summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/bonafide/_srp.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/bonafide/_srp.py')
-rw-r--r--src/leap/bitmask/bonafide/_srp.py23
1 files changed, 20 insertions, 3 deletions
diff --git a/src/leap/bitmask/bonafide/_srp.py b/src/leap/bitmask/bonafide/_srp.py
index b0dd83ff..34a75a56 100644
--- a/src/leap/bitmask/bonafide/_srp.py
+++ b/src/leap/bitmask/bonafide/_srp.py
@@ -101,9 +101,7 @@ class SRPSignupMechanism(object):
"""
def get_signup_params(self, username, password):
- salt, verifier = srp.create_salted_verification_key(
- bytes(username), bytes(password),
- srp.SHA256, srp.NG_1024)
+ salt, verifier = _get_salt_verifier(username, password)
user_data = {
'user[login]': username,
'user[password_salt]': binascii.hexlify(salt),
@@ -121,6 +119,25 @@ class SRPSignupMechanism(object):
return username
+class SRPPasswordChangeMechanism(object):
+
+ """
+ Implement a protocol-agnostic SRP passord change mechanism.
+ """
+
+ def get_password_params(self, username, password):
+ salt, verifier = _get_salt_verifier(username, password)
+ user_data = {
+ 'user[password_salt]': binascii.hexlify(salt),
+ 'user[password_verifier]': binascii.hexlify(verifier)}
+ return user_data
+
+
+def _get_salt_verifier(username, password):
+ return srp.create_salted_verification_key(bytes(username), bytes(password),
+ srp.SHA256, srp.NG_1024)
+
+
def _safe_unhexlify(val):
return binascii.unhexlify(val) \
if (len(val) % 2 == 0) else binascii.unhexlify('0' + val)