Commit 0788cd5b authored by marcus-tun's avatar marcus-tun
Browse files

replacing js.js with daniels code

parent d63b1b5f
/* notes:
- full blown jQuery solution to keep my sanity; GET/POST assertion poc
- use local server for testing, same origin policy forbids requests otherwise
- ./runserver.py (and check source)
- TODO: chain post(encrypt(get()))
*/
var from = "https://saml-delegation.data.kit.edu/sd/ecp.py";
var to = "https://saml-delegation.data.kit.edu/sd/upload.py";
//var to = "https://saml-delegation.data.kit.edu/sd/test_assertion.py";
/*
var from = "https://saml-delegation.data.kit.edu/sd/ecp.py";
var to = "https://saml-delegation.data.kit.edu/sd/upload.py";
*/
var bs = 16; // aes block size is 16 bytes
$.get( from, function( assertion, stat ) {
if (stat == 'success') {
$( "#assertion" ).text( assertion );
console.log ('got assertion');
// note: no need for a key derivation function, we're _generating_ a key from scratch _every time_
var key = CryptoJS.lib.WordArray.random(bs);
var iv = CryptoJS.lib.WordArray.random(bs);
var opts = {iv: iv, keySize: bs, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7};
var enc = CryptoJS.AES.encrypt(assertion, key, opts);
//console.log('ciphertext: ' + enc.ciphertext.toString(CryptoJS.enc.Base64));
console.log('key: ' + enc.key.toString(CryptoJS.enc.Base64));
console.log('iv: ' + enc.iv.toString(CryptoJS.enc.Base64));
buf_iv = enc.iv.toString(CryptoJS.enc.Base64);
buf_key = enc.key.toString(CryptoJS.enc.Base64);
var buf = enc.iv + enc.ciphertext;
var buf2 = buf.toString(CryptoJS.enc.Base64);
var enc_assertion = buf.toString(CryptoJS.enc.Base64);
$( "#stat_enc" ).text("success");
//console.log ('len enc_assertion: ' + enc_assertion.length);
//console.log ('len iv: ' + enc.iv.toString.length);
//console.log ('len iv: ' + buf_iv.length);
//console.log ('len key: ' + enc.key.toString.length);
//console.log ('len key: ' + buf_key.length);
//console.log ('len buf: ' + buf.length);
//console.log ('len buf2: ' + buf2.length);
//console.log ('len ciphertext: ' + enc.ciphertext.toString.length);
//var enc_assertion = (enc.iv + enc.ciphertext).toString(CryptoJS.enc.Base64);
console.log('encryption done');
// Construct what is sent in the post
out = "encrypted_assertion="+enc.ciphertext.toString(CryptoJS.enc.Hex)
+"&iv="+ enc.iv.toString(CryptoJS.enc.Hex)
+"&key="+enc.key.toString(CryptoJS.enc.Hex)
+"&client=javascript"
"&version=0.1";
//out = "encrypted_assertion="+enc_assertion
//+"&key="+key
//+"&client=javascript"
//"&version=0.1";
console.log ('out: ' + out);
console.log ('enc_ass: ' + enc_assertion);
$.post(to, out, function(data, stat){
console.log('sending');
// replace content in the template
buf = data.split("url=");
url = buf[1];
$("#url").text(url+"&k="+key);
$("#stat_post").text(stat)
})
console.log ('sent encrypted assertion out');
$( "#stat_get" ).text("success");
}
else {
$( "#stat_get" ).text( stat );
}
});
/*
*$(document).ready(function() {
* $.get(from, function(data, stat)){
* var plaintext = data;
* }
* document.write (plaintext);
*}
*/
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment