42 |
40 |
43 'tls-unique' according to RFC 5929 |
41 'tls-unique' according to RFC 5929 |
44 ]] |
42 ]] |
45 |
43 |
46 local default_i = 4096 |
44 local default_i = 4096 |
47 |
|
48 local xor_map = { |
|
49 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,1,0,3,2,5,4,7,6,9,8,11,10, |
|
50 13,12,15,14,2,3,0,1,6,7,4,5,10,11,8,9,14,15,12,13,3,2,1,0,7,6,5, |
|
51 4,11,10,9,8,15,14,13,12,4,5,6,7,0,1,2,3,12,13,14,15,8,9,10,11,5, |
|
52 4,7,6,1,0,3,2,13,12,15,14,9,8,11,10,6,7,4,5,2,3,0,1,14,15,12,13, |
|
53 10,11,8,9,7,6,5,4,3,2,1,0,15,14,13,12,11,10,9,8,8,9,10,11,12,13, |
|
54 14,15,0,1,2,3,4,5,6,7,9,8,11,10,13,12,15,14,1,0,3,2,5,4,7,6,10, |
|
55 11,8,9,14,15,12,13,2,3,0,1,6,7,4,5,11,10,9,8,15,14,13,12,3,2,1, |
|
56 0,7,6,5,4,12,13,14,15,8,9,10,11,4,5,6,7,0,1,2,3,13,12,15,14,9,8, |
|
57 11,10,5,4,7,6,1,0,3,2,14,15,12,13,10,11,8,9,6,7,4,5,2,3,0,1,15, |
|
58 14,13,12,11,10,9,8,7,6,5,4,3,2,1,0, |
|
59 }; |
|
60 |
|
61 local result = {}; |
|
62 local function binaryXOR( a, b ) |
|
63 for i=1, #a do |
|
64 local x, y = byte(a, i), byte(b, i); |
|
65 local lowx, lowy = x % 16, y % 16; |
|
66 local hix, hiy = (x - lowx) / 16, (y - lowy) / 16; |
|
67 local lowr, hir = xor_map[lowx * 16 + lowy + 1], xor_map[hix * 16 + hiy + 1]; |
|
68 local r = hir * 16 + lowr; |
|
69 result[i] = char(r) |
|
70 end |
|
71 return t_concat(result); |
|
72 end |
|
73 |
45 |
74 local function validate_username(username, _nodeprep) |
46 local function validate_username(username, _nodeprep) |
75 -- check for forbidden char sequences |
47 -- check for forbidden char sequences |
76 for eq in username:gmatch("=(.?.?)") do |
48 for eq in username:gmatch("=(.?.?)") do |
77 if eq ~= "2C" and eq ~= "3D" then |
49 if eq ~= "2C" and eq ~= "3D" then |