emailAddress + '_encryptedSymmetricKey';
callback(list); var encryptedKey = keyStore.read(storageId);
},
error: function(xhr, textStatus, err) { var payload = {
callback({ userId: emailAddress,
error: err, encryptedKey: encryptedKey.key,
status: textStatus keyIV: encryptedKey.iv
});
}
});
}; };
/** var uri = app.config.cloudUrl + '/keys/user/' + emailAddress;
* Persist encrypted user key to cloud service $.ajax({
*/ url: uri,
this.persistUserSecretKey = function(emailAddress, callback) { type: 'PUT',
// fetch user's encrypted secret key from keychain/storage data: JSON.stringify(payload),
var keyStore = new app.dao.LocalStorageDAO(window); contentType: 'application/json',
var storageId = emailAddress + '_encryptedSymmetricKey'; success: function() {
var encryptedKey = keyStore.read(storageId); callback();
},
error: function(xhr, textStatus, err) {
callback({
error: err,
status: textStatus
});
}
});
};
var payload = { /**
userId: emailAddress, * Get encrypted user key from cloud service
encryptedKey: encryptedKey.key, */
keyIV: encryptedKey.iv this.getUserSecretKey = function(emailAddress, callback, replaceCallback) {
}; // fetch user's encrypted secret key from keychain/storage
var self = this;
var keyStore = new app.dao.LocalStorageDAO(window);
var storageId = emailAddress + '_encryptedSymmetricKey';
var storedKey = keyStore.read(storageId);
var uri = app.config.cloudUrl + '/keys/user/' + emailAddress; var uri = app.config.cloudUrl + '/keys/user/' + emailAddress;
$.ajax({ $.ajax({
url: uri, url: uri,
type: 'PUT', type: 'GET',
data: JSON.stringify(payload), dataType: 'json',
contentType: 'application/json', success: function(fetchedKey) {
success: function() { if ((!storedKey || !storedKey.key) && fetchedKey && fetchedKey.encryptedKey && fetchedKey.keyIV) {
callback(); // no local key... persist fetched key
}, keyStore.persist(storageId, {
error: function(xhr, textStatus, err) { key: fetchedKey.encryptedKey,
callback({ iv: fetchedKey.keyIV
error: err,
status: textStatus
}); });
} replaceCallback();
});
};
/** } else if (storedKey && fetchedKey && (storedKey.key !== fetchedKey.encryptedKey || storedKey.iv !== fetchedKey.keyIV)) {
* Get encrypted user key from cloud service // local and fetched keys are not equal
*/ if (confirm('Swap local key?')) {
this.getUserSecretKey = function(emailAddress, callback, replaceCallback) { // replace local key with fetched key
// fetch user's encrypted secret key from keychain/storage
var self = this;
var keyStore = new app.dao.LocalStorageDAO(window);
var storageId = emailAddress + '_encryptedSymmetricKey';
var storedKey = keyStore.read(storageId);
var uri = app.config.cloudUrl + '/keys/user/' + emailAddress;
$.ajax({
url: uri,
type: 'GET',
dataType: 'json',
success: function(fetchedKey) {
if ((!storedKey || !storedKey.key) && fetchedKey && fetchedKey.encryptedKey && fetchedKey.keyIV) {
// no local key... persist fetched key
keyStore.persist(storageId, { keyStore.persist(storageId, {
key: fetchedKey.encryptedKey, key: fetchedKey.encryptedKey,
iv: fetchedKey.keyIV iv: fetchedKey.keyIV
}); });
replaceCallback(); replaceCallback();
} else if (storedKey && fetchedKey && (storedKey.key !== fetchedKey.encryptedKey || storedKey.iv !== fetchedKey.keyIV)) {
// local and fetched keys are not equal
if (confirm('Swap local key?')) {
// replace local key with fetched key
keyStore.persist(storageId, {
key: fetchedKey.encryptedKey,
iv: fetchedKey.keyIV
});
replaceCallback();
} else {
if (confirm('Swap cloud key?')) {
// upload local key to cloud
self.persistUserSecretKey(emailAddress, callback);
} else {
callback({
error: 'err',
status: 'Key not synced!'
