mtproto 0.0.4 → 0.0.5

data/ext/factorization/Makefile

@@ -0,0 +1,273 @@
+
+SHELL = /bin/sh
+
+# V=0 quiet, V=1 verbose.  other values don't work.
+V = 0
+V0 = $(V:0=)
+Q1 = $(V:1=)
+Q = $(Q1:0=@)
+ECHO1 = $(V:1=@ :)
+ECHO = $(ECHO1:0=@ echo)
+NULLCMD = :
+
+#### Start of system configuration section. ####
+
+srcdir = .
+topdir = /Users/alev/.rvm/rubies/ruby-3.4.4/include/ruby-3.4.0
+hdrdir = $(topdir)
+arch_hdrdir = /Users/alev/.rvm/rubies/ruby-3.4.4/include/ruby-3.4.0/arm64-darwin24
+PATH_SEPARATOR = :
+VPATH = $(srcdir):$(arch_hdrdir)/ruby:$(hdrdir)/ruby
+prefix = $(DESTDIR)/Users/alev/.rvm/rubies/ruby-3.4.4
+rubysitearchprefix = $(rubylibprefix)/$(sitearch)
+rubyarchprefix = $(rubylibprefix)/$(arch)
+rubylibprefix = $(libdir)/$(RUBY_BASE_NAME)
+exec_prefix = $(prefix)
+vendorarchhdrdir = $(vendorhdrdir)/$(sitearch)
+sitearchhdrdir = $(sitehdrdir)/$(sitearch)
+rubyarchhdrdir = $(rubyhdrdir)/$(arch)
+vendorhdrdir = $(rubyhdrdir)/vendor_ruby
+sitehdrdir = $(rubyhdrdir)/site_ruby
+rubyhdrdir = $(includedir)/$(RUBY_VERSION_NAME)
+vendorarchdir = $(vendorlibdir)/$(sitearch)
+vendorlibdir = $(vendordir)/$(ruby_version)
+vendordir = $(rubylibprefix)/vendor_ruby
+sitearchdir = $(sitelibdir)/$(sitearch)
+sitelibdir = $(sitedir)/$(ruby_version)
+sitedir = $(rubylibprefix)/site_ruby
+rubyarchdir = $(rubylibdir)/$(arch)
+rubylibdir = $(rubylibprefix)/$(ruby_version)
+sitearchincludedir = $(includedir)/$(sitearch)
+archincludedir = $(includedir)/$(arch)
+sitearchlibdir = $(libdir)/$(sitearch)
+archlibdir = $(libdir)/$(arch)
+ridir = $(datarootdir)/$(RI_BASE_NAME)
+modular_gc_dir = $(DESTDIR)
+mandir = $(datarootdir)/man
+localedir = $(datarootdir)/locale
+libdir = $(exec_prefix)/lib
+psdir = $(docdir)
+pdfdir = $(docdir)
+dvidir = $(docdir)
+htmldir = $(docdir)
+infodir = $(datarootdir)/info
+docdir = $(datarootdir)/doc/$(PACKAGE)
+oldincludedir = $(DESTDIR)/usr/include
+includedir = $(SDKROOT)$(prefix)/include
+runstatedir = $(localstatedir)/run
+localstatedir = $(prefix)/var
+sharedstatedir = $(prefix)/com
+sysconfdir = $(prefix)/etc
+datadir = $(datarootdir)
+datarootdir = $(prefix)/share
+libexecdir = $(exec_prefix)/libexec
+sbindir = $(exec_prefix)/sbin
+bindir = $(exec_prefix)/bin
+archdir = $(rubyarchdir)
+
+
+CC_WRAPPER = 
+CC = gcc
+CXX = g++
+LIBRUBY = $(LIBRUBY_SO)
+LIBRUBY_A = lib$(RUBY_SO_NAME)-static.a
+LIBRUBYARG_SHARED = -l$(RUBY_SO_NAME)
+LIBRUBYARG_STATIC = -l$(RUBY_SO_NAME)-static -framework CoreFoundation $(MAINLIBS)
+empty =
+OUTFLAG = -o $(empty)
+COUTFLAG = -o $(empty)
+CSRCFLAG = $(empty)
+
+RUBY_EXTCONF_H = 
+cflags   = $(hardenflags) -fdeclspec  $(optflags) $(debugflags) $(warnflags)
+cxxflags = 
+optflags = -O3 -fno-fast-math
+debugflags = -ggdb3
+warnflags = -Wall -Wextra -Wextra-tokens -Wdeprecated-declarations -Wdivision-by-zero -Wdiv-by-zero -Wimplicit-function-declaration -Wimplicit-int -Wpointer-arith -Wshorten-64-to-32 -Wwrite-strings -Wold-style-definition -Wmissing-noreturn -Wno-cast-function-type -Wno-constant-logical-operand -Wno-long-long -Wno-missing-field-initializers -Wno-overlength-strings -Wno-parentheses-equality -Wno-self-assign -Wno-tautological-compare -Wno-unused-parameter -Wno-unused-value -Wunused-variable -Wmisleading-indentation -Wundef
