From 2fc85ad7d109ca4304d1fb1515b7087a1bb2ae3e Mon Sep 17 00:00:00 2001
From: Ruben Pollan <meskio@sindominio.net>
Date: Tue, 27 Sep 2016 19:28:28 -0500
Subject: [feature]Add change password command

- Resolves: #8487
---
 src/leap/bitmask/bonafide/_srp.py | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

(limited to 'src/leap/bitmask/bonafide/_srp.py')

diff --git a/src/leap/bitmask/bonafide/_srp.py b/src/leap/bitmask/bonafide/_srp.py
index b0dd83ff..34a75a56 100644
--- a/src/leap/bitmask/bonafide/_srp.py
+++ b/src/leap/bitmask/bonafide/_srp.py
@@ -101,9 +101,7 @@ class SRPSignupMechanism(object):
     """
 
     def get_signup_params(self, username, password):
-        salt, verifier = srp.create_salted_verification_key(
-            bytes(username), bytes(password),
-            srp.SHA256, srp.NG_1024)
+        salt, verifier = _get_salt_verifier(username, password)
         user_data = {
             'user[login]': username,
             'user[password_salt]': binascii.hexlify(salt),
@@ -121,6 +119,25 @@ class SRPSignupMechanism(object):
             return username
 
 
+class SRPPasswordChangeMechanism(object):
+
+    """
+    Implement a protocol-agnostic SRP passord change mechanism.
+    """
+
+    def get_password_params(self, username, password):
+        salt, verifier = _get_salt_verifier(username, password)
+        user_data = {
+            'user[password_salt]': binascii.hexlify(salt),
+            'user[password_verifier]': binascii.hexlify(verifier)}
+        return user_data
+
+
+def _get_salt_verifier(username, password):
+    return srp.create_salted_verification_key(bytes(username), bytes(password),
+                                              srp.SHA256, srp.NG_1024)
+
+
 def _safe_unhexlify(val):
     return binascii.unhexlify(val) \
         if (len(val) % 2 == 0) else binascii.unhexlify('0' + val)
-- 
cgit v1.2.3