moved srp-js files from lib to src

author: Azul <azul@riseup.net> 2012-08-21 17:59:11 +0200
committer: Azul <azul@riseup.net> 2012-08-21 17:59:45 +0200
commit: 0461d76899379cb1e2ecd15456d2e6eb4fb8fa60 (patch)
tree: 1994adec7dd4c817f6419ea65efe96ce415bad82 /lib
parent: d5e30a95e09bab18a55f9aad1572b6ae3e16e482 (diff)
4 files changed, 0 insertions, 461 deletions
diff --git a/lib/jqueryRest.js b/lib/jqueryRest.js
deleted file mode 100644
index 8c8163c..0000000
--- a/lib/jqueryRest.js
+++ /dev/null
@@ -1,127 +0,0 @@
-jqueryRest = function() {
-
-  function getUrl()
-  {
-    return "";
-  }
-
-  function paths(path)
-  {
-    return path
-  }
-
-  // Perform ajax requests at the specified path, with the specified parameters
-  // Calling back the specified function.
-  function ajaxRequest(relative_path, params, callback)
-  {
-    var full_url = this.geturl() + this.paths(relative_path);
-    if( window.XMLHttpRequest)
-      xhr = new XMLHttpRequest();
-    else if (window.ActiveXObject){
-      try{
-        xhr = new ActiveXObject("Microsoft.XMLHTTP");
-      }catch (e){}
-    }
-    else
-    {
-      session.error_message("Ajax not supported.");
-      return;
-    }
-    if(xhr){
-      xhr.onreadystatechange = function() {
-        if(xhr.readyState == 4 && xhr.status == 200) {
-          callback(parseResponse());
-        }
-      };
-      xhr.open("POST", full_url, true);
-      xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
-      xhr.setRequestHeader("Content-length", params.length);
-      xhr.send(params);
-    }
-    else
-    {
-      session.error_message("Ajax failed.");
-    }        
-  };
-
-  function parseResponse() {
-    if (responseIsXML()) {
-      return parseXML(xhr.responseXML);
-    } else if (responseIsJSON()) {
-      return JSON.parse(xhr.responseText);
-    } 
-  };
-
-  function responseIsXML() {
-    return (xhr.responseType == 'document') || 
-           (xhr.getResponseHeader("Content-Type").indexOf('application/xml') >= 0)
-  }
-
-  function responseIsJSON() {
-    return (xhr.responseType == 'json') || 
-           (xhr.getResponseHeader("Content-Type").indexOf('application/json') >= 0)
-  }
-
-  function parseXML(xml) {
-    if (xml.getElementsByTagName("r").length > 0) {
-      return parseAttributesOfElement(xml.getElementsByTagName("r")[0]);
-    } else {
-      return parseNodes(xml.childNodes);
-    }
-  };
-
-  function parseAttributesOfElement(elem) {
-    var response = {};
-    for (var i = 0; i < elem.attributes.length; i++) {
-      var attrib = elem.attributes[i];
-      if (attrib.specified) {
-        response[attrib.name] = attrib.value;
-      }
-    }
-    return response;
-  };
-
-  function parseNodes(nodes) {
-    var response = {};
-    for (var i = 0; i < nodes.length; i++) {
-      var node = nodes[i];
-      response[node.tagName] = node.textContent || true;
-    }
-    return response;
-  };
-
-  // we do not fetch the salt from the server
-  function register(session, callback)
-  {
-    sendVerifier(session, callback);
-  }
-
-  function sendVerifier(session, callback) {
-    this.ajaxRequest("users", "user[login]=" + session.getI() +
-      "&user[password_salt]=" + session.getSalt() +
-      "&user[password_verifier]=" + session.getV().toString(16), callback);
-  }
-
-  function handshake(I, Astr, callback) {
-    this.ajaxRequest("handshake/", "I="+I+"&A="+Astr, callback);
-  }
-
-  function authenticate(M, callback) {
-    this.ajaxRequest("authenticate/", "M="+M, callback);
-  }
-
-  function upgrade(M, callback) {
-    this.ajaxRequest("upgrade/authenticate/", "M="+M, callback);
-  }
-
-  return {
-    geturl: getUrl,
-    paths: paths,
-    ajaxRequest: ajaxRequest,
-    register: register,
-    register_send_verifier: sendVerifier,
-    handshake: handshake,
-    authenticate: authenticate,
-    upgrade: upgrade
-  }
-}
diff --git a/lib/plainXHR.js b/lib/plainXHR.js
deleted file mode 100644
index d07416b..0000000
--- a/lib/plainXHR.js
+++ /dev/null
@@ -1,120 +0,0 @@
-//
-// SRP JS - Plain XHR module
-//
-// This is deprecated - unless you are using srp-js with the original drupal
-// server side I recommend you use a different API such as restful.js
-//
-// This code has been largely refactored, tests are still passing but I did
-// not test it with the server itself.
-
-SRP.prototype.Remote = function() {
-
-  // Perform ajax requests at the specified path, with the specified parameters
-  // Calling back the specified function.
