diff options
author | cel <cel@f/6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=.ed25519> | 2017-05-25 16:06:28 -1000 |
---|---|---|
committer | cel <cel@f/6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=.ed25519> | 2017-05-26 13:40:38 -1000 |
commit | 62e7e74bd278473cc4358700b7f2b5c0a78ac681 (patch) | |
tree | 8519cd1fbf0bb3827922f59646d28fe6258768df /lib/app.js | |
parent | 6dbfedff2f7246430f4e6da100bc3baed0ef4ce1 (diff) | |
download | patchfoo-62e7e74bd278473cc4358700b7f2b5c0a78ac681.tar.gz patchfoo-62e7e74bd278473cc4358700b7f2b5c0a78ac681.zip |
Encrypt blobs in private messages
Diffstat (limited to 'lib/app.js')
-rw-r--r-- | lib/app.js | 56 |
1 files changed, 49 insertions, 7 deletions
@@ -11,6 +11,10 @@ var Contacts = require('ssb-contact') var About = require('./about') var Serve = require('./serve') var Render = require('./render') +var BoxStream = require('pull-box-stream') +var crypto = require('crypto') + +var zeros = new Buffer(24); zeros.fill(0) module.exports = App @@ -168,16 +172,54 @@ App.prototype.publish = function (content, cb) { tryPublish(2) } -App.prototype.addBlob = function (cb) { +App.prototype.addBlobRaw = function (cb) { var done = multicb({pluck: 1, spread: true}) - var hashCb = done() - var addCb = done() - done(function (err, hash, add) { - cb(err, hash) + var sink = pull( + hasher(done()), + u.pullLength(done()), + this.sbot.blobs.add(done()) + ) + done(function (err, hash, size, _) { + if (err) return cb(err) + cb(null, {link: hash, size: size}) }) + return sink +} + +App.prototype.addBlob = function (isPrivate, cb) { + if (!isPrivate) return this.addBlobRaw(cb) + else return this.addBlobPrivate(cb) +} + +App.prototype.addBlobPrivate = function (cb) { + var bufs = [] + var self = this + // use the hash of the cleartext as the key to encrypt the blob + var hash = crypto.createHash('sha256') + return pull.drain(function (buf) { + bufs.push(buf) + hash.update(buf) + }, function (err) { + if (err) return cb(err) + var secret = hash.digest() + pull( + pull.values(bufs), + BoxStream.createBoxStream(secret, zeros), + self.addBlobRaw(function (err, link) { + if (err) return cb(err) + link.key = secret.toString('base64') + cb(null, link) + }) + ) + }) +} + +App.prototype.getBlob = function (id, key) { + if (!key) return this.sbot.blobs.get(id) + if (typeof key === 'string') key = new Buffer(key, 'base64') return pull( - hasher(hashCb), - this.sbot.blobs.add(addCb) + this.sbot.blobs.get(id), + BoxStream.createUnboxStream(key, zeros) ) } |