UNPKG

cognito-srp-helper

Version:
6 lines (5 loc) 9.95 kB
var oe=Object.defineProperty;var G=(t,e)=>{for(var s in e)oe(t,s,{get:e[s],enumerable:!0})};var M={};G(M,{createDeviceVerifier:()=>pe,createPasswordHash:()=>ee,createSecretHash:()=>ge,createSrpSession:()=>de,signSrpSession:()=>he,signSrpSessionWithDevice:()=>ue,wrapAuthChallenge:()=>fe,wrapInitiateAuth:()=>me});import{Buffer as o}from"buffer/index.js";import g from"crypto-js";import{BigInteger as i}from"jsbn";import{Buffer as ae}from"buffer/index.js";import{BigInteger as U}from"jsbn";import{Buffer as k}from"buffer/index.js";import q from"crypto-js";import{BigInteger as P}from"jsbn";var _=t=>{let e=t instanceof k?q.lib.WordArray.create(t):t,s=q.SHA256(e).toString();return new Array(64-s.length).join("0")+s},m=t=>_(k.from(t,"hex")),p=t=>{if(!(t instanceof P))throw new Error("Not a BigInteger");let e=t.compareTo(P.ZERO)<0,s=t.abs().toString(16);if(s=s.length%2!==0?`0${s}`:s,s=/^[89a-f]/i.test(s)?`00${s}`:s,e){let n=s.split("").map(c=>{let l=~parseInt(c,16)&15;return"0123456789ABCDEF".charAt(l)}).join("");s=new P(n,16).add(P.ONE).toString(16),s.toUpperCase().startsWith("FF8")&&(s=s.substring(2))}return s},v=t=>k.from(q.lib.WordArray.random(t).toString(),"hex"),K=t=>{if(t.length%2!==0)throw new Error("Hex encoded strings must have an even number length");let e=new Uint8Array(t.length/2);for(let s=0;s<t.length;s+=2){let r=t.slice(s,s+2).toLowerCase();if(r in W)e[s/2]=W[r];else throw new Error(`Cannot decode unrecognized sequence ${r} as hexadecimal`)}return e};var Y=ae.from("Caldera Derived Key","utf8"),b=new U("2",16),f=new U("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF",16),Z=new U(m(`${p(f)}${p(b)}`),16),W={"00":0,"01":1,"02":2,"03":3,"04":4,"05":5,"06":6,"07":7,"08":8,"09":9,"0a":10,"0b":11,"0c":12,"0d":13,"0e":14,"0f":15,10:16,11:17,12:18,13:19,14:20,15:21,16:22,17:23,18:24,19:25,"1a":26,"1b":27,"1c":28,"1d":29,"1e":30,"1f":31,20:32,21:33,22:34,23:35,24:36,25:37,26:38,27:39,28:40,29:41,"2a":42,"2b":43,"2c":44,"2d":45,"2e":46,"2f":47,30:48,31:49,32:50,33:51,34:52,35:53,36:54,37:55,38:56,39:57,"3a":58,"3b":59,"3c":60,"3d":61,"3e":62,"3f":63,40:64,41:65,42:66,43:67,44:68,45:69,46:70,47:71,48:72,49:73,"4a":74,"4b":75,"4c":76,"4d":77,"4e":78,"4f":79,50:80,51:81,52:82,53:83,54:84,55:85,56:86,57:87,58:88,59:89,"5a":90,"5b":91,"5c":92,"5d":93,"5e":94,"5f":95,60:96,61:97,62:98,63:99,64:100,65:101,66:102,67:103,68:104,69:105,"6a":106,"6b":107,"6c":108,"6d":109,"6e":110,"6f":111,70:112,71:113,72:114,73:115,74:116,75:117,76:118,77:119,78:120,79:121,"7a":122,"7b":123,"7c":124,"7d":125,"7e":126,"7f":127,80:128,81:129,82:130,83:131,84:132,85:133,86:134,87:135,88:136,89:137,"8a":138,"8b":139,"8c":140,"8d":141,"8e":142,"8f":143,90:144,91:145,92:146,93:147,94:148,95:149,96:150,97:151,98:152,99:153,"9a":154,"9b":155,"9c":156,"9d":157,"9e":158,"9f":159,a0:160,a1:161,a2:162,a3:163,a4:164,a5:165,a6:166,a7:167,a8:168,a9:169,aa:170,ab:171,ac:172,ad:173,ae:174,af:175,b0:176,b1:177,b2:178,b3:179,b4:180,b5:181,b6:182,b7:183,b8:184,b9:185,ba:186,bb:187,bc:188,bd:189,be:190,bf:191,c0:192,c1:193,c2:194,c3:195,c4:196,c5:197,c6:198,c7:199,c8:200,c9:201,ca:202,cb:203,cc:204,cd:205,ce:206,cf:207,d0:208,d1:209,d2:210,d3:211,d4:212,d5:213,d6:214,d7:215,d8:216,d9:217,da:218,db:219,dc:220,dd:221,de:222,df:223,e0:224,e1:225,e2:226,e3:227,e4:228,e5:229,e6:230,e7:231,e8:232,e9:233,ea:234,eb:235,ec:236,ed:237,ee:238,ef:239,f0:240,f1:241,f2:242,f3:243,f4:244,f5:245,f6:246,f7:247,f8:248,f9:249,fa:250,fb:251,fc:252,fd:253,fe:254,ff:255};var