From 32fd8355e1ab8efadbbcb6ba4f701bd4b6ec2788 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20Soutad=C3=A9?= Date: Mon, 17 Apr 2017 20:37:26 +0200 Subject: [PATCH] New protocol (fix mispelled PKBDF2) --- server/_user | 6 +++--- server/conf.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/server/_user b/server/_user index 3a3e6a1..ec1f3d5 100644 --- a/server/_user +++ b/server/_user @@ -59,7 +59,7 @@ function load_database() return $db; } -$PROTOCOL_VERSION = 3; +$PROTOCOL_VERSION = 4; $db = load_database(); @@ -68,8 +68,8 @@ $res = ""; $statement = $db->prepare("SELECT password FROM gpass WHERE login=:login"); echo "protocol=gpass-$PROTOCOL_VERSION\n"; -if ($PKDBF2_LEVEL != 1000) - echo "pkdbf2_level=$PKDBF2_LEVEL\n"; +if ($PBKDF2_LEVEL != 1000) + echo "pbkdf2_level=$PBKDF2_LEVEL\n"; for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++) { diff --git a/server/conf.php b/server/conf.php index 7810292..bc1ead9 100644 --- a/server/conf.php +++ b/server/conf.php @@ -29,7 +29,7 @@ $VIEW_CIPHERED_PASSWORDS=true; $ADMIN_MODE=true; /* - Number of iterations for PKDBF2 algorithm. + Number of iterations for PBKDF2 algorithm. Minimum recommended level is 1000, but you can increase this value to have a better security (need more computation power). @@ -37,7 +37,7 @@ $ADMIN_MODE=true; !! Warning !! This impact master keys. So if you change this value with existings masterkeys, they will unusable ! */ -$PKDBF2_LEVEL=1000; +$PBKDF2_LEVEL=1000; /* This is a security feature : It protects from database dump @@ -45,7 +45,7 @@ $PKDBF2_LEVEL=1000; When get all entries, instead of returning logins/passwords, it returns "shadow logins". These are random values. Shadow logins must be encrypted using masterkey and salt - (to generate a unique PKDBF2 derivation) that result in an access tokens. + (to generate a unique PBKDF2 derivation) that result in an access tokens. With this access token, user has the right to get encrypted login/password values and remove them. It's a kind of challenge.