mirror of
https://github.com/schlagmichdoch/PairDrop.git
synced 2025-04-20 15:06:15 -04:00
use sha3-512 hash instead of cyrb53 to authenticate peerIds on reconnect
This commit is contained in:
schlagmichdoch
parent
8f4ce63a0c
commit
f39bfedf98
1 changed files with 35 additions and 49 deletions
84
index.js
84
index.js
|
|
@ -136,7 +136,7 @@ class PairDropServer {
|
||||||
displayName: peer.name.displayName,
|
displayName: peer.name.displayName,
|
||||||
deviceName: peer.name.deviceName,
|
deviceName: peer.name.deviceName,
|
||||||
peerId: peer.id,
|
peerId: peer.id,
|
||||||
peerIdHash: peer.id.hashCode128BitSalted()
|
peerIdHash: hasher.hashCodeSalted(peer.id)
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
@ -238,26 +238,8 @@ class PairDropServer {
|
||||||
this._notifyPeers(sender);
|
this._notifyPeers(sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
getRandomString(length) {
|
|
||||||
let string = "";
|
|
||||||
while (string.length < length) {
|
|
||||||
let arr = new Uint16Array(length);
|
|
||||||
crypto.webcrypto.getRandomValues(arr);
|
|
||||||
arr = Array.apply([], arr); /* turn into non-typed array */
|
|
||||||
arr = arr.map(function (r) {
|
|
||||||
return r % 128
|
|
||||||
})
|
|
||||||
arr = arr.filter(function (r) {
|
|
||||||
/* strip non-printables: if we transform into desirable range we have a propability bias, so I suppose we better skip this character */
|
|
||||||
return r === 45 || r >= 47 && r <= 57 || r >= 64 && r <= 90 || r >= 97 && r <= 122;
|
|
||||||
});
|
|
||||||
string += String.fromCharCode.apply(String, arr);
|
|
||||||
}
|
|
||||||
return string.substring(0, length)
|
|
||||||
}
|
|
||||||
|
|
||||||
_onPairDeviceInitiate(sender) {
|
_onPairDeviceInitiate(sender) {
|
||||||
let roomSecret = this.getRandomString(64);
|
let roomSecret = randomizer.getRandomString(64);
|
||||||
let roomKey = this._createRoomKey(sender, roomSecret);
|
let roomKey = this._createRoomKey(sender, roomSecret);
|
||||||
if (sender.roomKey) this._removeRoomKey(sender.roomKey);
|
if (sender.roomKey) this._removeRoomKey(sender.roomKey);
|
||||||
sender.roomKey = roomKey;
|
sender.roomKey = roomKey;
|
||||||
|
|
@ -583,7 +565,7 @@ class Peer {
|
||||||
separator: ' ',
|
separator: ' ',
|
||||||
dictionaries: [colors, animals],
|
dictionaries: [colors, animals],
|
||||||
style: 'capital',
|
style: 'capital',
|
||||||
seed: this.id.hashCode()
|
seed: cyrb53(this.id)
|
||||||
})
|
})
|
||||||
|
|
||||||
this.name = {
|
this.name = {
|
||||||
|
|
@ -609,7 +591,7 @@ class Peer {
|
||||||
}
|
}
|
||||||
|
|
||||||
isPeerIdHashValid(peerId, peerIdHash) {
|
isPeerIdHashValid(peerId, peerIdHash) {
|
||||||
return peerIdHash === peerId.hashCode128BitSalted();
|
return peerIdHash === hasher.hashCodeSalted(peerId);
|
||||||
}
|
}
|
||||||
|
|
||||||
addRoomSecret(roomSecret) {
|
addRoomSecret(roomSecret) {
|
||||||
|
|
@ -625,39 +607,43 @@ class Peer {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Object.defineProperty(String.prototype, 'hashCode', {
|
|
||||||
value: function() {
|
|
||||||
return cyrb53(this);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
Object.defineProperty(String.prototype, 'hashCode128BitSalted', {
|
|
||||||
value: function() {
|
|
||||||
return hasher.hashCode128BitSalted(this);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
const hasher = (() => {
|
const hasher = (() => {
|
||||||
let seeds;
|
let password;
|
||||||
return {
|
return {
|
||||||
hashCode128BitSalted(str) {
|
hashCodeSalted(salt) {
|
||||||
if (!seeds) {
|
if (!password) {
|
||||||
// seeds are created on first call to salt hash.
|
// password is created on first call.
|
||||||
seeds = [4];
|
password = randomizer.getRandomString(128);
|
||||||
for (let i=0; i<4; i++) {
|
|
||||||
const randomBuffer = new Uint32Array(1);
|
|
||||||
crypto.webcrypto.getRandomValues(randomBuffer);
|
|
||||||
seeds[i] = randomBuffer[0];
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
let hashCode = "";
|
|
||||||
for (let i=0; i<4; i++) {
|
return crypto.createHash("sha3-512")
|
||||||
hashCode += cyrb53(str, seeds[i]);
|
.update(password)
|
||||||
}
|
.update(crypto.createHash("sha3-512").update(salt, "utf8").digest("hex"))
|
||||||
return hashCode;
|
.digest("hex");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
})()
|
||||||
|
|
||||||
|
const randomizer = (() => {
|
||||||
|
return {
|
||||||
|
getRandomString(length) {
|
||||||
|
let string = "";
|
||||||
|
while (string.length < length) {
|
||||||
|
let arr = new Uint16Array(length);
|
||||||
|
crypto.webcrypto.getRandomValues(arr);
|
||||||
|
arr = Array.apply([], arr); /* turn into non-typed array */
|
||||||
|
arr = arr.map(function (r) {
|
||||||
|
return r % 128
|
||||||
|
})
|
||||||
|
arr = arr.filter(function (r) {
|
||||||
|
/* strip non-printables: if we transform into desirable range we have a probability bias, so I suppose we better skip this character */
|
||||||
|
return r === 45 || r >= 47 && r <= 57 || r >= 64 && r <= 90 || r >= 97 && r <= 122;
|
||||||
|
});
|
||||||
|
string += String.fromCharCode.apply(String, arr);
|
||||||
|
}
|
||||||
|
return string.substring(0, length)
|
||||||
|
}
|
||||||
|
}
|
||||||
})()
|
})()
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue