summaryrefslogtreecommitdiff
path: root/django/srpproject
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2012-07-20 10:56:36 +0200
committerAzul <azul@leap.se>2012-07-20 10:56:36 +0200
commit50de80c5e817476ac95a096c718a66f5555fcd05 (patch)
treee05a25868a999557e2788a91f41da3a5a8a1a0b0 /django/srpproject
parent07fe2d8976db0ec267bd57ded90778f0d7695478 (diff)
INCOMPATIBLE: major restructuring of the repository
* removed Django code - we're keeping the tests - so I hope the two can still be used together * removed js packer - everyone has their own packaging strategy these days * cleaned up the repository - we only have js so javascript directory does not make much sense
Diffstat (limited to 'django/srpproject')
-rw-r--r--django/srpproject/__init__.py0
-rw-r--r--django/srpproject/manage.py11
-rw-r--r--django/srpproject/settings.py86
-rw-r--r--django/srpproject/srp/__init__.py0
-rw-r--r--django/srpproject/srp/aes.py655
-rw-r--r--django/srpproject/srp/backends.py21
-rw-r--r--django/srpproject/srp/models.py11
-rw-r--r--django/srpproject/srp/util.py67
-rw-r--r--django/srpproject/srp/views.py230
-rw-r--r--django/srpproject/templates/aes.html69
-rw-r--r--django/srpproject/templates/login.html10
-rw-r--r--django/srpproject/templates/register.html46
-rw-r--r--django/srpproject/urls.py29
13 files changed, 0 insertions, 1235 deletions
diff --git a/django/srpproject/__init__.py b/django/srpproject/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/django/srpproject/__init__.py
+++ /dev/null
diff --git a/django/srpproject/manage.py b/django/srpproject/manage.py
deleted file mode 100644
index 5e78ea9..0000000
--- a/django/srpproject/manage.py
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/usr/bin/env python
-from django.core.management import execute_manager
-try:
- import settings # Assumed to be in the same directory.
-except ImportError:
- import sys
- sys.stderr.write("Error: Can't find the file 'settings.py' in the directory containing %r. It appears you've customized things.\nYou'll have to run django-admin.py, passing it your settings module.\n(If the file settings.py does indeed exist, it's causing an ImportError somehow.)\n" % __file__)
- sys.exit(1)
-
-if __name__ == "__main__":
- execute_manager(settings)
diff --git a/django/srpproject/settings.py b/django/srpproject/settings.py
deleted file mode 100644
index 5f6f642..0000000
--- a/django/srpproject/settings.py
+++ /dev/null
@@ -1,86 +0,0 @@
-# Django settings for srpproject project.
-
-DEBUG = True
-TEMPLATE_DEBUG = DEBUG
-
-ADMINS = (
- # ('Your Name', 'your_email@domain.com'),
-)
-
-MANAGERS = ADMINS
-
-DATABASE_ENGINE = 'mysql' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'ado_mssql'.
-DATABASE_NAME = 'srp' # Or path to database file if using sqlite3.
-DATABASE_USER = 'USER' # Not used with sqlite3.
-DATABASE_PASSWORD = 'SECRET_PASSWORD' # Not used with sqlite3.
-DATABASE_HOST = '' # Set to empty string for localhost. Not used with sqlite3.
-DATABASE_PORT = '' # Set to empty string for default. Not used with sqlite3.
-
-# Local time zone for this installation. Choices can be found here:
-# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
-# although not all choices may be available on all operating systems.
-# If running in a Windows environment this must be set to the same as your
-# system time zone.
-TIME_ZONE = 'America/Chicago'
-
-# Language code for this installation. All choices can be found here:
-# http://www.i18nguy.com/unicode/language-identifiers.html
-LANGUAGE_CODE = 'en-us'
-
-SITE_ID = 1
-
-# If you set this to False, Django will make some optimizations so as not
-# to load the internationalization machinery.
-USE_I18N = True
-
-# Absolute path to the directory that holds media.
-# Example: "/home/media/media.lawrence.com/"
-MEDIA_ROOT = ''
-
-# URL that handles the media served from MEDIA_ROOT. Make sure to use a
-# trailing slash if there is a path component (optional in other cases).
-# Examples: "http://media.lawrence.com", "http://example.com/media/"
-MEDIA_URL = ''
-
-# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a
-# trailing slash.
-# Examples: "http://foo.com/media/", "/media/".
-ADMIN_MEDIA_PREFIX = '/media/'
-
-# Make this unique, and don't share it with anybody.
-SECRET_KEY = 'zr3&lo)n@c%i^2*f3qlax#oembv@yl0%_d@p&gs1w^edqosy^+'
-
-# List of callables that know how to import templates from various sources.
-TEMPLATE_LOADERS = (
- 'django.template.loaders.filesystem.load_template_source',
- 'django.template.loaders.app_directories.load_template_source',
-# 'django.template.loaders.eggs.load_template_source',
-)
-
-MIDDLEWARE_CLASSES = (
- 'django.middleware.common.CommonMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
-)
-
-ROOT_URLCONF = 'srpproject.urls'
-
-AUTHENTICATION_BACKENDS = (
- 'srp.backends.SRPBackend',
- 'django.contrib.auth.backends.ModelBackend',
-)
-
-TEMPLATE_DIRS = (
- # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
- # Always use forward slashes, even on Windows.
- # Don't forget to use absolute paths, not relative paths.
