diff options
-rw-r--r-- | lib/srp/authentication.rb | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/lib/srp/authentication.rb b/lib/srp/authentication.rb index 96f68fe..a2431d0 100644 --- a/lib/srp/authentication.rb +++ b/lib/srp/authentication.rb @@ -14,31 +14,27 @@ module SRP @b = bigrand(32).hex # B = g^b + k v (mod N) @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N - @verifier = verifier end def u calculate_u(aa, bb, PRIME_N) end - def secret - @s ||= calculate_secret + # do not cache this - it's secret and someone might store the + # session in a CookieStore + def secret(verifier) + base = (modpow(verifier, u, PRIME_N) * aa) % PRIME_N + modpow(base, @b, PRIME_N) end - def m1 - calculate_m(aa, bb, secret) + def m1(verifier) + calculate_m(aa, bb, secret(verifier)) end - def m2 - calculate_m(aa, m1, secret) + def m2(m1, verifier) + calculate_m(aa, m1, secret(verifier)) end - protected - - def calculate_secret - base = (modpow(@verifier, u, PRIME_N) * aa) % PRIME_N - modpow(base, @b, PRIME_N) - end end def initialize_auth(aa) @@ -46,8 +42,8 @@ module SRP end def authenticate(m, session) - if(m == session.m1) - return session.m2 + if(m == session.m1(verifier)) + return session.m2(m, verifier) end end |