summaryrefslogtreecommitdiff
path: root/frontend/delta
Unidiff
Diffstat (limited to 'frontend/delta') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js27
1 files changed, 21 insertions, 6 deletions
diff --git a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
index 3f16f70..d03f873 100644
--- a/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
+++ b/frontend/delta/js/Clipperz/PM/Proxy/Proxy.Offline.LocalStorageDataStore.js
@@ -1,209 +1,224 @@
1/* 1/*
2 2
3Copyright 2008-2013 Clipperz Srl 3Copyright 2008-2013 Clipperz Srl
4 4
5This file is part of Clipperz, the online password manager. 5This file is part of Clipperz, the online password manager.
6For further information about its features and functionalities please 6For further information about its features and functionalities please
7refer to http://www.clipperz.com. 7refer to http://www.clipperz.com.
8 8
9* Clipperz is free software: you can redistribute it and/or modify it 9* Clipperz is free software: you can redistribute it and/or modify it
10 under the terms of the GNU Affero General Public License as published 10 under the terms of the GNU Affero General Public License as published
11 by the Free Software Foundation, either version 3 of the License, or 11 by the Free Software Foundation, either version 3 of the License, or
12 (at your option) any later version. 12 (at your option) any later version.
13 13
14* Clipperz is distributed in the hope that it will be useful, but 14* Clipperz is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of 15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
17 See the GNU Affero General Public License for more details. 17 See the GNU Affero General Public License for more details.
18 18
19* You should have received a copy of the GNU Affero General Public 19* You should have received a copy of the GNU Affero General Public
20 License along with Clipperz. If not, see http://www.gnu.org/licenses/. 20 License along with Clipperz. If not, see http://www.gnu.org/licenses/.
21 21
22*/ 22*/
23 23
24try { if (typeof(Clipperz.PM.Proxy.Offline.DataStore) == 'undefined') { throw ""; }} catch (e) { 24try { if (typeof(Clipperz.PM.Proxy.Offline.DataStore) == 'undefined') { throw ""; }} catch (e) {
25 throw "Clipperz.PM.Proxy.Offline.LocalStorageDataStore depends on Clipperz.PM.Proxy.Offline.DataStore!"; 25 throw "Clipperz.PM.Proxy.Offline.LocalStorageDataStore depends on Clipperz.PM.Proxy.Offline.DataStore!";
26} 26}
27 27
28//============================================================================= 28//=============================================================================
29 29
30Clipperz.PM.Proxy.Offline.LocalStorageDataStore = function(args) { 30Clipperz.PM.Proxy.Offline.LocalStorageDataStore = function(args) {
31 args = args || {}; 31 args = args || {};
32 32
33 //this._data = args.data || (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null); 33 //this._data = args.data || (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);
34 this._data = JSON.parse(localStorage.getItem('clipperz_dump_data')); 34 this._data = JSON.parse(localStorage.getItem('clipperz_dump_data'));
35 35
36 this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly); 36 this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
37 this._shouldPayTolls = args.shouldPayTolls || false; 37 this._shouldPayTolls = args.shouldPayTolls || false;
38 38
39 this._tolls = {}; 39 this._tolls = {};
40 this._currentStaticConnection = null; 40 this._currentStaticConnection = null;
41 41
42 //Clipperz.PM.Proxy.Offline.LocalStorageDataStore.superclass.constructor.apply(this, arguments); 42 //Clipperz.PM.Proxy.Offline.LocalStorageDataStore.superclass.constructor.apply(this, arguments);
43 43
44 return this; 44 return this;
45} 45}
46 46
47Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.PM.Proxy.Offline.DataStore, { 47Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.LocalStorageDataStore, Clipperz.PM.Proxy.Offline.DataStore, {
48 48
49 //========================================================================= 49 //=========================================================================
50 50
51 '_knock': function(aConnection, someParameters) { 51 '_knock': function(aConnection, someParameters) {
52 var result; 52 var result;
53 53
54 result = { 54 result = {
55 toll: this.getTollForRequestType(someParameters['requestType']) 55 toll: this.getTollForRequestType(someParameters['requestType'])
56 } 56 }
57 57
58 return result; 58 return result;
59 }, 59 },
60 60
61 //------------------------------------------------------------------------- 61 //-------------------------------------------------------------------------
62 62
63 '_registration': function(aConnection, someParameters) { 63 '_registration': function(aConnection, someParameters) {
