diff options
| author | Azul <azul@riseup.net> | 2012-10-05 12:44:22 +0200 |
|---|---|---|
| committer | Azul <azul@riseup.net> | 2012-10-05 12:44:22 +0200 |
| commit | ce246cb722f7f61b3a1ba7223857627f1bed4f4c (patch) | |
| tree | 63e226e1df93e95a8e9be2494c8d58ab5d04839c | |
| parent | 0c70bc88f14f9cc92a98a902a99b88a9b1f672e6 (diff) | |
made m and m2 calculation srp 6A compatible
Also added session_test that tests agains values calculated with py_srp
| -rw-r--r-- | lib/srp/session.rb | 16 | ||||
| -rw-r--r-- | test/session_test.rb | 28 |
2 files changed, 37 insertions, 7 deletions
diff --git a/lib/srp/session.rb b/lib/srp/session.rb index a1153e0..db8d428 100644 --- a/lib/srp/session.rb +++ b/lib/srp/session.rb @@ -27,15 +27,16 @@ module SRP def authenticate(m) if(m == calculate_m(server_secret)) - return calculate_m2(m, server_secret) + return calculate_m2 end end protected - def initialize_server(aa) + # only seed b for testing purposes. + def initialize_server(aa, b = nil) @aa = aa - @b = bigrand(32).hex + @b = b || bigrand(32).hex # B = g^b + k v (mod N) @bb = (modpow(GENERATOR, @b) + multiplier * @user.verifier) % BIG_PRIME_N @u = calculate_u @@ -66,13 +67,14 @@ module SRP # this is outdated - SRP 6a uses # M = H(H(N) xor H(g), H(I), s, A, B, K) def calculate_m(secret) - n_xor_g_hash = sha256_str(hn_xor_hg).hex + @k = sha256_int(secret).hex + n_xor_g_long = hn_xor_hg.bytes.map{|b| "%02x" % b.ord}.join.hex username_hash = sha256_str(@user.username).hex - sha256_int(n_xor_g_hash, username_hash, @user.salt, @aa, @bb, secret).hex + @m = sha256_int(n_xor_g_long, username_hash, @user.salt, @aa, @bb, @k).hex end - def calculate_m2(m, secret) - sha256_int(@aa, m, secret).hex + def calculate_m2 + sha256_int(@aa, @m, @k).hex end def calculate_u diff --git a/test/session_test.rb b/test/session_test.rb new file mode 100644 index 0000000..f41b34b --- /dev/null +++ b/test/session_test.rb @@ -0,0 +1,28 @@ +require File.expand_path(File.dirname(__FILE__) + '/test_helper') + +class SessionTest < Test::Unit::TestCase + + attr_accessor :salt, :verifier, :username + + def setup + @username = "testuser" + @password = "password" + @salt = '4c78c3f8'.hex + @client = SRP::Client.new(@username, @password, @salt) + @verifier = @client.verifier + end + + def test_equivalance_to_py_srp + aa = '9ff9d176b37d9100ad4d788b94ef887df6c88786f5fa2419c9a964001e1c1fa5cd22ea39dcf27682dac6cd8861d9de88184653451fd47f5654845ed24e828d531f95c44377c9bc3f5dd83a669716257c7b975a3a032d4d8adb605553cf4d45c483d7aceb7e6a23c5bd4b0aeeb2ef138b7fc75b27d9d706851c3ab9c721710272'.hex + b = 'ce414b3b52d13a1f67416b7e00cdefb07c874291aed395efeab9435ec1ad6ac3'.hex + bb = 'b2e852fe7af02d7931186f4958844b829d2976dd58c7bc7928ba3102ff269a9029c707112ab0b7cafdaf86a760f7b50ddd9c847e0c97f564d53cfd52daf61982f06582d49bbb3ea4ad6be55d513028eaf400a6d5a9d26b47689d3438a552716d65680d1b6ee77df3c9b3b6ba61023985562f2be4a6f1723282a2013160594565'.hex + m = 'a0c066844117ffe7a7999f84356f3a7c8dce38e4e936eca2b6979ab0fce6ff6d'.hex + m2 = '1f4a5ba9c5280b5b752465670f351bb1e61ff9ca06e02ad43c4418affeb3a1ef'.hex + session = SRP::Session.new(self, aa) + session.send(:initialize_server, aa, b) # seeding b to compare to py_srp + assert_equal bb.to_s(16), session.bb.to_s(16) + assert_equal m2, session.authenticate(m) + end + + +end |