Compare commits
No commits in common. "gh-pages" and "design" have entirely different histories.
|
@ -1,6 +1,4 @@
|
|||
# Only ignore the bower_components on the top level so we can commit whatever parts of the
|
||||
# packages we need for the statically served gh-pages to work inside the demo folder.
|
||||
/bower_components
|
||||
bower_components
|
||||
|
||||
# Logs
|
||||
logs
|
||||
|
|
207
LICENSE
207
LICENSE
|
@ -1,41 +1,202 @@
|
|||
Copyright 2018 AJ ONeal
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
This is open source software; you can redistribute it and/or modify it under the
|
||||
terms of either:
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
a) the "MIT License"
|
||||
b) the "Apache-2.0 License"
|
||||
1. Definitions.
|
||||
|
||||
MIT License
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
Apache-2.0 License Summary
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "{}"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright {yyyy} {name of copyright owner}
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
||||
|
|
35
README.md
35
README.md
|
@ -2,12 +2,11 @@
|
|||
|
||||
Two- / Multi- Factor Authenication (2FA / MFA) for browser JavaScript
|
||||
|
||||
<!-- [![](http://i.imgur.com/sdvMdbo.png)](https://authenticator.ppl.family/) -->
|
||||
![](https://blog.authy.com/assets/posts/authenticator.png)
|
||||
|
||||
There are a number of apps that various websites use to give you 6-digit codes to increase security when you log in:
|
||||
|
||||
* [Authy](https://www.authy.com/personal/) [iPhone](https://itunes.apple.com/us/app/authy/id494168017?mt=8) | [Android](https://play.google.com/store/apps/details?id=com.authy.authy&hl=en) | [Chrome](https://chrome.google.com/webstore/detail/authy/gaedmjdfmmahhbjefcbgaolhhanlaolb?hl=en) | [Linux](https://www.authy.com/personal/) | [OS X](https://www.authy.com/personal/) | [BlackBerry](https://appworld.blackberry.com/webstore/content/38831914/?countrycode=US&lang=en)
|
||||
* Authy (shown above) [iPhone](https://itunes.apple.com/us/app/authy/id494168017?mt=8) | [Android](https://play.google.com/store/apps/details?id=com.authy.authy&hl=en) | [Chrome](https://chrome.google.com/webstore/detail/authy/gaedmjdfmmahhbjefcbgaolhhanlaolb?hl=en) | [Linux](https://www.authy.com/personal/) | [OS X](https://www.authy.com/personal/) | [BlackBerry](https://appworld.blackberry.com/webstore/content/38831914/?countrycode=US&lang=en)
|
||||
* Google Authenticator [iPhone](https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8) | [Android](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en)
|
||||
* Microsoft Authenticator [Windows Phone](https://www.microsoft.com/en-us/store/apps/authenticator/9wzdncrfj3rj) | [Android](https://play.google.com/store/apps/details?id=com.microsoft.msa.authenticator)
|
||||
* GAuth [FxOS](https://marketplace.firefox.com/app/gauth/)
|
||||
|
@ -15,17 +14,16 @@ There are a number of apps that various websites use to give you 6-digit codes t
|
|||
There are many [Services that Support MFA](http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now),
|
||||
including Google, Microsoft, Facebook, and Digital Ocean for starters.
|
||||
|
||||
This module uses [`botp`](https://git.coolaj86.com/coolaj86/botp.js) which implements `TOTP` [(RFC 6238)](https://www.ietf.org/rfc/rfc6238.txt)
|
||||
This module uses [`botp`](https://github.com/Daplie/botp) which implements `TOTP` [(RFC 6238)](https://www.ietf.org/rfc/rfc6238.txt)
|
||||
(the *Authenticator* standard), which is based on `HOTP` [(RFC 4226)](https://www.ietf.org/rfc/rfc4226.txt)
|
||||
to provide codes that are exactly compatible with all other *Authenticator* apps and services that use them.
|
||||
|
||||
Demo
|
||||
====
|
||||
|
||||
[Live Demo](https://authenticator.ppl.family/)
|
||||
at <https://authenticator.ppl.family/>
|
||||
[Live Demo](https://daplie.github.io/browser-authenticator/) at <https://daplie.github.io/browser-authenticator/>
|
||||
|
||||
You may also be interested in [Node Authenticator](https://git.coolaj86.com/coolaj86/node-authenticator.js) over at <https://git.coolaj86.com/coolaj86/node-authenticator.js>
|
||||
You may also be interested in [Node Authenticator](https://github.com/Daplie/node-authenticator) over at <https://github.com/Daplie/node-authenticator>
|
||||
|
||||
Usage
|
||||
=====
|
||||
|
@ -42,11 +40,6 @@ var authenticator = window.Authenticator;
|
|||
authenticator.generateKey().then(function (formattedKey) {
|
||||
// "acqo ua72 d3yf a4e5 uorx ztkh j2xl 3wiz"
|
||||
|
||||
authenticator.generateTotpUri(formattedKey, "john.doe@email.com", "ACME Co", 'SHA1', 6, 30);
|
||||
//
|
||||
// otpauth://totp/ACME%20Co:john.doe@email.com?secret=ACQOUA72D3YFA4E5UORXZTKHJ2XL3WIZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30
|
||||
|
||||
|
||||
authenticator.generateToken(formattedKey).then(function (formattedToken) {
|
||||
// "957 124"
|
||||
|
||||
|
@ -114,18 +107,6 @@ validates a time-based token within a +/- 30 second (90 seconds) window
|
|||
|
||||
returns `null` on failure or an object such as `{ delta: 0 }` on success
|
||||
|
||||
### generateTotpUri(formattedKey, accountName, issuer, algorithm, digits, period)
|
||||
|
||||
generates an `OTPAUTH://` scheme URI for QR Code generation.
|
||||
|
||||
**OTPAuth Scheme**
|
||||
|
||||
* <https://github.com/google/google-authenticator/wiki/Key-Uri-Format>
|
||||
* `otpauth://totp/<<ISSUER>>:<<ACCOUNT_NAME>>?secret=<<BASE32_KEY>>&issuer=<<ISSUER>>`
|
||||
* `otpauth://totp/<<ISSUER>>:<<ACCOUNT_NAME>>?secret=<<BASE32_KEY>>&issuer=<<ISSUER>>&algorithm=<<ALGO>>&digits=<<INT>>&period=<<SECONDS>>`
|
||||
|
||||
Note that `ISSUER` is specified twice for backwards / forwards compatibility.
|
||||
|
||||
QR Code
|
||||
-------
|
||||
|
||||
|
@ -173,11 +154,3 @@ The window is set to +/- 1, meaning each token is valid for a total of 90 second
|
|||
(-30 seconds, +0 seconds, and +30 seconds)
|
||||
to account for time drift (which should be very rare for mobile devices)
|
||||
and humans who are handicapped or otherwise struggle with quick fine motor skills (like my grandma).
|
||||
|
||||
|
||||
Install WebApp
|
||||
--------------
|
||||
|
||||
```bash
|
||||
git clone --depth 1 https://git.coolaj86.com/coolaj86/browser-authenticator.js.git
|
||||
```
|
||||
|
|
|
@ -5,14 +5,7 @@ var Authenticator = exports.Authenticator || exports;
|
|||
var Unibabel = window.Unibabel; // || require('unibabel');
|
||||
var totp = window.totp; // || require('notp').totp;
|
||||
|
||||
function loadForge() {
|
||||
var script = document.createElement('script');
|
||||
script.src = '/demo/bower_components/forge/dist/forge.min.js';
|
||||
script.addEventListener('load', collectRandom);
|
||||
document.body.appendChild(script);
|
||||
}
|
||||
|
||||
function collectRandom() {
|
||||
if (!window.crypto) {
|
||||
document.addEventListener('mousemove', function (event) {
|
||||
var ev = event || window.event;
|
||||
|
||||
|
@ -21,14 +14,6 @@ function collectRandom() {
|
|||
});
|
||||
}
|
||||
|
||||
if (!window.crypto) {
|
||||
if (!window.forge) {
|
||||
loadForge();
|
||||
} else {
|
||||
collectRandom();
|
||||
}
|
||||
}
|
||||
|
||||
// Generate a key
|
||||
function generateOtpKey() {
|
||||
// 20 cryptographically random binary bytes (160-bit key)
|
||||
|
@ -96,18 +81,6 @@ function verifyGoogleAuthToken(key, token) {
|
|||
Authenticator.generateKey = generateGoogleAuthKey;
|
||||
Authenticator.generateToken = generateGoogleAuthToken;
|
||||
Authenticator.verifyToken = verifyGoogleAuthToken;
|
||||
Authenticator.generateTotpUri = function (secret, accountName, issuer, algo, digits, period) {
|
||||
// Full OTPAUTH URI spec as explained at
|
||||
// https://github.com/google/google-authenticator/wiki/Key-Uri-Format
|
||||
return 'otpauth://totp/'
|
||||
+ encodeURI(issuer || '') + ':' + encodeURI(accountName || '')
|
||||
+ '?secret=' + secret.replace(/[\s\.\_\-]+/g, '').toUpperCase()
|
||||
+ '&issuer=' + encodeURIComponent(issuer || '')
|
||||
+ '&algorithm=' + (algo || 'SHA1')
|
||||
+ '&digits=' + (digits || 6)
|
||||
+ '&period=' + (period || 30)
|
||||
;
|
||||
};
|
||||
|
||||
}(
|
||||
'undefined' !== typeof window ? (window.Authenticator = {}) : module.exports
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{
|
||||
"name": "authenticator",
|
||||
"homepage": "https://git.coolaj86.com/coolaj86/browser-authenticator.js",
|
||||
"version": "1.0.4",
|
||||
"homepage": "https://github.com/Daplie/browser-authenticator",
|
||||
"authors": [
|
||||
"AJ ONeal <awesome@coolaj86.com>"
|
||||
],
|
||||
|
@ -30,16 +31,12 @@
|
|||
"**/.*",
|
||||
"node_modules",
|
||||
"bower_components",
|
||||
"demo",
|
||||
"example",
|
||||
"index.html",
|
||||
"test.html",
|
||||
"test",
|
||||
"tests"
|
||||
],
|
||||
"dependencies": {
|
||||
"botp": "~3.0.2",
|
||||
"forge": "~0.7.1",
|
||||
"forge": "~0.6.37",
|
||||
"unibabel": "~2.1.2"
|
||||
}
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,286 @@
|
|||
/**
|
||||
* Cipher base API.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2014 Digital Bazaar, Inc.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
forge.cipher = forge.cipher || {};
|
||||
|
||||
// registered algorithms
|
||||
forge.cipher.algorithms = forge.cipher.algorithms || {};
|
||||
|
||||
/**
|
||||
* Creates a cipher object that can be used to encrypt data using the given
|
||||
* algorithm and key. The algorithm may be provided as a string value for a
|
||||
* previously registered algorithm or it may be given as a cipher algorithm
|
||||
* API object.
|
||||
*
|
||||
* @param algorithm the algorithm to use, either a string or an algorithm API
|
||||
* object.
|
||||
* @param key the key to use, as a binary-encoded string of bytes or a
|
||||
* byte buffer.
|
||||
*
|
||||
* @return the cipher.
|
||||
*/
|
||||
forge.cipher.createCipher = function(algorithm, key) {
|
||||
var api = algorithm;
|
||||
if(typeof api === 'string') {
|
||||
api = forge.cipher.getAlgorithm(api);
|
||||
if(api) {
|
||||
api = api();
|
||||
}
|
||||
}
|
||||
if(!api) {
|
||||
throw new Error('Unsupported algorithm: ' + algorithm);
|
||||
}
|
||||
|
||||
// assume block cipher
|
||||
return new forge.cipher.BlockCipher({
|
||||
algorithm: api,
|
||||
key: key,
|
||||
decrypt: false
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Creates a decipher object that can be used to decrypt data using the given
|
||||
* algorithm and key. The algorithm may be provided as a string value for a
|
||||
* previously registered algorithm or it may be given as a cipher algorithm
|
||||
* API object.
