1 files changed, 25 insertions, 10 deletions
diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
index b806cb7..e5f68a8 100644
--- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
+++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -27,25 +27,25 @@ try { if (typeof(Clipperz.PM.Proxy.Offline) == 'undefined') { throw ""; }} catch
 //=============================================================================
 Clipperz.PM.Proxy.Offline.DataStore = function(args) {
        args = args || {};
        
        this._data = args.data || (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);
        this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
        this._shouldPayTolls = args.shouldPayTolls || false;
        this._tolls = {};
        this._currentStaticConnection = null;
-        
        return this;
 }
 Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
        //-------------------------------------------------------------------------
        'isReadOnly': function () {
                return this._isReadOnly;
        },
        
        //-------------------------------------------------------------------------
@@ -282,32 +282,32 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
                                                'v':    someParameters['credentials']['v'],
                                                'version':someParameters['credentials']['version'],
        //                                      'lock':         Clipperz.Crypto.Base.generateRandomSeed(),
                                                'userDetails':          someParameters['user']['header'],
                                                'statistics':           someParameters['user']['statistics'],
                                                'userDetailsVersion':someParameters['user']['version'],
                                                'records':{}
                                }
                        } else {
                                throw "user already exists";
                        }
                } else {
-                        throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
+                throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
                }
                result = {
                        result: {
                                        'lock':         this.data()['users'][someParameters['credentials']['C']]['lock'],
                                        'result':'done'
-                        },
+        },
                        toll:   this.getTollForRequestType('CONNECT')
                }
                return result;
        },
        //-------------------------------------------------------------------------
        '_handshake': function(aConnection, someParameters) {
                var result;
                        varnextTollRequestType;
@@ -320,47 +320,62 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
                        userData = this.data()['users'][someParameters.parameters.C];
                        
                        if ((typeof(userData) != 'undefined') && (userData['version'] == someParameters.version)) {
                                aConnection['userData'] = userData;
                                aConnection['C'] = someParameters.parameters.C;
                        } else {
                                aConnection['userData'] = this.data()['users']['catchAllUser'];
                        }
                        randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
                        aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
+                        aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
                        
                        aConnection['A'] = someParameters.parameters.A;
                        
                        result['s'] = aConnection['userData']['s'];
                        result['B'] = aConnection['B'].asString(16);
                        
                        nextTollRequestType = 'CONNECT';
                } else if (someParameters.message == "credentialCheck") {
-                        var v, u, S, A, K, M1;
+                        var v, u, s, S, A, K, M1;
-                        
+                        var stringHash = function (aValue) {
+                                return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
+                        };
                        v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
-                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
                        A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
+                        u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
+                        s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
                        S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
-                        K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);
+                        K = stringHash(S.asString(10));
-                        M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);
+                        M1 = stringHash(
+                                "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
+                                stringHash(aConnection['C']) +
+                                s.asString(10) +
+                                A.asString(10) +
+                                aConnection['B'].asString(10) +
+                                K
+                        );
                        if (someParameters.parameters.M1 == M1) {
                                var M2;
                                
-                                M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);
+                                M2 = stringHash(
+                                        A.asString(10) +
+                                        someParameters.parameters.M1 +
+                                        K
+                                );
                                result['M2'] = M2;
                        } else {
                                throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
                        }
                        nextTollRequestType = 'MESSAGE';
                } else if (someParameters.message == "oneTimePassword") {
                        var otpData;
                        
                        otpData = this.data()['onetimePasswords'][someParameters.parameters.oneTimePasswordKey];
                        try {

diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js index b806cb7..e5f68a8 100644 --- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js +++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js
@@ -27,25 +27,25 @@ try { if (typeof(Clipperz.PM.Proxy.Offline) == 'undefined') { throw ""; }} catch
27		27
28	//=============================================================================	28	//=============================================================================
29		29
30	Clipperz.PM.Proxy.Offline.DataStore = function(args) {	30	Clipperz.PM.Proxy.Offline.DataStore = function(args) {
31	args = args \|\| {};	31	args = args \|\| {};
32		32
33	this._data = args.data \|\| (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);	33	this._data = args.data \|\| (typeof(_clipperz_dump_data_) != 'undefined' ? _clipperz_dump_data_ : null);
34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);	34	this._isReadOnly = (typeof(args.readOnly) == 'undefined' ? true : args.readOnly);
35	this._shouldPayTolls = args.shouldPayTolls \|\| false;	35	this._shouldPayTolls = args.shouldPayTolls \|\| false;
36		36
37	this._tolls = {};	37	this._tolls = {};
38	this._currentStaticConnection = null;	38	this._currentStaticConnection = null;
39		39
40	return this;	40	return this;
41	}	41	}
42		42
43	Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {	43	Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
44		44
45	//-------------------------------------------------------------------------	45	//-------------------------------------------------------------------------
46		46
47	'isReadOnly': function () {	47	'isReadOnly': function () {
48	return this._isReadOnly;	48	return this._isReadOnly;
49	},	49	},
50		50
51	//-------------------------------------------------------------------------	51	//-------------------------------------------------------------------------
@@ -282,32 +282,32 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
282	'v': someParameters['credentials']['v'],	282	'v': someParameters['credentials']['v'],
283	'version':someParameters['credentials']['version'],	283	'version':someParameters['credentials']['version'],
284	// 'lock': Clipperz.Crypto.Base.generateRandomSeed(),	284	// 'lock': Clipperz.Crypto.Base.generateRandomSeed(),
285	'userDetails': someParameters['user']['header'],	285	'userDetails': someParameters['user']['header'],
286	'statistics': someParameters['user']['statistics'],	286	'statistics': someParameters['user']['statistics'],
287	'userDetailsVersion':someParameters['user']['version'],	287	'userDetailsVersion':someParameters['user']['version'],
288	'records':{}	288	'records':{}
289	}	289	}
290	} else {	290	} else {
291	throw "user already exists";	291	throw "user already exists";
292	}	292	}
293	} else {	293	} else {
294	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;	294	throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly;
295	}	295	}
296		296
297	result = {	297	result = {
298	result: {	298	result: {
299	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],	299	'lock': this.data()['users'][someParameters['credentials']['C']]['lock'],
300	'result':'done'	300	'result':'done'
301	},	301	},
302	toll: this.getTollForRequestType('CONNECT')	302	toll: this.getTollForRequestType('CONNECT')
303	}	303	}
304		304
305	return result;	305	return result;
306	},	306	},
307		307
308	//-------------------------------------------------------------------------	308	//-------------------------------------------------------------------------
309		309
310	'_handshake': function(aConnection, someParameters) {	310	'_handshake': function(aConnection, someParameters) {
311	var result;	311	var result;
312	varnextTollRequestType;	312	varnextTollRequestType;
313		313
@@ -320,47 +320,62 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, {
320	userData = this.data()['users'][someParameters.parameters.C];	320	userData = this.data()['users'][someParameters.parameters.C];
321		321
322	if ((typeof(userData) != 'undefined') && (userData['version'] == someParameters.version)) {	322	if ((typeof(userData) != 'undefined') && (userData['version'] == someParameters.version)) {
323	aConnection['userData'] = userData;	323	aConnection['userData'] = userData;
324	aConnection['C'] = someParameters.parameters.C;	324	aConnection['C'] = someParameters.parameters.C;
325	} else {	325	} else {
326	aConnection['userData'] = this.data()['users']['catchAllUser'];	326	aConnection['userData'] = this.data()['users']['catchAllUser'];
327	}	327	}
328		328
329	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();	329	randomBytes = Clipperz.Crypto.Base.generateRandomSeed();
330	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);	330	aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16);
331	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	331	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
332	aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));	332	aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()));
333		333
334	aConnection['A'] = someParameters.parameters.A;	334	aConnection['A'] = someParameters.parameters.A;
335		335
336	result['s'] = aConnection['userData']['s'];	336	result['s'] = aConnection['userData']['s'];
337	result['B'] = aConnection['B'].asString(16);	337	result['B'] = aConnection['B'].asString(16);
338		338
339	nextTollRequestType = 'CONNECT';	339	nextTollRequestType = 'CONNECT';
340	} else if (someParameters.message == "credentialCheck") {	340	} else if (someParameters.message == "credentialCheck") {
341	var v, u, S, A, K, M1;	341	var v, u, s, S, A, K, M1;
342		342	var stringHash = function (aValue) {
		343	return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2);
		344	};
		345
343	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);	346	v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16);
344	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16);
345	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);	347	A = new Clipperz.Crypto.BigInt(aConnection['A'], 16);
		348	u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16);
		349	s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16);
346	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());	350	S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n());
347		351
348	K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2);	352	K = stringHash(S.asString(10));
349		353
350	M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2);	354	M1 = stringHash(
		355	"597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" +
		356	stringHash(aConnection['C']) +
		357	s.asString(10) +
		358	A.asString(10) +
		359	aConnection['B'].asString(10) +
		360	K
		361	);
351	if (someParameters.parameters.M1 == M1) {	362	if (someParameters.parameters.M1 == M1) {
352	var M2;	363	var M2;
353		364
354	M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2);	365	M2 = stringHash(
		366	A.asString(10) +
		367	someParameters.parameters.M1 +
		368	K
		369	);
355	result['M2'] = M2;	370	result['M2'] = M2;
356	} else {	371	} else {
357	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");	372	throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error");
358	}	373	}
359		374
360	nextTollRequestType = 'MESSAGE';	375	nextTollRequestType = 'MESSAGE';
361	} else if (someParameters.message == "oneTimePassword") {	376	} else if (someParameters.message == "oneTimePassword") {
362	var otpData;	377	var otpData;
363		378
364	otpData = this.data()['onetimePasswords'][someParameters.parameters.oneTimePasswordKey];	379	otpData = this.data()['onetimePasswords'][someParameters.parameters.oneTimePasswordKey];
365		380
366	try {	381	try {