Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NEW] E2E password generator #24114

Merged
merged 17 commits into from
Feb 21, 2022
Merged

[NEW] E2E password generator #24114

Show file tree
Hide file tree
Changes from 13 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
2082e38
created new pwd scheme
ostjen Jan 6, 2022
44cae40
Merge branch 'develop' into e2e_new_pwd
ostjen Jan 6, 2022
cd821ef
lint/prettier fix
ostjen Jan 6, 2022
fa7de02
Merge branch 'e2e_new_pwd' of github.com:RocketChat/Rocket.Chat into …
ostjen Jan 6, 2022
434c75d
Merge branch 'develop' into e2e_new_pwd
ostjen Jan 7, 2022
67ab98f
added separator to generatMnemonicPhrase
ostjen Jan 12, 2022
9ea9e8e
Merge branch 'e2e_new_pwd' of github.com:RocketChat/Rocket.Chat into …
ostjen Jan 17, 2022
e40e649
Merge branch 'develop' into e2e_new_pwd
ostjen Jan 17, 2022
79f5563
cryptographically secure pseudo-random generator
ostjen Jan 17, 2022
cbd87c0
JUst test
eduardofcabrera Feb 1, 2022
4ccb924
Changed the module crypto name to crypto_module
eduardofcabrera Feb 3, 2022
226383e
Merge branch 'develop' into e2e_new_pwd
ostjen Feb 7, 2022
fd07c98
Merge branch 'develop' into e2e_new_pwd
tassoevan Feb 16, 2022
2875827
Use `Random.fraction()` as random generator
tassoevan Feb 16, 2022
9161a11
Merge branch 'develop' into e2e_new_pwd
tassoevan Feb 18, 2022
a0b0410
Merge branch 'develop' into e2e_new_pwd
ostjen Feb 21, 2022
6d0b7ba
Merge branch 'develop' into e2e_new_pwd
ostjen Feb 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions app/e2e/client/helper.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
/* eslint-disable new-cap, no-proto */

import * as crypto_module from 'crypto';
tassoevan marked this conversation as resolved.
Show resolved Hide resolved

import ByteBuffer from 'bytebuffer';

import { words } from './wordList';
tassoevan marked this conversation as resolved.
Show resolved Hide resolved

const StaticArrayBufferProto = new ArrayBuffer().__proto__;

export function toString(thing) {
Expand Down Expand Up @@ -122,6 +126,42 @@ export async function readFileAsArrayBuffer(file) {
});
}

function hexString(digits) {
const numBytes = Math.ceil(digits / 2);
let bytes;
// Try to get cryptographically strong randomness. Fall back to
// non-cryptographically strong if not available.
try {
bytes = crypto_module.randomBytes(numBytes);
} catch (e) {
// XXX should re-throw any error except insufficient entropy
bytes = crypto_module.pseudoRandomBytes(numBytes);
}
const result = bytes.toString('hex');
// If the number of digits is odd, we'll have generated an extra 4 bits
// of randomness, so we need to trim the last digit.
return result.substring(0, digits);
}

// criptographically secure way of generating a number between 0-1( similar to Math.random())
function fraction() {
const numerator = Number.parseInt(hexString(8), 16);
return numerator * 2.3283064365386963e-10; // 2^-3;
}

export function generateMnemonicPhrase(n, sep = ' ') {
const result = new Array(n);
let len = words.length;
const taken = new Array(len);

while (n--) {
const x = Math.floor(fraction() * len);
result[n] = words[x in taken ? taken[x] : x];
taken[x] = --len in taken ? taken[len] : len;
}
return result.join(sep);
}

export class Deferred {
constructor() {
const p = new Promise((resolve, reject) => {
Expand Down
4 changes: 2 additions & 2 deletions app/e2e/client/rocketchat.e2e.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
import { Meteor } from 'meteor/meteor';
import { Random } from 'meteor/random';
import { ReactiveVar } from 'meteor/reactive-var';
import { EJSON } from 'meteor/ejson';
import { TAPi18n } from 'meteor/rocketchat:tap-i18n';
Expand All @@ -18,6 +17,7 @@ import {
importRSAKey,
importRawKey,
deriveKey,
generateMnemonicPhrase,
} from './helper';
import * as banners from '../../../client/lib/banners';
import { Rooms, Subscriptions, Messages } from '../../models/client';
Expand Down Expand Up @@ -257,7 +257,7 @@ class E2E extends Emitter {
}

createRandomPassword() {
const randomPassword = `${Random.id(3)}-${Random.id(3)}-${Random.id(3)}`.toLowerCase();
const randomPassword = generateMnemonicPhrase(5);
Meteor._localStorage.setItem('e2e.randomPassword', randomPassword);
return randomPassword;
}
Expand Down
Loading