Fixed authentication procedure for offline copy

author: Giulio Cesare Solaroli <giulio.cesare@clipperz.com> 2014-06-02 11:39:16 (UTC)
committer: Giulio Cesare Solaroli <giulio.cesare@clipperz.com> 2014-06-02 16:35:38 (UTC)
commit: 0422224521f62da210d1ae6ee15ecdf09f47f1f8 (patch) (unidiff)
tree: df7c0394fbcd1f8bc588ca8aab3ee83f5dc9f0cf /frontend
parent: 7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (diff)
download: clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.zip
clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.gz
clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.bz2
3 files changed, 83 insertions, 26 deletions
diff --git a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
index 1a5caff..b0b9b63 100644
--- a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
+++ b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -34,12 +34,13 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
        this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
        this._shouldPayTolls = args.shouldPayTolls || false;
        this._tolls = {};
        this._connections = {};
+        this._C = null;
        this._b = null;
        this._B = null;
        this._A = null;
        this._userData = null;
        return this;
@@ -141,12 +142,22 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
                return deferredResult;
        },
        //=========================================================================
+        'C': function() {
+                return this._C;
+        },
+        'set_C': function(aValue) {
+                this._C = aValue;
+        },
+        //-------------------------------------------------------------------------
        'b': function() {
                return this._b;
        },
        'set_b': function(aValue) {
                this._b = aValue;
@@ -233,14 +244,14 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
                                throw "Missing toll";
                        }
                }
        },
        //=========================================================================
-        
-        'processMessage': function(aFunctionName, someParameters) {
+        'processMessage': function (aFunctionName, someParameters) {
                var result;
                switch(aFunctionName) {
                        case 'knock':
                                result = this._knock(someParameters);
                                break;
@@ -300,20 +311,20 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
                                                'records':{}
                                }
                        } else {
                                throw "user already exists";
                        }
                } else {
-                        throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
+                throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
                }
                result = {
                        result: {
                                        'lock':         this.data()['users'][someParameters['credentials']['C']]['lock'],
                                        'result':'done'
-                        },
+        },
                        toll:   this.getTollForRequestType('CONNECT')
                }
                return MochiKit.Async.succeed(result);
        },
@@ -337,38 +348,54 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
                                this.setUserData(userData);
                        } else {
                                this.setUserData(this.data()['users']['catchAllUser']);
                        }
                        randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
+                        this.set_C(someParameters.parameters.C);
                        this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
                        v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
-                        this.set_B(v.add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
+                        this.set_B((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
                        
                        this.set_A(someParameters.parameters.A);
                        
                        result['s'] = this.userData()['s'];
                        result['B'] = this.B().asString(16);
                        
                        nextTollRequestType = 'CONNECT';
                } else if (someParameters.message == "credentialCheck") {
-                        var v, u, S, A, K, M1;
+                        var v, u, s, S, A, K, M1;
+                        var stringHash = function (aValue) {
+                                return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+                        };
                        
 //console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);
                        v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
-                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(this.B().asString(10))).toHexString(), 16);
                        A = new Clipperz.Crypto.BigInt(this.A(), 16);
+                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10))).toHexString(), 16);
+                        s = new Clipperz.Crypto.BigInt(this.userData()['s'], 16);
                        S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
-                        K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+                        K = stringHash(S.asString(10));
-                        M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10) + K)).toHexString().slice(2);
+                        M1 = stringHash(
+                                "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+                                stringHash(this.C()) +
+                                s.asString(10) +
+                                A.asString(10) +
+                                this.B().asString(10) +
+                                K
+                        );
                        if (someParameters.parameters.M1 == M1) {
                                var M2;
                                
-                                M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+                                M2 = stringHash(
+                                        A.asString(10) +
+                                        someParameters.parameters.M1 +
+                                        K
+                                );
                                result['M2'] = M2;
                        } else {
                                throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
                        }
                        nextTollRequestType = 'MESSAGE';
diff --git a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
index 3f16f70..d03f873 100644
--- a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
+++ b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
@@ -85,35 +85,50 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
                                aConnection['userData'] = this.data()['users']['catchAllUser'];
                        }
                        randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
                        aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
+                        aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
                        
                        aConnection['A'] = someParameters.parameters.A;
                        
                        result['s'] = aConnection['userData']['s'];
                        result['B'] = aConnection['B'].asString(16);
                        
                        nextTollRequestType = 'CONNECT';
                } else if (someParameters.message == "credentialCheck") {
-                        var v, u, S, A, K, M1;
+                        var v, u, s, S, A, K, M1;
+                        var stringHash = function (aValue) {
+                                return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+                        };
                        
