george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into webcrypto, implementing base58, fixes #377

Browse Source
This commit is contained in:
El RIDO
2019-05-15 21:20:54 +02:00
parent 5779d87788 7f1afb2b3e
commit 6f480bf014
7 changed files with 259 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
js/base-x-3.0.5.1.js Normal file
View File

@@ -0,0 +1,151 @@
// base-x encoding / decoding
// based on https://github.com/cryptocoinjs/base-x 3.0.5
// modification: removed Buffer dependency and node.modules entry
// Copyright (c) 2018 base-x contributors
// Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
// Distributed under the MIT software license, see the accompanying
// file LICENSE or http://www.opensource.org/licenses/mit-license.php.
(function(){
'use strict';
this.baseX = function base (ALPHABET) {
if (ALPHABET.length >= 255) throw new TypeError('Alphabet too long')
const BASE_MAP = new Uint8Array(256)
BASE_MAP.fill(255)
for (let i = 0; i < ALPHABET.length; i++) {
const x = ALPHABET.charAt(i)
const xc = x.charCodeAt(0)
if (BASE_MAP[xc] !== 255) throw new TypeError(x + ' is ambiguous')
BASE_MAP[xc] = i
}
const BASE = ALPHABET.length
const LEADER = ALPHABET.charAt(0)
const FACTOR = Math.log(BASE) / Math.log(256) // log(BASE) / log(256), rounded up
const iFACTOR = Math.log(256) / Math.log(BASE) // log(256) / log(BASE), rounded up
function encode (source) {
if (source.length === 0) return ''
// Skip & count leading zeroes.
let zeroes = 0
let length = 0
let pbegin = 0
const pend = source.length
while (pbegin !== pend && source[pbegin] === 0) {
pbegin++
zeroes++
}
// Allocate enough space in big-endian base58 representation.
const size = ((pend - pbegin) * iFACTOR + 1) >>> 0
const b58 = new Uint8Array(size)
// Process the bytes.
while (pbegin !== pend) {
let carry = source[pbegin]
// Apply "b58 = b58 * 256 + ch".
let i = 0
for (let it = size - 1; (carry !== 0 || i < length) && (it !== -1); it--, i++) {
carry += (256 * b58[it]) >>> 0
b58[it] = (carry % BASE) >>> 0
carry = (carry / BASE) >>> 0
}
if (carry !== 0) throw new Error('Non-zero carry')
length = i
pbegin++
}
// Skip leading zeroes in base58 result.
let it = size - length
while (it !== size && b58[it] === 0) {
it++
}
// Translate the result into a string.
let str = LEADER.repeat(zeroes)
for (; it < size; ++it) str += ALPHABET.charAt(b58[it])
return str
}
function decodeUnsafe (source) {
if (typeof source !== 'string') throw new TypeError('Expected String')
if (source.length === 0) return ''
let psz = 0
// Skip leading spaces.
if (source[psz] === ' ') return
// Skip and count leading '1's.
let zeroes = 0
let length = 0
while (source[psz] === LEADER) {
zeroes++
psz++
}
// Allocate enough space in big-endian base256 representation.
const size = (((source.length - psz) * FACTOR) + 1) >>> 0 // log(58) / log(256), rounded up.
const b256 = new Uint8Array(size)
// Process the characters.
while (source[psz]) {
// Decode character
let carry = BASE_MAP[source.charCodeAt(psz)]
// Invalid character
if (carry === 255) return
let i = 0
for (let it = size - 1; (carry !== 0 || i < length) && (it !== -1); it--, i++) {
carry += (BASE * b256[it]) >>> 0
b256[it] = (carry % 256) >>> 0
carry = (carry / 256) >>> 0
}
if (carry !== 0) throw new Error('Non-zero carry')
length = i
psz++
}
// Skip trailing spaces.
if (source[psz] === ' ') return
// Skip leading zeroes in b256.
let it = size - length
while (it !== size && b256[it] === 0) {
it++
}
var vch = [];
let j = zeroes
while (it !== size) {
vch[j++] = b256[it++]
}
return vch
}
function decode (string) {
const buffer = decodeUnsafe(string)
if (buffer) return buffer
throw new Error('Non-base' + BASE + ' character')
}
return {
encode: encode,
decodeUnsafe: decodeUnsafe,
decode: decode
}
}
}).call(this);

1
js/common.js
View File

@@ -17,6 +17,7 @@ global.prettyPrint = window.PR.prettyPrint;
global.prettyPrintOne = window.PR.prettyPrintOne;
global.showdown = require('./showdown-1.8.6');
global.DOMPurify = require('./purify-1.0.7');
global.baseX = require('./base-x-3.0.5.1').baseX;
require('./bootstrap-3.3.7');
require('./privatebin');

