mirror of
https://github.com/dmuth/diceware.git
synced 2024-11-27 19:08:54 -05:00
Added a check to see if proper crypto is available, and a warning if it is not.
This commit is contained in:
parent
042b20a101
commit
a10b0d36cc
2 changed files with 63 additions and 3 deletions
23
index.html
23
index.html
|
@ -89,12 +89,23 @@
|
||||||
<div class="results_phrase_key" >Your passphrase is: </div>
|
<div class="results_phrase_key" >Your passphrase is: </div>
|
||||||
<div class="results_phrase_value" ></div>
|
<div class="results_phrase_value" ></div>
|
||||||
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="alert alert-danger bad_crypto" role="alert">
|
||||||
|
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
|
||||||
|
<span class="sr-only">Error:</span>
|
||||||
|
Whoa there! Your browser doesn't have the getRandomValues() function.
|
||||||
|
This means that dice rolls you make <em>will not be cryptogrpahically secure!</em><br/>
|
||||||
|
Please try another browser. Otherwise, proceed at your own risk.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div> <!--/ row -->
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-md-12">
|
<div class="col-md-12">
|
||||||
|
|
||||||
|
<div class="message" ></div>
|
||||||
|
|
||||||
<h2 class="dice_num">
|
<h2 class="dice_num">
|
||||||
Number of Dice to roll:
|
Number of Dice to roll:
|
||||||
</h2>
|
</h2>
|
||||||
|
@ -166,10 +177,20 @@ By all means, feel free to do so. LastPass is an excellent product and I highly
|
||||||
If, on the other hand, you prefer to be able to actually remember your
|
If, on the other hand, you prefer to be able to actually remember your
|
||||||
passwords, I recommend Diceware or a similar system.
|
passwords, I recommend Diceware or a similar system.
|
||||||
|
|
||||||
|
|
||||||
|
<h3>FAQ: Are these dice roles cryptographically secure?</h3>
|
||||||
|
|
||||||
|
Yes, insofar as we're using the getRandomValues() function in Javascript, and you trust that your
|
||||||
|
browser and computer have not been compromised or otherwise tampered with. Keep in mind that a not-so-theoretical attack
|
||||||
|
would be for an attacker to compromise the random number generator on your computer so that
|
||||||
|
anything that is encrypted (or passkeys generated) would be suspectible to less intense cryptoanalysis.
|
||||||
|
|
||||||
|
|
||||||
<h3>FAQ: Is the source available?</h3>
|
<h3>FAQ: Is the source available?</h3>
|
||||||
|
|
||||||
Yep! You can grab a copy at <a href="https://github.com/dmuth/diceware">https://github.com/dmuth/diceware</a>
|
Yep! You can grab a copy at <a href="https://github.com/dmuth/diceware">https://github.com/dmuth/diceware</a>
|
||||||
|
|
||||||
|
|
||||||
<h3>Who built this? / Contact</h3>
|
<h3>Who built this? / Contact</h3>
|
||||||
|
|
||||||
My name is <a href="http://www.dmuth.org/">Douglas Muth</a>, and I am a software engineer in Philadelphia, PA.
|
My name is <a href="http://www.dmuth.org/">Douglas Muth</a>, and I am a software engineer in Philadelphia, PA.
|
||||||
|
|
43
main.js
43
main.js
|
@ -3,14 +3,48 @@
|
||||||
*/
|
*/
|
||||||
(function() {
|
(function() {
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return true if we have a function that returns cryptographically random
|
||||||
|
* values. False otherwise.
|
||||||
|
*/
|
||||||
|
function i_can_has_good_crypto() {
|
||||||
|
|
||||||
|
if (window.crypto && window.crypto.getRandomValues) {
|
||||||
|
return(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
return(false);
|
||||||
|
|
||||||
|
} // End of i_can_has_good_crypto()
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Roll a die.
|
* Roll a die.
|
||||||
*
|
*
|
||||||
* @return integer A random number between 1 and 6, inclusive.
|
* @return integer A random number between 1 and 6, inclusive.
|
||||||
*/
|
*/
|
||||||
function die_roll() {
|
function die_roll() {
|
||||||
return(Math.floor(Math.random() * 6) + 1);
|
|
||||||
}
|
var retval;
|
||||||
|
|
||||||
|
if (i_can_has_good_crypto()) {
|
||||||
|
var a = new Uint32Array(1);
|
||||||
|
window.crypto.getRandomValues(a);
|
||||||
|
retval = (a[0] % 6) + 1;
|
||||||
|
|
||||||
|
} else {
|
||||||
|
//
|
||||||
|
// Fall back to something way less secure. The user has already
|
||||||
|
// been warned.
|
||||||
|
//
|
||||||
|
retval = Math.floor(Math.random() * 6) + 1;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return(retval);
|
||||||
|
|
||||||
|
} // End of die_roll()
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -246,6 +280,7 @@ jQuery("#roll_dice").on("click", function(e) {
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// If we're not on a mobile, bring in the GitHub ribbon.
|
// If we're not on a mobile, bring in the GitHub ribbon.
|
||||||
//
|
//
|
||||||
|
@ -253,6 +288,10 @@ if (!is_mobile()) {
|
||||||
jQuery("#github_ribbon").fadeIn(1000);
|
jQuery("#github_ribbon").fadeIn(1000);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!i_can_has_good_crypto()) {
|
||||||
|
jQuery(".source .bad_crypto").clone().hide().fadeIn(800).appendTo(".message");
|
||||||
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
// Load our wordlist.
|
// Load our wordlist.
|
||||||
//
|
//
|
||||||
|
|
Loading…
Reference in a new issue