Copied files spike into spike 2

e4c11c54 · Frauke · 7ea76c17 · e4c11c54 · e4c11c54 · e4c11c54
Commit e4c11c54 authored Jan 17, 2018 by Frauke
9 changed files
--- a/gulpfile.js
+++ b/gulpfile.js
+var browserify = require('browserify')
+var gulp = require('gulp')
+var source = require('vinyl-source-stream')
+var rename = require('gulp-rename')
+
+gulp.task('js:bundle', () => {
+  browserify({
+    entries: 'src/js/script.js',
+    debug: true
+  })
+  .bundle()
+  .pipe(source('src/js/script.js'))
+  .pipe(rename({
+    dirname: ''
+  }))
+  .pipe(gulp.dest('./public/js'))
+})
+
+gulp.task('watch', () =>
+ gulp.watch('./src/**/*.js', ['js:bundle'])
+)
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -11,5 +11,17 @@
    "url": "git@source.ind.ie:indienet/spikes/security/Libsodium.git"
  },
  "author": "Wim Vantomme, Frauke Vanderzijpen",
-  "license": "ISC"
+  "license": "ISC",
+  "devDependencies": {
+    "browserify": "^15.1.0",
+    "gulp": "^3.9.1",
+    "gulp-rename": "^1.2.2",
+    "standard": "^10.0.3",
+    "vinyl-source-stream": "^2.0.0"
+  },
+  "dependencies": {
+    "axios": "^0.17.1",
+    "body-parser": "^1.18.2",
+    "express": "^4.16.2"
+  }
 }
--- a/public/index.html
+++ b/public/index.html
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta http-equiv="X-UA-Compatible" content="ie=edge">
+  <title>Document</title>
+</head>
+<body>
+  <form action="register" method="post" id="register">
+    <label for="password">Password</label>
+    <input type="password" name="password" id="password">
+    <input type="submit" value="Create site">
+  </form>
+
+  <script src="js/vendor/OpenCrypto.js"></script>
+  <script src="js/script.js"></script>
+</body>
+</html>
--- a/public/js/vendor/OpenCrypto.js
+++ b/public/js/vendor/OpenCrypto.js
--- a/server/index.js
+++ b/server/index.js
+const fs = require('fs')
+const express = require('express')
+const app = express()
+const path = require('path')
+const bodyParser = require('body-parser')
+
+const fileUtils = require('./utils/fileUtils')
+
+app.use(express.static(path.join(__dirname, '../public')))
+app.use(bodyParser.json())
+app.use(bodyParser.urlencoded({extended: false}))
+
+app.post('/register', (req, res) => {
+  const salt = JSON.stringify({salt: req.body.salt})
+  const publicKey = JSON.stringify({publickKey: req.body.publicKey})
+  const privateKey = JSON.stringify({privateKey: req.body.privateKey})
+
+  const writeSalt = fileUtils.writeFile('./server/files/salt.json', salt)
+  const writePublicKey = fileUtils.writeFile('./server/files/publickey.json', publicKey)
+  const writePrivateKey = fileUtils.writeFile('./server/files/privatekey.json', privateKey)
+
+  Promise.all([writeSalt, writePublicKey, writePrivateKey]).then(() => {
+    res.status(200).end()
+  }).catch((er) => {
+    res.status(500).send('Ooops, something went wrong')
+  })
+})
+
+app.get('/publickey', (req, res) => {
+  fileUtils.readFile('./server/files/publickey.json').then((data) => {
+    data = JSON.parse(data)
+    res.status(200).send(data)
+  }).catch((err) => {
+    res.status(500).send('Ooops, something went wrong')
+    console.log(err)
+  })
+})
+
+app.get('/privatekey', (req, res) => {
+  fileUtils.readFile('./server/files/privatekey.json').then((data) => {
+    data = JSON.parse(data)
+    res.status(200).send(data)
+  }).catch((err) => {
+    res.status(500).send('Ooops, something went wrong')
+    console.log(err)
+  })
+})
+
+app.listen(8080)
--- a/server/utils/fileUtils.js
+++ b/server/utils/fileUtils.js
+const fs = require('fs')
+
+// Writes a string to the filesystem.
