password-manager/frontend/delta/js/Clipperz/PM/DataModel/OneTimePassword.js

/*

Copyright 2008-2015 Clipperz Srl

This file is part of Clipperz, the online password manager.
For further information about its features and functionalities please
refer to http://www.clipperz.com.

* Clipperz is free software: you can redistribute it and/or modify it
  under the terms of the GNU Affero General Public License as published
  by the Free Software Foundation, either version 3 of the License, or 
  (at your option) any later version.

* Clipperz is distributed in the hope that it will be useful, but 
  WITHOUT ANY WARRANTY; without even the implied warranty of 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  See the GNU Affero General Public License for more details.

* You should have received a copy of the GNU Affero General Public
  License along with Clipperz. If not, see http://www.gnu.org/licenses/.

*/

if (typeof(Clipperz) == 'undefined') { Clipperz = {}; }
if (typeof(Clipperz.PM) == 'undefined') { Clipperz.PM = {}; }
if (typeof(Clipperz.PM.DataModel) == 'undefined') { Clipperz.PM.DataModel = {}; }


//#############################################################################

Clipperz.PM.DataModel.OneTimePassword = function(args) {
	args = args || {};

//	this._user = args['user'];
	this._reference		= args['reference']	|| Clipperz.PM.Crypto.randomKey();
	this._password		= args['password'];
	this._passwordValue = Clipperz.PM.DataModel.OneTimePassword.normalizedOneTimePassword(args['password']);
	this._creationDate	= args['created']	? Clipperz.PM.Date.parseDateWithUTCFormat(args['created'])		: new Date();
	this._usageDate		= args['used']		? Clipperz.PM.Date.parseDateWithUTCFormat(args['used'])			: null;
		
	this._status		= args['status']	|| 'ACTIVE';	//	'REQUESTED', 'USED', 'DISABLED'
	this._connectionInfo= null;
	
	this._key			= null;
	this._keyChecksum	= null;

	return this;
}

Clipperz.PM.DataModel.OneTimePassword.prototype = MochiKit.Base.update(null, {

	'toString': function() {
		return "Clipperz.PM.DataModel.OneTimePassword";
	},
/*
	//-------------------------------------------------------------------------

	'user': function() {
		return this._user;
	},

	//-------------------------------------------------------------------------

	'password': function() {
		return this._password;
	},

	//-------------------------------------------------------------------------

	'passwordValue': function() {
		return this._passwordValue;
	},

	//-------------------------------------------------------------------------

	'creationDate': function() {
		return this._creationDate;
	},

	//-------------------------------------------------------------------------

	'reference': function() {
		return this._reference;
	},

	//-------------------------------------------------------------------------

	'key': function() {
		if (this._key == null) {
			this._key = Clipperz.PM.DataModel.OneTimePassword.computeKeyWithUsernameAndPassword(this.user().username(), this.passwordValue());
		}
		
		return this._key;
	},
	
	//-------------------------------------------------------------------------

	'keyChecksum': function() {
		if (this._keyChecksum == null) {
			this._keyChecksum = Clipperz.PM.DataModel.OneTimePassword.computeKeyChecksumWithUsernameAndPassword(this.user().username(), this.passwordValue());
		}
		
		return this._keyChecksum;
	},
*/
	//-------------------------------------------------------------------------

	'status': function() {
		return this._status;
	},
	
	'setStatus': function(aValue) {
		this._status = aValue;
	},
	
	//-------------------------------------------------------------------------
/*
	'serializedData': function() {
		var result;
		
		result = {
			'password': 	this.password(),
			'created':		this.creationDate()		? Clipperz.PM.Date.formatDateWithUTCFormat(this.creationDate())		: null,
			'used':			this.usageDate()		? Clipperz.PM.Date.formatDateWithUTCFormat(this.usageDate())		: null,
			'status':	 	this.status()
		};
		