+cppflags = 
+CCDLFLAGS = -fno-common
+CFLAGS   = $(CCDLFLAGS) -O3 -I/opt/homebrew/opt/libyaml/include -I/opt/homebrew/opt/libksba/include -I/opt/homebrew/opt/readline/include -I/opt/homebrew/opt/zlib/include -I/opt/homebrew/opt/openssl@1.1/include $(cflags) -fno-common -pipe $(ARCH_FLAG)
+INCFLAGS = -I. -I$(arch_hdrdir) -I$(hdrdir)/ruby/backward -I$(hdrdir) -I$(srcdir)
+DEFS     = 
+CPPFLAGS =  -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -D_DARWIN_UNLIMITED_SELECT -D_REENTRANT $(DEFS) $(cppflags)
+CXXFLAGS = $(CCDLFLAGS) -fdeclspec $(ARCH_FLAG)
+ldflags  = -L. -L/opt/homebrew/opt/libyaml/lib -L/opt/homebrew/opt/libksba/lib -L/opt/homebrew/opt/readline/lib -L/opt/homebrew/opt/zlib/lib -L/opt/homebrew/opt/openssl@1.1/lib -fstack-protector-strong
+dldflags = -L/opt/homebrew/opt/libyaml/lib -L/opt/homebrew/opt/libksba/lib -L/opt/homebrew/opt/readline/lib -L/opt/homebrew/opt/zlib/lib -L/opt/homebrew/opt/openssl@1.1/lib -Wl,-undefined,dynamic_lookup 
+ARCH_FLAG = -arch arm64
+DLDFLAGS = $(ldflags) $(dldflags) $(ARCH_FLAG)
+LDSHARED = $(CC) -dynamic -bundle
+LDSHAREDXX = $(CXX) -dynamic -bundle
+POSTLINK = dsymutil $@ 2>/dev/null; { test -z '$(RUBY_CODESIGN)' || codesign -s '$(RUBY_CODESIGN)' $@; }
+AR = ar
+LD = ld
+EXEEXT = 
+
+RUBY_INSTALL_NAME = $(RUBY_BASE_NAME)
+RUBY_SO_NAME = ruby.3.4
+RUBYW_INSTALL_NAME = 
+RUBY_VERSION_NAME = $(RUBY_BASE_NAME)-$(ruby_version)
+RUBYW_BASE_NAME = rubyw
+RUBY_BASE_NAME = ruby
+
+arch = arm64-darwin24
+sitearch = $(arch)
+ruby_version = 3.4.0
+ruby = $(bindir)/$(RUBY_BASE_NAME)
+RUBY = $(ruby)
+BUILTRUBY = $(bindir)/$(RUBY_BASE_NAME)
+ruby_headers = $(hdrdir)/ruby.h $(hdrdir)/ruby/backward.h $(hdrdir)/ruby/ruby.h $(hdrdir)/ruby/defines.h $(hdrdir)/ruby/missing.h $(hdrdir)/ruby/intern.h $(hdrdir)/ruby/st.h $(hdrdir)/ruby/subst.h $(arch_hdrdir)/ruby/config.h
+
+RM = rm -f
+RM_RF = rm -fr
+RMDIRS = rmdir -p
+MAKEDIRS = /opt/homebrew/opt/coreutils/bin/gmkdir -p
+INSTALL = /opt/homebrew/opt/coreutils/bin/ginstall -c
+INSTALL_PROG = $(INSTALL) -m 0755
+INSTALL_DATA = $(INSTALL) -m 644
+COPY = cp
+TOUCH = exit >
+
+#### End of system configuration section. ####
+
+preload = 
+libpath = . $(libdir)
+LIBPATH = -L. -L$(libdir)
+DEFFILE = 
+
+CLEANFILES = mkmf.log
+DISTCLEANFILES = 
+DISTCLEANDIRS = 
+
+extout = 
+extout_prefix = 
+target_prefix = /factorization
+LOCAL_LIBS = 
+LIBS = $(LIBRUBYARG_SHARED)  -lpthread  
+ORIG_SRCS = factorization.c
+SRCS = $(ORIG_SRCS) 
+OBJS = factorization.o
+HDRS = 
+LOCAL_HDRS = 
+TARGET = factorization
+TARGET_NAME = factorization
+TARGET_ENTRY = Init_$(TARGET_NAME)
+DLLIB = $(TARGET).bundle
+EXTSTATIC = 
+STATIC_LIB = 
+
+TIMESTAMP_DIR = .
+BINDIR        = $(bindir)
+RUBYCOMMONDIR = $(sitedir)$(target_prefix)
+RUBYLIBDIR    = $(sitelibdir)$(target_prefix)
+RUBYARCHDIR   = $(sitearchdir)$(target_prefix)
+HDRDIR        = $(sitehdrdir)$(target_prefix)
