/* Copyright (C) 2021 Yarmo Mackenbach This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If your software can interact with users remotely through a computer network, you should also make sure that it provides a way for users to get its source. For example, if your program is a web application, its interface could display a "Source" link that leads users to an archive of the code. There are many ways you could offer source, and different solutions will be better for different programs; see section 13 for the specific requirements. You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU AGPL, see . */ import * as openpgp from 'openpgp' import QRCode from 'qrcode' import { argon2id, argon2Verify, bcrypt, bcryptVerify } from 'hash-wasm' let _crypto = (typeof window === 'undefined') ? null : crypto // Compute local part of Web Key Directory URL export async function computeWKDLocalPart(localPart) { if (!_crypto) { _crypto = (await import('crypto')).webcrypto } const localPartEncoded = new TextEncoder().encode(localPart.toLowerCase()); const localPartHashed = new Uint8Array(await _crypto.subtle.digest('SHA-1', localPartEncoded)); return encodeZBase32(localPartHashed); } // Generate Keyoxide profile URL export async function generateProfileURL(data) { let hostname = data.hostname || window.location.hostname; let scheme = data.scheme || window.location.protocol.slice(0,-1); if (data.input == "") { return "Waiting for input…"; } switch (data.source) { case "wkd": return `${scheme}://${hostname}/${data.input}`; break; case "hkp": if (/.*@.*\..*/.test(data.input)) { return `${scheme}://${hostname}/hkp/${data.input}`; } else { return `${scheme}://${hostname}/${data.input}`; } break; case "keybase": const re = /https\:\/\/keybase.io\/(.*)\/pgp_keys\.asc\?fingerprint\=(.*)/; if (!re.test(data.input)) { return "Incorrect Keybase public key URL."; } const match = data.input.match(re); return `${scheme}://${hostname}/keybase/${match[1]}/${match[2]}`; break; } } // Fetch OpenPGP key based on information stored in window export async function fetchProfileKey() { if (window.kx.key.object && window.kx.key.object instanceof openpgp.PublicKey) { return; } const rawKeyData = await fetch(window.kx.key.url) let key, errorMsg try { key = (await openpgp.readKey({ binaryKey: new Uint8Array(await rawKeyData.clone().arrayBuffer()) })) } catch(error) { errorMsg = error.message } if (!key) { try { key = (await openpgp.readKey({ armoredKey: await rawKeyData.clone().text() })) } catch (error) { errorMsg = error.message } } if (key) { window.kx.key.object = key return } else { throw new Error(`Public key could not be fetched (${errorMsg})`) } } // Show QR modal export function showQR(input, type) { const qrTarget = document.getElementById('qr'); const qrContext = qrTarget.getContext('2d'); const qrOpts = { errorCorrectionLevel: 'L', margin: 1, width: 256, height: 256 }; if (input) { if (type === 'url') { input = decodeURIComponent(input); } if (type === 'fingerprint') { input = `OPENPGP4FPR:${input.toUpperCase()}` } QRCode.toCanvas(qrTarget, input, qrOpts, function(error) { if (error) { document.querySelector("#qr--altLink").innerText = ""; document.querySelector("#qr--altLink").href = "#"; qrContext.clearRect(0, 0, qrTarget.width, qrTarget.height); console.error(error); } else { document.querySelector("#qr--altLink").innerText = input; document.querySelector("#qr--altLink").href = input; document.querySelector('#dialog--qr').showModal(); } }); } else { qrContext.clearRect(0, 0, qrTarget.width, qrTarget.height); } } // Copied from https://github.com/openpgpjs/wkd-client/blob/0d074519e011a5139a8953679cf5f807e4cd2378/src/wkd.js export function encodeZBase32(data) { if (data.length === 0) { return ""; } const ALPHABET = "ybndrfg8ejkmcpqxot1uwisza345h769"; const SHIFT = 5; const MASK = 31; let buffer = data[0]; let index = 1; let bitsLeft = 8; let result = ''; while (bitsLeft > 0 || index < data.length) { if (bitsLeft < SHIFT) { if (index < data.length) { buffer <<= 8; buffer |= data[index++] & 0xff; bitsLeft += 8; } else { const pad = SHIFT - bitsLeft; buffer <<= pad; bitsLeft += pad; } } bitsLeft -= SHIFT; result += ALPHABET[MASK & (buffer >> bitsLeft)]; } return result; } // Generate Argon2 hash export async function generateArgon2Hash(input) { if (!_crypto) { _crypto = (await import('crypto')).webcrypto } const salt = new Uint8Array(16); _crypto.getRandomValues(salt); try { return await argon2id({ password: input, salt, parallelism: 2, iterations: 512, memorySize: 64, hashLength: 16, outputType: 'encoded', }); } catch (_) { return "Waiting for input…"; } } // Verify Argon2 hash export async function verifyArgon2Hash(input, hash) { try { return await argon2Verify({ password: input, hash: hash, }); } catch (_) { return false; } } // Generate bcrypt hash export async function generateBcryptHash(input) { if (!_crypto) { _crypto = (await import('crypto')).webcrypto } const salt = new Uint8Array(16); _crypto.getRandomValues(salt); try { return await bcrypt({ password: input, salt, costFactor: 11, outputType: 'encoded', }); } catch (_) { return "Waiting for input…"; } } // Verify bcrypt hash export async function verifyBcryptHash(input, hash) { try { return await bcryptVerify({ password: input, hash: hash, }); } catch (_) { return false; } }