Check-in [cbf210fda5]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add passphrase entropy estimation
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:cbf210fda556b23124ed339db724c2a58f101b1e
User & Date: bernd 2019-01-06 19:39:19
Context
2019-01-06
20:05
Add passphrase entropy estimation check-in: 1474c563a5 user: bernd tags: trunk
19:39
Add passphrase entropy estimation check-in: cbf210fda5 user: bernd tags: trunk
11:34
Auto-show new id generation if no key is available check-in: 9b227877fc user: bernd tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to gui.fs.

127
128
129
130
131
132
133

134
135
136
137
138
139
140
...
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
...
252
253
254
255
256
257
258

259
260
261
262
263
264
265
...
273
274
275
276
277
278
279

280
281
282
283
284
285
286
...
298
299
300
301
302
303
304


305
306
307
308
309
310
311
312
313


314
315
316
317
318
319
320
...
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859

forward show-nicks
forward gui-msgs
0 Value title-vp
0 Value pw-field
0 Value nick-field
0 Value nick-pw


Variable nick$

: nick-done ( max span addr pos -- max span addr pos flag )
    over 3 pick nick$ $!
    0e pw-field [: data .engage fdrop ;] >animate \ engage delayed
    create-new-id /hflip
................................................................................

tex: net2o-logo

[IFDEF] light-login \ light color sceme
    $FF0040FF text-color, FValue pw-num-col#
    $AAAAAAFF text-color, FValue pw-text-col#
    $000000FF text-color, FValue show-sign-color#
    $FFFFFFFF color, FValue pw-bg-col#
    $0000BFFF color, FValue dark-blue#
    $0000FF08 color, FValue chbs-col#
    $FFFFFFFF color, FValue login-bg-col#
[ELSE]
    $FF0040FF text-color, FValue pw-num-col#
    $cc6600FF text-color, FValue pw-text-col#
    $FFFFFFFF text-color, FValue show-sign-color#
    $550000FF color, FValue pw-bg-col#
    $88FF00FF color, FValue dark-blue#
    $00FF0020 color, FValue chbs-col#
    $000020FF color, FValue login-bg-col#
[THEN]

glue new Constant glue*lll±
glue*lll± >o 1Mglue fnip 1000e fswap hglue-c glue! 0glue fnip 1filll fswap dglue-c glue! 1glue vglue-c glue! o>
................................................................................
	    {{
		\large \sans "🔐" }}text
		\large pw-num-col# to x-color s" " }}text
		25%b dup to pw-num /center
	    }}z
	    {{
		glue*l pw-bg-col# font-size# f2/ f2/ }}frame dup .button3

		\mono \normal
		{{ chbs-col# to x-color "Correct Horse Battery Staple" }}text 25%b
		glue*l }}h
		{{
		    glue-sright }}glue
		    glue*l }}glue \bold
		    l" wrong passphrase!" $FF000000 $FF0000FF fade-color,
................................................................................
		    {{
			pw-text-col# to x-color
			"" }}pw dup to pw-field
			25%b >o config:passmode# @ to pw-mode o o>
			glue*lll }}glue
		    }}h
		    pw-field ' pw-done edit[]

		    {{
			\large \sans whitish "👁" }}text
			\normal \bold show-sign-color# to x-color "\" }}text dup value show-pw-sign /center blackish
		    }}z \regular
		    : pw-show/hide ( flag -- )
			dup IF  ['] transparent >body f@
			ELSE  show-sign-color#  THEN
................................................................................
		"➕" }}text /center dup to plus-login
		"➖" }}text /center dup to minus-login /vflip
		\large
		: id-show-hide ( flag -- )
		    IF
			phrase-unlock /hflip
			create-new-id /flop


			plus-login /flip
			minus-login /flop
			nick-edit /flop
			[ x-baseline ] FLiteral nick-edit >o
			fdup gap% f* to gap to baseline o>
			"nick" nick-field engage-edit
		    ELSE
			phrase-unlock /flop
			create-new-id /hflip


			plus-login /flop
			minus-login /flip
			nick-edit /vflip
			0e nick-edit >o to baseline o>
		    THEN +resize +lang ;
		\normal
	    }}z ' id-show-hide false toggle[] dup Value id-toggler
................................................................................
    n2o-frame to top-widget
    "PASSPHRASE" getenv 2dup d0= IF  2drop
    ELSE
	>passphrase +key  read-keys
	"PASSPHRASE" getenv erase \ erase passphrase after use!
    THEN
    secret-keys# IF  show-nicks  ELSE
	has-key?  IF
	    0e 0 [: drop k-enter id-toggler .act .ekeyed ;] >animate
	THEN
    THEN
    1config  !widgets
    get-order n>r ['] /chat >body 1 set-order
    ['] widgets-loop catch
    nr> set-order throw ;