-  function ajaxRequest(url, params, callback)
-  {
-    if( window.XMLHttpRequest)
-      xhr = new XMLHttpRequest();
-    else if (window.ActiveXObject){
-      try{
-        xhr = new ActiveXObject("Microsoft.XMLHTTP");
-      }catch (e){}
-    }
-    else
-    {
-      session.error_message("Ajax not supported.");
-      return;
-    }
-    if(xhr){
-      xhr.onreadystatechange = function() {
-        if(xhr.readyState == 4 && xhr.status == 200) {
-          callback(parseResponse());
-        }
-      };
-      xhr.open("POST", url, true);
-      xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
-      xhr.setRequestHeader("Content-length", params.length);
-      xhr.send(params);
-    }
-    else
-    {
-      session.error_message("Ajax failed.");
-    }        
-  };
-
-  function parseResponse() {
-    if (responseIsXML()) {
-      return parseXML(xhr.responseXML);
-    } else if (responseIsJSON()) {
-      return JSON.parse(xhr.responseText);
-    } 
-  };
-
-  function responseIsXML() {
-    return (xhr.responseType == 'document') || 
-           (xhr.getResponseHeader("Content-Type").indexOf('application/xml') >= 0)
-  }
-
-  function responseIsJSON() {
-    return (xhr.responseType == 'json') || 
-           (xhr.getResponseHeader("Content-Type").indexOf('application/json') >= 0)
-  }
-
-  function parseXML(xml) {
-    if (xml.getElementsByTagName("r").length > 0) {
-      return parseAttributesOfElement(xml.getElementsByTagName("r")[0]);
-    } else {
-      return parseNodes(xml.childNodes);
-    }
-  };
-
-  function parseAttributesOfElement(elem) {
-    var response = {};
-    for (var i = 0; i < elem.attributes.length; i++) {
-      var attrib = elem.attributes[i];
-      if (attrib.specified) {
-        response[attrib.name] = attrib.value;
-      }
-    }
-    return response;
-  };
-
-  function parseNodes(nodes) {
-    var response = {};
-    for (var i = 0; i < nodes.length; i++) {
-      var node = nodes[i];
-      response[node.tagName] = node.textContent || true;
-    }
-    return response;
-  };
-  
-  // Drupal version fetches the salt from the server. No idea why but this
-  // should still do it.
-  this.register = function(session, callback)
-  {
-    var that = this;
-    ajaxRequest("register/salt/", "I="+session.getI(), receive_salt);
-
-    function receive_salt(response)
-    {
-      if(response.salt)
-      {
-        var s = response.salt;
-        var v = session.getV(s);
-        that.sendVerifier(session, callback);
-      }
-    };
-  }
-
-  this.sendVerifier = function(session, callback) {
-    ajaxRequest("register/user/", "v="+session.getV().toString(16), callback);
-  }
-
-  this.handshake = function(session, callback) {
-    ajaxRequest("handshake/", "I="+session.getI()+"&A="+session.getAstr(), callback);
-  }
-
-  this.authenticate = function(session, callback) {
-    ajaxRequest("authenticate/", "M="+session.getM(), callback);
-  }
-}
diff --git a/lib/srp.js b/lib/srp.js
deleted file mode 100644
index 0482a06..0000000
--- a/lib/srp.js
+++ /dev/null
@@ -1,76 +0,0 @@
-function SRP(remote, session)
-{
-  var srp = this;
-  session = session || new this.Session();
-  remote = remote || new this.Remote();
-  remote.onError = remote.onError || this.error;
-  session.onError = session.onError || this.error;
-  this.remote = remote;
-  this.session = session;
-
-  // Start the login process by identifying the user
-  this.identify = function()
-  {
-    remote.handshake(session, receive_salts);
-
-    // Receive login salts from the server, start calculations
-    function receive_salts(response)
-    {
-      // B = 0 will make the algorithm always succeed
-      // -> refuse such a server answer
-      if(response.B == 0) {
-        srp.error("Server send random number 0 - this is not allowed");
-      } else {
-        session.calculations(response.s, response.B);
-        remote.authenticate(session, confirm_authentication)
-      }
-    };
-
-    // Receive M2 from the server and verify it
-    // If an error occurs, raise it as an alert.
-    function confirm_authentication(response)
-    {
-      if (session.validate(response.M))
-        srp.success();
-      else
-        srp.error("Server key does not match");
-    };
-  };
-
-  // Initiate the registration process
-  this.register = function()
-  {
-    remote.register(session, srp.registered_user);
-  };
-
-  // The user has been registered successfully, now login
-  this.registered_user = function(response)
-  {
-    if(response.ok)
-    {
-      srp.identify();
-    }
-  };  
-
-  // Minimal error handling - set remote.onError to sth better to overwrite.
-  this.error = function(text)
-  {
-    alert(text);
-  };
-
-  // This function is called when authentication is successful.
-  // Developers can set this to other functions in specific implementations
-  // and change the functionality.
