Also we currently generate the salt on the server - this should happen on the client but for now i stick to the srp-js workflow.
erb :signup
end
-post '/signup' do
+# TODO: Client should generate the salt!
+# Getting things to work the srp-js way first.
+post '/register/salt/' do
Log.clear
- Log.log(:signup, params)
- @user = User.current
- @user.signup!(params)
- redirect '/'
+ @user = User.new(params.delete('I'))
+ erb :salt, :layout => false, :content_type => :xml
+end
+
+post '/register/user/' do
+ User.current.verifier = params.delete('v').to_i
+ erb :ok, :layout => false, :content_type => :xml
end
get '/login' do
@current ||= User.new
end
+ def self.current=(user)
+ @current = user
+ end
+
attr_accessor :login
attr_accessor :salt
attr_accessor :verifier
attr_accessor :active
attr_accessor :srp
- def signup!(params)
- self.login = params.delete('login')
- self.salt = params.delete('salt').to_i
- self.verifier = params.delete('verifier').to_i
+ def initialize(login)
+ self.login = login
+ self.salt = OpenSSL::Random.random_bytes(10).unpack("H*")[0]
self.active = false
+ User.current = self
end
def initialize_auth(params)
$(document).ready(function(){
$('#login-btn').click(on_login);
+ $('#signup-btn').click(on_signup);
});
function on_login(event) {
srp.identify();
event.preventDefault();
}
+
+function on_signup(event) {
+ srp = new SRP();
+ srp.success = function() {
+ alert("Signed up successfully");
+ };
+ srp.register();
+ event.preventDefault();
+}
<script type="text/javascript" src="jquery.min.js"> </script>
<script type="text/javascript" src="srp.min.js"> </script>
+ <script type="text/javascript" src="srp_register.min.js"> </script>
<script type="text/javascript" src="srp.js"> </script>
</body>
<legend>Signup to test secure remote passwords</legend>
<div class="control-group">
<label class="control-label" for="login">Login</label>
- <input type="text" class"input-xlarge" name="login"></input>
+ <input type="text" class"input-xlarge" name="srp_username" id="srp_username"></input>
</div>
<div class="control-group">
<label class="control-label" for="password">Password</label>
- <input type="password" class"input-xlarge" name="password"></input>
- <input type="hidden" class"input-xlarge" name="seed" value="624848790506324805995013"></input>
- <input type="hidden" class"input-xlarge" name="verifier" value="100580140046706175735129154266794946404091486659235926309138114843862401271008476617107722147233360718775042845375531421388163398889326297385327521531575749857884877960888755227994771967905136828058233126017527751738166121598194480710839381273324624500340831193855479639683906360867824492692241079248646622455"></input>
+ <input type="password" class"input-xlarge" name="srp_password" id="srp_password"></input>
</div>
+ <input type="hidden" id="srp_url" name="srp_url" value="/"></input>
+ <input type="hidden" id="srp_server" name="srp_server" value="django"></input>
<div class="form-actions">
- <button type="submit" class="btn btn-primary">Signup</button>
+ <button type="submit" class="btn btn-primary" id="signup-btn">Signup</button>
<a href="/" class="btn">Cancel</a>
</div>
</form>
aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N)
bb, u = server.initialize_auth(aa)
client_s = calculate_client_s(x, a, bb, u)
- puts "bb: " + bb.to_s
- puts "aa: " + aa.to_s
- puts "client_s: " + client_s.to_s
- server.authenticate(aa, client_s)
+ server.authenticate(aa, calculate_m(aa,bb,client_s))
end
protected
def calculate_x(username, password, salt)
shex = '%x' % [salt]
spad = if shex.length.odd? then '0' else '' end
- sha1_hex(spad + shex + sha1_str([username, password].join(':'))).hex
+ sha256_hex(spad + shex + sha256_str([username, password].join(':'))).hex
end
def calculate_client_s(x, a, bb, u)
sha256_hex(hashin).hex
end
- def calculate_m(aa, bb, s)
- # todo: we might want to 0fill this like for u
- hashin = '%x%x%x' % [aa, bb, s]
- sha256_hex(hashin).hex
- end
-
end
end
module Util
# constants both sides know
- PRIME_N = <<-EOS.split.join.hex # 1024 bits modulus (N)
+ # in this case taken from srp-js
+ PRIME_N = <<-EOS.split.join.hex
+115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3
+ EOS
+
+ BIG_PRIME_N = <<-EOS # 1024 bits modulus (N)
eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657
6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da
d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
end
end
- def sha1_hex(h)
- Digest::SHA1.hexdigest([h].pack('H*'))
- end
-
- def sha1_str(s)
- Digest::SHA1.hexdigest(s)
- end
-
def sha256_hex(h)
Digest::SHA2.hexdigest([h].pack('H*'))
end
end
def multiplier
+ return "c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58".hex % PRIME_N
+ @k ||= calculate_multiplier
+ end
+
+ protected
+
+ def calculate_multiplier
n = PRIME_N
g = GENERATOR
nhex = '%x' % [n]
ghex = '%x' % [g]
hashin = '0' * (nlen - nhex.length) + nhex \
+ '0' * (nlen - ghex.length) + ghex
- sha1_hex(hashin).hex % n
+ sha256_hex(hashin).hex % n
end
+
+ def calculate_m(aa, bb, s)
+ # todo: we might want to 0fill this like for u
+ hashin = '%x%x%x' % [aa, bb, s]
+ sha256_hex(hashin).hex
+ end
+
end
end
end
def test_successful_auth
- print "salt: "
- puts @client.salt
- print "verifier: "
- puts @client.verifier
assert @client.authenticate(@server, @username, @password)
end