diff options
| author | Azul <azul@riseup.net> | 2012-10-14 16:24:10 +0200 |
|---|---|---|
| committer | Azul <azul@riseup.net> | 2012-10-14 16:24:10 +0200 |
| commit | 2263abad65b92ef26c8e67097bbcfeb6988ab8fd (patch) | |
| tree | f01c8721ddabfaadeef9e1a6490b761ffb5b4709 /src | |
| parent | 6caf581e26c989ec5e2154aa60d6526ff956e381 (diff) | |
calculating the right M and M2!
still missing some error handling, this in Django specs and the right http verbs
Diffstat (limited to 'src')
| -rw-r--r-- | src/srp_session.js | 47 |
1 files changed, 34 insertions, 13 deletions
diff --git a/src/srp_session.js b/src/srp_session.js index afd653a..07c1e25 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -66,9 +66,9 @@ SRP.prototype.Session = function() { }; // Calculates the X value and return it as a BigInteger - this.calcX = function(s) + this.calcX = function(salt) { - return new BigInteger(SHA256(hex2a(s + SHA256(I + ":" + pass))), 16); + return new BigInteger(SHA256(hex2a(salt + SHA256(I + ":" + pass))), 16); }; this.getV = function(salt) @@ -85,18 +85,30 @@ SRP.prototype.Session = function() { var B = new BigInteger(ephemeral, 16); var Bstr = ephemeral; // u = H(A,B) - var u = new BigInteger(SHA256(Astr + Bstr), 16); + var u = new BigInteger(SHA256(hex2a(Astr + Bstr)), 16); // x = H(s, H(I:p)) - var x = new BigInteger(SHA256(salt + SHA256(I + ":" + pass)), 16); + var x = this.calcX(salt); //S = (B - kg^x) ^ (a + ux) var kgx = k.multiply(g.modPow(x, N)); var aux = a.add(u.multiply(x)); S = B.subtract(kgx).modPow(aux, N); - // M = H(H(N) xor H(g), H(I), s, A, B, K) - var Mstr = A.toString(16) + B.toString(16) + S.toString(16); - M = SHA256(Mstr); - M2 = SHA256(A.toString(16) + M + S.toString(16)); + K = SHA256(hex2a(S.toString(16))); + this.calcM(salt, A.toString(16), B.toString(16)); + }; + + // M = H(H(N) xor H(g), H(I), s, A, B, K) + this.calcM = function(salt, Astr, Bstr) { + var hashN = SHA256(hex2a(N.toString(16))) + var hashG = SHA256(hex2a(g.toString(16))) + var hexString = hexXor(hashN, hashG); + hexString += SHA256(I); + hexString += salt; + hexString += Astr; + hexString += Bstr; + hexString += K + M = SHA256(hex2a(hexString)); //M2 = H(A, M, K) + M2 = SHA256(hex2a(Astr + M + K)); }; this.getM = function() { @@ -112,13 +124,11 @@ SRP.prototype.Session = function() { // access the key with this function. this.key = function() { - if(K) return K; - if(authenticated) { - K = SHA256(S.toString(16)); + if(K) { return K; - } - else + } else { this.onError("User has not been authenticated."); + } }; // Encrypt plaintext using slowAES @@ -143,4 +153,15 @@ SRP.prototype.Session = function() { return str; } + function hexXor(a, b) { + var str = ''; + for (var i = 0; i < a.length; i += 2) { + var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16) + xor = xor.toString(16); + str += (xor.length == 1) ? ("0" + xor) : xor + } + return str; + } + + } |