id is now independent on iv

This commit is contained in:
Abhinav Adduri 2017-07-07 14:47:56 -07:00
parent a11b4b677c
commit 1ce24f7e08
4 changed files with 24 additions and 17 deletions

View File

@ -36,7 +36,8 @@ class FileReceiver extends EventEmitter {
resolve({
data: this.result,
aad: meta.aad,
filename: meta.filename
filename: meta.filename,
iv: meta.iv
});
};
@ -62,13 +63,11 @@ class FileReceiver extends EventEmitter {
['encrypt', 'decrypt']
)
]).then(([fdata, key]) => {
const salt = this.salt;
return Promise.all([
window.crypto.subtle.decrypt(
{
name: 'AES-GCM',
iv: salt,
iv: hexToArray(fdata.iv),
additionalData: hexToArray(fdata.aad)
},
key,

View File

@ -137,7 +137,7 @@ app.post('/delete/:id', (req, res) => {
});
app.post('/upload/:id', (req, res, next) => {
if (!validateID(req.params.id)) {
if (!validateIV(req.params.id)) {
res.sendStatus(404);
return;
}
@ -148,9 +148,9 @@ app.post('/upload/:id', (req, res, next) => {
req.busboy.on('file', (fieldname, file, filename) => {
log.info('Uploading:', req.params.id);
storage.set(req.params.id, file, filename, meta).then(delete_token => {
storage.set(req.params.id, file, filename, meta).then(([delete_token, new_id]) => {
const protocol = conf.env === 'production' ? 'https' : req.protocol;
const url = `${protocol}://${req.get('host')}/download/${req.params.id}/`;
const url = `${protocol}://${req.get('host')}/download/${new_id}/`;
res.json({
url,
delete: delete_token
@ -176,5 +176,9 @@ app.listen(conf.listen_port, () => {
});
const validateID = route_id => {
return route_id.match(/^[0-9a-fA-F]{10}$/) !== null;
};
const validateIV = route_id => {
return route_id.match(/^[0-9a-fA-F]{24}$/) !== null;
};

View File

@ -118,18 +118,20 @@ function localGet(id) {
function localSet(id, file, filename, meta) {
return new Promise((resolve, reject) => {
const fstream = fs.createWriteStream(path.join(__dirname, '../static', id));
const new_id = crypto.randomBytes(5).toString('hex');
const fstream = fs.createWriteStream(path.join(__dirname, '../static', new_id));
file.pipe(fstream);
fstream.on('close', () => {
meta.delete = crypto.randomBytes(10).toString('hex');
redis_client.hmset(id, meta);
meta.id = id;
redis_client.hmset(new_id, meta);
redis_client.expire(id, 86400000);
log.info('localSet:', 'Upload Finished of ' + id);
resolve(meta.delete);
log.info('localSet:', 'Upload Finished of ' + new_id);
resolve([meta.delete, new_id]);
});
fstream.on('error', () => {
log.error('localSet:', 'Failed upload of ' + id);
log.error('localSet:', 'Failed upload of ' + new_id);
reject();
});
});
@ -194,9 +196,10 @@ function awsGet(id) {
}
function awsSet(id, file, filename, meta) {
const new_id = crypto.randomBytes(5).toString('hex');
const params = {
Bucket: conf.s3_bucket,
Key: id,
Key: new_id,
Body: file
};
@ -207,12 +210,12 @@ function awsSet(id, file, filename, meta) {
reject();
} else {
meta.delete = crypto.randomBytes(10).toString('hex');
redis_client.hmset(id, meta);
meta.id = id;
redis_client.hmset(new_id, meta);
redis_client.expire(id, 86400000);
log.info('awsUploadFinish', 'Upload Finished of ' + filename);
resolve(meta.delete);
resolve([meta.delete, new_id]);
}
});
});

View File

@ -113,8 +113,9 @@ describe('Testing Set using aws', function() {
s3Stub.upload.callsArgWith(1, null, {});
return storage
.set('123', {}, 'Filename.moz', {})
.then(deleteKey => {
.then(([deleteKey, id]) => {
assert.equal(deleteKey, buf.toString('hex'));
assert.notEqual(id, null);
assert.notEqual(deleteKey, null);
assert(expire.calledOnce);
assert(expire.calledWith('123', 86400000));