|
||||
*
|
||||
* @param algorithm the algorithm to use, either a string or an algorithm API
|
||||
* object.
|
||||
* @param key the key to use, as a binary-encoded string of bytes or a
|
||||
* byte buffer.
|
||||
*
|
||||
* @return the cipher.
|
||||
*/
|
||||
forge.cipher.createDecipher = function(algorithm, key) {
|
||||
var api = algorithm;
|
||||
if(typeof api === 'string') {
|
||||
api = forge.cipher.getAlgorithm(api);
|
||||
if(api) {
|
||||
api = api();
|
||||
}
|
||||
}
|
||||
if(!api) {
|
||||
throw new Error('Unsupported algorithm: ' + algorithm);
|
||||
}
|
||||
|
||||
// assume block cipher
|
||||
return new forge.cipher.BlockCipher({
|
||||
algorithm: api,
|
||||
key: key,
|
||||
decrypt: true
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Registers an algorithm by name. If the name was already registered, the
|
||||
* algorithm API object will be overwritten.
|
||||
*
|
||||
* @param name the name of the algorithm.
|
||||
* @param algorithm the algorithm API object.
|
||||
*/
|
||||
forge.cipher.registerAlgorithm = function(name, algorithm) {
|
||||
name = name.toUpperCase();
|
||||
forge.cipher.algorithms[name] = algorithm;
|
||||
};
|
||||
|
||||
/**
|
||||
* Gets a registered algorithm by name.
|
||||
*
|
||||
* @param name the name of the algorithm.
|
||||
*
|
||||
* @return the algorithm, if found, null if not.
|
||||
*/
|
||||
forge.cipher.getAlgorithm = function(name) {
|
||||
name = name.toUpperCase();
|
||||
if(name in forge.cipher.algorithms) {
|
||||
return forge.cipher.algorithms[name];
|
||||
}
|
||||
return null;
|
||||
};
|
||||
|
||||
var BlockCipher = forge.cipher.BlockCipher = function(options) {
|
||||
this.algorithm = options.algorithm;
|
||||
this.mode = this.algorithm.mode;
|
||||
this.blockSize = this.mode.blockSize;
|
||||
this._finish = false;
|
||||
this._input = null;
|
||||
this.output = null;
|
||||
this._op = options.decrypt ? this.mode.decrypt : this.mode.encrypt;
|
||||
this._decrypt = options.decrypt;
|
||||
this.algorithm.initialize(options);
|
||||
};
|
||||
|
||||
/**
|
||||
* Starts or restarts the encryption or decryption process, whichever
|
||||
* was previously configured.
|
||||
*
|
||||
* For non-GCM mode, the IV may be a binary-encoded string of bytes, an array
|
||||
* of bytes, a byte buffer, or an array of 32-bit integers. If the IV is in
|
||||
* bytes, then it must be Nb (16) bytes in length. If the IV is given in as
|
||||
* 32-bit integers, then it must be 4 integers long.
|
||||
*
|
||||
* Note: an IV is not required or used in ECB mode.
|
||||
*
|
||||
* For GCM-mode, the IV must be given as a binary-encoded string of bytes or
|
||||
* a byte buffer. The number of bytes should be 12 (96 bits) as recommended
|
||||
* by NIST SP-800-38D but another length may be given.
|
||||
*
|
||||
* @param options the options to use:
|
||||
* iv the initialization vector to use as a binary-encoded string of
|
||||
* bytes, null to reuse the last ciphered block from a previous
|
||||
* update() (this "residue" method is for legacy support only).
|
||||
* additionalData additional authentication data as a binary-encoded
|
||||
* string of bytes, for 'GCM' mode, (default: none).
|
||||
* tagLength desired length of authentication tag, in bits, for
|
||||
* 'GCM' mode (0-128, default: 128).
|
||||
* tag the authentication tag to check if decrypting, as a
|
||||
* binary-encoded string of bytes.
|
||||
* output the output the buffer to write to, null to create one.
|
||||
*/
|
||||
BlockCipher.prototype.start = function(options) {
|
||||
options = options || {};
|
||||
var opts = {};
|
||||
for(var key in options) {
|
||||
opts[key] = options[key];
|
||||
}
|
||||
opts.decrypt = this._decrypt;
|
||||
this._finish = false;
|
||||
this._input = forge.util.createBuffer();
|
||||
this.output = options.output || forge.util.createBuffer();
|
||||
this.mode.start(opts);
|
||||
};
|
||||
|
||||
/**
|
||||
* Updates the next block according to the cipher mode.
|
||||
*
|
||||
* @param input the buffer to read from.
|
||||
*/
|
||||
BlockCipher.prototype.update = function(input) {
|
||||
if(input) {
|
||||
// input given, so empty it into the input buffer
|
||||
this._input.putBuffer(input);
|
||||
}
|
||||
|
||||
// do cipher operation until it needs more input and not finished
|
||||
while(!this._op.call(this.mode, this._input, this.output, this._finish) &&
|
||||
!this._finish) {}
|
||||
|
||||
// free consumed memory from input buffer
|
||||
this._input.compact();
|
||||
};
|
||||
|
||||
/**
|
||||
* Finishes encrypting or decrypting.
|
||||
*
|
||||
* @param pad a padding function to use in CBC mode, null for default,
|
||||
* signature(blockSize, buffer, decrypt).
|
||||
*
|
||||
* @return true if successful, false on error.
|
||||
*/
|
||||
BlockCipher.prototype.finish = function(pad) {
|
||||
// backwards-compatibility w/deprecated padding API
|
||||
// Note: will overwrite padding functions even after another start() call
|
||||
if(pad && (this.mode.name === 'ECB' || this.mode.name === 'CBC')) {
|
||||
this.mode.pad = function(input) {
|
||||
return pad(this.blockSize, input, false);
|
||||
};
|
||||
this.mode.unpad = function(output) {
|
||||
return pad(this.blockSize, output, true);
|
||||
};
|
||||
}
|
||||
|
||||
// build options for padding and afterFinish functions
|
||||
var options = {};
|
||||
options.decrypt = this._decrypt;
|
||||
|
||||
// get # of bytes that won't fill a block
|
||||
options.overflow = this._input.length() % this.blockSize;
|
||||
|
||||
if(!this._decrypt && this.mode.pad) {
|
||||
if(!this.mode.pad(this._input, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// do final update
|
||||
this._finish = true;
|
||||
this.update();
|
||||
|
||||
if(this._decrypt && this.mode.unpad) {
|
||||
if(!this.mode.unpad(this.output, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if(this.mode.afterFinish) {
|
||||
if(!this.mode.afterFinish(this.output, options)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
};
|
||||
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'cipher';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
})();
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,204 @@
|
|||
/**
|
||||
* Hash-based Message Authentication Code implementation. Requires a message
|
||||
* digest object that can be obtained, for example, from forge.md.sha1 or
|
||||
* forge.md.md5.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2012 Digital Bazaar, Inc. All rights reserved.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
/* HMAC API */
|
||||
var hmac = forge.hmac = forge.hmac || {};
|
||||
|
||||
/**
|
||||
* Creates an HMAC object that uses the given message digest object.
|
||||
*
|
||||
* @return an HMAC object.
|
||||
*/
|
||||
hmac.create = function() {
|
||||
// the hmac key to use
|
||||
var _key = null;
|
||||
|
||||
// the message digest to use
|
||||
var _md = null;
|
||||
|
||||
// the inner padding
|
||||
var _ipadding = null;
|
||||
|
||||
// the outer padding
|
||||
var _opadding = null;
|
||||
|
||||
// hmac context
|
||||
var ctx = {};
|
||||
|
||||
/**
|
||||
* Starts or restarts the HMAC with the given key and message digest.
|
||||
*
|
||||
* @param md the message digest to use, null to reuse the previous one,
|
||||
* a string to use builtin 'sha1', 'md5', 'sha256'.
|
||||
* @param key the key to use as a string, array of bytes, byte buffer,
|
||||
* or null to reuse the previous key.
|
||||
*/
|
||||
ctx.start = function(md, key) {
|
||||
console.log('forge key start', typeof key, Object.prototype.toString.apply(key));
|
||||
|
||||
if(md !== null) {
|
||||
if(typeof md === 'string') {
|
||||
// create builtin message digest
|
||||
md = md.toLowerCase();
|
||||
if(md in forge.md.algorithms) {
|
||||
_md = forge.md.algorithms[md].create();
|
||||
} else {
|
||||
throw new Error('Unknown hash algorithm "' + md + '"');
|
||||
}
|
||||
} else {
|
||||
// store message digest
|
||||
_md = md;
|
||||
}
|
||||
}
|
||||
|
||||
if(key === null) {
|
||||
// reuse previous key
|
||||
key = _key;
|
||||
} else {
|
||||
if(typeof key === 'string') {
|
||||
// convert string into byte buffer
|
||||
key = forge.util.createBuffer(key);
|
||||
} else if(forge.util.isArray(key)) {
|
||||
// convert byte array into byte buffer
|
||||
var tmp = key;
|
||||
key = forge.util.createBuffer();
|
||||
for(var i = 0; i < tmp.length; ++i) {
|
||||
key.putByte(tmp[i]);
|
||||
}
|
||||
}
|
||||
|
||||
console.log('forge key', key);
|
||||
|
||||
// if key is longer than blocksize, hash it
|
||||
var keylen = key.length();
|
||||
if(keylen > _md.blockLength) {
|
||||
_md.start();
|
||||
_md.update(key.bytes());
|
||||
key = _md.digest();
|
||||
}
|
||||
|
||||
// mix key into inner and outer padding
|
||||
// ipadding = [0x36 * blocksize] ^ key
|
||||
// opadding = [0x5C * blocksize] ^ key
|
||||
_ipadding = forge.util.createBuffer();
|
||||
_opadding = forge.util.createBuffer();
|
||||
keylen = key.length();
|
||||
for(var i = 0; i < keylen; ++i) {
|
||||
var tmp = key.at(i);
|
||||
_ipadding.putByte(0x36 ^ tmp);
|
||||
_opadding.putByte(0x5C ^ tmp);
|
||||
}
|
||||
|
||||
// if key is shorter than blocksize, add additional padding
|
||||
if(keylen < _md.blockLength) {
|
||||
var tmp = _md.blockLength - keylen;
|
||||
for(var i = 0; i < tmp; ++i) {
|
||||
_ipadding.putByte(0x36);
|
||||
_opadding.putByte(0x5C);
|
||||
}
|
||||
}
|
||||
_key = key;
|
||||
_ipadding = _ipadding.bytes();
|
||||
_opadding = _opadding.bytes();
|
||||
}
|
||||
|
||||
// digest is done like so: hash(opadding | hash(ipadding | message))
|
||||
|
||||
// prepare to do inner hash
|
||||
// hash(ipadding | message)
|
||||
_md.start();
|
||||
_md.update(_ipadding);
|
||||
};
|
||||
|
||||
/**
|
||||
* Updates the HMAC with the given message bytes.
|
||||
*
|
||||
* @param bytes the bytes to update with.
|
||||
*/
|
||||
ctx.update = function(bytes) {
|
||||
_md.update(bytes);
|
||||
};
|
||||
|
||||
/**
|
||||
* Produces the Message Authentication Code (MAC).
|
||||
*
|
||||
* @return a byte buffer containing the digest value.
