diff options
author | jessib <jessib@riseup.net> | 2013-06-24 10:32:58 -0700 |
---|---|---|
committer | jessib <jessib@riseup.net> | 2013-06-24 10:32:58 -0700 |
commit | e7a0b830b8f994316a560001a9e7397422b184b1 (patch) | |
tree | 14a591408caecc369b84d985dae1864019f3aedc | |
parent | 3328b20621265b0c50ed395ea890b267ab89109b (diff) | |
parent | 0c5369fd9299eb9bf7295e3925ce803c5473e2b8 (diff) |
Merge pull request #1 from azul/refactor/separate-session
Refactor/separate session
-rw-r--r-- | spec/account_spec.js | 31 | ||||
-rw-r--r-- | spec/calculate_spec.js | 35 | ||||
-rw-r--r-- | spec/login_spec.js | 6 | ||||
-rw-r--r-- | spec/runner.html | 4 | ||||
-rw-r--r-- | spec/session_spec.js | 39 | ||||
-rw-r--r-- | spec/signup_spec.js | 9 | ||||
-rw-r--r-- | src/jqueryRest.js | 2 | ||||
-rw-r--r-- | src/srp_account.js | 13 | ||||
-rw-r--r-- | src/srp_calculate.js | 106 | ||||
-rw-r--r-- | src/srp_session.js | 146 |
10 files changed, 254 insertions, 137 deletions
diff --git a/spec/account_spec.js b/spec/account_spec.js new file mode 100644 index 0000000..4110778 --- /dev/null +++ b/spec/account_spec.js @@ -0,0 +1,31 @@ +describe("Account", function() { + describe("without seeded values", function(){ + beforeEach(function() { + account = new srp.Account(); + }); + + it("fetches the password from the password field", function(){ + expect(account.password()).toBe("password"); + }); + + it("fetches the login from the login field", function(){ + expect(account.login()).toBe("testuser"); + }); + + }); + + describe("with seeded values", function(){ + beforeEach(function() { + account = new srp.Account("login", "secret"); + }); + + it("uses the seeded password", function(){ + expect(account.password()).toBe("secret"); + }); + + it("uses the seeded login", function(){ + expect(account.login()).toBe("login"); + }); + + }); +}); diff --git a/spec/calculate_spec.js b/spec/calculate_spec.js new file mode 100644 index 0000000..f60c343 --- /dev/null +++ b/spec/calculate_spec.js @@ -0,0 +1,35 @@ +describe("Calculate", function() { + + beforeEach(function() { + calculate = new srp.Calculate(); + }); + + // login attempt with correct password that failed never the less: + var compare = { + username: "blues", + password: "justtest", + salt: "6a6ef9ce5cb998eb", + v: "a5da6d376d503e22d93385db0244c382d1413d9f721ad9866dfc5e895cf2a3331514ceec5f48aceab58b260651cc9ee1ba96d906f67a6b4a7414c82d1333607ebe96403ecc86050224dc4c17b1d30efdbb451a68d1b6a25cce10f0e844082329d3cb46e1c3d46298a0de2cd3b8c6acc1a80c206f0f10ec8cd3c050babdf338ba", + aa: "4decb8543891f5a744b1e9b5bc375a474bfe3c5417e1db176cefcc7ba915338a14f309f8e0a4c7641bc9c9b9bd2e91c4d1beda1772c30d0350c9ba44f7c5911dfe6bb593ac2a2b30f1f6e5ec8a656cb4947c1907cf62f8d7283cbe32eb44b02158b51091ae130afa6063bb28cdea9ae159d4f222571e146f8715bfa31af09868", + a: "d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71", + bb: "dee64fd54daafc18b338c5783ade3ff4275dfee8c97008e2d9fb445880a2e1d452c822a35e8e3f012bc6facaa28022f8de3fb1d632667d635abde0afc0ca4ed06c9197ea88f379042b10bc7b7f816a1ec14fefe6e9adef4ab904315b3a3f36749f3f6d1083b0eb0029173770f8e9342b098298389ba49a88d4ea6b78a7f576a4", + s: "50973f6e8134f95bd04f54f522e6e57d957d0640f91f0a989ff775712b81d5856ae3bdd2aa9c5eda8019e9db18065519c99c33a62c7f12f98e7aed60b153feee9ab73ba1272b4d76aa002da8cd47c6da733c88a0e70d4c3d6752fd366d66efe40870d26fd5d1755883b9489721e1881376628bf6ef89902f35e5e7e31227e2f", + k: "dd93e648abfe2ac6c6d46e062ded60b31ec043e55ceca1946ec29508f4c68461", + m: "ccf0c492f715484dc8343e22cd5967c2c5d01de743c5f0a9c5cfd017db1804c" + }; + + it("calculates the proper A", function() { + expect(calculate.A(compare.a)).toBe(compare.aa); + }); + + it("calculates the right x", function() { + x = calculate.X("testuser","password","7686acb8") + expect(x).toBe('84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398'); + }); + + it("calculates the right verifier", function() { + x = calculate.X(compare.username, compare.password, compare.salt) + expect(calculate.V(x)).toBe(compare.v); + }); + +}); diff --git a/spec/login_spec.js b/spec/login_spec.js index e806cff..7c47528 100644 --- a/spec/login_spec.js +++ b/spec/login_spec.js @@ -14,7 +14,7 @@ describe("Login with srp var", function() { var K = 'db6ec0bdab81742315861a828323ff492721bdcd114077a4124bc425e4bf328b'; var M = '640e51d5ac5461591c31811221261f0e0eae7c08ce43c85e9556adbd94ed8c26'; var M2 = '49e48f8ac8c4da0e8a7374f73eeedbee2266e123d23fc1be1568523fc9c24b1e'; - var V = '6f5fb78184161f4191babaf1a700ff70e4d261054d002466d05f2ec2b45fc8807dbd7ce25dc3c882331eb8bf72a22caf2868e3438477be7ab151d3281d00aa1a9fc5cb6a725abd99e11882f77d52b56b83f95c0ba0b8fbbf4ee1fbb445c35adb5d1aaa48ba761c4a4417f6bb821fb61956c919e47740b316b960653303fe7190'; + var V = '4277ddfdd111cc6a4cd27af570172a93ff4dddd9441ad89ecd78b08504812819d85712fbb6d2b487798ea0e19eeb960ce129725286d1c891314c0620abce02ac0a37fac823d0858553aed30ba99622ec9c66cc937016b96e82ef9e3b5d06e1db707293459c0aa8e082b528fd236cda347c45d8b022a9d4f3701c696e0397332a'; var A_, callback; @@ -32,10 +32,6 @@ describe("Login with srp var", function() { expect(A_).toBe(A); }); - it("calculates the same verifier", function(){ - expect(srp.session.getV().toString(16)).toBe(V); - }); - it("calculates the same key", function(){ srp.session.calculations(salt, B); expect(srp.session.key()).toBe(K); diff --git a/spec/runner.html b/spec/runner.html index 5f4727c..d0a5d5d 100644 --- a/spec/runner.html +++ b/spec/runner.html @@ -23,12 +23,16 @@ <script type="text/javascript" src="../lib/jsbn2.js"></script> <script type="text/javascript" src="../src/srp.js"></script> <script type="text/javascript" src="../src/jqueryRest.js"></script> + <script type="text/javascript" src="../src/srp_account.js"></script> + <script type="text/javascript" src="../src/srp_calculate.js"></script> <script type="text/javascript" src="../src/srp_session.js"></script> <!-- include spec files here... --> <script type="text/javascript" src="helper.js"></script> <script type="text/javascript" src="signup_spec.js"></script> <script type="text/javascript" src="login_spec.js"></script> + <script type="text/javascript" src="account_spec.js"></script> + <script type="text/javascript" src="calculate_spec.js"></script> <script type="text/javascript" src="session_spec.js"></script> <script type="text/javascript"> diff --git a/spec/session_spec.js b/spec/session_spec.js index 643a717..a1378a6 100644 --- a/spec/session_spec.js +++ b/spec/session_spec.js @@ -1,7 +1,7 @@ describe("Session", function() { // data gathered from py-srp and ruby-srp - var compare = { + var old_compare = { username: "UC6LTQ", password: "PVSQ7DCEIR0B", salt: "d6ed8dba", @@ -12,27 +12,36 @@ describe("Session", function() { m: "bc30b8781e67a657e93d0a6cf7e7847fc60f79e2b0641e9c26b3522bc8f974cc" } + // login attempt with correct password that failed never the less: + var compare = { + username: "blues", + password: "justtest", + salt: "6a6ef9ce5cb998eb", + v: "a5da6d376d503e22d93385db0244c382d1413d9f721ad9866dfc5e895cf2a3331514ceec5f48aceab58b260651cc9ee1ba96d906f67a6b4a7414c82d1333607ebe96403ecc86050224dc4c17b1d30efdbb451a68d1b6a25cce10f0e844082329d3cb46e1c3d46298a0de2cd3b8c6acc1a80c206f0f10ec8cd3c050babdf338ba", + aa: "4decb8543891f5a744b1e9b5bc375a474bfe3c5417e1db176cefcc7ba915338a14f309f8e0a4c7641bc9c9b9bd2e91c4d1beda1772c30d0350c9ba44f7c5911dfe6bb593ac2a2b30f1f6e5ec8a656cb4947c1907cf62f8d7283cbe32eb44b02158b51091ae130afa6063bb28cdea9ae159d4f222571e146f8715bfa31af09868", + a: "d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71", + bb: "dee64fd54daafc18b338c5783ade3ff4275dfee8c97008e2d9fb445880a2e1d452c822a35e8e3f012bc6facaa28022f8de3fb1d632667d635abde0afc0ca4ed06c9197ea88f379042b10bc7b7f816a1ec14fefe6e9adef4ab904315b3a3f36749f3f6d1083b0eb0029173770f8e9342b098298389ba49a88d4ea6b78a7f576a4", + s: "50973f6e8134f95bd04f54f522e6e57d957d0640f91f0a989ff775712b81d5856ae3bdd2aa9c5eda8019e9db18065519c99c33a62c7f12f98e7aed60b153feee9ab73ba1272b4d76aa002da8cd47c6da733c88a0e70d4c3d6752fd366d66efe40870d26fd5d1755883b9489721e1881376628bf6ef89902f35e5e7e31227e2f", + k: "dd93e648abfe2ac6c6d46e062ded60b31ec043e55ceca1946ec29508f4c68461", + m: "ccf0c492f715484dc8343e22cd5967c2c5d01de743c5f0a9c5cfd017db1804c" + }; + var session; beforeEach(function() { - session = new srp.Session(compare.username, compare.password); - }); - - it("has the proper username", function() { - expect(session.getI()).toBe(compare.username); + account = new srp.Account(compare.username, compare.password); + session = new srp.Session(account); }); - it("calculates the proper verifier", function() { - expect(session.getV(compare.salt).toString(16)).toBe(compare.v); - }); - - it("calculates the proper A", function() { - expect(session.calculateAndSetA(compare.a)).toBe(compare.aa); - }); - - it("calculates the proper M", function() { + it("calculates the proper M (INTEGRATION)", function() { session.calculateAndSetA(compare.a); session.calculations(compare.salt, compare.bb); + expect(session.getS().toString(16)).toBe(compare.s); + expect(session.key()).toBe(compare.k); expect(session.getM()).toBe(compare.m); }); + + it("delegates login", function() { + expect(session.login()).toBe(compare.username); + }); }); diff --git a/spec/signup_spec.js b/spec/signup_spec.js index 72689b1..48a62a7 100644 --- a/spec/signup_spec.js +++ b/spec/signup_spec.js @@ -3,17 +3,15 @@ describe("Loading SRP", function() { expect(typeof srp.signup).toBe('function'); }); - it("provides session which calculates the right x", function(){ - srp.session = new srp.Session(); - expect(srp.session.calcX("7686acb8").toString(16)).toBe('84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398'); - }); }); describe("Signup with srp var", function() { beforeEach(function() { specHelper.setupFakeXHR.apply(this); - srp.session = new srp.Session(); + calculate = new srp.Calculate(); + calculate.randomSalt = function() {return "4c78c3f8"}; + srp.session = new srp.Session(undefined, calculate); }); afterEach(function() { @@ -23,7 +21,6 @@ describe("Signup with srp var", function() { it("identifies after successful registration (INTEGRATION)", function(){ var callback = sinon.spy(); srp.signedUp = callback; - srp.session.getSalt = function() {return "4c78c3f8"}; srp.signup(); this.expectRequest('/users.json', "user[login]=testuser&user[password_salt]=4c78c3f8&user[password_verifier]=474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c", 'POST') this.respondJSON({password_salt: "4c78c3f8", login: "testuser", ok: "true"}); diff --git a/src/jqueryRest.js b/src/jqueryRest.js index bfa4592..c1eb3c1 100644 --- a/src/jqueryRest.js +++ b/src/jqueryRest.js @@ -20,7 +20,7 @@ srp.remote = (function(){ function authenticate(session) { return $.ajax({ - url: "/sessions/" + session.getI() + ".json", + url: "/sessions/" + session.login() + ".json", type: 'PUT', data: {client_auth: session.getM()} }); diff --git a/src/srp_account.js b/src/srp_account.js new file mode 100644 index 0000000..336e013 --- /dev/null +++ b/src/srp_account.js @@ -0,0 +1,13 @@ +srp.Account = function(login, password) { + + // Returns the user's identity + this.login = function() { + return login || document.getElementById("srp_username").value; + }; + + // Returns