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
                        A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
+                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
+                        s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
                        S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
-                        K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+                        K = stringHash(S.asString(10));
-                        M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
+                        M1 = stringHash(
+                                "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+                                stringHash(aConnection['C']) +
+                                s.asString(10) +
+                                A.asString(10) +
+                                aConnection['B'].asString(10) +
+                                K
+                        );
                        if (someParameters.parameters.M1 == M1) {
                                var M2;
                                
-                                M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+                                M2 = stringHash(
+                                        A.asString(10) +
+                                        someParameters.parameters.M1 +
+                                        K
+                                );
                                result['M2'] = M2;
                        } else {
                                throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
                        }
                        nextTollRequestType = 'MESSAGE';
diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
index b806cb7..e5f68a8 100644
--- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
+++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -33,13 +33,13 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
        this._data = args.data || (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);
        this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
        this._shouldPayTolls = args.shouldPayTolls || false;
        this._tolls = {};
        this._currentStaticConnection = null;
-        
        return this;
 }
 Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
        //-------------------------------------------------------------------------
@@ -288,20 +288,20 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
                                                'records':{}
                                }
                        } else {
                                throw "user already exists";
                        }
                } else {
-                        throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
+                throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
                }
                result = {
                        result: {
                                        'lock':         this.data()['users'][someParameters['credentials']['C']]['lock'],
                                        'result':'done'
-                        },
+        },
                        toll:   this.getTollForRequestType('CONNECT')
                }
                return result;
        },
@@ -326,35 +326,50 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
                                aConnection['userData'] = this.data()['users']['catchAllUser'];
                        }
                        randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
                        aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
+                        aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
                        
                        aConnection['A'] = someParameters.parameters.A;
                        
                        result['s'] = aConnection['userData']['s'];
                        result['B'] = aConnection['B'].asString(16);
                        
                        nextTollRequestType = 'CONNECT';
                } else if (someParameters.message == "credentialCheck") {
-                        var v, u, S, A, K, M1;
+                        var v, u, s, S, A, K, M1;
-                        
+                        var stringHash = function (aValue) {
+                                return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+                        };
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
                        A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
+                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
+                        s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
                        S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
-                        K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+                        K = stringHash(S.asString(10));
-                        M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
+                        M1 = stringHash(
+                                "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+                                stringHash(aConnection['C']) +
+                                s.asString(10) +
+                                A.asString(10) +
+                                aConnection['B'].asString(10) +
+                                K
+                        );
                        if (someParameters.parameters.M1 == M1) {
                                var M2;
                                
-                                M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+                                M2 = stringHash(
+                                        A.asString(10) +
+                                        someParameters.parameters.M1 +
+                                        K
+                                );
                                result['M2'] = M2;
                        } else {
                                throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
                        }
                        nextTollRequestType = 'MESSAGE';
author	Giulio Cesare Solaroli <giulio.cesare@clipperz.com>	2014-06-02 11:39:16 (UTC)
committer	Giulio Cesare Solaroli <giulio.cesare@clipperz.com>	2014-06-02 16:35:38 (UTC)
commit	0422224521f62da210d1ae6ee15ecdf09f47f1f8 (patch) (unidiff)
tree	df7c0394fbcd1f8bc588ca8aab3ee83f5dc9f0cf /frontend
parent	7fdb41fa2b1f621636882ad9059c1f3ecfb74083 (diff)
download	clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.zip clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.gz clipperz-0422224521f62da210d1ae6ee15ecdf09f47f1f8.tar.bz2