|
||||
*/
|
||||
ctx.getMac = function() {
|
||||
// digest is done like so: hash(opadding | hash(ipadding | message))
|
||||
// here we do the outer hashing
|
||||
var inner = _md.digest().bytes();
|
||||
_md.start();
|
||||
_md.update(_opadding);
|
||||
_md.update(inner);
|
||||
return _md.digest();
|
||||
};
|
||||
// alias for getMac
|
||||
ctx.digest = ctx.getMac;
|
||||
|
||||
return ctx;
|
||||
};
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'hmac';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './md', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
})();
|
|
@ -0,0 +1,458 @@
|
|||
/**
|
||||
* A javascript implementation of a cryptographically-secure
|
||||
* Pseudo Random Number Generator (PRNG). The Fortuna algorithm is followed
|
||||
* here though the use of SHA-256 is not enforced; when generating an
|
||||
* a PRNG context, the hashing algorithm and block cipher used for
|
||||
* the generator are specified via a plugin.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2014 Digital Bazaar, Inc.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
var _nodejs = (
|
||||
typeof process !== 'undefined' && process.versions && process.versions.node);
|
||||
var _crypto = null;
|
||||
if(!forge.disableNativeCode && _nodejs && !process.versions['node-webkit']) {
|
||||
_crypto = require('crypto');
|
||||
}
|
||||
|
||||
/* PRNG API */
|
||||
var prng = forge.prng = forge.prng || {};
|
||||
|
||||
/**
|
||||
* Creates a new PRNG context.
|
||||
*
|
||||
* A PRNG plugin must be passed in that will provide:
|
||||
*
|
||||
* 1. A function that initializes the key and seed of a PRNG context. It
|
||||
* will be given a 16 byte key and a 16 byte seed. Any key expansion
|
||||
* or transformation of the seed from a byte string into an array of
|
||||
* integers (or similar) should be performed.
|
||||
* 2. The cryptographic function used by the generator. It takes a key and
|
||||
* a seed.
|
||||
* 3. A seed increment function. It takes the seed and returns seed + 1.
|
||||
* 4. An api to create a message digest.
|
||||
*
|
||||
* For an example, see random.js.
|
||||
*
|
||||
* @param plugin the PRNG plugin to use.
|
||||
*/
|
||||
prng.create = function(plugin) {
|
||||
var ctx = {
|
||||
plugin: plugin,
|
||||
key: null,
|
||||
seed: null,
|
||||
time: null,
|
||||
// number of reseeds so far
|
||||
reseeds: 0,
|
||||
// amount of data generated so far
|
||||
generated: 0
|
||||
};
|
||||
|
||||
// create 32 entropy pools (each is a message digest)
|
||||
var md = plugin.md;
|
||||
var pools = new Array(32);
|
||||
for(var i = 0; i < 32; ++i) {
|
||||
pools[i] = md.create();
|
||||
}
|
||||
ctx.pools = pools;
|
||||
|
||||
// entropy pools are written to cyclically, starting at index 0
|
||||
ctx.pool = 0;
|
||||
|
||||
/**
|
||||
* Generates random bytes. The bytes may be generated synchronously or
|
||||
* asynchronously. Web workers must use the asynchronous interface or
|
||||
* else the behavior is undefined.
|
||||
*
|
||||
* @param count the number of random bytes to generate.
|
||||
* @param [callback(err, bytes)] called once the operation completes.
|
||||
*
|
||||
* @return count random bytes as a string.
|
||||
*/
|
||||
ctx.generate = function(count, callback) {
|
||||
// do synchronously
|
||||
if(!callback) {
|
||||
return ctx.generateSync(count);
|
||||
}
|
||||
|
||||
// simple generator using counter-based CBC
|
||||
var cipher = ctx.plugin.cipher;
|
||||
var increment = ctx.plugin.increment;
|
||||
var formatKey = ctx.plugin.formatKey;
|
||||
var formatSeed = ctx.plugin.formatSeed;
|
||||
var b = forge.util.createBuffer();
|
||||
|
||||
// reset key for every request
|
||||
ctx.key = null;
|
||||
|
||||
generate();
|
||||
|
||||
function generate(err) {
|
||||
if(err) {
|
||||
return callback(err);
|
||||
}
|
||||
|
||||
// sufficient bytes generated
|
||||
if(b.length() >= count) {
|
||||
return callback(null, b.getBytes(count));
|
||||
}
|
||||
|
||||
// if amount of data generated is greater than 1 MiB, trigger reseed
|
||||
if(ctx.generated > 0xfffff) {
|
||||
ctx.key = null;
|
||||
}
|
||||
|
||||
if(ctx.key === null) {
|
||||
// prevent stack overflow
|
||||
return forge.util.nextTick(function() {
|
||||
_reseed(generate);
|
||||
});
|
||||
}
|
||||
|
||||
// generate the random bytes
|
||||
var bytes = cipher(ctx.key, ctx.seed);
|
||||
ctx.generated += bytes.length;
|
||||
b.putBytes(bytes);
|
||||
|
||||
// generate bytes for a new key and seed
|
||||
ctx.key = formatKey(cipher(ctx.key, increment(ctx.seed)));
|
||||
ctx.seed = formatSeed(cipher(ctx.key, ctx.seed));
|
||||
|
||||
forge.util.setImmediate(generate);
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* Generates random bytes synchronously.
|
||||
*
|
||||
* @param count the number of random bytes to generate.
|
||||
*
|
||||
* @return count random bytes as a string.
|
||||
*/
|
||||
ctx.generateSync = function(count) {
|
||||
// simple generator using counter-based CBC
|
||||
var cipher = ctx.plugin.cipher;
|
||||
var increment = ctx.plugin.increment;
|
||||
var formatKey = ctx.plugin.formatKey;
|
||||
var formatSeed = ctx.plugin.formatSeed;
|
||||
|
||||
// reset key for every request
|
||||
ctx.key = null;
|
||||
|
||||
var b = forge.util.createBuffer();
|
||||
while(b.length() < count) {
|
||||
// if amount of data generated is greater than 1 MiB, trigger reseed
|
||||
if(ctx.generated > 0xfffff) {
|
||||
ctx.key = null;
|
||||
}
|
||||
|
||||
if(ctx.key === null) {
|
||||
_reseedSync();
|
||||
}
|
||||
|
||||
// generate the random bytes
|
||||
var bytes = cipher(ctx.key, ctx.seed);
|
||||
ctx.generated += bytes.length;
|
||||
b.putBytes(bytes);
|
||||
|
||||
// generate bytes for a new key and seed
|
||||
ctx.key = formatKey(cipher(ctx.key, increment(ctx.seed)));
|
||||
ctx.seed = formatSeed(cipher(ctx.key, ctx.seed));
|
||||
}
|
||||
|
||||
return b.getBytes(count);
|
||||
};
|
||||
|
||||
/**
|
||||
* Private function that asynchronously reseeds a generator.
|
||||
*
|
||||
* @param callback(err) called once the operation completes.
|
||||
*/
|
||||
function _reseed(callback) {
|
||||
if(ctx.pools[0].messageLength >= 32) {
|
||||
_seed();
|
||||
return callback();
|
||||
}
|
||||
// not enough seed data...
|
||||
var needed = (32 - ctx.pools[0].messageLength) << 5;
|
||||
ctx.seedFile(needed, function(err, bytes) {
|
||||
if(err) {
|
||||
return callback(err);
|
||||
}
|
||||
ctx.collect(bytes);
|
||||
_seed();
|
||||
callback();
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Private function that synchronously reseeds a generator.
|
||||
*/
|
||||
function _reseedSync() {
|
||||
if(ctx.pools[0].messageLength >= 32) {
|
||||
return _seed();
|
||||
}
|
||||
// not enough seed data...
|
||||
var needed = (32 - ctx.pools[0].messageLength) << 5;
|
||||
ctx.collect(ctx.seedFileSync(needed));
|
||||
_seed();
|
||||
}
|
||||
|
||||
/**
|
||||
* Private function that seeds a generator once enough bytes are available.
|
||||
*/
|
||||
function _seed() {
|
||||
// create a plugin-based message digest
|
||||
var md = ctx.plugin.md.create();
|
||||
|
||||
// digest pool 0's entropy and restart it
|
||||
md.update(ctx.pools[0].digest().getBytes());
|
||||
ctx.pools[0].start();
|
||||
|
||||
// digest the entropy of other pools whose index k meet the
|
||||
// condition '2^k mod n == 0' where n is the number of reseeds
|
||||
var k = 1;
|
||||
for(var i = 1; i < 32; ++i) {
|
||||
// prevent signed numbers from being used
|
||||
k = (k === 31) ? 0x80000000 : (k << 2);
|
||||
if(k % ctx.reseeds === 0) {
|
||||
md.update(ctx.pools[i].digest().getBytes());
|
||||
ctx.pools[i].start();
|
||||
}
|
||||
}
|
||||
|
||||
// get digest for key bytes and iterate again for seed bytes
|
||||
var keyBytes = md.digest().getBytes();
|
||||
md.start();
|
||||
md.update(keyBytes);
|
||||
var seedBytes = md.digest().getBytes();
|
||||
|
||||
// update
|
||||
ctx.key = ctx.plugin.formatKey(keyBytes);
|
||||
ctx.seed = ctx.plugin.formatSeed(seedBytes);
|
||||
ctx.reseeds = (ctx.reseeds === 0xffffffff) ? 0 : ctx.reseeds + 1;
|
||||
ctx.generated = 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* The built-in default seedFile. This seedFile is used when entropy
|
||||
* is needed immediately.
|
||||
*
|
||||
* @param needed the number of bytes that are needed.
|
||||
*
|
||||
* @return the random bytes.
|
||||
*/
|
||||
function defaultSeedFile(needed) {
|
||||
// use window.crypto.getRandomValues strong source of entropy if available
|
||||
var getRandomValues = null;
|
||||
if(typeof window !== 'undefined') {
|
||||
var _crypto = window.crypto || window.msCrypto;
|
||||
if(_crypto && _crypto.getRandomValues) {
|
||||
getRandomValues = function(arr) {
|
||||
return _crypto.getRandomValues(arr);
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
var b = forge.util.createBuffer();
|
||||
if(getRandomValues) {
|
||||
while(b.length() < needed) {
|
||||
// max byte length is 65536 before QuotaExceededError is thrown
|
||||
// http://www.w3.org/TR/WebCryptoAPI/#RandomSource-method-getRandomValues
|
||||
var count = Math.max(1, Math.min(needed - b.length(), 65536) / 4);
|
||||
var entropy = new Uint32Array(Math.floor(count));
|
||||
try {
|
||||
getRandomValues(entropy);
|
||||
for(var i = 0; i < entropy.length; ++i) {
|
||||
b.putInt32(entropy[i]);
|
||||
}
|
||||
} catch(e) {
|
||||
/* only ignore QuotaExceededError */
|
||||
if(!(typeof QuotaExceededError !== 'undefined' &&
|
||||
e instanceof QuotaExceededError)) {
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// be sad and add some weak random data
|
||||
if(b.length() < needed) {
|
||||
/* Draws from Park-Miller "minimal standard" 31 bit PRNG,
|
||||
implemented with David G. Carta's optimization: with 32 bit math
|
||||
and without division (Public Domain). */
|
||||
var hi, lo, next;
|
||||
var seed = Math.floor(Math.random() * 0x010000);
|
||||
while(b.length() < needed) {
|
||||
lo = 16807 * (seed & 0xFFFF);
|
||||
hi = 16807 * (seed >> 16);
|
||||
lo += (hi & 0x7FFF) << 16;
|
||||
lo += hi >> 15;
|
||||
lo = (lo & 0x7FFFFFFF) + (lo >> 31);
|
||||
seed = lo & 0xFFFFFFFF;
|
||||
|
||||
// consume lower 3 bytes of seed
|
||||
for(var i = 0; i < 3; ++i) {
|
||||
// throw in more pseudo random
|
||||
next = seed >>> (i << 3);
|
||||
next ^= Math.floor(Math.random() * 0x0100);
|
||||
b.putByte(String.fromCharCode(next & 0xFF));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return b.getBytes(needed);
|
||||
}
|
||||
// initialize seed file APIs
|
||||
if(_crypto) {
|
||||
// use nodejs async API
|
||||
ctx.seedFile = function(needed, callback) {
|
||||
_crypto.randomBytes(needed, function(err, bytes) {
|
||||
if(err) {
|
||||
return callback(err);
|
||||
}
|
||||
callback(null, bytes.toString());
|
||||
});
|
||||
};
|
||||
// use nodejs sync API
|
||||
ctx.seedFileSync = function(needed) {
|
||||
return _crypto.randomBytes(needed).toString();
|
||||
};
|
||||
} else {
|
||||
ctx.seedFile = function(needed, callback) {
|
||||
try {
|
||||
callback(null, defaultSeedFile(needed));
|
||||
} catch(e) {
|
||||
callback(e);
|
||||
}
|
||||
};
|
||||
ctx.seedFileSync = defaultSeedFile;
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds entropy to a prng ctx's accumulator.