64 throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly; 64 throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
65 }, 65 },
66 66
67 //------------------------------------------------------------------------- 67 //-------------------------------------------------------------------------
68 68
69 '_handshake': function(aConnection, someParameters) { 69 '_handshake': function(aConnection, someParameters) {
70 var result; 70 var result;
71 varnextTollRequestType; 71 varnextTollRequestType;
72 72
73 result = {}; 73 result = {};
74 if (someParameters.message == "connect") { 74 if (someParameters.message == "connect") {
75 var userData; 75 var userData;
76 var randomBytes; 76 var randomBytes;
77 var v; 77 var v;
78 78
79 userData = this.data()['users'][someParameters.parameters.C]; 79 userData = this.data()['users'][someParameters.parameters.C];
80 80
81 if ((typeof(userData) != 'undefined') && (userData['version'] == someParameters.version)) { 81 if ((typeof(userData) != 'undefined') && (userData['version'] == someParameters.version)) {
82 aConnection['userData'] = userData; 82 aConnection['userData'] = userData;
83 aConnection['C'] = someParameters.parameters.C; 83 aConnection['C'] = someParameters.parameters.C;
84 } else { 84 } else {
85 aConnection['userData'] = this.data()['users']['catchAllUser']; 85 aConnection['userData'] = this.data()['users']['catchAllUser'];
86 } 86 }
87 87
88 randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); 88 randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
89 aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); 89 aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
90 v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); 90 v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
91 aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); 91 aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
92 92
93 aConnection['A'] = someParameters.parameters.A; 93 aConnection['A'] = someParameters.parameters.A;
94 94
95 result['s'] = aConnection['userData']['s']; 95 result['s'] = aConnection['userData']['s'];
96 result['B'] = aConnection['B'].asString(16); 96 result['B'] = aConnection['B'].asString(16);
97 97
98 nextTollRequestType = 'CONNECT'; 98 nextTollRequestType = 'CONNECT';
99 } else if (someParameters.message == "credentialCheck") { 99 } else if (someParameters.message == "credentialCheck") {
100 var v, u, S, A, K, M1; 100 var v, u, s, S, A, K, M1;
101 var stringHash = function (aValue) {
102 return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
103 };
101 104
102 v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); 105 v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
103 u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
104 A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); 106 A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
107 u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
108 s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
105 S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); 109 S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
106 110
107 K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); 111 K = stringHash(S.asString(10));
108 112
109 M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2); 113 M1 = stringHash(
114 "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
115 stringHash(aConnection['C']) +
116 s.asString(10) +
117 A.asString(10) +
118 aConnection['B'].asString(10) +
119 K
120 );
110 if (someParameters.parameters.M1 == M1) { 121 if (someParameters.parameters.M1 == M1) {
111 var M2; 122 var M2;
112 123
113 M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); 124 M2 = stringHash(
125 A.asString(10) +
126 someParameters.parameters.M1 +
127 K
128 );
114 result['M2'] = M2; 129 result['M2'] = M2;
115 } else { 130 } else {
116 throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); 131 throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
117 } 132 }
118 133
119 nextTollRequestType = 'MESSAGE'; 134 nextTollRequestType = 'MESSAGE';
120 } else if (someParameters.message == "oneTimePassword") { 135 } else if (someParameters.message == "oneTimePassword") {
121 var otpData; 136 var otpData;
122 137
123 otpData = this.data()['onetimePasswords'][someParameters.parameters.oneTimePasswordKey]; 138 otpData = this.data()['onetimePasswords'][someParameters.parameters.oneTimePasswordKey];
124 139
125 try { 140 try {
126 if (typeof(otpData) != 'undefined') { 141 if (typeof(otpData) != 'undefined') {
127 if (otpData['status'] == 'ACTIVE') { 142 if (otpData['status'] == 'ACTIVE') {
128 if (otpData['key_checksum'] == someParameters.parameters.oneTimePasswordKeyChecksum) { 143 if (otpData['key_checksum'] == someParameters.parameters.oneTimePasswordKeyChecksum) {
129 result = { 144 result = {
130 'data': otpData['data'], 145 'data': otpData['data'],