diff --git a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js index 1a5caff..b0b9b63 100644 --- a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js +++ b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -34,12 +34,13 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);	34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
35	this._shouldPayTolls = args.shouldPayTolls \|\| false;	35	this._shouldPayTolls = args.shouldPayTolls \|\| false;
36		36
37	this._tolls = {};	37	this._tolls = {};
38	this._connections = {};	38	this._connections = {};
39		39
		40	this._C = null;
40	this._b = null;	41	this._b = null;
41	this._B = null;	42	this._B = null;
42	this._A = null;	43	this._A = null;
43	this._userData = null;	44	this._userData = null;
44		45
45	return this;	46	return this;
@@ -141,12 +142,22 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
141		142
142	return deferredResult;	143	return deferredResult;
143	},	144	},
144		145
145	//=========================================================================	146	//=========================================================================
146		147
		148	'C': function() {
		149	return this._C;
		150	},
		151
		152	'set_C': function(aValue) {
		153	this._C = aValue;
		154	},
		155
		156	//-------------------------------------------------------------------------
		157
147	'b': function() {	158	'b': function() {
148	return this._b;	159	return this._b;
149	},	160	},
150		161
151	'set_b': function(aValue) {	162	'set_b': function(aValue) {
152	this._b = aValue;	163	this._b = aValue;
@@ -233,14 +244,14 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
233	throw "Missing toll";	244	throw "Missing toll";
234	}	245	}
235	}	246	}
236	},	247	},
237		248
238	//=========================================================================	249	//=========================================================================
239		250
240	'processMessage': function(aFunctionName, someParameters) {	251	'processMessage': function (aFunctionName, someParameters) {
241	var result;	252	var result;
242		253
243	switch(aFunctionName) {	254	switch(aFunctionName) {
244	case 'knock':	255	case 'knock':
245	result = this._knock(someParameters);	256	result = this._knock(someParameters);
246	break;	257	break;
@@ -300,20 +311,20 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
300	'records':{}	311	'records':{}
301	}	312	}
302	} else {	313	} else {
303	throw "user already exists";	314	throw "user already exists";
304	}	315	}
305	} else {	316	} else {
306	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;	317	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
307	}	318	}
308		319
309	result = {	320	result = {
310	result: {	321	result: {
311	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],	322	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],
312	'result':'done'	323	'result':'done'
313	},	324	},
314	toll: this.getTollForRequestType('CONNECT')	325	toll: this.getTollForRequestType('CONNECT')
315	}	326	}
316		327
317	return MochiKit.Async.succeed(result);	328	return MochiKit.Async.succeed(result);
318	},	329	},
319		330
@@ -337,38 +348,54 @@ Clipperz.PM.Proxy.Offline.DataStore.prototype = MochiKit.Base.update(null, {
337	this.setUserData(userData);	348	this.setUserData(userData);
338	} else {	349	} else {
339	this.setUserData(this.data()['users']['catchAllUser']);	350	this.setUserData(this.data()['users']['catchAllUser']);
340	}	351	}
341		352
342	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();	353	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
		354	this.set_C(someParameters.parameters.C);
343	this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));	355	this.set_b(new Clipperz.Crypto.BigInt(randomBytes, 16));
344	v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);	356	v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
345	this.set_B(v.add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));	357	this.set_B((Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(this.b(), Clipperz.Crypto.SRP.n())));
346		358
347	this.set_A(someParameters.parameters.A);	359	this.set_A(someParameters.parameters.A);
348		360
349	result['s'] = this.userData()['s'];	361	result['s'] = this.userData()['s'];
350	result['B'] = this.B().asString(16);	362	result['B'] = this.B().asString(16);
351		363
352	nextTollRequestType = 'CONNECT';	364	nextTollRequestType = 'CONNECT';
353	} else if (someParameters.message == "credentialCheck") {	365	} else if (someParameters.message == "credentialCheck") {
354	var v, u, S, A, K, M1;	366	var v, u, s, S, A, K, M1;
		367	var stringHash = function (aValue) {
		368	return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
		369	};
355		370
356	//console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);	371	//console.log(">>> Proxy.Offline.DataStore._handshake.credentialCheck", someParameters);
357	v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);	372	v = new Clipperz.Crypto.BigInt(this.userData()['v'], 16);
358	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(this.B().asString(10))).toHexString(), 16);
359	A = new Clipperz.Crypto.BigInt(this.A(), 16);	373	A = new Clipperz.Crypto.BigInt(this.A(), 16);
		374	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10))).toHexString(), 16);
		375	s = new Clipperz.Crypto.BigInt(this.userData()['s'], 16);
360	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());	376	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(this.b(), Clipperz.Crypto.SRP.n());
361		377
362	K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);	378	K = stringHash(S.asString(10));
363		379
364	M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + this.B().asString(10) + K)).toHexString().slice(2);	380	M1 = stringHash(
		381	"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
		382	stringHash(this.C()) +
		383	s.asString(10) +
		384	A.asString(10) +
		385	this.B().asString(10) +
		386	K
		387	);
365	if (someParameters.parameters.M1 == M1) {	388	if (someParameters.parameters.M1 == M1) {
366	var M2;	389	var M2;
367		390
368	M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);	391	M2 = stringHash(
		392	A.asString(10) +
		393	someParameters.parameters.M1 +
		394	K
		395	);
369	result['M2'] = M2;	396	result['M2'] = M2;
370	} else {	397	} else {
371	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");	398	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
372	}	399	}
373		400
374	nextTollRequestType = 'MESSAGE';	401	nextTollRequestType = 'MESSAGE';


