From: Christopher Date: Wed, 18 Mar 2020 04:05:54 +0000 (-0500) Subject: auth updates X-Git-Url: http://git.entropealabs.com/?a=commitdiff_plain;h=a1eb395a239310fb97e8f6eaf08e143846693637;p=wampex.git auth updates --- diff --git a/lib/crypto.ex b/lib/crypto.ex index a88dcf0..b41c1b4 100644 --- a/lib/crypto.ex +++ b/lib/crypto.ex @@ -1,9 +1,9 @@ defmodule Wampex.Crypto do @moduledoc false - def hash_challenge(secret, challenge) do - :sha256 - |> :crypto.hmac(secret, challenge) - |> :base64.encode() + def hash_challenge(key, data) do + :hmac + |> :crypto.mac(:sha256, key, data) + |> Base.encode64() end def pbkdf2(secret, salt, iterations, keylen) do diff --git a/lib/router/authentication.ex b/lib/router/authentication.ex index d7eb2ca..1f55ead 100644 --- a/lib/router/authentication.ex +++ b/lib/router/authentication.ex @@ -1,12 +1,14 @@ defmodule Wampex.Router.Authentication do @moduledoc false + require Logger + alias Wampex.Crypto alias Wampex.Serializers.JSON @wampcra "wampcra" - @salt_length 32 - @key_length 64 + @salt_length 8 + @key_length 16 @auth_provider "userdb" @auth_role "user" diff --git a/lib/router/session.ex b/lib/router/session.ex index b4c7c63..e68ed33 100644 --- a/lib/router/session.ex +++ b/lib/router/session.ex @@ -178,6 +178,8 @@ defmodule Wampex.Router.Session do } = data } = sl ) do + Logger.info("Hello #{inspect(dets)}") + {actions, challenge} = case dets do %{"authid" => ai, "authmethods" => am} -> @@ -185,11 +187,13 @@ defmodule Wampex.Router.Session do true -> ch = auth.challenge(ai, id) + chal = %Challenge{ + auth_method: auth.method(), + options: ch + } + send_to_peer( - Peer.challenge(%Challenge{ - auth_method: auth.method, - options: ch - }), + Peer.challenge(chal), tt, t ) @@ -240,7 +244,7 @@ defmodule Wampex.Router.Session do authprovider = get_in(ch, ["authprovider"]) actions = - case auth.authenticate(sig, get_in(ch, ["authid"]), challenge) do + case auth.authenticate(sig, authid, challenge) do true -> send_to_peer( Peer.welcome(%Welcome{