mirror of
http://git.whoc.org.uk/git/password-manager.git
synced 2025-01-10 11:40:03 +01:00
Fixed authentication procedure for offline copy
This commit is contained in:
parent
7fdb41fa2b
commit
0422224521
@ -37,6 +37,7 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
|
|||||||
this._tolls = {};
|
this._tolls = {};
|
||||||
this._connections = {};
|
this._connections = {};
|
||||||
|
|
||||||
|
this._C = null;
|
||||||
this._b = null;
|
this._b = null;
|
||||||
this._B = null;
|
this._B = null;
|
||||||
this._A = null;
|
this._A = null;
|
||||||
@ -144,6 +145,16 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
|
|||||||
|
|
||||||
//=========================================================================
|
//=========================================================================
|
||||||
|
|
||||||
|
'C': function() {
|
||||||
|
return this._C;
|
||||||
|
},
|
||||||
|
|
||||||
|
'set_C': function(aValue) {
|
||||||
|
this._C = aValue;
|
||||||
|
},
|
||||||
|
|
||||||
|
//-------------------------------------------------------------------------
|
||||||
|
|
||||||
'b': function() {
|
'b': function() {
|
||||||
return this._b;
|
return this._b;
|
||||||
},
|
},
|
||||||
@ -237,7 +248,7 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
|
|||||||
|
|
||||||
//=========================================================================
|
//=========================================================================
|
||||||
|
|
||||||
'processMessage': function(aFunctionName, someParameters) {
|
'processMessage': function (aFunctionName, someParameters) {
|
||||||
var result;
|
var result;
|
||||||
|
|
||||||
switch(aFunctionName) {
|
switch(aFunctionName) {
|
||||||
@ -340,9 +351,10 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
|
|||||||
}
|
}
|
||||||
|
|
||||||
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
||||||
|
this.set_C(someParameters.parameters.C);
|
||||||
this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
|
this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
|
||||||
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
|
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
|
||||||
this.set_B(v.add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
|
this.set_B((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
|
||||||
|
|
||||||
this.set_A(someParameters.parameters.A);
|
this.set_A(someParameters.parameters.A);
|
||||||
|
|
||||||
@ -351,21 +363,36 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
|
|||||||
|
|
||||||
nextTollRequestType = 'CONNECT';
|
nextTollRequestType = 'CONNECT';
|
||||||
} else if (someParameters.message == "credentialCheck") {
|
} else if (someParameters.message == "credentialCheck") {
|
||||||
var v, u, S, A, K, M1;
|
var v, u, s, S, A, K, M1;
|
||||||
|
var stringHash = function (aValue) {
|
||||||
|
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
|
||||||
|
};
|
||||||
|
|
||||||
//console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);
|
//console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);
|
||||||
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
|
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
|
||||||
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(this.B().asString(10))).toHexString(), 16);
|
|
||||||
A = new Clipperz.Crypto.BigInt(this.A(), 16);
|
A = new Clipperz.Crypto.BigInt(this.A(), 16);
|
||||||
|
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10))).toHexString(), 16);
|
||||||
|
s = new Clipperz.Crypto.BigInt(this.userData()['s'], 16);
|
||||||
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
|
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
|
||||||
|
|
||||||
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
|
K = stringHash(S.asString(10));
|
||||||
|
|
||||||
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10) + K)).toHexString().slice(2);
|
M1 = stringHash(
|
||||||
|
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
|
||||||
|
stringHash(this.C()) +
|
||||||
|
s.asString(10) +
|
||||||
|
A.asString(10) +
|
||||||
|
this.B().asString(10) +
|
||||||
|
K
|
||||||
|
);
|
||||||
if (someParameters.parameters.M1 == M1) {
|
if (someParameters.parameters.M1 == M1) {
|
||||||
var M2;
|
var M2;
|
||||||
|
|
||||||
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
|
M2 = stringHash(
|
||||||
|
A.asString(10) +
|
||||||
|
someParameters.parameters.M1 +
|
||||||
|
K
|
||||||
|
);
|
||||||
result['M2'] = M2;
|
result['M2'] = M2;
|
||||||
} else {
|
} else {
|
||||||
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
||||||
|
@ -88,7 +88,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
|
|||||||
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
||||||
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