>







 







|







|







 







>







 







>







 







>
>









>
>







 







|







127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
...
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
...
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
...
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
...
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
...
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866

forward show-nicks
forward gui-msgs
0 Value title-vp
0 Value pw-field
0 Value nick-field
0 Value nick-pw
0 Value pw-back

Variable nick$

: nick-done ( max span addr pos -- max span addr pos flag )
    over 3 pick nick$ $!
    0e pw-field [: data .engage fdrop ;] >animate \ engage delayed
    create-new-id /hflip
................................................................................

tex: net2o-logo

[IFDEF] light-login \ light color sceme
    $FF0040FF text-color, FValue pw-num-col#
    $AAAAAAFF text-color, FValue pw-text-col#
    $000000FF text-color, FValue show-sign-color#
    $FF0000FF $00FF00FF fade-color, FValue pw-bg-col#
    $0000BFFF color, FValue dark-blue#
    $0000FF08 color, FValue chbs-col#
    $FFFFFFFF color, FValue login-bg-col#
[ELSE]
    $FF0040FF text-color, FValue pw-num-col#
    $cc6600FF text-color, FValue pw-text-col#
    $FFFFFFFF text-color, FValue show-sign-color#
    $550000FF $005500FF fade-color, FValue pw-bg-col#
    $88FF00FF color, FValue dark-blue#
    $00FF0020 color, FValue chbs-col#
    $000020FF color, FValue login-bg-col#
[THEN]

glue new Constant glue*lll±
glue*lll± >o 1Mglue fnip 1000e fswap hglue-c glue! 0glue fnip 1filll fswap dglue-c glue! 1glue vglue-c glue! o>
................................................................................
	    {{
		\large \sans "🔐" }}text
		\large pw-num-col# to x-color s" " }}text
		25%b dup to pw-num /center
	    }}z
	    {{
		glue*l pw-bg-col# font-size# f2/ f2/ }}frame dup .button3
		dup to pw-back
		\mono \normal
		{{ chbs-col# to x-color "Correct Horse Battery Staple" }}text 25%b
		glue*l }}h
		{{
		    glue-sright }}glue
		    glue*l }}glue \bold
		    l" wrong passphrase!" $FF000000 $FF0000FF fade-color,
................................................................................
		    {{
			pw-text-col# to x-color
			"" }}pw dup to pw-field
			25%b >o config:passmode# @ to pw-mode o o>
			glue*lll }}glue
		    }}h
		    pw-field ' pw-done edit[]
		    >o act >o [: edit-w .text$ passphrase-entropy 1e fmin pw-bg-col# f+ pw-back >o to w-color o> ;] is edit-filter o> o o>
		    {{
			\large \sans whitish "👁" }}text
			\normal \bold show-sign-color# to x-color "\" }}text dup value show-pw-sign /center blackish
		    }}z \regular
		    : pw-show/hide ( flag -- )
			dup IF  ['] transparent >body f@
			ELSE  show-sign-color#  THEN
................................................................................
		"➕" }}text /center dup to plus-login
		"➖" }}text /center dup to minus-login /vflip
		\large
		: id-show-hide ( flag -- )
		    IF
			phrase-unlock /hflip
			create-new-id /flop
			phrase-first /hflip
			phrase-again /hflip
			plus-login /flip
			minus-login /flop
			nick-edit /flop
			[ x-baseline ] FLiteral nick-edit >o
			fdup gap% f* to gap to baseline o>
			"nick" nick-field engage-edit
		    ELSE
			phrase-unlock /flop
			create-new-id /hflip
			phrase-first /hflip
			phrase-again /hflip
			plus-login /flop
			minus-login /flip
			nick-edit /vflip
			0e nick-edit >o to baseline o>
		    THEN +resize +lang ;
		\normal
	    }}z ' id-show-hide false toggle[] dup Value id-toggler
................................................................................
    n2o-frame to top-widget
    "PASSPHRASE" getenv 2dup d0= IF  2drop
    ELSE
	>passphrase +key  read-keys
	"PASSPHRASE" getenv erase \ erase passphrase after use!
    THEN
    secret-keys# IF  show-nicks  ELSE
	lacks-key?  IF
	    0e 0 [: drop k-enter id-toggler .act .ekeyed ;] >animate
	THEN
    THEN
    1config  !widgets
    get-order n>r ['] /chat >body 1 set-order
    ['] widgets-loop catch
    nr> set-order throw ;

Changes to keys.fs.

