1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-27 12:36:14 +01:00

convert cryptoservice from sjcl to forge

This commit is contained in:
Kyle Spearrin 2017-01-12 23:57:56 -05:00
parent 28a24e0467
commit 3728cd8e1d
3 changed files with 30046 additions and 82 deletions

View File

@ -31,11 +31,9 @@
"background": { "background": {
"scripts": [ "scripts": [
"lib/jquery/jquery.js", "lib/jquery/jquery.js",
"lib/sjcl/sjcl.js",
"lib/sjcl/cbc.js",
"lib/sjcl/bitArray.js",
"lib/q/q.js", "lib/q/q.js",
"lib/tldjs/tld.js", "lib/tldjs/tld.js",
"scripts/forge.js",
"models/api/requestModels.js", "models/api/requestModels.js",
"models/api/responseModels.js", "models/api/responseModels.js",
"models/dataModels.js", "models/dataModels.js",

29988
src/scripts/forge.js Normal file

File diff suppressed because it is too large Load Diff

View File

@ -8,10 +8,8 @@ function initCryptoService() {
_b64Key, _b64Key,
_keyHash, _keyHash,
_b64KeyHash, _b64KeyHash,
_aes, _encKey,
_aesWithMac; _macKey;
sjcl.beware["CBC mode is dangerous because it doesn't protect message integrity."]();
CryptoService.prototype.setKey = function (key, callback) { CryptoService.prototype.setKey = function (key, callback) {
if (!callback || typeof callback !== 'function') { if (!callback || typeof callback !== 'function') {
@ -29,7 +27,7 @@ function initCryptoService() {
} }
chrome.storage.local.set({ chrome.storage.local.set({
'key': sjcl.codec.base64.fromBits(key) 'key': forge.util.encode64(key)
}, function () { }, function () {
callback(); callback();
}); });
@ -41,7 +39,7 @@ function initCryptoService() {
throw 'callback function required'; throw 'callback function required';
} }
_keyHash = sjcl.codec.base64.toBits(keyHash); _keyHash = forge.util.encode64(keyHash);
chrome.storage.local.set({ chrome.storage.local.set({
'keyHash': keyHash 'keyHash': keyHash
@ -64,7 +62,7 @@ function initCryptoService() {
return; return;
} }
else if (b64 && b64 === true && _key && !_b64Key) { else if (b64 && b64 === true && _key && !_b64Key) {
_b64Key = sjcl.codec.base64.fromBits(_key); _b64Key = forge.util.encode64(_key);
callback(_b64Key); callback(_b64Key);
return; return;
} }
@ -79,7 +77,7 @@ function initCryptoService() {
chrome.storage.local.get('key', function (obj) { chrome.storage.local.get('key', function (obj) {
if (obj && obj.key) { if (obj && obj.key) {
_key = sjcl.codec.base64.toBits(obj.key); _key = forge.util.decode64(obj.key);
if (b64 && b64 === true) { if (b64 && b64 === true) {
_b64Key = obj.key; _b64Key = obj.key;
@ -98,8 +96,14 @@ function initCryptoService() {
throw 'callback function required'; throw 'callback function required';
} }
if (_encKey) {
callback(_encKey);
}
this.getKey(false, function (key) { this.getKey(false, function (key) {
callback(key.slice(0, 4)); var buffer = forge.util.createBuffer(key);
_encKey = buffer.getBytes(16);
callback(_encKey);
}); });
}; };
@ -108,8 +112,15 @@ function initCryptoService() {
throw 'callback function required'; throw 'callback function required';
} }
if (_macKey) {
callback(_macKey);
}
this.getKey(false, function (key) { this.getKey(false, function (key) {
callback(key.slice(4)); var buffer = forge.util.createBuffer(key);
buffer.getBytes(16);
_macKey = buffer.getBytes(16);
callback(_macKey);
}); });
}; };
@ -126,14 +137,14 @@ function initCryptoService() {
return; return;
} }
else if (b64 && b64 === true && _keyHash && !_b64KeyHash) { else if (b64 && b64 === true && _keyHash && !_b64KeyHash) {
_b64KeyHash = sjcl.codec.base64.fromBits(_keyHash); _b64KeyHash = forge.util.encode64(_keyHash);
callback(_b64KeyHash); callback(_b64KeyHash);
return; return;
} }
chrome.storage.local.get('keyHash', function (obj) { chrome.storage.local.get('keyHash', function (obj) {
if (obj && obj.keyHash) { if (obj && obj.keyHash) {
_keyHash = sjcl.codec.base64.toBits(obj.keyHash); _keyHash = forge.util.decode64(obj.keyHash);
if (b64 && b64 === true) { if (b64 && b64 === true) {
_b64KeyHash = obj.keyHash; _b64KeyHash = obj.keyHash;
@ -151,7 +162,7 @@ function initCryptoService() {
throw 'callback function required'; throw 'callback function required';
} }
_key = _b64Key = _aes = _aesWithMac = null; _key = _b64Key = _macKey = _encKey = null;
chrome.storage.local.remove('key', function () { chrome.storage.local.remove('key', function () {
callback(); callback();
}); });
@ -196,10 +207,10 @@ function initCryptoService() {
}; };
CryptoService.prototype.makeKey = function (password, salt, b64) { CryptoService.prototype.makeKey = function (password, salt, b64) {
