From 394f9377e3a0686625225f8e58d74a682096310b Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 20 Jun 2013 17:28:55 +0200
Subject: fix bug wrt zero padding of hashes

---
 spec/login_spec.js   |  4 ++--
 spec/session_spec.js | 19 ++++++++++++++++++-
 src/srp_session.js   | 19 +++++++++++++++++--
 3 files changed, 37 insertions(+), 5 deletions(-)

diff --git a/spec/login_spec.js b/spec/login_spec.js
index e806cff..8f54a1e 100644
--- a/spec/login_spec.js
+++ b/spec/login_spec.js
@@ -14,7 +14,7 @@ describe("Login with srp var", function() {
     var K = 'db6ec0bdab81742315861a828323ff492721bdcd114077a4124bc425e4bf328b';
     var M = '640e51d5ac5461591c31811221261f0e0eae7c08ce43c85e9556adbd94ed8c26';
     var M2 = '49e48f8ac8c4da0e8a7374f73eeedbee2266e123d23fc1be1568523fc9c24b1e';
-    var V = '6f5fb78184161f4191babaf1a700ff70e4d261054d002466d05f2ec2b45fc8807dbd7ce25dc3c882331eb8bf72a22caf2868e3438477be7ab151d3281d00aa1a9fc5cb6a725abd99e11882f77d52b56b83f95c0ba0b8fbbf4ee1fbb445c35adb5d1aaa48ba761c4a4417f6bb821fb61956c919e47740b316b960653303fe7190';
+    var V = '4277ddfdd111cc6a4cd27af570172a93ff4dddd9441ad89ecd78b08504812819d85712fbb6d2b487798ea0e19eeb960ce129725286d1c891314c0620abce02ac0a37fac823d0858553aed30ba99622ec9c66cc937016b96e82ef9e3b5d06e1db707293459c0aa8e082b528fd236cda347c45d8b022a9d4f3701c696e0397332a';
     var A_, callback;
 
 
@@ -33,7 +33,7 @@ describe("Login with srp var", function() {
     });
 
     it("calculates the same verifier", function(){
-      expect(srp.session.getV().toString(16)).toBe(V);
+      expect(srp.session.getV(salt).toString(16)).toBe(V);
     });
 
     it("calculates the same key", function(){
diff --git a/spec/session_spec.js b/spec/session_spec.js
index 643a717..acfe0be 100644
--- a/spec/session_spec.js
+++ b/spec/session_spec.js
@@ -1,7 +1,7 @@
 describe("Session", function() {
 
   // data gathered from py-srp and ruby-srp
-  var compare = {
+  var old_compare = {
     username: "UC6LTQ",
     password: "PVSQ7DCEIR0B",
     salt: "d6ed8dba",
@@ -12,6 +12,20 @@ describe("Session", function() {
     m: "bc30b8781e67a657e93d0a6cf7e7847fc60f79e2b0641e9c26b3522bc8f974cc"
   }
 
+  // login attempt with correct password that failed never the less:
+  var compare = {
+    username: "blues",
+    password: "justtest",
+    salt: "6a6ef9ce5cb998eb",
+      v: "a5da6d376d503e22d93385db0244c382d1413d9f721ad9866dfc5e895cf2a3331514ceec5f48aceab58b260651cc9ee1ba96d906f67a6b4a7414c82d1333607ebe96403ecc86050224dc4c17b1d30efdbb451a68d1b6a25cce10f0e844082329d3cb46e1c3d46298a0de2cd3b8c6acc1a80c206f0f10ec8cd3c050babdf338ba",
+    aa: "4decb8543891f5a744b1e9b5bc375a474bfe3c5417e1db176cefcc7ba915338a14f309f8e0a4c7641bc9c9b9bd2e91c4d1beda1772c30d0350c9ba44f7c5911dfe6bb593ac2a2b30f1f6e5ec8a656cb4947c1907cf62f8d7283cbe32eb44b02158b51091ae130afa6063bb28cdea9ae159d4f222571e146f8715bfa31af09868",
+    a: "d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71",
+    bb: "dee64fd54daafc18b338c5783ade3ff4275dfee8c97008e2d9fb445880a2e1d452c822a35e8e3f012bc6facaa28022f8de3fb1d632667d635abde0afc0ca4ed06c9197ea88f379042b10bc7b7f816a1ec14fefe6e9adef4ab904315b3a3f36749f3f6d1083b0eb0029173770f8e9342b098298389ba49a88d4ea6b78a7f576a4",
+    s: "50973f6e8134f95bd04f54f522e6e57d957d0640f91f0a989ff775712b81d5856ae3bdd2aa9c5eda8019e9db18065519c99c33a62c7f12f98e7aed60b153feee9ab73ba1272b4d76aa002da8cd47c6da733c88a0e70d4c3d6752fd366d66efe40870d26fd5d1755883b9489721e1881376628bf6ef89902f35e5e7e31227e2f",
+    k: "dd93e648abfe2ac6c6d46e062ded60b31ec043e55ceca1946ec29508f4c68461",
+    m: "ccf0c492f715484dc8343e22cd5967c2c5d01de743c5f0a9c5cfd017db1804c"
+  };
+
   var session;
 
   beforeEach(function() {
@@ -33,6 +47,9 @@ describe("Session", function() {
   it("calculates the proper M", function() {
     session.calculateAndSetA(compare.a);
     session.calculations(compare.salt, compare.bb);
+    expect(session.getS().toString(16)).toBe(compare.s);
+    // failing from here on...
+    expect(session.key()).toBe(compare.k);
     expect(session.getM()).toBe(compare.m);
   });
 });
diff --git a/src/srp_session.js b/src/srp_session.js
index b1b6014..f895f4a 100644
--- a/src/srp_session.js
+++ b/src/srp_session.js
@@ -121,11 +121,15 @@ srp.Session = function(login, password) {
     hexString += Astr;
     hexString += Bstr;
     hexString += K
-    M = SHA256(hex2a(hexString));
+    M = removeLeading0(SHA256(hex2a(hexString)));
     //M2 = H(A, M, K)
-    M2 = SHA256(hex2a(Astr + M + K));
+    M2 = removeLeading0(SHA256(hex2a(Astr + M + K)));
   };
 
+  this.getS = function() {
+    return S;
+  }
+
   this.getM = function() {
     return M;
   }
@@ -161,8 +165,19 @@ srp.Session = function(login, password) {
     return retstring;
   };
 
+  function removeLeading0(hex) {
+    if (hex[0] == "0") {
+      return hex.substr(1);
+    } else {
+      return hex;
+    }
+  }
+
   function hex2a(hex) {
     var str = '';
+    if(hex.length % 2) {
+      hex = "0" + hex;
+    }
     for (var i = 0; i < hex.length; i += 2)
       str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
     return str;
-- 
cgit v1.2.3