coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

changed all stored base64 strings to url safe

This commit is contained in:
tigerbot 2017-03-13 12:35:25 -06:00
parent bde3c2ca33
commit 4b63e38c1f
1 changed files with 28 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
oauth3.issuer.mock.js
View File

@ -3,12 +3,12 @@
var OAUTH3 = exports.OAUTH3 = exports.OAUTH3 || require('./oauth3.core.js').OAUTH3; var OAUTH3 = exports.OAUTH3 = exports.OAUTH3 || require('./oauth3.core.js').OAUTH3;
OAUTH3.utils.bufferToBinaryString = function (buf) { OAUTH3.utils.bufferToBinStr = function (buf) {
return Array.prototype.map.call(new Uint8Array(buf), function(ch) { return Array.prototype.map.call(new Uint8Array(buf), function(ch) {
return String.fromCharCode(ch); return String.fromCharCode(ch);
}).join(''); }).join('');
}; };
OAUTH3.utils.binaryStringToBuffer = function (str) { OAUTH3.utils.binStrToBuffer = function (str) {
var buf; var buf;
if ('undefined' !== typeof Uint8Array) { if ('undefined' !== typeof Uint8Array) {
@ -23,6 +23,13 @@
return buf; return buf;
}; };
OAUTH3._base64.urlSafeToBuffer = function (str) {
return OAUTH3.utils.binStrToBuffer(OAUTH3._base64.decodeUrlSafe(str));
};
OAUTH3._base64.bufferToUrlSafe = function (buf) {
return OAUTH3._base64.encodeUrlSafe(OAUTH3.utils.bufferToBinStr(buf));
};
OAUTH3.crypto = {}; OAUTH3.crypto = {};
OAUTH3.crypto.fingerprintJWK = function (jwk) { OAUTH3.crypto.fingerprintJWK = function (jwk) {
var keys; var keys;
@ -44,15 +51,15 @@
} }
var jwkStr = '{' + keys.map(function (name) { return name+':'+jwk[name]; }).join(',') + '}'; var jwkStr = '{' + keys.map(function (name) { return name+':'+jwk[name]; }).join(',') + '}';
return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binaryStringToBuffer(jwkStr)) return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binStrToBuffer(jwkStr))
.then(OAUTH3.utils.bufferToBinaryString).then(OAUTH3._base64.btoa); .then(OAUTH3._base64.bufferToUrlSafe);
}; };
OAUTH3.crypto._createKey = function (ppid) { OAUTH3.crypto._createKey = function (ppid) {
var kekPromise, ecdsaPromise, secretPromise; var kekPromise, ecdsaPromise, secretPromise;
var salt = window.crypto.getRandomValues(new Uint8Array(16)); var salt = window.crypto.getRandomValues(new Uint8Array(16));
kekPromise = window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) kekPromise = window.crypto.subtle.importKey('raw', OAUTH3.utils.binStrToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey'])
.then(function (key) { .then(function (key) {
var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}}; var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}};
return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['encrypt']); return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['encrypt']);
@ -85,8 +92,8 @@
}); });
return OAUTH3.PromiseA.all([kekPromise, ecdsaPromise, secretPromise]).then(function (keys) { return OAUTH3.PromiseA.all([kekPromise, ecdsaPromise, secretPromise]).then(function (keys) {
var ecdsaJwk = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[1].privateKey)); var ecdsaJwk = OAUTH3.utils.binStrToBuffer(JSON.stringify(keys[1].privateKey));
var secretJwk = OAUTH3.utils.binaryStringToBuffer(JSON.stringify(keys[2])); var secretJwk = OAUTH3.utils.binStrToBuffer(JSON.stringify(keys[2]));
var ecdsaIv = window.crypto.getRandomValues(new Uint8Array(12)); var ecdsaIv = window.crypto.getRandomValues(new Uint8Array(12));
var secretIv = window.crypto.getRandomValues(new Uint8Array(12)); var secretIv = window.crypto.getRandomValues(new Uint8Array(12));
@ -97,22 +104,22 @@
.then(function (encrypted) { .then(function (encrypted) {
return { return {
