From 1c0454cbb1c0b8d75a3c192ff588365ef8bc19d0 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 12 Oct 2012 18:52:53 +0200 Subject: got signup to work in accordance with py srp --- lib/SHA256.js | 1 - spec/RestfulSpecRunner.html | 4 ++-- spec/restful/signup.js | 10 +++++++--- src/srp_session.js | 14 +++++++++++--- 4 files changed, 20 insertions(+), 9 deletions(-) diff --git a/lib/SHA256.js b/lib/SHA256.js index 1a852c0..f79b07d 100644 --- a/lib/SHA256.js +++ b/lib/SHA256.js @@ -121,7 +121,6 @@ function SHA256(s){ return str; } - s = Utf8Encode(s); return binb2hex(core_sha256(str2binb(s), s.length * chrsz)); } diff --git a/spec/RestfulSpecRunner.html b/spec/RestfulSpecRunner.html index 913dab8..8203970 100644 --- a/spec/RestfulSpecRunner.html +++ b/spec/RestfulSpecRunner.html @@ -64,8 +64,8 @@

- - + + diff --git a/spec/restful/signup.js b/spec/restful/signup.js index e214508..bc20b14 100644 --- a/spec/restful/signup.js +++ b/spec/restful/signup.js @@ -13,13 +13,17 @@ describe("Signup", function() { expect(typeof this.srp.register).toBe('function'); }); + it("calculates the right x", function(){ + expect(this.srp.session.calcX("7686acb8").toString(16)).toBe('84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398'); + }); + it("identifies after successful registration (INTEGRATION)", function(){ var callback = sinon.spy(); this.srp.identify = callback; - this.srp.session.getSalt = function() {return "5d3055e0acd3ddcfc15"}; + this.srp.session.getSalt = function() {return "4c78c3f8"}; this.srp.register(); - this.expectRequest('users', "user[login]=user&user[password_salt]=5d3055e0acd3ddcfc15&user[password_verifier]=adcd57b4a4a05c2e205b0b7b30014d9ff635d8d8db2f502f08e9b9c132800c44") - this.respondJSON({password_salt: "5d3055e0acd3ddcfc15", login: "user", ok: "true"}); + this.expectRequest('users', "user[login]=testuser&user[password_salt]=4c78c3f8&user[password_verifier]=474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c") + this.respondJSON({password_salt: "4c78c3f8", login: "testuser", ok: "true"}); expect(callback).toHaveBeenCalled(); }); diff --git a/src/srp_session.js b/src/srp_session.js index 93bfbe5..afd653a 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -1,10 +1,10 @@ SRP.prototype.Session = function() { // Variables session will be used in the SRP protocol - var Nstr = "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3"; + var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; var N = new BigInteger(Nstr, 16); var g = new BigInteger("2"); - var k = new BigInteger("c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58", 16); + var k = new BigInteger("bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0", 16); var rng = new SecureRandom(); var a = new BigInteger(32, rng); @@ -68,7 +68,7 @@ SRP.prototype.Session = function() { // Calculates the X value and return it as a BigInteger this.calcX = function(s) { - return new BigInteger(SHA256(s + SHA256(I + ":" + pass)), 16); + return new BigInteger(SHA256(hex2a(s + SHA256(I + ":" + pass))), 16); }; this.getV = function(salt) @@ -135,4 +135,12 @@ SRP.prototype.Session = function() { retstring = retstring.replace("+", "_"); return retstring; }; + + function hex2a(hex) { + var str = ''; + for (var i = 0; i < hex.length; i += 2) + str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); + return str; + } + } -- cgit v1.2.3

Username:
Password:
Username:
Password: