mirror of
				http://git.whoc.org.uk/git/password-manager.git
				synced 2025-10-25 09:37:35 +02:00 
			
		
		
		
	Fix offline password authentication
This commit is contained in:
		| @@ -329,7 +329,8 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { | ||||
| 			randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); | ||||
| 			aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); | ||||
| 			v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); | ||||
| 			aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); | ||||
| 			//aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); | ||||
| 			aConnection['B'] = ((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())).module(Clipperz.Crypto.SRP.n())); | ||||
| 			 | ||||
| 			aConnection['A'] = someParameters.parameters.A; | ||||
| 			 | ||||
| @@ -338,7 +339,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { | ||||
| 			 | ||||
| 			nextTollRequestType = 'CONNECT'; | ||||
| 		} else if (someParameters.message == "credentialCheck") { | ||||
| 			var v, u, s, S, A, K, M1; | ||||
| 			var v, u, s, S, A, K, M1, KK; | ||||
| 			var stringHash = function (aValue) { | ||||
| 				return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); | ||||
| 			}; | ||||
| @@ -347,9 +348,11 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { | ||||
| 			A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); | ||||
| 			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16); | ||||
| 			s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16); | ||||
| 			S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); | ||||
| 			//S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); | ||||
| 			S = v.powerModule(u, Clipperz.Crypto.SRP.n()).multiply(A).module(Clipperz.Crypto.SRP.n()).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); | ||||
|  | ||||
| 			K = stringHash(S.asString(10)); | ||||
| 			KK = new Clipperz.Crypto.BigInt(K,16); | ||||
|  | ||||
| 			M1 = stringHash( | ||||
| 				"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + | ||||
| @@ -357,7 +360,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { | ||||
| 				s.asString(10) + | ||||
| 				A.asString(10) + | ||||
| 				aConnection['B'].asString(10) + | ||||
| 				K | ||||
| 				KK.asString(10) | ||||
| 			); | ||||
| 			if (someParameters.parameters.M1 == M1) { | ||||
| 				var M2; | ||||
| @@ -800,4 +803,4 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { | ||||
|  | ||||
| Clipperz.PM.Proxy.Offline.DataStore['exception'] = { | ||||
| 	'ReadOnly': 		new MochiKit.Base.NamedError("Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly") | ||||
| }; | ||||
| }; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Graham Eades
					Graham Eades