517
518
519
520
521
522
523































524
525
526
527
528
529
530
....
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
    ELSE  2drop 2drop  THEN +group-perm ;

: apply-group ( addr u o:key -- )
    over c@ '+' = IF  1 /string >group-id add-group .key-list  EXIT  THEN
    over c@ '-' = IF  1 /string >group-id sub-group .key-list  EXIT  THEN
    >group-id set-group .key-list ;
































\ get passphrase

3 Value passphrase-retry#
$100 Constant max-passphrase# \ 256 characters should be enough...
max-passphrase# buffer: passphrase

: passphrase-in ( addr u -- addr u )
................................................................................
    dup 0= IF  #-56 throw  THEN
    1 = IF  0 secret-key
	." ==== opened: " dup ..nick ."  in " .time ." ====" cr
    ELSE  ." ==== opened in " .time ." ====" cr choose-key  THEN
    >raw-key ?rsk read-chatgroups  r> op-vector ! ;

scope: n2o
Forward help
}scope

: has-key? ( -- flag )
    gen-keys-dir  "seckeys.k2o" .keys/ 2dup file-status nip
    0= IF  r/o open-file throw >r r@ file-size throw d0=
	r> close-file throw  ELSE  true  THEN ;

: get-my-key ( -- xt )
    has-key?
    IF  [: ." Generate a new keypair:" cr
	  get-nick dup 0= #-56 and throw \ empty nick: pretend to quit
	  new-key .keys ?rsk read-chatgroups ;]
    ELSE  ['] get-skc  THEN ;

: .keyinfo ( -- )
    <warn> ." ==== No key opened ====" cr







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







 







<


|





|







517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
....
1353
1354
1355
1356
1357
1358
1359

1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
    ELSE  2drop 2drop  THEN +group-perm ;

: apply-group ( addr u o:key -- )
    over c@ '+' = IF  1 /string >group-id add-group .key-list  EXIT  THEN
    over c@ '-' = IF  1 /string >group-id sub-group .key-list  EXIT  THEN
    >group-id set-group .key-list ;

\ calculate passphrase entropy

$100 cells buffer: ph-histogram

: >ph-histogram ( addr u -- )
    \G generate a histogram of bytes in a string
    ph-histogram $100 cells erase
    bounds ?DO  1 I c@ cells ph-histogram + +!  LOOP ;

: ph-sqsum ( addr u -- fsqsum )
    \G compute the distance of neighboring letters relative to the used set
    \G (i.e. only the populated slots count)
    0e 1- 0 max bounds ?DO
	0 I c@ I 1+ c@ 2dup min >r max r> ?DO
	    I cells ph-histogram + @ 0<> - LOOP
	dup * [ 1e $10000 fm/ ] FLiteral fm* f+
    LOOP ;

: g-test ( n -- entropy )
    1e fm/ fln { f: n0 }
    0e  ph-histogram $100 cells bounds DO
	I @ ?dup-IF  s>f fdup fln n0 f- f* f+  THEN
    cell +LOOP ;

: passphrase-entropy ( addr u -- fentropy )
    \G estimate passphrase entropy
    dup 0= IF  2drop 0e  EXIT  THEN  2dup
    dup >r >ph-histogram
    r@ g-test  1e-20 fmax 1/f r> fm*
    ph-sqsum f* $100 fm* fsqrt ;

\ get passphrase

3 Value passphrase-retry#
$100 Constant max-passphrase# \ 256 characters should be enough...
max-passphrase# buffer: passphrase

: passphrase-in ( addr u -- addr u )
................................................................................
    dup 0= IF  #-56 throw  THEN
    1 = IF  0 secret-key
	." ==== opened: " dup ..nick ."  in " .time ." ====" cr
    ELSE  ." ==== opened in " .time ." ====" cr choose-key  THEN
    >raw-key ?rsk read-chatgroups  r> op-vector ! ;

scope: n2o

}scope

: lacks-key? ( -- flag )
    gen-keys-dir  "seckeys.k2o" .keys/ 2dup file-status nip
    0= IF  r/o open-file throw >r r@ file-size throw d0=
	r> close-file throw  ELSE  true  THEN ;

: get-my-key ( -- xt )
    lacks-key?
    IF  [: ." Generate a new keypair:" cr
	  get-nick dup 0= #-56 and throw \ empty nick: pretend to quit
	  new-key .keys ?rsk read-chatgroups ;]
    ELSE  ['] get-skc  THEN ;

: .keyinfo ( -- )
    <warn> ." ==== No key opened ====" cr