- "/home/austin/Projects/SRP-SVN/srp-js/django/srpproject/templates"
-)
-
-INSTALLED_APPS = (
- 'django.contrib.auth',
- 'django.contrib.contenttypes',
- 'django.contrib.sessions',
- 'django.contrib.sites',
- 'srpproject.srp'
-)
diff --git a/django/srpproject/srp/__init__.py b/django/srpproject/srp/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/django/srpproject/srp/__init__.py
+++ /dev/null
diff --git a/django/srpproject/srp/aes.py b/django/srpproject/srp/aes.py
deleted file mode 100644
index 4c27d41..0000000
--- a/django/srpproject/srp/aes.py
+++ /dev/null
@@ -1,655 +0,0 @@
-#!/usr/bin/python
-#
-# aes.py: implements AES - Advanced Encryption Standard
-# from the SlowAES project, http://code.google.com/p/slowaes/
-#
-# Copyright (c) 2008 Josh Davis ( http://www.josh-davis.org ),
-# Alex Martelli ( http://www.aleax.it )
-#
-# Ported from C code written by Laurent Haan ( http://www.progressive-coding.com )
-#
-# Licensed under the Apache License, Version 2.0
-# http://www.apache.org/licenses/
-#
-import os
-import sys
-import math
-
-def append_PKCS7_padding(s):
- """return s padded to a multiple of 16-bytes by PKCS7 padding"""
- numpads = 16 - (len(s)%16)
- return s + numpads*chr(numpads)
-
-def strip_PKCS7_padding(s):
- """return s stripped of PKCS7 padding"""
- if len(s)%16 or not s:
- raise ValueError("String of len %d can't be PCKS7-padded" % len(s))
- numpads = ord(s[-1])
- if numpads > 16:
- raise ValueError("String ending with %r can't be PCKS7-padded" % s[-1])
- return s[:-numpads]
-
-class AES(object):
- # valid key sizes
- keySize = dict(SIZE_128=16, SIZE_192=24, SIZE_256=32)
-
- # Rijndael S-box
- sbox = [0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67,
- 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59,
- 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7,
- 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1,
- 0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05,
- 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83,
- 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29,
- 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
- 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, 0xd0, 0xef, 0xaa,
- 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c,
- 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc,
- 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec,
- 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19,
- 0x73, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee,
- 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49,
- 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
- 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4,
- 0xea, 0x65, 0x7a, 0xae, 0x08, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6,
- 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70,
- 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9,
- 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e,
- 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1,
- 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0,
- 0x54, 0xbb, 0x16]
-
- # Rijndael Inverted S-box
- rsbox = [0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3,
- 0x9e, 0x81, 0xf3, 0xd7, 0xfb , 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f,
- 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb , 0x54,
- 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b,
- 0x42, 0xfa, 0xc3, 0x4e , 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24,
- 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 , 0x72, 0xf8,
- 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d,
- 0x65, 0xb6, 0x92 , 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
- 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 , 0x90, 0xd8, 0xab,
- 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3,
- 0x45, 0x06 , 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1,
- 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b , 0x3a, 0x91, 0x11, 0x41,
- 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6,
- 0x73 , 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9,
- 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e , 0x47, 0xf1, 0x1a, 0x71, 0x1d,
- 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b ,
- 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0,
- 0xfe, 0x78, 0xcd, 0x5a, 0xf4 , 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07,
- 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f , 0x60,
- 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f,
- 0x93, 0xc9, 0x9c, 0xef , 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5,
- 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 , 0x17, 0x2b,
- 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55,
- 0x21, 0x0c, 0x7d]
-
- def getSBoxValue(self,num):
- """Retrieves a given S-Box Value"""
- return self.sbox[num]
-
- def getSBoxInvert(self,num):
- """Retrieves a given Inverted S-Box Value"""
- return self.rsbox[num]
-
- def rotate(self, word):
- """ Rijndael's key schedule rotate operation.
-
- Rotate a word eight bits to the left: eg, rotate(1d2c3a4f) == 2c3a4f1d
- Word is an char list of size 4 (32 bits overall).
- """
- return word[1:] + word[:1]
-
- # Rijndael Rcon
- Rcon = [0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36,
- 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97,
- 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72,
- 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66,
- 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04,
- 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d,
- 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3,
- 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61,
- 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a,
- 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40,
- 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc,
- 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5,
- 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a,
- 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d,
- 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c,
- 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35,
- 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4,
- 0xd3, 0xbd, 0x61, 0xc2, 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc,
- 0x83, 0x1d, 0x3a, 0x74, 0xe8, 0xcb, 0x8d, 0x01, 0x02, 0x04, 0x08,
- 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
- 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d,
- 0xfa, 0xef, 0xc5, 0x91, 0x39, 0x72, 0xe4, 0xd3, 0xbd, 0x61, 0xc2,
- 0x9f, 0x25, 0x4a, 0x94, 0x33, 0x66, 0xcc, 0x83, 0x1d, 0x3a, 0x74,
- 0xe8, 0xcb ]
-
- def getRconValue(self, num):
- """Retrieves a given Rcon Value"""
- return self.Rcon[num]
-
- def core(self, word, iteration):
- """Key schedule core."""
- # rotate the 32-bit word 8 bits to the left
- word = self.rotate(word)
- # apply S-Box substitution on all 4 parts of the 32-bit word
- for i in range(4):
- word[i] = self.getSBoxValue(word[i])
- # XOR the output of the rcon operation with i to the first part
- # (leftmost) only
- word[0] = word[0] ^ self.getRconValue(iteration)
- return word
-
- def expandKey(self, key, size, expandedKeySize):
- """Rijndael's key expansion.
-
- Expands an 128,192,256 key into an 176,208,240 bytes key
-
- expandedKey is a char list of large enough size,
- key is the non-expanded key.
- """
- # current expanded keySize, in bytes
- currentSize = 0
- rconIteration = 1
- expandedKey = [0] * expandedKeySize
-
- # set the 16, 24, 32 bytes of the expanded key to the input key
- for j in range(size):
- expandedKey[j] = key[j]
- currentSize += size
-
- while currentSize < expandedKeySize:
- # assign the previous 4 bytes to the temporary value t
- t = expandedKey[currentSize-4:currentSize]
-
- # every 16,24,32 bytes we apply the core schedule to t
- # and increment rconIteration afterwards
- if currentSize % size == 0:
- t = self.core(t, rconIteration)
- rconIteration += 1
- # For 256-bit keys, we add an extra sbox to the calculation
- if size == self.keySize["SIZE_256"] and ((currentSize % size) == 16):
- for l in range(4): t[l] = self.getSBoxValue(t[l])
-
- # We XOR t with the four-byte block 16,24,32 bytes before the new
- # expanded key. This becomes the next four bytes in the expanded
- # key.
- for m in range(4):
- expandedKey[currentSize] = expandedKey[currentSize - size] ^ \
- t[m]
- currentSize += 1
-
- return expandedKey
-
- def addRoundKey(self, state, roundKey):
- """Adds (XORs) the round key to the state."""
- for i in range(16):
- state[i] ^= roundKey[i]
- return state
-
- def createRoundKey(self, expandedKey, roundKeyPointer):
- """Create a round key.
- Creates a round key from the given expanded key and the
- position within the expanded key.
- """
- roundKey = [0] * 16
- for i in range(4):
- for j in range(4):
- roundKey[j*4+i] = expandedKey[roundKeyPointer + i*4 + j]
- return roundKey
-
- def galois_multiplication(self, a, b):
- """Galois multiplication of 8 bit characters a and b."""
