API tools faq
paste
Guest User

Untitled

a guest
Jan 21st, 2017
48
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.67 KB | None | 0 0
raw download clone embed print report
  1. var sscApp = angular.module('sscApp', ['ngRoute']);
  2.  
  3. sscApp.config(function($routeProvider, $locationProvider){
  4. $routeProvider.when("/",
  5. {
  6. templateUrl: "pages/main.html",
  7. controller: "MainController",
  8. }
  9. );
  10.  
  11. $routeProvider.when("/files",
  12. {
  13. templateUrl: "pages/files.html",
  14. controller: "FilesController",
  15. }
  16. );
  17.  
  18. $routeProvider.when("/profile",
  19. {
  20. templateUrl: "pages/user.html",
  21. controller: "UserController",
  22. });
  23. $routeProvider.when("/login",
  24. {
  25. templateUrl: "pages/login.html",
  26. controller: "LoginController",
  27. });
  28. $routeProvider.when("/logout",
  29. {
  30. templateUrl: "pages/login.html",
  31. controller: "LogoutController",
  32. });
  33. $routeProvider.when("/register",
  34. {
  35. templateUrl: "pages/login.html",
  36. controller: "RegisterController",
  37. });
  38.  
  39. $locationProvider.html5Mode(true);
  40. });
  41.  
  42. sscApp.service('Auth', ['$http','$route', function($http,$route){
  43. var user = false;
  44. console.log("Initialising Auth Service");
  45. /*$http({
  46. method: 'GET',
  47. url: 'https://ssc.teaser.insomnihack.ch/api/user.php?action=getUser',
  48. withCredentials: true,
  49. }).then(function(response) {
  50. if(response.data.status == 'SUCCESS') {
  51. user = response.data.name;
  52. console.log(response.data);
  53. $route.reload();
  54. }
  55. }, function(response) {console.log(response);});*/
  56.  
  57. return{
  58. initAuth : function() {
  59. return $http({
  60. method: 'GET',
  61. url: 'https://ssc.teaser.insomnihack.ch/api/user.php?action=getUser',
  62. withCredentials: true,
  63. });
  64. },
  65. setUser : function(aUser){
  66. user = aUser;
  67. },
  68. getUser : function() {
  69. return user;
  70. },
  71. isLoggedIn : function(){
  72. return(user)? user : false;
  73. }
  74. }
  75. }]);
  76.  
  77. sscApp.service('Keys', function() {
  78. var pubKey ={};
  79. var privateKey={};
  80. return {
  81. getPubKey : function() {
  82. return pubKey;
  83. },
  84. getPrivKey : function() {
  85. return privateKey;
  86. },
  87. setPubKey : function(key) {
  88. pubKey = key;
  89. },
  90. setPrivKey : function(key) {
  91. privateKey = key;
  92. }
  93. }
  94. });
  95.  
  96. sscApp.controller("MainController", ['$scope','Auth',function MainController($scope,Auth) {
  97. Auth.initAuth().then(function(response) {
  98. if(response.data.status == 'SUCCESS') {
  99. Auth.setUser(response.data.name);
  100. }
  101. else {
  102. Auth.setUser(false);
  103. }
  104.  
  105. }, function(response) {console.log(response);});
  106. }]);
  107.  
  108. sscApp.controller('UserController',['Auth','$location','$scope', function UserController(Auth,$location,$scope) {
  109. if(!Auth.isLoggedIn()) {
  110. $location.path("/login");
  111. }
  112. else {
  113. $scope.name = Auth.getUser();
  114. }
  115. }]);
  116.  
  117. sscApp.controller('LoginController', function LoginController($scope,$http,$location,Auth) {
  118. $scope.url = "https://ssc.teaser.insomnihack.ch/api/user.php";
  119. $scope.button = "Login";
  120. $scope.msg = "";
  121. $scope.loginclass = "active";
  122. $scope.registerclass = "";
  123. $scope.submitForm = function() {
  124. $http({
  125. method: 'POST',
  126. url: $scope.url,
  127. data: "action=login&name=" + $scope.user.name + "&password=" + $scope.user.password,
  128. headers : {'Content-Type': 'application/x-www-form-urlencoded'},
  129. withCredentials: true,
  130. }).then(function(response) {
  131. if(response.data.status == 'SUCCESS') {
  132. Auth.setUser(response.data.name);
  133. location.href = "/";
  134. }
  135. else {
  136. $scope.msg = "Authentication error";
  137. }
  138. }, function(response) {console.log(response);});
  139. }
  140.  
  141. });
  142.  
  143. sscApp.controller('RegisterController', ['$scope','$http','$location','Auth', function RegisterController($scope,$http,$location,Auth) {
  144. $scope.url = "https://ssc.teaser.insomnihack.ch/api/user.php";
  145. $scope.button = "Register";
  146. $scope.loginclass = "";
  147. $scope.registerclass = "active";
  148. $scope.submitForm = function() {
  149. $http({
  150. method: 'POST',
  151. url: $scope.url,
  152. data: "action=register&name=" + $scope.user.name + "&password=" + $scope.user.password,
  153. headers : {'Content-Type': 'application/x-www-form-urlencoded'},
  154. withCredentials: true,
  155. }).then(function(response) {
  156. if(response.data.status == 'SUCCESS') {
  157. $scope.msg = "Registration success, login now";
  158. $location.path("/login");
  159. }
  160. else {
  161. $scope.msg = "Registration failure";
  162. }
  163. }, function(response) {console.log(response);});
  164. }
  165. }]);
  166.  
  167. sscApp.controller('LogoutController', ['$http','$location', function LogoutController($http,$location) {
  168. $http.get("https://ssc.teaser.insomnihack.ch/api/user.php?action=logout",{withCredentials: true}).then(function(response) {
  169. location.href = "/";
  170. })
  171. }]);
  172.  
  173.  
  174.  
  175.  
  176. sscApp.controller('FilesController', ['Auth','$http','$location','$scope','Keys', function FilesController(Auth,$http,$location,$scope,Keys) {
  177.  
  178. $scope.getFiles = function() {
  179. $http.get("https://ssc.teaser.insomnihack.ch/api/files.php?action=list",{withCredentials: true}).then(function(response) {
  180. $scope.files = response.data;
  181. },function(response){console.log(response);});
  182. };
  183.  
  184. $scope.downloadFile = function(id) {
  185. console.log("Download file " + id);
  186. $http.get("https://ssc.teaser.insomnihack.ch/api/files.php?action=download&id="+id,{withCredentials: true}).then(function(response) {
  187. var name = response.data.name;
  188. var content = JSON.parse(response.data.content);
  189. var key = Keys.getPrivKey();
  190. crypto.subtle.decrypt({name:"RSA-OAEP"},key,$scope._Base64ToArrayBuffer(content.sessionkey)).then(function(sesskey) {
  191.  
  192. crypto.subtle.importKey('raw', sesskey, {name:"AES-CBC"},true,['encrypt','decrypt']).then(function(realsesskey) {
  193. console.log("Session key:" + realsesskey);
  194. window.crypto.subtle.decrypt({name: "AES-CBC", iv: $scope._Base64ToArrayBuffer(content.iv)}, realsesskey, $scope._Base64ToArrayBuffer(content.file)).then(function(dec) {
  195. console.log(dec);
  196. var blob = new Blob([dec], {type: 'application/octet-stream'});
  197. var url = window.URL.createObjectURL(blob);
  198. var anchor = document.createElement("a");
  199. anchor.download = name;
  200. anchor.href = url;
  201. anchor.click();
  202. window.URL.revokeObjectURL(url);
  203. anchor.remove();
  204. },function(e){console.log(e);});
  205. },function(e){console.log(e);});
  206.  
  207. },function(response){console.log(response);});
  208. }, function(response){console.log(response);});
  209. }
  210.  
  211. $scope._arrayBufferToBase64 = function( buffer ) {
  212. var binary = '';
  213. var bytes = new Uint8Array( buffer );
  214. var len = bytes.byteLength;
  215. for (var i = 0; i < len; i++) {
  216. binary += String.fromCharCode( bytes[ i ] );
  217. }
  218. return window.btoa( binary );
  219. }
  220.  
  221. $scope._Base64ToArrayBuffer = function( buffer ) {
  222. var binary_string = window.atob(buffer);
  223. var len = binary_string.length;
  224. var bytes = new Uint8Array( len );
  225. for (var i = 0; i < len; i++) {
  226. bytes[i] = binary_string.charCodeAt(i);
  227. }
  228. return bytes.buffer;
  229. }
  230.  
