git ssb - Merge pull request #60 from ssbc/add-private-blobs

Commit 8949e8dbfc5ddb4b87f2c9508980de7c0f848e7b

Merge pull request #60 from ssbc/add-private-blobs

 add `private` option to blob.html.input for encrypted blobs

Matt McKegg authored on 4/13/2018, 4:19:54 AM
GitHub committed on 4/13/2018, 4:19:54 AM
Parent: e9bb4e285f6ed74c209f836552ac3cc01c7822c6
Parent: beef767c0ae0cb59f9f2de9b646e34b89c0e43a7

Files changed

blob/html/input.js	changed
message/html/markdown.js	changed
package-lock.json	changed
package.json	changed

blob/html/input.jsView
		@@ -1,13 +1,20 @@
1	1 …	var h = require('mutant/h')
	2 …	+var resolve = require('mutant/resolve')
	3 …	+var onceTrue = require('mutant/once-true')
2	4 …	var pull = require('pull-stream')
3	5 …	var mime = require('simple-mime')('application/octect-stream')
4	6 …	var split = require('split-buffer')
5	7 …	var nest = require('depnest')
	8 …	+var Defer = require('pull-defer')
	9 …	+var BoxStream = require('pull-box-stream')
	10 …	+var crypto = require('crypto')
	11 …	+var zeros = Buffer.alloc(24, 0)
6	12 …
7	13 …	module.exports = {
8	14 …	needs: nest({
9		- 'sbot.async.addBlob': 'first'
	15 …	+ 'sbot.obs.connection': 'first'
	16 …	+
10	17 …	}),
11	18 …	gives: nest('blob.html.input'),
12	19 …	create: function (api) {
13	20 …	return nest('blob.html.input', function FileInput (onAdded, opts = {}) {
		@@ -49,9 +56,12 @@
49	56 …	function next (file) {
50	57 …	var reader = new global.FileReader()
51	58 …	reader.onload = function () {
52	59 …	var stream = pull.values(split(new Buffer(reader.result), 64 * 1024))
53		- api.sbot.async.addBlob(stream, function (err, blob) {
	60 …	+ pull(stream, AddBlob({
	61 …	+ connection: api.sbot.obs.connection,
	62 …	+ encrypt: resolve(opts.private)
	63 …	+ }, (err, blob) => {
54	64 …	if (err) return console.error(err)
55	65 …	onAdded({
56	66 …	link: blob,
57	67 …	name: fileName,
		@@ -59,9 +69,9 @@
59	69 …	type: mimeType
60	70 …	})
61	71 …
62	72 …	ev.target.value = ''
63		- })
	73 …	+ }))
64	74 …	}
65	75 …	reader.readAsArrayBuffer(file)
66	76 …	}
67	77 …	}
		@@ -157,4 +167,56 @@
157	167 …
158	168 …	ctx.drawImage(img, -img.width / 2, -img.height / 2)
159	169 …	return canvas
160	170 …	}
	171 …	+
	172 …	+function AddBlob ({connection, encrypt = false}, cb) {
	173 …	+ var stream = Defer.sink()
	174 …	+ onceTrue(connection, sbot => {
	175 …	+ if (encrypt) {
	176 …	+ // FROM: https://github.com/ssbc/ssb-secret-blob/blob/master/index.js
	177 …	+ // here we need to hash something twice, first, hash the plain text to use as the
	178 …	+ // key. This has the benefit of encrypting deterministically - the same file will
	179 …	+ // have the same hash. This can be used to deduplicate storage, but has privacy
	180 …	+ // implications. I do it here just because it's early days and this makes testing
	181 …	+ // easier.
	182 …	+
	183 …	+ stream.resolve(Hash(function (err, buffers, key) {
	184 …	+ if (err) return cb(err)
	185 …	+ pull(
	186 …	+ pull.once(Buffer.concat(buffers)),
	187 …	+ BoxStream.createBoxStream(key, zeros),
	188 …	+ Hash(function (err, buffers, hash) {
	189 …	+ if (err) return cb(err)
	190 …	+ var id = '&' + hash.toString('base64') + '.sha256'
	191 …	+ pull(
	192 …	+ pull.values(buffers),
	193 …	+ sbot.blobs.add(id, function (err) {
	194 …	+ if (err) return cb(err)
	195 …	+ sbot.blobs.push(id, function (err) {
	196 …	+ if (err) return cb(err)
	197 …	+ cb(null, id + '?unbox=' + key.toString('base64') + '.boxs')
	198 …	+ })
	199 …	+ })
	200 …	+ )
	201 …	+ })
	202 …	+ )
	203 …	+ }))
	204 …	+ } else {
	205 …	+ stream.resolve(sbot.blobs.add(cb))
	206 …	+ }
	207 …	+ })
	208 …	+ return stream
	209 …	+}
	210 …	+
	211 …	+function Hash (cb) {
	212 …	+ var hash = crypto.createHash('sha256')
	213 …	+ var buffers = []
	214 …	+ var hasher = pull.drain(function (data) {
	215 …	+ data = typeof data === 'string' ? new Buffer(data) : data
	216 …	+ buffers.push(data)
	217 …	+ hash.update(data)
	218 …	+ }, function (err) {
	219 …	+ cb(err, buffers, hash.digest())
	220 …	+ })
	221 …	+ return hasher
	222 …	+}

message/html/markdown.jsView
		@@ -41,9 +41,9 @@
41	41 …	: api.emoji.sync.url(emoji)
42	42 …	return renderEmoji(emoji, url)
43	43 …	},
44	44 …	toUrl: (id) => {
45		- if (id[0] == '&') return api.blob.sync.url(id)
	45 …	+ if (id.startsWith('&')) return api.blob.sync.url(id)
46	46 …	if (mentions[id]) {
47	47 …	return mentions[id]
48	48 …	} else if (ref.isLink(id) \|\| id.startsWith('#') \|\| id.startsWith('?')) {
49	49 …	return id

package-lock.jsonView
The diff is too large to show. Use a local git client to view these changes. Old file size: 106810 bytes New file size: 106810 bytes

package.jsonView
		@@ -1,7 +1,7 @@
1	1 …	{
2	2 …	"name": "patchcore",
3		- "version": "1.24.0",
	3 …	+ "version": "1.24.1",
4	4 …	"description": "minimal core for ssb clients",
5	5 …	"main": "index.js",
6	6 …	"scripts": {
7	7 …	"start": "electro example",
		@@ -43,9 +43,11 @@
43	43 …	"human-time": "0.0.1",
44	44 …	"mutant": "^3.21.2",
45	45 …	"mutant-pull-reduce": "^1.1.0",
46	46 …	"pull-abortable": "^4.1.0",
	47 …	+ "pull-box-stream": "~1.0.13",
47	48 …	"pull-cat": "^1.1.11",
	49 …	+ "pull-defer": "~0.2.2",
48	50 …	"pull-reconnect": "0.0.3",
49	51 …	"pull-stream": "^3.5.0",
50	52 …	"scuttle-blog": "^1.0.0",
51	53 …	"simple-mime": "^0.1.0",

Built with git-ssb-web

dinoworm 🐛 / patchcore

Commit 8949e8dbfc5ddb4b87f2c9508980de7c0f848e7b

Merge pull request #60 from ssbc/add-private-blobs

Files changed