New protocol (fix mispelled PKBDF2)
This commit is contained in:
parent
527fc52539
commit
32fd8355e1
|
@ -59,7 +59,7 @@ function load_database()
|
||||||
return $db;
|
return $db;
|
||||||
}
|
}
|
||||||
|
|
||||||
$PROTOCOL_VERSION = 3;
|
$PROTOCOL_VERSION = 4;
|
||||||
|
|
||||||
$db = load_database();
|
$db = load_database();
|
||||||
|
|
||||||
|
@ -68,8 +68,8 @@ $res = "";
|
||||||
$statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
|
$statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
|
||||||
|
|
||||||
echo "protocol=gpass-$PROTOCOL_VERSION\n";
|
echo "protocol=gpass-$PROTOCOL_VERSION\n";
|
||||||
if ($PKDBF2_LEVEL != 1000)
|
if ($PBKDF2_LEVEL != 1000)
|
||||||
echo "pkdbf2_level=$PKDBF2_LEVEL\n";
|
echo "pbkdf2_level=$PBKDF2_LEVEL\n";
|
||||||
|
|
||||||
for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
|
for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
|
||||||
{
|
{
|
||||||
|
|
|
@ -29,7 +29,7 @@ $VIEW_CIPHERED_PASSWORDS=true;
|
||||||
$ADMIN_MODE=true;
|
$ADMIN_MODE=true;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Number of iterations for PKDBF2 algorithm.
|
Number of iterations for PBKDF2 algorithm.
|
||||||
Minimum recommended level is 1000, but you can increase
|
Minimum recommended level is 1000, but you can increase
|
||||||
this value to have a better security (need more computation
|
this value to have a better security (need more computation
|
||||||
power).
|
power).
|
||||||
|
@ -37,7 +37,7 @@ $ADMIN_MODE=true;
|
||||||
!! Warning !! This impact master keys. So if you change
|
!! Warning !! This impact master keys. So if you change
|
||||||
this value with existings masterkeys, they will unusable !
|
this value with existings masterkeys, they will unusable !
|
||||||
*/
|
*/
|
||||||
$PKDBF2_LEVEL=1000;
|
$PBKDF2_LEVEL=1000;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
This is a security feature : It protects from database dump
|
This is a security feature : It protects from database dump
|
||||||
|
@ -45,7 +45,7 @@ $PKDBF2_LEVEL=1000;
|
||||||
When get all entries, instead of returning logins/passwords,
|
When get all entries, instead of returning logins/passwords,
|
||||||
it returns "shadow logins". These are random values.
|
it returns "shadow logins". These are random values.
|
||||||
Shadow logins must be encrypted using masterkey and salt
|
Shadow logins must be encrypted using masterkey and salt
|
||||||
(to generate a unique PKDBF2 derivation) that result in an access tokens.
|
(to generate a unique PBKDF2 derivation) that result in an access tokens.
|
||||||
With this access token, user has the right to get
|
With this access token, user has the right to get
|
||||||
encrypted login/password values and remove them.
|
encrypted login/password values and remove them.
|
||||||
It's a kind of challenge.
|
It's a kind of challenge.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user