publicKey: keys[1].publicKey publicKey: keys[1].publicKey
, privateKey: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[0])) , privateKey: OAUTH3._base64.bufferToUrlSafe(encrypted[0])
, userSecret: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(encrypted[1])) , userSecret: OAUTH3._base64.bufferToUrlSafe(encrypted[1])
, salt: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(salt)) , salt: OAUTH3._base64.bufferToUrlSafe(salt)
, ecdsaIv: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(ecdsaIv)) , ecdsaIv: OAUTH3._base64.bufferToUrlSafe(ecdsaIv)
, secretIv: OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(secretIv)) , secretIv: OAUTH3._base64.bufferToUrlSafe(secretIv)
}; };
}); });
}); });
}; };
OAUTH3.crypto._decryptKey = function (ppid, storedObj) { OAUTH3.crypto._decryptKey = function (ppid, storedObj) {
var salt = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.salt)); var salt = OAUTH3._base64.urlSafeToBuffer(storedObj.salt);
var encJwk = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.privateKey)); var encJwk = OAUTH3._base64.urlSafeToBuffer(storedObj.privateKey);
var iv = OAUTH3.utils.binaryStringToBuffer(OAUTH3._base64.atob(storedObj.ecdsaIv)); var iv = OAUTH3._base64.urlSafeToBuffer(storedObj.ecdsaIv);
return window.crypto.subtle.importKey('raw', OAUTH3.utils.binaryStringToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey']) return window.crypto.subtle.importKey('raw', OAUTH3.utils.binStrToBuffer(ppid), {name: 'PBKDF2'}, false, ['deriveKey'])
.then(function (key) { .then(function (key) {
var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}}; var opts = {name: 'PBKDF2', salt: salt, iterations: 8192, hash: {name: 'SHA-256'}};
return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['decrypt']); return window.crypto.subtle.deriveKey(opts, key, {name: 'AES-GCM', length: 128}, false, ['decrypt']);
@ -120,7 +127,7 @@
.then(function (key) { .then(function (key) {
return window.crypto.subtle.decrypt({name: 'AES-GCM', iv: iv}, key, encJwk); return window.crypto.subtle.decrypt({name: 'AES-GCM', iv: iv}, key, encJwk);
}) })
.then(OAUTH3.utils.bufferToBinaryString) .then(OAUTH3.utils.bufferToBinStr)
.then(JSON.parse) .then(JSON.parse)
.then(function (jwk) { .then(function (jwk) {
return window.crypto.subtle.importKey('jwk', jwk, {name: 'ECDSA', namedCurve: jwk.crv}, false, ['sign']) return window.crypto.subtle.importKey('jwk', jwk, {name: 'ECDSA', namedCurve: jwk.crv}, false, ['sign'])
@ -133,9 +140,9 @@
}; };
OAUTH3.crypto._getKey = function (ppid) { OAUTH3.crypto._getKey = function (ppid) {
return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binaryStringToBuffer(ppid)) return window.crypto.subtle.digest({name: 'SHA-256'}, OAUTH3.utils.binStrToBuffer(ppid))
.then(function (hash) { .then(function (hash) {
var name = 'kek-' + OAUTH3._base64.btoa(OAUTH3.utils.bufferToBinaryString(hash)); var name = 'kek-' + OAUTH3._base64.bufferToUrlSafe(hash);
var promise; var promise;
if (window.localStorage.getItem(name) === null) { if (window.localStorage.getItem(name) === null) {
@ -161,9 +168,9 @@
, OAUTH3._base64.encodeUrlSafe(JSON.stringify(payload, null)) , OAUTH3._base64.encodeUrlSafe(JSON.stringify(payload, null))
].join('.'); ].join('.');
return window.crypto.subtle.sign({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, OAUTH3.utils.binaryStringToBuffer(input)) return window.crypto.subtle.sign({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, OAUTH3.utils.binStrToBuffer(input))
.then(function (signature) { .then(function (signature) {
return input + '.' + OAUTH3._base64.encodeUrlSafe(OAUTH3.utils.bufferToBinaryString(signature)); return input + '.' + OAUTH3._base64.bufferToUrlSafe(signature);
}); });
}); });
}; };