Notes/public/javascripts/encryption.js

"use strict";

const encryption = (function() {
    const dialogEl = $("#encryption-password-dialog");
    const encryptionPasswordFormEl = $("#encryption-password-form");
    const encryptionPasswordEl = $("#encryption-password");

    let encryptionDeferred = null;
    let lastEncryptionOperationDate = null;
    let encryptionSessionTimeout = null;
    let protectedSessionId = null;

    $.ajax({
        url: baseApiUrl + 'settings/all',
        type: 'GET',
        error: () => showError("Error getting encryption settings.")
    }).then(settings => {
        encryptionSessionTimeout = settings.encryption_session_timeout;
    });

    function setEncryptionSessionTimeout(encSessTimeout) {
        encryptionSessionTimeout = encSessTimeout;
    }

    function ensureProtectedSession(requireEncryption, modal) {
        const dfd = $.Deferred();

        if (requireEncryption && !isEncryptionAvailable()) {
            // if this is entry point then we need to show the app even before the note is loaded
            showAppIfHidden();

            encryptionDeferred = dfd;

            dialogEl.dialog({
                modal: modal,
                width: 400,
                open: () => {
                    if (!modal) {
                        // dialog steals focus for itself, which is not what we want for non-modal (viewing)
                        treeUtils.getNodeByKey(noteEditor.getCurrentNoteId()).setFocus();
                    }
                }
            });
        }
        else {
            dfd.resolve();
        }

        return dfd.promise();
    }

    async function setupProtectedSession() {
        const password = encryptionPasswordEl.val();
        encryptionPasswordEl.val("");

        const response = await enterProtectedSession(password);

        if (!response.success) {
            showError("Wrong password.");
            return;
        }

        protectedSessionId = response.protectedSessionId;
        initAjax();

        dialogEl.dialog("close");

        noteEditor.reload();
        noteTree.reload();

        if (encryptionDeferred !== null) {
            encryptionDeferred.resolve();

            encryptionDeferred = null;
        }
    }

    async function enterProtectedSession(password) {
        return await $.ajax({
            url: baseApiUrl + 'login/protected',
            type: 'POST',
            contentType: 'application/json',
            data: JSON.stringify({
                password: password
            }),
            error: () => showError("Error entering protected session.")
        });
    }

    function getProtectedSessionId() {
        return protectedSessionId;
    }

    function resetEncryptionSession() {
        protectedSessionId = null;

        initAjax();

        // most secure solution - guarantees nothing remained in memory
        // since this expires because user doesn't use the app, it shouldn't be disruptive
        window.location.reload(true);
    }

    function isEncryptionAvailable() {
        return protectedSessionId !== null;
    }

    async function protectNoteAndSendToServer() {
        await ensureProtectedSession(true, true);

        const note = noteEditor.getCurrentNote();

        noteEditor.updateNoteFromInputs(note);

        note.detail.is_protected = true;

        await noteEditor.saveNoteToServer(note);

        noteEditor.setNoteBackgroundIfProtected(note);
    }

    async function unprotectNoteAndSendToServer() {
        await ensureProtectedSession(true, true);

        const note = noteEditor.getCurrentNote();

        noteEditor.updateNoteFromInputs(note);

        note.detail.is_protected = false;

        await noteEditor.saveNoteToServer(note);

        noteEditor.setNoteBackgroundIfProtected(note);
    }

    encryptionPasswordFormEl.submit(() => {
        setupProtectedSession();

        return false;
    });

    setInterval(() => {
        if (lastEncryptionOperationDate !== null && new Date().getTime() - lastEncryptionOperationDate.getTime() > encryptionSessionTimeout * 1000) {
            resetEncryptionSession();
        }
    }, 5000);

    return {
        setEncryptionSessionTimeout,
        ensureProtectedSession,
        resetEncryptionSession,
        isEncryptionAvailable,
        protectNoteAndSendToServer,
        unprotectNoteAndSendToServer,
        getProtectedSessionId
    };
})();
"use strict" for all frontend files (backend was done earlier) 2017-11-04 19:38:50 -04:00			`"use strict";`

encryption converted to module 2017-11-04 18:18:55 -04:00			`const encryption = (function() {`
			`const dialogEl = $("#encryption-password-dialog");`
			`const encryptionPasswordFormEl = $("#encryption-password-form");`
			`const encryptionPasswordEl = $("#encryption-password");`