- p = 0
- for counter in range(8):
- if b & 1: p ^= a
- hi_bit_set = a & 0x80
- a <<= 1
- # keep a 8 bit
- a &= 0xFF
- if hi_bit_set:
- a ^= 0x1b
- b >>= 1
- return p
-
- #
- # substitute all the values from the state with the value in the SBox
- # using the state value as index for the SBox
- #
- def subBytes(self, state, isInv):
- if isInv: getter = self.getSBoxInvert
- else: getter = self.getSBoxValue
- for i in range(16): state[i] = getter(state[i])
- return state
-
- # iterate over the 4 rows and call shiftRow() with that row
- def shiftRows(self, state, isInv):
- for i in range(4):
- state = self.shiftRow(state, i*4, i, isInv)
- return state
-
- # each iteration shifts the row to the left by 1
- def shiftRow(self, state, statePointer, nbr, isInv):
- for i in range(nbr):
- if isInv:
- state[statePointer:statePointer+4] = \
- state[statePointer+3:statePointer+4] + \
- state[statePointer:statePointer+3]
- else:
- state[statePointer:statePointer+4] = \
- state[statePointer+1:statePointer+4] + \
- state[statePointer:statePointer+1]
- return state
-
- # galois multiplication of the 4x4 matrix
- def mixColumns(self, state, isInv):
- # iterate over the 4 columns
- for i in range(4):
- # construct one column by slicing over the 4 rows
- column = state[i:i+16:4]
- # apply the mixColumn on one column
- column = self.mixColumn(column, isInv)
- # put the values back into the state
- state[i:i+16:4] = column
-
- return state
-
- # galois multiplication of 1 column of the 4x4 matrix
- def mixColumn(self, column, isInv):
- if isInv: mult = [14, 9, 13, 11]
- else: mult = [2, 1, 1, 3]
- cpy = list(column)
- g = self.galois_multiplication
-
- column[0] = g(cpy[0], mult[0]) ^ g(cpy[3], mult[1]) ^ \
- g(cpy[2], mult[2]) ^ g(cpy[1], mult[3])
- column[1] = g(cpy[1], mult[0]) ^ g(cpy[0], mult[1]) ^ \
- g(cpy[3], mult[2]) ^ g(cpy[2], mult[3])
- column[2] = g(cpy[2], mult[0]) ^ g(cpy[1], mult[1]) ^ \
- g(cpy[0], mult[2]) ^ g(cpy[3], mult[3])
- column[3] = g(cpy[3], mult[0]) ^ g(cpy[2], mult[1]) ^ \
- g(cpy[1], mult[2]) ^ g(cpy[0], mult[3])
- return column
-
- # applies the 4 operations of the forward round in sequence
- def aes_round(self, state, roundKey):
- state = self.subBytes(state, False)
- state = self.shiftRows(state, False)
- state = self.mixColumns(state, False)
- state = self.addRoundKey(state, roundKey)
- return state
-
- # applies the 4 operations of the inverse round in sequence
- def aes_invRound(self, state, roundKey):
- state = self.shiftRows(state, True)
- state = self.subBytes(state, True)
- state = self.addRoundKey(state, roundKey)
- state = self.mixColumns(state, True)
- return state
-
- # Perform the initial operations, the standard round, and the final
- # operations of the forward aes, creating a round key for each round
- def aes_main(self, state, expandedKey, nbrRounds):
- state = self.addRoundKey(state, self.createRoundKey(expandedKey, 0))
- i = 1
- while i < nbrRounds:
- state = self.aes_round(state,
- self.createRoundKey(expandedKey, 16*i))
- i += 1
- state = self.subBytes(state, False)
- state = self.shiftRows(state, False)
- state = self.addRoundKey(state,
- self.createRoundKey(expandedKey, 16*nbrRounds))
- return state
-
- # Perform the initial operations, the standard round, and the final
- # operations of the inverse aes, creating a round key for each round
- def aes_invMain(self, state, expandedKey, nbrRounds):
- state = self.addRoundKey(state,
- self.createRoundKey(expandedKey, 16*nbrRounds))
- i = nbrRounds - 1
- while i > 0:
- state = self.aes_invRound(state,
- self.createRoundKey(expandedKey, 16*i))
- i -= 1
- state = self.shiftRows(state, True)
- state = self.subBytes(state, True)
- state = self.addRoundKey(state, self.createRoundKey(expandedKey, 0))
- return state
-
- # encrypts a 128 bit input block against the given key of size specified
- def encrypt(self, iput, key, size):
- output = [0] * 16
- # the number of rounds
- nbrRounds = 0
- # the 128 bit block to encode
- block = [0] * 16
- # set the number of rounds
- if size == self.keySize["SIZE_128"]: nbrRounds = 10
- elif size == self.keySize["SIZE_192"]: nbrRounds = 12
- elif size == self.keySize["SIZE_256"]: nbrRounds = 14
- else: return None
-
- # the expanded keySize
- expandedKeySize = 16*(nbrRounds+1)
-
- # Set the block values, for the block:
- # a0,0 a0,1 a0,2 a0,3
- # a1,0 a1,1 a1,2 a1,3
- # a2,0 a2,1 a2,2 a2,3
- # a3,0 a3,1 a3,2 a3,3
- # the mapping order is a0,0 a1,0 a2,0 a3,0 a0,1 a1,1 ... a2,3 a3,3
- #
- # iterate over the columns
- for i in range(4):
- # iterate over the rows
- for j in range(4):
- block[(i+(j*4))] = iput[(i*4)+j]
-
- # expand the key into an 176, 208, 240 bytes key
- # the expanded key
- expandedKey = self.expandKey(key, size, expandedKeySize)
-
- # encrypt the block using the expandedKey
- block = self.aes_main(block, expandedKey, nbrRounds)
-
- # unmap the block again into the output
- for k in range(4):
- # iterate over the rows
- for l in range(4):
- output[(k*4)+l] = block[(k+(l*4))]
- return output
-
- # decrypts a 128 bit input block against the given key of size specified
- def decrypt(self, iput, key, size):
- output = [0] * 16
- # the number of rounds
- nbrRounds = 0
- # the 128 bit block to decode
- block = [0] * 16
- # set the number of rounds
- if size == self.keySize["SIZE_128"]: nbrRounds = 10
- elif size == self.keySize["SIZE_192"]: nbrRounds = 12
- elif size == self.keySize["SIZE_256"]: nbrRounds = 14
- else: return None
-
- # the expanded keySize
- expandedKeySize = 16*(nbrRounds+1)
-
- # Set the block values, for the block:
- # a0,0 a0,1 a0,2 a0,3
- # a1,0 a1,1 a1,2 a1,3
- # a2,0 a2,1 a2,2 a2,3
- # a3,0 a3,1 a3,2 a3,3
- # the mapping order is a0,0 a1,0 a2,0 a3,0 a0,1 a1,1 ... a2,3 a3,3
-
- # iterate over the columns
- for i in range(4):
