diff --git a/CHANGELOG.md b/CHANGELOG.md index c5ea4e0..51d3bf1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,8 +3,8 @@ Changelog ## 0.4.1 * BREACKING CHANGE: - * Cryptographic function are now compatible with LLNG ≥ 2.0.5 but then - may be incompatible with previous versions. This affects CDA + * Cryptographic function are now compatible with LLNG ≥ 2.0.6 but then + may be incompatible with previous versions. ## 0.4.0 * Reorganize and rename main package to "lemonldap-ng-handler" diff --git a/Gruntfile.coffee b/Gruntfile.coffee index 46c21cb..b10b26e 100644 --- a/Gruntfile.coffee +++ b/Gruntfile.coffee @@ -2,7 +2,7 @@ fs= require('fs') packages = fs.readdirSync('src/packages') np = "#{__dirname}/packages" process.env.NODE_PATH = if process.env.NODE_PATH? then ":#{np}" else np -require("module").Module._initPaths(); +require("module").Module._initPaths() module.exports = (grunt) -> grunt.initConfig @@ -21,6 +21,14 @@ module.exports = (grunt) -> src: ['**/*.coffee'] dest: 'packages/' ext: '.js' + copy: + test: + files: [ + expand: true + cwd: 'src/packages', + src: ['*/test/*.json'] + dest: 'packages/' + ] mochaTest: test: options: @@ -32,6 +40,7 @@ module.exports = (grunt) -> grunt.loadNpmTasks 'grunt-contrib-coffee' grunt.loadNpmTasks 'grunt-mocha-test' grunt.loadNpmTasks 'grunt-contrib-clean' + grunt.loadNpmTasks 'grunt-contrib-copy' # Build package.json files main = grunt.file.readJSON "package.json" @@ -64,5 +73,5 @@ module.exports = (grunt) -> grunt.log.ok "#{packages.length} README.md files written" packages.forEach (pack) -> # TODO: copy test files - grunt.registerTask 'default', ['clean', 'coffee', 'conf'] + grunt.registerTask 'default', ['clean', 'coffee', 'conf', 'copy'] grunt.registerTask 'test', 'mochaTest' diff --git a/package.json b/package.json index 06e8f7b..796cd63 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lemonldap-ng-handler", - "version": "0.4.1", + "version": "0.5.0", "description": "LemonLDAP::NG handler for Node.js", "main": "lib/index", "maintainers": [ @@ -42,10 +42,11 @@ "file-cache-simple": "0.0.7", "grunt": "*", "grunt-contrib-coffee": "*", + "grunt-contrib-copy": "^1.0.0", "grunt-mocha-test": "^0.13.3", "inireader": "*", - "sha.js": "*", - "mocha": "*" + "mocha": "*", + "sha.js": "*" }, "llng-compat": "2.0.5", "scripts": { @@ -56,9 +57,9 @@ "dependencies": { "extend": "*", "inireader": "^1.2.1", - "lemonldap-ng-conf": "0.4.1", - "lemonldap-ng-logger": "0.4.1", - "lemonldap-ng-session": "0.4.1", + "lemonldap-ng-conf": "0.5.0", + "lemonldap-ng-logger": "0.5.0", + "lemonldap-ng-session": "0.5.0", "node-fastcgi": "^1.3.3" }, "optionalDependencies": { diff --git a/src/packages/lemonldap-ng-conf/lib/crypto.coffee b/src/packages/lemonldap-ng-conf/lib/crypto.coffee index 5896731..4bc8368 100644 --- a/src/packages/lemonldap-ng-conf/lib/crypto.coffee +++ b/src/packages/lemonldap-ng-conf/lib/crypto.coffee @@ -6,13 +6,11 @@ rnd = require 'random-bytes' sha = require 'sha.js' +aesjs = require 'aes-js' class Crypto constructor: (key, @mode) -> - @aesjs = require 'aes-js' @rk = new sha('sha256').update(key).digest() - @tob = @aesjs.utils.utf8.toBytes - @frb = @aesjs.utils.utf8.fromBytes newIv: () -> tmp = rnd.sync 16 @@ -25,7 +23,7 @@ class Crypto l = 16 - s.length % 16 s = Buffer.concat [s, Buffer.allocUnsafe(l).fill "\0"] iv = this.newIv() - cipher = new @aesjs.ModeOfOperation.cbc @rk, iv + cipher = new aesjs.ModeOfOperation.cbc @rk, iv buf = Buffer.concat [iv, cipher.encrypt s] res = Buffer(buf).toString 'base64' res @@ -35,7 +33,7 @@ class Crypto s = Buffer.from(s, 'base64') iv = s.slice 0, 16 s = s.slice 16 - cipher = new @aesjs.ModeOfOperation.cbc(@rk, iv) + cipher = new aesjs.ModeOfOperation.cbc @rk, iv res = Buffer.from cipher.decrypt s hmac = res.slice 0,32 res = res.slice 32 @@ -43,12 +41,13 @@ class Crypto if z > 0 res = res.slice 0, z+1 res = res.toString() + newhmac = new sha('sha256').update(res).digest() # Remove \0 at end res = res.substring 0, res.length-1 - if hmac.equals new sha('sha256').update(res).digest() + if hmac.equals(newhmac) or hmac.equals(new sha('sha256').update(res).digest()) return res else - console.log "Bad hmac, ignored for now due to unknown Perl/JS incompatibility" + console.error "Bad hmac" return res module.exports = Crypto diff --git a/src/packages/lemonldap-ng-conf/test/cr.json b/src/packages/lemonldap-ng-conf/test/cr.json index accf9a9..0a387e4 100644 --- a/src/packages/lemonldap-ng-conf/test/cr.json +++ b/src/packages/lemonldap-ng-conf/test/cr.json @@ -1,6 +1,6 @@ { - "longtext xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" : "2SaRKLy8EzIOoWN8xZYCAlfkgnUqACiqxp3jYLkReROHzK3vYp9AoDOVqd6EX1UHODbiaGn7++jH35qlpzWAjqo/cm3pLih9yrLfQweiAbJbqQsgg/3nji/h9Bg61qBe", - "test" : "qAgnmss/ihDZMNQ3Ch5Dusa1418GF1hHsE9G7Hl70/RUle7Pyqy2U+dj9yPgpj+iDXEs2gp4kzpCZYjwJhasRw==", - "utf8 Русский" : "4d6WmDDwrjXpx7Lm1xFxYGf3tnbazZLNyB/2moel+m6RDOr8IoX44fOQ8Rr9WoP7wq5ij2FINa1xN1PKuQII8eDK7TLi04lClQKELXTDDaQ=", - "utf8 iso 8859 àéç" : "ivhAQ+46EGjtWICp+KlRwnIa6JwPSjRdgR94MqMxCokrpRBYTsKjAJ79KBpVOHYxC6R0umEB0X8PNsCsklTpukph1oW595pjc2l+AYwC/v0=" + "utf8 iso 8859 àéç" : "T33lc1/Mmab2ZS29Fe/vkof3I/b00xeg0ChwyllDCI3dQXoff+yclU982UxUFML1KzgUXDHCBkbShcJujOOG88P1LyWDlQd+2jkOEBejA/k=", + "longtext xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" : "kEJtTbuQ/FlxOhNDwzq0n6icNFTaeghod3UH7Mbv313i9GR9OBpHaywiEhFRg0SxDC+Lxav1NwNF2jTHQHq8zPZgscy0jbueW1k1uly0SPg+o7onCeXlxCqncaUqce2r", + "utf8 Русский" : "oWLWC9+/CgyEaAnO4M9f4J1H1z7NZkxwcKKqISHgciT9znETYMS5FMuTJYg8b25h5CeEirQVmuN/FRnHCFR7NajgJ+lgqtTHReRJR09ErNQ=", + "test" : "px9k88IRXWgAU/edNUozgTzoDrUqcRWKeI4vtKFE7m+RfrFQmDqk8vlg4fb+9ibVVeNrIik6nJI7JRTcDXcD+Q==" } diff --git a/src/packages/node-lemonldap-ng-handler/package.json b/src/packages/node-lemonldap-ng-handler/package.json index b4d16ac..00ed7b4 100644 --- a/src/packages/node-lemonldap-ng-handler/package.json +++ b/src/packages/node-lemonldap-ng-handler/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "lemonldap-ng-handler": "$version" + "lemonldap-ng-handler": "latest" } }