From 09a7a8c0fb28ff49fac64f282aa136f8a2c20dfe Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 18 Jun 2012 12:34:11 +0200
Subject: initial commit - testing srp auth

* This is lacking a few steps. We confirm the secret is the same but no key is generated from it and it is transfered over the wire in clear.
* this was inspired by https://gist.github.com/790048
* seperated util, client, server and test code
---
 lib/srp/server.rb | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 lib/srp/server.rb

(limited to 'lib/srp/server.rb')

diff --git a/lib/srp/server.rb b/lib/srp/server.rb
new file mode 100644
index 0000000..a1189a1
--- /dev/null
+++ b/lib/srp/server.rb
@@ -0,0 +1,42 @@
+require File.expand_path(File.dirname(__FILE__) + '/util')
+
+module SRP
+  class Server
+
+    include Util
+
+    def initialize(salt, verifier)
+      @salt = salt
+      @verifier = verifier
+    end
+
+    def initialize_auth(aa)
+      @b = bigrand(32).hex
+      # B = g^b + k v (mod N)
+      @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * @verifier) % PRIME_N
+      u = calculate_u(aa, @bb, PRIME_N)
+      return @bb, u
+    end
+
+    def authenticate(aa, client_s)
+      u = calculate_u(aa, @bb, PRIME_N)
+      base = (modpow(@verifier, u, PRIME_N) * aa) % PRIME_N
+      server_s = modpow(base, @b, PRIME_N)
+      return client_s == server_s
+    end
+
+
+    protected
+
+    def calculate_u(aa, bb, n)
+      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
+      aahex = '%x' % [aa]
+      bbhex = '%x' % [bb]
+      hashin = '0' * (nlen - aahex.length) + aahex \
+        + '0' * (nlen - bbhex.length) + bbhex
+      sha1_hex(hashin).hex
+    end
+  end
+end
+
+
-- 
cgit v1.2.3