- # iterate over the rows
- for j in range(4):
- block[(i+(j*4))] = iput[(i*4)+j]
- # expand the key into an 176, 208, 240 bytes key
- expandedKey = self.expandKey(key, size, expandedKeySize)
- # decrypt the block using the expandedKey
- block = self.aes_invMain(block, expandedKey, nbrRounds)
- # unmap the block again into the output
- for k in range(4):
- # iterate over the rows
- for l in range(4):
- output[(k*4)+l] = block[(k+(l*4))]
- return output
-
-
-class AESModeOfOperation(object):
-
- aes = AES()
-
- # structure of supported modes of operation
- modeOfOperation = dict(OFB=0, CFB=1, CBC=2)
-
- # converts a 16 character string into a number array
- def convertString(self, string, start, end, mode):
- if end - start > 16: end = start + 16
- if mode == self.modeOfOperation["CBC"]: ar = [0] * 16
- else: ar = []
-
- i = start
- j = 0
- while len(ar) < end - start:
- ar.append(0)
- while i < end:
- ar[j] = ord(string[i])
- j += 1
- i += 1
- return ar
-
- # Mode of Operation Encryption
- # stringIn - Input String
- # mode - mode of type modeOfOperation
- # hexKey - a hex key of the bit length size
- # size - the bit length of the key
- # hexIV - the 128 bit hex Initilization Vector
- def encrypt(self, stringIn, mode, key, size, IV):
- if len(key) % size:
- return None
- if len(IV) % 16:
- return None
- # the AES input/output
- plaintext = []
- iput = [0] * 16
- output = []
- ciphertext = [0] * 16
- # the output cipher string
- cipherOut = []
- # char firstRound
- firstRound = True
- if stringIn != None:
- for j in range(int(math.ceil(float(len(stringIn))/16))):
- start = j*16
- end = j*16+16
- if end > len(stringIn):
- end = len(stringIn)
- plaintext = self.convertString(stringIn, start, end, mode)
- # print 'PT@%s:%s' % (j, plaintext)
- if mode == self.modeOfOperation["CFB"]:
- if firstRound:
- output = self.aes.encrypt(IV, key, size)
- firstRound = False
- else:
- output = self.aes.encrypt(iput, key, size)
- for i in range(16):
- if len(plaintext)-1 < i:
- ciphertext[i] = 0 ^ output[i]
- elif len(output)-1 < i:
- ciphertext[i] = plaintext[i] ^ 0
- elif len(plaintext)-1 < i and len(output) < i:
- ciphertext[i] = 0 ^ 0
- else:
- ciphertext[i] = plaintext[i] ^ output[i]
- for k in range(end-start):
- cipherOut.append(ciphertext[k])
- iput = ciphertext
- elif mode == self.modeOfOperation["OFB"]:
- if firstRound:
- output = self.aes.encrypt(IV, key, size)
- firstRound = False
- else:
- output = self.aes.encrypt(iput, key, size)
- for i in range(16):
- if len(plaintext)-1 < i:
- ciphertext[i] = 0 ^ output[i]
- elif len(output)-1 < i:
- ciphertext[i] = plaintext[i] ^ 0
- elif len(plaintext)-1 < i and len(output) < i:
- ciphertext[i] = 0 ^ 0
- else:
- ciphertext[i] = plaintext[i] ^ output[i]
- for k in range(end-start):
- cipherOut.append(ciphertext[k])
- iput = output
- elif mode == self.modeOfOperation["CBC"]:
- for i in range(16):
- if firstRound:
- iput[i] = plaintext[i] ^ IV[i]
- else:
- iput[i] = plaintext[i] ^ ciphertext[i]
- # print 'IP@%s:%s' % (j, iput)
- firstRound = False
- ciphertext = self.aes.encrypt(iput, key, size)
- # always 16 bytes because of the padding for CBC
- for k in range(16):
- cipherOut.append(ciphertext[k])
- return mode, len(stringIn), cipherOut
-
- # Mode of Operation Decryption
- # cipherIn - Encrypted String
- # originalsize - The unencrypted string length - required for CBC
- # mode - mode of type modeOfOperation
- # key - a number array of the bit length size
- # size - the bit length of the key
- # IV - the 128 bit number array Initilization Vector
- def decrypt(self, cipherIn, originalsize, mode, key, size, IV):
- # cipherIn = unescCtrlChars(cipherIn)
- if len(key) % size:
- return None
- if len(IV) % 16:
- return None
- # the AES input/output
- ciphertext = []
- iput = []
- output = []
- plaintext = [0] * 16
- # the output plain text string
- stringOut = ''
- # char firstRound
- firstRound = True
- if cipherIn != None:
- for j in range(int(math.ceil(float(len(cipherIn))/16))):
- start = j*16
- end = j*16+16
- if j*16+16 > len(cipherIn):
- end = len(cipherIn)
- ciphertext = cipherIn[start:end]
- if mode == self.modeOfOperation["CFB"]:
- if firstRound:
- output = self.aes.encrypt(IV, key, size)
- firstRound = False
- else:
- output = self.aes.encrypt(iput, key, size)
- for i in range(16):
- if len(output)-1 < i:
- plaintext[i] = 0 ^ ciphertext[i]
- elif len(ciphertext)-1 < i:
- plaintext[i] = output[i] ^ 0
- elif len(output)-1 < i and len(ciphertext) < i:
- plaintext[i] = 0 ^ 0
- else:
- plaintext[i] = output[i] ^ ciphertext[i]
- for k in range(end-start):
- stringOut += chr(plaintext[k])
- iput = ciphertext
- elif mode == self.modeOfOperation["OFB"]:
- if firstRound:
- output = self.aes.encrypt(IV, key, size)
- firstRound = False
- else:
- output = self.aes.encrypt(iput, key, size)
- for i in range(16):
- if len(output)-1 < i:
- plaintext[i] = 0 ^ ciphertext[i]
- elif len(ciphertext)-1 < i:
- plaintext[i] = output[i] ^ 0
- elif len(output)-1 < i and len(ciphertext) < i:
- plaintext[i] = 0 ^ 0
- else:
- plaintext[i] = output[i] ^ ciphertext[i]
- for k in range(end-start):
- stringOut += chr(plaintext[k])
- iput = output
- elif mode == self.modeOfOperation["CBC"]:
- output = self.aes.decrypt(ciphertext, key, size)
- for i in range(16):
- if firstRound:
- plaintext[i] = IV[i] ^ output[i]
- else:
- plaintext[i] = iput[i] ^ output[i]
- firstRound = False
- if originalsize is not None and originalsize < end:
- for k in range(originalsize-start):
- stringOut += chr(plaintext[k])
- else:
- for k in range(end-start):
- stringOut += chr(plaintext[k])
- iput = ciphertext
- return stringOut
-
-
-def encryptData(key, data, mode=AESModeOfOperation.modeOfOperation["CBC"]):
- """encrypt `data` using `key`
-
- `key` should be a string of bytes.