|
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
|
||||||
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
||||||
aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
|
aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
|
||||||
|
|
||||||
aConnection['A'] = someParameters.parameters.A;
|
aConnection['A'] = someParameters.parameters.A;
|
||||||
|
|
||||||
@ -97,20 +97,35 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
|
|||||||
|
|
||||||
nextTollRequestType = 'CONNECT';
|
nextTollRequestType = 'CONNECT';
|
||||||
} else if (someParameters.message == "credentialCheck") {
|
} else if (someParameters.message == "credentialCheck") {
|
||||||
var v, u, S, A, K, M1;
|
var v, u, s, S, A, K, M1;
|
||||||
|
var stringHash = function (aValue) {
|
||||||
|
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
|
||||||
|
};
|
||||||
|
|
||||||
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
||||||
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
|
|
||||||
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
|
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
|
||||||
|
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
|
||||||
|
s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
|
||||||
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
|
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
|
||||||
|
|
||||||
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
|
K = stringHash(S.asString(10));
|
||||||
|
|
||||||
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
|
M1 = stringHash(
|
||||||
|
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
|
||||||
|
stringHash(aConnection['C']) +
|
||||||
|
s.asString(10) +
|
||||||
|
A.asString(10) +
|
||||||
|
aConnection['B'].asString(10) +
|
||||||
|
K
|
||||||
|
);
|
||||||
if (someParameters.parameters.M1 == M1) {
|
if (someParameters.parameters.M1 == M1) {
|
||||||
var M2;
|
var M2;
|
||||||
|
|
||||||
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
|
M2 = stringHash(
|
||||||
|
A.asString(10) +
|
||||||
|
someParameters.parameters.M1 +
|
||||||
|
K
|
||||||
|
);
|
||||||
result['M2'] = M2;
|
result['M2'] = M2;
|
||||||
} else {
|
} else {
|
||||||
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
||||||
|
@ -329,7 +329,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
|
|||||||
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
|
||||||
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
|
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
|
||||||
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
||||||
aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
|
aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
|
||||||
|
|
||||||
aConnection['A'] = someParameters.parameters.A;
|
aConnection['A'] = someParameters.parameters.A;
|
||||||
|
|
||||||
@ -338,20 +338,35 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
|
|||||||
|
|
||||||
nextTollRequestType = 'CONNECT';
|
nextTollRequestType = 'CONNECT';
|
||||||
} else if (someParameters.message == "credentialCheck") {
|
} else if (someParameters.message == "credentialCheck") {
|
||||||
var v, u, S, A, K, M1;
|
var v, u, s, S, A, K, M1;
|
||||||
|
var stringHash = function (aValue) {
|
||||||
|
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
|
||||||
|
};
|
||||||
|
|
||||||
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
|
||||||
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
|
|
||||||
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
|
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
|
||||||
|
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
|
||||||
|
s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
|
||||||
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
|
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
|
||||||
|
|
||||||
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
|
K = stringHash(S.asString(10));
|
||||||
|
|
||||||
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
|
M1 = stringHash(
|
||||||
|
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
|
||||||
|
stringHash(aConnection['C']) +
|
||||||
|
s.asString(10) +
|
||||||
|
A.asString(10) +
|
||||||
|
aConnection['B'].asString(10) +
|
||||||
|
K
|
||||||
|
);
|
||||||
if (someParameters.parameters.M1 == M1) {
|
if (someParameters.parameters.M1 == M1) {
|
||||||
var M2;
|
var M2;
|
||||||
|
|
||||||
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
|
M2 = stringHash(
|
||||||
|
A.asString(10) +
|
||||||
|
someParameters.parameters.M1 +
|
||||||
|
K
|
||||||
|
);
|
||||||
result['M2'] = M2;
|
result['M2'] = M2;
|
||||||
} else {
|
} else {
|
||||||
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
|
||||||
|
Loading…
Reference in New Issue
Block a user