From dd61c1b5b3660af0a75e53ccce27d873b3d22f40 Mon Sep 17 00:00:00 2001 From: Matias Alejo Garcia Date: Tue, 11 Nov 2014 01:23:12 -0300 Subject: [PATCH] more fixes --- js/plugins/EncryptedInsightStorage.js | 5 +++-- js/plugins/EncryptedLocalStorage.js | 6 ++++-- js/plugins/InsightStorage.js | 19 ++++++++++++------- test/plugin.insight.js | 2 +- 4 files changed, 20 insertions(+), 12 deletions(-) diff --git a/js/plugins/EncryptedInsightStorage.js b/js/plugins/EncryptedInsightStorage.js index 3f91d34ba..622c92678 100644 --- a/js/plugins/EncryptedInsightStorage.js +++ b/js/plugins/EncryptedInsightStorage.js @@ -2,6 +2,7 @@ var cryptoUtil = require('../util/crypto'); var InsightStorage = require('./InsightStorage'); var inherits = require('inherits'); var log = require('../log'); +var SEPARATOR = '%^#@'; function EncryptedInsightStorage(config) { InsightStorage.apply(this, [config]); @@ -23,7 +24,7 @@ EncryptedInsightStorage.prototype.getItem = function(name, callback) { if (err) { return callback(err); } - var decryptedJson = cryptoUtil.decrypt(self.password, body); + var decryptedJson = cryptoUtil.decrypt(self.email + SEPARATOR + self.password, body); if (!decryptedJson) { log.debug('Could not decrypt value using current decryption schema'); @@ -40,7 +41,7 @@ EncryptedInsightStorage.prototype.getItem = function(name, callback) { }; EncryptedInsightStorage.prototype.setItem = function(name, value, callback) { - var record = cryptoUtil.encrypt(this.password, value); + var record = cryptoUtil.encrypt(this.email + SEPARATOR + this.password, value); InsightStorage.prototype.setItem.apply(this, [name, record, callback]); }; diff --git a/js/plugins/EncryptedLocalStorage.js b/js/plugins/EncryptedLocalStorage.js index f2fd46451..1cf2c3af2 100644 --- a/js/plugins/EncryptedLocalStorage.js +++ b/js/plugins/EncryptedLocalStorage.js @@ -3,6 +3,8 @@ var log = require('../log'); var LocalStorage = require('./LocalStorage'); var inherits = require('inherits'); +var SEPARATOR = '@#$'; + function EncryptedLocalStorage(config) { LocalStorage.apply(this, [config]); } @@ -21,7 +23,7 @@ EncryptedLocalStorage.prototype.getItem = function(name, callback) { var self = this; LocalStorage.prototype.getItem.apply(this, [name, function(err, body) { - var decryptedJson = cryptoUtil.decrypt(self.password, body); + var decryptedJson = cryptoUtil.decrypt(self.email + SEPARATOR + self.password, body); if (!decryptedJson) { log.debug('Could not decrypt value using current decryption schema'); @@ -42,7 +44,7 @@ EncryptedLocalStorage.prototype.setItem = function(name, value, callback) { if (!_.isString(value)) { value = JSON.stringify(value); } - var record = cryptoUtil.encrypt(this.password, value); + var record = cryptoUtil.encrypt(this.email + SEPARATOR + this.password, value); LocalStorage.prototype.setItem.apply(this, [name, record, callback]); }; diff --git a/js/plugins/InsightStorage.js b/js/plugins/InsightStorage.js index f299ca782..98e242422 100644 --- a/js/plugins/InsightStorage.js +++ b/js/plugins/InsightStorage.js @@ -1,11 +1,12 @@ var request = require('request'); var cryptoUtil = require('../util/crypto'); +var bitcore = require('bitcore'); var buffers = require('buffer'); var querystring = require('querystring'); var Identity = require('../models/Identity'); +var log = require('../log'); var SEPARATOR = '|'; -var BODY = 'IR7GCUVgaLGe4LCtXjtUo4hsH8BO67jIrBKCeFiYOQ7CKWVPx3FshqTM'; function InsightStorage(config) { this.type = 'DB'; @@ -46,6 +47,7 @@ InsightStorage.prototype.getItem = function(name, callback) { var self = this; this._makeGetRequest(passphrase, name, function(err, body) { +console.log('[InsightStorage.js.49:err:]',err); //TODO if (err && err.indexOf('PNOTFOUND') !== -1 && mayBeOldPassword(self.password)) { return self._brokenGetItem(name, callback); } @@ -53,12 +55,13 @@ InsightStorage.prototype.getItem = function(name, callback) { }); }; -/* This key has not need to have the same - * settings(salt,iterations) as the kdf for wallet/profile encryption - * in Encrpted*Storage. And, actually, it good for the user to be able - * to change the settings con config.js to modify salt / iterations but +/* This key need to have DIFFERENT + * settings(salt,iterations) than the kdf for wallet/profile encryption + * in Encrpted*Storage. The user should be able + * to change the settings on config.js to modify salt / iterations + * for encryption, but * mantain the same key & passphrase. This is why those settings are - * not shared. + * not shared with encryption */ InsightStorage.prototype.getKey = function() { if (!this._cachedKey) { @@ -68,12 +71,13 @@ InsightStorage.prototype.getKey = function() { }; InsightStorage.prototype.getPassphrase = function() { - return cryptoUtil.hmac(this.getKey(), BODY); + return bitcore.util.twoSha256(this.getKey()).toString('base64'); }; InsightStorage.prototype._makeGetRequest = function(passphrase, key, callback) { var authHeader = new buffers.Buffer(this.email + ':' + passphrase).toString('base64'); var retrieveUrl = this.storeUrl + '/retrieve'; + log.debug(retrieveUrl); this.request.get({ url: retrieveUrl + '?' + querystring.encode({ key: key @@ -100,6 +104,7 @@ InsightStorage.prototype._makeGetRequest = function(passphrase, key, callback) { InsightStorage.prototype._brokenGetItem = function(name, callback) { var passphrase = this._makeBrokenSecret(); var self = this; + log.debug('using legacy get'); this._makeGetRequest(passphrase, name, function(err, body) { if (!err) { return self._changePassphrase(function(err) { diff --git a/test/plugin.insight.js b/test/plugin.insight.js index be8c01a65..c086d6ea1 100644 --- a/test/plugin.insight.js +++ b/test/plugin.insight.js @@ -15,7 +15,7 @@ describe('insight storage plugin', function() { var namespace = 'profile::0000000000000000000000000000000000000000'; var oldSecret = 'rFA+F/N+ZvKXp717zBdfCKYQ5v9Fjry0W6tautj5etIH' + 'KLQliZBEYXA7AXjTJ9K3DglzGWJKost3QJUCMbhM/A==' - var newSecret = 'rcNEqxJZV1fsrZgpwpET8D9aCsCIYXS7XOGlsONgEiA='; + var newSecret = '96KnVsaQFv8vsbxAFeYyGM4nO/8B6YaVNKz9IxDmwzk='; var setupStorageCredentials = function() { storage.setCredentials(email, password);