1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-26 17:08:33 +01:00

implement crypto functions in more places

This commit is contained in:
Kyle Spearrin 2018-04-21 23:55:21 -04:00
parent fc1114a6bd
commit 5e7115f78d
6 changed files with 26 additions and 43 deletions

View File

@ -30,5 +30,4 @@ export abstract class CryptoService {
decrypt: (cipherString: CipherString, key?: SymmetricCryptoKey) => Promise<ArrayBuffer>;
decryptToUtf8: (cipherString: CipherString, key?: SymmetricCryptoKey) => Promise<string>;
decryptFromBytes: (encBuf: ArrayBuffer, key: SymmetricCryptoKey) => Promise<ArrayBuffer>;
sha1: (password: string) => Promise<string>;
}

View File

@ -26,6 +26,18 @@ export class Utils {
}
}
static fromHexToArray(str: string): Uint8Array {
if (Utils.isNode) {
return new Uint8Array(Buffer.from(str, 'hex'));
} else {
const bytes = new Uint8Array(str.length / 2);
for (let i = 0; i < str.length; i += 2) {
bytes[i / 2] = parseInt(str.substr(i, 2), 16);
}
return bytes;
}
}
static fromUtf8ToArray(str: string): Uint8Array {
if (Utils.isNode) {
return new Uint8Array(Buffer.from(str, 'utf8'));

View File

@ -1,19 +1,20 @@
import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service';
import { CryptoService } from '../abstractions/crypto.service';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
import { Utils } from '../misc/utils';
const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
export class AuditService implements AuditServiceAbstraction {
constructor(private cryptoService: CryptoService) { }
constructor(private cryptoFunctionService: CryptoFunctionService) { }
async passwordLeaked(password: string): Promise<number> {
const hash = (await this.cryptoService.sha1(password)).toUpperCase();
const hashBytes = await this.cryptoFunctionService.hash(password, 'sha1');
const hash = Utils.fromBufferToHex(hashBytes).toUpperCase();
const hashStart = hash.substr(0, 5);
const hashEnding = hash.substr(5);
const response = await fetch(PwnedPasswordsApi + hashStart);
const leakedHashes = await response.text();
const match = leakedHashes.split(/\r?\n/).find((v) => {
return v.split(':')[0] === hashEnding;
});

View File

@ -355,11 +355,6 @@ export class CryptoService implements CryptoServiceAbstraction {
macBytes != null ? macBytes.buffer : null, key);
}
async sha1(password: string): Promise<string> {
const hash = await this.cryptoFunctionService.hash(password, 'sha1');
return Utils.fromBufferToHex(hash);
}
// Helpers
private async aesEncrypt(plainValue: ArrayBuffer, key: SymmetricCryptoKey): Promise<EncryptedObject> {

View File

@ -1,23 +1,20 @@
import { ConstantsService } from './constants.service';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
import { StorageService } from '../abstractions/storage.service';
import { TotpService as TotpServiceAbstraction } from '../abstractions/totp.service';
import { Utils } from '../misc/utils';
const b32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
const TotpAlgorithm = {
name: 'HMAC',
hash: { name: 'SHA-1' },
};
export class TotpService implements TotpServiceAbstraction {
constructor(private storageService: StorageService) {
}
constructor(private storageService: StorageService, private cryptoFunctionService: CryptoFunctionService) {}
async getCode(keyb32: string): Promise<string> {
const epoch = Math.round(new Date().getTime() / 1000.0);
const timeHex = this.leftpad(this.dec2hex(Math.floor(epoch / 30)), 16, '0');
const timeBytes = this.hex2bytes(timeHex);
const timeBytes = Utils.fromHexToArray(timeHex);
const keyBytes = this.b32tobytes(keyb32);
if (!keyBytes.length || !timeBytes.length) {
@ -57,26 +54,6 @@ export class TotpService implements TotpServiceAbstraction {
return parseInt(s, 16);
}
private hex2bytes(s: string): Uint8Array {
const bytes = new Uint8Array(s.length / 2);
for (let i = 0; i < s.length; i += 2) {
bytes[i / 2] = parseInt(s.substr(i, 2), 16);
}
return bytes;
}
private buff2hex(buff: ArrayBuffer): string {
const bytes = new Uint8Array(buff);
const hex: string[] = [];
bytes.forEach((b) => {
// tslint:disable-next-line
hex.push((b >>> 4).toString(16));
// tslint:disable-next-line
hex.push((b & 0xF).toString(16));
});
return hex.join('');
}
private b32tohex(s: string): string {
s = s.toUpperCase();
let cleanedInput = '';
@ -107,12 +84,11 @@ export class TotpService implements TotpServiceAbstraction {
}
private b32tobytes(s: string): Uint8Array {
return this.hex2bytes(this.b32tohex(s));
return Utils.fromHexToArray(this.b32tohex(s));
}
private async sign(keyBytes: Uint8Array, timeBytes: Uint8Array) {
const key = await window.crypto.subtle.importKey('raw', keyBytes, TotpAlgorithm, false, ['sign']);
const signature = await window.crypto.subtle.sign(TotpAlgorithm, key, timeBytes);
return this.buff2hex(signature);
const signature = await this.cryptoFunctionService.hmac(timeBytes.buffer, keyBytes.buffer, 'sha1');
return Utils.fromBufferToHex(signature);
}
}

View File

@ -38,7 +38,7 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
};
const impKey = await this.subtle.importKey('raw', passwordBuf, { name: 'PBKDF2' }, false, ['deriveBits']);
return await window.crypto.subtle.deriveBits(pbkdf2Params, impKey, wcLen);
return await this.subtle.deriveBits(pbkdf2Params, impKey, wcLen);
}
async hash(value: string | ArrayBuffer, algorithm: 'sha1' | 'sha256' | 'sha512'): Promise<ArrayBuffer> {