From 372b15afed0b7477bd83062feaa7f24c4d40e38d Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 23 Mar 2017 14:12:30 +0100 Subject: git subrepo clone https://leap.se/git/srp_js app/assets/javascripts/srp subrepo: subdir: "app/assets/javascripts/srp" merged: "9e1a417" upstream: origin: "https://leap.se/git/srp_js" branch: "master" commit: "9e1a417" git-subrepo: version: "0.3.1" origin: "https://github.com/ingydotnet/git-subrepo" commit: "a7ee886" --- app/assets/javascripts/srp | 1 - app/assets/javascripts/srp/src/srp_session.js | 122 ++++++++++++++++++++++++++ 2 files changed, 122 insertions(+), 1 deletion(-) delete mode 160000 app/assets/javascripts/srp create mode 100644 app/assets/javascripts/srp/src/srp_session.js (limited to 'app/assets/javascripts/srp/src/srp_session.js') diff --git a/app/assets/javascripts/srp b/app/assets/javascripts/srp deleted file mode 160000 index 9e1a417..0000000 --- a/app/assets/javascripts/srp +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 9e1a41733468d4a3f5102b04277b9cd7b52d0a45 diff --git a/app/assets/javascripts/srp/src/srp_session.js b/app/assets/javascripts/srp/src/srp_session.js new file mode 100644 index 0000000..88f19d5 --- /dev/null +++ b/app/assets/javascripts/srp/src/srp_session.js @@ -0,0 +1,122 @@ +srp.Session = function(account, calculate) { + + // default for injected dependency + account = account || new srp.Account(); + calculate = calculate || new srp.Calculate(); + + var a = calculate.randomEphemeral(); + var A = calculate.A(a); + var S = null; + var K = null; + var M = null; + var M2 = null; + var authenticated = false; + + // *** Accessor methods *** + + // allows setting the random number A for testing + + this.calculateAndSetA = function(_a) { + a = _a; + A = calculate.A(_a); + return A; + }; + + this.update = function() { + var salt = calculate.randomSalt(); + var x = calculate.X(account.login(), account.password(), salt); + return { + login: account.login(), + password_salt: salt, + password_verifier: calculate.V(x) + }; + } + + this.signup = function() { + var loginParams = this.update(); + + if (account.loginParams) { + var extraParams = account.loginParams(); + for (var attr in extraParams) { + loginParams[attr] = extraParams[attr]; + } + } + + return loginParams; + }; + + this.handshake = function() { + return { + login: account.login(), + A: this.getA() + }; + }; + + this.getA = function() { + return A; + } + + // Delegate login & id so they can be used when talking to the remote + this.login = account.login; + this.id = account.id; + + // Calculate S, M, and M2 + // This is the client side of the SRP specification + this.calculations = function(salt, ephemeral) + { + //S -> C: s | B + var B = calculate.zeroPrefix(ephemeral); + salt = calculate.zeroPrefix(salt); + var x = calculate.X(account.login(), account.password(), salt); + S = calculate.S(a, A, B, x); + K = calculate.K(S); + + // M = H(H(N) xor H(g), H(I), s, A, B, K) + var xor = calculate.nXorG(); + var hash_i = calculate.hash(account.login()) + M = calculate.hashHex(xor + hash_i + salt + A + B + K); + //M2 = H(A, M, K) + M2 = calculate.hashHex(A + M + K); + }; + + + this.getS = function() { + return S; + } + + this.getM = function() { + return M; + } + + this.validate = function(serverM2) { + authenticated = (serverM2 && serverM2 == M2) + return authenticated; + } + + // If someone wants to use the session key for encrypting traffic, they can + // access the key with this function. + this.key = function() + { + if(K) { + return K; + } else { + this.onError("User has not been authenticated."); + } + }; + + // Encrypt plaintext using slowAES + this.encrypt = function(plaintext) + { + var key = cryptoHelpers.toNumbers(session.key()); + var byteMessage = cryptoHelpers.convertStringToByteArray(plaintext); + var iv = new Array(16); + rng.nextBytes(iv); + var paddedByteMessage = slowAES.getPaddedBlock(byteMessage, 0, byteMessage.length, slowAES.modeOfOperation.CFB); + var ciphertext = slowAES.encrypt(paddedByteMessage, slowAES.modeOfOperation.CFB, key, key.length, iv).cipher; + var retstring = cryptoHelpers.base64.encode(iv.concat(ciphertext)); + while(retstring.indexOf("+",0) > -1) + retstring = retstring.replace("+", "_"); + return retstring; + }; +}; + -- cgit v1.2.3