ruby-srp 0.0.2

data/lib/srp/util.rb

@@ -0,0 +1,77 @@
+require 'digest'
+require 'openssl'
+
+module SRP
+  module Util
+
+    # constants both sides know
+    # in this case taken from srp-js
+    PRIME_N = <<-EOS.split.join.hex
+115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3
+    EOS
+
+    BIG_PRIME_N = <<-EOS # 1024 bits modulus (N)
+eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657
+6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da
+d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
+7ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb
+06e3
+    EOS
+    GENERATOR = 2 # g
+
+    # a^n (mod m)
+    def modpow(a, n, m)
+      r = 1
+      while true
+        r = r * a % m if n[0] == 1
+        n >>= 1
+        return r if n == 0
+        a = a * a % m
+      end
+    end
+
+    def sha256_hex(h)
+      Digest::SHA2.hexdigest([h].pack('H*'))
+    end
+
+    def sha256_str(s)
+      Digest::SHA2.hexdigest(s)
+    end
+
+    def bigrand(bytes)
+      OpenSSL::Random.random_bytes(bytes).unpack("H*")[0]
+    end
+
+    def multiplier
+      return "c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58".hex % PRIME_N
+      @k ||= calculate_multiplier
+    end
+
+    protected
+
+    def calculate_multiplier
+      n = PRIME_N
+      g = GENERATOR
+      nhex = '%x' % [n]
+      nlen = nhex.length + (nhex.length.odd? ? 1 : 0 )
+      ghex = '%x' % [g]
+      hashin = '0' * (nlen - nhex.length) + nhex \
+        + '0' * (nlen - ghex.length) + ghex
+      sha256_hex(hashin).hex % n
+    end
+
+    def calculate_m(aa, bb, s)
+      hashin = '%x%x%x' % [aa, bb, s]
+      sha256_str(hashin).hex
+    end
+
+    def calculate_u(aa, bb, n)
+      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
+      aahex = '%x' % [aa]
+      bbhex = '%x' % [bb]
+      return sha256_str("%x%x" % [aa, bb]).hex
+    end
+  end
+
+end
+

data/ruby-srp.gemspec

@@ -0,0 +1,26 @@
+Gem::Specification.new do |s|
+  s.name              = "ruby-srp"
+  s.version           = "0.0.2"
+  s.platform          = Gem::Platform::RUBY
+  s.authors           = ["Azul"]
+  s.email             = ["azul@leap.se"]
+  s.homepage          = "http://github.com/leapdev/ruby.srp"
+  s.summary           = "Secure remote password library for ruby"
+  s.description       = "SRP client and server based on version 6 of the standard"
+ 
+  s.required_rubygems_version = ">= 1.3.6"
+ 
+  # If you have runtime dependencies, add them here
+  # s.add_runtime_dependency "other", "~> 1.2"
+ 
+  # If you have development dependencies, add them here
+  # s.add_development_dependency "another", "= 0.9"
+ 
+  # The list of files to be contained in the gem 
+  s.files         = `git ls-files`.split("\n")
+  # s.executables   = `git ls-files`.split("\n").map{|f| f =~ /^bin\/(.*)/ ? $1 : nil}.compact
+  # s.extensions    = `git ls-files ext/extconf.rb`.split("\n")
+ 
+  s.require_path = 'lib'
+ 
+end

data/test/auth_test.rb

@@ -0,0 +1,47 @@
+require File.expand_path(File.dirname(__FILE__) + '/test_helper')
+
+class User
+
+  include SRP::Authentication
+
+  attr_accessor :salt, :verifier
+
+  def initialize(salt, verifier)
+    @salt = salt
+    @verifier = verifier
+  end
+
+  def handshake(login, aa)
+    @session = initialize_auth(aa)
+    return @session.bb
+  end
+
+  def validate(m)
+    authenticate(m, @session)
+  end
+
+end
+
+class AuthTest < Test::Unit::TestCase
+
+  def setup
+    @username = 'user'
+    @password = 'opensesami'
+    @client = SRP::Client.new(@username, @password)
+    @server = User.new(@client.salt, @client.verifier)
+  end
+
+  def test_successful_auth
+    assert @client.authenticate(@server, @username, @password)
+  end
+
+  def test_wrong_password
+    assert !@client.authenticate(@server, @username, "wrong password")
+  end
+
+  def test_wrong_username
+    assert !@client.authenticate(@server, "wrong username", @password)
+  end
+end
+
+

data/test/test_helper.rb

@@ -0,0 +1,3 @@
+require "rubygems"
+require 'test/unit'
+require File.expand_path(File.dirname(__FILE__) + '/../lib/ruby-srp.rb')

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification 
+name: ruby-srp
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 2
+  version: 0.0.2
+platform: ruby
+authors: 
+- Azul
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-08-06 00:00:00 Z
+dependencies: []
+
+description: SRP client and server based on version 6 of the standard
+email: 
+- azul@leap.se
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitmodules
+- Readme.md
+- example/config.ru
+- example/http-srp.rb
+- example/models/log.rb
+- example/models/user.rb
+- example/public/bootstrap-responsive.min.css
+- example/public/bootstrap.min.css
+- example/public/example.css
+- example/public/glyphicons-halflings.png
+- example/public/jquery.min.js
+- example/public/srp.js
+- example/public/ui.js
+- example/views/index.erb
+- example/views/layout.erb
+- example/views/login.erb
+- example/views/signup.erb
+- example/views/verify.erb
+- lib/ruby-srp.rb
+- lib/srp/authentication.rb
+- lib/srp/client.rb
+- lib/srp/util.rb
+- ruby-srp.gemspec
+- test/auth_test.rb
+- test/test_helper.rb
+homepage: http://github.com/leapdev/ruby.srp
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 23
+      segments: 
+      - 1
+      - 3
+      - 6
+      version: 1.3.6
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.15
+signing_key: 
+specification_version: 3
+summary: Secure remote password library for ruby
+test_files: []
+