290 lines
8.4 KiB
JavaScript
Executable File
290 lines
8.4 KiB
JavaScript
Executable File
// parseUri 1.2.2
|
|
// (c) Steven Levithan <stevenlevithan.com>
|
|
// MIT License
|
|
// http://blog.stevenlevithan.com/archives/parseuri
|
|
function parseUri (str) {
|
|
var o = parseUri.options,
|
|
m = o.parser[o.strictMode ? "strict" : "loose"].exec(str),
|
|
uri = {},
|
|
i = 14;
|
|
|
|
while (i--) uri[o.key[i]] = m[i] || "";
|
|
|
|
uri[o.q.name] = {};
|
|
uri[o.key[12]].replace(o.q.parser, function ($0, $1, $2) {
|
|
if ($1) uri[o.q.name][$1] = $2;
|
|
});
|
|
|
|
return uri;
|
|
};
|
|
|
|
parseUri.options = {
|
|
strictMode: false,
|
|
key: ["source","protocol","authority","userInfo","user","password","host","port","relative","path","directory","file","query","anchor"],
|
|
q: {
|
|
name: "queryKey",
|
|
parser: /(?:^|&)([^&=]*)=?([^&]*)/g
|
|
},
|
|
parser: {
|
|
strict: /^(?:([^:\/?#]+):)?(?:\/\/((?:(([^:@]*)(?::([^:@]*))?)?@)?([^:\/?#]*)(?::(\d*))?))?((((?:[^?#\/]*\/)*)([^?#]*))(?:\?([^#]*))?(?:#(.*))?)/,
|
|
loose: /^(?:(?![^:@]+:[^:@\/]*@)([^:\/?#.]+):)?(?:\/\/)?((?:(([^:@]*)(?::([^:@]*))?)?@)?([^:\/?#]*)(?::(\d*))?)(((\/(?:[^?#](?![^?#\/]*\.[^?#\/.]+(?:[?#]|$)))*\/?)?([^?#\/]*))(?:\?([^#]*))?(?:#(.*))?)/
|
|
}
|
|
};
|
|
|
|
function generate_password()
|
|
{
|
|
// symbols 32 - 47 / 58 - 64 / 91 - 96 / 123 - 126
|
|
// numbers 48 - 57
|
|
// upper 65 - 90
|
|
// lower 97 - 122
|
|
// Give priority to letters (65 - 122 duplicated in front and end of array)
|
|
var symbols = new Array(65, 90, 97, 122, 40, 47, 48, 57, 65, 90, 97, 122, 123, 126, 65, 90, 97, 122);
|
|
|
|
field = document.getElementById("new_password");
|
|
|
|
var res = "";
|
|
while (res.length < 16)
|
|
{
|
|
a = Math.round(Math.random() * (symbols.length/2) * 2);
|
|
diff = symbols[a+1] - symbols[a];
|
|
r = Math.round(Math.random()*diff);
|
|
if (isNaN(r+symbols[a]))
|
|
continue;
|
|
res += String.fromCharCode(r + symbols[a]);
|
|
}
|
|
|
|
field.value = res;
|
|
}
|
|
|
|
function url_domain(data) {
|
|
var uri = parseUri(data)
|
|
return uri['host'];
|
|
}
|
|
|
|
function a2hex(str) {
|
|
var hex = '';
|
|
for (var i = 0; i < str.length; i++)
|
|
{
|
|
c = str.charCodeAt(i).toString(16);
|
|
if (c.length == 1) c = "0" + c;
|
|
hex += c;
|
|
}
|
|
return hex;
|
|
}
|
|
|
|
function derive_mkey(user, mkey)
|
|
{
|
|
url = url_domain(document.URL) + "/" + user;
|
|
mkey = a2hex(pkdbf2(mkey, url, 1000, 256/8));
|
|
|
|
return mkey;
|
|
}
|
|
|
|
var passwords;
|
|
var current_user = "";
|
|
var current_mkey = "";
|
|
|
|
function PasswordEntry (ciphered_login="", ciphered_password="") {
|
|
this.ciphered_login = ciphered_login;
|
|
this.ciphered_password = ciphered_password;
|
|
this.unciphered = false;
|
|
this.clear_url = "";
|
|
this.clear_login = "";
|
|
this.clear_password = "";
|
|
this.masterkey = "";
|
|
|
|
this.decrypt = function(masterkey)
|
|
{
|
|
if (masterkey == this.masterkey && this.unciphered == true)
|
|
return true;
|
|
|
|
if (masterkey == "" || this.unciphered == true)
