played with post-methods and encryption

server/js.js

@@ -10,6 +10,41 @@ function httpPost(theUrl, content) { var xmlHttp = null;
     xmlHttp.send( content );
     return xmlHttp.responseText;
 }
+////////////////////////////////////////////////////////////////////////////////
+function httpPost2(theUrl, content, key) { var xmlHttp = null;
+    var http = new XMLHttpRequest();
+    http.open("POST", theUrl, true);
+    //Send the proper header information along with the request
+    //http.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
+    http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+    http.setRequestHeader("Content-length", content.length);
+    http.setRequestHeader("Connection", "close");
+
+    http.onreadystatechange = function() {//Call a function when the state changes.
+        if(http.readyState == 4 && http.status == 200) {
+            //document.write(http.responseText);
+			document.getElementById('url').innerHTML=http.responseText+'&k='+key;
+            //document.write(http.responseText);
+            //return http.responseText;
+        } else {
+			document.getElementById('url').innerHTML=http.responseText+'&k='+key;
+        }
+    }
+    http.send(content);
+}
+////////////////////////////////////////////////////////////////////////////////
+function post_new(path, params, method) {
+    method = method || "post"; // Set method to post by default if not specified.
+
+    // The rest of this code assumes you are not using a library.
+    // It can be made less wordy if you use one.
+    var form = document.createElement("form");
+    form.setAttribute("method", method);
+    form.setAttribute("action", path);
+
+    document.body.appendChild(form);
+    form.submit();
+}
 function post(path, params, method) {
     method = method || "post"; // Set method to post by default if not specified.
 
@@ -48,7 +83,8 @@ function base64_encode(data) {
   //   example 2: base64_encode('a');
   //   returns 2: 'YQ=='
 
-  var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+  //var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+  var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
   var o1, o2, o3, h1, h2, h3, h4, bits, i = 0,
     ac = 0,
     enc = '',
@@ -81,9 +117,92 @@ function base64_encode(data) {
   return (r ? enc.slice(0, r - 3) : enc) + '==='.slice(r || 3);
 }
 
+
+//////////////////////////////////////////////////////////////////
+var keyStr = "ABCDEFGHIJKLMNOP" +
+             "QRSTUVWXYZabcdef" +
+             "ghijklmnopqrstuv" +
+             "wxyz0123456789+/" +
+             "=";
+function encode64(input) {
+   input = escape(input);
+   var output = "";
+   var chr1, chr2, chr3 = "";
+   var enc1, enc2, enc3, enc4 = "";
+   var i = 0;
+
+   do {
+      chr1 = input.charCodeAt(i++);
+      chr2 = input.charCodeAt(i++);
+      chr3 = input.charCodeAt(i++);
+
+      enc1 = chr1 >> 2;
+      enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+      enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+      enc4 = chr3 & 63;
+
+      if (isNaN(chr2)) {
+         enc3 = enc4 = 64;
+      } else if (isNaN(chr3)) {
+         enc4 = 64;
+      }
+
+      output = output +
+         keyStr.charAt(enc1) +
+         keyStr.charAt(enc2) +
+         keyStr.charAt(enc3) +
+         keyStr.charAt(enc4);
+      chr1 = chr2 = chr3 = "";
+      enc1 = enc2 = enc3 = enc4 = "";
+   } while (i < input.length);
+
+   return output;
+}
+function decode64(input) {
+   var output = "";
+   var chr1, chr2, chr3 = "";
+   var enc1, enc2, enc3, enc4 = "";
+   var i = 0;
+
+   // remove all characters that are not A-Z, a-z, 0-9, +, /, or =
+   var base64test = /[^A-Za-z0-9\+\/\=]/g;
+   if (base64test.exec(input)) {
+      alert("There were invalid base64 characters in the input text.\n" +
+            "Valid base64 characters are A-Z, a-z, 0-9, '+', '/',and '='\n" +
+            "Expect errors in decoding.");
+   }
+   input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+
+   do {
+      enc1 = keyStr.indexOf(input.charAt(i++));
+      enc2 = keyStr.indexOf(input.charAt(i++));
+      enc3 = keyStr.indexOf(input.charAt(i++));
+      enc4 = keyStr.indexOf(input.charAt(i++));
+
+      chr1 = (enc1 << 2) | (enc2 >> 4);
+      chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+      chr3 = ((enc3 & 3) << 6) | enc4;
+
+      output = output + String.fromCharCode(chr1);
+
+      if (enc3 != 64) {
+         output = output + String.fromCharCode(chr2);
+      }
+      if (enc4 != 64) {
+         output = output + String.fromCharCode(chr3);
+      }
+
+      chr1 = chr2 = chr3 = "";
+      enc1 = enc2 = enc3 = enc4 = "";
+
+   } while (i < input.length);
+
+   return unescape(output);
+}
+//////////////////////////////////////////////////////////////////
+
 assertion = httpGet("https://saml-delegation.data.kit.edu/sd/ecp.py")
 // Create a key for encryption
-var tf = new twoFish;
 random_a = Math.random();
 Math.seedrandom('xsdf'+random_a);
 random_a = Math.random();
@@ -95,32 +214,73 @@ for (var i = Math.round(10000000*random_a); i > 0; i--) {
 }
 key_b = Math.random();
 key = 1e17*key_a+"-"+1e17*key_b;
-document.write("<br/>"+key+"<br/>");
-document.write('<br/>\n5');
+key = 'this';
+//key = 'xxxxxxxxxxx';
+//document.write("<br/>"+key+"<br/>");
 