  231. $scope.submitForm = function() {
  232. var file = document.getElementById('uploadFile').files[0];
  233. var reader = new FileReader();
  234. var pubKey = Keys.getPubKey();
  235. reader.onload = function(e) {
  236. var cleartext = e.target.result;
  237. window.crypto.subtle.generateKey(
  238. {name: "AES-CBC", length: 128},
  239. true,
  240. ["encrypt", "decrypt"]).then(function(key) {
  241. var iv = window.crypto.getRandomValues(new Uint8Array(16));
  242. var sessionkey = key;
  243. window.crypto.subtle.encrypt({name: "AES-CBC", iv: iv}, key, cleartext).then(function(enc) {
  244. console.log(enc);
  245. var encfile = enc;
  246. console.log("sesskey : " + sessionkey);
  247. crypto.subtle.exportKey('raw', sessionkey).then(function(exportedKey){
  248. crypto.subtle.encrypt({name:"RSA-OAEP"},pubKey,exportedKey).then(function(encrypted) {
  249. var res = {sessionkey: $scope._arrayBufferToBase64(encrypted), iv: $scope._arrayBufferToBase64(iv), file: $scope._arrayBufferToBase64(encfile)};
  250.  
  251. //console.log(JSON.stringify(res));
  252. $http({
  253. method: 'POST',
  254. url: "https://ssc.teaser.insomnihack.ch/api/files.php",
  255. data: "action=upload&file="+encodeURIComponent(JSON.stringify(res))+"&name="+encodeURIComponent(file.name),
  256. headers : {'Content-Type': 'application/x-www-form-urlencoded'},
  257. withCredentials: true,
  258. }).then(function(response) {
  259. if(response.data.status == 'SUCCESS') {
  260. $scope.getFiles();
  261. }
  262. }, function(response) {console.log(response);});
  263. });
  264. });
  265.  
  266. }
  267. );
  268. });
  269.  
  270.  
  271.  
  272.  
  273. };
  274. reader.readAsArrayBuffer(file);
  275. };
  276.  
  277.  
  278. if(!Auth.isLoggedIn()) {
  279. $location.path("/login");
  280. }
  281. else {
  282. $scope.files = $scope.getFiles();
  283. }
  284. }]);
  285.  
  286. sscApp.controller('KeyController', ['$scope','$location','Keys', function KeyController($scope,$location,Keys) {
  287. $scope.keys = "No keys"
  288.  
  289. $scope.generateKeys = function() {
  290. console.log("Generating keys");
  291. window.crypto.subtle.generateKey({
  292. name: "RSA-OAEP",
  293. modulusLength: 2048, //can be 1024, 2048, or 4096
  294. publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
  295. hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
  296. },
  297. true, //whether the key is extractable (i.e. can be used in exportKey)
  298. ["encrypt", "decrypt"] //must be ["encrypt", "decrypt"] or ["wrapKey", "unwrapKey"]
  299. )
  300. .then(function(key){
  301. window.crypto.subtle.exportKey("jwk",key.publicKey).then(function(key) {
  302. localStorage.setItem("publicKey",JSON.stringify(key));
  303. });
  304. window.crypto.subtle.exportKey("jwk",key.privateKey).then(function(key) {
  305. localStorage.setItem("privateKey",JSON.stringify(key));
  306. });
  307.  
  308. })
  309. .catch(function(err){
  310. console.error(err);
  311. });
  312. };
  313. try {
  314. $scope.keys = "Fetching keys, please wait...";
  315. keys = {privateKey: JSON.parse(localStorage.getItem("privateKey")), pubKey : JSON.parse(localStorage.getItem("publicKey"))};
  316. window.crypto.subtle.importKey("jwk",keys.privateKey,{name:"RSA-OAEP", hash: {name: "SHA-256"},},true,["decrypt"]).then(function(privateKey){
  317. $scope.privateKey = privateKey;
  318. Keys.setPrivKey(privateKey);
  319. //$scope.$apply();
  320. }).catch(function(err) {
  321. console.log(err);
  322. $scope.keys = "Error getting your keys, generating new ones.";
  323. $scope.generateKeys();
  324. });
  325. window.crypto.subtle.importKey("jwk",keys.pubKey,{name:"RSA-OAEP", hash: {name: "SHA-256"},},true,["encrypt"]).then(function(publicKey){
  326. $scope.pubKey = publicKey;
  327. Keys.setPubKey(publicKey);
  328. $scope.keys = "You have a key pair, you can send files securely.";
  329. $scope.$apply();
  330.  
  331. }).catch(function(err) {
  332. console.log(err);
  333. $scope.keys = "Error getting your keys, generating new ones.";
  334. $scope.generateKeys();
  335. });
  336. //$scope.pubKey = window.crypto.subtle.importKey("jwk",keys.publicKey);
  337.  
  338. }
  339. catch(err) {
  340. console.log(err);
  341. $scope.keys = "Error getting your keys, generating new ones.";
  342. $scope.generateKeys();
  343. }
  344. }]);
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!