diff options
| author | Azul <azul@leap.se> | 2012-07-26 10:51:42 +0200 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2012-07-26 10:51:42 +0200 |
| commit | 7de7a78668a83eaab58597ce655ba613d4b477fb (patch) | |
| tree | 0de1e7bb7af165eb8d165dc4ba296acb7850fdc0 | |
| parent | 1481331f3827711c16a3bcfb0ae0c6e4afd788d9 (diff) | |
turned server class into authentication module - test green, example broken
The example seems to be broken due to changes in srp-js
| -rw-r--r-- | example/http-srp.rb | 12 | ||||
| -rw-r--r-- | example/models/user.rb | 11 | ||||
| -rw-r--r-- | example/views/signup.erb | 2 | ||||
| -rw-r--r-- | lib/srp.rb | 2 | ||||
| -rw-r--r-- | lib/srp/authentication.rb (renamed from lib/srp/server.rb) | 12 | ||||
| -rw-r--r-- | test/auth_test.rb | 14 |
6 files changed, 31 insertions, 22 deletions
diff --git a/example/http-srp.rb b/example/http-srp.rb index 2e50cc8..ed07896 100644 --- a/example/http-srp.rb +++ b/example/http-srp.rb @@ -2,9 +2,9 @@ require 'sinatra' require 'pp' require 'json' +require '../lib/srp' require 'models/user' require 'models/log' -require '../lib/srp' get '/' do @user = User.current @@ -24,7 +24,7 @@ post '/register/salt/' do { :salt => @user.salt.to_s(16) }.to_json end -post '/register/user/' do +post '/register/user' do User.current.verifier = params.delete('v').hex content_type :json { :ok => true }.to_json @@ -35,19 +35,19 @@ get '/login' do erb :login end -post '/handshake/' do +post '/handshake' do @user = User.current Log.log(:handshake, params) - @handshake = @user.initialize_auth(params) + @handshake = @user.handshake(params) Log.log(:init_auth, @handshake) content_type :json @handshake.to_json end -post '/authenticate/' do +post '/authenticate' do @user = User.current Log.log(:authenticate, params) - @auth = @user.authenticate(params) + @auth = @user.validate(params) Log.log(:confirm_authentication, @auth) content_type :json @auth.to_json diff --git a/example/models/user.rb b/example/models/user.rb index 91bbffc..81104f4 100644 --- a/example/models/user.rb +++ b/example/models/user.rb @@ -1,5 +1,7 @@ class User + include SRP::Authentication + def self.current @current end @@ -22,14 +24,13 @@ class User User.current = self end - def initialize_auth(params) - self.srp = SRP::Server.new(self.salt, self.verifier) - bb, u = self.srp.initialize_auth(params.delete('A').hex) + def handshake(params) + bb, u = initialize_auth(params.delete('A').hex) return {:s => self.salt.to_s(16), :B => bb.to_s(16)} end - def authenticate(params) - if m2 = self.srp.authenticate(params.delete('M').hex) + def validate(params) + if m2 = authenticate(params.delete('M').hex) self.active = true return {:M => m2.to_s(16)} else diff --git a/example/views/signup.erb b/example/views/signup.erb index 6e1bbf3..2b26820 100644 --- a/example/views/signup.erb +++ b/example/views/signup.erb @@ -1,6 +1,6 @@ <h2>1. Signup</h2> -<form class="form-horizontal" action="/signup" method="POST"> +<form class="form-horizontal" action="/register/user" method="POST"> <legend>Signup to test secure remote passwords</legend> <div class="control-group"> <label class="control-label" for="login">Login</label> @@ -9,5 +9,5 @@ $:.unshift File.dirname(__FILE__) module SRP autoload :Client, 'srp/client' - autoload :Server, 'srp/server' + autoload :Authentication, 'srp/authentication' end diff --git a/lib/srp/server.rb b/lib/srp/authentication.rb index 30f5088..1f36dd7 100644 --- a/lib/srp/server.rb +++ b/lib/srp/authentication.rb @@ -1,27 +1,23 @@ require File.expand_path(File.dirname(__FILE__) + '/util') module SRP - class Server + module Authentication include Util - def initialize(salt, verifier) - @salt = salt - @verifier = verifier - end def initialize_auth(aa) @aa = aa @b = bigrand(32).hex # B = g^b + k v (mod N) - @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * @verifier) % PRIME_N + @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N u = calculate_u(@aa, @bb, PRIME_N) return @bb, u end def authenticate(m) u = calculate_u(@aa, @bb, PRIME_N) - base = (modpow(@verifier, u, PRIME_N) * @aa) % PRIME_N + base = (modpow(verifier, u, PRIME_N) * @aa) % PRIME_N server_s = modpow(base, @b, PRIME_N) if(m == calculate_m(@aa, @bb, server_s)) return calculate_m(@aa, m, server_s) @@ -40,8 +36,8 @@ module SRP + '0' * (nlen - bbhex.length) + bbhex sha256_str(hashin).hex end - end + end diff --git a/test/auth_test.rb b/test/auth_test.rb index f93445f..b8c3c05 100644 --- a/test/auth_test.rb +++ b/test/auth_test.rb @@ -1,12 +1,24 @@ require File.expand_path(File.dirname(__FILE__) + '/test_helper') +class User + + include SRP::Authentication + + attr_accessor :salt, :verifier + + def initialize(salt, verifier) + @salt = salt + @verifier = verifier + end +end + class AuthTest < Test::Unit::TestCase def setup @username = 'user' @password = 'opensesami' @client = SRP::Client.new(@username, @password) - @server = SRP::Server.new(@client.salt, @client.verifier) + @server = User.new(@client.salt, @client.verifier) end def test_successful_auth |