From 4f57d8010a90fe1221c351f695d15d29a9cdc37f Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Wed, 3 Oct 2012 16:59:46 +0200
Subject: calculate verifiers and multiplier just like in py srp

Some other parts are still missing. Main issue was using hashes of hex representation rather that hashes of byte arrays
---
 lib/srp/util.rb | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index bf4c248..66bd9e7 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -10,7 +10,7 @@ module SRP
 115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3
     EOS
 
-    BIG_PRIME_N = <<-EOS # 1024 bits modulus (N)
+    BIG_PRIME_N = <<-EOS.split.join.hex # 1024 bits modulus (N)
 eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657
 6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da
 d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
@@ -43,21 +43,18 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     end
 
     def multiplier
-      return "c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58".hex % PRIME_N
       @k ||= calculate_multiplier
     end
 
     protected
 
     def calculate_multiplier
-      n = PRIME_N
+      n = BIG_PRIME_N
       g = GENERATOR
-      nhex = '%x' % [n]
-      nlen = nhex.length + (nhex.length.odd? ? 1 : 0 )
-      ghex = '%x' % [g]
-      hashin = '0' * (nlen - nhex.length) + nhex \
-        + '0' * (nlen - ghex.length) + ghex
-      sha256_hex(hashin).hex % n
+      nhex = '%x' % n
+      ghex = '0%x' % g
+      hashin = [nhex].pack('H*') + [ghex].pack('H*')
+      sha256_str(hashin).hex
     end
 
     def calculate_m(aa, bb, s)
-- 
cgit v1.2.3


From 693b6d1e36828fa17915a9297595f65c739b611a Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 4 Oct 2012 09:54:47 +0200
Subject: using BIG_PRIME_N and hashing the byte array - tests pass

We still calculate M differently than in SRP 6a
---
 lib/srp/util.rb | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index 66bd9e7..cafa5f4 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -59,14 +59,13 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
 
     def calculate_m(aa, bb, s)
       hashin = '%x%x%x' % [aa, bb, s]
-      sha256_str(hashin).hex
+      sha256_hex(hashin).hex
     end
 
     def calculate_u(aa, bb, n)
-      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
       aahex = '%x' % [aa]
       bbhex = '%x' % [bb]
-      return sha256_str("%x%x" % [aa, bb]).hex
+      return sha256_hex("%x%x" % [aa, bb]).hex
     end
   end
 
-- 
cgit v1.2.3


From b889ef34d4fff0d156901ae2aebfcee02339ce77 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 4 Oct 2012 10:22:46 +0200
Subject: some cleanup, sha functions now concat multiple args

also u does not depend on n
---
 lib/srp/util.rb | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index cafa5f4..fcbab31 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -30,8 +30,15 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
       end
     end
 
-    def sha256_hex(h)
-      Digest::SHA2.hexdigest([h].pack('H*'))
+    #  Hashes the (long) int args
+    def sha256_int(*args)
+      sha256_hex(*args.map{|a| a.to_s(16)})
+    end
+
+    #  Hashes the hex args
+    def sha256_hex(*args)
+      h = args.join('')
+      sha256_str([h].pack('H*'))
     end
 
     def sha256_str(s)
@@ -49,23 +56,17 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     protected
 
     def calculate_multiplier
-      n = BIG_PRIME_N
-      g = GENERATOR
-      nhex = '%x' % n
-      ghex = '0%x' % g
-      hashin = [nhex].pack('H*') + [ghex].pack('H*')
-      sha256_str(hashin).hex
+      # GENERATOR hex needs to be prefixed with 0 so it's not "2" -> 32
+      ghex = '0%x' % GENERATOR
+      sha256_hex(BIG_PRIME_N.to_s(16), ghex).hex
     end
 
     def calculate_m(aa, bb, s)
-      hashin = '%x%x%x' % [aa, bb, s]
-      sha256_hex(hashin).hex
+      sha256_int(aa, bb, s).hex
     end
 
-    def calculate_u(aa, bb, n)
-      aahex = '%x' % [aa]
-      bbhex = '%x' % [bb]
-      return sha256_hex("%x%x" % [aa, bb]).hex
+    def calculate_u(aa, bb)
+      sha256_int(aa, bb).hex
     end
   end
 
-- 
cgit v1.2.3


From c73f7c1b4c1270d4d0ca47650a12893a6d13e796 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 4 Oct 2012 10:32:39 +0200
Subject: simplifying modpow to default to BIG_PRIME_N

---
 lib/srp/util.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index fcbab31..087ce5d 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -20,7 +20,7 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     GENERATOR = 2 # g
 
     # a^n (mod m)
-    def modpow(a, n, m)
+    def modpow(a, n, m = BIG_PRIME_N)
       r = 1
       while true
         r = r * a % m if n[0] == 1
-- 
cgit v1.2.3


From 0e5f57d3e07db606a779485e1537d4db8b5d3da2 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 4 Oct 2012 11:23:00 +0200
Subject: created session class to hold aa, bb and so forth - done for client

We have a session in the server already - duplication there now, merge next
---
 lib/srp/util.rb | 7 -------
 1 file changed, 7 deletions(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index 087ce5d..50ff9bb 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -61,13 +61,6 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
       sha256_hex(BIG_PRIME_N.to_s(16), ghex).hex
     end
 
-    def calculate_m(aa, bb, s)
-      sha256_int(aa, bb, s).hex
-    end
-
-    def calculate_u(aa, bb)
-      sha256_int(aa, bb).hex
-    end
   end
 
 end
-- 
cgit v1.2.3


From 0c70bc88f14f9cc92a98a902a99b88a9b1f672e6 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 4 Oct 2012 13:08:21 +0200
Subject: using the SRP 6a algorithm for calculating M

---
 lib/srp/util.rb | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'lib/srp/util.rb')

diff --git a/lib/srp/util.rb b/lib/srp/util.rb
index 50ff9bb..1e4beac 100644
--- a/lib/srp/util.rb
+++ b/lib/srp/util.rb
@@ -19,6 +19,10 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     EOS
     GENERATOR = 2 # g
 
+    def hn_xor_hg
+      byte_xor_hex(sha256_int(BIG_PRIME_N), sha256_int(GENERATOR))
+    end
+
     # a^n (mod m)
     def modpow(a, n, m = BIG_PRIME_N)
       r = 1
@@ -32,7 +36,7 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
 
     #  Hashes the (long) int args
     def sha256_int(*args)
-      sha256_hex(*args.map{|a| a.to_s(16)})
+      sha256_hex(*args.map{|a| "%02x" % a})
     end
 
     #  Hashes the hex args
@@ -56,9 +60,18 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     protected
 
     def calculate_multiplier
-      # GENERATOR hex needs to be prefixed with 0 so it's not "2" -> 32
-      ghex = '0%x' % GENERATOR
-      sha256_hex(BIG_PRIME_N.to_s(16), ghex).hex
+      sha256_int(BIG_PRIME_N, GENERATOR).hex
+    end
+
+    # turn two hex strings into byte arrays and xor them
+    #
+    # returns byte array
+    def byte_xor_hex(a, b)
+      a = [a].pack('H*')
+      b = [b].pack('H*')
+      a.bytes.each_with_index.map do |a_byte, i|
+        (a_byte ^ (b[i] || 0)).chr
+      end.join
     end
 
   end
-- 
cgit v1.2.3