Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 02:16:05 +01:00
Code Issues Packages Projects Releases Activity

password now encrypts random "data key" which is then used for encryption of the actual data

Browse Source
This commit is contained in:
azivner
2017-09-16 23:21:46 -04:00
parent fdc668e28b
commit 1d395badfa
8 changed files with 107 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
setup.py
View File

@@ -10,6 +10,9 @@ from builtins import input
import src.config_provider
import src.sql
import src.my_scrypt
from Crypto.Cipher import AES
from Crypto.Util import Counter
import hashlib
config = src.config_provider.getConfig()
src.sql.connect(config['Document']['documentPath'])
@@ -29,14 +32,25 @@ password2 = getpass.getpass(prompt='Repeat the same password: ')
if password1 == password2:
# urandom is secure enough, see https://docs.python.org/2/library/os.html
src.sql.setOption('flask_secret_key', base64.b64encode(os.urandom(24)))
src.sql.setOption('verification_salt', base64.b64encode(os.urandom(24)))
src.sql.setOption('encryption_salt', base64.b64encode(os.urandom(24)))
src.sql.setOption('flask_secret_key', base64.b64encode(os.urandom(32)))
src.sql.setOption('password_verification_salt', base64.b64encode(os.urandom(32)))
src.sql.setOption('password_derived_key_salt', base64.b64encode(os.urandom(32)))
hash = src.my_scrypt.getVerificationHash(password1)
password_derived_key = src.my_scrypt.getPasswordDerivedKey(password1)
aes = AES.new(password_derived_key, AES.MODE_CTR, counter=Counter.new(128, initial_value=5))
data_key = os.urandom(32)
data_key_digest = hashlib.sha256(data_key).digest()[:4]
encrypted_data_key = aes.encrypt(data_key_digest + data_key)
src.sql.setOption('encrypted_data_key', base64.b64encode(encrypted_data_key))
verification_hash = src.my_scrypt.getVerificationHash(password1)
src.sql.setOption('username', username)
src.sql.setOption('password', binascii.hexlify(hash))
src.sql.setOption('password_verification_hash', base64.b64encode(verification_hash))
src.sql.commit()

3
src/app.py
View File

@@ -1,6 +1,7 @@
import os
import binascii
import base64
from flask import Flask, request, send_from_directory
from flask import render_template, redirect
from flask_cors import CORS
@@ -61,7 +62,7 @@ certPath = config['Network']['certPath']
certKeyPath = config['Network']['certKeyPath']
def verify_password(guessed_password):
hashed_password = binascii.unhexlify(getOption('password'))
hashed_password = base64.b64decode(getOption('password_verification_hash'))
guess_hashed = my_scrypt.getVerificationHash(guessed_password)

8
src/change_password.py
View File

@@ -11,16 +11,16 @@ import src.my_scrypt
def change_password(current_password, new_password):
current_password_hash = binascii.hexlify(src.my_scrypt.getVerificationHash(current_password))
if current_password_hash != src.sql.getOption('password'):
if current_password_hash != src.sql.getOption('password_verification_hash'):
return {
'success': False,
'message': "Given current password doesn't match hash"
}
current_password_encryption_key = src.my_scrypt.getEncryptionHash(current_password)
current_password_encryption_key = src.my_scrypt.getPasswordDerivedKey(current_password)
new_password_verification_key = binascii.hexlify(src.my_scrypt.getVerificationHash(new_password))
new_password_encryption_key = src.my_scrypt.getEncryptionHash(new_password)
new_password_encryption_key = src.my_scrypt.getPasswordDerivedKey(new_password)
encrypted_notes = src.sql.getResults("select note_id, note_title, note_text from notes where encryption = 1")
@@ -49,7 +49,7 @@ def change_password(current_password, new_password):
src.sql.execute("update notes set note_title = ?, note_text = ? where note_id = ?",
[re_encrypted_title, re_encrypted_text, note['note_id']])
src.sql.setOption('password', new_password_verification_key)
src.sql.setOption('password_verification_hash', new_password_verification_key)
src.sql.commit()
return {

6
src/my_scrypt.py
View File

@@ -2,12 +2,12 @@ import scrypt # pip install scrypt
import sql
def getVerificationHash(password):
salt = sql.getOption('verification_salt')
salt = sql.getOption('password_verification_salt')
return getScryptHash(password, salt)
def getEncryptionHash(password):
salt = sql.getOption('encryption_salt')
def getPasswordDerivedKey(password):
salt = sql.getOption('password_derived_key_salt')
return getScryptHash(password, salt)

2
src/password_api.py
View File

@@ -12,7 +12,7 @@ password_api = Blueprint('password_api', __name__)
def verifyPassword():
req = request.get_json(force=True)
hashedPassword = sql.getOption('password')
hashedPassword = sql.getOption('password_verification_hash')
hashedPasswordBytes = binascii.unhexlify(hashedPassword)
hashedPasswordSha = hashlib.sha256(hashedPasswordBytes).hexdigest()