var key = sjcl.misc.pbkdf2(password, salt, 5000, 256, null); var key = forge.pbkdf2(password, salt, 5000, 256 / 8, 'sha256');
if (b64 && b64 === true) { if (b64 && b64 === true) {
return sjcl.codec.base64.fromBits(key); return forge.util.encode64(key);
} }
return key; return key;
@ -215,36 +226,8 @@ function initCryptoService() {
throw 'Invalid parameters.'; throw 'Invalid parameters.';
} }
var hashBits = sjcl.misc.pbkdf2(key, password, 1, 256, null); var hashBits = forge.pbkdf2(key, password, 1, 256 / 8, 'sha256');
callback(sjcl.codec.base64.fromBits(hashBits)); callback(forge.util.encode64(hashBits));
});
};
CryptoService.prototype.getAes = function (callback) {
if (!callback || typeof callback !== 'function') {
throw 'callback function required';
}
this.getKey(false, function (key) {
if (!_aes && key) {
_aes = new sjcl.cipher.aes(key);
}
callback(_aes);
});
};
CryptoService.prototype.getAesWithMac = function (callback) {
if (!callback || typeof callback !== 'function') {
throw 'callback function required';
}
this.getEncKey(function (encKey) {
if (!_aesWithMac && encKey) {
_aesWithMac = new sjcl.cipher.aes(encKey);
}
callback(_aesWithMac);
}); });
}; };
@ -266,22 +249,21 @@ function initCryptoService() {
// TODO: Turn on whenever ready to support encrypt-then-mac // TODO: Turn on whenever ready to support encrypt-then-mac
var encKey = false ? theEncKey : key; var encKey = false ? theEncKey : key;
var response = {}; var buffer = forge.util.createBuffer(plaintextValue, 'utf8');
var params = { var ivBytes = forge.random.getBytesSync(16);
mode: 'cbc', var cipher = forge.cipher.createCipher('AES-CBC', encKey);
iv: sjcl.random.randomWords(4, 10) cipher.start({ iv: ivBytes });
}; cipher.update(buffer);
cipher.finish();
var ctJson = sjcl.encrypt(encKey, plaintextValue, params, response);
var ct = ctJson.match(/"ct":"([^"]*)"/)[1];
var iv = sjcl.codec.base64.fromBits(response.iv);
var iv = forge.util.encode64(ivBytes);
var ctBytes = cipher.output.getBytes();
var ct = forge.util.encode64(ctBytes);
var cipherString = iv + '|' + ct; var cipherString = iv + '|' + ct;
// TODO: Turn on whenever ready to support encrypt-then-mac // TODO: Turn on whenever ready to support encrypt-then-mac
if (false) { if (false) {
var mac = computeMac(ct, response.iv, macKey); var mac = computeMac(ctBytes, ivBytes, macKey);
cipherString = cipherString + '|' + mac; cipherString = cipherString + '|' + mac;
} }
@ -303,19 +285,15 @@ function initCryptoService() {
throw 'cannot decrypt nothing'; throw 'cannot decrypt nothing';
} }
self.getKey(false, function (key) {
self.getEncKey(function (theEncKey) {
self.getMacKey(function (macKey) { self.getMacKey(function (macKey) {
if (!macKey) { if (!macKey) {
throw 'MAC key unavailable.'; throw 'MAC key unavailable.';
} }
self.getAes(function (aes) { var ivBits = forge.util.decode64(cipherString.initializationVector);
self.getAesWithMac(function (aesWithMac) { var ctBits = forge.util.decode64(cipherString.cipherText);
if (!aes || !aesWithMac) {
throw 'AES encryption unavailable.';
}
var ivBits = sjcl.codec.base64.toBits(cipherString.initializationVector);
var ctBits = sjcl.codec.base64.toBits(cipherString.cipherText);
var computedMac = null; var computedMac = null;
if (cipherString.mac) { if (cipherString.mac) {
@ -326,8 +304,13 @@ function initCryptoService() {
} }
} }
var decBits = sjcl.mode.cbc.decrypt(computedMac ? aesWithMac : aes, ctBits, ivBits, null); var ctBuffer = forge.util.createBuffer(ctBits);
var decValue = sjcl.codec.utf8String.fromBits(decBits); var decipher = forge.cipher.createDecipher('AES-CBC', computedMac ? theEncKey : key);
decipher.start({ iv: ivBits });
decipher.update(ctBuffer);
decipher.finish();
var decValue = decipher.output.toString('utf8');
deferred.resolve(decValue); deferred.resolve(decValue);
}); });
}); });
@ -337,16 +320,11 @@ function initCryptoService() {
}; };
function computeMac(ct, iv, macKey) { function computeMac(ct, iv, macKey) {
if (typeof ct === 'string') {
ct = sjcl.codec.base64.toBits(ct);
}
if (typeof iv === 'string') {
iv = sjcl.codec.base64.toBits(iv);
}
var hmac = new sjcl.misc.hmac(macKey, sjcl.hash.sha256);
var bits = iv.concat(ct); var bits = iv.concat(ct);
var mac = hmac.encrypt(bits); var hmac = forge.hmac.create();
return sjcl.codec.base64.fromBits(mac); hmac.start('sha256', macKey);
hmac.update(bits);
var mac = hmac.digest();
return forge.util.encode64(mac);
} }
}; };