From 26580be7f9b557ed8136aa11c7b4e7b96f9c86eb Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 26 Jul 2012 10:58:28 +0200
Subject: both sides calculate their own u

---
 lib/srp/authentication.rb | 14 +-------------
 lib/srp/client.rb         |  3 ++-
 lib/srp/util.rb           |  9 +++++++++
 3 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/lib/srp/authentication.rb b/lib/srp/authentication.rb
index 1f36dd7..f4b2e70 100644
--- a/lib/srp/authentication.rb
+++ b/lib/srp/authentication.rb
@@ -11,8 +11,7 @@ module SRP
       @b = bigrand(32).hex
       # B = g^b + k v (mod N)
       @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N
-      u = calculate_u(@aa, @bb, PRIME_N)
-      return @bb, u
+      return @bb
     end
 
     def authenticate(m)
@@ -25,17 +24,6 @@ module SRP
     end
 
 
-    protected
-
-    def calculate_u(aa, bb, n)
-      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
-      aahex = '%x' % [aa]
-      bbhex = '%x' % [bb]
-      return sha256_str("%x%x" % [aa, bb]).hex
-      hashin = '0' * (nlen - aahex.length) + aahex \
-        + '0' * (nlen - bbhex.length) + bbhex
-      sha256_str(hashin).hex
-    end
   end
 
 end
diff --git a/lib/srp/client.rb b/lib/srp/client.rb
index ba62993..1be2461 100644
--- a/lib/srp/client.rb
+++ b/lib/srp/client.rb
@@ -19,7 +19,8 @@ module SRP
       x = calculate_x(username, password, salt)
       a = bigrand(32).hex
       aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N)
-      bb, u = server.initialize_auth(aa)
+      bb = server.initialize_auth(aa)
+      u = calculate_u(aa, bb, PRIME_N)
       client_s = calculate_client_s(x, a, bb, u)
       server.authenticate(calculate_m(aa,bb,client_s))
     end
diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index efbecaa..577977e 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -66,6 +66,15 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
       sha256_str(hashin).hex
     end
 
+    def calculate_u(aa, bb, n)
+      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
+      aahex = '%x' % [aa]
+      bbhex = '%x' % [bb]
+      return sha256_str("%x%x" % [aa, bb]).hex
+      hashin = '0' * (nlen - aahex.length) + aahex \
+        + '0' * (nlen - bbhex.length) + bbhex
+      sha256_str(hashin).hex
+    end
   end
 
 end
-- 
cgit v1.2.3