diff options
author | Christoph Brill <opensource@christophbrill.de> | 2022-12-09 19:51:09 +0100 |
---|---|---|
committer | Christoph Brill <opensource@christophbrill.de> | 2022-12-09 19:51:09 +0100 |
commit | aa2e04d31ad7a0ebd89aa9510f5db8aa3db8051e (patch) | |
tree | f3b44c1f355a13ea70fb112c8edab2e6d1e4f85f | |
parent | 7cc3396ce18be3b80bc1b511bdc87e88b0547e32 (diff) |
feat: Use SubtleCrypto instead of CryptoJS for SHA-1
-rwxr-xr-x | index.php | 4 | ||||
-rw-r--r-- | js/core-min.js | 13 | ||||
-rw-r--r-- | js/script.js | 55 | ||||
-rw-r--r-- | js/sha1-min.js | 8 |
4 files changed, 32 insertions, 48 deletions
@@ -81,9 +81,7 @@ div.container-fluid span a { overflow-wrap: break-word; } </style>'.PHP_EOL; if (isset($date)) { - echo ' <script type="text/javascript" src="js/core-min.js"></script> - <script type="text/javascript" src="js/sha1-min.js"></script> - <script type="text/javascript" src="js/script.js"></script> + echo ' <script type="text/javascript" src="js/script.js"></script> </script>'.PHP_EOL; if (count($users) > 0) { diff --git a/js/core-min.js b/js/core-min.js deleted file mode 100644 index 3f191b4..0000000 --- a/js/core-min.js +++ /dev/null @@ -1,13 +0,0 @@ -/* -CryptoJS v3.1.2 -code.google.com/p/crypto-js -(c) 2009-2013 by Jeff Mott. All rights reserved. -code.google.com/p/crypto-js/wiki/License -*/ -var CryptoJS=CryptoJS||function(h,r){var k={},l=k.lib={},n=function(){},f=l.Base={extend:function(a){n.prototype=this;var b=new n;a&&b.mixIn(a);b.hasOwnProperty("init")||(b.init=function(){b.$super.init.apply(this,arguments)});b.init.prototype=b;b.$super=this;return b},create:function(){var a=this.extend();a.init.apply(a,arguments);return a},init:function(){},mixIn:function(a){for(var b in a)a.hasOwnProperty(b)&&(this[b]=a[b]);a.hasOwnProperty("toString")&&(this.toString=a.toString)},clone:function(){return this.init.prototype.extend(this)}}, -j=l.WordArray=f.extend({init:function(a,b){a=this.words=a||[];this.sigBytes=b!=r?b:4*a.length},toString:function(a){return(a||s).stringify(this)},concat:function(a){var b=this.words,d=a.words,c=this.sigBytes;a=a.sigBytes;this.clamp();if(c%4)for(var e=0;e<a;e++)b[c+e>>>2]|=(d[e>>>2]>>>24-8*(e%4)&255)<<24-8*((c+e)%4);else if(65535<d.length)for(e=0;e<a;e+=4)b[c+e>>>2]=d[e>>>2];else b.push.apply(b,d);this.sigBytes+=a;return this},clamp:function(){var a=this.words,b=this.sigBytes;a[b>>>2]&=4294967295<< -32-8*(b%4);a.length=h.ceil(b/4)},clone:function(){var a=f.clone.call(this);a.words=this.words.slice(0);return a},random:function(a){for(var b=[],d=0;d<a;d+=4)b.push(4294967296*h.random()|0);return new j.init(b,a)}}),m=k.enc={},s=m.Hex={stringify:function(a){var b=a.words;a=a.sigBytes;for(var d=[],c=0;c<a;c++){var e=b[c>>>2]>>>24-8*(c%4)&255;d.push((e>>>4).toString(16));d.push((e&15).toString(16))}return d.join("")},parse:function(a){for(var b=a.length,d=[],c=0;c<b;c+=2)d[c>>>3]|=parseInt(a.substr(c, -2),16)<<24-4*(c%8);return new j.init(d,b/2)}},p=m.Latin1={stringify:function(a){var b=a.words;a=a.sigBytes;for(var d=[],c=0;c<a;c++)d.push(String.fromCharCode(b[c>>>2]>>>24-8*(c%4)&255));return d.join("")},parse:function(a){for(var b=a.length,d=[],c=0;c<b;c++)d[c>>>2]|=(a.charCodeAt(c)&255)<<24-8*(c%4);return new j.init(d,b)}},t=m.Utf8={stringify:function(a){try{return decodeURIComponent(escape(p.stringify(a)))}catch(b){throw Error("Malformed UTF-8 data");}},parse:function(a){return p.parse(unescape(encodeURIComponent(a)))}}, -q=l.BufferedBlockAlgorithm=f.extend({reset:function(){this._data=new j.init;this._nDataBytes=0},_append:function(a){"string"==typeof a&&(a=t.parse(a));this._data.concat(a);this._nDataBytes+=a.sigBytes},_process:function(a){var b=this._data,d=b.words,c=b.sigBytes,e=this.blockSize,f=c/(4*e),f=a?h.ceil(f):h.max((f|0)-this._minBufferSize,0);a=f*e;c=h.min(4*a,c);if(a){for(var g=0;g<a;g+=e)this._doProcessBlock(d,g);g=d.splice(0,a);b.sigBytes-=c}return new j.init(g,c)},clone:function(){var a=f.clone.call(this); -a._data=this._data.clone();return a},_minBufferSize:0});l.Hasher=q.extend({cfg:f.extend(),init:function(a){this.cfg=this.cfg.extend(a);this.reset()},reset:function(){q.reset.call(this);this._doReset()},update:function(a){this._append(a);this._process();return this},finalize:function(a){a&&this._append(a);return this._doFinalize()},blockSize:16,_createHelper:function(a){return function(b,d){return(new a.init(d)).finalize(b)}},_createHmacHelper:function(a){return function(b,d){return(new u.HMAC.init(a, -d)).finalize(b)}}});var u=k.algo={};return k}(Math); diff --git a/js/script.js b/js/script.js index 7cb80aa..8be64cb 100644 --- a/js/script.js +++ b/js/script.js @@ -1,13 +1,20 @@ +async function digestMessage(username) { + const msgUint8 = new TextEncoder().encode(username); + const hashBuffer = await crypto.subtle.digest('SHA-1', msgUint8); + const hashArray = Array.from(new Uint8Array(hashBuffer)); + return hashArray.map((b) => b.toString(16).padStart(2, '0')).join(''); +} + function addUser(username) { - var colorlist = document.getElementById('usernames'); - var username_clean = username.replace('|', '_') + const colorlist = document.getElementById('usernames'); + const username_clean = username.replace('|', '_'); // The user was already in the list if (document.mainform.highlight_names.value.indexOf(username) >= 0) { // Remove the username from the list - var myvalue = document.mainform.highlight_names.value; + let myvalue = document.mainform.highlight_names.value; myvalue = myvalue.replace(username, ""); myvalue = myvalue.replace(/;;/g,";"); myvalue = myvalue.replace(/^;/, ""); @@ -15,9 +22,9 @@ function addUser(username) { document.mainform.highlight_names.value = myvalue; // Unmark the lines of the user - for (var k = 0; k < document.styleSheets.length; k++) { - var rules = document.styleSheets[k].cssRules || document.styleSheets[k].rules; - for (var x = 0; x < rules.length; x++) { + for (let k = 0; k < document.styleSheets.length; k++) { + const rules = document.styleSheets[k].cssRules || document.styleSheets[k].rules; + for (let x = 0; x < rules.length; x++) { if (rules[x].selectorText == ('span.user_' + username_clean)) { rules[x].style.color = ''; } @@ -36,27 +43,27 @@ function addUser(username) { document.mainform.highlight_names.value += username; // Mark all the lines of the newly selected user - var color = CryptoJS.SHA1(username).toString().substr(0, 6); - var styleSheet = document.styleSheets[0]; - if (styleSheet.addRule) { - styleSheet.addRule('span.user_' + username_clean, 'color: #' + color, 0); - } else if (styleSheet.insertRule) { - styleSheet.insertRule('span.user_' + username_clean + ' { color: #' + color + '; }', 0); - } else { - document.mainform.submit(); - } + return digestMessage(username).then((str) => { + const color = str.substring(0, 6); + const styleSheet = document.styleSheets[0]; + if (styleSheet.insertRule) { + styleSheet.insertRule('span.user_' + username_clean + ' { color: #' + color + '; }', 0); + } else { + document.mainform.submit(); + } - // Now add the username to the colorlist - var listelement = document.createElement('li'); - listelement.setAttribute('id', 'user_' + username_clean); - var spanelement = document.createElement('span'); - spanelement.setAttribute('class', 'checkbox user_' + username_clean); - listelement.appendChild(spanelement); - spanelement.innerHTML = '<a href="javascript:addUser(\'' + username + '\');">' + username + '</a>'; - colorlist.appendChild(listelement); + // Now add the username to the colorlist + const listelement = document.createElement('li'); + listelement.setAttribute('id', 'user_' + username_clean); + const spanelement = document.createElement('span'); + spanelement.setAttribute('class', 'checkbox user_' + username_clean); + listelement.appendChild(spanelement); + spanelement.innerHTML = '<a href="javascript:addUser(\'' + username + '\');">' + username + '</a>'; + colorlist.appendChild(listelement); + }); } - var semicolons = (document.mainform.highlight_names.value.match(/;/g) || []).length; + const semicolons = (document.mainform.highlight_names.value.match(/;/g) || []).length; document.getElementById('users_label').innerHTML = 'Users ' + (document.mainform.highlight_names.value.length ? ' (' + (semicolons + 1) + ')' : ''); document.cookie = 'stored_users=' + escape(document.mainform.highlight_names.value) + '; path=/'; diff --git a/js/sha1-min.js b/js/sha1-min.js deleted file mode 100644 index 3ae0311..0000000 --- a/js/sha1-min.js +++ /dev/null @@ -1,8 +0,0 @@ -/* -CryptoJS v3.1.2 -code.google.com/p/crypto-js -(c) 2009-2013 by Jeff Mott. All rights reserved. -code.google.com/p/crypto-js/wiki/License -*/ -(function(){var k=CryptoJS,b=k.lib,m=b.WordArray,l=b.Hasher,d=[],b=k.algo.SHA1=l.extend({_doReset:function(){this._hash=new m.init([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(n,p){for(var a=this._hash.words,e=a[0],f=a[1],h=a[2],j=a[3],b=a[4],c=0;80>c;c++){if(16>c)d[c]=n[p+c]|0;else{var g=d[c-3]^d[c-8]^d[c-14]^d[c-16];d[c]=g<<1|g>>>31}g=(e<<5|e>>>27)+b+d[c];g=20>c?g+((f&h|~f&j)+1518500249):40>c?g+((f^h^j)+1859775393):60>c?g+((f&h|f&j|h&j)-1894007588):g+((f^h^ -j)-899497514);b=j;j=h;h=f<<30|f>>>2;f=e;e=g}a[0]=a[0]+e|0;a[1]=a[1]+f|0;a[2]=a[2]+h|0;a[3]=a[3]+j|0;a[4]=a[4]+b|0},_doFinalize:function(){var b=this._data,d=b.words,a=8*this._nDataBytes,e=8*b.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=Math.floor(a/4294967296);d[(e+64>>>9<<4)+15]=a;b.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var b=l.clone.call(this);b._hash=this._hash.clone();return b}});k.SHA1=l._createHelper(b);k.HmacSHA1=l._createHmacHelper(b)})(); |