/*(c) 2006 - 2008 AllenPort Co. All Rights Reserved. All versions of this code, including the source and executable versions, constitute the intellectual property of AllenPort Co., which expressly reserves any and all U.S. and foreign rights and benefits to the code under copyright, trade secret and any other intellectual property law or international treaty whatsoever. Use of the code is subject to the terms and conditions of a separate written license agreement, and the code shall not be reproduced, modified, distributed or otherwise used in any form or manner whatsoever without obtaining the prior written permission of AllenPort Co. Any unauthorized reproduction or distribution of the code, or any portion of it, may result in civil and criminal penalties and be prosecuted to the fullest extent of the law.*/ function make_cipher(password, security_answer, isBussiness) { isBussiness = typeof(isBussiness) != 'undefined' ? isBussiness : false; //All members except user_public_key in hex format var cipher = { rsa_priv_enc:null, //RSA private key in PEM format encrypted with PBKDF2 of user password. pw_md5:null, //Hash of password. answer_md5:null, //Hash of security answer. user_public_key:null, //RSA public key in PEM format. password_rec:null, //Password encrypted by AES (cfb) algorithm using security_answer PBKDF2 key. answer_rec:null, //Security answer encrypted by AES (cfb) algorithm using password PBKDF2 key. private_mount_point_private_key_enc:null,//RSA private key in PEM format encrypted with this RSA. public_mount_point_public_key:null, public_mount_point_private_key_enc:null }; //alert(get_pem_from_public_rsa_key + " " + get_pem_from_public_rsa_key(rsa)); //sa_pbkdf2 and pw_pbkdf2 in string format var pw_pbkdf2 = make_sym_key(password); var sa_pbkdf2 = make_sym_key(security_answer); var rsa = create_rsa(); function test_rsa() { if(!rsa.local_context.isGenerated) { setTimeout(test_rsa, 500); return; } else { var public_key_pem = get_pem_from_public_rsa_key(rsa); var private_key_pem = get_pem_from_private_rsa_key(rsa); cipher.user_public_key = public_key_pem; cipher.rsa_priv_enc = stringToHex(sym_encrypt(private_key_pem, pw_pbkdf2)); cipher.password_rec = stringToHex(sym_encrypt_padded(password, sa_pbkdf2)); cipher.answer_rec = stringToHex(sym_encrypt_padded(security_answer, pw_pbkdf2)); cipher.pw_md5 = md5(password); cipher.answer_md5 = md5(security_answer); cipher.private_mount_point_private_key_enc = encrypt_with_rsa(rsa, private_key_pem); if(isBussiness) { var public_mount_point_rsa_key = create_rsa(); function test_public_mount_point_rsa() { if(!public_mount_point_rsa_key.local_context.isGenerated) { setTimeout(test_public_mount_point_rsa, 500); return; } else { var public_mount_point_public_key_pem = get_pem_from_public_rsa_key(public_mount_point_rsa_key); var public_mount_point_private_key_pem = get_pem_from_private_rsa_key(public_mount_point_rsa_key); cipher.public_mount_point_private_key_enc = encrypt_with_rsa(rsa, public_mount_point_private_key_pem); cipher.public_mount_point_public_key = public_mount_point_public_key_pem; register_account(cipher); } } test_public_mount_point_rsa(); } else register_account(cipher); } } test_rsa(); } function add_business_account_member_make_cipher(admin_password, admin_private_key_enc, public_mount_point_private_key_enc, login, first_name, last_name, password, current_user_counter, max_users_number) { var cipher = { admin_password_hash:null, password_hash:null, user_public_key:null, user_private_key_enc:null, user_private_key_enc_w_admin_key:null, private_mount_point_private_key_enc:null, public_mount_point_private_key_enc:null }; var user_rsa_key = create_rsa(); function test_user_rsa() { if(!user_rsa_key.local_context.isGenerated) { setTimeout(test_user_rsa, 500); return; } else { var user_public_key_pem_str = get_pem_from_public_rsa_key(user_rsa_key); var user_private_key_pem_str = get_pem_from_private_rsa_key(user_rsa_key); var admin_pw_pbkdf2 = make_sym_key(admin_password);//admin_password_key var user_pw_pbkdf2 = make_sym_key(password); //password_key // user private RSA key var user_private_key_enc = sym_encrypt(user_private_key_pem_str, user_pw_pbkdf2); // recover admin RSA key var admin_private_key_pem_str = sym_decrypt(hexToString(admin_private_key_enc), admin_pw_pbkdf2); var admin_rsa_key = get_private_rsa_key_from_pem(admin_private_key_pem_str); // make a copy of the user's private RSA key for admin (hex) var user_private_key_enc_by_admin = encrypt_with_rsa(admin_rsa_key, user_private_key_pem_str); var rsa_cipher = new RSACipher(); rsa_cipher.decrypt_with_rsa(admin_rsa_key, public_mount_point_private_key_enc) function test_rsa_cipher() { if(!rsa_cipher.isDecrypted) { setTimeout(test_rsa_cipher, 500); return; } else { // recover public files RSA key var public_mount_point_private_key_str = rsa_cipher.decrypted_message; // make a copy of the public file RSA key for the new user var public_mount_point_private_key_enc_by_new_user = encrypt_with_rsa(user_rsa_key, public_mount_point_private_key_str); // make a key for the user's private files var private_mount_point_private_key_enc = encrypt_with_rsa(user_rsa_key, user_private_key_pem_str); cipher.admin_password_hash = md5(admin_password); cipher.password_hash = md5(password); cipher.user_public_key = user_public_key_pem_str; cipher.user_private_key_enc = stringToHex(user_private_key_enc); cipher.user_private_key_enc_w_admin_key = user_private_key_enc_by_admin; cipher.private_mount_point_private_key_enc = private_mount_point_private_key_enc; cipher.public_mount_point_private_key_enc = public_mount_point_private_key_enc_by_new_user; //declared in ajax.js add_member_database(cipher.admin_password_hash, login, first_name, last_name, cipher.password_hash, cipher.user_public_key, cipher.user_private_key_enc, cipher.user_private_key_enc_w_admin_key, cipher.private_mount_point_private_key_enc, cipher.public_mount_point_private_key_enc, current_user_counter, max_users_number); } } test_rsa_cipher(); } } test_user_rsa(); }