the password currently typed in + this.password = function() { + return password || document.getElementById("srp_password").value; + }; + +} diff --git a/src/srp_calculate.js b/src/srp_calculate.js new file mode 100644 index 0000000..8928114 --- /dev/null +++ b/src/srp_calculate.js @@ -0,0 +1,106 @@ +srp.Calculate = function() { + + // Variables used in the SRP protocol + var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; + var N = new BigInteger(Nstr, 16); + var g = new BigInteger("2"); + var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16); + var rng = new SecureRandom(); + + this.A = function(_a) { + a = new BigInteger(_a, 16); + return g.modPow(a, N).toString(16); + }; + + // Calculates the X value + // x = H(s, H(I:p)) + this.X = function(login, password, salt) { + var salted = salt + this.hash(login + ":" + password) + return this.hashHex(salted); + }; + + this.V = this.A; + + // u = H(A,B) + this.U = function(A, B) { + return this.hashHex(A + B); + }; + + //S = (B - kg^x) ^ (a + ux) + this.S = function(_a, _A, _B, _x) { + var a = new BigInteger(_a, 16); + var x = new BigInteger(_x, 16); + var u = new BigInteger(this.U(_A, _B), 16); + var B = new BigInteger(_B, 16); + + var kgx = k.multiply(g.modPow(x, N)); + var aux = a.add(u.multiply(x)); + + return B.subtract(kgx).modPow(aux, N).toString(16); + } + + this.K = function(_S) { + return this.hashHex(_S); + } + + this.nXorG = function() { + var hashN = this.hashHex(Nstr); + var hashG = this.hashHex(g.toString(16)); + return hexXor(hashN, hashG); + }; + + this.hashHex = function(hexString) { + return this.hash(hex2a(hexString)); + }; + + this.hash = function(string) { + return removeLeading0(SHA256(string)); + }; + + + this.isInvalidEphemeral = function(a) { + return (g.modPow(a, N) == 0); + }; + + this.randomEphemeral = function() { + var a = new BigInteger(32, rng); + while(this.isInvalidEphemeral(a)) + { + a = new BigInteger(32, rng); + } + return a.toString(16); + }; + + // some 16 byte random number + this.randomSalt = function() { + return new BigInteger(64, rng).toString(16); + } + + function hex2a(hex) { + var str = ''; + if(hex.length % 2) { + hex = "0" + hex; + } + for (var i = 0; i < hex.length; i += 2) + str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); + return str; + } + + function removeLeading0(hex) { + if (hex[0] == "0") { + return hex.substr(1); + } else { + return hex; + } + } + + function hexXor(a, b) { + var str = ''; + for (var i = 0; i < a.length; i += 2) { + var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16) + xor = xor.toString(16); + str += (xor.length == 1) ? ("0" + xor) : xor + } + return str; + } +}; diff --git a/src/srp_session.js b/src/srp_session.js index b1b6014..5d1f829 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -1,131 +1,74 @@ -srp.Session = function(login, password) { - - // Variables session will be used in the SRP protocol - var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; - var N = new BigInteger(Nstr, 16); - var g = new BigInteger("2"); - var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16); - - var rng = new SecureRandom(); - var a = new BigInteger(32, rng); - var A = g.modPow(a, N); - while(A.mod(N) == 0) - { - a = new BigInteger(32, rng); - A = g.modPow(a, N); - } - var Astr = A.toString(16); +srp.Session = function(account, calculate) { + + // default for injected dependency + account = account || new srp.Account(); + calculate = calculate || new srp.Calculate(); + + var a = calculate.randomEphemeral(); + var A = calculate.A(a); var S = null; var K = null; var M = null; var M2 = null; var authenticated = false; - var I = login; - var pass = password; // *** Accessor