X={};G(X,{AbortOnZeroASrpError:()=>I,AbortOnZeroBSrpError:()=>w,AbortOnZeroSrpError:()=>R,AbortOnZeroUSrpError:()=>T,MissingChallengeResponsesError:()=>A,MissingDeviceKeyError:()=>y,MissingLargeBError:()=>B,MissingSaltError:()=>C,MissingSecretError:()=>S,MissingUserIdForSrpBError:()=>D,SignSrpSessionError:()=>d});var d=class extends Error{constructor(e="Could not sign SRP session"){super(e)}},A=class extends d{constructor(e="Could not sign SRP session because of missing or undefined ChallengeResponses in response"){super(e)}},C=class extends d{constructor(e="Could not sign SRP session because of missing or undefined SALT in response.ChallengeResponses"){super(e)}},S=class extends d{constructor(e="Could not sign SRP session because of missing or undefined SECRET_BLOCK in response.ChallengeResponses"){super(e)}},B=class extends d{constructor(e="Could not sign SRP session because of missing or undefined SRP_B in response.ChallengeResponses"){super(e)}},D=class extends d{constructor(e="Could not sign SRP session because of missing or undefined USER_ID_FOR_SRP in response.ChallengeResponses"){super(e)}},y=class extends d{constructor(e="Could not sign SRP session because of missing or undefined DEVICE_KEY in response.ChallengeResponses"){super(e)}},R=class extends Error{constructor(e="Aborting SRP due to 0 value"){super(e)}},I=class extends R{constructor(e="Aborting SRP due to 0 value received for client public key (A)"){super(e)}},w=class extends R{constructor(e="Aborting SRP due to 0 value received for server public key (B)"){super(e)}},T=class extends R{constructor(e="Aborting SRP due to 0 value received for public key hash (u)"){super(e)}};var ie=()=>{let t=v(128).toString("hex");return new i(t,16)},ce=t=>{let e=b.modPow(t,f);if(e.equals(i.ZERO))throw new I;return e},j=(t,e)=>{let s=g.lib.WordArray.create(o.concat([Y,o.from("","utf8")])),r=t instanceof o?g.lib.WordArray.create(t):t,n=e instanceof o?g.lib.WordArray.create(e):e,a=g.HmacSHA256(r,n),c=g.HmacSHA256(s,a);return o.from(c.toString(),"hex").slice(0,16)},J=(t,e)=>{let s=m(p(t)+p(e)),r=new i(s,16);if(r.equals(i.ZERO))throw new T;return r},z=(t,e,s,r)=>{let n=b.modPow(t,f);return e.subtract(Z.multiply(n)).modPow(s.add(r.multiply(t)),f)},Q=(t,e)=>new i(m(p(t)+e),16),le=()=>{let t=new Date,e="en-US",s="UTC",r=t.toLocaleString(e,{timeZone:s,weekday:"short"}),n=t.toLocaleString(e,{day:"numeric",timeZone:s}),a=t.toLocaleString(e,{month:"short",timeZone:s}),c=t.getUTCFullYear(),l=t.toLocaleString(e,{hour:"2-digit",hourCycle:"h23",minute:"2-digit",second:"2-digit",timeZone:s});return`${r} ${a} ${n} ${l} UTC ${c}`},ge=(t,e,s)=>g.HmacSHA256(`${t}${e}`,s).toString(g.enc.Base64),ee=(t,e,s)=>{let n=`${s.split("_")[1]}${t}:${e}`;return _(n)},te=(t,e,s)=>{let r=`${s}${t}:${e}`;return _(r)},pe=(t,e)=>{let s=v(40).toString("base64"),r=te(t,s,e),n=v(16).toString("hex"),a=p(new i(n,16)),c=K(a),l=o.from(c).toString("base64"),h=m(a+r),E=b.modPow(new i(h,16),f),F=p(E),x=K(F),u=o.from(x).toString("base64");return{DeviceRandomPassword:s,DeviceSecretVerifierConfig:{PasswordVerifier:u,Salt:l}}},de=(t,e,s,r=!0)=>{let n=s.split("_")[1],a=le(),c=ie(),l=ce(c);return{username:t,poolId:s,poolIdAbbr:n,password:e,isHashed:r,timestamp:a,smallA:c.toString(16),largeA:l.toString(16)}},he=(t,e)=>{if(!e.ChallengeParameters)throw new A;if(!e.ChallengeParameters.SALT)throw new C;if(!e.ChallengeParameters.SECRET_BLOCK)throw new S;if(!e.ChallengeParameters.SRP_B)throw new B;if(!e.ChallengeParameters.USER_ID_FOR_SRP)throw new D;let{SALT:s,SECRET_BLOCK:r,SRP_B:n,USER_ID_FOR_SRP:a}=e.ChallengeParameters,{poolId:c,poolIdAbbr:l,password:h,isHashed:E,timestamp:F,smallA:x,largeA:u}=t;if(n.replace(/^0+/,"")==="")throw new w;let N=E?h:ee(a,h,c),H=J(new i(u,16),new i(n,16)),O=Q(new i(s,16),N),L=z(O,new i(n,16),new i(x,16),H),V=j(o.from(p(L),"hex"),o.from(p(H),"hex")),$=g.lib.WordArray.create(V),re=g.lib.WordArray.create(o.concat([o.from(l,"utf8"),o.from(a,"utf8"),o.from(r,"base64"),o.from(F,"utf8")])),ne=g.enc.Base64.stringify(g.HmacSHA256(re,$));return{...t,salt:s,secret:r,largeB:n,passwordSignature:ne}},ue=(t,e,s,r)=>{if(!e.ChallengeParameters)throw new A;if(!e.ChallengeParameters.SALT)throw new C;if(!e.ChallengeParameters.SECRET_BLOCK)throw new S;if(!e.ChallengeParameters.SRP_B)throw new B;if(!e.ChallengeParameters.DEVICE_KEY)throw new y;let{DEVICE_KEY:n,SALT:a,SECRET_BLOCK:c,SRP_B:l}=e.ChallengeParameters,{timestamp:h,smallA:E,largeA:F}=t;if(l.replace(/^0+/,"")==="")throw new w;let x=te(n,r,s),u=J(new i(F,16),new i(l,16)),N=Q(new i(a,16),x),H=z(N,new i(l,16),new i(E,16),u),O=j(o.from(p(H),"hex"),o.from(p(u),"hex")),L=g.lib.WordArray.create(O),V=g.lib.WordArray.create(o.concat([o.from(s,"utf8"),o.from(n,"utf8"),o.from(c,"base64"),o.from(h,"utf8")])),$=g.enc.Base64.stringify(g.HmacSHA256(V,L));return{...t,salt:a,secret:c,largeB:l,passwordSignature:$}},me=(t,e)=>({...e,AuthParameters:{...e.AuthParameters,SRP_A:t.largeA}}),fe=(t,e)=>({...e,ChallengeResponses:{...e.ChallengeResponses,PASSWORD_CLAIM_SECRET_BLOCK:t.secret,PASSWORD_CLAIM_SIGNATURE:t.passwordSignature,SRP_A:t.largeA,TIMESTAMP:t.timestamp}});var se={};var _e={...M,...X,...se};export{I as AbortOnZeroASrpError,w as AbortOnZeroBSrpError,R as AbortOnZeroSrpError,T as AbortOnZeroUSrpError,A as MissingChallengeResponsesError,y as MissingDeviceKeyError,B as MissingLargeBError,C as MissingSaltError,S as MissingSecretError,D as MissingUserIdForSrpBError,d as SignSrpSessionError,pe as createDeviceVerifier,ee as createPasswordHash,ge as createSecretHash,de as createSrpSession,_e as default,he as signSrpSession,ue as signSrpSessionWithDevice,fe as wrapAuthChallenge,me as wrapInitiateAuth}; /*! * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0 */