});
}
}
} else { } else {
// local and cloud keys are equal or cloud key is null if (confirm('Swap cloud key?')) {
callback(); // upload local key to cloud
self.persistUserSecretKey(emailAddress, callback);
} else {
callback({
error: 'err',
status: 'Key not synced!'
});
}
} }
},
error: function(xhr, textStatus, err) {
callback({
error: err,
status: textStatus
});
}
});
};
} else {
// local and cloud keys are equal or cloud key is null
callback();
}
},
error: function(xhr, textStatus, err) {
callback({
error: err,
status: textStatus
});
}
});
}; };
}()); };

View File

@ -1,69 +1,65 @@
(function() { /**
* High level storage api that handles all persistence on the device. If
* SQLcipher/SQLite is available, all data is securely persisted there,
* through transparent encryption. If not, the crypto API is
* used to encrypt data on the fly before persisting via a JSON store.
*/
app.dao.DeviceStorage = function(util, crypto, jsonDao, sqlcipherDao) {
'use strict'; 'use strict';
/** /**
* High level storage api that handles all persistence on the device. If * Stores a list of encrypted items in the object store
* SQLcipher/SQLite is available, all data is securely persisted there, * @param list [Array] The list of items to be persisted
* through transparent encryption. If not, the crypto API is * @param type [String] The type of item to be persisted e.g. 'email'
* used to encrypt data on the fly before persisting via a JSON store.
*/ */
app.dao.DeviceStorage = function(util, crypto, jsonDao, sqlcipherDao) { this.storeEcryptedList = function(list, type, callback) {
var i, date, key, items = [];
/** // format items for batch storing in dao
* Stores a list of encrypted items in the object store for (i = 0; i < list.length; i++) {
* @param list [Array] The list of items to be persisted
* @param type [String] The type of item to be persisted e.g. 'email'
*/
this.storeEcryptedList = function(list, type, callback) {
var i, date, key, items = [];
// format items for batch storing in dao // put date in key if available... for easy querying
for (i = 0; i < list.length; i++) { if (list[i].sentDate) {
date = util.parseDate(list[i].sentDate);
// put date in key if available... for easy querying key = crypto.emailAddress + '_' + type + '_' + date.getTime() + '_' + list[i].id;
if (list[i].sentDate) { } else {
date = util.parseDate(list[i].sentDate); key = crypto.emailAddress + '_' + type + '_' + list[i].id;
key = crypto.emailAddress + '_' + type + '_' + date.getTime() + '_' + list[i].id;
} else {
key = crypto.emailAddress + '_' + type + '_' + list[i].id;
}
items.push({
key: key,
object: list[i]
});
} }
jsonDao.batch(items, function() { items.push({
callback(); key: key,
object: list[i]
}); });
}; }
/**
* Decrypts the stored items of a given type and returns them
* @param type [String] The type of item e.g. 'email'
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.listItems = function(type, offset, num, callback) {
// fetch all items of a certain type from the data-store
jsonDao.list(crypto.emailAddress + '_' + type, offset, num, function(encryptedList) {
// decrypt list
crypto.aesDecryptListForUser(encryptedList, function(decryptedList) {
callback(decryptedList);
});
});
};
/**
* Clear the whole device data-store
*/
this.clear = function(callback) {
jsonDao.clear(callback);
};
jsonDao.batch(items, function() {
callback();
});
}; };
}()); /**
* Decrypts the stored items of a given type and returns them
* @param type [String] The type of item e.g. 'email'
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.listItems = function(type, offset, num, callback) {
// fetch all items of a certain type from the data-store
jsonDao.list(crypto.emailAddress + '_' + type, offset, num, function(encryptedList) {
// decrypt list
crypto.aesDecryptListForUser(encryptedList, function(decryptedList) {
callback(decryptedList);
});
});
};
/**
* Clear the whole device data-store
*/
this.clear = function(callback) {
jsonDao.clear(callback);
};
};

View File

@ -1,121 +1,117 @@
(function() { /**
* A high-level Data-Access Api for handling Email synchronization
* between the cloud service and the device's local storage
*/
