summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/srp/authentication.rb26
1 files changed, 11 insertions, 15 deletions
diff --git a/lib/srp/authentication.rb b/lib/srp/authentication.rb
index 96f68fe..a2431d0 100644
--- a/lib/srp/authentication.rb
+++ b/lib/srp/authentication.rb
@@ -14,31 +14,27 @@ module SRP
@b = bigrand(32).hex
# B = g^b + k v (mod N)
@bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N
- @verifier = verifier
end
def u
calculate_u(aa, bb, PRIME_N)
end
- def secret
- @s ||= calculate_secret
+ # do not cache this - it's secret and someone might store the
+ # session in a CookieStore
+ def secret(verifier)
+ base = (modpow(verifier, u, PRIME_N) * aa) % PRIME_N
+ modpow(base, @b, PRIME_N)
end
- def m1
- calculate_m(aa, bb, secret)
+ def m1(verifier)
+ calculate_m(aa, bb, secret(verifier))
end
- def m2
- calculate_m(aa, m1, secret)
+ def m2(m1, verifier)
+ calculate_m(aa, m1, secret(verifier))
end
- protected
-
- def calculate_secret
- base = (modpow(@verifier, u, PRIME_N) * aa) % PRIME_N
- modpow(base, @b, PRIME_N)
- end
end
def initialize_auth(aa)
@@ -46,8 +42,8 @@ module SRP
end
def authenticate(m, session)
- if(m == session.m1)
- return session.m2
+ if(m == session.m1(verifier))
+ return session.m2(m, verifier)
end
end