2016-09-23 18:03:37 +08:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @ngdoc service
|
|
|
|
|
* @name passmanApp.ShareService
|
|
|
|
|
* @description
|
|
|
|
|
* # ShareService
|
|
|
|
|
* Service in the passmanApp.
|
|
|
|
|
*/
|
|
|
|
|
angular.module('passmanApp')
|
2016-10-02 18:35:27 +08:00
|
|
|
.service('ShareService', ['$http', 'VaultService', 'EncryptService', 'CredentialService', function ($http, VaultService, EncryptService, CredentialService) {
|
2016-09-26 20:23:31 +08:00
|
|
|
// Setup sjcl random engine to max paranoia level and start collecting data
|
2016-10-02 18:35:27 +08:00
|
|
|
var paranoia_level = 10;
|
2016-09-26 20:23:31 +08:00
|
|
|
sjcl.random.setDefaultParanoia(paranoia_level);
|
|
|
|
|
sjcl.random.startCollectors();
|
|
|
|
|
|
2016-09-23 18:03:37 +08:00
|
|
|
return {
|
|
|
|
|
search: function (string) {
|
|
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/search');
|
|
|
|
|
return $http.post(queryUrl, {search: string}).then(function (response) {
|
|
|
|
|
if (response.data) {
|
|
|
|
|
return response.data;
|
|
|
|
|
} else {
|
|
|
|
|
return response;
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-09-25 23:46:55 +08:00
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
shareWithUser: function (credential, target_user_data) {
|
2016-10-02 07:56:36 +08:00
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/share');
|
|
|
|
|
return $http.post(queryUrl,
|
|
|
|
|
{
|
|
|
|
|
item_id: credential.credential_id,
|
|
|
|
|
item_guid: credential.guid,
|
|
|
|
|
permissions: target_user_data.accessLevel,
|
|
|
|
|
vaults: target_user_data.vaults,
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
},
|
2016-09-27 02:36:51 +08:00
|
|
|
getVaultsByUser: function (userId) {
|
2016-10-04 05:00:46 +08:00
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/vaults/' + userId);
|
2016-09-27 04:36:05 +08:00
|
|
|
return $http.get(queryUrl, {search: userId}).then(function (response) {
|
2016-09-27 02:36:51 +08:00
|
|
|
if (response.data) {
|
2016-10-04 05:00:46 +08:00
|
|
|
for (var i = 0; i < response.data.length; i++) {
|
2016-09-29 03:56:54 +08:00
|
|
|
response.data[i].public_sharing_key = forge.pki.publicKeyFromPem(response.data[i].public_sharing_key);
|
|
|
|
|
}
|
2016-09-27 02:36:51 +08:00
|
|
|
return response.data;
|
|
|
|
|
} else {
|
|
|
|
|
return response;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
},
|
2016-10-02 20:26:22 +08:00
|
|
|
getPendingRequests: function () {
|
|
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/pending');
|
2016-10-02 22:10:04 +08:00
|
|
|
return $http.get(queryUrl).then(function (response) {
|
2016-10-04 05:00:46 +08:00
|
|
|
if (response.data) {
|
2016-10-02 22:10:04 +08:00
|
|
|
return response.data;
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-10-02 20:26:22 +08:00
|
|
|
},
|
|
|
|
|
saveSharingRequest: function (request, crypted_shared_key) {
|
|
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/save');
|
|
|
|
|
return $http.post(queryUrl, {
|
|
|
|
|
item_guid: request.item_guid,
|
|
|
|
|
target_vault_guid: request.target_vault_guid,
|
|
|
|
|
final_shared_key: crypted_shared_key
|
2016-10-02 22:59:15 +08:00
|
|
|
}).then(function (response) {
|
|
|
|
|
return response.data;
|
|
|
|
|
})
|
2016-10-02 20:26:22 +08:00
|
|
|
},
|
2016-10-03 21:52:11 +08:00
|
|
|
unshareCredential: function (credential) {
|
2016-10-04 05:00:46 +08:00
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/unshare/' + credential.guid);
|
2016-10-03 21:52:11 +08:00
|
|
|
return $http.delete(queryUrl).then(function (response) {
|
|
|
|
|
return response.data;
|
|
|
|
|
})
|
|
|
|
|
},
|
2016-10-04 04:28:30 +08:00
|
|
|
getPublicSharedCredential: function (credential_guid) {
