Add optional password to the download url

mozilla · Oct 10, 2017 · bc24a06 · bc24a06
1 parent 837747f
commit bc24a06
Show file tree

Hide file tree

Showing 28 changed files with 805 additions and 241 deletions.
diff --git a/app/fileManager.js b/app/fileManager.js
@@ -153,6 +153,7 @@ export default function(state, emitter) {
       state.storage.totalUploads += 1;
       emitter.emit('pushState', `/share/${info.id}`);
     } catch (err) {
+      console.error(err);
       state.transfer = null;
       if (err.message === '0') {
         //cancelled. do nothing
@@ -161,23 +162,51 @@ export default function(state, emitter) {
       }
       state.raven.captureException(err);
       metrics.stoppedUpload({ size, type, err });
-      emitter.emit('replaceState', '/error');
+      emitter.emit('pushState', '/error');
     }
   });
 
-  emitter.on('download', async file => {
-    const size = file.size;
+  emitter.on('password', async ({ password, file }) => {
+    try {
+      await FileSender.setPassword(password, file);
+      metrics.addedPassword({ size: file.size });
+      file.password = password;
+      state.storage.writeFiles();
+    } catch (e) {
+      console.error(e);
+    }
+    render();
+  });
+
+  emitter.on('preview', async () => {
+    const file = state.fileInfo;
     const url = `/api/download/${file.id}`;
-    const receiver = new FileReceiver(url, file.key);
+    const receiver = new FileReceiver(url, file);
     receiver.on('progress', updateProgress);
     receiver.on('decrypting', render);
     state.transfer = receiver;
-    const links = openLinksInNewTab();
+    try {
+      await receiver.getMetadata(file.nonce);
+    } catch (e) {
+      if (e.message === '401') {
+        file.password = null;
+        if (!file.pwd) {
+          return emitter.emit('pushState', '/404');
+        }
+      }
+    }
     render();
+  });
+
+  emitter.on('download', async file => {
+    state.transfer.on('progress', render);
+    state.transfer.on('decrypting', render);
+    const links = openLinksInNewTab();
+    const size = file.size;
     try {
       const start = Date.now();
       metrics.startedDownload({ size: file.size, ttl: file.ttl });
-      const f = await receiver.download();
+      const f = await state.transfer.download(file.nonce);
       const time = Date.now() - start;
       const speed = size / (time / 1000);
       await delay(1000);
@@ -187,13 +216,14 @@ export default function(state, emitter) {
       metrics.completedDownload({ size, time, speed });
       emitter.emit('pushState', '/completed');
     } catch (err) {
+      console.error(err);
       // TODO cancelled download
       const location = err.message === 'notfound' ? '/404' : '/error';
       if (location === '/error') {
         state.raven.captureException(err);
         metrics.stoppedDownload({ size, err });
       }
-      emitter.emit('replaceState', location);
+      emitter.emit('pushState', location);
     } finally {
       state.transfer = null;
       openLinksInNewTab(links, false);

diff --git a/app/fileReceiver.js b/app/fileReceiver.js
@@ -1,25 +1,104 @@
 import Nanobus from 'nanobus';
-import { hexToArray, bytes } from './utils';
+import { arrayToB64, b64ToArray, bytes } from './utils';
 
 export default class FileReceiver extends Nanobus {
-  constructor(url, k) {
+  constructor(url, file) {
     super('FileReceiver');
-    this.key = window.crypto.subtle.importKey(
-      'jwk',
-      {
-        k,
-        kty: 'oct',
-        alg: 'A128GCM',
-        ext: true
-      },
-      {
-        name: 'AES-GCM'
-      },
+    this.secretKeyPromise = window.crypto.subtle.importKey(
+      'raw',
+      b64ToArray(file.key),
+      'HKDF',
       false,
-      ['decrypt']
+      ['deriveKey']
     );
+    this.encryptKeyPromise = this.secretKeyPromise.then(sk => {
+      const encoder = new TextEncoder();
+      return window.crypto.subtle.deriveKey(
+        {
+          name: 'HKDF',
+          salt: new Uint8Array(),
+          info: encoder.encode('encryption'),
+          hash: 'SHA-256'
+        },
+        sk,
+        {
+          name: 'AES-GCM',
+          length: 128
+        },
+        false,
+        ['decrypt']
+      );
+    });
+    if (file.pwd) {
+      const encoder = new TextEncoder();
+      console.log(file.password + file.url);
+      this.authKeyPromise = window.crypto.subtle
+        .importKey(
+          'raw',
+          encoder.encode(file.password),
+          { name: 'PBKDF2' },
+          false,
+          ['deriveKey']
+        )
+        .then(pwdKey =>
+          window.crypto.subtle.deriveKey(
+            {
+              name: 'PBKDF2',
+              salt: encoder.encode(file.url),
+              iterations: 100,
+              hash: 'SHA-256'
+            },
+            pwdKey,
+            {
+              name: 'HMAC',
+              hash: 'SHA-256'
+            },
+            true,
+            ['sign']
+          )
+        );
+    } else {
+      this.authKeyPromise = this.secretKeyPromise.then(sk => {
+        const encoder = new TextEncoder();
+        return window.crypto.subtle.deriveKey(
+          {
+            name: 'HKDF',
+            salt: new Uint8Array(),
+            info: encoder.encode('authentication'),
+            hash: 'SHA-256'
+          },
+          sk,
+          {
+            name: 'HMAC',
+            hash: { name: 'SHA-256' }
+          },
+          false,
+          ['sign']
+        );
+      });
+    }
+    this.metaKeyPromise = this.secretKeyPromise.then(sk => {
+      const encoder = new TextEncoder();
+      return window.crypto.subtle.deriveKey(
+        {
+          name: 'HKDF',
+          salt: new Uint8Array(),
+          info: encoder.encode('metadata'),
+          hash: 'SHA-256'
+        },
+        sk,
+        {
+          name: 'AES-GCM',
+          length: 128
+        },
+        false,
+        ['decrypt']
+      );
+    });
+    this.file = file;
     this.url = url;
     this.msg = 'fileSizeProgress';
+    this.state = 'initialized';
     this.progress = [0, 1];
   }
 