app.dao.EmailDAO = function(_, crypto, devicestorage, cloudstorage) {
'use strict'; 'use strict';
/** /**
* A high-level Data-Access Api for handling Email synchronization * Inits all dependencies
* between the cloud service and the device's local storage
*/ */
app.dao.EmailDAO = function(_, crypto, devicestorage, cloudstorage) { this.init = function(account, password, callback) {
this.account = account;
/** // sync user's cloud key with local storage
* Inits all dependencies cloudstorage.getUserSecretKey(account.get('emailAddress'), function(err) {
*/ if (err) {
this.init = function(account, password, callback) { console.log('Could not sync user key from server: ' + JSON.stringify(err));
this.account = account; }
// init crypto
initCrypto();
// sync user's cloud key with local storage }, function() {
cloudstorage.getUserSecretKey(account.get('emailAddress'), function(err) { // replaced local key with cloud key... whipe local storage
if (err) { devicestorage.clear(function() {
console.log('Could not sync user key from server: ' + JSON.stringify(err));
}
// init crypto
initCrypto(); initCrypto();
}, function() {
// replaced local key with cloud key... whipe local storage
devicestorage.clear(function() {
initCrypto();
});
}); });
});
function initCrypto() { function initCrypto() {
crypto.init(account.get('emailAddress'), password, account.get('symKeySize'), account.get('symIvSize'), function() { crypto.init(account.get('emailAddress'), password, account.get('symKeySize'), account.get('symIvSize'), function() {
callback(); callback();
});
}
};
/**
* Fetch an email with the following id
*/
this.getItem = function(folderName, itemId) {
var folder = this.account.get('folders').where({
name: folderName
})[0];
var mail = _.find(folder.get('items').models, function(email) {
return email.id + '' === itemId + '';
}); });
return mail; }
};
/**
* Fetch a list of emails from the device's local storage
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.listItems = function(folderName, offset, num, callback) {
var collection, folder, self = this;
// check if items are in memory already (account.folders model)
folder = this.account.get('folders').where({
name: folderName
})[0];
if (!folder) {
// get items from storage
devicestorage.listItems('email_' + folderName, offset, num, function(decryptedList) {
// parse to backbone model collection
collection = new app.model.EmailCollection(decryptedList);
// cache collection in folder memory
if (decryptedList.length > 0) {
folder = new app.model.Folder({
name: folderName
});
folder.set('items', collection);
self.account.get('folders').add(folder);
}
callback(collection);
});
} else {
// read items from memory
collection = folder.get('items');
callback(collection);
}
};
/**
* Synchronize a folder's items from the cloud to the device-storage
* @param folderName [String] The name of the folder e.g. 'inbox'
*/
this.syncFromCloud = function(folderName, callback) {
var folder, self = this;
cloudstorage.listEncryptedItems('email', this.account.get('emailAddress'), folderName, function(res) {
// return if an error occured or if fetched list from cloud storage is empty
if (!res || res.status || res.length === 0) {
callback(res); // error
return;
}
// TODO: remove old folder items from devicestorage
// persist encrypted list in device storage
devicestorage.storeEcryptedList(res, 'email_' + folderName, function() {
// remove cached folder in account model
folder = self.account.get('folders').where({
name: folderName
})[0];
if (folder) {
self.account.get('folders').remove(folder);
}
callback();
});
});
};
}; };
}()); /**
* Fetch an email with the following id
*/
this.getItem = function(folderName, itemId) {
var folder = this.account.get('folders').where({
name: folderName
})[0];
var mail = _.find(folder.get('items').models, function(email) {
return email.id + '' === itemId + '';
});
return mail;
};
/**
* Fetch a list of emails from the device's local storage
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.listItems = function(folderName, offset, num, callback) {
var collection, folder, self = this;
// check if items are in memory already (account.folders model)
folder = this.account.get('folders').where({
