heuzef
/
lesspass
mirror of https://github.com/lesspass/lesspass.git
1
0
Fork 0
Code Issues 0 Releases 67 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
73 Commits
17 Branches
748 MiB
 
 
 
 
 
 
Tree: 076d74f7d8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '076d74f7d8'
${ noResults }
lesspass/lib/lesspass.webcrypto.js

311 lines
8.3 KiB
Raw Blame History 

  1. (function () {

  2. 'use strict';

  3. 

  4. function utf8ToBinaryString(str) {

  5.   var escstr = encodeURIComponent(str);

  6.   // replaces any uri escape sequence, such as %0A,

  7.   // with binary escape, such as 0x0A

  8.   var binstr = escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {

  9.     return String.fromCharCode(parseInt(p1, 16));

  10.   });

  11. 

  12.   return binstr;

  13. }

  14. 

  15. function utf8ToBuffer(str) {

  16.   var binstr = utf8ToBinaryString(str);

  17.   var buf = binaryStringToBuffer(binstr);

  18.   return buf;

  19. }

  20. 

  21. function utf8ToBase64(str) {

  22.   var binstr = utf8ToBinaryString(str);

  23.   return btoa(binstr);

  24. }

  25. 

  26. function binaryStringToUtf8(binstr) {

  27.   var escstr = binstr.replace(/(.)/g, function (m, p) {

  28.     var code = p.charCodeAt(0).toString(16).toUpperCase();

  29.     if (code.length < 2) {

  30.       code = '0' + code;

  31.     }

  32.     return '%' + code;

  33.   });

  34. 

  35.   return decodeURIComponent(escstr);

  36. }

  37. 

  38. function bufferToUtf8(buf) {

  39.   var binstr = bufferToBinaryString(buf);

  40. 

  41.   return binaryStringToUtf8(binstr);

  42. }

  43. 

  44. function base64ToUtf8(b64) {

  45.   var binstr = atob(b64);

  46. 

  47.   return binaryStringToUtf8(binstr);

  48. }

  49. 

  50. function bufferToBinaryString(buf) {

  51.   var binstr = Array.prototype.map.call(buf, function (ch) {

  52.     return String.fromCharCode(ch);

  53.   }).join('');

  54. 

  55.   return binstr;

  56. }

  57. 

  58. function bufferToBase64(arr) {

  59.   var binstr = bufferToBinaryString(arr);

  60.   return btoa(binstr);

  61. }

  62. 

  63. function binaryStringToBuffer(binstr) {

  64.   var buf;

  65. 

  66.   if ('undefined' !== typeof Uint8Array) {

  67.     buf = new Uint8Array(binstr.length);

  68.   } else {

  69.     buf = [];

  70.   }

  71. 

  72.   Array.prototype.forEach.call(binstr, function (ch, i) {

  73.     buf[i] = ch.charCodeAt(0);

  74.   });

  75. 

  76.   return buf;

  77. }

  78. 

  79. function base64ToBuffer(base64) {

  80.   var binstr = atob(base64);

  81.   var buf = binaryStringToBuffer(binstr);

  82.   return buf;

  83. }

  84. 

  85. window.Unibabel = {

  86.   utf8ToBinaryString: utf8ToBinaryString

  87. , utf8ToBuffer: utf8ToBuffer

  88. , utf8ToBase64: utf8ToBase64

  89. , binaryStringToUtf8: binaryStringToUtf8

  90. , bufferToUtf8: bufferToUtf8

  91. , base64ToUtf8: base64ToUtf8

  92. , bufferToBinaryString: bufferToBinaryString

  93. , bufferToBase64: bufferToBase64

  94. , binaryStringToBuffer: binaryStringToBuffer

  95. , base64ToBuffer: base64ToBuffer

  96. 

  97. // compat

  98. , strToUtf8Arr: utf8ToBuffer

  99. , utf8ArrToStr: bufferToUtf8

  100. , arrToBase64: bufferToBase64

  101. , base64ToArr: base64ToBuffer

  102. };

  103. 

  104. }());

  105. 

  106. (function () {

  107. 'use strict';

  108. 

  109. function bufferToHex(arr) {

  110.   var i;

  111.   var len;

  112.   var hex = '';

  113.   var c;

  114. 

  115.   for (i = 0, len = arr.length; i < len; i += 1) {

  116.     c = arr[i].toString(16);

  117.     if (c.length < 2) {

  118.       c = '0' + c;

  119.     }

  120.     hex += c;

  121.   }

  122. 

  123.   return hex;

  124. }

  125. 

  126. function hexToBuffer(hex) {

  127.   // TODO use Uint8Array or ArrayBuffer or DataView

  128.   var i;

  129.   var byteLen = hex.length / 2;

  130.   var arr;

  131.   var j = 0;

  132. 

  133.   if (byteLen !== parseInt(byteLen, 10)) {

  134.     throw new Error("Invalid hex length '" + hex.length + "'");

  135.   }

  136. 

  137.   arr = new Uint8Array(byteLen);

  138. 

  139.   for (i = 0; i < byteLen; i += 1) {

  140.     arr[i] = parseInt(hex[j] + hex[j + 1], 16);

  141.     j += 2;

  142.   }

  143. 

  144.   return arr;

  145. }

  146. 

  147. // Hex Convenience Functions

  148. window.Unibabel.hexToBuffer = hexToBuffer;

  149. window.Unibabel.bufferToHex = bufferToHex;

  150. 

  151. }());

  152. 

  153. (function () {

  154.     'use strict';

  155. 

  156.     if (window.crypto && !window.crypto.subtle && window.crypto.webkitSubtle) {

  157.         window.crypto.subtle = window.crypto.webkitSubtle;

  158.     }

  159.     if (!window.crypto || !window.crypto.subtle) {

  160.         console.error("Your browser does not support the Web Cryptography API! LessPass will not work.");

  161.         return;

  162.     }

  163. 

  164.     function importKey(masterPassword, algo, usages) {

  165.         var format = 'raw';

  166.         var masterPasswordArrayBuffer = Unibabel.utf8ToBuffer(masterPassword);

  167.         var extractable = false;

  168.         return window.crypto.subtle.importKey(format, masterPasswordArrayBuffer, algo, extractable, usages);

  169.     }

  170. 

  171.     function deriveKey(masterKey, salt, iterations, keylen) {

  172.         var algo = {

  173.             name: 'PBKDF2',

  174.             salt: Unibabel.utf8ToBuffer(salt),

  175.             iterations: iterations,

  176.             hash: 'SHA-256',

  177.         };

  178.         var extractable = true;

  179.         var derivedKeyAlgo = {name: 'AES-CTR', length: keylen * 8};

  180.         var usages = ['encrypt', 'decrypt'];

  181.         return window.crypto.subtle.deriveKey(algo, masterKey, derivedKeyAlgo, extractable, usages);

  182.     }

  183. 

  184. 

  185.     function exportKey(derivedKey) {

  186.         return window.crypto.subtle.exportKey('raw', derivedKey).then(function (keyArrayBuffer) {

  187.             return Unibabel.bufferToHex(new Uint8Array(keyArrayBuffer));

  188.         });

  189.     }

  190. 

  191.     function encryptLogin(login, masterPassword, options) {

  192.         var _options = options !== undefined ? options : {};

  193.         var iterations = _options.iterations || 8192;

  194.         var keylen = _options.keylen || 32;

  195. 

  196.         return importKey(masterPassword, 'PBKDF2', ['deriveKey'])

  197.             .then(function (key) {

  198.                 return deriveKey(key, login, iterations, keylen);

  199.             })

  200.             .then(exportKey);

  201.     }

  202. 

  203.     function signKey(masterKey, salt) {

  204.         var algo = {name: 'HMAC'};

  205.         var saltArrayBuffer = Unibabel.utf8ToBuffer(salt);

  206.         return window.crypto.subtle.sign(algo, masterKey, saltArrayBuffer);

  207.     }

  208. 

