From 51bd2df8d0518e0ecdd19c65a321ded88f1935d1 Mon Sep 17 00:00:00 2001
From: Gnieark <gnieark@free.fr>
Date: Sun, 22 Dec 2019 20:40:15 +0100
Subject: [PATCH] wip

---
 public/js/main.js                        |  54 +++++++-
 src/Controller/PadController.php         |  35 ++++--
 src/Entity/Pad.php                       | 153 +++++++++++++++++++++++
 src/Migrations/Version20191219161539.php |  35 ++++++
 src/Migrations/Version20191219162559.php |  35 ++++++
 src/Migrations/Version20191220210806.php |  35 ++++++
 src/Migrations/Version20191220211632.php |  35 ++++++
 templates/pad-view.html.twig             |   7 +-
 templates/pad.html.twig                  |   9 ++
 9 files changed, 381 insertions(+), 17 deletions(-)
 create mode 100644 src/Migrations/Version20191219161539.php
 create mode 100644 src/Migrations/Version20191219162559.php
 create mode 100644 src/Migrations/Version20191220210806.php
 create mode 100644 src/Migrations/Version20191220211632.php

diff --git a/public/js/main.js b/public/js/main.js
index 0832353..c33c07b 100644
--- a/public/js/main.js
+++ b/public/js/main.js
@@ -8,20 +8,64 @@ function showHideMenu()
         doc.className = "hidden-by-default";
     }
 }
-
+function getEncFieldsListStrings(){
+    return ['iv','mode','adata','cipher','salt'];
+}
+function getEncFieldsListIntegers(){
+    return ['v','iter','ks','ts'];
+}
 function crypt()
 {
     var key = document.getElementById("key").value;
-    var enc = sjcl.encrypt(key,document.getElementById("form_content").value);
-    document.getElementById("form_content").value = enc;
+    var enc = JSON.parse(sjcl.encrypt(key,document.getElementById("form_content").value));
+    var encFields = getEncFieldsListStrings();
+    encFields.forEach(element => {
+        document.getElementById("form_crypt_" + element).value = enc[element];
+    });
+    var encFields = getEncFieldsListIntegers();
+    encFields.forEach(element => {
+        document.getElementById("form_crypt_" + element).value = parseInt(enc[element]);
+    });
+
+    document.getElementById("form_content").value = enc["ct"];
+}
+function truncateCryptFields(){
+    getEncFieldsListIntegers().forEach( element=> {
+        document.getElementById("form_crypt_" + element).value = "";
+    });
+    getEncFieldsListStrings().forEach( element=> {
+        document.getElementById("form_crypt_" + element).value = "";
+    });
 }
 
+
 function uncrypt()
 {
+
     var key = document.getElementById("key").value;
     if( document.getElementById("form_content") ){
-        var clearTxt = sjcl.decrypt(key,document.getElementById("form_content").value);
-        document.getElementById("form_content").value = clearTxt;
+
+        var encArr = new Object();
+        var encFields =  getEncFieldsListStrings();
+        encFields.forEach(element => {
+            encArr[element] = document.getElementById("form_crypt_" + element).value;
+        });
+        var encFields = getEncFieldsListIntegers();
+        encFields.forEach(element => {
+            encArr[element] = parseInt(document.getElementById("form_crypt_" + element).value);
+        });
+        encArr["ct"] = document.getElementById("form_content").value;
+
+
+        try{
+            var clearTxt = sjcl.decrypt(key,JSON.stringify(encArr));
+            document.getElementById("form_content").value = clearTxt;
+            truncateCryptFields();
+        }
+        catch(error)
+        {
+            alert("Le pad n'a pas pu être déchiffré.");
+        }
     }else{
         var clearTxt = sjcl.decrypt(key,document.getElementById("content").innerHTML);
         document.getElementById("content").innerHTML = clearTxt;
diff --git a/src/Controller/PadController.php b/src/Controller/PadController.php
index 5830a78..1716076 100644
--- a/src/Controller/PadController.php
+++ b/src/Controller/PadController.php
@@ -6,6 +6,7 @@ use Symfony\Component\HttpFoundation\Request;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Form\Extension\Core\Type\SubmitType;
 use Symfony\Component\Form\Extension\Core\Type\TextareaType;
+use Symfony\Component\Form\Extension\Core\Type\HiddenType;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 use App\Entity\Pad;
@@ -18,8 +19,18 @@ Class PadController extends AbstractController
         return $this->createFormBuilder()
             ->add('content', TextareaType::class)
             ->add('save', SubmitType::class, ['label' => 'Enregistrer'])
+            ->add('crypt_iv', HiddenType::class,[])
+            ->add('crypt_v', HiddenType::class,[])
+            ->add('crypt_iter', HiddenType::class,[])
+            ->add('crypt_ks', HiddenType::class,[])
+            ->add('crypt_ts', HiddenType::class,[])
+            ->add('crypt_mode', HiddenType::class,[])
+            ->add('crypt_adata', HiddenType::class,[])
+            ->add('crypt_cipher', HiddenType::class,[])
+            ->add('crypt_salt', HiddenType::class,[])
             ->setAction($this->generateUrl('api_post_new'))
         ->getForm();
+        
     }
     public function showForm(){
 
