Merge pull request #1 from azul/refactor/separate-session

Refactor/separate session
author: jessib <jessib@riseup.net> 2013-06-24 10:32:58 -0700
committer: jessib <jessib@riseup.net> 2013-06-24 10:32:58 -0700
commit: e7a0b830b8f994316a560001a9e7397422b184b1 (patch)
tree: 14a591408caecc369b84d985dae1864019f3aedc /src
parent: 3328b20621265b0c50ed395ea890b267ab89109b (diff)
parent: 0c5369fd9299eb9bf7295e3925ce803c5473e2b8 (diff)
4 files changed, 156 insertions, 111 deletions
diff --git a/src/jqueryRest.js b/src/jqueryRest.js
index bfa4592..c1eb3c1 100644
--- a/src/jqueryRest.js
+++ b/src/jqueryRest.js
@@ -20,7 +20,7 @@ srp.remote = (function(){
 
     function authenticate(session) {
       return $.ajax({
-        url: "/sessions/" + session.getI() + ".json",
+        url: "/sessions/" + session.login() + ".json",
         type: 'PUT',
         data: {client_auth: session.getM()}
       });
diff --git a/src/srp_account.js b/src/srp_account.js
new file mode 100644
index 0000000..336e013
--- /dev/null
+++ b/src/srp_account.js
@@ -0,0 +1,13 @@
+srp.Account = function(login, password) {
+  
+  // Returns the user's identity
+  this.login = function() {
+    return login || document.getElementById("srp_username").value;
+  };
+
+  // Returns the password currently typed in
+  this.password = function() {
+    return password || document.getElementById("srp_password").value;
+  };
+
+}
diff --git a/src/srp_calculate.js b/src/srp_calculate.js
new file mode 100644
index 0000000..8928114
--- /dev/null
+++ b/src/srp_calculate.js
@@ -0,0 +1,106 @@
+srp.Calculate = function() {
+
+  // Variables used in the SRP protocol
+  var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3";
+  var N = new BigInteger(Nstr, 16);
+  var g = new BigInteger("2");
+  var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16);
+  var rng = new SecureRandom();
+
+  this.A = function(_a) { 
+    a = new BigInteger(_a, 16);
+    return g.modPow(a, N).toString(16);
+  };
+
+  // Calculates the X value
+  // x = H(s, H(I:p))
+  this.X = function(login, password, salt) {
+    var salted = salt + this.hash(login + ":" + password)
+    return this.hashHex(salted);
+  };
+
+  this.V = this.A;
+
+  // u = H(A,B)
+  this.U = function(A, B) {
+    return this.hashHex(A + B); 
+  };
+
+  //S = (B - kg^x) ^ (a + ux)
+  this.S = function(_a, _A, _B, _x) {
+    var a = new BigInteger(_a, 16);
+    var x = new BigInteger(_x, 16);
+    var u = new BigInteger(this.U(_A, _B), 16);
+    var B = new BigInteger(_B, 16);
+    
+    var kgx = k.multiply(g.modPow(x, N));  
+    var aux = a.add(u.multiply(x)); 
+    
+    return B.subtract(kgx).modPow(aux, N).toString(16); 
+  }
+
+  this.K = function(_S) {
+    return this.hashHex(_S);
+  }
+
+  this.nXorG = function() {
+    var hashN = this.hashHex(Nstr);
+    var hashG = this.hashHex(g.toString(16));
+    return hexXor(hashN, hashG);
+  };
+
+  this.hashHex = function(hexString) {
+    return this.hash(hex2a(hexString));
+  };
+
+  this.hash = function(string) {
+    return removeLeading0(SHA256(string));
+  };
+
+
+  this.isInvalidEphemeral = function(a) {
+    return (g.modPow(a, N) == 0);
+  };
+
+  this.randomEphemeral = function() {
+    var a = new BigInteger(32, rng);
+    while(this.isInvalidEphemeral(a))
+    {
+      a = new BigInteger(32, rng);
+    }
+    return a.toString(16);
+  };
+  
+  // some 16 byte random number
+  this.randomSalt = function() {
+    return new BigInteger(64, rng).toString(16);
+  }
+
+  function hex2a(hex) {
+    var str = '';
+    if(hex.length % 2) {
+      hex = "0" + hex;
+    }
+    for (var i = 0; i < hex.length; i += 2)
+      str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
+    return str;
+  }
+
+  function removeLeading0(hex) {
+    if (hex[0] == "0") {
+      return hex.substr(1);
+    } else {
+      return hex;
+    }
+  }
+
+  function hexXor(a, b) {
+    var str = '';
+    for (var i = 0; i < a.length; i += 2) {
+      var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16)
+      xor = xor.toString(16);
+      str += (xor.length == 1) ? ("0" + xor) : xor
+    }
+    return str;
+  }
+};
diff --git a/src/srp_session.js b/src/srp_session.js
index b1b6014..5d1f829 100644
--- a/src/srp_session.js
+++ b/src/srp_session.js
@@ -1,131 +1,74 @@
-srp.Session = function(login, password) {
-  
-  // Variables session will be used in the SRP protocol
-  var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3";
-  var N = new BigInteger(Nstr, 16);
-  var g = new BigInteger("2");
-  var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16);
-
-  var rng = new SecureRandom();
-  var a = new BigInteger(32, rng);
-  var A = g.modPow(a, N);
-  while(A.mod(N) == 0)
-  {
-    a = new BigInteger(32, rng);
-    A = g.modPow(a, N);
-  }
-  var Astr = A.toString(16);
+srp.Session = function(account, calculate) {
+
+  // default for injected dependency
+  account = account || new srp.Account();
+  calculate = calculate || new srp.Calculate();
+
+  var a = calculate.randomEphemeral();
+  var A = calculate.A(a);
   var S = null;
   var K = null;
   var M = null;
   var M2 = null;
   var authenticated = false;
-  var I = login;
-  var pass = password;
 
