first steps towards adding a server side srp flow to the example
authorAzul <azul@leap.se>
Tue, 26 Jun 2012 21:02:51 +0000 (23:02 +0200)
committerAzul <azul@leap.se>
Tue, 26 Jun 2012 21:02:51 +0000 (23:02 +0200)
example/http-srp.rb
example/models/user.rb
example/views/layout.erb
example/views/login.erb
example/views/signup.erb
lib/srp/client.rb
test/auth_test.rb

index 4faa149..d0b32dd 100644 (file)
@@ -3,6 +3,7 @@ require 'pp'
 
 require 'models/user'
 require 'models/log'
+require '../lib/srp'
 
 get '/' do
   @user = User.current
@@ -22,6 +23,10 @@ post '/signup' do
 end
 
 get '/login' do
+  @user = User.current
+  Log.log(:init_server_login, params)
+  @auth = @user.initialize_auth(params)
+  Log.log(:init_client_login, @auth)
   erb :login
 end
 
index f3f86ba..daea621 100644 (file)
@@ -6,15 +6,24 @@ class User
   end
 
   attr_accessor :login
-  attr_accessor :password
+  attr_accessor :salt
+  attr_accessor :verifier
   attr_accessor :active
+  attr_accessor :srp
 
   def signup!(params)
     self.login = params.delete('login')
-    self.password = params.delete('password')
+    self.salt = params.delete('salt').to_i
+    self.verifier = params.delete('verifier').to_i
     self.active = false
   end
 
+  def initialize_auth(params)
+    srp = SRP::Server.new(self.salt, self.verifier)
+    bb, u = srp.initialize_auth(params.delete('aa').to_i)
+    return {:bb => bb, :u => u}
+  end
+
   def login!(params)
     self.active = valid_login?(params[:login], params[:password])
   end
index c68ac23..d7e9985 100644 (file)
@@ -21,6 +21,7 @@
 
     <%= yield %>
 
+    <script type="text/javascript" src="jquery.min.js"> </script>
     <script type="text/javascript" src="srp.js"> </script>
 
   </body>
index 32a16e5..131b0b9 100644 (file)
@@ -3,12 +3,20 @@
   <legend>Login with the user you <a href="/signup.html">created</a>.</legend>
   <div class="control-group">
     <label class="control-label" for="login">Login</label>
-    <input type="text" class"input-xlarge" name="login"></input>
+    <input type="text" class="input-xlarge" name="login"></input>
   </div>
 
   <div class="control-group">
     <label class="control-label" for="password">Password</label>
-    <input type="password" class"input-xlarge" name="password"></input>
+    <input type="password" class="input-xlarge" name="password"></input>
+  </div>
+  <div class="control-group">
+    <label class="control-label" for="srp-bb">B</label>
+    <input type="text" class="input-xlarge" disabled id="srp-bb" name="srp-bb" value="<%=@auth[:bb]%>"></input>
+  </div>
+  <div class="control-group">
+    <label class="control-label" for="srp-u">u</label>
+    <input type="text" class="input-xlarge" disabled id="srp-u" name="srp-u" value="<%=@auth[:u]%>"></input>
   </div>
 
   <div class="form-actions">
index 3a949ab..baeb007 100644 (file)
@@ -10,6 +10,8 @@
   <div class="control-group">
     <label class="control-label" for="password">Password</label>
     <input type="password" class"input-xlarge" name="password"></input>
+    <input type="hidden" class"input-xlarge" name="seed" value="624848790506324805995013"></input>
+    <input type="hidden" class"input-xlarge" name="verifier" value="100580140046706175735129154266794946404091486659235926309138114843862401271008476617107722147233360718775042845375531421388163398889326297385327521531575749857884877960888755227994771967905136828058233126017527751738166121598194480710839381273324624500340831193855479639683906360867824492692241079248646622455"></input>
   </div>
 
   <div class="form-actions">
index f4662e6..7aa147c 100644 (file)
@@ -21,6 +21,9 @@ module SRP
       aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N)
       bb, u = server.initialize_auth(aa)
       client_s = calculate_client_s(x, a, bb, u)
+      puts "bb: " + bb.to_s
+      puts "aa: " + aa.to_s
+      puts "client_s: " + client_s.to_s
       server.authenticate(aa, client_s)
     end
 
index e6c4017..0f76404 100644 (file)
@@ -10,15 +10,19 @@ class AuthTest < Test::Unit::TestCase
   end
 
   def test_successful_auth
+    print "salt: "
+    puts @client.salt
+    print "verifier: "
+    puts @client.verifier
     assert @client.authenticate(@server, @username, @password)
   end
 
   def test_wrong_password
-    assert !@client.authenticate(@server, @username, "password")
+    assert !@client.authenticate(@server, @username, "wrong password")
   end
 
   def test_wrong_username
-    assert !@client.authenticate(@server, "username", @password)
+    assert !@client.authenticate(@server, "wrong username", @password)
   end
 end