Fix SRP Login

- Derive key using SHA25(plain-text-password) via PBKDF2 - Pad g to size N while calculating M - Handle password sent as base64 encoded data and account for absence of username
XcodesOrg · Oct 28, 2024 · 442c91a · 442c91a
1 parent 2ed84ef
commit 442c91a
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 16 deletions.
diff --git a/Xcodes.xcodeproj/project.pbxproj b/Xcodes.xcodeproj/project.pbxproj
@@ -1377,7 +1377,7 @@
 				COMBINE_HIDPI_IMAGES = YES;
 				CURRENT_PROJECT_VERSION = 28;
 				DEVELOPMENT_ASSET_PATHS = "\"Xcodes/Preview Content\"";
-				DEVELOPMENT_TEAM = ZU6GR6B2FY;
+				DEVELOPMENT_TEAM = GNNPCAAT48;
 				ENABLE_HARDENED_RUNTIME = YES;
 				ENABLE_PREVIEWS = YES;
 				INFOPLIST_FILE = Xcodes/Resources/Info.plist;

diff --git a/Xcodes/AppleAPI/Sources/AppleAPI/Client.swift b/Xcodes/AppleAPI/Sources/AppleAPI/Client.swift
@@ -62,7 +62,7 @@ public class Client {
                     }
 
 //                    let m1 = try client.processChallenge(salt: decodedSalt, publicKey: decodedB, isEncryptedPassword: true, encryptedPassword: encryptedPassword.hexEncodedString())
-                    let encryptedPasswordString = String(data: encryptedPassword, encoding: .utf8)
+                    let encryptedPasswordString = encryptedPassword.base64EncodedString()
                     let m1 = try client.processChallenge(salt: decodedSalt, publicKey: decodedB, isEncryptedPassword: true, encryptedPassword: encryptedPasswordString)
 
                     guard let m2 = client.HAMK else {
@@ -385,24 +385,28 @@ public class Client {
 
     private func pbkdf2(password: String, saltData: Data, keyByteCount: Int, prf: CCPseudoRandomAlgorithm, rounds: Int) -> Data? {
         guard let passwordData = password.data(using: .utf8) else { return nil }
-
+        let hashedPassword = SHA256.hash(data: passwordData)
+
         var derivedKeyData = Data(repeating: 0, count: keyByteCount)
         let derivedCount = derivedKeyData.count
         let derivationStatus: Int32 = derivedKeyData.withUnsafeMutableBytes { derivedKeyBytes in
             let keyBuffer: UnsafeMutablePointer<UInt8> =
                 derivedKeyBytes.baseAddress!.assumingMemoryBound(to: UInt8.self)
             return saltData.withUnsafeBytes { saltBytes -> Int32 in
                 let saltBuffer: UnsafePointer<UInt8> = saltBytes.baseAddress!.assumingMemoryBound(to: UInt8.self)
-                return CCKeyDerivationPBKDF(
-                    CCPBKDFAlgorithm(kCCPBKDF2),
-                    password,
-                    passwordData.count,
-                    saltBuffer,
-                    saltData.count,
-                    prf,
-                    UInt32(rounds),
-                    keyBuffer,
-                    derivedCount)
+                return hashedPassword.withUnsafeBytes { passwordBytes -> Int32 in
+                    let passwordBuffer: UnsafePointer<UInt8> = passwordBytes.baseAddress!.assumingMemoryBound(to: UInt8.self)
+                    return CCKeyDerivationPBKDF(
+                        CCPBKDFAlgorithm(kCCPBKDF2),
+                        passwordBuffer,
+                        passwordBytes.count,
+                        saltBuffer,
+                        saltData.count,
+                        prf,
+                        UInt32(rounds),
+                        keyBuffer,
+                        derivedCount)
+                }
             }
         }
         return derivationStatus == kCCSuccess ? derivedKeyData : nil

diff --git a/xcodes-srp/Sources/SRP/srp.swift b/xcodes-srp/Sources/SRP/srp.swift
@@ -93,7 +93,9 @@ enum Implementation<HF: HashFunction> {
 
     //M1 = H(H(N) XOR H(g) | H(I) | s | A | B | K)
     static func calculate_M(group: Group, username: String, salt: Data, A: Data, B: Data, K: Data) -> Data {
-        let HN_xor_Hg = (H(group.N.serialize()) ^ H(group.g.serialize()))!
+        let serializedN = group.N.serialize()
+        let sizeN = serializedN.count
+        let HN_xor_Hg = (H(serializedN) ^ H(pad(group.g.serialize(), to: sizeN)))!
         let HI = H(username.data(using: .utf8)!)
         return H(HN_xor_Hg + HI + salt + A + B + K)
     }
@@ -111,7 +113,12 @@ enum Implementation<HF: HashFunction> {
 
     //x = H(s | H(I | ":" | P))
     static func calculate_x(salt: Data, username: String, password: String) -> BigUInt {
-        return BigUInt(H(salt + H("\(username):\(password)".data(using: .utf8)!)))
+        if username.count > 0 {
+            return BigUInt(H(salt + H("\(username):\(password)".data(using: .utf8)!)))
+        }
+
+        let passwordData = Data(base64Encoded: password.data(using: .utf8)!)!
+        return BigUInt(H(salt + H(Data([0x3A]) + passwordData)))
     }
 }
 
@@ -122,4 +129,4 @@ func calculate_v(group: Group, x: BigUInt) -> BigUInt {
 
 func randomBytes(_ count: Int) -> Data {
     return Data((0..<count).map { _ in UInt8.random(in: 0...255) })
-}
+}