|
||||
*
|
||||
* @param bytes the bytes of entropy as a string.
|
||||
*/
|
||||
ctx.collect = function(bytes) {
|
||||
// iterate over pools distributing entropy cyclically
|
||||
var count = bytes.length;
|
||||
for(var i = 0; i < count; ++i) {
|
||||
ctx.pools[ctx.pool].update(bytes.substr(i, 1));
|
||||
ctx.pool = (ctx.pool === 31) ? 0 : ctx.pool + 1;
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* Collects an integer of n bits.
|
||||
*
|
||||
* @param i the integer entropy.
|
||||
* @param n the number of bits in the integer.
|
||||
*/
|
||||
ctx.collectInt = function(i, n) {
|
||||
var bytes = '';
|
||||
for(var x = 0; x < n; x += 8) {
|
||||
bytes += String.fromCharCode((i >> x) & 0xFF);
|
||||
}
|
||||
ctx.collect(bytes);
|
||||
};
|
||||
|
||||
/**
|
||||
* Registers a Web Worker to receive immediate entropy from the main thread.
|
||||
* This method is required until Web Workers can access the native crypto
|
||||
* API. This method should be called twice for each created worker, once in
|
||||
* the main thread, and once in the worker itself.
|
||||
*
|
||||
* @param worker the worker to register.
|
||||
*/
|
||||
ctx.registerWorker = function(worker) {
|
||||
// worker receives random bytes
|
||||
if(worker === self) {
|
||||
ctx.seedFile = function(needed, callback) {
|
||||
function listener(e) {
|
||||
var data = e.data;
|
||||
if(data.forge && data.forge.prng) {
|
||||
self.removeEventListener('message', listener);
|
||||
callback(data.forge.prng.err, data.forge.prng.bytes);
|
||||
}
|
||||
}
|
||||
self.addEventListener('message', listener);
|
||||
self.postMessage({forge: {prng: {needed: needed}}});
|
||||
};
|
||||
} else {
|
||||
// main thread sends random bytes upon request
|
||||
var listener = function(e) {
|
||||
var data = e.data;
|
||||
if(data.forge && data.forge.prng) {
|
||||
ctx.seedFile(data.forge.prng.needed, function(err, bytes) {
|
||||
worker.postMessage({forge: {prng: {err: err, bytes: bytes}}});
|
||||
});
|
||||
}
|
||||
};
|
||||
// TODO: do we need to remove the event listener when the worker dies?
|
||||
worker.addEventListener('message', listener);
|
||||
}
|
||||
};
|
||||
|
||||
return ctx;
|
||||
};
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'prng';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './md', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
|
||||
})();
|
|
@ -0,0 +1,237 @@
|
|||
/**
|
||||
* An API for getting cryptographically-secure random bytes. The bytes are
|
||||
* generated using the Fortuna algorithm devised by Bruce Schneier and
|
||||
* Niels Ferguson.
|
||||
*
|
||||
* Getting strong random bytes is not yet easy to do in javascript. The only
|
||||
* truish random entropy that can be collected is from the mouse, keyboard, or
|
||||
* from timing with respect to page loads, etc. This generator makes a poor
|
||||
* attempt at providing random bytes when those sources haven't yet provided
|
||||
* enough entropy to initially seed or to reseed the PRNG.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2009-2014 Digital Bazaar, Inc.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
// forge.random already defined
|
||||
if(forge.random && forge.random.getBytes) {
|
||||
return;
|
||||
}
|
||||
|
||||
(function(jQuery) {
|
||||
|
||||
// the default prng plugin, uses AES-128
|
||||
var prng_aes = {};
|
||||
var _prng_aes_output = new Array(4);
|
||||
var _prng_aes_buffer = forge.util.createBuffer();
|
||||
prng_aes.formatKey = function(key) {
|
||||
// convert the key into 32-bit integers
|
||||
var tmp = forge.util.createBuffer(key);
|
||||
key = new Array(4);
|
||||
key[0] = tmp.getInt32();
|
||||
key[1] = tmp.getInt32();
|
||||
key[2] = tmp.getInt32();
|
||||
key[3] = tmp.getInt32();
|
||||
|
||||
// return the expanded key
|
||||
return forge.aes._expandKey(key, false);
|
||||
};
|
||||
prng_aes.formatSeed = function(seed) {
|
||||
// convert seed into 32-bit integers
|
||||
var tmp = forge.util.createBuffer(seed);
|
||||
seed = new Array(4);
|
||||
seed[0] = tmp.getInt32();
|
||||
seed[1] = tmp.getInt32();
|
||||
seed[2] = tmp.getInt32();
|
||||
seed[3] = tmp.getInt32();
|
||||
return seed;
|
||||
};
|
||||
prng_aes.cipher = function(key, seed) {
|
||||
forge.aes._updateBlock(key, seed, _prng_aes_output, false);
|
||||
_prng_aes_buffer.putInt32(_prng_aes_output[0]);
|
||||
_prng_aes_buffer.putInt32(_prng_aes_output[1]);
|
||||
_prng_aes_buffer.putInt32(_prng_aes_output[2]);
|
||||
_prng_aes_buffer.putInt32(_prng_aes_output[3]);
|
||||
return _prng_aes_buffer.getBytes();
|
||||
};
|
||||
prng_aes.increment = function(seed) {
|
||||
// FIXME: do we care about carry or signed issues?
|
||||
++seed[3];
|
||||
return seed;
|
||||
};
|
||||
prng_aes.md = forge.md.sha256;
|
||||
|
||||
/**
|
||||
* Creates a new PRNG.
|
||||
*/
|
||||
function spawnPrng() {
|
||||
var ctx = forge.prng.create(prng_aes);
|
||||
|
||||
/**
|
||||
* Gets random bytes. If a native secure crypto API is unavailable, this
|
||||
* method tries to make the bytes more unpredictable by drawing from data that
|
||||
* can be collected from the user of the browser, eg: mouse movement.
|
||||
*
|
||||
* If a callback is given, this method will be called asynchronously.
|
||||
*
|
||||
* @param count the number of random bytes to get.
|
||||
* @param [callback(err, bytes)] called once the operation completes.
|
||||
*
|
||||
* @return the random bytes in a string.
|
||||
*/
|
||||
ctx.getBytes = function(count, callback) {
|
||||
return ctx.generate(count, callback);
|
||||
};
|
||||
|
||||
/**
|
||||
* Gets random bytes asynchronously. If a native secure crypto API is
|
||||
* unavailable, this method tries to make the bytes more unpredictable by
|
||||
* drawing from data that can be collected from the user of the browser,
|
||||
* eg: mouse movement.
|
||||
*
|
||||
* @param count the number of random bytes to get.
|
||||
*
|
||||
* @return the random bytes in a string.
|
||||
*/
|
||||
ctx.getBytesSync = function(count) {
|
||||
return ctx.generate(count);
|
||||
};
|
||||
|
||||
return ctx;
|
||||
}
|
||||
|
||||
// create default prng context
|
||||
var _ctx = spawnPrng();
|
||||
|
||||
// add other sources of entropy only if window.crypto.getRandomValues is not
|
||||
// available -- otherwise this source will be automatically used by the prng
|
||||
var _nodejs = (
|
||||
typeof process !== 'undefined' && process.versions && process.versions.node);
|
||||
var getRandomValues = null;
|
||||
if(typeof window !== 'undefined') {
|
||||
var _crypto = window.crypto || window.msCrypto;
|
||||
if(_crypto && _crypto.getRandomValues) {
|
||||
getRandomValues = function(arr) {
|
||||
return _crypto.getRandomValues(arr);
|
||||
};
|
||||
}
|
||||
}
|
||||
if(forge.disableNativeCode || (!_nodejs && !getRandomValues)) {
|
||||
// if this is a web worker, do not use weak entropy, instead register to
|
||||
// receive strong entropy asynchronously from the main thread
|
||||
if(typeof window === 'undefined' || window.document === undefined) {
|
||||
// FIXME:
|
||||
}
|
||||
|
||||
// get load time entropy
|
||||
_ctx.collectInt(+new Date(), 32);
|
||||
|
||||
// add some entropy from navigator object
|
||||
if(typeof(navigator) !== 'undefined') {
|
||||
var _navBytes = '';
|
||||
for(var key in navigator) {
|
||||
try {
|
||||
if(typeof(navigator[key]) == 'string') {
|
||||
_navBytes += navigator[key];
|
||||
}
|
||||
} catch(e) {
|
||||
/* Some navigator keys might not be accessible, e.g. the geolocation
|
||||
attribute throws an exception if touched in Mozilla chrome://
|
||||
context.
|
||||
|
||||
Silently ignore this and just don't use this as a source of
|
||||
entropy. */
|
||||
}
|
||||
}
|
||||
_ctx.collect(_navBytes);
|
||||
_navBytes = null;
|
||||
}
|
||||
|
||||
// add mouse and keyboard collectors if jquery is available
|
||||
if(jQuery) {
|
||||
// set up mouse entropy capture
|
||||
jQuery().mousemove(function(e) {
|
||||
// add mouse coords
|
||||
_ctx.collectInt(e.clientX, 16);
|
||||
_ctx.collectInt(e.clientY, 16);
|
||||
});
|
||||
|
||||
// set up keyboard entropy capture
|
||||
jQuery().keypress(function(e) {
|
||||
_ctx.collectInt(e.charCode, 8);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/* Random API */
|
||||
if(!forge.random) {
|
||||
forge.random = _ctx;
|
||||
} else {
|
||||
// extend forge.random with _ctx
|
||||
for(var key in _ctx) {
|
||||
forge.random[key] = _ctx[key];
|
||||
}
|
||||
}
|
||||
|
||||
// expose spawn PRNG
|
||||
forge.random.createInstance = spawnPrng;
|
||||
|
||||
})(typeof(jQuery) !== 'undefined' ? jQuery : null);
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'random';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './aes', './md', './prng', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
})();
|
|
@ -0,0 +1,369 @@
|
|||
/**
|
||||
* Secure Hash Algorithm with 160-bit digest (SHA-1) implementation.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2015 Digital Bazaar, Inc.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
var sha1 = forge.sha1 = forge.sha1 || {};
|
||||
forge.md = forge.md || {};
|
||||
forge.md.algorithms = forge.md.algorithms || {};
|
||||
forge.md.sha1 = forge.md.algorithms.sha1 = sha1;
|
||||
|
||||
/**
|
||||
* Creates a SHA-1 message digest object.
