// //Copyright (c) 2010,2011 Michael Toth //Spiralcraft Inc., All Rights Reserved // //This package is part of the Spiralcraft project and is licensed under //a multiple-license framework. // //You may not use this file except in compliance with the terms found in the //SPIRALCRAFT-LICENSE.txt file at the top of this distribution, or available //at http://www.spiralcraft.org/licensing/SPIRALCRAFT-LICENSE.txt. // //Unless otherwise agreed to in writing, this software is distributed on an //"AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. // //Portions adapted from: // //JavaScript: The Definitive Guide by David Flanagan //Copyright © 1997-2000, O'Reilly & Associates // //"These programs come with no warranty of any sort. They are copyrighted //material and are not in the public domain. As long as you retain the //copyright notice, however, you may study, use, modify, and distribute them //for any purpose." /* * Spiralcraft Common Javascript Library * * Common functionality that does not depend on external functions */ var SPIRALCRAFT = (function (my) { var _private = my._private = my._private || {}; var _debug = true; if(window.console){ var consoleBackup = window.console.log; if (!consoleBackup) { consoleBackup=console.log; } // window.console.log("Replacing window.console.log()"); // consoleBackUp("Writing to consoleBackUp"); window.console.log = function(str){ if(_debug){ try { consoleBackup.apply(window.console,[str]); } catch (err) { alert(err); } } } }else{ var log = window.opera ? window.opera.postError : function(str) {}; window.console = {}; window.console.log = function(str){ if(_debug){ log(str); } } } return my; }(SPIRALCRAFT || {})); /* * DOM functions and event handlers */ SPIRALCRAFT.dom = (function(my) { my.bodyOnLoad = function() { // window.console.log("SPIRALCRAFT.dom.bodyOnLoad()"); }; my.registerBodyOnLoad = function(fn) { var lastFn = my.bodyOnLoad; my.bodyOnLoad = function() { lastFn(); fn(); }; }; my.windowOnResize = function(event) { // window.console.log("SPIRALCRAFT.dom.windowOnResize(): "+event); }; if (window.addEventListener) { window.addEventListener( "resize", function(event) { my.windowOnResize(event); }, false ); } else if (window.attachEvent) { window.attachEvent( "onresize", function() { my.windowOnResize(null); } ); } my.registerWindowOnResize = function(fn) { var lastFn = my.windowOnResize; my.windowOnResize = function() { lastFn(); fn(); }; }; return my; }(SPIRALCRAFT.dom || {})); /* * HTTP related functionality */ SPIRALCRAFT.http = (function(my) { var _factories = [ function() { return new XMLHttpRequest(); }, function() { return new ActiveXObject("Msxml2.XMLHTTP"); }, function() { return new ActiveXObject("Microsoft.XMLHTTP"); } ]; var _factory = null; // Create a new request var _newXmlHttpRequest = function() { if (_factory != null) return _factory(); for(var i = 0; i < _factories.length; i++) { try { var factory = _factories[i]; var request = factory(); if (request != null) { _factory = factory; return request; } } catch(e) { continue; } } // If we get here, none of the factory candidates succeeded, // so throw an exception now and for all future calls. _factory = function() { throw new Error("XMLHttpRequest not supported"); } _factory(); // Throw an error }; my.get = function(location,options) { if (options.method == null) { options.method = "GET"; } var _request=_newXmlHttpRequest(); var _callbacks = [ options.onOpen, options.onSend, options.onReceive, function () { if (_request.status >= 200 && _request.status < 300) { options.onSuccess(_request); } if (options.onComplete) { options.onComplete(_request); } } ]; _request.onreadystatechange = function () { if (options.onReadyStateChange) { options.onReadyStateChange(_request); } if (_callbacks[_request.readyState-1]) { _callbacks[_request.readyState-1](_request); } }; _request.open(options.method,location); _request.send(options.data); }; my.parseHeaders = function(request) { var headerText = request.getAllResponseHeaders(); // Text from the server var headers = {}; // This will be our return value var ls = /^\s*/; // Leading space regular expression var ts = /\s*$/; // Trailing space regular expression // Break the headers into lines var lines = headerText.split("\n"); // Loop through the lines for(var i = 0; i < lines.length; i++) { var line = lines[i]; if (line.length == 0) continue; // Skip empty lines // Split each line at first colon, and trim whitespace away var pos = line.indexOf(':'); var name = line.substring(0, pos).replace(ls, "").replace(ts, ""); var value = line.substring(pos+1).replace(ls, "").replace(ts, ""); // Store the header name/value pair in a JavaScript object headers[name] = value; } return headers; }; /** * Encode the property name/value pairs of an object as if they were from * an HTML form, using application/x-www-form-urlencoded format */ my.encodeFormData = function(data) { var pairs = []; var regexp = /%20/g; // A regular expression to match an encoded space for(var name in data) { var value = data[name].toString(); // Create a name/value pair, but encode name and value first // The global function encodeURIComponent does almost what we want, // but it encodes spaces as %20 instead of as "+". We have to // fix that with String.replace() var pair = encodeURIComponent(name).replace(regexp,"+") + '=' + encodeURIComponent(value).replace(regexp,"+"); pairs.push(pair); } // Concatenate all the name/value pairs, separating them with & return pairs.join('&'); }; return my; }(SPIRALCRAFT.http || {})); SPIRALCRAFT.ajax = (function (my) { my.get = function(location,callback) { SPIRALCRAFT.http.get( location, { onSuccess: function(request) { callback(request.responseText); } } ); }; return my; }(SPIRALCRAFT.ajax || {})); /* * Function for manipulating URIs */ SPIRALCRAFT.uri = (function(my) { my.addQueryTerm = (function(uri,name,value) { if (uri.indexOf("?")>0) { uri=uri+"&"+name+"="+value; } else { uri=uri+"?"+name+"="+value; } return uri; }); return my; }(SPIRALCRAFT.uri || {})); /* * Spiralcraft webui related functions */ SPIRALCRAFT.webui = (function(my) { var _sessionSyncCount = 0; my.syncLocation = ""; my.sessionExpiration = 0; my.timeoutRef = null; /* * Call the server to tickle the session and reset the pending check */ my.checkSession = (function() { // Reset anything that might be pending if (my.timeoutRef!=null) { window.clearTimeout(my.timeoutRef); my.timeoutRef=null; } // Pull the new expiration time from the server SPIRALCRAFT.ajax.get( SPIRALCRAFT.uri.addQueryTerm(my.syncLocation+"","oob","sessionSync"), function(data) { // alert("Got "+data+" from server"); my.sessionExpiration=parseInt(data); if (my.sessionExpiration>0) { if (_sessionSyncCount>0) { my.timeoutRef=window.setTimeout(my.checkSession,my.sessionExpiration-60000); // alert("Rechecking session in "+((my.sessionExpiration-60000)/1000)+" seconds"); } } else { // alert("Session expired, reloading"); window.location.reload(); } } ); }); /* * Toggles session keepalive */ my.sessionSync = (function(on) { if (on) { _sessionSyncCount++; my.checkSession(); } else { if (_sessionSyncCount>0) { _sessionSyncCount--; if (_sessionSyncCount==0 && my.timeoutRef!=null) { window.clearTimeout(my.timeoutRef); my.timeoutRef=null; } } else { console.log("Error: sessionSync turned off too many times"); } } console.log("Sync count = "+_sessionSyncCount); }); return my; }(SPIRALCRAFT.webui || {})); /* * Functions for interacting with Spiralcraft security subsystem */ SPIRALCRAFT.security = (function(my) { my.realmName = ""; my.realmDigest = (function(challenge,username,clearpass) { return SPIRALCRAFT.SHA256.digestUTF8( SPIRALCRAFT.UTF8.decode( challenge+this.realmName+username.toLowerCase()+clearpass ) ); }); my.processLoginControls = (function(challengeInput,usernameInput,clearpassInput,digestpassInput) { digestpassInput.value = this.realmDigest( challengeInput!=null?challengeInput.value:"", usernameInput.value, clearpassInput.value ); clearpassInput.value=""; console.log( (challengeInput!=null?challengeInput.value:"")+","+ usernameInput.value+","+ clearpassInput.value+" = "+ digestpassInput.value ); return true; }); my.loginFormOnSubmit = (function(loginForm) { this.processLoginControls( loginForm.login_challenge, loginForm.login_username, loginForm.login_clearpass, loginForm.login_digestpass ); return true; }); my.processRegistrationControls = (function( usernameInput, clearpassInput, digestpassInput, clearpassInputCheck, digestpassInputCheck, passwordLengthInput ) { digestpassInput.value = this.realmDigest( "", usernameInput.value, clearpassInput.value ); passwordLengthInput.value=clearpassInput.value.length; clearpassInput.value=""; if (digestpassInputCheck) { digestpassInputCheck.value = this.realmDigest( "", usernameInput.value, clearpassInputCheck.value ); clearpassInputCheck.value=""; } console.log( usernameInput.value+","+ clearpassInput.value+" = "+ digestpassInput.value ); return true; }); my.registrationFormOnSubmit = (function(registrationForm) { this.processRegistrationControls( registrationForm.register_username, registrationForm.register_clearpass, registrationForm.register_digestpass, registrationForm.register_clearpass_check, registrationForm.register_digestpass_check, registrationForm.register_passwordlength ); return true; }); return my; }(SPIRALCRAFT.security || {})); /* * SHA256 digester */ SPIRALCRAFT.SHA256 = (function(my) { my.digestUTF8 = (function (b) { return Sha256.hash(b); }); return my; }(SPIRALCRAFT.SHA256 || {})); /* * UTF8 string encoder */ SPIRALCRAFT.UTF8 = (function(my) { my.encode = (function(s) { return unescape( encodeURIComponent( s ) ); }); my.decode = (function (s) { return decodeURIComponent( escape( s ) ); }); return my; }(SPIRALCRAFT.UTF8 || {})); /* * String utility */ SPIRALCRAFT.StringUtil = (function(my) { my.toBytes = (function (s) { var result = []; var stack; for (var i = 0; i < s.length; i++) { ch=s.charCodeAt(i); stack=[]; do { stack.push(ch & 0xFF); ch = ch >> 8; } while (ch); result = result.concat(stack.reverse()); } return result; }); return my; }(SPIRALCRAFT.StringUtil || {})); // http://www.movable-type.co.uk/scripts/sha256.html // Licensed from author under LGPL (http://creativecommons.org/licenses/LGPL/2.1/) /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ /* SHA-256 implementation in JavaScript | (c) Chris Veness 2002-2010 | www.movable-type.co.uk */ /* - see http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html */ /* http://csrc.nist.gov/groups/ST/toolkit/examples.html */ /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ var Sha256 = {}; // Sha256 namespace /** * Generates SHA-256 hash of string * * @param {String} msg String to be hashed * @returns {String} Hash of msg as hex character string */ Sha256.hash = function(msg) { // constants [§4.2.2] var K = [0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2]; // initial hash value [§5.3.1] var H = [0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19]; // PREPROCESSING msg += String.fromCharCode(0x80); // add trailing '1' bit (+ 0's padding) to string [§5.1.1] // convert string msg into 512-bit/16-integer blocks arrays of ints [§5.2.1] var l = msg.length/4 + 2; // length (in 32-bit integers) of msg + ‘1’ + appended length var N = Math.ceil(l/16); // number of 16-integer-blocks required to hold 'l' ints var M = new Array(N); for (var i=0; i>> 32, but since JS converts // bitwise-op args to 32 bits, we need to simulate this by arithmetic operators M[N-1][14] = ((msg.length-1)*8) / Math.pow(2, 32); M[N-1][14] = Math.floor(M[N-1][14]) M[N-1][15] = ((msg.length-1)*8) & 0xffffffff; // HASH COMPUTATION [§6.1.2] var W = new Array(64); var a, b, c, d, e, f, g, h; for (var i=0; i>> n) | (x << (32-n)); } Sha256.Sigma0 = function(x) { return Sha256.ROTR(2, x) ^ Sha256.ROTR(13, x) ^ Sha256.ROTR(22, x); } Sha256.Sigma1 = function(x) { return Sha256.ROTR(6, x) ^ Sha256.ROTR(11, x) ^ Sha256.ROTR(25, x); } Sha256.sigma0 = function(x) { return Sha256.ROTR(7, x) ^ Sha256.ROTR(18, x) ^ (x>>>3); } Sha256.sigma1 = function(x) { return Sha256.ROTR(17, x) ^ Sha256.ROTR(19, x) ^ (x>>>10); } Sha256.Ch = function(x, y, z) { return (x & y) ^ (~x & z); } Sha256.Maj = function(x, y, z) { return (x & y) ^ (x & z) ^ (y & z); } // // hexadecimal representation of a number // (note toString(16) is implementation-dependant, and // in IE returns signed numbers when used on full words) // Sha256.toHexStr = function(n) { var s="", v; for (var i=7; i>=0; i--) { v = (n>>>(i*4)) & 0xf; s += v.toString(16); } return s; }