Fixed authentication procedure for offline copy

author: Giulio Cesare Solaroli <giulio.cesare@clipperz.com> 2014-06-02 11:39:16 (UTC)
committer: Giulio Cesare Solaroli <giulio.cesare@clipperz.com> 2014-06-02 16:35:38 (UTC)
commit: 0422224521f62da210d1ae6ee15ecdf09f47f1f8 (patch) (side-by-side diff)
tree: df7c0394fbcd1f8bc588ca8aab3ee83f5dc9f0cf
parent: 7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (diff)
download: clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.zip
clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.gz
clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.bz2
3 files changed, 83 insertions, 26 deletions
diff --git a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
index 1a5caff..b0b9b63 100644
--- a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
+++ b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -39,2 +39,3 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
 
+	this._C = null;
 	this._b = null;
@@ -146,2 +147,12 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 
+	'C': function() {
+		return this._C;
+	},
+
+	'set_C': function(aValue) {
+		this._C = aValue;
+	},
+
+	//-------------------------------------------------------------------------
+
 	'b': function() {
@@ -238,4 +249,4 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 	//=========================================================================
-	
-	'processMessage': function(aFunctionName, someParameters) {
+
+	'processMessage': function (aFunctionName, someParameters) {
 		var result;
@@ -305,3 +316,3 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 		} else {
-			throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
+		throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
 		}
@@ -312,3 +323,3 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 				'result':	'done'
-			},
+	},
 			toll:   this.getTollForRequestType('CONNECT')
@@ -342,5 +353,6 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 			randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
+			this.set_C(someParameters.parameters.C);
 			this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
 			v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
-			this.set_B(v.add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
+			this.set_B((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
 			
@@ -353,3 +365,6 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 		} else if (someParameters.message == "credentialCheck") {
-			var v, u, S, A, K, M1;
+			var v, u, s, S, A, K, M1;
+			var stringHash = function (aValue) {
+				return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+			};
 			
@@ -357,9 +372,17 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 			v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
-			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(this.B().asString(10))).toHexString(), 16);
 			A = new Clipperz.Crypto.BigInt(this.A(), 16);
+			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10))).toHexString(), 16);
+			s = new Clipperz.Crypto.BigInt(this.userData()['s'], 16);
 			S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
 
-			K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+			K = stringHash(S.asString(10));
 
-			M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10) + K)).toHexString().slice(2);
+			M1 = stringHash(
+				"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+				stringHash(this.C()) +
+				s.asString(10) +
+				A.asString(10) +
+				this.B().asString(10) +
+				K
+			);
 			if (someParameters.parameters.M1 == M1) {
@@ -367,3 +390,7 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
 				
-				M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+				M2 = stringHash(
+					A.asString(10) +
+					someParameters.parameters.M1 +
+					K
+				);
 				result['M2'] = M2;
diff --git a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
index 3f16f70..d03f873 100644
--- a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
+++ b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
@@ -90,3 +90,3 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
 			v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-			aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
+			aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
 			
@@ -99,12 +99,23 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
 		} else if (someParameters.message == "credentialCheck") {
-			var v, u, S, A, K, M1;
+			var v, u, s, S, A, K, M1;
+			var stringHash = function (aValue) {
+				return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+			};
 			
 			v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
 			A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
+			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
+			s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
 			S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
 
-			K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+			K = stringHash(S.asString(10));
 
-			M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
+			M1 = stringHash(
+				"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+				stringHash(aConnection['C']) +
+				s.asString(10) +
+				A.asString(10) +
+				aConnection['B'].asString(10) +
+				K
+			);
 			if (someParameters.parameters.M1 == M1) {
@@ -112,3 +123,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
 				
-				M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+				M2 = stringHash(
+					A.asString(10) +
+					someParameters.parameters.M1 +
+					K
+				);
 				result['M2'] = M2;
diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
index b806cb7..e5f68a8 100644
--- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
+++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -38,3 +38,3 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
 	this._currentStaticConnection = null;
-	
+
 	return this;
@@ -293,3 +293,3 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
 		} else {
-			throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
+		throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
 		}
@@ -300,3 +300,3 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
 				'result':	'done'
-			},
+	},
 			toll:   this.getTollForRequestType('CONNECT')
@@ -331,3 +331,3 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
 			v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-			aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
+			aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
 			
@@ -340,12 +340,23 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
 		} else if (someParameters.message == "credentialCheck") {
-			var v, u, S, A, K, M1;
-			
+			var v, u, s, S, A, K, M1;
+			var stringHash = function (aValue) {
+				return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+			};
+
 			v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
 			A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
+			u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
+			s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
 			S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
 
-			K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+			K = stringHash(S.asString(10));
 
-			M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
+			M1 = stringHash(
+				"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+				stringHash(aConnection['C']) +
+				s.asString(10) +
+				A.asString(10) +
+				aConnection['B'].asString(10) +
+				K
+			);
 			if (someParameters.parameters.M1 == M1) {
@@ -353,3 +364,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
 				
-				M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+				M2 = stringHash(
+					A.asString(10) +
+					someParameters.parameters.M1 +
+					K
+				);
 				result['M2'] = M2;
author	Giulio Cesare Solaroli <giulio.cesare@clipperz.com>	2014-06-02 11:39:16 (UTC)
committer	Giulio Cesare Solaroli <giulio.cesare@clipperz.com>	2014-06-02 16:35:38 (UTC)
commit	0422224521f62da210d1ae6ee15ecdf09f47f1f8 (patch) (side-by-side diff)
tree	df7c0394fbcd1f8bc588ca8aab3ee83f5dc9f0cf
parent	7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (diff)
download	clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.zip clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.gz clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.bz2