diff options
| -rw-r--r-- | src/leap/bonafide/_srp.py (renamed from src/leap/bonafide/srp_auth.py) | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/src/leap/bonafide/srp_auth.py b/src/leap/bonafide/_srp.py index d48214f..dc856ab 100644 --- a/src/leap/bonafide/srp_auth.py +++ b/src/leap/bonafide/_srp.py @@ -25,7 +25,6 @@ import json import srp - class SRPAuthMechanism(object): """ @@ -92,6 +91,33 @@ class SRPAuthMechanism(object): raise SRPAuthBadDataFromServer(msg) +class SRPSignupMechanism(object): + + """ + Implement a protocol-agnostic SRP Registration mechanism. + """ + + def get_signup_params(self, username, password): + salt, verifier = srp.create_salted_verification_key( + bytes(username), bytes(password), + srp.SHA256, srp.NG_1024) + user_data = { + 'user[login]': username, + 'user[password_salt]': binascii.hexlify(salt), + 'user[password_verifier]': binascii.hexlify(verifier)} + return user_data + + def process_signup(self, signup_response): + signup = json.loads(signup_response) + errors = signup.get('errors') + if errors: + msg = 'username ' + errors.get('login')[0] + raise SRPRegistrationError(msg) + else: + username = signup.get('login') + return username + + def _safe_unhexlify(val): return binascii.unhexlify(val) \ if (len(val) % 2 == 0) else binascii.unhexlify('0' + val) @@ -113,3 +139,7 @@ class SRPAuthNoB(SRPAuthError): class SRPAuthBadDataFromServer(SRPAuthError): pass + +class SRPRegistrationError(Exception): + pass + |