  209.     function _createHmac(encryptedLogin, salt) {

  210.         return importKey(encryptedLogin, {name: 'HMAC', hash: {name: 'SHA-256'}}, ['sign'])

  211.             .then(function (key) {

  212.                 return signKey(key, salt);

  213.             })

  214.             .then(function (derivedHmacKey) {

  215.                 return Unibabel.bufferToHex(new Uint8Array(derivedHmacKey))

  216.             });

  217.     }

  218. 

  219.     function _deriveEncryptedLogin(encryptedLogin, site) {

  220.         var passwordOptions = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {

  221.             length: 12,

  222.             counter: 1

  223.         };

  224. 

  225.         var salt = site + passwordOptions.counter.toString();

  226.         return _createHmac(encryptedLogin, salt).then(function (derivedHash) {

  227.             return derivedHash.substring(0, passwordOptions.length);

  228.         });

  229.     }

  230. 

  231.     function createFingerprint(str) {

  232.         return _createHmac(str, '');

  233.     }

  234. 

  235.     function renderPassword(encryptedLogin, site, passwordOptions) {

  236.         return _deriveEncryptedLogin(encryptedLogin, site, passwordOptions).then(function (derivedEncryptedLogin) {

  237.             var template = passwordOptions.template || LessPass._getPasswordTemplate(passwordOptions);

  238.             return LessPass._prettyPrint(derivedEncryptedLogin, template);

  239.         });

  240.     }

  241. 

  242.     function _getPasswordTemplate(passwordTypes) {

  243.         var templates = {

  244.             lowercase: 'vc',

  245.             uppercase: 'VC',

  246.             numbers: 'n',

  247.             symbols: 's',

  248.         };

  249.         var template = '';

  250.         for (var templateKey in templates) {

  251.             if (passwordTypes.hasOwnProperty(templateKey) && passwordTypes[templateKey]) {

  252.                 template += templates[templateKey]

  253.             }

  254.         }

  255.         return template;

  256.     }

  257. 

  258. 

  259.     function _prettyPrint(hash, template) {

  260.         var password = '';

  261. 

  262.         _string2charCodes(hash).forEach(function (charCode, index) {

  263.             var charType = _getCharType(template, index);

  264.             password += _getPasswordChar(charType, charCode);

  265.         });

  266.         return password;

  267.     }

  268. 

  269.     function _string2charCodes(text) {

  270.         var charCodes = [];

  271.         for (var i = 0; i < text.length; i++) {

  272.             charCodes.push(text.charCodeAt(i));

  273.         }

  274.         return charCodes;

  275.     }

  276. 

  277.     function _getCharType(template, index) {

  278.         return template[index % template.length];

  279.     }

  280. 

  281.     function _getPasswordChar(charType, index) {

  282.         var passwordsChars = {

  283.             V: 'AEIOUY',

  284.             C: 'BCDFGHJKLMNPQRSTVWXZ',

  285.             v: 'aeiouy',

  286.             c: 'bcdfghjklmnpqrstvwxz',

  287.             A: 'AEIOUYBCDFGHJKLMNPQRSTVWXZ',

  288.             a: 'AEIOUYaeiouyBCDFGHJKLMNPQRSTVWXZbcdfghjklmnpqrstvwxz',

  289.             n: '0123456789',

  290.             s: '@&%?,=[]_:-+*$#!\'^~;()/.',

  291.             x: 'AEIOUYaeiouyBCDFGHJKLMNPQRSTVWXZbcdfghjklmnpqrstvwxz0123456789@&%?,=[]_:-+*$#!\'^~;()/.'

  292.         };

  293.         var passwordChar = passwordsChars[charType];

  294.         return passwordChar[index % passwordChar.length];

  295.     }

  296. 

  297.     window.LessPass = {

  298.         encryptLogin: encryptLogin,

  299.         renderPassword: renderPassword,

  300.         createFingerprint: createFingerprint,

  301.         _createHmac: _createHmac,

  302.         _deriveEncryptedLogin: _deriveEncryptedLogin,

  303.         _getPasswordTemplate: _getPasswordTemplate,

  304.         _prettyPrint: _prettyPrint,

  305.         _string2charCodes: _string2charCodes,

  306.         _getCharType: _getCharType,

  307.         _getPasswordChar: _getPasswordChar,

  308.     };

  309. }());