|
2016-10-04 05:06:37 +08:00
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/public/credential/' + credential_guid);
|
2016-10-03 17:42:19 +08:00
|
|
|
return $http.get(queryUrl).then(function (response) {
|
2016-10-04 05:00:46 +08:00
|
|
|
if (response.data) {
|
|
|
|
|
return response;
|
|
|
|
|
} else {
|
|
|
|
|
return response;
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
function (result) {
|
|
|
|
|
return result;
|
|
|
|
|
})
|
2016-10-03 17:42:19 +08:00
|
|
|
},
|
2016-10-03 01:14:30 +08:00
|
|
|
getCredendialsSharedWithUs: function (vault_guid) {
|
2016-10-04 05:00:46 +08:00
|
|
|
var queryUrl = OC.generateUrl('apps/passman/api/v2/sharing/vault/' + vault_guid + '/get');
|
2016-10-03 01:09:50 +08:00
|
|
|
return $http.get(queryUrl).then(function (response) {
|
2016-10-04 05:00:46 +08:00
|
|
|
if (response.data) {
|
2016-10-03 01:09:50 +08:00
|
|
|
return response.data;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
encryptSharedCredential: function (credential, sharedKey) {
|
2016-10-02 19:00:52 +08:00
|
|
|
var _credential = angular.copy(credential);
|
2016-10-03 02:18:51 +08:00
|
|
|
_credential.shared_key = EncryptService.encryptString(sharedKey);
|
2016-10-02 18:35:27 +08:00
|
|
|
var encrypted_fields = CredentialService.getEncryptedFields();
|
2016-10-04 05:00:46 +08:00
|
|
|
for (var i = 0; i < encrypted_fields.length; i++) {
|
2016-10-02 18:35:27 +08:00
|
|
|
var field = encrypted_fields[i];
|
|
|
|
|
var fieldValue = angular.copy(credential[field]);
|
|
|
|
|
_credential[field] = EncryptService.encryptString(JSON.stringify(fieldValue), sharedKey);
|
|
|
|
|
}
|
2016-10-02 19:00:52 +08:00
|
|
|
return _credential;
|
2016-10-02 18:35:27 +08:00
|
|
|
},
|
|
|
|
|
decryptSharedCredential: function (credential, sharedKey) {
|
|
|
|
|
var _credential = angular.copy(credential);
|
|
|
|
|
var encrypted_fields = CredentialService.getEncryptedFields();
|
|
|
|
|
for (var i = 0; i < encrypted_fields.length; i++) {
|
|
|
|
|
var field = encrypted_fields[i];
|
|
|
|
|
var fieldValue = angular.copy(_credential[field]);
|
2016-10-04 05:00:46 +08:00
|
|
|
if (_credential.hasOwnProperty(field)) {
|
2016-10-03 22:05:07 +08:00
|
|
|
try {
|
|
|
|
|
var field_decrypted_value = EncryptService.decryptString(fieldValue, sharedKey);
|
|
|
|
|
} catch (e) {
|
|
|
|
|
console.log(e);
|
|
|
|
|
throw e
|
|
|
|
|
}
|
|
|
|
|
try {
|
|
|
|
|
_credential[field] = JSON.parse(field_decrypted_value);
|
|
|
|
|
} catch (e) {
|
|
|
|
|
console.log('Field' + field + ' in ' + _credential.label + ' could not be parsed! Value:' + fieldValue)
|
|
|
|
|
throw e
|
|
|
|
|
}
|
2016-10-02 18:35:27 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return _credential;
|
|
|
|
|
},
|
|
|
|
|
|
2016-10-04 05:00:46 +08:00
|
|
|
generateRSAKeys: function (key_length, progress, callback) {
|
|
|
|
|
var p = new C_Promise(function () {
|
2016-09-26 20:23:31 +08:00
|
|
|
var state = forge.pki.rsa.createKeyPairGenerationState(key_length, 0x10001);
|
2016-10-04 05:00:46 +08:00
|
|
|
var step = function () {
|
2016-09-26 20:23:31 +08:00
|
|
|
// run for 100 ms
|
2016-10-04 05:00:46 +08:00
|
|
|
if (!forge.pki.rsa.stepKeyPairGenerationState(state, 100)) {
|
2016-09-26 20:23:31 +08:00
|
|
|
// console.log(state);
|
|
|
|
|
if (state.p !== null) {
|
|
|
|
|
// progress(50);
|
2016-09-26 23:05:47 +08:00
|
|
|
this.call_progress(50);
|
2016-09-26 20:23:31 +08:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
// progress(0);
|
2016-09-26 23:05:47 +08:00
|
|
|
this.call_progress(0);
|
2016-09-26 20:23:31 +08:00
|
|
|
}
|
2016-09-26 23:05:47 +08:00
|
|
|
setTimeout(step.bind(this), 1);
|
2016-09-26 02:19:58 +08:00
|
|
|
}
|
|
|
|
|
else {
|
