From 693b6d1e36828fa17915a9297595f65c739b611a Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 4 Oct 2012 09:54:47 +0200 Subject: using BIG_PRIME_N and hashing the byte array - tests pass We still calculate M differently than in SRP 6a --- lib/srp/authentication.rb | 8 ++++---- lib/srp/client.rb | 20 ++++++++++---------- lib/srp/util.rb | 5 ++--- test/auth_test.rb | 2 +- 4 files changed, 17 insertions(+), 18 deletions(-) diff --git a/lib/srp/authentication.rb b/lib/srp/authentication.rb index 4afe20b..0505a58 100644 --- a/lib/srp/authentication.rb +++ b/lib/srp/authentication.rb @@ -13,18 +13,18 @@ module SRP @aa = aa @b = bigrand(32).hex # B = g^b + k v (mod N) - @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N + @bb = (modpow(GENERATOR, @b, BIG_PRIME_N) + multiplier * verifier) % BIG_PRIME_N end def u - calculate_u(aa, bb, PRIME_N) + calculate_u(aa, bb, BIG_PRIME_N) end # do not cache this - it's secret and someone might store the # session in a CookieStore def secret(verifier) - base = (modpow(verifier, u, PRIME_N) * aa) % PRIME_N - modpow(base, @b, PRIME_N) + base = (modpow(verifier, u, BIG_PRIME_N) * aa) % BIG_PRIME_N + modpow(base, @b, BIG_PRIME_N) end def m1(verifier) diff --git a/lib/srp/client.rb b/lib/srp/client.rb index 37f37d7..947bd7b 100644 --- a/lib/srp/client.rb +++ b/lib/srp/client.rb @@ -10,17 +10,17 @@ module SRP def initialize(username, password, salt = nil) @username = username @password = password - @salt = salt.hex || bigrand(4).hex + @salt = (salt || bigrand(4)).hex @multiplier = multiplier # let's cache it calculate_verifier end def authenticate(server, username, password) - x = calculate_x(username, password, salt) + x = calculate_x(username, password) a = bigrand(32).hex - aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N) + aa = modpow(GENERATOR, a, BIG_PRIME_N) # A = g^a (mod N) bb = server.handshake(username, aa) - u = calculate_u(aa, bb, PRIME_N) + u = calculate_u(aa, bb, BIG_PRIME_N) client_s = calculate_client_s(x, a, bb, u) server.validate(calculate_m(aa, bb, client_s)) end @@ -32,18 +32,18 @@ module SRP @verifier end - def calculate_x + def calculate_x(username = @username, password = @password) shex = '%x' % [@salt] - inner = sha256_str([@username, @password].join(':')) + inner = sha256_str([username, password].join(':')) sha256_str([shex].pack('H*') + [inner].pack('H*')).hex end def calculate_client_s(x, a, bb, u) base = bb - base += PRIME_N * @multiplier - base -= modpow(GENERATOR, x, PRIME_N) * @multiplier - base = base % PRIME_N - modpow(base, x * u + a, PRIME_N) + base += BIG_PRIME_N * @multiplier + base -= modpow(GENERATOR, x, BIG_PRIME_N) * @multiplier + base = base % BIG_PRIME_N + modpow(base, x * u + a, BIG_PRIME_N) end end end diff --git a/lib/srp/util.rb b/lib/srp/util.rb index 66bd9e7..cafa5f4 100644 --- a/lib/srp/util.rb +++ b/lib/srp/util.rb @@ -59,14 +59,13 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5 def calculate_m(aa, bb, s) hashin = '%x%x%x' % [aa, bb, s] - sha256_str(hashin).hex + sha256_hex(hashin).hex end def calculate_u(aa, bb, n) - nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3) aahex = '%x' % [aa] bbhex = '%x' % [bb] - return sha256_str("%x%x" % [aa, bb]).hex + return sha256_hex("%x%x" % [aa, bb]).hex end end diff --git a/test/auth_test.rb b/test/auth_test.rb index 4311683..559403a 100644 --- a/test/auth_test.rb +++ b/test/auth_test.rb @@ -35,7 +35,7 @@ class AuthTest < Test::Unit::TestCase assert @client.authenticate(@server, @username, @password) end - def test_wrong_password + def test_a_wrong_password assert !@client.authenticate(@server, @username, "wrong password") end -- cgit v1.2.3