methods *** // allows setting the random number A for testing this.calculateAndSetA = function(_a) { - a = new BigInteger(_a, 16); - A = g.modPow(a, N); - Astr = A.toString(16); - return Astr; + a = _a; + A = calculate.A(_a); + return A; }; this.signup = function() { - var salt = this.getSalt(); + var salt = calculate.randomSalt(); + var x = calculate.X(account.login(), account.password(), salt); return { - login: this.getI(), + login: account.login(), password_salt: salt, - password_verifier: this.getV(salt).toString(16) + password_verifier: calculate.V(x) }; }; this.handshake = function() { return { - login: this.getI(), - A: this.getAstr() + login: account.login(), + A: this.getA() }; }; - this.getAstr = function() { - return Astr; - } - - // Returns the user's identity - this.getI = function() { - I = login || document.getElementById("srp_username").value; - return I; - }; - - // Returns the password currently typed in - this.getPass = function() { - pass = password || document.getElementById("srp_password").value; - return pass; - }; - - // some 16 byte random number - this.getSalt = function() { - return new BigInteger(64, rng).toString(16); + this.getA = function() { + return A; } - // Returns the BigInteger, g - this.getg = function() { - return g; - }; - - // Returns the BigInteger, N - this.getN = function() { - return N; - }; - - // Calculates the X value and return it as a BigInteger - this.calcX = function(salt) { - var inner = salt + SHA256(this.getI() + ":" + this.getPass()) - return new BigInteger(SHA256(hex2a(inner)), 16); - }; - - this.getV = function(salt) - { - return this.getg().modPow(this.calcX(salt), this.getN()); - } + // Delegate login so it can be used when talking to the remote + this.login = account.login; // Calculate S, M, and M2 // This is the client side of the SRP specification this.calculations = function(salt, ephemeral) { //S -> C: s | B - var B = new BigInteger(ephemeral, 16); - var Bstr = ephemeral; - // u = H(A,B) - var u = new BigInteger(SHA256(hex2a(Astr + Bstr)), 16); - // x = H(s, H(I:p)) - var x = this.calcX(salt); - //S = (B - kg^x) ^ (a + ux) - var kgx = k.multiply(g.modPow(x, N)); - var aux = a.add(u.multiply(x)); - S = B.subtract(kgx).modPow(aux, N); - K = SHA256(hex2a(S.toString(16))); - this.calcM(salt, A.toString(16), B.toString(16)); - }; - - // M = H(H(N) xor H(g), H(I), s, A, B, K) - this.calcM = function(salt, Astr, Bstr) { - var hashN = SHA256(hex2a(N.toString(16))) - var hashG = SHA256(hex2a(g.toString(16))) - var hexString = hexXor(hashN, hashG); - hexString += SHA256(I); - hexString += salt; - hexString += Astr; - hexString += Bstr; - hexString += K - M = SHA256(hex2a(hexString)); + var B = ephemeral; + var x = calculate.X(account.login(), account.password(), salt); + S = calculate.S(a, A, B, x); + K = calculate.K(S); + + // M = H(H(N) xor H(g), H(I), s, A, B, K) + var xor = calculate.nXorG(); + var hash_i = calculate.hash(account.login()) + M = calculate.hashHex(xor + hash_i + salt + A + B + K); //M2 = H(A, M, K) - M2 = SHA256(hex2a(Astr + M + K)); + M2 = calculate.hashHex(A + M + K); }; + + this.getS = function() { + return S; + } + this.getM = function() { return M; } @@ -160,22 +103,5 @@ srp.Session = function(login, password) { retstring = retstring.replace("+", "_"); return retstring; }; - - function hex2a(hex) { - var str = ''; - for (var i = 0; i < hex.length; i += 2) - str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); - return str; - } - - function hexXor(a, b) { - var str = ''; - for (var i = 0; i < a.length; i += 2) { - var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16) - xor = xor.toString(16); - str += (xor.length == 1) ? ("0" + xor) : xor - } - return str; - } }; |