1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
require File.expand_path(File.dirname(__FILE__) + '/util')
module SRP
module Authentication
include Util
class Session
include Util
attr_accessor :aa, :bb
def initialize(aa, verifier)
@aa = aa
@b = bigrand(32).hex
# B = g^b + k v (mod N)
@bb = (modpow(GENERATOR, @b) + multiplier * verifier) % BIG_PRIME_N
end
def u
@u ||= calculate_u
end
# do not cache this - it's secret and someone might store the
# session in a CookieStore
def secret(verifier)
base = (modpow(verifier, u) * aa) % BIG_PRIME_N
modpow(base, @b)
end
def m1(verifier)
calculate_m(secret(verifier))
end
def m2(m1, verifier)
sha256_int(@aa, m1, secret(verifier)).hex
end
protected
def calculate_u
sha256_int(@aa, @bb).hex
end
def calculate_m(s)
sha256_int(@aa, @bb, s).hex
end
end
def initialize_auth(aa)
return Session.new(aa, verifier)
end
def authenticate!(m, session)
authenticate(m, session) || raise(SRP::WrongPassword)
end
def authenticate(m, session)
if(m == session.m1(verifier))
return session.m2(m, verifier)
end
end
end
end
|