@@ -38,7 +117,65 @@ export default class FileReceiver extends Nanobus {
     // TODO
   }
 
-  downloadFile() {
+  fetchMetadata(sig) {
+    return new Promise((resolve, reject) => {
+      const xhr = new XMLHttpRequest();
+      xhr.onreadystatechange = () => {
+        if (xhr.readyState === XMLHttpRequest.DONE) {
+          const nonce = xhr.getResponseHeader('WWW-Authenticate').split(' ')[1];
+          this.file.nonce = nonce;
+          if (xhr.status === 200) {
+            return resolve(xhr.response);
+          }
+          reject(new Error(xhr.status));
+        }
+      };
+      xhr.onerror = () => reject(new Error(0));
+      xhr.ontimeout = () => reject(new Error(0));
+      xhr.open('get', `/api/metadata/${this.file.id}`);
+      xhr.setRequestHeader('Authorization', `send-v1 ${arrayToB64(sig)}`);
+      xhr.responseType = 'json';
+      xhr.timeout = 2000;
+      xhr.send();
+    });
+  }
+
+  async getMetadata(nonce) {
+    try {
+      const authKey = await this.authKeyPromise;
+      const sig = await window.crypto.subtle.sign(
+        {
+          name: 'HMAC'
+        },
+        authKey,
+        b64ToArray(nonce)
+      );
+      const data = await this.fetchMetadata(new Uint8Array(sig));
+      const metaKey = await this.metaKeyPromise;
+      const json = await window.crypto.subtle.decrypt(
+        {
+          name: 'AES-GCM',
+          iv: new Uint8Array(12),
+          tagLength: 128
+        },
+        metaKey,
+        b64ToArray(data.metadata)
+      );
+      const decoder = new TextDecoder();
+      const meta = JSON.parse(decoder.decode(json));
+      this.file.name = meta.name;
+      this.file.type = meta.type;
+      this.file.iv = meta.iv;
+      this.file.size = data.size;
+      this.file.ttl = data.ttl;
+      this.state = 'ready';
+    } catch (e) {
+      this.state = 'invalid';
+      throw e;
+    }
+  }
+
+  downloadFile(sig) {
     return new Promise((resolve, reject) => {
       const xhr = new XMLHttpRequest();
 
@@ -49,52 +186,67 @@ export default class FileReceiver extends Nanobus {
         }
       };
 
-      xhr.onload = function(event) {
+      xhr.onload = event => {
         if (xhr.status === 404) {
           reject(new Error('notfound'));
           return;
         }
 
-        const blob = new Blob([this.response]);
-        const meta = JSON.parse(xhr.getResponseHeader('X-File-Metadata'));
+        if (xhr.status !== 200) {
+          return reject(new Error(xhr.status));
+        }
+
+        const blob = new Blob([xhr.response]);
         const fileReader = new FileReader();
         fileReader.onload = function() {
-          resolve({
-            data: this.result,
-            name: meta.filename,
-            type: meta.mimeType,
-            iv: meta.id
-          });
+          resolve(this.result);
         };
 
         fileReader.readAsArrayBuffer(blob);
       };
 
       xhr.open('get', this.url);
+      xhr.setRequestHeader('Authorization', `send-v1 ${arrayToB64(sig)}`);
       xhr.responseType = 'blob';
       xhr.send();
     });
   }
 
-  async download() {
-    const key = await this.key;
-    const file = await this.downloadFile();
-    this.msg = 'decryptingFile';
-    this.emit('decrypting');
-    const plaintext = await window.crypto.subtle.decrypt(
-      {
-        name: 'AES-GCM',
-        iv: hexToArray(file.iv),
-        tagLength: 128
-      },
-      key,
-      file.data
-    );
-    this.msg = 'downloadFinish';
-    return {
-      plaintext,
-      name: decodeURIComponent(file.name),
-      type: file.type
-    };
+  async download(nonce) {
+    this.state = 'downloading';
+    this.emit('progress', this.progress);
+    try {
+      const encryptKey = await this.encryptKeyPromise;
+      const authKey = await this.authKeyPromise;
+      const sig = await window.crypto.subtle.sign(
+        {
+          name: 'HMAC'
+        },
+        authKey,
+        b64ToArray(nonce)
+      );
+      const ciphertext = await this.downloadFile(new Uint8Array(sig));
+      this.msg = 'decryptingFile';
+      this.emit('decrypting');
+      const plaintext = await window.crypto.subtle.decrypt(
+        {
+          name: 'AES-GCM',
+          iv: b64ToArray(this.file.iv),
+          tagLength: 128
+        },
+        encryptKey,
+        ciphertext
+      );
+      this.msg = 'downloadFinish';
+      this.state = 'complete';
+      return {
+        plaintext,
+        name: decodeURIComponent(this.file.name),
+        type: this.file.type
+      };
+    } catch (e) {
+      this.state = 'invalid';
+      throw e;
+    }
   }
 }