131 'version':otpData['version'] 146 'version':otpData['version']
132 } 147 }
133 148
134 otpData['status'] = 'REQUESTED'; 149 otpData['status'] = 'REQUESTED';
135 } else { 150 } else {
136 otpData['status'] = 'DISABLED'; 151 otpData['status'] = 'DISABLED';
137 throw "The requested One Time Password has been disabled, due to a wrong keyChecksum"; 152 throw "The requested One Time Password has been disabled, due to a wrong keyChecksum";
138 } 153 }
139 } else { 154 } else {
140 throw "The requested One Time Password was not active"; 155 throw "The requested One Time Password was not active";
141 } 156 }
142 } else { 157 } else {
143 throw "The requested One Time Password has not been found" 158 throw "The requested One Time Password has not been found"
144 } 159 }
145 } catch (exception) { 160 } catch (exception) {
146 result = { 161 result = {
147 'data': Clipperz.PM.Crypto.randomKey(), 162 'data': Clipperz.PM.Crypto.randomKey(),
148 'version':Clipperz.PM.Connection.communicationProtocol.currentVersion 163 'version':Clipperz.PM.Connection.communicationProtocol.currentVersion
149 } 164 }
150 } 165 }
151 nextTollRequestType = 'CONNECT'; 166 nextTollRequestType = 'CONNECT';
152 } else { 167 } else {
153 Clipperz.logError("Clipperz.PM.Proxy.Test.handshake - unhandled message: " + someParameters.message); 168 Clipperz.logError("Clipperz.PM.Proxy.Test.handshake - unhandled message: " + someParameters.message);
154 } 169 }
155 170
156 result = { 171 result = {
157 result: result, 172 result: result,
158 toll: this.getTollForRequestType(nextTollRequestType) 173 toll: this.getTollForRequestType(nextTollRequestType)
159 } 174 }
160 175
161 return result; 176 return result;
162 }, 177 },
163 178
164 //------------------------------------------------------------------------- 179 //-------------------------------------------------------------------------
165 180
166 '_message': function(aConnection, someParameters) { 181 '_message': function(aConnection, someParameters) {
167 var result; 182 var result;
168 183
169 result = {}; 184 result = {};
170 185
171 //===================================================================== 186 //=====================================================================
172 // 187 //
173 // R E A D - O N L Y M e t h o d s 188 // R E A D - O N L Y M e t h o d s
174 // 189 //
175 //===================================================================== 190 //=====================================================================
176 if (someParameters.message == 'getUserDetails') { 191 if (someParameters.message == 'getUserDetails') {
177 var recordsStats; 192 var recordsStats;
178 var recordReference; 193 var recordReference;
179 194
180 recordsStats = {}; 195 recordsStats = {};
181 for (recordReference in aConnection['userData']['records']) { 196 for (recordReference in aConnection['userData']['records']) {
182 recordsStats[recordReference] = { 197 recordsStats[recordReference] = {
183 'updateDate': aConnection['userData']['records'][recordReference]['updateDate'] 198 'updateDate': aConnection['userData']['records'][recordReference]['updateDate']
184 } 199 }
185 } 200 }
186 201
187 result['header'] = this.userDetails(aConnection); 202 result['header'] = this.userDetails(aConnection);
188 result['statistics'] = this.statistics(aConnection); 203 result['statistics'] = this.statistics(aConnection);
189 result['maxNumberOfRecords'] = aConnection['userData']['maxNumberOfRecords']; 204 result['maxNumberOfRecords'] = aConnection['userData']['maxNumberOfRecords'];
190 result['version'] = aConnection['userData']['userDetailsVersion']; 205 result['version'] = aConnection['userData']['userDetailsVersion'];
191 result['recordsStats'] = recordsStats; 206 result['recordsStats'] = recordsStats;
192 207
193 if (this.isReadOnly() == false) { 208 if (this.isReadOnly() == false) {
194 varlock; 209 varlock;
195 210
196 if (typeof(aConnection['userData']['lock']) == 'undefined') { 211 if (typeof(aConnection['userData']['lock']) == 'undefined') {
197 aConnection['userData']['lock'] = "<<LOCK>>"; 212 aConnection['userData']['lock'] = "<<LOCK>>";
198 } 213 }
199 214
200 result['lock'] = aConnection['userData']['lock']; 215 result['lock'] = aConnection['userData']['lock'];
201 } 216 }
202 217
203 //===================================================================== 218 //=====================================================================
204 } else if (someParameters.message == 'getRecordDetail') { 219 } else if (someParameters.message == 'getRecordDetail') {
205/* 220/*
206 varrecordData; 221 varrecordData;
207 var currentVersionData; 222 var currentVersionData;
208 223
209 recordData = this.userData()['records'][someParameters['parameters']['reference']]; 224 recordData = this.userData()['records'][someParameters['parameters']['reference']];