@@ -45,15 +56,15 @@ Class PadController extends AbstractController
 
 
         return $this->render('pad-view.html.twig', [
-            'head_title' => 'Pad id: ' . $pad->getName(),
-            'page_title' => 'Pad id: ' . $pad->getName(),
-            'pad_content' =>  $pad->getContent()
+            'head_title'    => 'Pad id: ' . $pad->getName(),
+            'page_title'    => 'Pad id: ' . $pad->getName(),
+            'pad_content'   => $pad->getContent(),
+            'crypted'       => (!empty($pad->getCryptCipher))
         ]);
         }
     private function get_free_name( $depth = 0, $length=6)
     {
 
-        
         if($depth > 3 ){
             throw new \UnexpectedValueException("I cant generate an unique key");
         }
@@ -83,15 +94,19 @@ Class PadController extends AbstractController
             $entityManager = $this->getDoctrine()->getManager();
             $pad = new PAD();
             $pad->setContent($data["content"])
-                ->setName(  $this-> get_free_name() );
+                ->setName( $this-> get_free_name() )
+                ->setCryptIv( $data["crypt_iv"] )
+                ->setCryptMode( $data["crypt_mode"] )
+                ->setCryptAdata( $data["crypt_adata"])
+                ->setCryptCipher( $data["crypt_cipher"] )
+                ->setCryptSalt( $data["crypt_salt"] )
+                ->setCryptV( $data["crypt_v"] )
+                ->setCryptIter( $data["crypt_iter"] )
+                ->setCryptKs( $data["crypt_ks"] )
+                ->setCryptTs( $data["crypt_ts"] );
             $entityManager->persist($pad);
-            // actually executes the queries (i.e. the INSERT query)
             $entityManager->flush();
             return $this->redirectToRoute('view',["name"  => $pad->getName() ]);
         }
-
-
     }
-
-
 }
\ No newline at end of file
diff --git a/src/Entity/Pad.php b/src/Entity/Pad.php
index 6f10b7f..dbf2a19 100644
--- a/src/Entity/Pad.php
+++ b/src/Entity/Pad.php
@@ -46,6 +46,51 @@ class Pad
      */
     private $name;
 
+    /**
+     * @ORM\Column(type="string", length=255, nullable=true)
+     */
+    private $crypt_iv;
+
+    /**
+     * @ORM\Column(type="integer", nullable=true)
+     */
+    private $crypt_v;
+
+    /**
+     * @ORM\Column(type="integer", nullable=true)
+     */
+    private $crypt_iter;
+
+    /**
+     * @ORM\Column(type="integer", nullable=true)
+     */
+    private $crypt_ks;
+
+    /**
+     * @ORM\Column(type="integer", nullable=true)
+     */
+    private $crypt_ts;
+
+    /**
+     * @ORM\Column(type="string", length=255, nullable=true)
+     */
+    private $crypt_mode;
+
+    /**
+     * @ORM\Column(type="string", length=255, nullable=true)
+     */
+    private $crypt_cipher;
+
+    /**
+     * @ORM\Column(type="string", length=255, nullable=true)
+     */
+    private $crypt_salt;
+
+    /**
+     * @ORM\Column(type="string", length=255, nullable=true)
+     */
+    private $crypt_adata;
+
 
