| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-07-14 | store aa, bb and u as hex by default | Azul | |
| 2013-07-14 | first take on a hex based api | Azul | |
| 2013-07-14 | more fixtures | Azul | |
| 2013-06-24 | refactore tests: use #internal_state and fixtures | Azul | |
| 2013-02-25 | version 0.1.6 - added SRP::Session#to_hash | Azul | |
| 2013-02-06 | changed SRP:Client so it can be used to wrap a user record on the server | Azul | |
| 2012-10-11 | authenticate returns the user, to_json includes M2. bumped version to 0.1.3release-0.1.0 | Azul | |
| This way the controller can easily use @user = @session.authenticate; respond_with @sessoin; | |||
| 2012-10-05 | bugfix - zero padded salts do not break login anymore | Azul | |
| 2012-10-05 | made m and m2 calculation srp 6A compatible | Azul | |
| Also added session_test that tests agains values calculated with py_srp | |||
| 2012-10-04 | using the SRP 6a algorithm for calculating M | Azul | |
| 2012-10-04 | moved all server side auth stuff into session so i can remove the ↵ | Azul | |
| authentication module | |||
| 2012-10-04 | more cleanup - no more duplicate password and username in Client | Azul | |
| A client has a set of pwd and login and tries to auth with this. | |||
| 2012-10-04 | using BIG_PRIME_N and hashing the byte array - tests pass | Azul | |
| We still calculate M differently than in SRP 6a | |||
| 2012-10-03 | calculate verifiers and multiplier just like in py srpfeature-py_srp_compat | Azul | |
| Some other parts are still missing. Main issue was using hashes of hex representation rather that hashes of byte arrays | |||
| 2012-08-06 | hand over the login on handshake like we normally would | Azul | |
| still missing the salt in this. auth should be more independent from registry to resemble the real process more closely | |||
| 2012-08-06 | added authenticate! which raises SRP::WrongPassword if it fails, version 0.0.2 | Azul | |
| 2012-07-26 | session is handled by the class that includes SRP::Authentication - not the ↵ | Azul | |
| client | |||
| 2012-07-26 | turned server class into authentication module - test green, example broken | Azul | |
| The example seems to be broken due to changes in srp-js | |||
| 2012-06-29 | adopted srp algo to srp-js way of doing things. | Azul | |
| all large integers are now send as hex strings. Using sha256_str all over the place. This finally gives me successful logins. Needs a log of cleanup never the less. | |||
| 2012-06-28 | complete ajax flow is working - just auth fails | Azul | |
| Also we currently generate the salt on the server - this should happen on the client but for now i stick to the srp-js workflow. | |||
| 2012-06-26 | first steps towards adding a server side srp flow to the example | Azul | |
| 2012-06-18 | initial commit - testing srp auth | Azul | |
| * This is lacking a few steps. We confirm the secret is the same but no key is generated from it and it is transfered over the wire in clear. * this was inspired by https://gist.github.com/790048 * seperated util, client, server and test code | |||
 |
index : ruby_srp.git | |
| [ruby_srp] | git repository hosting |
| summaryrefslogtreecommitdiff |