clipperz/password-manager-mirror
1
0
Fork 0
mirror of http://git.whoc.org.uk/git/password-manager.git synced 2024-11-11 00:07:16 +01:00
Code Issues Releases Wiki Activity

Fixed authentication procedure for offline copy

Browse Source
This commit is contained in:
Giulio Cesare Solaroli 2014-06-02 13:39:16 +02:00
parent 7fdb41fa2b
commit 0422224521
No known key found for this signature in database
GPG Key ID: 22E34C908F02CBA2
3 changed files with 83 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
View File

@ -37,6 +37,7 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
this._tolls = {}; this._tolls = {};
this._connections = {}; this._connections = {};
this._C = null;
this._b = null; this._b = null;
this._B = null; this._B = null;
this._A = null; this._A = null;
@ -144,6 +145,16 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
//========================================================================= //=========================================================================
'C': function() {
return this._C;
},
'set_C': function(aValue) {
this._C = aValue;
},
//-------------------------------------------------------------------------
'b': function() { 'b': function() {
return this._b; return this._b;
}, },
@ -236,8 +247,8 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
}, },
//========================================================================= //=========================================================================
'processMessage': function(aFunctionName, someParameters) { 'processMessage': function (aFunctionName, someParameters) {
var result; var result;
switch(aFunctionName) { switch(aFunctionName) {
@ -303,14 +314,14 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
throw "user already exists"; throw "user already exists";
} }
} else { } else {
throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly; throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
} }
result = { result = {
result: { result: {
'lock': this.data()['users'][someParameters['credentials']['C']]['lock'], 'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],
'result': 'done' 'result': 'done'
}, },
toll: this.getTollForRequestType('CONNECT') toll: this.getTollForRequestType('CONNECT')
} }
@ -340,9 +351,10 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
} }
randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
this.set_C(someParameters.parameters.C);
this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16)); this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16); v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
this.set_B(v.add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n()))); this.set_B((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
this.set_A(someParameters.parameters.A); this.set_A(someParameters.parameters.A);
@ -351,21 +363,36 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
nextTollRequestType = 'CONNECT'; nextTollRequestType = 'CONNECT';
} else if (someParameters.message == "credentialCheck") { } else if (someParameters.message == "credentialCheck") {
var v, u, S, A, K, M1; var v, u, s, S, A, K, M1;
var stringHash = function (aValue) {
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
};
//console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters); //console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);
v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16); v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(this.B().asString(10))).toHexString(), 16);
A = new Clipperz.Crypto.BigInt(this.A(), 16); A = new Clipperz.Crypto.BigInt(this.A(), 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10))).toHexString(), 16);
s = new Clipperz.Crypto.BigInt(this.userData()['s'], 16);
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n()); S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); K = stringHash(S.asString(10));
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10) + K)).toHexString().slice(2); M1 = stringHash(
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
stringHash(this.C()) +
s.asString(10) +
A.asString(10) +
this.B().asString(10) +
K
);
if (someParameters.parameters.M1 == M1) { if (someParameters.parameters.M1 == M1) {
var M2; var M2;
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); M2 = stringHash(
A.asString(10) +
someParameters.parameters.M1 +
K
);
result['M2'] = M2; result['M2'] = M2;
} else { } else {
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");

27
frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
View File

@ -88,7 +88,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
aConnection['A'] = someParameters.parameters.A; aConnection['A'] = someParameters.parameters.A;
@ -97,20 +97,35 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
nextTollRequestType = 'CONNECT'; nextTollRequestType = 'CONNECT';
} else if (someParameters.message == "credentialCheck") { } else if (someParameters.message == "credentialCheck") {
var v, u, S, A, K, M1; var v, u, s, S, A, K, M1;
var stringHash = function (aValue) {
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
};
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); K = stringHash(S.asString(10));
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2); M1 = stringHash(
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
stringHash(aConnection['C']) +
s.asString(10) +
A.asString(10) +
aConnection['B'].asString(10) +
K
);
if (someParameters.parameters.M1 == M1) { if (someParameters.parameters.M1 == M1) {
var M2; var M2;
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); M2 = stringHash(
A.asString(10) +
someParameters.parameters.M1 +
K
);
result['M2'] = M2; result['M2'] = M2;
} else { } else {
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");

35
frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
View File

@ -36,7 +36,7 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
this._tolls = {}; this._tolls = {};
this._currentStaticConnection = null; this._currentStaticConnection = null;
return this; return this;
} }
@ -291,14 +291,14 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
throw "user already exists"; throw "user already exists";
} }
} else { } else {
throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly; throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
} }
result = { result = {
result: { result: {
'lock': this.data()['users'][someParameters['credentials']['C']]['lock'], 'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],
'result': 'done' 'result': 'done'
}, },
toll: this.getTollForRequestType('CONNECT') toll: this.getTollForRequestType('CONNECT')
} }
@ -329,7 +329,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
aConnection['A'] = someParameters.parameters.A; aConnection['A'] = someParameters.parameters.A;
@ -338,20 +338,35 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
nextTollRequestType = 'CONNECT'; nextTollRequestType = 'CONNECT';
} else if (someParameters.message == "credentialCheck") { } else if (someParameters.message == "credentialCheck") {
var v, u, S, A, K, M1; var v, u, s, S, A, K, M1;
var stringHash = function (aValue) {
return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
};
v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); K = stringHash(S.asString(10));
M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2); M1 = stringHash(
"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
stringHash(aConnection['C']) +
s.asString(10) +
A.asString(10) +
aConnection['B'].asString(10) +
K
);
if (someParameters.parameters.M1 == M1) { if (someParameters.parameters.M1 == M1) {
var M2; var M2;
M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); M2 = stringHash(
A.asString(10) +
someParameters.parameters.M1 +
K
);
result['M2'] = M2; result['M2'] = M2;
} else { } else {
throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");