summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2012-10-14 16:24:10 +0200
committerAzul <azul@riseup.net>2012-10-14 16:24:10 +0200
commit2263abad65b92ef26c8e67097bbcfeb6988ab8fd (patch)
treef01c8721ddabfaadeef9e1a6490b761ffb5b4709 /src
parent6caf581e26c989ec5e2154aa60d6526ff956e381 (diff)
calculating the right M and M2!
still missing some error handling, this in Django specs and the right http verbs
Diffstat (limited to 'src')
-rw-r--r--src/srp_session.js47
1 files changed, 34 insertions, 13 deletions
diff --git a/src/srp_session.js b/src/srp_session.js
index afd653a..07c1e25 100644
--- a/src/srp_session.js
+++ b/src/srp_session.js
@@ -66,9 +66,9 @@ SRP.prototype.Session = function() {
};
// Calculates the X value and return it as a BigInteger
- this.calcX = function(s)
+ this.calcX = function(salt)
{
- return new BigInteger(SHA256(hex2a(s + SHA256(I + ":" + pass))), 16);
+ return new BigInteger(SHA256(hex2a(salt + SHA256(I + ":" + pass))), 16);
};
this.getV = function(salt)
@@ -85,18 +85,30 @@ SRP.prototype.Session = function() {
var B = new BigInteger(ephemeral, 16);
var Bstr = ephemeral;
// u = H(A,B)
- var u = new BigInteger(SHA256(Astr + Bstr), 16);
+ var u = new BigInteger(SHA256(hex2a(Astr + Bstr)), 16);
// x = H(s, H(I:p))
- var x = new BigInteger(SHA256(salt + SHA256(I + ":" + pass)), 16);
+ var x = this.calcX(salt);
//S = (B - kg^x) ^ (a + ux)
var kgx = k.multiply(g.modPow(x, N));
var aux = a.add(u.multiply(x));
S = B.subtract(kgx).modPow(aux, N);
- // M = H(H(N) xor H(g), H(I), s, A, B, K)
- var Mstr = A.toString(16) + B.toString(16) + S.toString(16);
- M = SHA256(Mstr);
- M2 = SHA256(A.toString(16) + M + S.toString(16));
+ K = SHA256(hex2a(S.toString(16)));
+ this.calcM(salt, A.toString(16), B.toString(16));
+ };
+
+ // M = H(H(N) xor H(g), H(I), s, A, B, K)
+ this.calcM = function(salt, Astr, Bstr) {
+ var hashN = SHA256(hex2a(N.toString(16)))
+ var hashG = SHA256(hex2a(g.toString(16)))
+ var hexString = hexXor(hashN, hashG);
+ hexString += SHA256(I);
+ hexString += salt;
+ hexString += Astr;
+ hexString += Bstr;
+ hexString += K
+ M = SHA256(hex2a(hexString));
//M2 = H(A, M, K)
+ M2 = SHA256(hex2a(Astr + M + K));
};
this.getM = function() {
@@ -112,13 +124,11 @@ SRP.prototype.Session = function() {
// access the key with this function.
this.key = function()
{
- if(K) return K;
- if(authenticated) {
- K = SHA256(S.toString(16));
+ if(K) {
return K;
- }
- else
+ } else {
this.onError("User has not been authenticated.");
+ }
};
// Encrypt plaintext using slowAES
@@ -143,4 +153,15 @@ SRP.prototype.Session = function() {
return str;
}
+ function hexXor(a, b) {
+ var str = '';
+ for (var i = 0; i < a.length; i += 2) {
+ var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16)
+ xor = xor.toString(16);
+ str += (xor.length == 1) ? ("0" + xor) : xor
+ }
+ return str;
+ }
+
+
}