diff --git a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js index 3f16f70..d03f873 100644 --- a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js +++ b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
@@ -85,35 +85,50 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.P
85	aConnection['userData'] = this.data()['users']['catchAllUser'];	85	aConnection['userData'] = this.data()['users']['catchAllUser'];
86	}	86	}
87		87
88	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();	88	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
89	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);	89	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
90	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	90	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
91	aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));	91	aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
92		92
93	aConnection['A'] = someParameters.parameters.A;	93	aConnection['A'] = someParameters.parameters.A;
94		94
95	result['s'] = aConnection['userData']['s'];	95	result['s'] = aConnection['userData']['s'];
96	result['B'] = aConnection['B'].asString(16);	96	result['B'] = aConnection['B'].asString(16);
97		97
98	nextTollRequestType = 'CONNECT';	98	nextTollRequestType = 'CONNECT';
99	} else if (someParameters.message == "credentialCheck") {	99	} else if (someParameters.message == "credentialCheck") {
100	var v, u, S, A, K, M1;	100	var v, u, s, S, A, K, M1;
		101	var stringHash = function (aValue) {
		102	return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
		103	};
101		104
102	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	105	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
103	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
104	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);	106	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
		107	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
		108	s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
105	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());	109	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
106		110
107	K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);	111	K = stringHash(S.asString(10));
108		112
109	M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);	113	M1 = stringHash(
		114	"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
		115	stringHash(aConnection['C']) +
		116	s.asString(10) +
		117	A.asString(10) +
		118	aConnection['B'].asString(10) +
		119	K
		120	);
110	if (someParameters.parameters.M1 == M1) {	121	if (someParameters.parameters.M1 == M1) {
111	var M2;	122	var M2;
112		123
113	M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);	124	M2 = stringHash(
		125	A.asString(10) +
		126	someParameters.parameters.M1 +
		127	K
		128	);
114	result['M2'] = M2;	129	result['M2'] = M2;
115	} else {	130	} else {
116	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");	131	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
117	}	132	}
118		133
119	nextTollRequestType = 'MESSAGE';	134	nextTollRequestType = 'MESSAGE';


diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js index b806cb7..e5f68a8 100644 --- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js +++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -33,13 +33,13 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) {
33	this._data = args.data \|\| (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);	33	this._data = args.data \|\| (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);
34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);	34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
35	this._shouldPayTolls = args.shouldPayTolls \|\| false;	35	this._shouldPayTolls = args.shouldPayTolls \|\| false;
36		36
37	this._tolls = {};	37	this._tolls = {};
38	this._currentStaticConnection = null;	38	this._currentStaticConnection = null;
39		39
40	return this;	40	return this;
41	}	41	}
42		42
43	Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {	43	Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
44		44
45	//-------------------------------------------------------------------------	45	//-------------------------------------------------------------------------
@@ -288,20 +288,20 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
288	'records':{}	288	'records':{}
289	}	289	}
290	} else {	290	} else {
291	throw "user already exists";	291	throw "user already exists";
292	}	292	}
293	} else {	293	} else {
294	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;	294	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
295	}	295	}
296		296
297	result = {	297	result = {
298	result: {	298	result: {
299	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],	299	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],
300	'result':'done'	300	'result':'done'
301	},	301	},
302	toll: this.getTollForRequestType('CONNECT')	302	toll: this.getTollForRequestType('CONNECT')
303	}	303	}
304		304
305	return result;	305	return result;
306	},	306	},
307		307
@@ -326,35 +326,50 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
326	aConnection['userData'] = this.data()['users']['catchAllUser'];	326	aConnection['userData'] = this.data()['users']['catchAllUser'];
327	}	327	}
328		328
329	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();	329	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
330	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);	330	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
331	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	331	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
332	aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));	332	aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
333		333
334	aConnection['A'] = someParameters.parameters.A;	334	aConnection['A'] = someParameters.parameters.A;
335		335
336	result['s'] = aConnection['userData']['s'];	336	result['s'] = aConnection['userData']['s'];
337	result['B'] = aConnection['B'].asString(16);	337	result['B'] = aConnection['B'].asString(16);
338		338
339	nextTollRequestType = 'CONNECT';	339	nextTollRequestType = 'CONNECT';
340	} else if (someParameters.message == "credentialCheck") {	340	} else if (someParameters.message == "credentialCheck") {
341	var v, u, S, A, K, M1;	341	var v, u, s, S, A, K, M1;
342		342	var stringHash = function (aValue) {
		343	return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
		344	};
		345
343	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	346	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
344	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
345	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);	347	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
		348	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
		349	s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
346	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());	350	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
347		351
348	K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);	352	K = stringHash(S.asString(10));
349		353
350	M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);	354	M1 = stringHash(
		355	"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
		356	stringHash(aConnection['C']) +
		357	s.asString(10) +
		358	A.asString(10) +
		359	aConnection['B'].asString(10) +
		360	K
		361	);
351	if (someParameters.parameters.M1 == M1) {	362	if (someParameters.parameters.M1 == M1) {
352	var M2;	363	var M2;
353		364
354	M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);	365	M2 = stringHash(
		366	A.asString(10) +
		367	someParameters.parameters.M1 +
		368	K
		369	);
355	result['M2'] = M2;	370	result['M2'] = M2;
356	} else {	371	} else {
357	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");	372	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
358	}	373	}
359		374
360	nextTollRequestType = 'MESSAGE';	375	nextTollRequestType = 'MESSAGE';