summaryrefslogtreecommitdiff
path: root/app/assets/javascripts/srp/src/srp_session.js
diff options
context:
space:
mode:
Diffstat (limited to 'app/assets/javascripts/srp/src/srp_session.js')
-rw-r--r--app/assets/javascripts/srp/src/srp_session.js122
1 files changed, 122 insertions, 0 deletions
diff --git a/app/assets/javascripts/srp/src/srp_session.js b/app/assets/javascripts/srp/src/srp_session.js
new file mode 100644
index 0000000..88f19d5
--- /dev/null
+++ b/app/assets/javascripts/srp/src/srp_session.js
@@ -0,0 +1,122 @@
+srp.Session = function(account, calculate) {
+
+ // default for injected dependency
+ account = account || new srp.Account();
+ calculate = calculate || new srp.Calculate();
+
+ var a = calculate.randomEphemeral();
+ var A = calculate.A(a);
+ var S = null;
+ var K = null;
+ var M = null;
+ var M2 = null;
+ var authenticated = false;
+
+ // *** Accessor methods ***
+
+ // allows setting the random number A for testing
+
+ this.calculateAndSetA = function(_a) {
+ a = _a;
+ A = calculate.A(_a);
+ return A;
+ };
+
+ this.update = function() {
+ var salt = calculate.randomSalt();
+ var x = calculate.X(account.login(), account.password(), salt);
+ return {
+ login: account.login(),
+ password_salt: salt,
+ password_verifier: calculate.V(x)
+ };
+ }
+
+ this.signup = function() {
+ var loginParams = this.update();
+
+ if (account.loginParams) {
+ var extraParams = account.loginParams();
+ for (var attr in extraParams) {
+ loginParams[attr] = extraParams[attr];
+ }
+ }
+
+ return loginParams;
+ };
+
+ this.handshake = function() {
+ return {
+ login: account.login(),
+ A: this.getA()
+ };
+ };
+
+ this.getA = function() {
+ return A;
+ }
+
+ // Delegate login & id so they can be used when talking to the remote
+ this.login = account.login;
+ this.id = account.id;
+
+ // Calculate S, M, and M2
+ // This is the client side of the SRP specification
+ this.calculations = function(salt, ephemeral)
+ {
+ //S -> C: s | B
+ var B = calculate.zeroPrefix(ephemeral);
+ salt = calculate.zeroPrefix(salt);
+ var x = calculate.X(account.login(), account.password(), salt);
+ S = calculate.S(a, A, B, x);
+ K = calculate.K(S);
+
+ // M = H(H(N) xor H(g), H(I), s, A, B, K)
+ var xor = calculate.nXorG();
+ var hash_i = calculate.hash(account.login())
+ M = calculate.hashHex(xor + hash_i + salt + A + B + K);
+ //M2 = H(A, M, K)
+ M2 = calculate.hashHex(A + M + K);
+ };
+
+
+ this.getS = function() {
+ return S;
+ }
+
+ this.getM = function() {
+ return M;
+ }
+
+ this.validate = function(serverM2) {
+ authenticated = (serverM2 && serverM2 == M2)
+ return authenticated;
+ }
+
+ // If someone wants to use the session key for encrypting traffic, they can
+ // access the key with this function.
+ this.key = function()
+ {
+ if(K) {
+ return K;
+ } else {
+ this.onError("User has not been authenticated.");
+ }
+ };
+
+ // Encrypt plaintext using slowAES
+ this.encrypt = function(plaintext)
+ {
+ var key = cryptoHelpers.toNumbers(session.key());
+ var byteMessage = cryptoHelpers.convertStringToByteArray(plaintext);
+ var iv = new Array(16);
+ rng.nextBytes(iv);
+ var paddedByteMessage = slowAES.getPaddedBlock(byteMessage, 0, byteMessage.length, slowAES.modeOfOperation.CFB);
+ var ciphertext = slowAES.encrypt(paddedByteMessage, slowAES.modeOfOperation.CFB, key, key.length, iv).cipher;
+ var retstring = cryptoHelpers.base64.encode(iv.concat(ciphertext));
+ while(retstring.indexOf("+",0) > -1)
+ retstring = retstring.replace("+", "_");
+ return retstring;
+ };
+};
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-08 21:48:15 +0000