From bf961944ce5b571385c2cdc9c4edc8799784d815 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gr=C3=A9gory=20Soutad=C3=A9?= <soutade@gmail.com>
Date: Tue, 15 Oct 2013 21:02:14 +0200
Subject: [PATCH] Add PKDBF2 (server side). Not tested. BREAKS compatibility
 (but no one use previous version...) \!

---
 server/index.php              |  8 ++---
 server/ressources/gpass.js    | 32 ++++++++++++++++++
 server/ressources/hmac.js     | 42 +++++++++++++++++++++++
 server/ressources/jssha256.js | 14 ++++----
 server/ressources/pkdbf2.js   | 63 +++++++++++++++++++++++++++++++++++
 5 files changed, 149 insertions(+), 10 deletions(-)
 create mode 100644 server/ressources/hmac.js
 create mode 100644 server/ressources/pkdbf2.js

diff --git a/server/index.php b/server/index.php
index 3c63513..d1b995a 100755
--- a/server/index.php
+++ b/server/index.php
@@ -90,7 +90,7 @@ if ($count == 0)
     echo "<b>No user found</b><br/>\n";
 else
 {
-    echo '<b>User</b> <select name="user">' . "\n";
+    echo '<b>User</b> <select id="selected_user" name="user">' . "\n";
     foreach($users as $u)
     {
         if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
@@ -103,7 +103,7 @@ else
         }
     }
         echo "</select>\n";
-    echo '  <b>Master key </b> <input id="see_password" type="password" name="mkey"/> <input name="see" type="submit" value="See" onclick="a = document.getElementById(\'see_password\') ; a.value=digest256(a.value);"/>' . "\n";
+    echo '  <b>Master key </b> <input id="see_password" type="password" name="mkey"/> <input name="see" type="submit" value="See" onclick="a=document.getElementById("selected_user") ; return derive_mkey(a.options[a.selectedIndex].value, "see_password") ;"/>' . "\n";
 }
 ?>
 </form>
@@ -166,9 +166,9 @@ if ($user != "")
     echo 'URL <input id="new_url" type="text" name="url"/>';
     echo 'login <input type="text" name="login" />';
     echo 'password <input id="new_password" type="text" name="pwd"/>';
-    echo 'master key <input type="password" name="mkey"/>';
+    echo 'master key <input id="new_mkey" type="password" name="mkey"/>';
     echo '<input type="button" value="Generate password" onClick="generate_password();"/>';
-    echo "<input type=\"submit\" name=\"add\" value=\"Add\" onclick=\"a = document.getElementById('new_url') ; a.value = url_domain(a.value); a = document.getElementById('see_password') ; a.value=digest256(a.value);\"/>";
+    echo "<input type=\"submit\" name=\"add\" value=\"Add\" onclick=\"a = document.getElementById('new_url') ; a.value = url_domain(a.value); return derive_mkey($user, 'new_mkey') ;\"/>";
     echo '</form>' . "\n";
 }
 ?>
diff --git a/server/ressources/gpass.js b/server/ressources/gpass.js
index 2800ad6..696977f 100755
--- a/server/ressources/gpass.js
+++ b/server/ressources/gpass.js
@@ -60,4 +60,36 @@ function generate_password()
 function url_domain(data) {
     var uri = parseUri(data)
    return uri['host'];
+}
+
+function a2hex(str) {
+    var hex = '';
+    for (var i = 0; i < str.length; i++)
+    {
+	c = str.charCodeAt(i).toString(16);
+	if (c.length == 1) c = "0" + c;
+        hex += c;
+    }
+    return hex;
+}
+
+var pkdbf2 = require("pkdbf2").pkdbf2;
+
+function derive_mkey(user, mkey_target)
+{
+    mkey_target = document.getElementById(mkey_target) ;
+    mkey = mkey_target.value;
+
+    if (mkey.length == 0)
+    {
+	alert('Empty master key');
+	return false;
+    }
+
+    url = url_domain(document.URL) + "/" + user;
+
+    mkey = a2hex(pkdbf2.pkdbf2(mkey, url, 1000, 256/8));
+    mkey_target.value = mkey;
+
+    return true;
 }
\ No newline at end of file
diff --git a/server/ressources/hmac.js b/server/ressources/hmac.js
new file mode 100644
index 0000000..ac467ee
--- /dev/null
+++ b/server/ressources/hmac.js
@@ -0,0 +1,42 @@
+/*
+  Copyright (C) 2013 Grégory Soutadé
+  
+  This file is part of gPass.
+  
+  gPass is free software: you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation, either version 3 of the License, or
+  (at your option) any later version.
+  
+  gPass is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with gPass.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+var sha256 = require("jssha256").sha256;
+
+exports.hmac = {
+    hmac : function(key, message) {
+	var ipad = "";
+	var opad = "";
+
+	for(i=0; i<key.length; i++)
+	{
+	    ipad += String.fromCharCode(key.charCodeAt(i) ^ 0x36);
+	    opad += String.fromCharCode(key.charCodeAt(i) ^ 0x5c);
+	}
+	while (ipad.length < 512/8)
+	{
+	    ipad += String.fromCharCode(0x36);
+	    opad += String.fromCharCode(0x5c);
+	}
+
+	result = sha256.digest(opad + sha256.digest(ipad + message));
+
+	return result;
+    }
+};
\ No newline at end of file
diff --git a/server/ressources/jssha256.js b/server/ressources/jssha256.js
index d5a32ec..1bf279b 100644
--- a/server/ressources/jssha256.js
+++ b/server/ressources/jssha256.js
@@ -233,12 +233,14 @@ function sha256_encode_hex() {
 
