changed SRP:Client so it can be used to wrap a user record on the server
authorAzul <azul@riseup.net>
Wed, 6 Feb 2013 15:05:59 +0000 (16:05 +0100)
committerAzul <azul@riseup.net>
Wed, 6 Feb 2013 15:05:59 +0000 (16:05 +0100)
lib/srp/client.rb
lib/srp/user.rb [new file with mode: 0644]
test/auth_test.rb
test/client_test.rb
test/session_test.rb

index 3882f1d..ebe158f 100644 (file)
@@ -5,11 +5,16 @@ module SRP
 
     attr_reader :salt, :verifier, :username
 
-    def initialize(username, password, salt = nil)
+    def initialize(username, options)
       @username = username
-      @password = password
-      @salt = salt || bigrand(4).hex
-      calculate_verifier
+      if options[:password]
+        @password = options[:password]
+        @salt = options[:salt] || bigrand(4).hex
+        calculate_verifier
+      else
+        @verifier = options[:verifier]
+        @salt = options[:salt]
+      end
     end
 
     def authenticate(server)
diff --git a/lib/srp/user.rb b/lib/srp/user.rb
new file mode 100644 (file)
index 0000000..1330de7
--- /dev/null
@@ -0,0 +1,19 @@
+#
+# SRP User on the server.
+#
+# This will be used in the session instead of the real user record so the
+# session does not get cluttered with the whole user record.
+#
+module SRP
+  class User
+
+    attr_reader :username, :salt, :verifier
+
+    def initialize(user)
+      @username = user.username
+      @salt = user.salt
+      @verifier = user.verifier
+    end
+
+  end
+end
index 24bc42f..a3d4dc0 100644 (file)
@@ -29,7 +29,8 @@ class AuthTest < Test::Unit::TestCase
   def setup
     @username = 'user'
     @password = 'opensesami'
-    @client = SRP::Client.new(@username, @password)
+    @client = SRP::Client.new @username,
+      :password => @password
     @server = Server.new(@client.salt, @client.verifier, @username)
   end
 
@@ -38,12 +39,16 @@ class AuthTest < Test::Unit::TestCase
   end
 
   def test_a_wrong_password
-    client = SRP::Client.new(@username, "wrong password", @client.salt)
+    client = SRP::Client.new @username,
+      :password => "wrong password",
+      :salt => @client.salt
     assert !client.authenticate(@server)
   end
 
   def test_wrong_username
-    client = SRP::Client.new("wrong username", @password, @client.salt)
+    client = SRP::Client.new "wrong username",
+      :password => @password,
+      :salt => @client.salt
     assert !client.authenticate(@server)
   end
 end
index 3a191a8..7c453de 100644 (file)
@@ -8,7 +8,9 @@ class ClientTest < Test::Unit::TestCase
   end
 
   def test_calculation_of_private_key
-    @client = SRP::Client.new(@login, @password, "7686acb8".hex)
+    @client = SRP::Client.new @login,
+      :password => @password,
+      :salt => "7686acb8".hex
     assert_equal "84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398",
       "%x" % @client.send(:private_key)
   end
@@ -17,7 +19,9 @@ class ClientTest < Test::Unit::TestCase
   # s,V = pysrp.create_salted_verification_key("testuser", "password", pysrp.SHA256, pysrp.NG_1024)
 
   def test_verifier
-    @client = SRP::Client.new(@login, @password, '4c78c3f8'.hex)
+    @client = SRP::Client.new @login,
+      :password => @password,
+      :salt => '4c78c3f8'.hex
     v = '474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c'
     assert_equal v, "%x" % @client.verifier
   end
index 8327a63..a6e72a0 100644 (file)
@@ -9,7 +9,9 @@ class SessionTest < Test::Unit::TestCase
     @username = "testuser"
     @password = "password"
     @salt = '4c78c3f8'.hex
-    @client = SRP::Client.new(@username, @password, @salt)
+    @client = SRP::Client.new @username,
+      :password => @password,
+      :salt => @salt
     @verifier = @client.verifier
   end
 
@@ -35,7 +37,9 @@ class SessionTest < Test::Unit::TestCase
     b = "78e12fc099be1409e0fce3bf84484d89d58710bcc3d8a0e05227fb291be3fb28".hex
     bb = "d8d50a862b7e8a897f8b0554c4a474e8aa152bd08f23436773fbb977e81cbf5e8262937ffb7ad6b72e3aa7f72deec947cdb286ab466e490d7c544bf443331ad12657c8f9bb2aabf508b73ea1ed29d03a060f5f2a70baef858bdb79c5c878844c058fe10c2cc746b0fb701e98d8d6405ab7d0b65bb4f87cf8e47b25ae4ee6e53b".hex
     m = "d5cbec7254ce66f421ceddbfe8a0a8991b5be2aa9c25d868f073f4459dfc358b".hex
-    client = SRP::Client.new(@username, password, @salt)
+    client = SRP::Client.new @username,
+      :password => password,
+      :salt => @salt
     assert_equal @verifier.to_s(16), client.verifier.to_s(16)
     session = SRP::Session.new(self, aa)
     session.send(:initialize_server, aa, b) # seeding b to compare to py_srp