New protocol (fix mispelled PKBDF2)

This commit is contained in:
Grégory Soutadé 2017-04-17 20:37:26 +02:00
parent 527fc52539
commit 32fd8355e1
2 changed files with 6 additions and 6 deletions

View File

@ -59,7 +59,7 @@ function load_database()
return $db; return $db;
} }
$PROTOCOL_VERSION = 3; $PROTOCOL_VERSION = 4;
$db = load_database(); $db = load_database();
@ -68,8 +68,8 @@ $res = "";
$statement = $db->prepare("SELECT password FROM gpass WHERE login=:login"); $statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
echo "protocol=gpass-$PROTOCOL_VERSION\n"; echo "protocol=gpass-$PROTOCOL_VERSION\n";
if ($PKDBF2_LEVEL != 1000) if ($PBKDF2_LEVEL != 1000)
echo "pkdbf2_level=$PKDBF2_LEVEL\n"; echo "pbkdf2_level=$PBKDF2_LEVEL\n";
for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++) for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
{ {

View File

@ -29,7 +29,7 @@ $VIEW_CIPHERED_PASSWORDS=true;
$ADMIN_MODE=true; $ADMIN_MODE=true;
/* /*
Number of iterations for PKDBF2 algorithm. Number of iterations for PBKDF2 algorithm.
Minimum recommended level is 1000, but you can increase Minimum recommended level is 1000, but you can increase
this value to have a better security (need more computation this value to have a better security (need more computation
power). power).
@ -37,7 +37,7 @@ $ADMIN_MODE=true;
!! Warning !! This impact master keys. So if you change !! Warning !! This impact master keys. So if you change
this value with existings masterkeys, they will unusable ! this value with existings masterkeys, they will unusable !
*/ */
$PKDBF2_LEVEL=1000; $PBKDF2_LEVEL=1000;
/* /*
This is a security feature : It protects from database dump This is a security feature : It protects from database dump
@ -45,7 +45,7 @@ $PKDBF2_LEVEL=1000;
When get all entries, instead of returning logins/passwords, When get all entries, instead of returning logins/passwords,
it returns "shadow logins". These are random values. it returns "shadow logins". These are random values.
Shadow logins must be encrypted using masterkey and salt Shadow logins must be encrypted using masterkey and salt
(to generate a unique PKDBF2 derivation) that result in an access tokens. (to generate a unique PBKDF2 derivation) that result in an access tokens.
With this access token, user has the right to get With this access token, user has the right to get
encrypted login/password values and remove them. encrypted login/password values and remove them.
It's a kind of challenge. It's a kind of challenge.