-
- returned cipher is a string of bytes prepended with the initialization
- vector.
-
- """
- key = map(ord, key)
- data = append_PKCS7_padding(data)
- keysize = len(key)
- assert keysize in AES.keySize.values(), 'invalid key size: %s' % keysize
- # create a new iv using random data
- iv = [ord(i) for i in os.urandom(16)]
- moo = AESModeOfOperation()
- (mode, length, ciph) = moo.encrypt(data, mode, key, keysize, iv)
- # With padding, the original length does not need to be known. It's a bad
- # idea to store the original message length.
- # prepend the iv.
- return ''.join(map(chr, iv)) + ''.join(map(chr, ciph))
-
-def decryptData(key, data, mode=AESModeOfOperation.modeOfOperation["CBC"]):
- """decrypt `data` using `key`
-
- `key` should be a string of bytes.
-
- `data` should have the initialization vector prepended as a string or
- ordinal values.
-
- """
-
- key = map(ord, key)
- keysize = len(key)
- assert keysize in AES.keySize.values(), 'invalid key size: %s' % keysize
- # iv is first 16 bytes
- iv = map(ord, data[:16])
- data = map(ord, data[16:])
- moo = AESModeOfOperation()
- decr = moo.decrypt(data, None, mode, key, keysize, iv)
- decr = strip_PKCS7_padding(decr)
- return decr
-
-def generateRandomKey(keysize):
- """Generates a key from random data of length `keysize`.
-
- The returned key is a string of bytes.
-
- """
- if keysize not in (16, 24, 32):
- emsg = 'Invalid keysize, %s. Should be one of (16, 24, 32).'
- raise ValueError, emsg % keysize
- return os.urandom(keysize)
-
-if __name__ == "__main__":
- moo = AESModeOfOperation()
- cleartext = "This is a test!"
- cypherkey = [143,194,34,208,145,203,230,143,177,246,97,206,145,92,255,84]
- iv = [103,35,148,239,76,213,47,118,255,222,123,176,106,134,98,92]
- mode, orig_len, ciph = moo.encrypt(cleartext, moo.modeOfOperation["CBC"],
- cypherkey, moo.aes.keySize["SIZE_128"], iv)
- print 'm=%s, ol=%s (%s), ciph=%s' % (mode, orig_len, len(cleartext), ciph)
- decr = moo.decrypt(ciph, orig_len, mode, cypherkey,
- moo.aes.keySize["SIZE_128"], iv)
- print decr
-
diff --git a/django/srpproject/srp/backends.py b/django/srpproject/srp/backends.py
deleted file mode 100644
index 8882973..0000000
--- a/django/srpproject/srp/backends.py
+++ /dev/null
@@ -1,21 +0,0 @@
-from srp.models import SRPUser
-
-class SRPBackend:
- """
- Authenticate against srp.models.SRPUser
- """
- # TODO: Model, login attribute name and password attribute name should be
- # configurable.
- def authenticate(self, username=None, M=None):
- try:
- user = SRPUser.objects.get(username=username)
- if user.check_password(M):
- return user
- except SRPUser.DoesNotExist:
- return None
-
- def get_user(self, user_id):
- try:
- return SRPUser.objects.get(pk=user_id)
- except SRPUser.DoesNotExist:
- return None
diff --git a/django/srpproject/srp/models.py b/django/srpproject/srp/models.py
deleted file mode 100644
index ce30c95..0000000
--- a/django/srpproject/srp/models.py
+++ /dev/null
@@ -1,11 +0,0 @@
-from django.db import models
-from django.contrib.auth.models import User
-# Create your models here.