+ARCHHDRDIR    = $(sitearchhdrdir)$(target_prefix)
+TARGET_SO_DIR =
+TARGET_SO     = $(TARGET_SO_DIR)$(DLLIB)
+CLEANLIBS     = $(TARGET_SO) $(TARGET_SO:=.dSYM)
+CLEANOBJS     = $(OBJS) *.bak
+TARGET_SO_DIR_TIMESTAMP = $(TIMESTAMP_DIR)/.sitearchdir.-.factorization.time
+
+all:    $(DLLIB)
+static: $(STATIC_LIB)
+.PHONY: all install static install-so install-rb
+.PHONY: clean clean-so clean-static clean-rb
+
+clean-static::
+clean-rb-default::
+clean-rb::
+clean-so::
+clean: clean-so clean-static clean-rb-default clean-rb
+		-$(Q)$(RM_RF) $(CLEANLIBS) $(CLEANOBJS) $(CLEANFILES) .*.time
+
+distclean-rb-default::
+distclean-rb::
+distclean-so::
+distclean-static::
+distclean: clean distclean-so distclean-static distclean-rb-default distclean-rb
+		-$(Q)$(RM) Makefile $(RUBY_EXTCONF_H) conftest.* mkmf.log
+		-$(Q)$(RM) core ruby$(EXEEXT) *~ $(DISTCLEANFILES)
+		-$(Q)$(RMDIRS) $(DISTCLEANDIRS) 2> /dev/null || true
+
+realclean: distclean
+install: install-so install-rb
+
+install-so: $(DLLIB) $(TARGET_SO_DIR_TIMESTAMP)
+	$(INSTALL_PROG) $(DLLIB) $(RUBYARCHDIR)
+clean-static::
+	-$(Q)$(RM) $(STATIC_LIB)
+install-rb: pre-install-rb do-install-rb install-rb-default
+install-rb-default: pre-install-rb-default do-install-rb-default
+pre-install-rb: Makefile
+pre-install-rb-default: Makefile
+do-install-rb:
+do-install-rb-default:
+pre-install-rb-default:
+	@$(NULLCMD)
+$(TARGET_SO_DIR_TIMESTAMP):
+	$(Q) $(MAKEDIRS) $(@D) $(RUBYARCHDIR)
+	$(Q) $(TOUCH) $@
+
+site-install: site-install-so site-install-rb
+site-install-so: install-so
+site-install-rb: install-rb
+
+.SUFFIXES: .c .m .cc .mm .cxx .cpp .o .S
+
+.cc.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.cc.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+.mm.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.mm.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+.cxx.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.cxx.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+.cpp.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.cpp.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CXX) $(INCFLAGS) $(CPPFLAGS) $(CXXFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+.c.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.c.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+.m.o:
+	$(ECHO) compiling $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+
+.m.S:
+	$(ECHO) translating $(<)
+	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) $(COUTFLAG)$@ -S $(CSRCFLAG)$<
+
+$(TARGET_SO): $(OBJS) Makefile
+	$(ECHO) linking shared-object factorization/$(DLLIB)
+	-$(Q)$(RM) $(@)
+	$(Q) $(LDSHARED) -o $@ $(OBJS) $(LIBPATH) $(DLDFLAGS) $(LOCAL_LIBS) $(LIBS)
+	$(Q) $(POSTLINK)
+
+
+
+$(OBJS): $(HDRS) $(ruby_headers)

data/ext/factorization/extconf.rb

@@ -0,0 +1,3 @@
+require 'mkmf'
+
+create_makefile('factorization/factorization')

data/ext/factorization/factorization.c

@@ -0,0 +1,62 @@
+#include <ruby.h>
+#include <stdint.h>
+#include <math.h>
+
+static VALUE mMTProto;
+static VALUE mCrypto;
+static VALUE mFactorization;
+
+static VALUE
