esiur/esiur-js
2
0
Fork 0
mirror of https://github.com/esiur/esiur-js.git synced 2025-06-26 23:03:13 +00:00
Code Issues Projects Releases Wiki Activity

IAuth

Browse Source
This commit is contained in:
Ahmed Zamil
2024-06-22 04:09:50 +03:00
parent 84bf9fa539
commit c0e31662b7
19 changed files with 1657 additions and 1011 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Core/ExceptionCode.js
View File

@ -37,5 +37,8 @@ export default //const ExceptionCode =
AlreadyUnlistened: 34, AlreadyUnlistened: 34,
NotListenable: 35, NotListenable: 35,
ParseError: 36, ParseError: 36,
Timeout: 37 Timeout: 37,
NotSupported: 38,
NotImplemented: 39
}; };

2
src/Data/TypedMap.js
View File

@ -9,6 +9,8 @@ export default class TypedMap extends Map {
this.set(i, data[i]); this.set(i, data[i]);
} }
static getTypes(typedMap){ static getTypes(typedMap){
return [typedMap.constructor.keyType ?? Object, typedMap.constructor.valueType ?? Object]; return [typedMap.constructor.keyType ?? Object, typedMap.constructor.valueType ?? Object];
} }

1624
src/Net/IIP/DistributedConnection.js
View File

File diff suppressed because it is too large Load Diff

428
src/Net/Packets/IIPAuthPacket.js
View File

@ -15,7 +15,7 @@
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN ANthis.action OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
*/ */
@ -33,36 +33,37 @@ import AuthenticationMethod from "../../Security/Authority/AuthenticationMethod.
export default class IIPAuthPacket export default class IIPAuthPacket
{ {
constructor() command = 0;
{ initialization = 0;
this.command = 0; acknowledgement = 0;
this.action = 0; action = 0;
this.errorCode = 0; event = 0;
this.errorMessage = "";
this.localMethod = 0;
this.sourceInfo = "";
this.hash = "";
this.sessionId = "";
this.remoteMethod = 0;
this.domain = "";
this.CertificateId = 0;
this.localUsername = "";
this.remoteUsername = "";
this.localPassword = "";
this.remotePassword = "";
this.localToken = [];
this.reemoteToken = [];
this.asymetricEncryptionKey = [];
this.localNonce = [];
this.remoteNonce = [];
this.dataLengthNeeded = 0;
}
notEnough(offset, ends, needed) localMethod = AuthenticationMethod.None;
remoteMethod = AuthenticationMethod.None;
errorCode = 0;
message = "";
publicKeyAlgorithm = 0;
hashAlgorithm = 0;
certificate = null;
challenge = null;
asymetricEncryptionKey = null;
sessionId = null;
dataType = null;
reference = 0;
#dataLengthNeeded = 0;
#notEnough(offset, ends, needed)
{ {
if (offset + needed > ends) if (offset + needed > ends)
{ {
this.dataLengthNeeded = needed - (ends - offset); this.#dataLengthNeeded = needed - (ends - offset);
return true; return true;
} }
else else
@ -73,190 +74,259 @@ export default class IIPAuthPacket
{ {
var oOffset = offset; var oOffset = offset;
if (this.notEnough(offset, ends, 1)) if (this.#notEnough(offset, ends, 1))
return -this.dataLengthNeeded; return -this.#dataLengthNeeded;
this.command = data.getUint8(offset) >> 6; this.command = data.getUint8(offset) >> 6;
if (this.command == IIPAuthPacketCommand.Action) if (this.command == IIPAuthPacketCommand.Initialize) {
{
this.action = data[offset++] & 0x3f;
if (this.action == IIPAuthPacketAction.AuthenticateHash) this.localMethod = ((data[offset] >> 4) & 0x3);
{ this.remoteMethod = ((data[offset] >> 2) & 0x3);
if (this.notEnough(offset, ends, 32))
return -this.dataLengthNeeded;
this.hash = data.getUint8Array(offset, 32); this.initialization = (data[offset++] & 0xFC); // remove last two reserved LSBs
offset += 32; if (this.#notEnough(offset, ends, 1))
} return -this.#dataLengthNeeded;
else if (this.action == IIPAuthPacketAction.NewConnection)
{
if (this.notEnough(offset, ends, 2))
return -this.dataLengthNeeded;
var length = data.getUint16(offset); let parsed = TransmissionType.parse(data, offset, ends);
if (parsed.type == null)
return -parsed.size;
this.dataType = parsed.type;
offset += parsed.size;
} else if (this.command == IIPAuthPacketCommand.Acknowledge) {
this.localMethod = ((data[offset] >> 4) & 0x3);
this.remoteMethod = ((data[offset] >> 2) & 0x3);
this.acknowledgement = (data[offset++] & 0xFC); // remove last two reserved LSBs
if (this.#notEnough(offset, ends, 1))
return -this.#dataLengthNeeded;
let parsed = TransmissionType.parse(data, offset, ends);
if (parsed.type == null)
return -parsed.size;
this.dataType = parsed.type;
offset += parsed.size;
} else if (command == IIPAuthPacketCommand.Action) {
this.action = (data[offset++]);
if (this.action == IIPAuthPacketAction.AuthenticateHash ||
this.action == IIPAuthPacketAction.AuthenticatePublicHash ||
this.action == IIPAuthPacketAction.AuthenticatePrivateHash ||
this.action == IIPAuthPacketAction.AuthenticatePublicPrivateHash) {
if (this.#notEnough(offset, ends, 3))
return -this.#dataLengthNeeded;
this.hashAlgorithm = data[offset++];
let hashLength = data.getUint16(offset);
offset += 2; offset += 2;
if (this.notEnough(offset, ends, length)) if (this.#notEnough(offset, ends, hashLength))
return -this.dataLengthNeeded; return -this.#dataLengthNeeded;
this.sourceInfo = data.clip(offset, length); this.challenge = data.clip(offset, hashLength);
offset += hashLength;
offset += 32; } else if (action == IIPAuthPacketAction.AuthenticatePrivateHashCert ||
} this.action == IIPAuthPacketAction.AuthenticatePublicPrivateHashCert) {
else if (this.action == IIPAuthPacketAction.ResumeConnection
|| this.action == IIPAuthPacketAction.ConnectionEstablished)
{
if (this.notEnough(offset, ends, 32))
return -this.dataLengthNeeded;
this.sessionId = data.clip(offset, 32); if (this.#notEnough(offset, ends, 3))
return -this.#dataLengthNeeded;
offset += 32; this.hashAlgorithm = data[offset++];
}
}
else if (this.command == IIPAuthPacketCommand.Declare)
{
this.remoteMethod = ((data.getUint8(offset) >> 4) & 0x3);
this.localMethod = ((data.getUint8(offset) >> 2) & 0x3);
var encrypt = ((data.getUint8(offset++) & 0x2) == 0x2);
if (this.notEnough(offset, ends, 1))
return -this.dataLengthNeeded;
var domainLength = data.getUint8(offset++);
if (this.notEnough(offset, ends, domainLength))
return -this.dataLengthNeeded;
this.domain = data.getString(offset, domainLength);
offset += domainLength;
if (this.remoteMethod == AuthenticationMethod.Credentials)
{
if (this.localMethod == AuthenticationMethod.None)
{
if (this.notEnough(offset, ends, 33))
return -this.dataLengthNeeded;
this.remoteNonce = data.clip(offset, 32);
offset += 32;
var length = data.getUint8(offset++);
if (this.notEnough(offset, ends, length))
return -this.dataLengthNeeded;
this.remoteUsername = data.getString(offset, length);
offset += length;
}
}
else if (this.remoteMethod == AuthenticationMethod.Token)
{
if (this.localMethod == AuthenticationMethod.None)
{
if (this.notEnough(offset, ends, 40))
return -this.dataLengthNeeded;
this.remoteNonce = data.clip(offset, 32);
offset += 32;
this.remoteTokenIndex = data.getUint64(offset);
offset += 8;
}
}
if (encrypt)
{
if (this.notEnough(offset, ends, 2))
return -this.dataLengthNeeded;
var keyLength = data.getUint16(offset);
let hashLength = data.getUint16(offset);
offset += 2; offset += 2;
if (this.notEnough(offset, ends, keyLength)) if (this.#notEnough(offset, ends, hashLength))
return -this.dataLengthNeeded; return -this.#dataLengthNeeded;
this.asymetricEncryptionKey = data.clip(offset, keyLength); this.challenge = data.clip(offset, hashLength);
offset += hashLength;
offset += keyLength; if (this.#notEnough(offset, ends, 2))
} return -this.#dataLengthNeeded;
}
else if (this.command == IIPAuthPacketCommand.Acknowledge)
{
this.remoteMethod = (data.getUint8(offset) >> 4) & 0x3;
this.localMethod = (data.getUint8(offset) >> 2) & 0x3;
var encrypt = ((data.getUint8(offset++) & 0x2) == 0x2);
if (this.remoteMethod == AuthenticationMethod.None)
{
if (this.localMethod == AuthenticationMethod.None)
{
// do nothing
}
}
else if (this.remoteMethod == AuthenticationMethod.Credentials
|| this.remoteMethod == AuthenticationMethod.Token)
{
if (this.localMethod == AuthenticationMethod.None)
{
if (this.notEnough(offset, ends, 32))
return -this.dataLengthNeeded;
this.remoteNonce = data.clip(offset, 32);
offset += 32;
}
}
if (encrypt)
{
if (this.notEnough(offset, ends, 2))
return -this.dataLengthNeeded;
var keyLength = data.getUint16(offset);
let certLength = data.getUint16(offset);
offset += 2; offset += 2;
if (this.notEnough(offset, ends, keyLength)) if (this.#notEnough(offset, ends, certLength))
return -this.dataLengthNeeded; return -this.#dataLengthNeeded;
this.asymetricEncryptionKey = data.clip(offset, keyLength); this.certificate = data.clip(offset, certLength);
offset += keyLength; offset += certLength;
}
}
else if (this.command == IIPAuthPacketCommand.Error)
{
if (this.notEnough(offset, ends, 5))
return -this.dataLengthNeeded;
offset++; } else if (action == IIPAuthPacketAction.IAuthPlain) {
this.errorCode = data.getUint8(offset++);
if (this.#notEnough(offset, ends, 5))
return -this.#dataLengthNeeded;
var cl = data.getUint16(offset); this.reference = data.getUint32(offset);
offset += 4;
var parsed = TransmissionType.parse(data, offset, ends);
if (parsed.type == null)
return -parsed.size;
this.dataType = parsed.type;
offset += parsed.size;
} else if (action == IIPAuthPacketAction.IAuthHashed) {
if (this.#notEnough(offset, ends, 7))
return -this.#dataLengthNeeded;
this.reference = data.getUint32(offset);
offset += 4;
this.hashAlgorithm = data[offset++];
let cl = data.getUint16(offset);
offset += 2; offset += 2;
if (this.notEnough(offset, ends, cl)) if (this.#notEnough(offset, ends, cl))
return -this.dataLengthNeeded; return -this.#dataLengthNeeded;
this.challenge = data.clip(offset, cl);
this.errorMessage = data.getString(offset, cl);
offset += cl; offset += cl;
} else if (action == IIPAuthPacketAction.IAuthEncrypted) {
if (this.#notEnough(offset, ends, 7))
return -this.#dataLengthNeeded;
this.reference = data.getUint32(offset);
offset += 4;
this.publicKeyAlgorithm = data[offset++];
let cl = data.getUint16(offset);
offset += 2;
if (this.#notEnough(offset, ends, cl))
return -this.#dataLengthNeeded;
this.challenge = data.clip(offset, cl);
offset += cl;
} else if (action == IIPAuthPacketAction.EstablishNewSession) {
// Nothing here
} else if (action == IIPAuthPacketAction.EstablishResumeSession) {
if (this.#notEnough(offset, ends, 1))
return -this.#dataLengthNeeded;
let sessionLength = data[offset++];
if (this.#notEnough(offset, ends, sessionLength))
return -this.#dataLengthNeeded;
this.sessionId = data.clip(offset, sessionLength);
offset += sessionLength;
} else if (action == IIPAuthPacketAction.EncryptKeyExchange) {
if (this.#notEnough(offset, ends, 2))
return -this.#dataLengthNeeded;
let keyLength = data.getUint16(offset);
offset += 2;
if (this.#notEnough(offset, ends, keyLength))
return -this.#dataLengthNeeded;
this.asymetricEncryptionKey = data.clip(offset, keyLength);
offset += keyLength;
} else if (action == IIPAuthPacketAction.RegisterEndToEndKey ||
this.action == IIPAuthPacketAction.RegisterHomomorphic) {
if (this.#notEnough(offset, ends, 3))
return -this.#dataLengthNeeded;
this.publicKeyAlgorithm = data[offset++];
let keyLength = data.getUint16(offset);
offset += 2;
if (this.#notEnough(offset, ends, keyLength))
return -this.#dataLengthNeeded;
this.asymetricEncryptionKey = data.clip(offset, keyLength);
offset += keyLength;
}
} else if (command == IIPAuthPacketCommand.Event) {
this.event = data[offset++];
if (this.event == IIPAuthPacketEvent.ErrorTerminate ||
this.event == IIPAuthPacketEvent.ErrorMustEncrypt ||
this.event == IIPAuthPacketEvent.ErrorRetry) {
if (this.#notEnough(offset, ends, 3))
return -this.#dataLengthNeeded;
this.errorCode = data[offset++];
let msgLength = data.getUint16(offset);
offset += 2;
if (this.#notEnough(offset, ends, msgLength))
return -this.#dataLengthNeeded;
this.message = data.getString(offset, msgLength);
offset += msgLength;
} else if (this.event == IIPAuthPacketEvent.IndicationEstablished) {
if (this.#notEnough(offset, ends, 1))
return -this.#dataLengthNeeded;
let sessionLength = data[offset++];
if (this.#notEnough(offset, ends, sessionLength))
return -this.#dataLengthNeeded;
this.sessionId = data.clip(offset, sessionLength);
offset += sessionLength;
} else if (this.event == IIPAuthPacketEvent.IAuthPlain ||
this.event == IIPAuthPacketEvent.IAuthHashed ||
this.event == IIPAuthPacketEvent.IAuthEncrypted) {
if (this.#notEnough(offset, ends, 1))
return -this.#dataLengthNeeded;
let parsed = TransmissionType.parse(data, offset, ends);
if (parsed.type == null)
return -parsed.size;
this.dataType = parsed.type;
offset += parsed.size;
}
} }

20
src/Net/Packets/IIPAuthPacketAcknowledge.js Normal file
View File

@ -0,0 +1,20 @@
// IIPAuthPacketAcknowledge
export default {
NoAuthNoAuth: 0x40, // 0b01000000,
NoAuthCredentials: 0x44, // 0b01000100,
NoAuthToken: 0x48, //0b01001000,
NoAuthCertificate: 0x4c, //0b01001100,
CredentialsNoAuth: 0x50, //0b01010000,
CredentialsCredentials: 0x54, //0b01010100,
CredentialsToken: 0x58, //0b01011000,
CredentialsCertificate: 0x5c, //0b01011100,
TokenNoAuth: 0x60, //0b01100000,
TokenCredentials: 0x64, //0b01100100,
TokenToken: 0x68, //0b01101000,
TokenCertificate: 0x6c, //0b01101100,
CertificateNoAuth: 0x70, //0b01110000,
CertificateCredentials: 0x74, //0b01110100,
CertificateToken: 0x78, //0b01111000,
CertificateCertificate: 0x7c, // 0b01111100,
}

29
src/Net/Packets/IIPAuthPacketAction.js
View File

@ -1,8 +1,25 @@
export default // const IIPAuthPacketAction = // IIPAuthPacketAction
export default
{ {
// Authenticate AuthenticateHash: 0x80,
AuthenticateHash: 0, AuthenticatePublicHash: 0x81,
NewConnection: 0x20, AuthenticatePrivateHash: 0x82,
ResumeConnection: 0x21, AuthenticatePublicPrivateHash: 0x83,
ConnectionEstablished: 0x28
AuthenticatePrivateHashCert: 0x88,
AuthenticatePublicPrivateHashCert: 0x89,
IAuthPlain: 0x90,
IAuthHashed: 0x91,
IAuthEncrypted: 0x92,
EstablishNewSession: 0x98,
EstablishResumeSession: 0x99,
EncryptKeyExchange: 0xA0,
RegisterEndToEndKey: 0xA8,
RegisterHomomorphic: 0xA9,
}; };

11
src/Net/Packets/IIPAuthPacketCommand.js
View File

@ -1,7 +1,8 @@
export default //const IIPAuthPacketCommand = // IIPAuthPacketCommand
export default
{ {
Action: 0, Initialize: 0,
Declare: 1, Acknowledge: 1,
Acknowledge: 2, Action: 2,
Error: 3 Event: 3
}; };

13
src/Net/Packets/IIPAuthPacketEvent.js Normal file
View File

@ -0,0 +1,13 @@
// IIPAuthPacketEvent
export default
{
ErrorTerminate: 0xC0,
ErrorMustEncrypt: 0xC1,
ErrorRetry: 0xC2,
IndicationEstablished: 0xC8,
IAuthPlain: 0xD0,
IAuthHashed: 0xD1,
IAuthEncrypted: 0xD2
};

6
src/Net/Packets/IIPAuthPacketHashAlgorithm.js Normal file
View File

@ -0,0 +1,6 @@
// IIPAuthHashAlgorithm
export default {
SHA256: 0,
SHA3: 1,
}

22
src/Net/Packets/IIPAuthPacketHeader.js Normal file
View File

@ -0,0 +1,22 @@
// IIPAuthPacketHeader
export default {
Version: 0,
Domain: 1,
SupportedAuthentications: 2,
SupportedHashAlgorithms: 3,
SupportedCiphers: 4,
SupportedCompression: 5,
SupportedPersonalAuth: 6,
Nonce: 7,
Username: 8,
TokenIndex: 9,
CertificateId: 10,
CachedCertificates: 11,
CipherType: 12,
CipherKey: 13,
SoftwareIdentity: 14,
Referrer: 15,
Time: 16,
Certificate: 17,
IPv4: 18
}

9
src/Net/Packets/IIPAuthPacketIAuthDestination.js Normal file
View File

@ -0,0 +1,9 @@
// IIPAuthPacketIAuthDestination
export default {
Self: 0,
Device: 1, // logged in device
Email: 2,
SMS: 3,
App: 4, // Authenticator app
ThirdParty: 5, // usualy a second person
}

12
src/Net/Packets/IIPAuthPacketIAuthFormat.js Normal file
View File

@ -0,0 +1,12 @@
// IIPAuthPacketIAuthFormat
export default {
None: 0,
Number: 1,
Text: 2,
LowercaseText: 3,
Choice: 4,
Photo: 5,
Signature: 6,
Fingerprint: 7
}

11
src/Net/Packets/IIPAuthPacketIAuthHeader.js Normal file
View File

@ -0,0 +1,11 @@
// IIPAuthPacketIAuthHeader
export default
{
Reference: 0,
Destination: 1,
Clue: 2,
RequiredFormat: 3,
ContentFormat: 4,
Content: 5,
Timeout: 6
}

19
src/Net/Packets/IIPAuthPacketInitialize.js Normal file
View File

@ -0,0 +1,19 @@
// IIPAuthPacketInitialize
export default {
NoAuthNoAuth: 0x0, //0b00000000,
NoAuthCredentials: 0x4, //0b00000100,
NoAuthToken: 0x8, //0b00001000,
NoAuthCertificate: 0xC, //0b00001100,
CredentialsNoAuth: 0x10, //0b00010000,
CredentialsCredentials: 0x14, //0b00010100,
CredentialsToken: 0x18, //0b00011000,
CredentialsCertificate: 0x1c, //0b00011100,
TokenNoAuth: 0x20, //0b00100000,
TokenCredentials: 0x24, //0b00100100,
TokenToken: 0x28, //0b00101000,
TokenCertificate: 0x2c, //0b00101100,
CertificateNoAuth: 0x30, //0b00110000,
CertificateCredentials: 0x34,// 0b00110100,
CertificateToken: 0x38, //0b00111000,
CertificateCertificate: 0x3c, //0b00111100,
}

6
src/Net/Packets/IIPAuthPacketPublicKeyAlgorithm.js Normal file
View File

@ -0,0 +1,6 @@
// IIPAuthPacketPublicKeyAlgorithm
export default {
RSA: 0,
CKKS: 1
}

7
src/Security/Authority/AuthenticationMethod.js
View File

@ -1,7 +1,8 @@
// AuthenticationMethod
export default export default
{ {
None: 0, None: 0,
Certificate: 1, Credentials: 1,
Credentials: 2, Token: 2,
Token: 3 Certificate: 3
}; };

27
src/Security/Authority/Session.js
View File

@ -26,16 +26,27 @@
*/ */
"use strict"; "use strict";
import AuthenticationType from "./AuthenticationType.js";
import AuthenticationMethod from "./AuthenticationMethod.js";
import KeyList from "../../Data/KeyList.js";
export default class Session export default class Session
{
constructor(localAuthentication, remoteAuthentication)
{ {
this.localAuthentication = localAuthentication; id;
this.remoteAuthentication = remoteAuthentication; creation = Date();
this.id = null; modification = Date();
this.creation = null;
this.modification = null; variables = new KeyList();
}
localHeaders = new Map();
remoteHeaders = new Map();
localMethod = AuthenticationMethod.None;
remoteMethod = AuthenticationMethod.None;
authenticationType = AuthenticationType.Host ;
authorizedAccount;
} }

19
src/Security/Membership/AuthorizationResults.js Normal file
View File

@ -0,0 +1,19 @@
//AuthorizationResults
export default class {
response;
destination;
requiredFormat;
clue;
timeout; // 0 means no timeout
reference;
issue = new Date();
get expired (){
this.timeout == 0 ? false : ((new Date() - this.issue) / 1000) > this.timeout;
}
}

54
src/Security/Membership/IMembership.js
View File

@ -7,32 +7,44 @@ export default class IMembership extends IResource
return new AsyncReply(false); return new AsyncReply(false);
} }
getPassword(username, domain) tokenExists(tokenIndex, domain) {
{ return new AsyncReply(false);
}
getPassword(username, domain) {
return new AsyncReply(null); return new AsyncReply(null);
} }
getToken(tokenIndex, domain) {
return new AsyncReply(null);
}
authorize(session){
return new AsyncReply(new AuthorizationResults());
}
authorizePlain(session, reference, value){
return new AsyncReply(new AuthorizationResults());
}
authorizeHashed(session, reference, algorithm, value) {
return new AsyncReply(new AuthorizationResults());
}
authorizeEncrypted(session, reference, algorithm, value) {
return new AsyncReply(new AuthorizationResults());
}
login(session) {
return new AsyncReply(true);
}
logout(session){
return new AsyncReply(true);
}
get guestsAllowed() { get guestsAllowed() {
return false; return false;
} }
getToken(tokenIndex, domain)
{
return new AsyncReply(null);
}
login(session)
{
}
logout(session)
{
}
tokenExists(tokenIndex, domain)
{
}
} }