-
-class SRPUser(User):
- salt = models.CharField(max_length=16)
- verifier = models.CharField(max_length=65, null=True)
-
- def check_password(self, M):
- return M[0] == M[1]
-
diff --git a/django/srpproject/srp/util.py b/django/srpproject/srp/util.py
deleted file mode 100644
index 1f82450..0000000
--- a/django/srpproject/srp/util.py
+++ /dev/null
@@ -1,67 +0,0 @@
-# Locally used functions:
-def join(a,b):
- return a+b if a.endswith("/") else "/".join((a,b))
-
-def genHeader(jsDir, flist):
- return "\n".join(["<script src='%s'></script>" % join(jsDir, f) for f in flist])
-
-# Headers:
-def loginHeader(jsDir, compressed=True):
- return genHeader(jsDir, ["srp.min.js"] if compressed else ["SHA256.js", "prng4.js", "rng.js", "jsbn.js", "jsbn2.js", "srp.js"])
-
-def registerHeader(jsDir, compressed=True):
- return genHeader(jsDir, ["srp.min.js", "srp_register.min.js"] if compressed else \
-["SHA256.js", "prng4.js", "rng.js", "jsbn.js", "jsbn2.js", "srp.js", "srp_register.js"])
-
-# Forms:
-def loginForm(srp_url, srp_forward, login_function="login()", no_js=True):
- return """<form action="%s" method="POST" onsubmit="return %s">
-<table>
-<tr><td>Username:</td><td><input type="text" name="srp_username" id="srp_username" /></td></tr>
-<tr><td>Password:</td><td><input type="password" name="srp_password" id="srp_password" /></td></tr>
-<input type="hidden" id="srp_url" value="%s"/>
-<input type="hidden" name="srp_forward" id="srp_forward" value="%s"/>
-<input type="hidden" id="srp_server" value="django"/>
-</table>
-<input type="submit"/>
-</form>""" % (join(srp_url, "noJs/") if no_js else "#", login_function, join(srp_url, ""), srp_forward)
-
-def registerForm(srp_url, srp_forward, login_function="register()"):
- return """<form action="#" method="POST" onsubmit="return %s">
-<table>
-<tr><td>Username:</td><td><input type="text" name="srp_username" id="srp_username" /></td></tr>
-<tr><td>Password:</td><td><input type="password" name="srp_password" id="srp_password" /></td></tr>
-<tr><td>Confirm Password:</td><td><input type="password" id="confirm_password" /></td></tr>
-<input type="hidden" id="srp_url" value="%s"/>
-<input type="hidden" name="srp_forward" id="srp_forward" value="%s"/>
-<input type="hidden" id="srp_server" value="django"/>
-</table>
-<input type="submit"/>
-</form>""" % (login_function, join(srp_url, ""), srp_forward)
-
-
-# Functions:
-def loginFunction():
- return """<script type="text/javascript">
-function login()
-{
- srp = new SRP();
- srp.identify();
- return false;
-}
-</script>"""
-
-def registerFunction():
- return """<script type="text/javascript">function register()
-{
- if(document.getElementById("confirm_password").value != document.getElementById("srp_password").value)
- alert("Passwords do not match");
- else if(document.getElementById("srp_password").value == "")
- alert("Password cannot be blank");
- else
- {
- srp = new SRP();
- srp.register();
- }
- return false;
-};</script>"""
diff --git a/django/srpproject/srp/views.py b/django/srpproject/srp/views.py
deleted file mode 100644
index 74209e5..0000000
--- a/django/srpproject/srp/views.py
+++ /dev/null
@@ -1,230 +0,0 @@
-from django.http import HttpResponse, HttpResponseRedirect
-
-from django.contrib.auth.models import User
-
-###
-### General methods
-###
-
-# We need randomly generated salts. This is about 100 bits of entropy.
-def generate_salt():
- import string, random
- randomgen = random.SystemRandom()
- salt_chars = "./" + string.ascii_letters + string.digits
- return "".join([randomgen.choice(salt_chars) for i in range(0,16)])
-
-# We want to avoid information leakage. For users that don't exist, we need salts to be consistent.
-# These "fake" salts are seeded with the username and the django secret_key. They're not as random
-# as true salts should be, but they should be indistinguishable to a hacker who isn't sure whether
-# or not an account exists.
-def generate_fake_salt(I):
- import string, random, settings, hashlib
- random.seed("%s:%s" % (I, settings.SECRET_KEY))
- salt_chars = "./" + string.ascii_letters + string.digits
- salt = "".join([random.choice(salt_chars) for i in range(0,16)])
- return salt, int(hashlib.sha256("%s:%s" % (salt, settings.SECRET_KEY)).hexdigest(), 16)
-
-# In upgrades, we'll need to decrypt some AES data
-def decrypt(c, key, plen):
- from srp import aes
- import base64
- moo = aes.AESModeOfOperation()
- cypherkey = map(ord, key.decode("hex"))
- ciphertext = base64.b64decode(c.replace("_", "+"))
- iv = map(ord, ciphertext[:16])
- ciphertext= map(ord, ciphertext[16:])
- return moo.decrypt(ciphertext, 0, moo.modeOfOperation["CFB"], cypherkey, len(cypherkey), iv)[:plen]
-
-def generate_verifier(salt, username, password):
- import hashlib
- x = int(hashlib.sha256(salt + hashlib.sha256("%s:%s" % (username, password)).hexdigest()).hexdigest(), 16)
- return hex(pow(2, x, 125617018995153554710546479714086468244499594888726646874671447258204721048803))[2:-1]
-
-def login_page(request):
- from django.shortcuts import render_to_response
- import util
- return render_to_response('login.html', \
- {'error': "Invalid username or password" if "error" in request.GET and request.GET["error"] == '1' and not request.user.is_authenticated() else "",\
- 'jsHeader': util.loginHeader("http://%s/srp-test/javascript" % request.get_host()),\
- 'loginForm': util.loginForm("http://%s/srp/" % request.get_host(), "http://google.com"),\
- 'loginFunction': util.loginFunction() })
-
-def register_page(request):
- from django.shortcuts import render_to_response
- import util
- return render_to_response('login.html', \
- {'error': "Invalid username or password" if "error" in request.GET and request.GET["error"] == '1' and not request.user.is_authenticated() else "",\
- 'jsHeader': util.registerHeader("http://%s/srp-test/javascript" % request.get_host()),\
- 'loginForm': util.registerForm("http://%s/srp/" % request.get_host(), "http://google.com"),\
- 'loginFunction': util.registerFunction() })
-
-###
-### User Registration
-###
-
-# Step 1. A client submits a username. If the username is available, we generate a salt, store it, and return it.
-# Otherwise, we return an error.
-def register_salt(request):
- if User.objects.filter(username=request.POST["I"]).count() > 0:
- return HttpResponse("<error>Username already in use</error>", mimetype="text/xml")
- request.session["srp_name"] = request.POST["I"]
- request.session["srp_salt"] = generate_salt()
- return HttpResponse("<salt>%s</salt>" % request.session["srp_salt"], mimetype="text/xml")
-
-# Step 2. The client creates the password verifier and sends it to the server, along with a username.
-def register_user(request):
- from django.contrib import auth
- from srp.models import SRPUser
- SRPUser(salt=request.session["srp_salt"], username=request.session["srp_name"], verifier=request.POST["v"]).save()
- del request.session["srp_salt"]
- del request.session["srp_name"]
- return HttpResponse("<ok/>", mimetype="text/xml");
-
-# Step 3: The client initiates the login process.
