From 0422224521f62da210d1ae6ee15ecdf09f47f1f8 Mon Sep 17 00:00:00 2001 From: Giulio Cesare Solaroli Date: Mon, 02 Jun 2014 11:39:16 +0000 Subject: Fixed authentication procedure for offline copy --- (limited to 'frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js') diff --git a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js index b806cb7..e5f68a8 100644 --- a/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js +++ b/frontend/gamma/js/Clipperz/PM/Proxy/Proxy.Offline.DataStore.js @@ -36,7 +36,7 @@ Clipperz.PM.Proxy.Offline.DataStore = function(args) { this._tolls = {}; this._currentStaticConnection = null; - + return this; } @@ -291,14 +291,14 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { throw "user already exists"; } } else { - throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly; + throw Clipperz.PM.Proxy.Offline.DataStore.exception.ReadOnly; } result = { result: { 'lock': this.data()['users'][someParameters['credentials']['C']]['lock'], 'result': 'done' - }, + }, toll: this.getTollForRequestType('CONNECT') } @@ -329,7 +329,7 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { randomBytes = Clipperz.Crypto.Base.generateRandomSeed(); aConnection['b'] = new Clipperz.Crypto.BigInt(randomBytes, 16); v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); - aConnection['B'] = v.add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); + aConnection['B'] = (Clipperz.Crypto.SRP.k().multiply(v)).add(Clipperz.Crypto.SRP.g().powerModule(aConnection['b'], Clipperz.Crypto.SRP.n())); aConnection['A'] = someParameters.parameters.A; @@ -338,20 +338,35 @@ Clipperz.Base.extend(Clipperz.PM.Proxy.Offline.DataStore, Object, { nextTollRequestType = 'CONNECT'; } else if (someParameters.message == "credentialCheck") { - var v, u, S, A, K, M1; - + var v, u, s, S, A, K, M1; + var stringHash = function (aValue) { + return Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aValue)).toHexString().substring(2); + }; + v = new Clipperz.Crypto.BigInt(aConnection['userData']['v'], 16); - u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(aConnection['B'].asString(10))).toHexString(), 16); A = new Clipperz.Crypto.BigInt(aConnection['A'], 16); + u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10))).toHexString(), 16); + s = new Clipperz.Crypto.BigInt(aConnection['userData']['s'], 16); S = (A.multiply(v.powerModule(u, Clipperz.Crypto.SRP.n()))).powerModule(aConnection['b'], Clipperz.Crypto.SRP.n()); - K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(S.asString(10))).toHexString().slice(2); + K = stringHash(S.asString(10)); - M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + aConnection['B'].asString(10) + K)).toHexString().slice(2); + M1 = stringHash( + "597626870978286801440197562148588907434001483655788865609375806439877501869636875571920406529" + + stringHash(aConnection['C']) + + s.asString(10) + + A.asString(10) + + aConnection['B'].asString(10) + + K + ); if (someParameters.parameters.M1 == M1) { var M2; - M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(A.asString(10) + someParameters.parameters.M1 + K)).toHexString().slice(2); + M2 = stringHash( + A.asString(10) + + someParameters.parameters.M1 + + K + ); result['M2'] = M2; } else { throw new Error("Client checksum verification failed! Expected <" + M1 + ">, received <" + someParameters.parameters.M1 + ">.", "Error"); -- cgit v0.9.0.2