+factorize_pq(VALUE self, VALUE pq_bytes)
+{
+    Check_Type(pq_bytes, T_STRING);
+
+    long pq_len = RSTRING_LEN(pq_bytes);
+    unsigned char *pq_ptr = (unsigned char *)RSTRING_PTR(pq_bytes);
+
+    uint64_t n = 0;
+    for (long i = 0; i < pq_len; i++) {
+        n = (n << 8) | pq_ptr[i];
+    }
+
+    if (n <= 3) {
+        rb_raise(rb_eArgError, "Number must be > 3");
+    }
+
+    if (n % 2 == 0) {
+        VALUE result = rb_ary_new2(2);
+        rb_ary_push(result, ULL2NUM(2));
+        rb_ary_push(result, ULL2NUM(n / 2));
+        return result;
+    }
+
+    uint64_t limit = (uint64_t)sqrt((double)n) + 1;
+    for (uint64_t i = 3; i < limit; i += 2) {
+        if (n % i == 0) {
+            uint64_t p = i;
+            uint64_t q = n / i;
+
+            if (p > q) {
+                uint64_t tmp = p;
+                p = q;
+                q = tmp;
+            }
+
+            VALUE result = rb_ary_new2(2);
+            rb_ary_push(result, ULL2NUM(p));
+            rb_ary_push(result, ULL2NUM(q));
+            return result;
+        }
+    }
+
+    rb_raise(rb_eRuntimeError, "No non-trivial factors found (n might be prime)");
+}
+
+void Init_factorization(void)
+{
+    mMTProto = rb_define_module("MTProto");
+    mCrypto = rb_define_module_under(mMTProto, "Crypto");
+    mFactorization = rb_define_module_under(mCrypto, "FactorizationExt");
+
+    rb_define_singleton_method(mFactorization, "factorize_pq", factorize_pq, 1);
+}

data/lib/mtproto/auth_key_generator.rb

@@ -0,0 +1,228 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+require 'digest'
+
+module MTProto
+  class AuthKeyGenerator
+    attr_reader :connection, :auth_key, :server_salt, :time_offset
+
+    def initialize(connection)
+      @connection = connection
+      @auth_key = nil
+      @server_salt = nil
+      @time_offset = 0
+    end
+
+    def generate
+      res_pq = req_pq_multi
+      server_key = find_server_key(res_pq[:fingerprints])
+      p, q = Crypto::Factorization.factorize_pq(res_pq[:pq])
+      new_nonce = SecureRandom.random_bytes(32)
+
+      encrypted_data = encrypt_pq_inner_data(res_pq, p, q, server_key, new_nonce)
+      server_dh_params = send_req_dh_params(res_pq, p, q, server_key, encrypted_data)
+      server_dh_inner_data = decrypt_server_dh_params(res_pq, new_nonce, server_dh_params)
+
+      Crypto::DHValidator.validate_dh_params(
+        server_dh_inner_data.g,
+        server_dh_inner_data.dh_prime,
+        server_dh_inner_data.g_a
+      )
+
+      client_dh_params = Crypto::DHKeyExchange.generate_client_dh_params(
+        server_dh_inner_data.g,
+        server_dh_inner_data.dh_prime
+      )
+
+      auth_key = Crypto::DHKeyExchange.compute_auth_key(
+        server_dh_inner_data.g_a,
+        client_dh_params[:b],
+        server_dh_inner_data.dh_prime
+      )
+
+      tmp_aes_key = Crypto::AuthKeyHelper.derive_tmp_aes_key(new_nonce, res_pq[:server_nonce])
+      tmp_aes_iv = Crypto::AuthKeyHelper.derive_tmp_aes_iv(new_nonce, res_pq[:server_nonce])
+
+      dh_gen_response = send_client_dh_params(