name: folderName
})[0];
if (!folder) {
// get items from storage
devicestorage.listItems('email_' + folderName, offset, num, function(decryptedList) {
// parse to backbone model collection
collection = new app.model.EmailCollection(decryptedList);
// cache collection in folder memory
if (decryptedList.length > 0) {
folder = new app.model.Folder({
name: folderName
});
folder.set('items', collection);
self.account.get('folders').add(folder);
}
callback(collection);
});
} else {
// read items from memory
collection = folder.get('items');
callback(collection);
}
};
/**
* Synchronize a folder's items from the cloud to the device-storage
* @param folderName [String] The name of the folder e.g. 'inbox'
*/
this.syncFromCloud = function(folderName, callback) {
var folder, self = this;
cloudstorage.listEncryptedItems('email', this.account.get('emailAddress'), folderName, function(res) {
// return if an error occured or if fetched list from cloud storage is empty
if (!res || res.status || res.length === 0) {
callback(res); // error
return;
}
// TODO: remove old folder items from devicestorage
// persist encrypted list in device storage
devicestorage.storeEcryptedList(res, 'email_' + folderName, function() {
// remove cached folder in account model
folder = self.account.get('folders').where({
name: folderName
})[0];
if (folder) {
self.account.get('folders').remove(folder);
}
callback();
});
});
};
};

View File

@ -1,119 +1,115 @@
(function() { /**
* Handles generic caching of JSON objects in a lawnchair adapter
*/
app.dao.LawnchairDAO = function(window) {
'use strict'; 'use strict';
var db = new Lawnchair({
name: 'data-store'
}, function() {});
/** /**
* Handles generic caching of JSON objects in a lawnchair adapter * Create or update an object
*/ */
app.dao.LawnchairDAO = function(window) { this.persist = function(key, object, callback) {
db.save({
var db = new Lawnchair({ key: key,
name: 'data-store' object: object
}, function() {}); }, callback);
/**
* Create or update an object
*/
this.persist = function(key, object, callback) {
db.save({
key: key,
object: object
}, callback);
};
/**
* Persist a bunch of items at once
*/
this.batch = function(list, callback) {
db.batch(list, callback);
};
/**
* Read a single item by its key
*/
this.read = function(key, callback) {
db.get(key, function(o) {
if (o) {
callback(o.object);
} else {
callback(null);
}
});
};
/**
* List all the items of a certain type
* @param type [String] The type of item e.g. 'email'
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.list = function(type, offset, num, callback) {
var i, list = [],
matchingKeys = [],
parts, timeStr, time;
// get all keys
db.keys(function(keys) {
// check if key begins with type
for (i = 0; i < keys.length; i++) {
if (keys[i].indexOf(type) === 0) {
matchingKeys.push(keys[i]);
}
}
// sort keys by type and date
matchingKeys = _.sortBy(matchingKeys, function(key) {
parts = key.split('_');
timeStr = parts[parts.length - 2];
time = parseInt(timeStr, 10);
return time;
});
// if num is null, list all items
num = (num !== null) ? num : matchingKeys.length;
// set window of items to fetch
if (offset + num < matchingKeys.length) {
matchingKeys = matchingKeys.splice(matchingKeys.length - offset - num, num);
} else if (offset + num >= matchingKeys.length && offset < matchingKeys.length) {
matchingKeys = matchingKeys.splice(0, matchingKeys.length - offset);
} else {
matchingKeys = [];
}
// return if there are no matching keys
if (matchingKeys.length === 0) {
callback(list);
return;
}
// fetch all items from data-store with matching key
db.get(matchingKeys, function(matchingList) {
for (i = 0; i < matchingList.length; i++) {
list.push(matchingList[i].object);
}
// return only the interval between offset and num
callback(list);
});
});
};
/**
* Removes an object liter from local storage by its key (delete)
*/
this.remove = function(key, callback) {
db.remove(key, callback);
};
/**
* Clears the whole local storage cache
*/
this.clear = function(callback) {
db.nuke(callback);
};
}; };
}()); /**
* Persist a bunch of items at once
*/
this.batch = function(list, callback) {
db.batch(list, callback);
};
/**
* Read a single item by its key
*/
