aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016, 2018, 2020 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages gnu-pw-mgr)
  #:use-module (guix packages)
  #:use-module (guix licenses)
  #:use-module (guix download)
  #:use-module (guix build-system gnu)
  #:use-module (gnu packages)
  #:use-module (gnu packages base)
  #:use-module (gnu packages autogen))

(define-public gnu-pw-mgr
  (package
    (name "gnu-pw-mgr")
    (version "2.7.4")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnu/gnu-pw-mgr/gnu-pw-mgr-"
                          version ".tar.xz"))
      (sha256
       (base32 "0fhwvsmsqpw0vnivarfg63l8pgwqfv7d5wi6l80jpb41dj6qpjz8"))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
       (modify-phases %standard-phases
         (add-after 'patch-source-shebangs 'patch-more-shebangs
           (lambda _
             (substitute* "tests/dom.test"
               (("/usr/bin/printf") (which "printf")))
             #t))
         (add-before 'check 'pre-check
           (lambda _
             ;; In the build environment, there is no /dev/tty.
             (substitute* "tests/base.test"
               (("/dev/tty") "/dev/null"))
             #t)))))
    (native-inputs
     (list which))
    (home-page "https://www.gnu.org/software/gnu-pw-mgr/")
    (synopsis "Retrieve login credentials without recording passwords")
    (description
     "This program is designed to make it easy to reconstruct difficult
passwords when they are needed while limiting the risk of attack.  The
user of this program inputs a self-defined transformation of a web
site URL and obtains the password and user name hint for that web
site.")
    (license gpl3+)))
generated by cgit
a5b09b5f39d6b3a75419a516dd07'>36773a9bb3a60c2cb271191b7aaf2f75db5a191a /common/signing.js parent6b53d6c840140fc5df6d7638808b978d96502a35 (diff)downloadbrowser-extension-2875397fb887a5b09b5f39d6b3a75419a516dd07.tar.gz
browser-extension-2875397fb887a5b09b5f39d6b3a75419a516dd07.zip
improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 implementation is no longer pulled in contexts that don't require it.
Diffstat (limited to 'common/signing.js')
-rw-r--r--common/signing.js73
1 files changed, 73 insertions, 0 deletions
diff --git a/common/signing.js b/common/signing.js
new file mode 100644
index 0000000..2171714
--- /dev/null
+++ b/common/signing.js
@@ -0,0 +1,73 @@
+/**
+ * part of Hachette
+ * Functions related to "signing" of data, refactored to a separate file.
+ *
+ * Copyright (C) 2021 Wojtek Kosior
+ * Redistribution terms are gathered in the `copyright' file.
+ */
+
+/*
+ * IMPORTS_START
+ * IMPORT sha256
+ * IMPORT browser
+ * IMPORT is_chrome
+ * IMPORTS_END
+ */
+
+/*
+ * In order to make certain data synchronously accessible in certain contexts,
+ * hachette smuggles it in string form in places like cookies, URLs and headers.
+ * When using the smuggled data, we first need to make sure it isn't spoofed.
+ * For that, we use this pseudo-signing mechanism.
+ *
+ * Despite what name suggests, no assymetric cryptography is involved, as it
+ * would bring no additional benefits and would incur bigger performance
+ * overhead. Instead, we hash the string data together with some secret value
+ * that is supposed to be known only by this browser instance. Resulting hash
+ * sum plays the role of the signature. In the hash we also include current
+ * time. This way, even if signed data leaks (which shouldn't happen in the
+ * first place), an attacker won't be able to re-use it indefinitely.
+ *
+ * The secret shared between execution contexts has to be available
+ * synchronously. Under Mozilla, this is the extension's per-session id. Under
+ * Chromium, this is the key that resides in the manifest.
+ *
+ * An idea to (under Chromium) instead store the secret in a file fetched
+ * synchronously using XMLHttpRequest is being considered.
+ */
+
+function get_secret()
+{
+ if (is_chrome)
+ return browser.runtime.getManifest().key.substring(0, 50);
+ else
+ return browser.runtime.getURL("dummy");
+}
+
+function extract_signed(signature, signed_data)
+{
+ const match = /^([1-9][0-9]{12}|0)_(.*)$/.exec(signed_data);
+ if (!match)
+ return {fail: "bad format"};
+
+ const result = {time: parseInt(match[1]), data: match[2]};
+ if (sign_data(result.data, result.time)[0] !== signature)
+ result.fail = "bad signature";
+
+ return result;
+}
+
+/*
+ * Sign a given string for a given time. Time should be either 0 or in the range
+ * 10^12 <= time < 10^13.
+ */
+function sign_data(data, time) {
+ return [sha256(get_secret() + time + data), `${time}_${data}`];
+}
+
+/*
+ * EXPORTS_START
+ * EXPORT extract_signed
+ * EXPORT sign_data
+ * EXPORTS_END
+ */
generated by cgit