+        res_pq,
+        new_nonce,
+        client_dh_params,
+        tmp_aes_key,
+        tmp_aes_iv
+      )
+
+      verify_dh_gen_response(dh_gen_response, res_pq, new_nonce, auth_key)
+
+      @auth_key = auth_key
+      @server_salt = compute_server_salt(new_nonce, res_pq[:server_nonce])
+      @time_offset = server_dh_inner_data.server_time - Time.now.to_i
+
+      {
+        auth_key: @auth_key,
+        server_salt: @server_salt,
+        time_offset: @time_offset,
+        server_dh_params: server_dh_params,
+        server_dh_inner_data: server_dh_inner_data,
+        client_dh_params: client_dh_params,
+        dh_gen_response: dh_gen_response
+      }
+    end
+
+    private
+
+    def req_pq_multi
+      nonce = SecureRandom.random_bytes(16)
+      message = TL::Message.req_pq_multi(nonce)
+      @connection.send(message.serialize)
+
+      response_data = @connection.recv(timeout: 10)
+      response_message = TL::Message.deserialize(response_data)
+      res_pq = response_message.parse_res_pq
+
+      raise 'Nonce mismatch!' unless res_pq[:nonce] == nonce
+
+      res_pq
+    end
+
+    def find_server_key(fingerprints)
+      server_key = Crypto::RSAKey.find_by_fingerprint(fingerprints)
+      raise 'No matching RSA key found!' unless server_key
+
+      server_key
+    end
+
+    def encrypt_pq_inner_data(res_pq, p, q, server_key, new_nonce)
+      inner_data = TL::PQInnerData.new(
+        pq: Crypto::Factorization.bytes_to_integer(res_pq[:pq]),
+        p: p,
+        q: q,
+        nonce: res_pq[:nonce],
+        server_nonce: res_pq[:server_nonce],
+        new_nonce: new_nonce,
+        dc: @connection.port == 443 ? 2 : 1
+      )
+
+      Crypto::RSA_PAD.encrypt(inner_data.serialize, server_key)
+    end
+
+    def send_req_dh_params(res_pq, p, q, server_key, encrypted_data)
+      message = TL::Message.req_DH_params(
+        nonce: res_pq[:nonce],
+        server_nonce: res_pq[:server_nonce],
+        p: p,
+        q: q,
+        public_key_fingerprint: server_key.fingerprint,
+        encrypted_data: encrypted_data
+      )
+
+      @connection.send(message.serialize)
+
+      response_data = @connection.recv(timeout: 10)
+      response_message = TL::Message.deserialize(response_data)
+      server_dh_params = response_message.parse_server_DH_params_ok
+
+      raise 'Nonce mismatch!' unless server_dh_params[:nonce] == res_pq[:nonce]
+      raise 'Server nonce mismatch!' unless server_dh_params[:server_nonce] == res_pq[:server_nonce]
+
+      server_dh_params
+    end
+
+    def decrypt_server_dh_params(res_pq, new_nonce, server_dh_params)
+      tmp_aes_key = Crypto::AuthKeyHelper.derive_tmp_aes_key(new_nonce, res_pq[:server_nonce])
+      tmp_aes_iv = Crypto::AuthKeyHelper.derive_tmp_aes_iv(new_nonce, res_pq[:server_nonce])
+
+      answer_with_hash = Crypto::AES_IGE.decrypt_ige(
+        server_dh_params[:encrypted_answer],
+        tmp_aes_key,
+        tmp_aes_iv
+      )
+
+      answer_hash = answer_with_hash[0, 20]
+      answer = answer_with_hash[20..]
+
+      loop do
+        computed_hash = Digest::SHA1.digest(answer)
+        break if answer_hash == computed_hash
+
+        raise 'Answer hash mismatch!' if answer.bytesize <= 1
+
+        answer = answer[0..-2]
+      end
+
+      server_dh_inner_data = TL::ServerDHInnerData.deserialize(answer)
+
+      raise 'Nonce mismatch in DH inner data!' unless server_dh_inner_data.nonce == res_pq[:nonce]
+      raise 'Server nonce mismatch in DH inner data!' unless server_dh_inner_data.server_nonce == res_pq[:server_nonce]
+
+      server_dh_inner_data
+    end
+
+    def send_client_dh_params(res_pq, new_nonce, client_dh_params, tmp_aes_key, tmp_aes_iv)
+      client_dh_inner_data = TL::ClientDHInnerData.new(
+        nonce: res_pq[:nonce],
+        server_nonce: res_pq[:server_nonce],
+        retry_id: 0,
+        g_b: client_dh_params[:g_b_bytes]
+      )
+
+      client_dh_data = client_dh_inner_data.serialize
+      client_dh_data_with_hash = Digest::SHA1.digest(client_dh_data) + client_dh_data
+
+      padding_length = (16 - (client_dh_data_with_hash.bytesize % 16)) % 16
+      client_dh_data_with_hash += SecureRandom.random_bytes(padding_length) if padding_length.positive?
+
+      client_dh_encrypted = Crypto::AES_IGE.encrypt_ige(
+        client_dh_data_with_hash,
+        tmp_aes_key,
+        tmp_aes_iv
+      )
+
+      message = TL::Message.set_client_DH_params(
+        nonce: res_pq[:nonce],
+        server_nonce: res_pq[:server_nonce],
+        encrypted_data: client_dh_encrypted
+      )
+
+      @connection.send(message.serialize)
+
+      response_data = @connection.recv(timeout: 10)
+      response_message = TL::Message.deserialize(response_data)
+      response_message.parse_dh_gen_response
+    end
+
+    def verify_dh_gen_response(dh_gen_response, res_pq, new_nonce, auth_key)
+      raise 'Nonce mismatch in DH response!' unless dh_gen_response[:nonce] == res_pq[:nonce]
+      raise 'Server nonce mismatch in DH response!' unless dh_gen_response[:server_nonce] == res_pq[:server_nonce]
+
+      auth_key_hash = Digest::SHA1.digest(auth_key)
+      auth_key_aux_hash = auth_key_hash[0, 8]
+
+      expected_new_nonce_hash = case dh_gen_response[:status]
+      when :ok
+        Digest::SHA1.digest(new_nonce + "\x01".b + auth_key_aux_hash)[-16..]
+      when :retry
+        Digest::SHA1.digest(new_nonce + "\x02".b + auth_key_aux_hash)[-16..]
+      when :fail
+        Digest::SHA1.digest(new_nonce + "\x03".b + auth_key_aux_hash)[-16..]
+      end
+
+      raise 'new_nonce_hash mismatch!' unless dh_gen_response[:new_nonce_hash] == expected_new_nonce_hash
+
+      case dh_gen_response[:status]
+      when :retry
+        raise 'Server requested retry - not implemented'
+      when :fail
+        raise 'Server reported DH generation failure'
+      end
+    end
+
+    def compute_server_salt(new_nonce, server_nonce)
+      server_salt_bytes = String.new(capacity: 8)
+      8.times do |i|
+        server_salt_bytes << (new_nonce[i].ord ^ server_nonce[i].ord)
+      end
+      server_salt_bytes.unpack1('Q<')
+    end
+  end
+end