independent csprng solution

This commit is contained in:
Andreas Brett 2021-10-18 01:06:20 +02:00
parent 86dcc9bc8f
commit 11a1f35cc5
2 changed files with 122 additions and 31 deletions

View file

@ -6,11 +6,10 @@
//
// Backend uses the compiled file util.js
// Frontend uses util.ts
Object.defineProperty(exports, "__esModule", { value: true });
exports.getMonitorRelativeURL = exports.genSecret = exports.getRandomInt = exports.getRandomArbitrary = exports.TimeLogger = exports.polyfill = exports.debug = exports.ucfirst = exports.sleep = exports.flipStatus = exports.STATUS_PAGE_PARTIAL_DOWN = exports.STATUS_PAGE_ALL_UP = exports.STATUS_PAGE_ALL_DOWN = exports.PENDING = exports.UP = exports.DOWN = exports.appName = exports.isDev = void 0;
const _dayjs = require("dayjs");
const dayjs = _dayjs;
const crypto = require("crypto").webcrypto;
exports.__esModule = true;
exports.getMonitorRelativeURL = exports.genSecret = exports.getCryptoRandomInt = exports.getRandomInt = exports.getRandomArbitrary = exports.TimeLogger = exports.polyfill = exports.debug = exports.ucfirst = exports.sleep = exports.flipStatus = exports.STATUS_PAGE_PARTIAL_DOWN = exports.STATUS_PAGE_ALL_UP = exports.STATUS_PAGE_ALL_DOWN = exports.PENDING = exports.UP = exports.DOWN = exports.appName = exports.isDev = void 0;
var _dayjs = require("dayjs");
var dayjs = _dayjs;
exports.isDev = process.env.NODE_ENV === "development";
exports.appName = "Uptime Kuma";
exports.DOWN = 0;
@ -30,7 +29,7 @@ function flipStatus(s) {
}
exports.flipStatus = flipStatus;
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
return new Promise(function (resolve) { return setTimeout(resolve, ms); });
}
exports.sleep = sleep;
/**
@ -41,7 +40,7 @@ function ucfirst(str) {
if (!str) {
return str;
}
const firstLetter = str.substr(0, 1);
var firstLetter = str.substr(0, 1);
return firstLetter.toUpperCase() + str.substr(1);
}
exports.ucfirst = ucfirst;
@ -70,16 +69,17 @@ function polyfill() {
}
}
exports.polyfill = polyfill;
class TimeLogger {
constructor() {
var TimeLogger = /** @class */ (function () {
function TimeLogger() {
this.startTime = dayjs().valueOf();
}
print(name) {
TimeLogger.prototype.print = function (name) {
if (exports.isDev && process.env.TIMELOGGER === "1") {
console.log(name + ": " + (dayjs().valueOf() - this.startTime) + "ms");
}
}
}
};
return TimeLogger;
}());
exports.TimeLogger = TimeLogger;
/**
* Returns a random number between min (inclusive) and max (exclusive)
@ -103,20 +103,61 @@ function getRandomInt(min, max) {
return Math.floor(Math.random() * (max - min + 1)) + min;
}
exports.getRandomInt = getRandomInt;
/**
* Returns either the NodeJS crypto.randomBytes() function or its
* browser equivalent implemented via window.crypto.getRandomValues()
*/
var getRandomBytes = ((typeof window !== 'undefined' && window.crypto)
// Browsers
? function () {
return function (numBytes) {
var randomBytes = new Uint8Array(numBytes);
for (var i = 0; i < numBytes; i += 65536) {
window.crypto.getRandomValues(randomBytes.subarray(i, i + Math.min(numBytes - i, 65536)));
}
return randomBytes;
};
}
// Node
: function () {
return require("crypto").randomBytes;
})();
function getCryptoRandomInt(min, max) {
const randomBuffer = new Uint32Array(1);
crypto.getRandomValues(randomBuffer);
const randomNumber = randomBuffer[0] / (0xffffffff + 1);
min = Math.ceil(min);
max = Math.floor(max);
return Math.floor(randomNumber * (max - min + 1)) + min;
// synchronous version of: https://github.com/joepie91/node-random-number-csprng
var range = max - min;
if (range >= Math.pow(2, 32))
console.log("Warning! Range is too large.");
var tmpRange = range;
var bitsNeeded = 0;
var bytesNeeded = 0;
var mask = 1;
while (tmpRange > 0) {
if (bitsNeeded % 8 === 0)
bytesNeeded += 1;
bitsNeeded += 1;
mask = mask << 1 | 1;
tmpRange = tmpRange >>> 1;
}
var randomBytes = getRandomBytes(bytesNeeded);
var randomValue = 0;
for (var i = 0; i < bytesNeeded; i++) {
randomValue |= randomBytes[i] << 8 * i;
}
randomValue = randomValue & mask;
if (randomValue <= range) {
return min + randomValue;
}
else {
return getCryptoRandomInt(min, max);
}
}
exports.getCryptoRandomInt = getCryptoRandomInt;
function genSecret(length = 64) {
let secret = "";
const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
const charsLength = chars.length;
for ( let i = 0; i < length; i++ ) {
function genSecret(length) {
if (length === void 0) { length = 64; }
var secret = "";
var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
var charsLength = chars.length;
for (var i = 0; i < length; i++) {
secret += chars.charAt(getCryptoRandomInt(0, charsLength - 1));
}
return secret;

View file

@ -8,7 +8,6 @@
import * as _dayjs from "dayjs";
const dayjs = _dayjs;
const crypto = require("crypto").webcrypto;
export const isDev = process.env.NODE_ENV === "development";
export const appName = "Uptime Kuma";
@ -115,13 +114,64 @@ export function getRandomInt(min: number, max: number) {
return Math.floor(Math.random() * (max - min + 1)) + min;
}
export function getCryptoRandomInt(min: number, max: number) {
const randomBuffer = new Uint32Array(1);
crypto.getRandomValues(randomBuffer);
const randomNumber = randomBuffer[0] / (0xffffffff + 1);
min = Math.ceil(min);
max = Math.floor(max);
return Math.floor(randomNumber * (max - min + 1)) + min;
/**
* Returns either the NodeJS crypto.randomBytes() function or its
* browser equivalent implemented via window.crypto.getRandomValues()
*/
let getRandomBytes = (
(typeof window !== 'undefined' && window.crypto)
// Browsers
? function () {
return (numBytes: number) => {
let randomBytes = new Uint8Array(numBytes);
for (let i = 0; i < numBytes; i += 65536) {
window.crypto.getRandomValues(randomBytes.subarray(i, i + Math.min(numBytes - i, 65536)));
}
return randomBytes;
};
}
// Node
: function() {
return require("crypto").randomBytes;
}
)();
export function getCryptoRandomInt(min: number, max: number):number {
// synchronous version of: https://github.com/joepie91/node-random-number-csprng
const range = max - min
if (range >= Math.pow(2, 32))
console.log("Warning! Range is too large.")
let tmpRange = range
let bitsNeeded = 0
let bytesNeeded = 0
let mask = 1
while (tmpRange > 0) {
if (bitsNeeded % 8 === 0) bytesNeeded += 1
bitsNeeded += 1
mask = mask << 1 | 1
tmpRange = tmpRange >>> 1
}
const randomBytes = getRandomBytes(bytesNeeded)
let randomValue = 0
for (let i = 0; i < bytesNeeded; i++) {
randomValue |= randomBytes[i] << 8 * i
}
randomValue = randomValue & mask;
if (randomValue <= range) {
return min + randomValue
} else {
return getCryptoRandomInt(min, max)
}
}
export function genSecret(length = 64) {