-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.html
More file actions
146 lines (142 loc) · 6.98 KB
/
index.html
File metadata and controls
146 lines (142 loc) · 6.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
<!--
To change this template, choose Tools | Templates
and open the template in the editor.
-->
<!DOCTYPE html>
<html debug=true>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<script type="text/javascript" src="https://getfirebug.com/firebug-lite.js"></script>
<script src="https://www.pidder.de/pidcrypt/javascripts/pidcrypt.js"></script>
<script src="https://www.pidder.de/pidcrypt/javascripts/pidcrypt_util.js"></script>
<script src="https://www.pidder.de/pidcrypt/javascripts/asn1.js"></script><!--needed for parsing decrypted rsa certificate-->
<script src="https://www.pidder.de/pidcrypt/javascripts/jsbn.js"></script><!--needed for rsa math operations-->
<script src="https://www.pidder.de/pidcrypt/javascripts/rng.js"></script><!--needed for rsa key generation-->
<script src="https://www.pidder.de/pidcrypt/javascripts/prng4.js"></script><!--needed for rsa key generation-->
<script src="https://www.pidder.de/pidcrypt/javascripts/rsa.js"></script><!--needed for rsa en-/decryption-->
<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script><!-- used for my quick code -->
<script src="http://backbonejs.org/test/vendor/json2.js"></script>
<script type="text/javascript">
jQuery(document).ready(function() {
var public_key = '-----BEGIN PUBLIC KEY-----\n\
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVd/gb2ORdLI7nTRHJR8C5EHs4\n\
RkRBcQuQdHkZ6eq0xnV2f0hkWC8h0mYH/bmelb5ribwulMwzFkuktXoufqzoft6Q\n\
6jLQRnkNJGRP6yA4bXqXfKYj1yeMusIPyIb3CTJT/gfZ40oli6szwu4DoFs66IZp\n\
JLv4qxU9hqu6NtJ+8QIDAQAB\n\
-----END PUBLIC KEY-----';
// The following two functions are adapted from source code on
// https://www.pidder.de/pidcrypt/?page=demo_rsa-encryption
function certParser(cert) {
var lines = cert.split('\n');
var read = false;
var b64 = false;
var end = false;
var flag = '';
var retObj = {};
retObj.info = '';
retObj.salt = '';
retObj.iv;
retObj.b64 = '';
retObj.aes = false;
retObj.mode = '';
retObj.bits = 0;
for (var i = 0; i < lines.length; i++) {
flag = lines[i].substr(0, 9);
if (i == 1 && flag != 'Proc-Type' && flag.indexOf('M') == 0)//unencrypted cert?
b64 = true;
switch (flag) {
case '-----BEGI':
read = true;
break;
case 'Proc-Type':
if (read)
retObj.info = lines[i];
break;
case 'DEK-Info:':
if (read) {
var tmp = lines[i].split(',');
var dek = tmp[0].split(': ');
var aes = dek[1].split('-');
retObj.aes = (aes[0] == 'AES') ? true : false;
retObj.mode = aes[2];
retObj.bits = parseInt(aes[1]);
retObj.salt = tmp[1].substr(0, 16);
retObj.iv = tmp[1];
}
break;
case '':
if (read)
b64 = true;
break;
case '-----END ':
if (read) {
b64 = false;
read = false;
}
break;
default:
if (read && b64)
retObj.b64 += pidCryptUtil.stripLineFeeds(lines[i]);
}
}
return retObj;
}
function encryptval(val) {
var params = {};
var result = '';
params = certParser(public_key);
if (params.b64) {
var key = pidCryptUtil.decodeBase64(params.b64);
//new RSA instance
var rsa = new pidCrypt.RSA();
//RSA encryption
//ASN1 parsing
var asn = pidCrypt.ASN1.decode(pidCryptUtil.toByteArray(key));
var tree = asn.toHexTree();
//setting the public key for encryption
rsa.setPublicKeyFromASN(tree);
// var t = new Date(); // timer
crypted = rsa.encrypt(val);
result = pidCryptUtil.fragment(pidCryptUtil.encodeBase64(pidCryptUtil.convertFromHex(crypted)), 64);
} else
alert('Could not find public key.');
return result;
}
// This is new code written by William Lightning <kassah@gmail.com>
jQuery('#theForm').on('submit', function() {
var user = this.user.value;
var pass = this.pass.value;
jQuery(this.user).val("");
jQuery(this.pass).val("");
jQuery.getJSON("input.php", function(indata) {
data = {};
// data.time = indata.time;
data.time = parseInt(indata.time);
data.ipaddr = indata.ipaddr;
data.user = user;
data.pass = pass;
// JSON Encode the Parameters
var jsonval = JSON.stringify(data);
// Encrypt the JSON
var inputval = encryptval(jsonval);
jQuery.post('auth.php', {input: inputval}, function(datastuff) {
jQuery('#message').text(datastuff);
});
});
return false;
});
});
</script>
</head>
<body>
<div>
<p id="message"></p>
<form id="theForm" method="post" name="theForm" action="auth.php">
<input id="user" name="user" type="text" value="" /><br />
<input id="pass" name="pass" type="password" value="" /><br />
<input name="submit" value="Submit" type="submit" />
</form>
</div>
</body>
</html>