|
||||
*
|
||||
* @return a message digest object.
|
||||
*/
|
||||
sha1.create = function() {
|
||||
// do initialization as necessary
|
||||
if(!_initialized) {
|
||||
_init();
|
||||
}
|
||||
|
||||
// SHA-1 state contains five 32-bit integers
|
||||
var _state = null;
|
||||
|
||||
// input buffer
|
||||
var _input = forge.util.createBuffer();
|
||||
|
||||
// used for word storage
|
||||
var _w = new Array(80);
|
||||
|
||||
// message digest object
|
||||
var md = {
|
||||
algorithm: 'sha1',
|
||||
blockLength: 64,
|
||||
digestLength: 20,
|
||||
// 56-bit length of message so far (does not including padding)
|
||||
messageLength: 0,
|
||||
// true message length
|
||||
fullMessageLength: null,
|
||||
// size of message length in bytes
|
||||
messageLengthSize: 8
|
||||
};
|
||||
|
||||
/**
|
||||
* Starts the digest.
|
||||
*
|
||||
* @return this digest object.
|
||||
*/
|
||||
md.start = function() {
|
||||
// up to 56-bit message length for convenience
|
||||
md.messageLength = 0;
|
||||
|
||||
// full message length (set md.messageLength64 for backwards-compatibility)
|
||||
md.fullMessageLength = md.messageLength64 = [];
|
||||
var int32s = md.messageLengthSize / 4;
|
||||
for(var i = 0; i < int32s; ++i) {
|
||||
md.fullMessageLength.push(0);
|
||||
}
|
||||
_input = forge.util.createBuffer();
|
||||
_state = {
|
||||
h0: 0x67452301,
|
||||
h1: 0xEFCDAB89,
|
||||
h2: 0x98BADCFE,
|
||||
h3: 0x10325476,
|
||||
h4: 0xC3D2E1F0
|
||||
};
|
||||
return md;
|
||||
};
|
||||
// start digest automatically for first time
|
||||
md.start();
|
||||
|
||||
/**
|
||||
* Updates the digest with the given message input. The given input can
|
||||
* treated as raw input (no encoding will be applied) or an encoding of
|
||||
* 'utf8' maybe given to encode the input using UTF-8.
|
||||
*
|
||||
* @param msg the message input to update with.
|
||||
* @param encoding the encoding to use (default: 'raw', other: 'utf8').
|
||||
*
|
||||
* @return this digest object.
|
||||
*/
|
||||
md.update = function(msg, encoding) {
|
||||
if(encoding === 'utf8') {
|
||||
msg = forge.util.encodeUtf8(msg);
|
||||
}
|
||||
|
||||
// update message length
|
||||
var len = msg.length;
|
||||
md.messageLength += len;
|
||||
len = [(len / 0x100000000) >>> 0, len >>> 0];
|
||||
for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
|
||||
md.fullMessageLength[i] += len[1];
|
||||
len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
|
||||
md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
|
||||
len[0] = ((len[1] / 0x100000000) >>> 0);
|
||||
}
|
||||
|
||||
// add bytes to input buffer
|
||||
_input.putBytes(msg);
|
||||
|
||||
// process bytes
|
||||
_update(_state, _w, _input);
|
||||
|
||||
// compact input buffer every 2K or if empty
|
||||
if(_input.read > 2048 || _input.length() === 0) {
|
||||
_input.compact();
|
||||
}
|
||||
|
||||
return md;
|
||||
};
|
||||
|
||||
/**
|
||||
* Produces the digest.
|
||||
*
|
||||
* @return a byte buffer containing the digest value.
|
||||
*/
|
||||
md.digest = function() {
|
||||
/* Note: Here we copy the remaining bytes in the input buffer and
|
||||
add the appropriate SHA-1 padding. Then we do the final update
|
||||
on a copy of the state so that if the user wants to get
|
||||
intermediate digests they can do so. */
|
||||
|
||||
/* Determine the number of bytes that must be added to the message
|
||||
to ensure its length is congruent to 448 mod 512. In other words,
|
||||
the data to be digested must be a multiple of 512 bits (or 128 bytes).
|
||||
This data includes the message, some padding, and the length of the
|
||||
message. Since the length of the message will be encoded as 8 bytes (64
|
||||
bits), that means that the last segment of the data must have 56 bytes
|
||||
(448 bits) of message and padding. Therefore, the length of the message
|
||||
plus the padding must be congruent to 448 mod 512 because
|
||||
512 - 128 = 448.
|
||||
|
||||
In order to fill up the message length it must be filled with
|
||||
padding that begins with 1 bit followed by all 0 bits. Padding
|
||||
must *always* be present, so if the message length is already
|
||||
congruent to 448 mod 512, then 512 padding bits must be added. */
|
||||
|
||||
var finalBlock = forge.util.createBuffer();
|
||||
finalBlock.putBytes(_input.bytes());
|
||||
|
||||
// compute remaining size to be digested (include message length size)
|
||||
var remaining = (
|
||||
md.fullMessageLength[md.fullMessageLength.length - 1] +
|
||||
md.messageLengthSize);
|
||||
|
||||
// add padding for overflow blockSize - overflow
|
||||
// _padding starts with 1 byte with first bit is set (byte value 128), then
|
||||
// there may be up to (blockSize - 1) other pad bytes
|
||||
var overflow = remaining & (md.blockLength - 1);
|
||||
finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
|
||||
|
||||
// serialize message length in bits in big-endian order; since length
|
||||
// is stored in bytes we multiply by 8 and add carry from next int
|
||||
var messageLength = forge.util.createBuffer();
|
||||
var next, carry;
|
||||
var bits = md.fullMessageLength[0] * 8;
|
||||
for(var i = 0; i < md.fullMessageLength.length; ++i) {
|
||||
next = md.fullMessageLength[i + 1] * 8;
|
||||
carry = (next / 0x100000000) >>> 0;
|
||||
bits += carry;
|
||||
finalBlock.putInt32(bits >>> 0);
|
||||
bits = next;
|
||||
}
|
||||
|
||||
var s2 = {
|
||||
h0: _state.h0,
|
||||
h1: _state.h1,
|
||||
h2: _state.h2,
|
||||
h3: _state.h3,
|
||||
h4: _state.h4
|
||||
};
|
||||
_update(s2, _w, finalBlock);
|
||||
var rval = forge.util.createBuffer();
|
||||
rval.putInt32(s2.h0);
|
||||
rval.putInt32(s2.h1);
|
||||
rval.putInt32(s2.h2);
|
||||
rval.putInt32(s2.h3);
|
||||
rval.putInt32(s2.h4);
|
||||
return rval;
|
||||
};
|
||||
|
||||
return md;
|
||||
};
|
||||
|
||||
// sha-1 padding bytes not initialized yet
|
||||
var _padding = null;
|
||||
var _initialized = false;
|
||||
|
||||
/**
|
||||
* Initializes the constant tables.
|
||||
*/
|
||||
function _init() {
|
||||
// create padding
|
||||
_padding = String.fromCharCode(128);
|
||||
_padding += forge.util.fillString(String.fromCharCode(0x00), 64);
|
||||
|
||||
// now initialized
|
||||
_initialized = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates a SHA-1 state with the given byte buffer.
|
||||
*
|
||||
* @param s the SHA-1 state to update.
|
||||
* @param w the array to use to store words.
|
||||
* @param bytes the byte buffer to update with.
|
||||
*/
|
||||
function _update(s, w, bytes) {
|
||||
// consume 512 bit (64 byte) chunks
|
||||
var t, a, b, c, d, e, f, i;
|
||||
var len = bytes.length();
|
||||
while(len >= 64) {
|
||||
// the w array will be populated with sixteen 32-bit big-endian words
|
||||
// and then extended into 80 32-bit words according to SHA-1 algorithm
|
||||
// and for 32-79 using Max Locktyukhin's optimization
|
||||
|
||||
// initialize hash value for this chunk
|
||||
a = s.h0;
|
||||
b = s.h1;
|
||||
c = s.h2;
|
||||
d = s.h3;
|
||||
e = s.h4;
|
||||
|
||||
// round 1
|
||||
for(i = 0; i < 16; ++i) {
|
||||
t = bytes.getInt32();
|
||||
w[i] = t;
|
||||
f = d ^ (b & (c ^ d));
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0x5A827999 + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
for(; i < 20; ++i) {
|
||||
t = (w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16]);
|
||||
t = (t << 1) | (t >>> 31);
|
||||
w[i] = t;
|
||||
f = d ^ (b & (c ^ d));
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0x5A827999 + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
// round 2
|
||||
for(; i < 32; ++i) {
|
||||
t = (w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16]);
|
||||
t = (t << 1) | (t >>> 31);
|
||||
w[i] = t;
|
||||
f = b ^ c ^ d;
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0x6ED9EBA1 + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
for(; i < 40; ++i) {
|
||||
t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
|
||||
t = (t << 2) | (t >>> 30);
|
||||
w[i] = t;
|
||||
f = b ^ c ^ d;
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0x6ED9EBA1 + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
// round 3
|
||||
for(; i < 60; ++i) {
|
||||
t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
|
||||
t = (t << 2) | (t >>> 30);
|
||||
w[i] = t;
|
||||
f = (b & c) | (d & (b ^ c));
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0x8F1BBCDC + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
// round 4
|
||||
for(; i < 80; ++i) {
|
||||
t = (w[i - 6] ^ w[i - 16] ^ w[i - 28] ^ w[i - 32]);
|
||||
t = (t << 2) | (t >>> 30);
|
||||
w[i] = t;
|
||||
f = b ^ c ^ d;
|
||||
t = ((a << 5) | (a >>> 27)) + f + e + 0xCA62C1D6 + t;
|
||||
e = d;
|
||||
d = c;
|
||||
c = (b << 30) | (b >>> 2);
|
||||
b = a;
|
||||
a = t;
|
||||
}
|
||||
|
||||
// update hash state
|
||||
s.h0 = (s.h0 + a) | 0;
|
||||
s.h1 = (s.h1 + b) | 0;
|
||||
s.h2 = (s.h2 + c) | 0;
|
||||
s.h3 = (s.h3 + d) | 0;
|
||||
s.h4 = (s.h4 + e) | 0;
|
||||
|
||||
len -= 64;
|
||||
}
|
||||
}
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'sha1';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
})();
|
|
@ -0,0 +1,379 @@
|
|||
/**
|
||||
* Secure Hash Algorithm with 256-bit digest (SHA-256) implementation.
|
||||
*
|
||||
* See FIPS 180-2 for details.
|
||||
*
|
||||
* @author Dave Longley
|
||||
*
|
||||
* Copyright (c) 2010-2015 Digital Bazaar, Inc.
|
||||
*/
|
||||
(function() {
|
||||
/* ########## Begin module implementation ########## */
|
||||
function initModule(forge) {
|
||||
|
||||
var sha256 = forge.sha256 = forge.sha256 || {};
|
||||
forge.md = forge.md || {};
|
||||
forge.md.algorithms = forge.md.algorithms || {};
|
||||
forge.md.sha256 = forge.md.algorithms.sha256 = sha256;
|
||||
|
||||
/**
|
||||
* Creates a SHA-256 message digest object.
|
||||
*
|
||||
* @return a message digest object.
