| author | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2014-06-02 11:39:16 (UTC) |
|---|---|---|
| committer | Giulio Cesare Solaroli <giulio.cesare@clipperz.com> | 2014-06-02 16:35:38 (UTC) |
| commit | 0422224521f62da210d1ae6ee15ecdf09f47f1f8 (patch) (unidiff) | |
| tree | df7c0394fbcd1f8bc588ca8aab3ee83f5dc9f0cf /frontend/delta | |
| parent | 7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (diff) | |
| download | clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.zip clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.gz clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.bz2 | |
Fixed authentication procedure for offline copy
| -rw-r--r-- | frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js index 3f16f70..d03f873 100644 --- a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js +++ b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js | |||
| @@ -87,31 +87,46 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P | |||
| 87 | 87 | ||
| 88 | randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); | 88 | randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); |
| 89 | aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); | 89 | aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); |
| 90 | v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); | 90 | v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); |
| 91 | aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); | 91 | aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); |
| 92 | 92 | ||
| 93 | aConnection['A'] = someParameters.parameters.A; | 93 | aConnection['A'] = someParameters.parameters.A; |
| 94 | 94 | ||
| 95 | result['s'] = aConnection['userData']['s']; | 95 | result['s'] = aConnection['userData']['s']; |
| 96 | result['B'] = aConnection['B'].asString(16); | 96 | result['B'] = aConnection['B'].asString(16); |
| 97 | 97 | ||
| 98 | nextTollRequestType = 'CONNECT'; | 98 | nextTollRequestType = 'CONNECT'; |
| 99 | } else if (someParameters.message == "credentialCheck") { | 99 | } else if (someParameters.message == "credentialCheck") { |
| 100 | var v, u, S, A, K, M1; | 100 | var v, u, s, S, A, K, M1; |
| 101 | var stringHash = function (aValue) { | ||
| 102 | return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); | ||
| 103 | }; | ||
| 101 | 104 | ||
| 102 | v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); | 105 | v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); |
| 103 | u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16); | ||
| 104 | A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); | 106 | A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); |
| 107 | u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16); | ||
| 108 | s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16); | ||
| 105 | S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); | 109 | S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); |
| 106 | 110 | ||
| 107 | K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); | 111 | K = stringHash(S.asString(10)); |
| 108 | 112 | ||
| 109 | M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2); | 113 | M1 = stringHash( |
| 114 | "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + | ||
| 115 | stringHash(aConnection['C']) + | ||
| 116 | s.asString(10) + | ||
| 117 | A.asString(10) + | ||
| 118 | aConnection['B'].asString(10) + | ||
| 119 | K | ||
| 120 | ); | ||
| 110 | if (someParameters.parameters.M1 == M1) { | 121 | if (someParameters.parameters.M1 == M1) { |
| 111 | var M2; | 122 | var M2; |
| 112 | 123 | ||
| 113 | M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); | 124 | M2 = stringHash( |
| 125 | A.asString(10) + | ||
| 126 | someParameters.parameters.M1 + | ||
| 127 | K | ||
| 128 | ); | ||
| 114 | result['M2'] = M2; | 129 | result['M2'] = M2; |
| 115 | } else { | 130 | } else { |
| 116 | throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); | 131 | throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); |
| 117 | } | 132 | } |