def test_ephemeral_length(self):
"""
Verify that all implementations require 32 bytes for ephemeral values
"""
random31 = _pysrp.long_to_bytes(_pysrp.get_random_of_length(31))
random33 = _pysrp.long_to_bytes(_pysrp.get_random_of_length(33))
def verf_len(mod, val):
with self.assertRaises(ValueError) as ctx:
mod.User('uname', 'pwd', bytes_a=val)
self.assertIn('bytes_a', str(ctx.exception) )
with self.assertRaises(ValueError) as ctx:
mod.Verifier('uname', random31, random31, random31, bytes_b=val)
self.assertIn('bytes_b', str(ctx.exception) )
for mod in [_ctsrp, _pysrp]:
for val in [random31, random33]:
verf_len(mod, val)
def test_ephemeral_length(self):
"""
Verify that all implementations require 32 bytes for ephemeral values
"""
random31 = _pysrp.long_to_bytes(_pysrp.get_random_of_length(31))
random33 = _pysrp.long_to_bytes(_pysrp.get_random_of_length(33))
def verf_len(mod, val):
with self.assertRaises(ValueError) as ctx:
mod.User('uname', 'pwd', bytes_a=val)
self.assertIn('bytes_a', str(ctx.exception))
with self.assertRaises(ValueError) as ctx:
mod.Verifier('uname',
random31,
random31,
random31,
bytes_b=val)
self.assertIn('bytes_b', str(ctx.exception))
for mod in [_ctsrp, _pysrp]:
for val in [random31, random33]:
verf_len(mod, val)
def __init__(self, username, password):
self.username = username
self.salt = srp.long_to_bytes(srp.get_random(16))
key = pbkdf2.PBKDF2(password, self.salt).read(64)
self.authentication_key, self.initialization_key = (key[:32], key[32:])
self.cipher = AESCipher(self.initialization_key)
self.ecc_key = pyelliptic.ECC()
self.keychain = {
self.username: self.ecc_key.get_pubkey(),
}
self.ecc_group_key = {}
self.group_keys = {}
def saltless_srp_create(username, password, hash_alg=srp.SHA1,
ng_type=srp.NG_2048, n_hex=None, g_hex=None):
assert isinstance(username, str) # already UTF8-encoded
# unfortunately the python SRP module doesn't make it easy to pass our
# own salt into create_salted_verification_key(), so we have to get
# messy. Other SRP libraries (e.g. SJCL) make this easier.
from srp._pysrp import _hash_map, get_ng, long_to_bytes, gen_x
from srp import NG_CUSTOM
if ng_type == NG_CUSTOM and (n_hex is None or g_hex is None):
raise ValueError("Both n_hex and g_hex are required when ng_type = NG_CUSTOM")
hash_class = _hash_map[ hash_alg ]
N,g = get_ng( ng_type, n_hex, g_hex )
#_s = long_to_bytes( get_random( 4 ) )
_s = None
_v = long_to_bytes( pow(g, gen_x(hash_class, _s, username, password), N))
return _v
def __init__(self, username, password):
self.username = username
self.salt = srp.long_to_bytes(srp.get_random(16))
key = pbkdf2.PBKDF2(password, self.salt).read(64)
self.authentication_key, self.initialization_key = (key[:32], key[32:])
self.cipher = AESCipher(self.initialization_key)
self.ecc_key = pyelliptic.ECC()
self.keychain = {
self.username: self.ecc_key.get_pubkey(),
}
self.ecc_group_key = {}
self.group_keys = {}
def create_verification_key(user, salt):
hash_class = user.hash_class
return srp.long_to_bytes(
pow(user.g, srp.gen_x(hash_class, salt, user.I, user.p), user.N))
def create_verification_key(user, salt):
hash_class = user.hash_class
return srp.long_to_bytes(pow(user.g, srp.gen_x(hash_class, salt, user.I, user.p), user.N))