diff --git a/javascript/src/iframe/viamapi-iframe.js b/javascript/src/iframe/viamapi-iframe.js
index 1be8826ce13b02b17bd30dfddd717ef996827b1d..bd882695704604341c336e6b7c9acdea51d13bc9 100644
--- a/javascript/src/iframe/viamapi-iframe.js
+++ b/javascript/src/iframe/viamapi-iframe.js
@@ -544,17 +544,77 @@ function encryptMessage(message, password, label) {
//*********************************************************************************
function decryptMessage(message, password) {
- const secret = pvutils.stringToArrayBuffer(password);
- const buffer = decodePEM(message);
-
- const asn1 = asn1js.fromBER(buffer);
- const content = new pkijs.ContentInfo({schema: asn1.result});
- const enveloped = new pkijs.EnvelopedData({schema: content.content});
- return enveloped.decrypt(0, {preDefinedData: secret}).then(result => {
- return pvutils.arrayBufferToString(result);
- }).catch(() => {
- throw("Wrong pincode")
- })
+ if (canTryPincode()) {
+ const secret = pvutils.stringToArrayBuffer(password);
+ const buffer = decodePEM(message);
+
+ const asn1 = asn1js.fromBER(buffer);
+ const content = new pkijs.ContentInfo({schema: asn1.result});
+ const enveloped = new pkijs.EnvelopedData({schema: content.content});
+ return enveloped.decrypt(0, {preDefinedData: secret}).then(result => {
+ return pvutils.arrayBufferToString(result);
+ }).catch(() => {
+ return Promise.reject(failPincodeAttempt(password));
+ });
+ } else {
+ return Promise.reject(getTimeLeftInLocalStorage());
+ }
+}
+
+//*********************************************************************************
+function getBlockFinishTimeInLocalStorage() {
+ return localStorage.getItem("blockFinishTime") || getCurrentTime();
+}
+
+function getCurrentTime() {
+ return Math.floor(new Date().getTime() / 1000);
+}
+
+function getTimeLeftInLocalStorage() {
+ const blockFinishTime = getBlockFinishTimeInLocalStorage();
+ const timeNow = getCurrentTime();
+ const seconds = (blockFinishTime - timeNow) % 60;
+ let minutes = Math.floor((blockFinishTime - timeNow) / 60);
+ minutes %= 60;
+
+ const left = "Your identity has been locked. Try again in " + minutes + " minutes and " + seconds + " seconds.";
+ return left;
+}
+
+function failPincodeAttempt(password) {
+ let message = "Wrong pincode";
+ if (password !== '00000000') {
+ let attempt = localStorage.getItem("attempt") || 1;
+ attempt = parseInt(attempt);
+ if (attempt === 9) {
+ const identitiesTemp = listIdentitiesFromLocalStorage();
+ for (let i in identitiesTemp) {
+ destroyIdentityFromLocalStorage(i);
+ }
+ message = "9 failed attempts. Identity is revoked!";
+ localStorage.removeItem("attempt");
+ } else if (attempt % 3 === 0) {
+ const timeNow = getCurrentTime();
+ const blockFinishTime = timeNow + 300;
+ localStorage.setItem("blockFinishTime", blockFinishTime);
+ localStorage.setItem("attempt", attempt + 1);
+ message = "3 failed attempts. Identity is locked!";
+ } else {
+ localStorage.setItem("attempt", attempt + 1);
+ }
+ }
+ return message;
+}
+
+function canTryPincode() {
+ const timeNow = getCurrentTime();
+ const blockFinishTime = getBlockFinishTimeInLocalStorage();
+ if (blockFinishTime <= timeNow) {
+ localStorage.removeItem("blockFinishTime");
+ return true;
+ } else {
+ return false;
+ }
}
//*********************************************************************************
@@ -1404,9 +1464,10 @@ function loadIdentityInternal(identityKey, pinCode) {
result({
"data": "",
"code": "400",
- "status": "Can not load identity"
+ "status": "Please restore or authorize your account via another device."
});
}
+ localStorage.removeItem("attempt");
const copiedIdentity = JSON.parse(JSON.stringify(loadedIdentity));
window.loadedIdentities[identityKey] = loadedIdentity;
@@ -1435,7 +1496,7 @@ function loadIdentityInternal(identityKey, pinCode) {
result({
"data": "",
"code": "400",
- "status": "Can not load entity:" + e
+ "status": "" + e
});
});
});