			`let encryptionDeferred = null;`
			`let lastEncryptionOperationDate = null;`
			`let encryptionSessionTimeout = null;`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`let protectedSessionId = null;`
encryption converted to module 2017-11-04 18:18:55 -04:00
encryption settings loading moved from tree to encryption module 2017-11-04 19:57:40 -04:00			`$.ajax({`
			`url: baseApiUrl + 'settings/all',`
			`type: 'GET',`
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`error: () => showError("Error getting encryption settings.")`
encryption settings loading moved from tree to encryption module 2017-11-04 19:57:40 -04:00			`}).then(settings => {`
			`encryptionSessionTimeout = settings.encryption_session_timeout;`
			`});`

encryption converted to module 2017-11-04 18:18:55 -04:00			`function setEncryptionSessionTimeout(encSessTimeout) {`
			`encryptionSessionTimeout = encSessTimeout;`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00			`}`
initial decallbackization and promisification of frontend 2017-11-03 20:01:32 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`function ensureProtectedSession(requireEncryption, modal) {`
encryption converted to module 2017-11-04 18:18:55 -04:00			`const dfd = $.Deferred();`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
server side encryption WIP 2017-11-12 21:40:26 -05:00			`if (requireEncryption && !isEncryptionAvailable()) {`
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`// if this is entry point then we need to show the app even before the note is loaded`
			`showAppIfHidden();`

encryption converted to module 2017-11-04 18:18:55 -04:00			`encryptionDeferred = dfd;`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`dialogEl.dialog({`
			`modal: modal,`
			`width: 400,`
			`open: () => {`
			`if (!modal) {`
			`// dialog steals focus for itself, which is not what we want for non-modal (viewing)`
tree utils as a module 2017-11-04 22:18:36 -04:00			`treeUtils.getNodeByKey(noteEditor.getCurrentNoteId()).setFocus();`
encryption converted to module 2017-11-04 18:18:55 -04:00			`}`
			`}`
			`});`
			`}`
			`else {`
			`dfd.resolve();`
			`}`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`return dfd.promise();`
			`}`
frontend now generates two scrypt hashes with different salts - one for verification and one for encryption. Lowered complexity to half to not affect frontend performance. 2017-09-08 20:55:24 -04:00
note history decryption now works, more cleanup 2017-11-14 22:21:56 -05:00			`async function setupProtectedSession() {`
encryption converted to module 2017-11-04 18:18:55 -04:00			`const password = encryptionPasswordEl.val();`
			`encryptionPasswordEl.val("");`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
server side encryption WIP 2017-11-10 22:55:19 -05:00			`const response = await enterProtectedSession(password);`

			`if (!response.success) {`
			`showError("Wrong password.");`
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`return;`
			`}`
fixed changing password 2017-09-17 00:18:03 -04:00
server side encryption WIP 2017-11-10 22:55:19 -05:00			`protectedSessionId = response.protectedSessionId;`
			`initAjax();`
note titles are now encrypted as well - plus auto-decryption of note tree and unloading 2017-09-06 23:13:39 -04:00
server side encryption WIP 2017-11-10 22:55:19 -05:00			`dialogEl.dialog("close");`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
server side encryption WIP 2017-11-12 21:40:26 -05:00			`noteEditor.reload();`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`noteTree.reload();`
encrypt and decrypt subtrees (in tree context menu) 2017-09-17 12:46:14 -04:00
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`if (encryptionDeferred !== null) {`
			`encryptionDeferred.resolve();`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`encryptionDeferred = null;`
			`}`
			`}`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
server side encryption WIP 2017-11-10 22:55:19 -05:00			`async function enterProtectedSession(password) {`
			`return await $.ajax({`
			`url: baseApiUrl + 'login/protected',`
			`type: 'POST',`
			`contentType: 'application/json',`
			`data: JSON.stringify({`
			`password: password`
			`}),`
			`error: () => showError("Error entering protected session.")`
			`});`
			`}`