     public function __construct()
     {
@@ -128,4 +173,112 @@ class Pad
 
         return $this;
     }
+
+    public function getCryptIv(): ?string
+    {
+        return $this->crypt_iv;
+    }
+
+    public function setCryptIv(?string $crypt_iv): self
+    {
+        $this->crypt_iv = $crypt_iv;
+
+        return $this;
+    }
+
+    public function getCryptV(): ?int
+    {
+        return $this->crypt_v;
+    }
+
+    public function setCryptV(?int $crypt_v): self
+    {
+        $this->crypt_v = $crypt_v;
+
+        return $this;
+    }
+
+    public function getCryptIter(): ?int
+    {
+        return $this->crypt_iter;
+    }
+
+    public function setCryptIter(?int $crypt_iter): self
+    {
+        $this->crypt_iter = $crypt_iter;
+
+        return $this;
+    }
+
+    public function getCryptKs(): ?int
+    {
+        return $this->crypt_ks;
+    }
+
+    public function setCryptKs(?int $crypt_ks): self
+    {
+        $this->crypt_ks = $crypt_ks;
+
+        return $this;
+    }
+
+    public function getCryptTs(): ?int
+    {
+        return $this->crypt_ts;
+    }
+
+    public function setCryptTs(?int $crypt_ts): self
+    {
+        $this->crypt_ts = $crypt_ts;
+
+        return $this;
+    }
+
+    public function getCryptMode(): ?string
+    {
+        return $this->crypt_mode;
+    }
+
+    public function setCryptMode(?string $crypt_mode): self
+    {
+        $this->crypt_mode = $crypt_mode;
+
+        return $this;
+    }
+
+    public function getCryptCipher(): ?string
+    {
+        return $this->crypt_cipher;
+    }
+
+    public function setCryptCipher(?string $crypt_cipher): self
+    {
+        $this->crypt_cipher = $crypt_cipher;
+
+        return $this;
+    }
+
+    public function getCryptSalt(): ?string
+    {
+        return $this->crypt_salt;
+    }
+
+    public function setCryptSalt(?string $crypt_salt): self
+    {
+        $this->crypt_salt = $crypt_salt;
+
+        return $this;
+    }
+
+    public function getCryptAdata(): ?string
+    {
+        return $this->crypt_adata;
+    }
+
+    public function setCryptAdata(?string $crypt_adata): self
+    {
+        $this->crypt_adata = $crypt_adata;
+
+        return $this;
+    }
 }
diff --git a/src/Migrations/Version20191219161539.php b/src/Migrations/Version20191219161539.php
new file mode 100644
index 0000000..acf54e4
--- /dev/null
+++ b/src/Migrations/Version20191219161539.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20191219161539 extends AbstractMigration
+{
+    public function getDescription() : string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema) : void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad ADD crypt_iv VARCHAR(255) DEFAULT NULL, ADD crypt_v INT DEFAULT NULL, ADD crypt_iter INT DEFAULT NULL, ADD crypt_ks INT DEFAULT NULL, ADD crypt_ts INT DEFAULT NULL, ADD crypt_mode VARCHAR(255) DEFAULT NULL, ADD crypt_chiper VARCHAR(255) DEFAULT NULL, ADD crypt_salt VARCHAR(255) DEFAULT NULL, ADD crypt_ct VARCHAR(255) DEFAULT NULL');
+    }
+
+    public function down(Schema $schema) : void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad DROP crypt_iv, DROP crypt_v, DROP crypt_iter, DROP crypt_ks, DROP crypt_ts, DROP crypt_mode, DROP crypt_chiper, DROP crypt_salt, DROP crypt_ct');
+    }
+}
diff --git a/src/Migrations/Version20191219162559.php b/src/Migrations/Version20191219162559.php
new file mode 100644
index 0000000..94c01a5
--- /dev/null
+++ b/src/Migrations/Version20191219162559.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20191219162559 extends AbstractMigration
+{
+    public function getDescription() : string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema) : void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad ADD adata VARCHAR(255) DEFAULT NULL');
+    }
+