5
src/tree_api.py
View File

@@ -40,8 +40,9 @@ def getTree():
retObject = {}
retObject['notes'] = rootNotes
retObject['start_note_id'] = getSingleResult('select * from options where opt_name = "start_node"')['opt_value'];
retObject['verification_salt'] = getOption('verification_salt')
retObject['encryption_salt'] = getOption('encryption_salt')
retObject['password_verification_salt'] = getOption('password_verification_salt')
retObject['password_derived_key_salt'] = getOption('password_derived_key_salt')
retObject['encrypted_data_key'] = getOption('encrypted_data_key')
retObject['encryption_session_timeout'] = getOption('encryption_session_timeout')
return jsonify(retObject)

101
static/js/encryption.js
View File

@@ -28,30 +28,17 @@ let globalEncryptionKey = null;
let globalLastEncryptionOperationDate = null;
function deriveEncryptionKey(password) {
const verificationPromise = computeScrypt(password, globalVerificationSalt, (key, resolve, reject) => {
$.ajax({
url: baseUrl + 'password/verify',
type: 'POST',
data: JSON.stringify({
password: sha256(key)
}),
contentType: "application/json",
success: function (result) {
if (result.valid) {
resolve();
}
else {
alert("Wrong password");
return computeScrypt(password, globalEncryptionSalt, (key, resolve, reject) => {
const dataKeyAes = getDataKeyAes(key);
reject();
}
}
});
const decryptedDataKey = decrypt(dataKeyAes, globalEncryptedDataKey);
if (decryptedDataKey === false) {
reject("Wrong password.");
}
return decryptedDataKey;
});
const encryptionKeyPromise = computeScrypt(password, globalEncryptionSalt, (key, resolve, reject) => resolve(key));
return Promise.all([ verificationPromise, encryptionKeyPromise ]).then(results => results[1]);
}
function computeScrypt(password, salt, callback) {
@@ -110,7 +97,8 @@ $("#encryptionPasswordForm").submit(function() {
globalEncryptionCallback = null;
}
});
})
.catch(reason => alert(reason));
return false;
});
@@ -141,12 +129,16 @@ function isEncryptionAvailable() {
return globalEncryptionKey !== null;
}
function getAes() {
function getDataAes() {
globalLastEncryptionOperationDate = new Date();
return new aesjs.ModeOfOperation.ctr(globalEncryptionKey, new aesjs.Counter(5));
}
function getDataKeyAes(key) {
return new aesjs.ModeOfOperation.ctr(key, new aesjs.Counter(5));
}
function encryptNoteIfNecessary(note) {
if (note.detail.encryption === 0) {
return note;
@@ -157,21 +149,72 @@ function encryptNoteIfNecessary(note) {
}
function encryptString(str) {
const aes = getAes();
const bytes = aesjs.utils.utf8.toBytes(str);
return encrypt(getDataAes(), str);
}
const encryptedBytes = aes.encrypt(bytes);
function encrypt(aes, str) {
const payload = aesjs.utils.utf8.toBytes(str);
const digest = sha256Array(payload).slice(0, 4);
const digestWithPayload = concat(digest, payload);
const encryptedBytes = aes.encrypt(digestWithPayload);
return uint8ToBase64(encryptedBytes);
}
function decryptString(encryptedBase64) {
const aes = getAes();
const decryptedBytes = decrypt(getDataAes(), encryptedBase64);
return aesjs.utils.utf8.fromBytes(decryptedBytes);
}
function decrypt(aes, encryptedBase64) {
const encryptedBytes = base64ToUint8Array(encryptedBase64);
const decryptedBytes = aes.decrypt(encryptedBytes);
return aesjs.utils.utf8.fromBytes(decryptedBytes);
const digest = decryptedBytes.slice(0, 4);
const payload = decryptedBytes.slice(4);
const hashArray = sha256Array(payload);
const computedDigest = hashArray.slice(0, 4);
if (!arraysIdentical(digest, computedDigest)) {
return false;
}
return payload;
}
function concat(a, b) {
const result = [];
for (let key in a) {
result.push(a[key]);
}
for (let key in b) {
result.push(b[key]);
}
return result;
}
function sha256Array(content) {
const hash = sha256.create();
hash.update(content);
return hash.array();
}
function arraysIdentical(a, b) {
let i = a.length;
if (i !== b.length) return false;
while (i--) {
if (a[i] !== b[i]) return false;
}
return true;
}
function encryptNote(note) {

6
static/js/tree.js
View File

@@ -83,17 +83,17 @@ function setExpandedToServer(note_id, is_expanded) {
});
}
let globalVerificationSalt;
let globalEncryptionSalt;
let globalEncryptionSessionTimeout;
let globalEncryptedDataKey;
$(function(){
$.get(baseUrl + 'tree').then(resp => {
const notes = resp.notes;
let startNoteId = resp.start_note_id;
globalVerificationSalt = resp.verification_salt;
globalEncryptionSalt = resp.encryption_salt;
globalEncryptionSalt = resp.password_derived_key_salt;
globalEncryptionSessionTimeout = resp.encryption_session_timeout;
globalEncryptedDataKey = resp.encrypted_data_key;
if (document.location.hash) {
startNoteId = document.location.hash.substr(1); // strip initial #