Notes/src/services/protected_session.js

"use strict";

const utils = require('./utils');
const dataEncryptionService = require('./data_encryption');
const cls = require('./cls');

const dataKeyMap = {};

function setDataKey(decryptedDataKey) {
    const protectedSessionId = utils.randomSecureToken(32);

    dataKeyMap[protectedSessionId] = Array.from(decryptedDataKey); // can't store buffer in session

    return protectedSessionId;
}

function setProtectedSessionId(req) {
    cls.namespace.set('protectedSessionId', req.cookies.protectedSessionId);
}

function getProtectedSessionId() {
    return cls.namespace.get('protectedSessionId');
}

function getDataKey() {
    const protectedSessionId = getProtectedSessionId();

    return dataKeyMap[protectedSessionId];
}

function isProtectedSessionAvailable() {
    const protectedSessionId = getProtectedSessionId();

    return !!dataKeyMap[protectedSessionId];
}

function decryptNotes(notes) {
    for (const note of notes) {
        if (note.isProtected) {
            note.title = decryptString(note.title);
        }
    }
}

function encrypt(plainText) {
    return dataEncryptionService.encrypt(getDataKey(), plainText);
}

function decrypt(cipherText) {
    return dataEncryptionService.decrypt(getDataKey(), cipherText);
}

function decryptString(cipherText) {
    return dataEncryptionService.decryptString(getDataKey(), cipherText);
}

module.exports = {
    setDataKey,
    getDataKey,
    isProtectedSessionAvailable,
    encrypt,
    decrypt,
    decryptString,
    decryptNotes,
    setProtectedSessionId
};
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`"use strict";`

refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`const utils = require('./utils');`
refactored backend to use new naming convention for modules 2018-04-01 21:27:46 -04:00			`const dataEncryptionService = require('./data_encryption');`
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`const cls = require('./cls');`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00
refactored backend to use new naming convention for modules 2018-04-01 21:27:46 -04:00			`const dataKeyMap = {};`

autocomplete supports encrypted notes now as well 2018-04-20 00:12:01 -04:00			`function setDataKey(decryptedDataKey) {`
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`const protectedSessionId = utils.randomSecureToken(32);`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`dataKeyMap[protectedSessionId] = Array.from(decryptedDataKey); // can't store buffer in session`

			`return protectedSessionId;`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`}`

removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`function setProtectedSessionId(req) {`
fix csrf protection on electron build 2019-03-31 12:49:42 +02:00			`cls.namespace.set('protectedSessionId', req.cookies.protectedSessionId);`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`}`

removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`function getProtectedSessionId() {`
			`return cls.namespace.get('protectedSessionId');`
			`}`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`function getDataKey() {`
			`const protectedSessionId = getProtectedSessionId();`
server side encryption WIP 2017-11-10 22:55:19 -05:00
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`return dataKeyMap[protectedSessionId];`
support encryption for files, closes #60 2018-02-23 22:58:24 -05:00			`}`

autocomplete supports encrypted notes now as well 2018-04-20 00:12:01 -04:00			`function isProtectedSessionAvailable() {`
			`const protectedSessionId = getProtectedSessionId();`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`return !!dataKeyMap[protectedSessionId];`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`}`

removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`function decryptNotes(notes) {`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00			`for (const note of notes) {`
moving out note revision content into separate table, refactoring, WIP 2019-10-31 21:58:34 +01:00			`if (note.isProtected) {`
fix decrypting note titles on the server installation, closes #724 2019-11-26 19:49:52 +01:00			`note.title = decryptString(note.title);`
fix creating note directly as protected 2019-03-30 19:24:53 +01:00			`}`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00			`}`
			`}`

moving out note revision content into separate table, refactoring, WIP 2019-10-31 21:58:34 +01:00			`function encrypt(plainText) {`
			`return dataEncryptionService.encrypt(getDataKey(), plainText);`
split out note's content into separate entity, WIP 2019-02-06 20:19:25 +01:00			`}`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00
moving out note revision content into separate table, refactoring, WIP 2019-10-31 21:58:34 +01:00			`function decrypt(cipherText) {`
fixes 2019-11-01 23:05:33 +01:00			`return dataEncryptionService.decrypt(getDataKey(), cipherText);`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00			`}`

use decryptString() 2019-11-02 07:50:23 +01:00			`function decryptString(cipherText) {`
			`return dataEncryptionService.decryptString(getDataKey(), cipherText);`
			`}`

refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`module.exports = {`
			`setDataKey,`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`getDataKey,`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00			`isProtectedSessionAvailable,`
moving out note revision content into separate table, refactoring, WIP 2019-10-31 21:58:34 +01:00			`encrypt,`
			`decrypt,`
use decryptString() 2019-11-02 07:50:23 +01:00			`decryptString,`
refactoring / unification of note encryption / decryption 2018-01-24 22:13:41 -05:00			`decryptNotes,`
removed dataKey where it's not necessary anymore (use of CLS instead) 2018-03-31 08:53:52 -04:00			`setProtectedSessionId`
refactoring of password change and preparations for server side encryption 2017-11-09 23:25:23 -05:00			`};`