diff options
author | Azul <azul@riseup.net> | 2012-10-12 18:52:53 +0200 |
---|---|---|
committer | Azul <azul@riseup.net> | 2012-10-12 18:52:53 +0200 |
commit | 1c0454cbb1c0b8d75a3c192ff588365ef8bc19d0 (patch) | |
tree | df793d02421936f5cef570732e3ed4335284aa3f | |
parent | bd48744cd1da75ddfcfeb8572eed55368711e9e2 (diff) |
got signup to work in accordance with py srp
-rw-r--r-- | lib/SHA256.js | 1 | ||||
-rw-r--r-- | spec/RestfulSpecRunner.html | 4 | ||||
-rw-r--r-- | spec/restful/signup.js | 10 | ||||
-rw-r--r-- | src/srp_session.js | 14 |
4 files changed, 20 insertions, 9 deletions
diff --git a/lib/SHA256.js b/lib/SHA256.js index 1a852c0..f79b07d 100644 --- a/lib/SHA256.js +++ b/lib/SHA256.js @@ -121,7 +121,6 @@ function SHA256(s){ return str; } - s = Utf8Encode(s); return binb2hex(core_sha256(str2binb(s), s.length * chrsz)); } diff --git a/spec/RestfulSpecRunner.html b/spec/RestfulSpecRunner.html index 913dab8..8203970 100644 --- a/spec/RestfulSpecRunner.html +++ b/spec/RestfulSpecRunner.html @@ -64,8 +64,8 @@ <body> <form action="." onsubmit="return register()"> <table> - <tr><td>Username:</td><td><input type="text" id="srp_username" value="user" /></td></tr> - <tr><td>Password:</td><td><input type="password" id="srp_password" value="opensesami"/></td></tr> + <tr><td>Username:</td><td><input type="text" id="srp_username" value="testuser" /></td></tr> + <tr><td>Password:</td><td><input type="password" id="srp_password" value="password"/></td></tr> <input type="hidden" id="srp_url" value=""/> <input type="hidden" id="srp_forward" value="#logged_in"/> <input type="hidden" id="srp_server" value="django"/> diff --git a/spec/restful/signup.js b/spec/restful/signup.js index e214508..bc20b14 100644 --- a/spec/restful/signup.js +++ b/spec/restful/signup.js @@ -13,13 +13,17 @@ describe("Signup", function() { expect(typeof this.srp.register).toBe('function'); }); + it("calculates the right x", function(){ + expect(this.srp.session.calcX("7686acb8").toString(16)).toBe('84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398'); + }); + it("identifies after successful registration (INTEGRATION)", function(){ var callback = sinon.spy(); this.srp.identify = callback; - this.srp.session.getSalt = function() {return "5d3055e0acd3ddcfc15"}; + this.srp.session.getSalt = function() {return "4c78c3f8"}; this.srp.register(); - this.expectRequest('users', "user[login]=user&user[password_salt]=5d3055e0acd3ddcfc15&user[password_verifier]=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44") - this.respondJSON({password_salt: "5d3055e0acd3ddcfc15", login: "user", ok: "true"}); + this.expectRequest('users', "user[login]=testuser&user[password_salt]=4c78c3f8&user[password_verifier]=474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c") + this.respondJSON({password_salt: "4c78c3f8", login: "testuser", ok: "true"}); expect(callback).toHaveBeenCalled(); }); diff --git a/src/srp_session.js b/src/srp_session.js index 93bfbe5..afd653a 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -1,10 +1,10 @@ SRP.prototype.Session = function() { // Variables session will be used in the SRP protocol - var Nstr = "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3"; + var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; var N = new BigInteger(Nstr, 16); var g = new BigInteger("2"); - var k = new BigInteger("c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58", 16); + var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16); var rng = new SecureRandom(); var a = new BigInteger(32, rng); @@ -68,7 +68,7 @@ SRP.prototype.Session = function() { // Calculates the X value and return it as a BigInteger this.calcX = function(s) { - return new BigInteger(SHA256(s + SHA256(I + ":" + pass)), 16); + return new BigInteger(SHA256(hex2a(s + SHA256(I + ":" + pass))), 16); }; this.getV = function(salt) @@ -135,4 +135,12 @@ SRP.prototype.Session = function() { retstring = retstring.replace("+", "_"); return retstring; }; + + function hex2a(hex) { + var str = ''; + for (var i = 0; i < hex.length; i += 2) + str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); + return str; + } + } |