+function writeFile (fileName, value) {
+  return new Promise((resolve, reject) => {
+    fs.writeFile(fileName, value, (err) => {
+      if (err) {
+        reject(err)
+      }
+      resolve()
+    })
+  })
+}
+
+// Reads a file from the filesystem.
+function readFile (fileName) {
+  return new Promise((resolve, reject) => {
+    fs.readFile(fileName, 'utf8', (err, data) => {
+      if (err) {
+        reject(err)
+      }
+      resolve(data)
+    })
+  })
+}
+module.exports = {
+  writeFile,
+  readFile
+}
--- a/src/js/indexedDB.js
+++ b/src/js/indexedDB.js
+// Basic helper functions to directly write stuff to indexedDB through the browserAPI.
+// Might be that we need to implement a shim for older browsers (shimIndexedDB)
+
+function callOnStore (dbname, storeName, fn_) {
+  const indexedDB = window.indexedDB || window.mozIndexedDB || window.webkitIndexedDB || window.msIndexedDB
+
+  // Open or create the database.
+  const request = indexedDB.open(dbname, 1)
+
+  // Create the schema
+  request.onupgradeneeded = () => {
+    let db = request.result
+    let store = db.createObjectStore(storeName, {keyPath: 'id'})
+  }
+
+  request.onsuccess = () => {
+    let db = request.result
+    let transaction = db.transaction(storeName, 'readwrite')
+    let store = transaction.objectStore(storeName)
+
+    fn_(store)
+
+    transaction.oncomplete = () => db.close()
+  }
+}
+
+module.exports = {
+  callOnStore
+}
--- a/src/js/script.js
+++ b/src/js/script.js
+const crypt = new OpenCrypto()
+const axios = require('axios')
+
+// Custom modules
+const indexedDB = require('./indexedDB')
+
+const form = document.getElementById('register')
+
+function loadedKeyPair () {
+  indexedDB.callOnStore('testkeystore', 'keyStore', (store) => {
+    const getData = store.get(1)
+    getData.onsuccess = (event) => {
+      const keys = getData.result.keys
+    }
+  })
+}
+
+loadedKeyPair()
+
+form.addEventListener('submit', (e) => {
+  e.preventDefault()
+  var saltValue = ''
+  const password = e.target.password.value
+  const salt = crypt.getRandomSalt()
+
+  salt.then((salt) => {
+    const keys = crypt.getKeyPair(undefined, undefined, undefined, true)
+    const pass = crypt.keyFromPassphrase(password, salt, 300000)
+    saltValue = salt
+    return Promise.all([keys, pass])
+  }).then((values) => {
+    const keyPair = values[0]
+    const hash = values[1]
+    const encryptedPrivateKey = crypt.encryptPrivateKey(keyPair.privateKey, hash)
+    const publicKeyValue = crypt.cryptoPublicToPem(keyPair.publicKey)
+
+    // Export key as an arraybuffer to import later as unextractable private key.
+    const exportedPrivateKey = crypto.subtle.exportKey('pkcs8', keyPair.privateKey)
+
+    return Promise.all([encryptedPrivateKey, publicKeyValue, exportedPrivateKey])
+  }).then((values) => {
+    // Import arraybuffer as an unextractable private key.
+    const nonExtractablePrivateKey = crypto.subtle.importKey('pkcs8', values[2], {name: 'RSA-OAEP', hash: {name: 'SHA-512'}, modulusLength: 2048, publicExponent: new Uint8Array([0x01, 0x00, 0x01])}, false, ['decrypt', 'unwrapKey'])
+
+    const postKeys = axios.post('register',
+      {
+        salt: saltValue,
+        publicKey: values[1],
+        privateKey: values[0]
+      })
+
+    return Promise.all([nonExtractablePrivateKey, postKeys])
+  }).then((values) => {
+    // Save unextractable private key to indexedDB.
+    indexedDB.callOnStore('testkeystore', 'keyStore', (store) => {
+      store.put({
+        id: 1,
+        keys: values[0]
+      })
+    })
+  }).catch((err) => {
+    console.log(err)
+  })
+})