-
-###
-### User Login
-###
-
-# Step 1: The user sends an identifier and public ephemeral key, A
-# The server responds with the salt and public ephemeral key, B
-def handshake(request):
- import random, hashlib
- from srp.models import SRPUser
- randomgen = random.SystemRandom()
- request.session["srp_I"] = request.POST["I"]
- A = int(request.POST["A"], 16)
- request.session["srp_A"] = request.POST["A"]
- g = 2
- N = 125617018995153554710546479714086468244499594888726646874671447258204721048803
- k = 88846390364205216646376352624313659232912717719075174937149043299744712465496
- upgrade = False
- if A % N == 0:
- return HttpResponse("<error>Invalid ephemeral key.</error>", mimetype="text/xml")
- else:
- try:
- user = User.objects.get(username=request.session["srp_I"])
- try:
- user = user.srpuser
- salt = user.salt
- v = int(user.verifier, 16)
- # The auth.User exists, but the SRPUser does not
- # We need to create an SRPUser to correspond to that auth.User
- # Initially, the verifier will be based on the known hash of the password
- except SRPUser.DoesNotExist:
- salt = generate_salt()
- algo, dsalt, hashpass = user.password.split("$")
- upgrade = True
- v = generate_verifier(salt, user.username, hashpass)
-
- # We don't want to leak that the username doesn't exist. Make up a fake salt and verifier.
- except User.DoesNotExist:
- salt, x = generate_fake_salt(request.POST["I"])
- v = pow(g, x, N)
-
- # Ensure that B%N != 0
- while True:
- b = randomgen.getrandbits(32)
- B = k*v + pow(g,b,N)
- u = int(hashlib.sha256("%s%s" % (hex(A)[2:-1],hex(B)[2:-1])).hexdigest(), 16)
- if B % N != 0 and u % N != 0: break
-
- # Ideally, we could return this response and then calculate M concurrently with the user
- # Unfortunately, django isn't designed to do computations after responding.
- # Maybe someone will find a way.
- S = pow(A*pow(v,u,N), b, N)
- request.session["srp_S"] = hex(S)[2:-1]
- Mstr = "%s%s%s" % (hex(A)[2:-1],hex(B)[2:-1],hex(S)[2:-1])
- request.session["srp_M"] = hashlib.sha256(Mstr).hexdigest()
- response = "<r s='%s' B='%s'%s />" % (salt, hex(B)[2:-1], " a='%s' d='%s'" % (algo, dsalt) if upgrade else "")
- return HttpResponse(response, mimetype="text/xml")
-
-# Step 2: The client sends its proof of S. The server confirms, and sends its proof of S.
-def verify(request):
- import hashlib
- from django.contrib.auth import login, authenticate
- user = authenticate(username=request.session["srp_I"], M=(request.POST["M"], request.session["srp_M"]))
- if user:
- response = "<M>%s</M>" % hashlib.sha256("%s%s%s" % (request.session["srp_A"], request.session["srp_M"], request.session["srp_S"])).hexdigest()
- login(request, user)
- else:
- response = "<error>Invalid username or password.</error>"
-
- try:
- del request.session["srp_I"]
- del request.session["srp_M"]
- del request.session["srp_S"]
- del request.session["srp_A"]
- except KeyError:
- pass
- return HttpResponse(response, mimetype="text/xml")
-
-# Check that the user has generated the correct M
-def upgrade_auth(request):
- import hashlib
- if request.POST["M"] == request.session["srp_M"]:
- response = "<M>%s</M>" % hashlib.sha256("%s%s%s" % (request.session["srp_A"], request.session["srp_M"], request.session["srp_S"])).hexdigest()
- request.session["srp_preauth"] = True
- else:
- response = "<error>Invalid username or password.</error>"
- return HttpResponse(response, mimetype="text/xml")
-
-# Receive the encrypted password, create the verifier, save the user, and notify the client
-def upgrade_add_verifier(request):
- from srp.models import SRPUser
- from django.contrib.auth.models import User
- import hashlib
- salt = generate_salt()
- key = hashlib.sha256(request.session["srp_S"]).hexdigest()
- user = User.objects.get(username=request.session["srp_I"])
- srpuser = SRPUser()
- srpuser.__dict__.update(user.__dict__)
- srpuser.verifier = generate_verifier(salt, request.session["srp_I"], decrypt(request.POST["p"], key, int(request.POST["l"])))
- srpuser.salt = salt
- srpuser.password = ""
- srpuser.save()
- return HttpResponse("<ok/>", mimetype="text/xml")
-
-# If a user has posted their username and password, we'll go ahead and authenticate them
-def no_javascript(request):
- from django.contrib.auth.models import User
- from srp.models import SRPUser
- from django.contrib.auth import login, authenticate
- try:
- user = User.objects.get(username=request.POST["srp_username"])
- try:
- # Create a verifier for the user, and check that it matches the user's verifier
- # Since we're doing it all on one side, we can skip the rest of the protocol
- v = generate_verifier(user.srpuser.salt, request.POST["srp_username"], request.POST["srp_password"])
- user = authenticate(username=request.POST["srp_username"], M=(user.srpuser.verifier, v))
- if user:
- login(request, user)
- if not request.POST["srp_forward"].startswith("#"):
- return HttpResponseRedirect(request.POST["srp_forward"])
- else:
- return HttpResponseRedirect("%s%s" % (request.META["HTTP_REFERER"], request.POST["srp_forward"]))
- except SRPUser.DoesNotExist:
- # The user exists in the auth table, but not the SRP table
- # Create an SRP version of the user
- if user.check_password(request.POST["srp_password"]):
- srpuser = SRPUser()
- srpuser.__dict__.update(user.__dict__)
- srpuser.salt = generate_salt()
- srpuser.verifier = generate_verifier(srpuser.salt, request.POST["srp_username"], request.POST["srp_password"])
- srpuser.password = ""
- srpuser.save()
- if not request.POST["srp_forward"].startswith("#"):
- return HttpResponseRedirect(request.POST["srp_forward"])
- else:
- return HttpResponseRedirect("%s%s" % (request.META["HTTP_REFERER"], request.POST["srp_forward"]))
- except User.DoesNotExist:
- # The user does not exist in the auth tables
- # Send the client back to the login page with an error
- pass
- if "?" in request.META["HTTP_REFERER"]:
- if "error=1" in request.META["HTTP_REFERER"]:
- return HttpResponseRedirect("%s" % request.META["HTTP_REFERER"])
- else:
- return HttpResponseRedirect("%s&error=1" % request.META["HTTP_REFERER"])