		return result;
	},
	
	//-------------------------------------------------------------------------

	'packedPassphrase': function() {
		var result;
		var packedPassphrase;
		var encodedPassphrase;
		var	prefixPadding;
		var suffixPadding;
		var getRandomBytes;
		
		getRandomBytes = MochiKit.Base.method(Clipperz.Crypto.PRNG.defaultRandomGenerator(), 'getRandomBytes');
		
		encodedPassphrase = new Clipperz.ByteArray(this.user().passphrase()).toBase64String();
//Clipperz.logDebug("--- encodedPassphrase.length: " + encodedPassphrase.length);
		prefixPadding = getRandomBytes(getRandomBytes(1).byteAtIndex(0)).toBase64String();
//Clipperz.logDebug("--- prefixPadding.length: " + prefixPadding.length);
		suffixPadding = getRandomBytes((500 - prefixPadding.length - encodedPassphrase.length) * 6 / 8).toBase64String();
//Clipperz.logDebug("--- suffixPadding.length: " + suffixPadding.length);
//Clipperz.logDebug("--- total.length: " + (prefixPadding.length + encodedPassphrase.length + suffixPadding.length));
	
		packedPassphrase = {
			'prefix': prefixPadding,
			'passphrase': encodedPassphrase,
			'suffix': suffixPadding
		};
		
//		result = Clipperz.Base.serializeJSON(packedPassphrase);
		result = packedPassphrase;
//Clipperz.logDebug("===== OTP packedPassprase: [" + result.length + "]" + result);
//Clipperz.logDebug("<<< OneTimePassword.packedPassphrase");

		return result;
	},
	
	//-------------------------------------------------------------------------

	'encryptedPackedPassphrase': function() {
		return Clipperz.PM.Crypto.deferredEncryptWithCurrentVersion(this.passwordValue(), this.packedPassphrase())
	},

	//-------------------------------------------------------------------------

	'encryptedData': function() {
		var deferredResult;
		var	result;

//Clipperz.logDebug(">>> OneTimePassword.encryptedData");
//Clipperz.logDebug("--- OneTimePassword.encryptedData - id: " + this.reference());
		result = {
			'reference': this.reference(),
			'key': this.key(),
			'keyChecksum': this.keyChecksum(),
			'data': "",
			'version': Clipperz.PM.Crypto.encryptingFunctions.currentVersion
		}
//Clipperz.logDebug("--- OneTimePassword.encryptedData - 2: " + Clipperz.Base.serializeJSON(result));
		deferredResult = new MochiKit.Async.Deferred();
//Clipperz.logDebug("--- OneTimePassword.encryptedData - 3");
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.encryptedData - 1: " + res); return res;});
//#		deferredResult.addCallback(Clipperz.PM.Crypto.deferredEncryptWithCurrentVersion, this.passwordValue(), this.packedPassphrase());
		deferredResult.addCallback(MochiKit.Base.method(this, 'encryptedPackedPassphrase'));
//Clipperz.logDebug("--- OneTimePassword.encryptedData - 4");
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.encryptedData - 2: [" + res.length + "]" + res); return res;});
		deferredResult.addCallback(function(aResult, res) {
			aResult['data'] = res;
			return aResult;
		}, result);
//Clipperz.logDebug("--- OneTimePassword.encryptedData - 5");
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.encryptedData - 3: " + Clipperz.Base.serializeJSON(res)); return res;});
		deferredResult.callback();
//Clipperz.logDebug("--- OneTimePassword.encryptedData - 6");
		
		return deferredResult;
	},

	//-------------------------------------------------------------------------

	'saveChanges': function() {
		var deferredResult;
		var	result;

//Clipperz.logDebug(">>> OneTimePassword.saveChanges");
		result = {};
		deferredResult = new MochiKit.Async.Deferred();

		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'updatedProgressState', 'saveOTP_encryptUserData');
		deferredResult.addCallback(MochiKit.Base.method(this.user(), 'encryptedData'));
		deferredResult.addCallback(function(aResult, res) {
			aResult['user'] = res;
			return aResult;
		}, result);