|
||||
*/
|
||||
sha256.create = function() {
|
||||
// do initialization as necessary
|
||||
if(!_initialized) {
|
||||
_init();
|
||||
}
|
||||
|
||||
// SHA-256 state contains eight 32-bit integers
|
||||
var _state = null;
|
||||
|
||||
// input buffer
|
||||
var _input = forge.util.createBuffer();
|
||||
|
||||
// used for word storage
|
||||
var _w = new Array(64);
|
||||
|
||||
// message digest object
|
||||
var md = {
|
||||
algorithm: 'sha256',
|
||||
blockLength: 64,
|
||||
digestLength: 32,
|
||||
// 56-bit length of message so far (does not including padding)
|
||||
messageLength: 0,
|
||||
// true message length
|
||||
fullMessageLength: null,
|
||||
// size of message length in bytes
|
||||
messageLengthSize: 8
|
||||
};
|
||||
|
||||
/**
|
||||
* Starts the digest.
|
||||
*
|
||||
* @return this digest object.
|
||||
*/
|
||||
md.start = function() {
|
||||
// up to 56-bit message length for convenience
|
||||
md.messageLength = 0;
|
||||
|
||||
// full message length (set md.messageLength64 for backwards-compatibility)
|
||||
md.fullMessageLength = md.messageLength64 = [];
|
||||
var int32s = md.messageLengthSize / 4;
|
||||
for(var i = 0; i < int32s; ++i) {
|
||||
md.fullMessageLength.push(0);
|
||||
}
|
||||
_input = forge.util.createBuffer();
|
||||
_state = {
|
||||
h0: 0x6A09E667,
|
||||
h1: 0xBB67AE85,
|
||||
h2: 0x3C6EF372,
|
||||
h3: 0xA54FF53A,
|
||||
h4: 0x510E527F,
|
||||
h5: 0x9B05688C,
|
||||
h6: 0x1F83D9AB,
|
||||
h7: 0x5BE0CD19
|
||||
};
|
||||
return md;
|
||||
};
|
||||
// start digest automatically for first time
|
||||
md.start();
|
||||
|
||||
/**
|
||||
* Updates the digest with the given message input. The given input can
|
||||
* treated as raw input (no encoding will be applied) or an encoding of
|
||||
* 'utf8' maybe given to encode the input using UTF-8.
|
||||
*
|
||||
* @param msg the message input to update with.
|
||||
* @param encoding the encoding to use (default: 'raw', other: 'utf8').
|
||||
*
|
||||
* @return this digest object.
|
||||
*/
|
||||
md.update = function(msg, encoding) {
|
||||
if(encoding === 'utf8') {
|
||||
msg = forge.util.encodeUtf8(msg);
|
||||
}
|
||||
|
||||
// update message length
|
||||
var len = msg.length;
|
||||
md.messageLength += len;
|
||||
len = [(len / 0x100000000) >>> 0, len >>> 0];
|
||||
for(var i = md.fullMessageLength.length - 1; i >= 0; --i) {
|
||||
md.fullMessageLength[i] += len[1];
|
||||
len[1] = len[0] + ((md.fullMessageLength[i] / 0x100000000) >>> 0);
|
||||
md.fullMessageLength[i] = md.fullMessageLength[i] >>> 0;
|
||||
len[0] = ((len[1] / 0x100000000) >>> 0);
|
||||
}
|
||||
|
||||
// add bytes to input buffer
|
||||
_input.putBytes(msg);
|
||||
|
||||
// process bytes
|
||||
_update(_state, _w, _input);
|
||||
|
||||
// compact input buffer every 2K or if empty
|
||||
if(_input.read > 2048 || _input.length() === 0) {
|
||||
_input.compact();
|
||||
}
|
||||
|
||||
return md;
|
||||
};
|
||||
|
||||
/**
|
||||
* Produces the digest.
|
||||
*
|
||||
* @return a byte buffer containing the digest value.
|
||||
*/
|
||||
md.digest = function() {
|
||||
/* Note: Here we copy the remaining bytes in the input buffer and
|
||||
add the appropriate SHA-256 padding. Then we do the final update
|
||||
on a copy of the state so that if the user wants to get
|
||||
intermediate digests they can do so. */
|
||||
|
||||
/* Determine the number of bytes that must be added to the message
|
||||
to ensure its length is congruent to 448 mod 512. In other words,
|
||||
the data to be digested must be a multiple of 512 bits (or 128 bytes).
|
||||
This data includes the message, some padding, and the length of the
|
||||
message. Since the length of the message will be encoded as 8 bytes (64
|
||||
bits), that means that the last segment of the data must have 56 bytes
|
||||
(448 bits) of message and padding. Therefore, the length of the message
|
||||
plus the padding must be congruent to 448 mod 512 because
|
||||
512 - 128 = 448.
|
||||
|
||||
In order to fill up the message length it must be filled with
|
||||
padding that begins with 1 bit followed by all 0 bits. Padding
|
||||
must *always* be present, so if the message length is already
|
||||
congruent to 448 mod 512, then 512 padding bits must be added. */
|
||||
|
||||
var finalBlock = forge.util.createBuffer();
|
||||
finalBlock.putBytes(_input.bytes());
|
||||
|
||||
// compute remaining size to be digested (include message length size)
|
||||
var remaining = (
|
||||
md.fullMessageLength[md.fullMessageLength.length - 1] +
|
||||
md.messageLengthSize);
|
||||
|
||||
// add padding for overflow blockSize - overflow
|
||||
// _padding starts with 1 byte with first bit is set (byte value 128), then
|
||||
// there may be up to (blockSize - 1) other pad bytes
|
||||
var overflow = remaining & (md.blockLength - 1);
|
||||
finalBlock.putBytes(_padding.substr(0, md.blockLength - overflow));
|
||||
|
||||
// serialize message length in bits in big-endian order; since length
|
||||
// is stored in bytes we multiply by 8 and add carry from next int
|
||||
var messageLength = forge.util.createBuffer();
|
||||
var next, carry;
|
||||
var bits = md.fullMessageLength[0] * 8;
|
||||
for(var i = 0; i < md.fullMessageLength.length; ++i) {
|
||||
next = md.fullMessageLength[i + 1] * 8;
|
||||
carry = (next / 0x100000000) >>> 0;
|
||||
bits += carry;
|
||||
finalBlock.putInt32(bits >>> 0);
|
||||
bits = next;
|
||||
}
|
||||
|
||||
var s2 = {
|
||||
h0: _state.h0,
|
||||
h1: _state.h1,
|
||||
h2: _state.h2,
|
||||
h3: _state.h3,
|
||||
h4: _state.h4,
|
||||
h5: _state.h5,
|
||||
h6: _state.h6,
|
||||
h7: _state.h7
|
||||
};
|
||||
_update(s2, _w, finalBlock);
|
||||
var rval = forge.util.createBuffer();
|
||||
rval.putInt32(s2.h0);
|
||||
rval.putInt32(s2.h1);
|
||||
rval.putInt32(s2.h2);
|
||||
rval.putInt32(s2.h3);
|
||||
rval.putInt32(s2.h4);
|
||||
rval.putInt32(s2.h5);
|
||||
rval.putInt32(s2.h6);
|
||||
rval.putInt32(s2.h7);
|
||||
return rval;
|
||||
};
|
||||
|
||||
return md;
|
||||
};
|
||||
|
||||
// sha-256 padding bytes not initialized yet
|
||||
var _padding = null;
|
||||
var _initialized = false;
|
||||
|
||||
// table of constants
|
||||
var _k = null;
|
||||
|
||||
/**
|
||||
* Initializes the constant tables.
|
||||
*/
|
||||
function _init() {
|
||||
// create padding
|
||||
_padding = String.fromCharCode(128);
|
||||
_padding += forge.util.fillString(String.fromCharCode(0x00), 64);
|
||||
|
||||
// create K table for SHA-256
|
||||
_k = [
|
||||
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
|
||||
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
||||
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
|
||||
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
||||
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
|
||||
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
||||
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
|
||||
0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
||||
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
|
||||
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
||||
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
|
||||
0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
||||
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
|
||||
0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
||||
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
|
||||
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2];
|
||||
|
||||
// now initialized
|
||||
_initialized = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates a SHA-256 state with the given byte buffer.
|
||||
*
|
||||
* @param s the SHA-256 state to update.
|
||||
* @param w the array to use to store words.
|
||||
* @param bytes the byte buffer to update with.
|
||||
*/
|
||||
function _update(s, w, bytes) {
|
||||
// consume 512 bit (64 byte) chunks
|
||||
var t1, t2, s0, s1, ch, maj, i, a, b, c, d, e, f, g, h;
|
||||
var len = bytes.length();
|
||||
while(len >= 64) {
|
||||
// the w array will be populated with sixteen 32-bit big-endian words
|
||||
// and then extended into 64 32-bit words according to SHA-256
|
||||
for(i = 0; i < 16; ++i) {
|
||||
w[i] = bytes.getInt32();
|
||||
}
|
||||
for(; i < 64; ++i) {
|
||||
// XOR word 2 words ago rot right 17, rot right 19, shft right 10
|
||||
t1 = w[i - 2];
|
||||
t1 =
|
||||
((t1 >>> 17) | (t1 << 15)) ^
|
||||
((t1 >>> 19) | (t1 << 13)) ^
|
||||
(t1 >>> 10);
|
||||
// XOR word 15 words ago rot right 7, rot right 18, shft right 3
|
||||
t2 = w[i - 15];
|
||||
t2 =
|
||||
((t2 >>> 7) | (t2 << 25)) ^
|
||||
((t2 >>> 18) | (t2 << 14)) ^
|
||||
(t2 >>> 3);
|
||||
// sum(t1, word 7 ago, t2, word 16 ago) modulo 2^32
|
||||
w[i] = (t1 + w[i - 7] + t2 + w[i - 16]) | 0;
|
||||
}
|
||||
|
||||
// initialize hash value for this chunk
|
||||
a = s.h0;
|
||||
b = s.h1;
|
||||
c = s.h2;
|
||||
d = s.h3;
|
||||
e = s.h4;
|
||||
f = s.h5;
|
||||
g = s.h6;
|
||||
h = s.h7;
|
||||
|
||||
// round function
|
||||
for(i = 0; i < 64; ++i) {
|
||||
// Sum1(e)
|
||||
s1 =
|
||||
((e >>> 6) | (e << 26)) ^
|
||||
((e >>> 11) | (e << 21)) ^
|
||||
((e >>> 25) | (e << 7));
|
||||
// Ch(e, f, g) (optimized the same way as SHA-1)
|
||||
ch = g ^ (e & (f ^ g));
|
||||
// Sum0(a)
|
||||
s0 =
|
||||
((a >>> 2) | (a << 30)) ^
|
||||
((a >>> 13) | (a << 19)) ^
|
||||
((a >>> 22) | (a << 10));
|
||||
// Maj(a, b, c) (optimized the same way as SHA-1)
|
||||
maj = (a & b) | (c & (a ^ b));
|
||||
|
||||
// main algorithm
|
||||
t1 = h + s1 + ch + _k[i] + w[i];
|
||||
t2 = s0 + maj;
|
||||
h = g;
|
||||
g = f;
|
||||
f = e;
|
||||
e = (d + t1) | 0;
|
||||
d = c;
|
||||
c = b;
|
||||
b = a;
|
||||
a = (t1 + t2) | 0;
|
||||
}
|
||||
|
||||
// update hash state
|
||||
s.h0 = (s.h0 + a) | 0;
|
||||
s.h1 = (s.h1 + b) | 0;
|
||||
s.h2 = (s.h2 + c) | 0;
|
||||
s.h3 = (s.h3 + d) | 0;
|
||||
s.h4 = (s.h4 + e) | 0;
|
||||
s.h5 = (s.h5 + f) | 0;
|
||||
s.h6 = (s.h6 + g) | 0;
|
||||
s.h7 = (s.h7 + h) | 0;
|
||||
len -= 64;
|
||||
}
|
||||
}
|
||||
|
||||
} // end module implementation
|
||||
|
||||
/* ########## Begin module wrapper ########## */
|
||||
var name = 'sha256';
|
||||
if(typeof define !== 'function') {
|
||||
// NodeJS -> AMD
|
||||
if(typeof module === 'object' && module.exports) {
|
||||
var nodeJS = true;
|
||||
define = function(ids, factory) {
|
||||
factory(require, module);
|
||||
};
|
||||
} else {
|
||||
// <script>
|
||||
if(typeof forge === 'undefined') {
|
||||
forge = {};
|
||||
}
|
||||
return initModule(forge);
|
||||
}
|
||||
}
|
||||
// AMD
|
||||
var deps;
|
||||
var defineFunc = function(require, module) {
|
||||
module.exports = function(forge) {
|
||||
var mods = deps.map(function(dep) {
|
||||
return require(dep);
|
||||
}).concat(initModule);
|
||||
// handle circular dependencies
|
||||
forge = forge || {};
|
||||
forge.defined = forge.defined || {};
|
||||
if(forge.defined[name]) {
|
||||
return forge[name];
|
||||
}
|
||||
forge.defined[name] = true;
|
||||
for(var i = 0; i < mods.length; ++i) {
|
||||
mods[i](forge);
|
||||
}
|
||||
return forge[name];
|
||||
};
|
||||
};
|
||||
var tmpDefine = define;
|
||||
define = function(ids, factory) {
|
||||
deps = (typeof ids === 'string') ? factory.slice(2) : ids.slice(2);
|
||||
if(nodeJS) {
|
||||
delete define;
|
||||
return tmpDefine.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
}
|
||||
define = tmpDefine;
|
||||
return define.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
};
|
||||
define(['require', 'module', './util'], function() {
|
||||
defineFunc.apply(null, Array.prototype.slice.call(arguments, 0));
|
||||
});
|
||||
})();
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
After Width: | Height: | Size: 30 KiB |
File diff suppressed because one or more lines are too long
|
@ -1 +0,0 @@
|
|||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 338.63 338.63"><defs><style>.a{fill:#5b2c98;}.b{fill:#fff;}</style></defs><title>ppl-circle-</title><circle class="a" cx="169.31" cy="169.31" r="150"/><path class="b" d="M146.9,135.45a32.24,32.24,0,0,0-6.06-10.22,29,29,0,0,0-9.22-6.9A26.69,26.69,0,0,0,120,115.78a24.92,24.92,0,0,0-12.61,3.14,25.46,25.46,0,0,0-8.91,8.63v-10.7H84.55v87.61h15.93V168.21a23.17,23.17,0,0,0,8.56,8.85,24.5,24.5,0,0,0,12.83,3.27,24.16,24.16,0,0,0,10.94-2.5,26.31,26.31,0,0,0,8.62-6.89,32.55,32.55,0,0,0,5.65-10.34,39.2,39.2,0,0,0,2-12.72A35.4,35.4,0,0,0,146.9,135.45Zm-30.12,32.69c-10.09,0-18.28-8.7-18.28-19.43a20.19,20.19,0,0,1,2-8.77v-.15a14,14,0,0,1,2.43-4.16,19.11,19.11,0,0,1,3.63-3.33,16.49,16.49,0,0,1,4.4-2.2,15.12,15.12,0,0,1,4.63-.77h.07c.37,0,.76,0,1.14,0,10.1,0,18.28,8.7,18.28,19.42S126.88,168.14,116.78,168.14Z"/><path class="b" d="M222.27,135.45a32.24,32.24,0,0,0-6.06-10.22,29,29,0,0,0-9.22-6.9,26.69,26.69,0,0,0-11.64-2.55,24.92,24.92,0,0,0-12.61,3.14,25.54,25.54,0,0,0-8.91,8.63v-10.7H159.92v87.61h15.93V168.21a23.24,23.24,0,0,0,8.56,8.85,24.52,24.52,0,0,0,12.84,3.27,24.22,24.22,0,0,0,10.94-2.5,26.27,26.27,0,0,0,8.61-6.89,32.55,32.55,0,0,0,5.65-10.34,39.47,39.47,0,0,0,2-12.72A35.4,35.4,0,0,0,222.27,135.45Zm-31.6,32.69c-10.09,0-18.28-8.7-18.28-19.43s8.19-19.42,18.28-19.42a18,18,0,0,1,2.09.13h.09a15.77,15.77,0,0,1,4.93,1.32,17.08,17.08,0,0,1,4.51,3l.37.34A19.86,19.86,0,0,1,209,148.71C209,159.44,200.76,168.14,190.67,168.14Z"/><path class="b" d="M263.94,164.76a20.11,20.11,0,0,1-3.27,1.18,11.85,11.85,0,0,1-3.16.48,6,6,0,0,1-4.75-1.9,7.84,7.84,0,0,1-1.66-5.35V92.36H235.17v72.4q0,7.37,4.1,11.35t11.59,4a41.31,41.31,0,0,0,7.73-.83,30.52,30.52,0,0,0,7.49-2.38Z"/><path class="b" d="M208,229.74c-15.45,8.56-32.81,12.13-49.22,12.13S125,238.3,109.54,229.74l-5.24,12.84c16.41,10,33.53,15.69,54.45,15.69s38.05-5.71,54.45-15.69Z"/></svg>
|
Before Width: | Height: | Size: 1.8 KiB |
|
@ -1 +0,0 @@
|
|||
See index.html / demo/demo.js and demo/phone.html / demo/phone.js
|
Before Width: | Height: | Size: 274 KiB After Width: | Height: | Size: 274 KiB |
106
index.html
106
index.html
|
@ -1,108 +1,8 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Authenticator</title>
|
||||
<meta charset="UTF-8">
|
||||
<!--meta name="viewport" content="width=device-width, user-scalable=no" /-->
|
||||
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src 'self' https://camo.githubusercontent.com/ https://chart.googleapis.com/ data:; child-src 'self'; object-src 'none'">
|
||||
<link rel="stylesheet" type="text/css" href="demo/bootstrap-v3.3.5.min.css">
|
||||
<link rel="stylesheet" type="text/css" href="demo/style.css">
|
||||
<meta http-equiv="refresh" content="0;https://daplie.github.io/browser-authenticator/test.html">
|
||||
</head>
|
||||
<body class="fade">
|
||||
<div class="container-fluid">
|
||||
<div class="row">
|
||||
<div class="col-xs-6 left">
|
||||
<h1 class="authenticator">Authenticator Test</h1>
|
||||
<img alt="qrcode" class="js-qrcode qrcode" width="166" height="166" src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" />
|
||||
<div class="scan">
|
||||
Scan with <a href="https://www.authy.com/personal/mobile/" target="_blank">Authy App</a>
|
||||
</div>
|
||||
<div class="verify">
|
||||
<label class="token-label">Enter Verification Token:</label>
|
||||
<br />
|
||||
<input class="js-token token-input" type="text" placeholder="i.e. 123 456" />
|
||||
<button class="js-verify btn">Verify</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-xs-6 right">
|
||||
<img class="iPhone" src="demo/iPhoneMockup.png" />
|
||||
<div class="iframe-container">
|
||||
<iframe class="js-otp-iframe iframe" src="demo/phone.html"></iframe>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-md-3"></div>
|
||||
<div class="col-md-6 bottom">
|
||||
<form class="form-horizontal">
|
||||
<h1 class="console"> Console </h1>
|
||||
<hr />
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Issuer:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-company-name issuer-input wide" placeholder="Company Name">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Account:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-user-account issuer-input wide" placeholder="User Account">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Key:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-key base-key-input wide">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- TODO add options to interface -->
|
||||
<input type="hidden" class="js-totp-algo" value="SHA1">
|
||||
<input type="hidden" class="js-totp-digits" value="6">
|
||||
<input type="hidden" class="js-totp-period" value="30">
|
||||
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-6 col-xs-6">
|
||||
<button type="button" class="btn btn-default js-generate regenerate">Regenerate</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">URI:</label>
|
||||
<div class="col-sm-9">
|
||||
<a class="js-otpauth">otpauth://totp/company:user?secret=xxxx&issuer=company</a>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="col-md-3"></div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- github banner -->
|
||||
<a href="https://git.coolaj86.com/coolaj86/browser-authenticator.js"><img class="github-banner" src="https://camo.githubusercontent.com/a6677b08c955af8400f44c6298f40e7d19cc5b2d/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f677261795f3664366436642e706e67" alt="Fork me with Git" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"></a>
|
||||
|
||||
<!-- extremely lightweight shim for hex conversion -->
|
||||
<script src="demo/bower_components/unibabel/index.js"></script>
|
||||
<script src="demo/bower_components/unibabel/unibabel.hex.js"></script>
|
||||
|
||||
<!-- base32 conversion (and binary string for forge) (works standalone from the above) -->
|
||||
<script src="demo/bower_components/unibabel/unibabel.base32.js"></script>
|
||||
|
||||
<!-- forge.* -->
|
||||
<!--[if lt IE 11]>
|
||||
<script src="demo/bower_components/forge/dist/forge.min.js"></script>
|
||||
<![endif]-->
|
||||
|
||||
<!-- botp.totp -->
|
||||
<script src="demo/bower_components/botp/sha1-hmac.js"></script>
|
||||
<script src="demo/bower_components/botp/index.js"></script>
|
||||
|
||||
<!-- Authenticator -->
|
||||
<script src="authenticator.js"></script>
|
||||
<script src="demo/demo.js"></script>
|
||||
</body>
|
||||
Redirecting...
