coolaj86
/
browser-authenticator.js
1
0
Fork 0
Code Issues 2 Pull Requests Releases Activity

tested with WebCrypto and forge

This commit is contained in:
AJ ONeal 2015-10-23 00:40:01 -07:00
parent 8721a6d43d
commit 4f5da5cc94
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
authenticator.js
View File

@ -1,10 +1,9 @@
(function (exports) { (function (exports) {
'use strict'; 'use strict';
var Authenticator = exports.Authenticator || exports; var Authenticator = exports.Authenticator; // || exports;
var Unibabel = window.Unibabel || require('unibabel'); var Unibabel = window.Unibabel; // || require('unibabel');
console.log('window.totp', window.totp); var totp = window.totp; // || require('notp').totp;
var totp = window.totp || require('notp').totp;
if (!window.crypto) { if (!window.crypto) {
document.addEventListener('mousemove', function (event) { document.addEventListener('mousemove', function (event) {
@ -18,11 +17,13 @@ if (!window.crypto) {
// Generate a key // Generate a key
function generateOtpKey() { function generateOtpKey() {
// 20 cryptographically random binary bytes (160-bit key) // 20 cryptographically random binary bytes (160-bit key)
if (false && window.crypto) { if (window.crypto) {
var key = window.crypto.getRandomValues(new Uint8Array(20)); var key = window.crypto.getRandomValues(new Uint8Array(20));
return Promise.resolve(key); return Promise.resolve(key);
} else { } else {
// Promises are supported even in Microsoft Edge
// only old IE and old android need shims
return new Promise(function (resolve, reject) { return new Promise(function (resolve, reject) {
window.forge.random.getBytes(20, function (err, bytes) { window.forge.random.getBytes(20, function (err, bytes) {
if (err) { if (err) {
@ -39,7 +40,7 @@ function generateOtpKey() {
// Text-encode the key as base32 (in the style of Google Authenticator - same as Facebook, Microsoft, etc) // Text-encode the key as base32 (in the style of Google Authenticator - same as Facebook, Microsoft, etc)
function encodeGoogleAuthKey(bin) { function encodeGoogleAuthKey(bin) {
// 32 ascii characters without trailing '='s // 32 ascii characters without trailing '='s
var base32 = Unibabel.bufferToBase32(bin).replace(/=/g, ''); var base32 = (Unibabel||window).bufferToBase32(bin).replace(/=/g, '');
// lowercase with a space every 4 characters // lowercase with a space every 4 characters
var key = base32.toLowerCase().replace(/(\w{4})/g, "$1 ").trim(); var key = base32.toLowerCase().replace(/(\w{4})/g, "$1 ").trim();
@ -55,7 +56,7 @@ function generateGoogleAuthKey() {
function decodeGoogleAuthKey(key) { function decodeGoogleAuthKey(key) {
// decode base32 google auth key to binary // decode base32 google auth key to binary
var unformatted = key.replace(/\W+/g, '').toUpperCase(); var unformatted = key.replace(/\W+/g, '').toUpperCase();
var bin = Unibabel.base32ToBuffer(unformatted); var bin = (Unibabel||window).base32ToBuffer(unformatted);
return bin; return bin;
} }

4
test.html
View File

@ -37,9 +37,11 @@
<button class="js-verify">Verify</button> <button class="js-verify">Verify</button>
</div> </div>
<!-- base32 conversion (and binary string for forge) --> <!-- these two are only needed for webcrypto shim -->
<script src="bower_components/unibabel/index.js"></script> <script src="bower_components/unibabel/index.js"></script>
<script src="bower_components/unibabel/unibabel.hex.js"></script> <script src="bower_components/unibabel/unibabel.hex.js"></script>
<!-- base32 conversion (and binary string for forge) (works standalone from the above) -->
<script src="bower_components/unibabel/unibabel.base32.js"></script> <script src="bower_components/unibabel/unibabel.base32.js"></script>
<!-- forge.hmac --> <!-- forge.hmac -->