-// encrypt assertion
-var tf = new twoFish;
+// encode assertion 
+b64assertion = btoa(assertion); // works
+//document.write(b64assertion);
 
-encrypted_assertion = tf.encrypt(key, assertion);
-//document.write(encrypted_assertion);
+/**************************************/
+/* // encrypt assertion using twofish */
+/**************************************/
+//var my_two_fish = new twoFish;
+//var iv = 'nix';
+//encrypted_assertion = my_two_fish.encrypt(key, assertion);
+//b64encrypted_assertion = btoa(encrypted_assertion);
+////document.write(encrypted_assertion);
+
+/***************************************/
+/* // encrypt assertion using blowfish */
+/***************************************/
+document.write('0');
+iv = blowfish.setIV('asdfasdf', 0);
+//iv = blowfish.setIV('asdfasdf');
+document.write('1');
+// cipherModes: ECB:0, CBC:1, PCBC:2, CFB:3, OFB:4, CTR:5
+b64encrypted_assertion = blowfish.encrypt(assertion, key, {outputType:0, cipherMode: 1});
+document.write('2');
+iv = blowfish.getIV(3); // 1: Hex 2: String 3: Raw 4: base64
+var iv_js= JSON.stringify(iv);
+var my_iv = (iv.left, iv.right);
+document.write('3');
+document.write('<br/>\niv: "' + iv + '"<br/>\n');
+document.write('<br/>\niv_js: "' + iv_js + '"<br/>\n');
+document.write('<br/>\nmy_iv: "' + my_iv + '"<br/>\n');
+key = blowfish.getKey(key, 3); // 1: Hex; 2: String; 3: Raw; 4: base64
+document.write('4');
+document.write('<br/>\nkey: "' + key + '"<br/>\n');
+var key_js= JSON.stringify(key);
+document.write('<br/>\nkey_js: "' + key_js + '"<br/>\n');
+document.write('<br/>\nkey_p: "' + key.p + '"<br/>\n');
+
+key = blowfish.getKey(key, 4); // 1: Hex; 2: String; 3: Raw; 4: base64
+document.write('<br/>\nkey: "' + key + '"<br/>\n');
+/**********************************************/
+/* // Encrypt using blowfish from aamcrypt.js */
+/**********************************************/
 
-// encode assertion 
-b64assertion = base64_encode(assertion);
 
 
-//encrypted_assertion = "this is a test";
-//b64assertion = base64_encode(btoa(encrypted_assertion));
-//document.write("<br/>\n"+b64assertion+"<br/>\n");
-b64assertion = btoa(encrypted_assertion);
-document.write("<br/>\n"+b64assertion);
 
-url = post("https://saml-delegation.data.kit.edu/sd/jsupload.py", 
-        {encrypted_assertion: b64assertion});
+//document.write("<br/>\n"+b64encrypted_assertion);
 
-//response = post("https://saml-delegation.data.kit.edu/sd/jsupload.py",
-//{encrypted_assertion: assertion});
-document.write('<br/>\n8');
+/***********************************************************************/
+/* // Post the encrypted assertion                                     */
+/* // the key is not sent over the wire. It's just passed, so that the */
+/* // httpPost2 function can display the final URL for the user        */
+/***********************************************************************/
+httpPost2 ("https://saml-delegation.data.kit.edu/sd/upload.py", 
+        "encrypted_assertion="+ b64encrypted_assertion + '=' +
+        "&encryption_algorithm=blowfish" + 
+        "&client=javascript" +
+        "&version=0.1" +
+        "&key=" + key +
+        "&iv=" + iv,
+        key);
 
-document.write('You can use this url as a temporary password in all federation-enabled services:<br/>');
-document.write(url+"--"+key)
+document.write('You can use this URL as a password now: \
+        <b><div id="url">... loading ...</div></b>\
+        Once it expires come back to this site to obtain a new one.');