Move code to encrypt into PasswordEntry function

Add Update Masterkey feature
This commit is contained in:
Gregory Soutade 2015-04-23 21:36:50 +02:00
parent e16fa0c218
commit b330af258f
3 changed files with 106 additions and 15 deletions

View File

@ -157,6 +157,20 @@ if ($user != "")
} }
?> ?>
</div> </div>
<div id="update_masterkey">
<?php
global $user;
if ($user != "")
{
echo "<b>Update Masterkey</b><br/>\n";
echo 'Old master key <input type="text" id="oldmkey"/>';
echo 'New master key <input type="text" id="newmkey" onkeyup="chkPass(this.value);"/>';
echo '<input type="button" value="Update masterkey" onClick="update_masterkey();"/>';
}
?>
</div>
</div> </div>
</body> </body>
</html> </html>

View File

@ -71,6 +71,14 @@ body {
margin : 15px; margin : 15px;
} }
#update_masterkey {
border-style:solid;
border-width:5px;
border-color:yellow;
padding : 15px;
margin : 15px;
}
.error { .error {
text-align:center; text-align:center;
color:red; color:red;

View File

@ -129,6 +129,32 @@ function PasswordEntry (ciphered_login, ciphered_password, salt, shadow_login) {
this.shadow_login = shadow_login; this.shadow_login = shadow_login;
this.access_token = ""; this.access_token = "";
this.encrypt = function(masterkey)
{
if (masterkey == this.masterkey)
return true;
if (masterkey == "" || this.clear_url == "" || this.clear_login == "")
return false;
ciphered_login = "@@" + this.clear_url + ";" + this.clear_login;
// Add salt
ciphered_password = this.clear_password + generate_random(3, false);
aes = new AES();
a_masterkey = aes.init(hex2a(masterkey));
this.ciphered_login = a2hex(aes.encryptLongString(ciphered_login, a_masterkey));
this.ciphered_password = a2hex(aes.encryptLongString(ciphered_password, a_masterkey));
aes.finish();
this.unciphered = true;
this.masterkey = masterkey;
if (use_shadow_logins)
this.generate_access_token(masterkey);
}
this.decrypt = function(masterkey) this.decrypt = function(masterkey)
{ {
if (masterkey == this.masterkey && this.unciphered == true) if (masterkey == this.masterkey && this.unciphered == true)
@ -540,24 +566,11 @@ function construct_pentry(user, url, password, login, mkey, derive_masterkey)
} }
} }
ciphered_login = "@@" + url + ";" + login; pentry = new PasswordEntry("", "", "", "");
// Add salt
ciphered_password = password + generate_random(3, false);
aes = new AES();
a_masterkey = aes.init(hex2a(mkey));
ciphered_login = a2hex(aes.encryptLongString(ciphered_login, a_masterkey));
ciphered_password = a2hex(aes.encryptLongString(ciphered_password, a_masterkey));
pentry = new PasswordEntry(ciphered_login, ciphered_password, "", "");
pentry.unciphered = true;
pentry.clear_url = url; pentry.clear_url = url;
pentry.clear_login = login; pentry.clear_login = login;
pentry.clear_password = password; pentry.clear_password = password;
pentry.masterkey = mkey; pentry.encrypt(mkey);
if (use_shadow_logins)
pentry.generate_access_token(mkey);
return pentry; return pentry;
} }
@ -750,3 +763,59 @@ function update_entry(entry_number)
alert("Entry updated"); alert("Entry updated");
} }
function update_masterkey()
{
var url = "";
var login = "";
var password = "";
var mkey = "";
var ciphered_login;
oldmkey = document.getElementById("oldmkey").value;
newmkey = document.getElementById("newmkey").value;
if (newmkey == "" || oldmkey == "")
{
alert("Cannot set an empty masterkey");
return;
}
if(!confirm("Are you sure want to update the masterkey ?"))
return;
oldmkey = derive_mkey(current_user, oldmkey);
current_mkey = derive_mkey(current_user, newmkey);
var found = 0;
for(i=0; i<passwords.length; i++)
{
if (passwords[i].decrypt(oldmkey))
{
ok = remove_password_server(current_user, passwords[i].ciphered_login, passwords[i].access_token);
if (!ok)
{
alert("Error updating password");
break;
}
passwords[i].encrypt(current_mkey);
ok = add_password_server(current_user, passwords[i]);
if (!ok)
{
alert("Error updating password");
break;
}
found++;
}
}
if (found == 0)
alert("No password found with this masterkey");
else
{
alert(found + " passwords updated");
change_master_key(false);
}
}