diff options
author | Azul <azul@leap.se> | 2012-10-05 16:48:27 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2012-10-05 16:48:27 +0200 |
commit | e264e7354788c0b7eff7bb296eed9c59304cc8b8 (patch) | |
tree | 92c2404df3abab41edd6c97ba13450d7931781c1 /users | |
parent | c2d5a80b576ffc5f9ff0807c9a52fec8b4f34123 (diff) |
using safe_unhexlify to workaround 0 padding
also changed the debug output so it helps creating tests for ruby-srp
Diffstat (limited to 'users')
-rwxr-xr-x | users/test/integration/api/python/flow_with_srp.py | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py index ea630f2..3bbbc71 100755 --- a/users/test/integration/api/python/flow_with_srp.py +++ b/users/test/integration/api/python/flow_with_srp.py @@ -6,9 +6,11 @@ import requests import json import string import random -import srp +import srp._pysrp as srp import binascii +safe_unhexlify = lambda x: binascii.unhexlify(x) if (len(x) % 2 == 0) else binascii.unhexlify('0'+x) + # let's have some random name def id_generator(size=6, chars=string.ascii_uppercase + string.digits): return ''.join(random.choice(chars) for x in range(size)) @@ -18,15 +20,20 @@ server = 'http://localhost:3000' login = id_generator() password = id_generator() + id_generator() +print ' username = "' + login + '"' +print ' password = "' + password + '"' + # log the server communication def print_and_parse(response): - print response.request.method + ': ' + response.url - print " " + json.dumps(response.request.data) + # print response.request.method + ': ' + response.url + # print " " + json.dumps(response.request.data) print " -> " + response.text return json.loads(response.text) def signup(session): salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 ) + print ' salt = "' + binascii.hexlify(salt) + '"' + print ' v = "' + binascii.hexlify(vkey) + '"' user_params = { 'user[login]': login, 'user[password_verifier]': binascii.hexlify(vkey), @@ -38,12 +45,16 @@ usr = srp.User( login, password, srp.SHA256, srp.NG_1024 ) def authenticate(session, login): uname, A = usr.start_authentication() + print ' aa = "' + binascii.hexlify(A) + '"' params = { 'login': uname, 'A': binascii.hexlify(A) } init = print_and_parse(session.post(server + '/sessions', data = params)) - M = usr.process_challenge( binascii.unhexlify(init['salt']), binascii.unhexlify(init['B']) ) + # print ' b = "' + init['b'] + '"' + print ' bb = "' + init['B'] + '"' + M = usr.process_challenge( safe_unhexlify(init['salt']), safe_unhexlify(init['B']) ) + print ' m = "' + binascii.hexlify(M) + '"' return session.put(server + '/sessions/' + login, data = {'client_auth': binascii.hexlify(M)}) @@ -52,7 +63,15 @@ user = print_and_parse(signup(session)) # SRP signup would happen here and calculate M hex auth = print_and_parse(authenticate(session, user['login'])) -usr.verify_session( binascii.unhexlify(auth["M2"]) ) +if ( 'errors' in auth ): + print ' u = "%x"' % usr.u + print ' x = "%x"' % usr.x + print ' v = "%x"' % usr.v + print ' S = "%x"' % usr.S + print ' K = "' + binascii.hexlify(usr.K) + '"' + print ' M = "%x"' % usr.M +else: + usr.verify_session( safe_unhexlify(auth["M2"]) ) # At this point the authentication process is complete. assert usr.authenticated() |