   // *** Accessor methods ***
 
   // allows setting the random number A for testing
 
   this.calculateAndSetA = function(_a) {
-    a = new BigInteger(_a, 16);
-    A = g.modPow(a, N);
-    Astr = A.toString(16);
-    return Astr;
+    a = _a;
+    A = calculate.A(_a);
+    return A;
   };
 
   this.signup = function() {
-    var salt = this.getSalt();
+    var salt = calculate.randomSalt();
+    var x = calculate.X(account.login(), account.password(), salt);
     return {
-      login: this.getI(),
+      login: account.login(),
       password_salt: salt,
-      password_verifier: this.getV(salt).toString(16)
+      password_verifier: calculate.V(x)
     };
   };
 
   this.handshake = function() {
     return { 
-      login: this.getI(), 
-      A: this.getAstr()
+      login: account.login(), 
+      A: this.getA()
     };
   };
 
-  this.getAstr = function() {
-    return Astr;
-  }
-
-  // Returns the user's identity
-  this.getI = function() {
-    I = login || document.getElementById("srp_username").value;
-    return I;
-  };
-
-  // Returns the password currently typed in
-  this.getPass = function() {
-    pass = password || document.getElementById("srp_password").value;
-    return pass;
-  };
-
-  // some 16 byte random number
-  this.getSalt = function() {
-    return new BigInteger(64, rng).toString(16);
+  this.getA = function() {
+    return A;
   }
 
-  // Returns the BigInteger, g
-  this.getg = function() {
-    return g;
-  };
-
-  // Returns the BigInteger, N
-  this.getN = function() {
-    return N;
-  };
-
-  // Calculates the X value and return it as a BigInteger
-  this.calcX = function(salt) {
-    var inner = salt + SHA256(this.getI() + ":" + this.getPass())
-    return new BigInteger(SHA256(hex2a(inner)), 16);
-  };
-
-  this.getV = function(salt)
-  {
-    return this.getg().modPow(this.calcX(salt), this.getN());
-  }
+  // Delegate login so it can be used when talking to the remote
+  this.login = account.login;
 
   // Calculate S, M, and M2
   // This is the client side of the SRP specification
   this.calculations = function(salt, ephemeral)
   {    
     //S -> C: s | B
-    var B = new BigInteger(ephemeral, 16); 
-    var Bstr = ephemeral;
-    // u = H(A,B)
-    var u = new BigInteger(SHA256(hex2a(Astr + Bstr)), 16); 
-    // x = H(s, H(I:p))
-    var x = this.calcX(salt);
-    //S = (B - kg^x) ^ (a + ux)
-    var kgx = k.multiply(g.modPow(x, N));  
-    var aux = a.add(u.multiply(x)); 
-    S = B.subtract(kgx).modPow(aux, N); 
-    K = SHA256(hex2a(S.toString(16)));
-    this.calcM(salt, A.toString(16), B.toString(16));
-  };
-
-  // M = H(H(N) xor H(g), H(I), s, A, B, K)
-  this.calcM = function(salt, Astr, Bstr) {
-    var hashN = SHA256(hex2a(N.toString(16)))
-    var hashG = SHA256(hex2a(g.toString(16)))
-    var hexString = hexXor(hashN, hashG);
-    hexString += SHA256(I);
-    hexString += salt;
-    hexString += Astr;
-    hexString += Bstr;
-    hexString += K
-    M = SHA256(hex2a(hexString));
+    var B = ephemeral;
+    var x = calculate.X(account.login(), account.password(), salt);
+    S = calculate.S(a, A, B, x);
+    K = calculate.K(S);
+    
+    // M = H(H(N) xor H(g), H(I), s, A, B, K)
+    var xor = calculate.nXorG();
+    var hash_i = calculate.hash(account.login())
+    M = calculate.hashHex(xor + hash_i + salt + A + B + K);
     //M2 = H(A, M, K)
-    M2 = SHA256(hex2a(Astr + M + K));
+    M2 = calculate.hashHex(A + M + K);
   };
 
+
+  this.getS = function() {
+    return S;
+  }
+
   this.getM = function() {
     return M;
   }
@@ -160,22 +103,5 @@ srp.Session = function(login, password) {
       retstring = retstring.replace("+", "_");
     return retstring;
   };
-
-  function hex2a(hex) {
-    var str = '';
-    for (var i = 0; i < hex.length; i += 2)
-      str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
-    return str;
-  }
-
-  function hexXor(a, b) {
-    var str = '';
-    for (var i = 0; i < a.length; i += 2) {
-      var xor = parseInt(a.substr(i, 2), 16) ^ parseInt(b.substr(i, 2), 16)
-      xor = xor.toString(16);
-      str += (xor.length == 1) ? ("0" + xor) : xor
-    }
-    return str;
-  }
 };
author	jessib <jessib@riseup.net>	2013-06-24 10:32:58 -0700
committer	jessib <jessib@riseup.net>	2013-06-24 10:32:58 -0700
commit	e7a0b830b8f994316a560001a9e7397422b184b1 (patch)
tree	14a591408caecc369b84d985dae1864019f3aedc /src
parent	3328b20621265b0c50ed395ea890b267ab89109b (diff)
parent	0c5369fd9299eb9bf7295e3925ce803c5473e2b8 (diff)