50
js/privatebin.js
View File

@@ -531,6 +531,13 @@ jQuery.PrivateBin = (function($, RawDeflate) {
const CryptTool = (function () {
const me = {};
/**
* base58 encoder & decoder
*
* @private
*/
let base58 = new baseX('123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz');
/**
* convert UTF-8 string stored in a DOMString to a standard UTF-16 DOMString
*
@@ -922,13 +929,43 @@ jQuery.PrivateBin = (function($, RawDeflate) {
* @name CryptTool.getSymmetricKey
* @function
* @throws {string}
* @return {string} base64 encoded key
* @return {string} raw bytes
*/
me.getSymmetricKey = function()
{
return getRandomBytes(32);
};
/**
* base58 encode a DOMString (UTF-16)
*
* @name CryptTool.base58encode
* @function
* @param {string} input
* @return {string} output
*/
me.base58encode = function(input)
{
return base58.encode(
stringToArraybuffer(input)
);
}
/**
* base58 decode a DOMString (UTF-16)
*
* @name CryptTool.base58decode
* @function
* @param {string} input
* @return {string} output
*/
me.base58decode = function(input)
{
return arraybufferToString(
base58.decode(input)
);
}
return me;
})();
@@ -1101,7 +1138,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
newKey = newKey.substring(0, ampersandPos);
}
symmetricKey = atob(newKey);
// version 2 uses base58, version 1 uses base64
try {
symmetricKey = CryptTool.base58decode(newKey);
} catch(e) {
symmetricKey = atob(newKey);
}
}
return symmetricKey;
@@ -3174,7 +3216,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
document.title,
// recreate paste URL
Helper.baseUri() + '?' + Model.getPasteId() + '#' +
btoa(Model.getPasteKey())
CryptTool.base58encode(Model.getPasteKey())
);
// we use text/html instead of text/plain to avoid a bug when
@@ -3931,7 +3973,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
// show notification
const baseUri = Helper.baseUri() + '?',
url = baseUri + data.id + '#' + btoa(data.encryptionKey),
url = baseUri + data.id + '#' + CryptTool.base58encode(data.encryptionKey),
deleteUrl = baseUri + 'pasteid=' + data.id + '&deletetoken=' + data.deletetoken;
PasteStatus.createPasteNotification(url, deleteUrl);

47
js/test/Model.js
View File

@@ -132,13 +132,14 @@ describe('Model', function () {
});
jsc.property(
'returns the fragment of the URL',
'returns the fragment of a v1 URL',
jsc.nearray(common.jscA2zString()),
jsc.nearray(common.jscA2zString()),
jsc.array(common.jscQueryString()),
'nestring',
function (schema, address, query, fragment) {
var fragmentString = common.btoa(fragment),
fragment = fragment.padStart(32, String.fromCharCode(0));
let fragmentString = common.btoa(fragment),
clean = jsdom('', {
url: schema.join('') + '://' + address.join('') +
'/?' + query.join('') + '#' + fragmentString
@@ -150,14 +151,52 @@ describe('Model', function () {
}
);
jsc.property(
'returns the fragment stripped of trailing query parts',
'returns the v1 fragment stripped of trailing query parts',
jsc.nearray(common.jscA2zString()),
jsc.nearray(common.jscA2zString()),
jsc.array(common.jscQueryString()),
'nestring',
jsc.array(common.jscHashString()),
function (schema, address, query, fragment, trail) {
var fragmentString = common.btoa(fragment),
fragment = fragment.padStart(32, String.fromCharCode(0));
let fragmentString = common.btoa(fragment),
clean = jsdom('', {
url: schema.join('') + '://' + address.join('') + '/?' +
query.join('') + '#' + fragmentString + '&' + trail.join('')
}),
result = $.PrivateBin.Model.getPasteKey();
$.PrivateBin.Model.reset();
clean();
return fragment === result;
}
);
jsc.property(
'returns the fragment of a v2 URL',
jsc.nearray(common.jscA2zString()),
jsc.nearray(common.jscA2zString()),
jsc.array(common.jscQueryString()),
'nestring',
function (schema, address, query, fragment) {
let fragmentString = $.PrivateBin.CryptTool.base58encode(fragment),
clean = jsdom('', {
url: schema.join('') + '://' + address.join('') +
'/?' + query.join('') + '#' + fragmentString
}),
result = $.PrivateBin.Model.getPasteKey();
$.PrivateBin.Model.reset();
clean();
return fragment === result;
}
);
jsc.property(
'returns the v2 fragment stripped of trailing query parts',
jsc.nearray(common.jscA2zString()),
jsc.nearray(common.jscA2zString()),
jsc.array(common.jscQueryString()),
'nestring',
jsc.array(common.jscHashString()),
function (schema, address, query, fragment, trail) {
let fragmentString = $.PrivateBin.CryptTool.base58encode(fragment),
clean = jsdom('', {
url: schema.join('') + '://' + address.join('') + '/?' +
query.join('') + '#' + fragmentString + '&' + trail.join('')