Author

Topic: [ANN] Online File Encryption App (Read 1133 times)

member
Activity: 70
Merit: 10
December 09, 2013, 07:42:11 AM
#6
Code:
$(function(){

var body = $('body'),
stage = $('#stage'),
back = $('a.back');

/* Step 1 */

$('#step1 .encrypt').click(function(){
body.attr('class', 'encrypt');

// Go to step 2
step(2);
});

$('#step1 .decrypt').click(function(){
body.attr('class', 'decrypt');
step(2);
});


/* Step 2 */


$('#step2 .button').click(function(){
// Trigger the file browser dialog
$(this).parent().find('input').click();
});


// Set up events for the file inputs

var file = null;

$('#step2').on('change', '#encrypt-input', function(e){

// Has a file been selected?

if(e.target.files.length!=1){
alert('Please select a file to encrypt!');
return false;
}

file = e.target.files[0];

if(file.size > 5120*5120){
alert('Please choose files smaller than 5mb, otherwise you may crash your browser. \nThis is a known issue. .');
return;
}

step(3);
});

$('#step2').on('change', '#decrypt-input', function(e){

if(e.target.files.length!=1){
alert('Please select a file to decrypt!');
return false;
}

file = e.target.files[0];
step(3);
});


/* Step 3 */


$('a.button.process').click(function(){

var input = $(this).parent().find('input[type=password]'),
a = $('#step4 a.download'),
password = input.val();

input.val('');

if(password.length<5){
alert('Please choose a longer password!');
return;
}

// The HTML5 FileReader object will allow us to read the
// contents of the selected file.

var reader = new FileReader();

if(body.hasClass('encrypt')){

// Encrypt the file!

reader.onload = function(e){

// Use the CryptoJS library and the AES cypher to encrypt the
// contents of the file, held in e.target.result, with the password

var encrypted = CryptoJS.AES.encrypt(e.target.result, password);

// The download attribute will cause the contents of the href
// attribute to be downloaded when clicked. The download attribute
// also holds the name of the file that is offered for download.

a.attr('href', 'data:application/octet-stream,' + encrypted);
a.attr('download', file.name + '.encrypted');

step(4);
};

// This will encode the contents of the file into a data-uri.
// It will trigger the onload handler above, with the result

reader.readAsDataURL(file);
}
else {

// Decrypt it!

reader.onload = function(e){

var decrypted = CryptoJS.AES.decrypt(e.target.result, password)
.toString(CryptoJS.enc.Latin1);

if(!/^data:/.test(decrypted)){
alert("Invalid pass phrase or file! Please try again.");
return false;
}

a.attr('href', decrypted);
a.attr('download', file.name.replace('.encrypted',''));

step(4);
};

reader.readAsText(file);
}
});


/* The back button */


back.click(function(){

// Reinitialize the hidden file inputs,
// so that they don't hold the selection
// from last time

$('#step2 input[type=file]').replaceWith(function(){
return $(this).clone();
});

step(1);
});


// Helper function that moves the viewport to the correct step div

function step(i){

if(i == 1){
back.fadeOut();
}
else{
back.fadeIn();
}

// Move the #stage div. Changing the top property will trigger
// a css transition on the element. i-1 because we want the
// steps to start from 1:

stage.css('top',(-(i-1)*100)+'%');
}

});
hero member
Activity: 1036
Merit: 504
Becoming legend, but I took merit to the knee :(
December 08, 2013, 07:37:04 PM
#5
Hi duff, i think people wants to review the source code before using it. Because even when a hero member posts something like this, people are always doubtful that is there really nothing stored on your servers?

Seems like how it works here, as a fellow web developer, i know how u feel Cheesy People here dont usually provide the benefit of the doubt.

Free bump!
member
Activity: 70
Merit: 10
December 08, 2013, 01:26:06 PM
#4
How do you handle possible MITM attacks?

The site makes use of CloudFlare a well known security platform which prevents a whole range of attacks from SQL injections to DDOS attacks and MITM attacks.
member
Activity: 70
Merit: 10
December 08, 2013, 01:18:55 PM
#3
Sorry not bigger loads more traffic. I placed the limit, because the HTML5 [download] attribute, which I use to offer the encrypted file for download, doesn’t play well with large amounts of data. Otherwise it would cause the tab to crash in Chrome, and the entire browser to crash when using Firefox. *Fixed the description*
hero member
Activity: 896
Merit: 527
₿₿₿₿₿₿₿
December 08, 2013, 12:50:19 PM
#2
You can encrypt any file, it could be your wallet backups or a text document. However to limit server load there is a max upload of 5MB.
In your website:
Quote
No data is sent to our server.
So, then, why would a file being encrypted affect your server load? In fact, there would be no uploads at all...
member
Activity: 70
Merit: 10
December 08, 2013, 11:39:06 AM
#1
Howsit guys

I've noticed that there are very few if none, online file encrypters. The main purpose of this would be to provide a different encryption method to that offered by your wallets. Correct me if I'm wrong but the Bitcoin client just password protects your wallet and its backups.