- else:
- return HttpResponseRedirect("%s?error=1" % request.META["HTTP_REFERER"])
diff --git a/django/srpproject/templates/aes.html b/django/srpproject/templates/aes.html
deleted file mode 100644
index dbdd4ac..0000000
--- a/django/srpproject/templates/aes.html
+++ /dev/null
@@ -1,69 +0,0 @@
-<html>
- <head>
- <script src="{{ static_files }}/prng4.js"></script>
- <script src="{{ static_files }}/rng.js"></script>
- <script src="{{ static_files }}/jsPacker/hash.min.js"></script>
- <script type="text/javascript">
- var key = cryptoHelpers.toNumbers("6754c921b8dcbd1f8b58748cd87ac60ce857314687a65df05c470a46f438842c");
- var rng = new SecureRandom();
- innerxml = function(node)
- {
- return node.firstChild.nodeValue;
- };
- ajaxRequest = function(full_url, params, callback)
- {
- if( window.XMLHttpRequest)
- xhr = new XMLHttpRequest();
- else if (window.ActiveXObject){
- try{
- xhr = new ActiveXObject("Microsoft.XMLHTTP");
- }catch (e){}
- }
- else
- {
- that.error_message("Ajax not supported.");
- return;
- }
- if(xhr){
- xhr.onreadystatechange = callback;
- xhr.open("POST", full_url, true);
- xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- xhr.setRequestHeader("Content-length", params.length);
- xhr.setRequestHeader("Connection", "close");
- xhr.send(params);
- }
- else
- {
- that.error_message("Ajax failed.");
- }
- };
- function encryptDecrypt()
- {
- var byteMessage = cryptoHelpers.convertStringToByteArray(document.getElementById("plaintext").value);
- var iv = new Array(16);
- rng.nextBytes(iv);
- var paddedByteMessage = slowAES.getPaddedBlock(byteMessage, 0, byteMessage.length, slowAES.modeOfOperation.OFB);
- var ciphertext = slowAES.encrypt(paddedByteMessage, slowAES.modeOfOperation.OFB, key, key.length, iv).cipher;
- var sendstring = cryptoHelpers.base64.encode(iv.concat(ciphertext));
- while(sendstring.indexOf("+",0) > -1)
- sendstring = sendstring.replace("+", "_");
- ajaxRequest("http://home.ausiv.com:85/srp/aes/post/", "c="+sendstring+"&l="+byteMessage.length, displayText);
-
- };
- function displayText()
- {
- if(xhr.readyState == 4 && xhr.status == 200) {
- if(xhr.responseXML.getElementsByTagName("P").length > 0)
- document.getElementById("output").value = innerxml(xhr.responseXML.getElementsByTagName("P")[0]);
- else if(xhr.responseXML.getElementsByTagName("error").length > 0)
- alert(innerxml(xhr.responseXML.getElementsByTagName("error")[0]));
- }
- };
- </script>
- </head>
- <body>
- <input type="text" id="plaintext"/>
- <input type="button" value="Send Encrypted Text" onclick="javascript:encryptDecrypt();"/>
- <input type="text" id="output"/>
- </body>
-</html>
diff --git a/django/srpproject/templates/login.html b/django/srpproject/templates/login.html
deleted file mode 100644
index c1d6238..0000000
--- a/django/srpproject/templates/login.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<html>
- <head>
- {{ jsHeader|safe }}
- {{ loginFunction|safe }}
- </head>
- <body>
- {{ error }}<p/>
- {{ loginForm|safe }}
- </body>
-</html>
diff --git a/django/srpproject/templates/register.html b/django/srpproject/templates/register.html
deleted file mode 100644
index 6e6d44a..0000000
--- a/django/srpproject/templates/register.html
+++ /dev/null
@@ -1,46 +0,0 @@
-<html>
- <head>
- {% comment %}
- <script src="{{ static_files }}/SHA256.js"></script>
- <script src="{{ static_files }}/prng4.js"></script>
- <script src="{{ static_files }}/rng.js"></script>
- <script src="{{ static_files }}/jsbn.js"></script>
- <script src="{{ static_files }}/jsbn2.js"></script>
- <script src="{{ static_files }}/srp.js"></script>
- {% endcomment %}
- <script src="{{ static_files }}/jsPacker/srp.min.js"></script>
- <script src="{{ static_files }}/jsPacker/srp_register.min.js"></script>
- <script type="text/javascript">
- function register()
- {
- if(document.getElementById("confirm_password").value != document.getElementById("srp_password").value)
- alert("Passwords do not match");
- else if(document.getElementById("srp_password").value == "")
- alert("Password cannot be blank");
- else
- {
- srp = new SRP();
- srp.success = function()
- {
- alert("We win");
- };
- srp.register();
- }
- return false;
- };
- </script>
- </head>
- <body>
- <form action="." onsubmit="return register()">
- <table>
- <tr><td>Username:</td><td><input type="text" id="srp_username" /></td></tr>
- <tr><td>Password:</td><td><input type="password" id="srp_password" /></td></tr>
- <tr><td>Confirm:</td><td><input type="password" id="confirm_password" /></td></tr>
- <input type="hidden" id="srp_url" value="{{ srp_url }}"/>
- <input type="hidden" id="srp_forward" value="{{ srp_url }}login/"/>
- <input type="hidden" id="srp_server" value="django"/>
- </table>
- <input type="submit"/>
- </form>
- </body>
-</html>
diff --git a/django/srpproject/urls.py b/django/srpproject/urls.py
deleted file mode 100644
index c50fd72..0000000
--- a/django/srpproject/urls.py
+++ /dev/null
@@ -1,29 +0,0 @@
-from django.conf.urls.defaults import *
-
-# Uncomment the next two lines to enable the admin:
-# from django.contrib import admin
-# admin.autodiscover()
-import srp.views
-
-urlpatterns = patterns('',
-
- # Login and regiser pages. These are mainly for testing.
- (r'^srp/register/$', srp.views.register_page),
- (r'^srp/login/$', srp.views.login_page),
-
- # These pages are necessary for users to register
- (r'^srp/register/salt/$', srp.views.register_salt),
- (r'^srp/register/user/$', srp.views.register_user),
-
- # These pages are necessary for users to log in
- (r'^srp/handshake/$', srp.views.handshake),
- (r'^srp/authenticate/$', srp.views.verify),
-
- # This page allows users to login without javascript,
- # but the browser posts their username and password in plaintext.
- (r'^srp/noJs/$', srp.views.no_javascript),
-
- # Only include these if you are upgrading an existing installation to SRP
- (r'^srp/upgrade/authenticate/$', srp.views.upgrade_auth),
- (r'^srp/upgrade/verifier/$', srp.views.upgrade_add_verifier),
-)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-30 02:38:38 +0000