|
||||
</body>
|
||||
</html>
|
||||
|
|
30
package.json
30
package.json
|
@ -1,30 +0,0 @@
|
|||
{
|
||||
"name": "browser-authenticator",
|
||||
"version": "1.0.8",
|
||||
"description": "Two- / Multi- Factor Authenication (2FA / MFA / OTP) for browser JavaScript",
|
||||
"main": "authenticator.js",
|
||||
"homepage": "https://git.coolaj86.com/coolaj86/browser-authenticator.js",
|
||||
"directories": {
|
||||
"example": "examples"
|
||||
},
|
||||
"scripts": {
|
||||
"test": "echo \"Error: no test specified\" && exit 1"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "https://git.coolaj86.com/coolaj86/browser-authenticator.js"
|
||||
},
|
||||
"keywords": [
|
||||
"botp",
|
||||
"notp",
|
||||
"otp",
|
||||
"totp",
|
||||
"hotp",
|
||||
"authenticator",
|
||||
"authy",
|
||||
"mfa",
|
||||
"2fa"
|
||||
],
|
||||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
||||
"license": "(MIT OR Apache-2.0)"
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Authenticator</title>
|
||||
<title>Authenticator - Daplie, Inc</title>
|
||||
<meta charset="UTF-8">
|
||||
<!--meta name="viewport" content="width=device-width, user-scalable=no" /-->
|
||||
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src 'self' https://chart.googleapis.com/ data:; child-src 'self'; object-src 'none'">
|
||||
|
@ -23,15 +23,25 @@
|
|||
<!-- base32 conversion (and binary string for forge) (works standalone from the above) -->
|
||||
<script src="bower_components/unibabel/unibabel.base32.js"></script>
|
||||
|
||||
<!-- forge.* -->
|
||||
<script src="bower_components/forge/dist/forge.min.js"></script>
|
||||
<!-- forge.hmac -->
|
||||
<script src="bower_components/forge/js/util.js"></script>
|
||||
<script src="bower_components/forge/js/sha1.js"></script>
|
||||
<script src="bower_components/forge/js/hmac.js"></script>
|
||||
|
||||
<!-- forge.random.getBytes -->
|
||||
<script src="bower_components/forge/js/sha256.js"></script>
|
||||
<script src="bower_components/forge/js/cipher.js"></script>
|
||||
<script src="bower_components/forge/js/cipherModes.js"></script>
|
||||
<script src="bower_components/forge/js/aes.js"></script>
|
||||
<script src="bower_components/forge/js/prng.js"></script>
|
||||
<script src="bower_components/forge/js/random.js"></script>
|
||||
|
||||
<!-- botp.totp -->
|
||||
<script src="bower_components/botp/sha1-hmac.js"></script>
|
||||
<script src="bower_components/botp/index.js"></script>
|
||||
|
||||
<!-- Authenticator -->
|
||||
<script src="../authenticator.js"></script>
|
||||
<script src="authenticator.js"></script>
|
||||
|
||||
<script src="jquery-2.0.0.min.js" type="text/javascript"></script>
|
||||
<script src="jquery.countdown.js" type="text/javascript"></script>
|
|
@ -36,6 +36,29 @@
|
|||
return argsParsed;
|
||||
}
|
||||
|
||||
/*
|
||||
function parseQuery(search) {
|
||||
var args = search.substring(1).split('&');
|
||||
var argsParsed = {};
|
||||
var i;
|
||||
|
||||
console.log('parse args', args);
|
||||
for (i = 0; i < args.length; i++) {
|
||||
var arg = args[i];
|
||||
|
||||
if (-1 === arg.indexOf('=')) {
|
||||
argsParsed[decodeURIComponent(arg).trim()] = true;
|
||||
}
|
||||
else {
|
||||
var kvp = arg.split('=');
|
||||
argsParsed[decodeURIComponent(kvp[0]).trim()] = decodeURIComponent(kvp[1]).trim();
|
||||
}
|
||||
}
|
||||
|
||||
return argsParsed;
|
||||
}
|
||||
*/
|
||||
|
||||
function run() {
|
||||
var countdown = $(".js-countdown").countdown360({
|
||||
radius: 30,
|
||||
|
@ -51,6 +74,7 @@
|
|||
// TODO change to token start time, regardless of the time the app began
|
||||
countdown.start(new Date());
|
||||
console.log('countdown360 ', countdown);
|
||||
console.log(document.location.search);
|
||||
|
||||
var otpauth = parseQuery(document.location.search).otpuri;
|
||||
var otplink = document.createElement('a');
|
||||
|
@ -60,16 +84,12 @@
|
|||
var accountName;
|
||||
|
||||
otplink.href = otpauth;
|
||||
|
||||
var idx = otplink.href.indexOf('?');
|
||||
var queryString = (idx >= 0 ? otplink.href.slice(idx) : '');
|
||||
otp = parseQuery(queryString);
|
||||
otp = parseQuery(otplink.search);
|
||||
|
||||
meta = otplink.pathname.replace(/.*\/totp\//, '').split(':');
|
||||
// TODO throw if otp.issuer !== decodeURI(meta[0])
|
||||
if (meta.length > 1) {
|
||||
// TODO why is there an extra leading '/' on iOS webview?
|
||||
issuer = otp.issuer || decodeURI(meta[0]).replace(/^\//, '');
|
||||
issuer = otp.issuer || decodeURI(meta[0]);
|
||||
accountName = decodeURI(meta[1]);
|
||||
}
|
||||
else {
|
||||
|
@ -77,9 +97,13 @@
|
|||
accountName = decodeURI(meta[0]);
|
||||
}
|
||||
|
||||
console.log('otpuri', otpauth);
|
||||
console.log('otplink', otplink);
|
||||
console.log('otplink.search', otplink.search);
|
||||
console.log('otp', otp);
|
||||
|
||||
$('.js-issuer').text(issuer);
|
||||
$('.js-account-name').text(accountName);
|
||||
|
||||
Authenticator.generateToken(otp.secret).then(function (token) {
|
||||
$('.js-token').text(token.replace(/(\d{3})/g, '$1 ').trim());
|
||||
});
|
|
@ -1,10 +1,3 @@
|
|||
.github-banner {
|
||||
position: absolute;
|
||||
top: 0;
|
||||
right: 0;
|
||||
border: 0;
|
||||
}
|
||||
|
||||
.col-xs-6 {
|
||||
text-align: center;
|
||||
}
|
||||
|
@ -108,12 +101,12 @@ input {
|
|||
}
|
||||
|
||||
.logo {
|
||||
background-image: url("logo.svg");
|
||||
background-image: url("daplie-logo.png");
|
||||
background-repeat: no-repeat;
|
||||
background-size: 75px 75px;
|
||||
width: 75px;
|
||||
height: 75px;
|
||||
margin: 25px auto 0 auto;
|
||||
background-size: 200px 50px;
|
||||
width: 200px;
|
||||
height: 50px;
|
||||
margin: 50px auto 0 auto;
|
||||
line-height: 1.0556;
|
||||
text-align: center;
|
||||
z-index: 2;
|
||||
|
@ -124,7 +117,7 @@ input {
|
|||
}
|
||||
|
||||
.token-issuer {
|
||||
margin-top: 25px;
|
||||
margin-top: 50px;
|
||||
z-index: 2;
|
||||
font-size: 12px;
|
||||
line-height: 1.0556;
|
105
test.html
105
test.html
|
@ -1,8 +1,107 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="refresh" content="0;https://authenticator.ppl.family/">
|
||||
<title>Authenticator - Daplie, Inc</title>
|
||||
<meta charset="UTF-8">
|
||||
<!--meta name="viewport" content="width=device-width, user-scalable=no" /-->
|
||||
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src 'self' https://chart.googleapis.com/ data:; child-src 'self'; object-src 'none'">
|
||||
<link rel="stylesheet" type="text/css" href="bootstrap-v3.3.5.min.css">
|
||||
<link rel="stylesheet" type="text/css" href="style.css">
|
||||
</head>
|
||||
</body>
|
||||
Redirecting...
|
||||
<body class="fade">
|
||||
<div class="container-fluid">
|
||||
<div class="row">
|
||||
<div class="col-xs-6 left">
|
||||
<h1 class="authenticator">Authenticator Test</h1>
|
||||
<img alt="qrcode" class="js-qrcode qrcode" width="166" height="166" src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" />
|
||||
<div class="scan">
|
||||
Scan with <a href="https://www.authy.com/personal/mobile/" target="_blank">Authy App</a>
|
||||
</div>
|
||||
<div class="verify">
|
||||
<label class="token-label">Enter Verification Token:</label>
|
||||
<br />
|
||||
<input class="js-token token-input" type="text" placeholder="i.e. 123 456" />
|
||||
<button class="js-verify btn">Verify</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-xs-6 right">
|
||||
<img class="iPhone" src="iPhoneMockup.png" />
|
||||
<div class="iframe-container">
|
||||
<iframe class="js-otp-iframe iframe" src="phone.html"></iframe>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-md-3"></div>
|
||||
<div class="col-md-6 bottom">
|
||||
<form class="form-horizontal">
|
||||
<h1 class="console"> Console </h1>
|
||||
<hr />
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Issuer:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-company-name issuer-input wide" placeholder="Company Name">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Account:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-user-account issuer-input wide" placeholder="User Account">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">Key:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="js-key base-key-input wide">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-6 col-xs-6">
|
||||
<button type="button" class="btn btn-default js-generate regenerate">Regenerate</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label">URI:</label>
|
||||
<div class="col-sm-9">
|
||||
<p class="js-otpauth">otpauth://totp/company:user?secret=xxxx&issuer=company</p>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="col-md-3"></div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- extremely lightweight shim for hex conversion -->
|
||||
<script src="bower_components/unibabel/index.js"></script>
|
||||
<script src="bower_components/unibabel/unibabel.hex.js"></script>
|
||||
|
||||
<!-- base32 conversion (and binary string for forge) (works standalone from the above) -->
|
||||
<script src="bower_components/unibabel/unibabel.base32.js"></script>
|
||||
|
||||
<!-- forge.hmac -->
|
||||
<script src="bower_components/forge/js/util.js"></script>
|
||||
<script src="bower_components/forge/js/sha1.js"></script>
|
||||
<script src="bower_components/forge/js/hmac.js"></script>
|
||||
|
||||
<!-- forge.random.getBytes -->
|
||||
<script src="bower_components/forge/js/sha256.js"></script>
|
||||
<script src="bower_components/forge/js/cipher.js"></script>
|
||||
<script src="bower_components/forge/js/cipherModes.js"></script>
|
||||
<script src="bower_components/forge/js/aes.js"></script>
|
||||
<script src="bower_components/forge/js/prng.js"></script>
|
||||
<script src="bower_components/forge/js/random.js"></script>
|
||||
|
||||
<!-- botp.totp -->
|
||||
<script src="bower_components/botp/sha1-hmac.js"></script>
|
||||
<script src="bower_components/botp/index.js"></script>
|
||||
|
||||
<!-- Authenticator -->
|
||||
<script src="authenticator.js"></script>
|
||||
<script src="test.js"></script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// This is crap demo code. Forgive me.
|
||||
// forgive the suckiness, but whatever
|
||||
(function (exports) {
|
||||
'use strict';
|
||||
|
||||
|
@ -33,26 +33,18 @@ function generate(ke) {
|
|||
|
||||
var companyName = $('.js-company-name').value;
|
||||
var userAccount = $('.js-user-account').value;
|
||||
var algo = $('.js-totp-algo').value || 'SHA1';
|
||||
var digits = parseInt($('.js-totp-digits').value, 10) || 6;
|
||||
var period = parseInt($('.js-totp-period').value, 10) || 30;
|
||||
|
||||
var otpauth = Authenticator.generateTotpUri(key, userAccount, companyName, algo, digits, period);
|
||||
/*
|
||||
var otpauth = 'otpauth://totp/'
|
||||
+ encodeURI(companyName) + ':' + encodeURI(userAccount)
|
||||
+ '?secret=' + key.replace(/\s+/g, '').toUpperCase()
|
||||
;
|
||||
*/
|
||||
|
||||
// obviously don't use this in production, but it's not so bad for the demo
|
||||
// (hmm... no one has ever said those words and regretted them... TODO XXX generate QR locally)
|
||||
var src = 'https://chart.googleapis.com/chart?chs=166x166&chld=L|0&cht=qr&chl=' + encodeURIComponent(otpauth);
|
||||
|
||||
$('.js-otpauth').innerHTML = otpauth; // only safe to inject because I created it
|
||||
$('.js-otpauth').href = otpauth;
|
||||
$('img.js-qrcode').src = src;
|
||||
$('.js-otp-iframe').src = 'demo/phone.html?otpuri=' + encodeURIComponent(otpauth);
|
||||
$('.js-otp-iframe').src = 'phone.html?otpuri=' + encodeURIComponent(otpauth);
|
||||
|
||||
Authenticator.generateToken(key).then(function (token) {
|
||||
console.log('token', token);
|
||||
|
@ -71,11 +63,6 @@ function generate(ke) {
|
|||
$('.js-verify').addEventListener('click', function () {
|
||||
var token = $('.js-token').value;
|
||||
|
||||
if (!/.*\d{3}.*\d{3}.*/.test(token)) {
|
||||
window.alert("must have a 6 digit token");
|
||||
return;
|
||||
}
|
||||
|
||||
Authenticator.verifyToken(key, token).then(function (result) {
|
||||
var msg;
|
||||
if (result) {
|
||||
|
@ -87,9 +74,6 @@ $('.js-verify').addEventListener('click', function () {
|
|||
console.info('verify', msg);
|
||||
window.alert(msg);
|
||||
}, function (err) {
|
||||
window.alert('[ERROR]:' + err.message);
|
||||
window.alert('[ERROR]:' + err.stack);
|
||||
|
||||
console.error('ERROR');
|
||||
console.error(err);
|
||||
});
|
Loading…
Reference in New Issue