this.read = function(key, callback) {
db.get(key, function(o) {
if (o) {
callback(o.object);
} else {
callback(null);
}
});
};
/**
* List all the items of a certain type
* @param type [String] The type of item e.g. 'email'
* @param offset [Number] The offset of items to fetch (0 is the last stored item)
* @param num [Number] The number of items to fetch (null means fetch all)
*/
this.list = function(type, offset, num, callback) {
var i, list = [],
matchingKeys = [],
parts, timeStr, time;
// get all keys
db.keys(function(keys) {
// check if key begins with type
for (i = 0; i < keys.length; i++) {
if (keys[i].indexOf(type) === 0) {
matchingKeys.push(keys[i]);
}
}
// sort keys by type and date
matchingKeys = _.sortBy(matchingKeys, function(key) {
parts = key.split('_');
timeStr = parts[parts.length - 2];
time = parseInt(timeStr, 10);
return time;
});
// if num is null, list all items
num = (num !== null) ? num : matchingKeys.length;
// set window of items to fetch
if (offset + num < matchingKeys.length) {
matchingKeys = matchingKeys.splice(matchingKeys.length - offset - num, num);
} else if (offset + num >= matchingKeys.length && offset < matchingKeys.length) {
matchingKeys = matchingKeys.splice(0, matchingKeys.length - offset);
} else {
matchingKeys = [];
}
// return if there are no matching keys
if (matchingKeys.length === 0) {
callback(list);
return;
}
// fetch all items from data-store with matching key
db.get(matchingKeys, function(matchingList) {
for (i = 0; i < matchingList.length; i++) {
list.push(matchingList[i].object);
}
// return only the interval between offset and num
callback(list);
});
});
};
/**
* Removes an object liter from local storage by its key (delete)
*/
this.remove = function(key, callback) {
db.remove(key, callback);
};
/**
* Clears the whole local storage cache
*/
this.clear = function(callback) {
db.nuke(callback);
};
};

View File

@ -1,59 +1,55 @@
(function() { /**
* Handles generic caching of JSON objects in LocalStorage
*/
app.dao.LocalStorageDAO = function(window) {
'use strict'; 'use strict';
/** /**
* Handles generic caching of JSON objects in LocalStorage * Stringifies an object literal to JSON and perists it
*/ */
app.dao.LocalStorageDAO = function(window) { this.persist = function(key, object) {
var json = JSON.stringify(object);
/** window.localStorage.setItem(key, json);
* Stringifies an object literal to JSON and perists it
*/
this.persist = function(key, object) {
var json = JSON.stringify(object);
window.localStorage.setItem(key, json);
};
/**
* Fetches a json string from local storage by its key and parses it to an object literal
*/
this.read = function(key) {
var json = window.localStorage.getItem(key);
return JSON.parse(json);
};
/**
* List all the items of a certain type in local storage
* @param type [String] The type of item e.g. 'email'
*/
this.list = function(type) {
var i, key, json, list = [];
for (i = 0; i < window.localStorage.length; i++) {
key = window.localStorage.key(i);
if (key.indexOf(type) === 0) {
json = window.localStorage.getItem(key);
list.push(JSON.parse(json));
}
}
return list;
};
/**
* Removes an object liter from local storage by its key (delete)
*/
this.remove = function(key) {
window.localStorage.removeItem(key);
};
/**
* Clears the whole local storage cache
*/
this.clear = function() {
window.localStorage.clear();
};
}; };
}()); /**
* Fetches a json string from local storage by its key and parses it to an object literal
*/
this.read = function(key) {
var json = window.localStorage.getItem(key);
return JSON.parse(json);
};
/**
* List all the items of a certain type in local storage
* @param type [String] The type of item e.g. 'email'
*/
this.list = function(type) {
var i, key, json, list = [];
for (i = 0; i < window.localStorage.length; i++) {
key = window.localStorage.key(i);
if (key.indexOf(type) === 0) {
json = window.localStorage.getItem(key);
list.push(JSON.parse(json));
}
}
return list;
};
/**
* Removes an object liter from local storage by its key (delete)
*/
this.remove = function(key) {
window.localStorage.removeItem(key);
};
/**
* Clears the whole local storage cache
*/
this.clear = function() {
window.localStorage.clear();
};
};