		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'updatedProgressState', 'saveOTP_encryptOTPData');
		deferredResult.addCallback(MochiKit.Base.method(this, 'encryptedData'));
		deferredResult.addCallback(function(aResult, res) {
			aResult['oneTimePassword'] = res;
			return aResult;
		}, result);

		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'updatedProgressState', 'saveOTP_sendingData');
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.saveChanges - 1: " + Clipperz.Base.serializeJSON(res)); return res;});
		deferredResult.addCallback(MochiKit.Base.method(this.user().connection(), 'message'), 'addNewOneTimePassword');

		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'updatedProgressState', 'saveOTP_updatingInterface');
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.saveChanges - 2: " + res); return res;});
		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'notify', 'OTPUpdated');
		deferredResult.addCallback(Clipperz.NotificationCenter.deferredNotification, this, 'oneTimePassword_saveChanges_done', null);
//deferredResult.addBoth(function(res) {Clipperz.logDebug("OneTimePassword.saveChanges - 2: " + res); return res;});
		deferredResult.callback();
//Clipperz.logDebug("<<< OneTimePassword.saveChanges");
		
		return deferredResult;
	},

	//-------------------------------------------------------------------------

	'usageDate': function() {
		return this._usageDate;
	},

	'setUsageDate': function(aValue) {
		this._usageDate = aValue;
	},

	//-------------------------------------------------------------------------

	'connectionInfo': function() {
		return this._connectionInfo;
	},

	'setConnectionInfo': function(aValue) {
		this._connectionInfo = aValue;
	},
	
	//-------------------------------------------------------------------------

	'isExpired': function() {
		return (this.usageDate() != null);
	},

	//-------------------------------------------------------------------------

	'updateStatusWithValues': function(someValues) {
		var result;

		result = false;
		
		if (someValues['status'] != this.status()) {
			result = true;
		}
		
		this.setStatus(someValues['status']);
		this.setUsageDate(Clipperz.PM.Date.parseDateWithUTCFormat(someValues['requestDate']));
		this.setConnectionInfo(someValues['connection']);

		return result;
	},
*/	
	//-------------------------------------------------------------------------
	__syntaxFix__: "syntax fix"
});

//#############################################################################

Clipperz.PM.DataModel.OneTimePassword.computeKeyWithUsernameAndPassword = function(anUsername, aPassword) {
	return Clipperz.Crypto.SHA.sha_d256(new Clipperz.ByteArray(aPassword)).toHexString().substring(2);
}

Clipperz.PM.DataModel.OneTimePassword.computeKeyChecksumWithUsernameAndPassword = function(anUsername, aPassword) {
	return Clipperz.Crypto.SHA.sha_d256(new Clipperz.ByteArray(anUsername + aPassword)).toHexString().substring(2);
}

//=============================================================================

Clipperz.PM.DataModel.OneTimePassword.isValidOneTimePasswordValue = function(aPassword) {
	var result;
	
//	"yaxx k7ww - f8y6 tqz5 - 58b6 th44 - 9cwv q0fg"
	if (aPassword.replace(/[\s\-]/g, '').length == 32) {
		try {
			var passwordByteArray;
			
			passwordByteArray = new Clipperz.ByteArray();
			passwordByteArray.appendBase32String(aPassword);
			
			result = true;
		} catch(exception) {
			result = false;
		}
	} else {
		result = false;
	}

	return result;
}

//=============================================================================

Clipperz.PM.DataModel.OneTimePassword.normalizedOneTimePassword = function(aPassword) {
	var	result;
	
	if (aPassword.replace(/[\s\-]/g, '').length == 32) {
		try {
			var passwordByteArray;
			
			passwordByteArray = new Clipperz.ByteArray();
			passwordByteArray.appendBase32String(aPassword);
			
			result = passwordByteArray.toBase64String();
		} catch(exception) {
			result = aPassword;
		}
	} else {
		result = aPassword;
	}

	return result;
};

//#############################################################################