			`function getProtectedSessionId() {`
			`return protectedSessionId;`
			`}`

encryption converted to module 2017-11-04 18:18:55 -04:00			`function resetEncryptionSession() {`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`protectedSessionId = null;`

			`initAjax();`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`// most secure solution - guarantees nothing remained in memory`
			`// since this expires because user doesn't use the app, it shouldn't be disruptive`
			`window.location.reload(true);`
using global one setInterval instead of scheduling setTimeout after each encryption operation (there can be many of them) 2017-09-06 23:16:54 -04:00			`}`
after changing password, encryption key changed so current encryption session is invalid and needs to be cleared 2017-09-12 23:07:08 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`function isEncryptionAvailable() {`
server side encryption WIP 2017-11-12 21:40:26 -05:00			`return protectedSessionId !== null;`
encryption converted to module 2017-11-04 18:18:55 -04:00			`}`
if parent note is encrypted, then child note will be created as encrypted as well 2017-09-08 22:43:02 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`async function protectNoteAndSendToServer() {`
			`await ensureProtectedSession(true, true);`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`const note = noteEditor.getCurrentNote();`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`noteEditor.updateNoteFromInputs(note);`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`note.detail.is_protected = true;`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`await noteEditor.saveNoteToServer(note);`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
note history decryption now works, more cleanup 2017-11-14 22:21:56 -05:00			`noteEditor.setNoteBackgroundIfProtected(note);`
encryption converted to module 2017-11-04 18:18:55 -04:00			`}`
encryption of note history if the note is encrypted 2017-11-02 23:36:58 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`async function unprotectNoteAndSendToServer() {`
			`await ensureProtectedSession(true, true);`
also de-encryption of note history plus bug fixes 2017-11-02 23:55:22 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`const note = noteEditor.getCurrentNote();`
initial decallbackization and promisification of frontend 2017-11-03 20:01:32 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`noteEditor.updateNoteFromInputs(note);`
encryption of note history if the note is encrypted 2017-11-02 23:36:58 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`note.detail.is_protected = false;`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
encryption converted to module 2017-11-04 18:18:55 -04:00			`await noteEditor.saveNoteToServer(note);`
encryption code separated into its own file 2017-09-06 22:06:43 -04:00
note history decryption now works, more cleanup 2017-11-14 22:21:56 -05:00			`noteEditor.setNoteBackgroundIfProtected(note);`
encryption converted to module 2017-11-04 18:18:55 -04:00			`}`
encrypt and decrypt subtrees (in tree context menu) 2017-09-17 12:46:14 -04:00
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00			`encryptionPasswordFormEl.submit(() => {`
note history decryption now works, more cleanup 2017-11-14 22:21:56 -05:00			`setupProtectedSession();`
cosmetic cleanup, mostly in encryption 2017-11-08 22:33:08 -05:00
			`return false;`
			`});`

			`setInterval(() => {`
			`if (lastEncryptionOperationDate !== null && new Date().getTime() - lastEncryptionOperationDate.getTime() > encryptionSessionTimeout * 1000) {`
			`resetEncryptionSession();`
			`}`
			`}, 5000);`

encryption converted to module 2017-11-04 18:18:55 -04:00			`return {`
			`setEncryptionSessionTimeout,`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`ensureProtectedSession,`
encryption converted to module 2017-11-04 18:18:55 -04:00			`resetEncryptionSession,`
			`isEncryptionAvailable,`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`protectNoteAndSendToServer,`
			`unprotectNoteAndSendToServer,`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`getProtectedSessionId`
encryption converted to module 2017-11-04 18:18:55 -04:00			`};`
			`})();`