2016-09-26 20:23:31 +08:00
|
|
|
// callback(state.keys);
|
2016-09-26 23:05:47 +08:00
|
|
|
this.call_then(state.keys);
|
2016-09-26 02:19:58 +08:00
|
|
|
}
|
2016-09-26 20:23:31 +08:00
|
|
|
};
|
2016-09-26 23:05:47 +08:00
|
|
|
setTimeout(step.bind(this), 100);
|
2016-09-26 20:23:31 +08:00
|
|
|
});
|
|
|
|
|
return p;
|
|
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
generateSharedKey: function (size) {
|
2016-09-26 20:23:31 +08:00
|
|
|
size = size || 20;
|
2016-10-04 05:00:46 +08:00
|
|
|
return new C_Promise(function () {
|
2016-09-27 04:36:05 +08:00
|
|
|
var t = this;
|
2016-09-26 20:23:31 +08:00
|
|
|
CRYPTO.PASSWORD.generate(size,
|
2016-10-04 05:00:46 +08:00
|
|
|
function (pass) {
|
2016-09-27 04:36:05 +08:00
|
|
|
t.call_then(pass);
|
2016-09-26 20:23:31 +08:00
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
function (progress) {
|
2016-09-27 04:36:05 +08:00
|
|
|
t.call_progress(progress);
|
2016-09-26 20:23:31 +08:00
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
})
|
2016-09-25 23:46:55 +08:00
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
rsaKeyPairToPEM: function (keypair) {
|
2016-09-25 23:46:55 +08:00
|
|
|
return {
|
2016-10-04 05:00:46 +08:00
|
|
|
'publicKey': forge.pki.publicKeyToPem(keypair.publicKey),
|
|
|
|
|
'privateKey': forge.pki.privateKeyToPem(keypair.privateKey)
|
2016-09-25 23:46:55 +08:00
|
|
|
};
|
2016-09-26 00:42:41 +08:00
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
getSharingKeys: function () {
|
2016-09-26 04:02:58 +08:00
|
|
|
var vault = VaultService.getActiveVault();
|
2016-10-04 05:00:46 +08:00
|
|
|
return {
|
2016-09-26 04:02:58 +08:00
|
|
|
'private_sharing_key': EncryptService.decryptString(angular.copy(vault.private_sharing_key)),
|
|
|
|
|
'public_sharing_key': vault.public_sharing_key
|
|
|
|
|
};
|
|
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
rsaPrivateKeyFromPEM: function (private_pem) {
|
2016-09-26 00:42:41 +08:00
|
|
|
return forge.pki.privateKeyFromPem(private_pem);
|
|
|
|
|
},
|
2016-10-04 05:00:46 +08:00
|
|
|
rsaPublicKeyFromPEM: function (public_pem) {
|
2016-09-26 00:42:41 +08:00
|
|
|
return forge.pki.publicKeyFromPem(public_pem);
|
2016-09-29 03:56:54 +08:00
|
|
|
},
|
|
|
|
|
/**
|
|
|
|
|
* Cyphers an array of string in a non-blocking way
|
2016-10-04 05:00:46 +08:00
|
|
|
* @param vaults[] An array of vaults with the processed public keys
|
|
|
|
|
* @param string The string to cypher
|
2016-09-29 03:56:54 +08:00
|
|
|
*/
|
2016-10-04 05:00:46 +08:00
|
|
|
cypherRSAStringWithPublicKeyBulkAsync: function (vaults, string) {
|
|
|
|
|
var workload = function () {
|
2016-09-29 03:56:54 +08:00
|
|
|
if (this.current_index < this.vaults.length > 0 && this.vaults.length > 0) {
|
2016-10-02 07:56:36 +08:00
|
|
|
var _vault = angular.copy(this.vaults[this.current_index]);
|
|
|
|
|
_vault.key = forge.util.encode64(
|
|
|
|
|
_vault.public_sharing_key.encrypt(this.string)
|
|
|
|
|
);
|
2016-09-29 03:56:54 +08:00
|
|
|
this.data.push(
|
2016-10-02 07:56:36 +08:00
|
|
|
_vault
|
2016-09-29 03:56:54 +08:00
|
|
|
);
|
|
|
|
|
this.current_index++;
|
|
|
|
|
|
|
|
|
|
this.call_progress(this.current_index);
|
|
|
|
|
setTimeout(workload.bind(this), 1);
|
|
|
|
|
}
|
2016-10-04 05:00:46 +08:00
|
|
|
else {
|
2016-09-29 03:56:54 +08:00
|
|
|
this.call_then(this.data);
|
|
|
|
|
}
|
|
|
|
|
};
|
2016-10-04 05:00:46 +08:00
|
|
|
return new C_Promise(function () {
|
2016-09-29 03:56:54 +08:00
|
|
|
this.data = [];
|
|
|
|
|
this.vaults = vaults;
|
|
|
|
|
this.string = string;
|
|
|
|
|
this.current_index = 0;
|
|
|
|
|
|
|
|
|
|
setTimeout(workload.bind(this), 0);
|
|
|
|
|
});
|
2016-09-23 18:03:37 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}]);
|
