pyfirebirdsql Version 0.9.0 is released with experimental Firebird 3.0 SRP auth support This is an example that works for me https://gist.github.com/mariuz/9187640
On Fri, Feb 14, 2014 at 10:16 AM, Hajime Nakagami <[email protected]> wrote: > Thanks Alex. That's right. > > > 2014-02-13 18:31 GMT+09:00 Alex Peshkoff <[email protected]>: > >> On 02/13/14 04:52, Hajime Nakagami wrote: >> > Thanks Marius and others. >> > >> > I'm trying to implement SRP protocol by pure python. >> > But something wrong in my python codes, I know. >> > >> > I have found RemotePassword::getUserHash() return different value with >> > getUserHash() in srp.py. >> > >> > https://github.com/nakagami/pyfirebirdsql/blob/master/firebirdsql/srp.py#L143 >> > >> > For example ... >> > >> > [Modified source:firebird/src/auth/SecureRemotePassword/srp.cpp] >> > BigInteger RemotePassword::getUserHash(const char* account, const char* >> > salt, const char* password) >> > { >> > hash.reset(); >> > hash.process(account); >> > hash.process(":"); >> > hash.process(password); >> > UCharBuffer hash1; >> > hash.getHash(hash1); >> > dumpIt("getUserHash() account", account); >> > dumpIt("getUserHash() salt", salt); >> > dumpIt("getUserHash() password", password); >> > dumpIt("getUserHash() hash1", hash1); >> > >> > hash.reset(); >> > hash.process(salt); >> > hash.process(hash1); >> > UCharBuffer hash2; >> > hash.getHash(hash2); >> > dumpIt("getUserHash() hash2", hash2); >> > BigInteger rc; >> > hash.getInt(rc); >> > dumpIt("getUserHash() rc", rc); >> > >> > return rc; >> > } >> > >> > [Result] >> > getUserHash() account: 'SYSDBA' >> > getUserHash() salt: >> > '2E268803000000079A478A700000002D1A6979000000026E1601C000000054F' >> > getUserHash() password: 'masterkey' >> > getUserHash() hash1 >> > e3 95 79 9c 56 52 aa a4 53 62 73 a2 0a a7 40 e2 46 83 5c c4 >> > getUserHash() hash2 >> > 98 0c 1c 90 a1 be 65 5f 31 09 3f 56 a9 ef 5c e7 c0 4b 26 2f >> > getUserHash() rc: '4DD084A42814499F781537C24753291235DE797C' >> > >> > >> > I think rc seems to be >> > >> > 980c1c90a1be655f31093f56a9ef5ce7c04b262f(868036694467267200852895567621828944633719891503L) >> > But it is '4DD084A42814499F781537C24753291235DE797C' (equal to >> > 0x4DD084A42814499F781537C24753291235DE797C ?) >> > >> > I don't realize how to convert from hash2 to rc. >> > Please let me know the algorithm >> > >> >> You should not call Sha1::getSomething() more than once - it's >> destructive operation. >> >> Look here. Mentioned fragment of code is: >> BigInteger rc; >> hash.getInt(rc); >> dumpIt("getUserHash::rc", rc); >> hash.getInt(rc); >> dumpIt("getUserHash::rc", rc); >> >> Output: >> getUserHash::rc: '980C1C90A1BE655F31093F56A9EF5CE7C04B262F' >> getUserHash::rc: '4DD084A42814499F781537C24753291235DE797C' >> >> It's not hard to make it be callable many times but I see no actual need. >> >> A. >> >> >> >> ------------------------------------------------------------------------------ >> Android apps run on BlackBerry 10 >> Introducing the new BlackBerry 10.2.1 Runtime for Android apps. >> Now with support for Jelly Bean, Bluetooth, Mapview and more. >> Get your Android app in front of a whole new audience. Start now. >> >> http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk >> Firebird-Devel mailing list, web interface at >> https://lists.sourceforge.net/lists/listinfo/firebird-devel > > > > ------------------------------------------------------------------------------ > Android apps run on BlackBerry 10 > Introducing the new BlackBerry 10.2.1 Runtime for Android apps. > Now with support for Jelly Bean, Bluetooth, Mapview and more. > Get your Android app in front of a whole new audience. Start now. > http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk > Firebird-Devel mailing list, web interface at > https://lists.sourceforge.net/lists/listinfo/firebird-devel > ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