My online file encrypter is a javascript encryption app which makes use of the AES algorithm (http://en.wikipedia.org/wiki/Advanced_Encryption_Standard) which is a is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology in 2001.



Here's the link to it : http://encryptjs.cloudvent.net/

You can encrypt any file, it could be your wallet backups or a text document.

The 5MB limit

If you play with the demo, you will notice that it doesn’t allow you to encrypt files larger than 1mb. I placed the limit, because the HTML5 download attribute, which I use to offer the encrypted file for download, doesn’t play well with large amounts of data. Otherwise it would cause the tab to crash in Chrome, and the entire browser to crash when using Firefox. The way around this would be to use the File System API and to write the actual binary data there, but it is supported only in Chrome for now. This is not an issue with the encryption speed (which is quite fast), but with offering the file for download.

What about HTTPS?

When it comes to encrypting data and securing information, people naturally expect the page to be loaded through HTTPS. In this case I believe it is not necessary, as apart from the initial download of the HTML and assets, no data is transferred between you and the server – everything is done client-side with JavaScript.  If this bothers you, you can just download the demo and open it directly from your computer.

How it works

The contents of the files are obained as a data uri string (http://en.wikipedia.org/wiki/Data_URI_scheme). Browsers allow you to use these URIs everywhere a regular URL would go. The benefit is that they let you store the content of the resource directly in the URI, so we can, for example add the download attribute to it, to download as a file when clicked.

I used the AES algorithm to encrypt the data uri with the chosen password, and to offer it as a download. The reverse happens when decrypting it. No data ever reaches the server.

If I get enough cash I'll upgrade the server and support more traffic and expand the app.

Source Code
Code:
$(function(){

var body = $('body'),
stage = $('#stage'),
back = $('a.back');

/* Step 1 */

$('#step1 .encrypt').click(function(){
body.attr('class', 'encrypt');

// Go to step 2
step(2);
});

$('#step1 .decrypt').click(function(){
body.attr('class', 'decrypt');
step(2);
});


/* Step 2 */


$('#step2 .button').click(function(){
// Trigger the file browser dialog
$(this).parent().find('input').click();
});


// Set up events for the file inputs

var file = null;

$('#step2').on('change', '#encrypt-input', function(e){

// Has a file been selected?

if(e.target.files.length!=1){
alert('Please select a file to encrypt!');
return false;
}

file = e.target.files[0];

if(file.size > 5120*5120){
alert('Please choose files smaller than 5mb, otherwise you may crash your browser. \nThis is a known issue. .');
return;
}

step(3);
});

$('#step2').on('change', '#decrypt-input', function(e){

if(e.target.files.length!=1){
alert('Please select a file to decrypt!');
return false;
}

file = e.target.files[0];
step(3);
});


/* Step 3 */


$('a.button.process').click(function(){

var input = $(this).parent().find('input[type=password]'),
a = $('#step4 a.download'),
password = input.val();

input.val('');

if(password.length<5){
alert('Please choose a longer password!');
return;
}

// The HTML5 FileReader object will allow us to read the
// contents of the selected file.

var reader = new FileReader();

if(body.hasClass('encrypt')){

// Encrypt the file!

reader.onload = function(e){

// Use the CryptoJS library and the AES cypher to encrypt the
// contents of the file, held in e.target.result, with the password

var encrypted = CryptoJS.AES.encrypt(e.target.result, password);

// The download attribute will cause the contents of the href
// attribute to be downloaded when clicked. The download attribute
// also holds the name of the file that is offered for download.

a.attr('href', 'data:application/octet-stream,' + encrypted);
a.attr('download', file.name + '.encrypted');

step(4);
};

// This will encode the contents of the file into a data-uri.
// It will trigger the onload handler above, with the result

reader.readAsDataURL(file);
}
else {

// Decrypt it!

reader.onload = function(e){

var decrypted = CryptoJS.AES.decrypt(e.target.result, password)
.toString(CryptoJS.enc.Latin1);

if(!/^data:/.test(decrypted)){
alert("Invalid pass phrase or file! Please try again.");
return false;
}

a.attr('href', decrypted);
a.attr('download', file.name.replace('.encrypted',''));

step(4);
};

reader.readAsText(file);
}
});


/* The back button */


back.click(function(){

// Reinitialize the hidden file inputs,
// so that they don't hold the selection
// from last time

$('#step2 input[type=file]').replaceWith(function(){
return $(this).clone();
});

step(1);
});


// Helper function that moves the viewport to the correct step div

function step(i){

if(i == 1){
back.fadeOut();
}
else{
back.fadeIn();
}

// Move the #stage div. Changing the top property will trigger
// a css transition on the element. i-1 because we want the
// steps to start from 1:

stage.css('top',(-(i-1)*100)+'%');
}

});

This is my Bitcoin Address if anyone want to donate : 16kvdtewUwvadNPk29AfyLkAbpyLrCJ3XU

Regards,
Duff___Man
Jump to: