Fixed the OTP random generator to be even.

This commit is contained in:
Ylian Saint-Hilaire 2019-02-05 20:01:01 -08:00
parent dcfec7487f
commit cd8ecee538
8 changed files with 22 additions and 11 deletions

View File

@ -1429,12 +1429,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Perform a sub-action
var actionTaken = false;
if (command.subaction == 1) { // Generate a new set of tokens
var randomNumbers = [];
for (var i = 0; i < 10; i++) {
var v; // TODO: This random generation does not produce equal changes for all values. FIX IT!
do { v = (obj.parent.crypto.randomBytes(4).readUInt32BE(0) % 100000000); } while (randomNumbers.indexOf(v) >= 0);
randomNumbers.push(v);
}
var randomNumbers = [], v;
for (var i = 0; i < 10; i++) { do { v = getRandomEightDigitInteger(); } while (randomNumbers.indexOf(v) >= 0); randomNumbers.push(v); }
user.otpkeys = { keys: [] };
for (var i = 0; i < 10; i++) { user.otpkeys.keys[i] = { p: randomNumbers[i], u: true } }
actionTaken = true;
@ -1605,6 +1601,13 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
return obj;
}
// Generate a 8 digit integer with even random probability for each value.
function getRandomEightDigitInteger() {
var bigInt;
do { bigInt = obj.parent.crypto.randomBytes(4).readUInt32BE(0); } while (bigInt > 4200000000);
return bigInt % 100000000;
}
// Parse arguments string array into an object
function parseArgs(argv) {
var results = { '_': [] }, current = null;

View File

@ -1,6 +1,6 @@
{
"name": "meshcentral",
"version": "0.2.7-i",
"version": "0.2.7-j",
"keywords": [
"Remote Management",
"Intel AMT",

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -971,6 +971,10 @@
//addNotification(n);
break;
}
case 'stopped': { // Server is stopping.
// TODO: Disconnect
break;
}
default:
console.log('Unknown message.event.action', message.event.action);
break;

View File

@ -1685,6 +1685,10 @@
addNotification(n);
break;
}
case 'stopped': { // Server is stopping.
// TODO: Disconnect
break;
}
default:
//console.log('Unknown message.event.action', message.event.action);
break;

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long