-  this.success = function()
-  {
-    var forward_url = document.getElementById("srp_forward").value;
-    if(forward_url.charAt(0) != "#")
-      window.location = forward_url;
-    else
-    {
-      window.location = forward_url;
-      alert("Login successful.");
-    }
-  };
-};
-
diff --git a/lib/srp_session.js b/lib/srp_session.js
deleted file mode 100644
index 93bfbe5..0000000
--- a/lib/srp_session.js
+++ /dev/null
@@ -1,138 +0,0 @@
-SRP.prototype.Session = function() {
-  
-  // Variables session will be used in the SRP protocol
-  var Nstr = "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3";
-  var N = new BigInteger(Nstr, 16);
-  var g = new BigInteger("2");
-  var k = new BigInteger("c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58", 16);
-
-  var rng = new SecureRandom();
-  var a = new BigInteger(32, rng);
-  var A = g.modPow(a, N);
-  while(A.mod(N) == 0)
-  {
-    a = new BigInteger(32, rng);
-    A = g.modPow(a, N);
-  }
-  var Astr = A.toString(16);
-  var S = null;
-  var K = null;
-  var M = null;
-  var M2 = null;
-  var authenticated = false;
-  var I = document.getElementById("srp_username").value;
-  var pass = document.getElementById("srp_password").value;
-  var V;
-  var salt;
-
-  // *** Accessor methods ***
-
-  // allows setting the random number A for testing
-
-  this.calculateAndSetA = function(_a)
-  {
-    a = new BigInteger(_a, 16);
-    A = g.modPow(a, N);
-    Astr = A.toString(16);
-    return Astr;
-  };
-
-  this.getAstr = function() {
-    return Astr;
-  }
-
-  // Returns the user's identity
-  this.getI = function()
-  {
-    return I;
-  };
-
-  // some 16 byte random number
-  this.getSalt = function() {
-    salt = salt || new BigInteger(64, rng).toString(16);
-    return salt
-  }
-
-  // Returns the BigInteger, g
-  this.getg = function()
-  {
-    return g;
-  };
-
-  // Returns the BigInteger, N
-  this.getN = function()
-  {
-    return N;
-  };
-
-  // Calculates the X value and return it as a BigInteger
-  this.calcX = function(s)
-  {
-    return new BigInteger(SHA256(s + SHA256(I + ":" + pass)), 16);
-  };
-
-  this.getV = function(salt)
-  {
-    V = V || this.getg().modPow(this.calcX(salt), this.getN());
-    return V;
-  }
-
-  // Calculate S, M, and M2
-  // This is the client side of the SRP specification
-  this.calculations = function(salt, ephemeral)
-  {    
-    //S -> C: s | B
-    var B = new BigInteger(ephemeral, 16); 
-    var Bstr = ephemeral;
-    // u = H(A,B)
-    var u = new BigInteger(SHA256(Astr + Bstr), 16); 
-    // x = H(s, H(I:p))
-    var x = new BigInteger(SHA256(salt + SHA256(I + ":" + pass)), 16);
-    //S = (B - kg^x) ^ (a + ux)
-    var kgx = k.multiply(g.modPow(x, N));  
-    var aux = a.add(u.multiply(x)); 
-    S = B.subtract(kgx).modPow(aux, N); 
-    // M = H(H(N) xor H(g), H(I), s, A, B, K)
-    var Mstr = A.toString(16) + B.toString(16) + S.toString(16); 
-    M = SHA256(Mstr);
-    M2 = SHA256(A.toString(16) + M + S.toString(16)); 
-    //M2 = H(A, M, K)
-  };
-
-  this.getM = function() {
-    return M;
-  }
-
-  this.validate = function(serverM2) {
-    authenticated = (serverM2 && serverM2 == M2)
-    return authenticated;
-  }
-
-  // If someone wants to use the session key for encrypting traffic, they can
-  // access the key with this function.
-  this.key = function()
-  {
-    if(K) return K;
-    if(authenticated) {
-      K = SHA256(S.toString(16));
-      return K;
-    }
-    else
-      this.onError("User has not been authenticated.");
-  };
-
-  // Encrypt plaintext using slowAES
-  this.encrypt = function(plaintext)
-  {
-    var key = cryptoHelpers.toNumbers(session.key());
-    var byteMessage = cryptoHelpers.convertStringToByteArray(plaintext);
-    var iv = new Array(16);
-    rng.nextBytes(iv);
-    var paddedByteMessage = slowAES.getPaddedBlock(byteMessage, 0, byteMessage.length, slowAES.modeOfOperation.CFB);
-    var ciphertext = slowAES.encrypt(paddedByteMessage, slowAES.modeOfOperation.CFB, key, key.length, iv).cipher;
-    var retstring = cryptoHelpers.base64.encode(iv.concat(ciphertext));
-    while(retstring.indexOf("+",0) > -1)
-      retstring = retstring.replace("+", "_");
-    return retstring;
-  };
-}
author	Azul <azul@riseup.net>	2012-08-21 17:59:11 +0200
committer	Azul <azul@riseup.net>	2012-08-21 17:59:45 +0200
commit	0461d76899379cb1e2ecd15456d2e6eb4fb8fa60 (patch)
tree	1994adec7dd4c817f6419ea65efe96ce415bad82 /lib
parent	d5e30a95e09bab18a55f9aad1572b6ae3e16e482 (diff)