+    public function down(Schema $schema) : void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad DROP adata');
+    }
+}
diff --git a/src/Migrations/Version20191220210806.php b/src/Migrations/Version20191220210806.php
new file mode 100644
index 0000000..ad02626
--- /dev/null
+++ b/src/Migrations/Version20191220210806.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20191220210806 extends AbstractMigration
+{
+    public function getDescription() : string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema) : void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad ADD crypt_adata VARCHAR(255) DEFAULT NULL, DROP crypt_ct, DROP adata');
+    }
+
+    public function down(Schema $schema) : void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad ADD adata VARCHAR(255) CHARACTER SET utf8mb4 DEFAULT NULL COLLATE `utf8mb4_unicode_ci`, CHANGE crypt_adata crypt_ct VARCHAR(255) CHARACTER SET utf8mb4 DEFAULT NULL COLLATE `utf8mb4_unicode_ci`');
+    }
+}
diff --git a/src/Migrations/Version20191220211632.php b/src/Migrations/Version20191220211632.php
new file mode 100644
index 0000000..cba5770
--- /dev/null
+++ b/src/Migrations/Version20191220211632.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20191220211632 extends AbstractMigration
+{
+    public function getDescription() : string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema) : void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad CHANGE crypt_chiper crypt_cipher VARCHAR(255) DEFAULT NULL');
+    }
+
+    public function down(Schema $schema) : void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->abortIf($this->connection->getDatabasePlatform()->getName() !== 'mysql', 'Migration can only be executed safely on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE pad CHANGE crypt_cipher crypt_chiper VARCHAR(255) CHARACTER SET utf8mb4 DEFAULT NULL COLLATE `utf8mb4_unicode_ci`');
+    }
+}
diff --git a/templates/pad-view.html.twig b/templates/pad-view.html.twig
index 0f61f8c..969a20b 100644
--- a/templates/pad-view.html.twig
+++ b/templates/pad-view.html.twig
@@ -7,17 +7,20 @@
         {% endblock %}
         <script src="{{ asset('js/main.js') }}"></script>
         <script src="{{ asset('js/sjcl.js') }}"></script>
+
     </head>
     <body onload="ready()">
         <h1>{{head_title|e('html')}} </h1>
         <nav>
+                {% if crypted == true %}
                 <img alt="menu" title="plus d'options" src="img/menus.svg" id="showOptions" class="link"/>
-                <em id="moreoptions" class="hidden-by-default">
+                <em id="moreoptions" class="hidden-by-default"> 
                     Déchiffrer le pad: 
                     <input type="text" id="key" placeholder="Clef de chiffrement"/>
                     <input type="button" id="buttonUncrypt" value="déchiffrer"/>
                 </em>
-            </nav>
+                {% endif %}
+        </nav>
         <pre id="content">{{ pad_content|e('html') }}</pre>
         <p><a href="/">Créer un nouveau Pad</a></p>
     </body>
diff --git a/templates/pad.html.twig b/templates/pad.html.twig
index b57c271..81ceb9f 100644
--- a/templates/pad.html.twig
+++ b/templates/pad.html.twig
@@ -21,6 +21,15 @@
             </em>
         </nav>
         {{ form_start(form) }}
+        {{ form_widget(form.crypt_iv, {}) }}
+        {{ form_widget(form.crypt_v, {}) }}
+        {{ form_widget(form.crypt_iter, {}) }}
+        {{ form_widget(form.crypt_ks, {}) }}
+        {{ form_widget(form.crypt_ts, {}) }}
+        {{ form_widget(form.crypt_mode, {}) }}
+        {{ form_widget(form.crypt_adata, {}) }}
+        {{ form_widget(form.crypt_cipher, {"value": "none"}) }}
+        {{ form_widget(form.crypt_salt, {}) }}
         {{ form_widget(form.content, {}) }}
         {{ form_end(form) }}