|
|
return false;
|
|
|
|
aes = new AES();
|
|
a_masterkey = aes.init(hex2a(masterkey));
|
|
login = aes.decryptLongString(hex2a(this.ciphered_login), a_masterkey);
|
|
if (login.indexOf("@@") != 0)
|
|
{
|
|
aes.finish();
|
|
return false;
|
|
}
|
|
// Remove @@
|
|
login = login.substring(2);
|
|
infos = login.split(";");
|
|
this.clear_url = infos[0];
|
|
this.clear_login = infos[1];
|
|
this.clear_password = aes.decryptLongString(hex2a(this.ciphered_password), a_masterkey);
|
|
this.unciphered = true;
|
|
this.masterkey = masterkey;
|
|
aes.finish();
|
|
|
|
return true;
|
|
}
|
|
|
|
this.isUnciphered = function(masterkey)
|
|
{
|
|
return (this.unciphered == true && masterkey == this.masterkey && masterkey != "")
|
|
}
|
|
}
|
|
|
|
function list_all_entries(user)
|
|
{
|
|
passwords = new Array();
|
|
|
|
req = new XMLHttpRequest();
|
|
req.addEventListener("load", function(evt) {
|
|
entries = this.responseText.split("\n");
|
|
for(i=0; i<entries.length; i++)
|
|
{
|
|
if (entries[i] == "") continue;
|
|
entry = entries[i].split(";");
|
|
passwords.push(new PasswordEntry(entry[0], entry[1]));
|
|
}
|
|
}, false);
|
|
req.open("GET", document.documentURI + "?get_passwords=1&user=" + user, false);
|
|
req.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
|
|
req.send(null);
|
|
}
|
|
|
|
function change_master_key()
|
|
{
|
|
nb_ciphered_passwords = 0;
|
|
nb_unciphered_passwords = 0;
|
|
|
|
for(i=0; i<passwords.length; i++)
|
|
{
|
|
ret = passwords[i].decrypt(current_mkey);
|
|
if (ret)
|
|
nb_unciphered_passwords++;
|
|
else
|
|
nb_ciphered_passwords++;
|
|
}
|
|
|
|
password_div = document.getElementById("passwords");
|
|
while (password_div.hasChildNodes())
|
|
password_div.removeChild(password_div.childNodes[0]);
|
|
|
|
text = document.createElement("b");
|
|
text.appendChild(document.createTextNode(nb_unciphered_passwords + " unciphered password(s)"));
|
|
password_div.appendChild(text);
|
|
password_div.appendChild(document.createElement("br"));
|
|
password_div.appendChild(document.createElement("br"));
|
|
|
|
for(i=0; i<passwords.length; i++)
|
|
{
|
|
if (passwords[i].isUnciphered(current_mkey))
|
|
{
|
|
div = document.createElement("div");
|
|
div.setAttribute("id", i);
|
|
div.setAttribute("class", "password");
|
|
|
|
div.appendChild(document.createTextNode("URL"));
|
|
url = document.createElement("input");
|
|
url.setAttribute("type", "text");
|
|
url.setAttribute("name", "URL");
|
|
url.setAttribute("value", passwords[i].clear_url);
|
|
div.appendChild(url);
|
|
|
|
div.appendChild(document.createTextNode("login"));
|
|
login = document.createElement("input");
|
|
login.setAttribute("type", "text");
|
|
login.setAttribute("name", "login");
|
|
login.setAttribute("value", passwords[i].clear_login);
|
|
div.appendChild(login);
|
|
|
|
div.appendChild(document.createTextNode("password"));
|
|
password = document.createElement("input");
|
|
password.setAttribute("type", "text");
|
|
password.setAttribute("name", "password");
