diff --git a/src/client.ts b/src/client.ts index f13774a..0bd2145 100644 --- a/src/client.ts +++ b/src/client.ts @@ -1,13 +1,8 @@ import * as constants from "./constants"; import { SRPParameterSet } from "./constants"; -import { - byteArrayToHexString, - concatByteArrays, - safeByteArrayEquals, -} from "./utils"; +import { concatByteArrays, safeByteArrayEquals } from "./utils"; -import { DeriveMultiplierFn } from "./srp/multiplier"; import { DigestFn, deriveVerifier } from "./srp/verifier"; import { deriveSessionKey, @@ -21,15 +16,12 @@ export class ClientSession { private parameters: SRPParameterSet = constants.SRP_PARAMETERS_RFC5054_2048; private digest?: DigestFn; - private deriveMultiplier?: DeriveMultiplierFn; constructor({ parameters, digest, - deriveMultiplier, }: { parameters?: SRPParameterSet; digest?: DigestFn; - deriveMultiplier?: DeriveMultiplierFn; } = {}) { if (parameters) { this.parameters = parameters; @@ -37,9 +29,6 @@ export class ClientSession { if (digest) { this.digest = digest; } - if (deriveMultiplier) { - this.deriveMultiplier = deriveMultiplier; - } } private clientPrivateEphemeral?: Uint8Array; @@ -82,7 +71,6 @@ export class ClientSession { serverPublicEphemeral: serverPublicEphemeral, parameters: this.parameters, digest: this.digest, - deriveMultiplier: this.deriveMultiplier, }); this.sessionKey = sessionKey; const clientProof = await deriveClientProof({ diff --git a/src/constants.ts b/src/constants.ts index 7bae6d7..695ad5e 100644 --- a/src/constants.ts +++ b/src/constants.ts @@ -1,3 +1,5 @@ +import { DeriveMultiplierFn } from "./srp/multiplier"; + import { hexStringToByteArray } from "./utils"; export type SRPHashAlgorithm = "SHA-1" | "SHA-256" | "SHA-384" | "SHA-512"; @@ -5,6 +7,7 @@ export interface SRPParameterSet { N: Uint8Array; G: Uint8Array; algorithm: SRPHashAlgorithm; + deriveMultiplier?: DeriveMultiplierFn; } export const SRP_PARAMETERS_RFC5054_2048: SRPParameterSet = { diff --git a/src/server.ts b/src/server.ts index f31dd73..faa5989 100644 --- a/src/server.ts +++ b/src/server.ts @@ -8,25 +8,18 @@ import { generateServerEphemeral, } from "./srp/server"; import { deriveClientProof } from "./srp/client"; -import { DeriveMultiplierFn } from "./srp/multiplier"; export class ServerSession { private parameters: SRPParameterSet = constants.SRP_PARAMETERS_RFC5054_2048; - private deriveMultiplier?: DeriveMultiplierFn; constructor({ parameters, - deriveMultiplier, }: { parameters?: SRPParameterSet; - deriveMultiplier?: DeriveMultiplierFn; } = {}) { if (parameters) { this.parameters = parameters; } - if (deriveMultiplier) { - this.deriveMultiplier = deriveMultiplier; - } } private clientVerifier?: Uint8Array; @@ -45,7 +38,6 @@ export class ServerSession { await generateServerEphemeral({ verifier, parameters: this.parameters, - deriveMultiplier: this.deriveMultiplier, }); this.clientVerifier = verifier; this.clientPublicEphemeral = clientPublicEphemeral; diff --git a/src/srp/client.ts b/src/srp/client.ts index fde547a..83cb6ec 100644 --- a/src/srp/client.ts +++ b/src/srp/client.ts @@ -9,8 +9,8 @@ import { } from "../utils"; import { deriveSharedHash } from "./common"; +import { deriveMultiplierSRP6a } from "./multiplier"; import { DigestFn, deriveVerifier, digestPBKDF2 } from "./verifier"; -import { DeriveMultiplierFn, deriveMultiplierSRP6a } from "./multiplier"; export function generateClientEphemeral( parameters: SRPParameterSet = defaultParameters @@ -57,7 +57,6 @@ export async function deriveSessionKey({ salt, clientPrivateEphemeral, serverPublicEphemeral, - deriveMultiplier = deriveMultiplierSRP6a, digest = digestPBKDF2, parameters = defaultParameters, unsafe_skipOutputHashing = false, @@ -68,7 +67,6 @@ export async function deriveSessionKey({ salt: Uint8Array; clientPrivateEphemeral: Uint8Array; serverPublicEphemeral: Uint8Array; - deriveMultiplier?: DeriveMultiplierFn; digest?: DigestFn; parameters?: SRPParameterSet; unsafe_skipOutputHashing?: boolean; @@ -82,7 +80,9 @@ export async function deriveSessionKey({ parameters, }) ); + const { deriveMultiplier = deriveMultiplierSRP6a } = parameters; const k = byteArrayToBigInt(await deriveMultiplier(parameters)); + const N = byteArrayToBigInt(parameters.N); const { x: xBytes, verifier } = await deriveVerifier( { username, password }, diff --git a/src/srp/multiplier.ts b/src/srp/multiplier.ts index b4b1406..9d10b41 100644 --- a/src/srp/multiplier.ts +++ b/src/srp/multiplier.ts @@ -2,7 +2,7 @@ import { SRPParameterSet } from "../constants"; import { concatByteArrays, padData } from "../utils"; export type DeriveMultiplierFn = ( - parameters: SRPParameterSet + parameters: Pick ) => Uint8Array | Promise; export const deriveMultiplierSRP6a: DeriveMultiplierFn = async (parameters) => diff --git a/src/srp/server.ts b/src/srp/server.ts index bddf790..77fcd3b 100644 --- a/src/srp/server.ts +++ b/src/srp/server.ts @@ -9,22 +9,21 @@ import { } from "../utils"; import { deriveSharedHash } from "./common"; -import { DeriveMultiplierFn, deriveMultiplierSRP6a } from "./multiplier"; +import { deriveMultiplierSRP6a } from "./multiplier"; export async function generateServerEphemeral({ verifier, - deriveMultiplier = deriveMultiplierSRP6a, parameters = defaultParameters, unsafe_staticPrivateEphemeral, }: { verifier: Uint8Array; - deriveMultiplier?: DeriveMultiplierFn; parameters?: SRPParameterSet; unsafe_staticPrivateEphemeral?: Uint8Array; }): Promise<{ serverPrivateEphemeral: Uint8Array; serverPublicEphemeral: Uint8Array; }> { + const { deriveMultiplier = deriveMultiplierSRP6a } = parameters; const multiplier = BigInt( "0x" + byteArrayToHexString(await deriveMultiplier(parameters)) );