changed from using input fields for keys to getting from url

2017-05-30 13:55:06 -07:00 · 2017-05-30 13:55:06 -07:00 · 82eccc6d54
parent a45bcf3d35
commit 82eccc6d54
3 changed files with 48 additions and 22 deletions
--- a/app.js
+++ b/app.js
@ -38,7 +38,7 @@ app.get('/assets/download/:id', function(req, res) {
  
 });

-app.route('/upload')
+app.route('/upload/:id')
    .post(function (req, res, next) {

        var fstream;
@ -50,7 +50,7 @@ app.route('/upload')
            fstream = fs.createWriteStream(__dirname + '/static/' + filename);
            file.pipe(fstream);
            fstream.on('close', function () {  
-                let id = Math.floor(Math.random()*10000).toString();
+                let id = req.params.id;
                client.hset(id, "filename", filename, redis.print);
                client.hset(id, "expiration", 0, redis.print);
                console.log("Upload Finished of " + filename);              
--- a/public/download.html
+++ b/public/download.html
@ -7,8 +7,8 @@
 </head>
 <body>

-<input id="keyhash" placeholder="Paste the key your friend sent you."/><br />
-<input id="salt" placeholder="Paste the salt your friend sent you."/><br />
+<!--<input id="keyhash" placeholder="Paste the key your friend sent you."/><br />-->
+<!--<input id="salt" placeholder="Paste the salt your friend sent you."/><br />-->

 <button onclick="download()">DOWNLOAD</button>

--- a/public/file.js
+++ b/public/file.js
@ -1,6 +1,13 @@
+
 function download() {
+  // console.log(location.pathname.slice(10, -1));
+
+// var new_salt = ;
+// console.log(new_salt);
+// console.log(salt);
+
  var xhr = new XMLHttpRequest();
-  xhr.open('get', '/assets' + location.pathname, true);
+  xhr.open('get', '/assets' + location.pathname.slice(0, -1), true);
  xhr.responseType = 'blob';
  // $.each(SERVER.authorization(), function(k, v) {
  //     xhr.setRequestHeader(k, v);
@ -17,12 +24,15 @@ function download() {
              arrayBuffer = this.result;
              // console.log(arrayBuffer);
              var array = new Uint8Array(arrayBuffer);
-              salt = new Uint8Array(JSON.parse(document.getElementById('salt').value));
+              salt = strToIv(location.pathname.slice(10, -1));
+              // var new_salt = strToIv(location.pathname.slice(10, -1));
+              // console.log(new_salt);
+              // console.log(salt);
              window.crypto.subtle.importKey(
                  "jwk", //can be "jwk" or "raw"
                  {   //this is an example jwk key, "raw" would be an ArrayBuffer
                      kty: "oct",
-                      k: document.getElementById('keyhash').value,
+                      k: location.hash.slice(1),
                      alg: "A128CBC",
                      ext: true,
                  },
@ -115,17 +125,21 @@ function onChange(event) {
        //returns an ArrayBuffer containing the encrypted data
          var dataView = new DataView(encrypted);
          var blob = new Blob([dataView], { type: file.type });
-          window.data = encrypted;
+          // window.data = encrypted;
          var fd = new FormData();
          fd.append('fname', file.name);
          fd.append('data', blob, file.name);
          // console.log(blob);
          var xhr = new XMLHttpRequest();
-
-          xhr.open('post', '/upload', true);
+          var hex = ivToStr(random_iv);
+          xhr.open('post', '/upload/' + hex, true);
          xhr.onreadystatechange = function() { 
            if (xhr.readyState == XMLHttpRequest.DONE) {
-              console.log('Go to this URL: http://localhost:3000/download/'+xhr.responseText);
+              window.crypto.subtle.exportKey("jwk", key).then(function(keydata){
+                //returns the exported key data
+                console.log('Go to this URL: http://localhost:3000/download/' + hex + '/#' + keydata.k);
+                console.log(keydata.k);
+              })
            }
          };

@ -136,17 +150,7 @@ function onChange(event) {
        });


-      window.crypto.subtle.exportKey(
-        "jwk", //can be "jwk" or "raw"
-        key)
-        .then(function(keydata){
-          //returns the exported key data
-          console.log('Send this key to a friend: ' + keydata.k);
-
-        })
-        .catch(function(err){
-          console.error(err);
-        });
+      
      })
    .catch(function(err){
        console.error(err);
@ -158,3 +162,25 @@ function onChange(event) {
  reader.readAsArrayBuffer(file);
 }

+function ivToStr(iv) {
+  let hexStr = '';
+  for (var i in iv) {
+    if (iv[i] < 16) {
+      hexStr += '0' + iv[i].toString(16);
+    } else {
+      hexStr += iv[i].toString(16);
+    }
+  }
+  window.hexStr = hexStr;
+  return hexStr;
+}
+
+function strToIv(str) {
+  var iv = new Uint8Array(16);
+  for (var i = 0; i < str.length; i += 2) {
+    // console.log(str.charAt(i) + str.charAt(i+1));
+    iv[i/2] = parseInt((str.charAt(i) + str.charAt(i + 1)), 16);
+  }
+
+  return iv;
+}