|
|
password.setAttribute("value", passwords[i].clear_password);
|
|
div.appendChild(password);
|
|
|
|
delete_button = document.createElement("input");
|
|
delete_button.setAttribute("type", "button");
|
|
delete_button.setAttribute("value", "Delete");
|
|
div.appendChild(delete_button);
|
|
|
|
update_button = document.createElement("input");
|
|
update_button.setAttribute("type", "button");
|
|
update_button.setAttribute("value", "Update");
|
|
div.appendChild(update_button);
|
|
|
|
password_div.appendChild(div);
|
|
}
|
|
}
|
|
|
|
text = document.createElement("b");
|
|
text.appendChild(document.createTextNode(nb_ciphered_passwords + " ciphered password(s)"));
|
|
password_div.appendChild(document.createElement("br"));
|
|
password_div.appendChild(document.createElement("br"));
|
|
password_div.appendChild(text);
|
|
password_div.appendChild(document.createElement("br"));
|
|
password_div.appendChild(document.createElement("br"));
|
|
|
|
for(i=0; i<passwords.length; i++)
|
|
{
|
|
if (!passwords[i].isUnciphered(current_mkey))
|
|
{
|
|
div = document.createElement("div");
|
|
div.setAttribute("id", i);
|
|
div.setAttribute("class", "password");
|
|
|
|
div.appendChild(document.createTextNode("URL"));
|
|
url = document.createElement("input");
|
|
url.setAttribute("class", "hash");
|
|
url.setAttribute("type", "text");
|
|
url.setAttribute("name", "URL");
|
|
url.setAttribute("value", passwords[i].ciphered_login);
|
|
div.appendChild(url);
|
|
|
|
div.appendChild(document.createTextNode("password"));
|
|
password = document.createElement("input");
|
|
password.setAttribute("class", "hash");
|
|
password.setAttribute("type", "text");
|
|
password.setAttribute("name", "password");
|
|
password.setAttribute("value", passwords[i].ciphered_password);
|
|
div.appendChild(password);
|
|
|
|
delete_button = document.createElement("input");
|
|
delete_button.setAttribute("type", "button");
|
|
delete_button.setAttribute("value", "Delete");
|
|
div.appendChild(delete_button);
|
|
|
|
password_div.appendChild(div);
|
|
}
|
|
}
|
|
}
|
|
|
|
function update_master_key()
|
|
{
|
|
user = select_widget.options[select_widget.selectedIndex].value;
|
|
|
|
if (user != current_user)
|
|
{
|
|
current_user = user;
|
|
document.title = "gPass : global Password - " + current_user;
|
|
passwords = new Array();
|
|
list_all_entries(current_user);
|
|
|
|
addon_address = document.getElementById("addon_address");
|
|
addon_address.removeChild(addon_address.childNodes[0]);
|
|
addon_address.appendChild(document.createTextNode("Current addon address is : " + document.documentURI + current_user));
|
|
}
|
|
|
|
current_mkey = document.getElementById("master_key").value;
|
|
|
|
if (current_mkey != "")
|
|
current_mkey = derive_mkey(current_user, current_mkey);
|
|
|
|
change_master_key();
|
|
}
|
|
|
|
function start()
|
|
{
|
|
select_widget = document.getElementById('selected_user') ;
|
|
|
|
if (select_widget == null) return;
|
|
|
|
return update_master_key();
|
|
} |