 /* Main function: returns a hex string representing the SHA256 value of the 
 given data */
-function digest256 (data) {
-    sha256_init();
-    sha256_update(data, data.length);
-    sha256_final();
-    return sha256_encode_hex();
-}
+exports.sha256 = {
+    digest : function (data) {
+	sha256_init();
+	sha256_update(data, data.length);
+	sha256_final();
+        return sha256_encode_hex();
+    }
+};
 
 /* test if the JS-interpreter is working properly */
 function sha256_self_test()
diff --git a/server/ressources/pkdbf2.js b/server/ressources/pkdbf2.js
new file mode 100644
index 0000000..af34fef
--- /dev/null
+++ b/server/ressources/pkdbf2.js
@@ -0,0 +1,63 @@
+/*
+  Copyright (C) 2013 Grégory Soutadé
+  
+  This file is part of gPass.
+  
+  gPass is free software: you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation, either version 3 of the License, or
+  (at your option) any later version.
+  
+  gPass is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+  
+  You should have received a copy of the GNU General Public License
+  along with gPass.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+var hmac256 = require("hmac").hmac;
+
+// http://stackoverflow.com/questions/3745666/how-to-convert-from-hex-to-ascii-in-javascript
+function hex2a(hex) {
+    var str = '';
+    for (var i = 0; i < hex.length; i += 2)
+        str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
+    return str;
+}
+
+exports.pkdbf2 = {
+    pkdbf2 : function(password, salt, iterations, outlen) {
+	var result = "";
+	var temp = "";
+	var temp2 = "";
+	var temp_res = "";
+	var temp_res2 = "";
+
+	for (i=1; result.length < outlen; i++)
+	{
+	    temp = hex2a(hmac256.hmac(salt + 
+				String.fromCharCode((i & 0xff000000) >> 24) +
+				String.fromCharCode((i & 0x00ff0000) >> 16) +
+				String.fromCharCode((i & 0x0000ff00) >>  8) +
+				String.fromCharCode((i & 0x000000ff) >>  0),
+				      password));
+	    temp_res = temp;
+
+	    for(a=1; a<iterations; a++)
+	    {
+		temp2 = hex2a(hmac256.hmac(temp, password));
+		temp_res2 = "";
+		for(b = 0; b<temp_res.length; b++)
+		    temp_res2 += String.fromCharCode(temp_res.charCodeAt(b) ^ temp2.charCodeAt(b));
+		temp_res = temp_res2;
+		temp = temp2;
+	    }
+
+	    result += temp_res;
+	}
+
+	return result.substr(0, outlen);
+    }
+};
\ No newline at end of file