ruby-srp 0.0.2 → 0.1.0

data/.travis.yml

@@ -0,0 +1,2 @@
+notifications:
+  email: false

data/Rakefile

@@ -0,0 +1,9 @@
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << "lib"
+  t.test_files = FileList['test/*test.rb']
+  t.verbose = true
+end
+
+task :default => :test

data/Readme.md

@@ -3,3 +3,5 @@
 ## Ruby-SRP
 
 Secure remote password for ruby.
+
+[![Build Status](https://secure.travis-ci.org/leapcode/ruby_srp.png?branch=master)](http://travis-ci.org/leapcode/ruby_srp) [![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/leapcode/ruby_srp)

data/lib/ruby-srp.rb

@@ -10,6 +10,8 @@ $:.unshift File.dirname(__FILE__)
 module SRP
   autoload :Client, 'srp/client'
   autoload :Authentication, 'srp/authentication'
+  autoload :Util, 'srp/util'
+  autoload :Session, 'srp/session'
   class WrongPassword < StandardError
   end
 end

data/lib/srp/client.rb

@@ -5,46 +5,37 @@ module SRP
 
     include Util
 
-    attr_reader :salt, :verifier
+    attr_reader :salt, :verifier, :username
 
-    def initialize(username, password)
+    def initialize(username, password, salt = nil)
       @username = username
       @password = password
-      @salt = "5d3055e0acd3ddcfc15".hex # bigrand(10).hex
-      @multiplier = multiplier # let's cache it
+      @salt = salt || bigrand(4).hex
       calculate_verifier
     end
 
-    def authenticate(server, username, password)
-      x = calculate_x(username, password, salt)
-      a = bigrand(32).hex
-      aa = modpow(GENERATOR, a, PRIME_N) # A = g^a (mod N)
-      bb = server.handshake(username, aa)
-      u = calculate_u(aa, bb, PRIME_N)
-      client_s = calculate_client_s(x, a, bb, u)
-      server.validate(calculate_m(aa, bb, client_s))
+    def authenticate(server)
+      @session = SRP::Session.new(self)
+      @session.handshake(server)
+      @session.validate(server)
+    end
+
+    def private_key
+      @private_key ||= calculate_private_key
     end
 
     protected
+
     def calculate_verifier
-      x = calculate_x(@username, @password, @salt)
-      @verifier = modpow(GENERATOR, x, PRIME_N)
-      @verifier
+      @verifier ||= modpow(GENERATOR, private_key)
     end
 
-    def calculate_x(username, password, salt)
-      shex = '%x' % [salt]
-      spad = "" # if shex.length.odd? then '0' else '' end
-      sha256_str(spad + shex + sha256_str([username, password].join(':'))).hex
+    def calculate_private_key
+      shex = '%x' % [@salt]
+      inner = sha256_str([@username, @password].join(':'))
+      sha256_hex(shex, inner).hex
     end
 
-    def calculate_client_s(x, a, bb, u)
-      base = bb
-      base += PRIME_N * @multiplier
-      base -= modpow(GENERATOR, x, PRIME_N) * @multiplier
-      base = base % PRIME_N
-      modpow(base, x * u + a, PRIME_N)
-    end
   end
 end
 

data/lib/srp/session.rb

@@ -0,0 +1,87 @@
+require File.expand_path(File.dirname(__FILE__) + '/util')
+
+module SRP
+  class Session
+    include Util
+    attr_accessor :user, :aa, :bb
+
+    def initialize(user, aa=nil)
+      @user = user
+      aa ? initialize_server(aa) : initialize_client
+    end
+
+    # client -> server: I, A = g^a
+    def handshake(server)
+      @bb = server.handshake(user.username, aa)
+      @u = calculate_u
+    end
+
+    # client -> server: M = H(H(N) xor H(g), H(I), s, A, B, K)
+    def validate(server)
+      server.validate(calculate_m(client_secret))
+    end
+
+    def authenticate!(m)
+      authenticate(m) || raise(SRP::WrongPassword)
+    end
+
+    def authenticate(m)
+      if(m == calculate_m(server_secret))
+        return calculate_m2
+      end
+    end
+
+    protected
+
+    # only seed b for testing purposes.
+    def initialize_server(aa, b = nil)
+      @aa = aa
+      @b =  b || bigrand(32).hex
+      # B = g^b + k v (mod N)
+      @bb = (modpow(GENERATOR, @b) + multiplier * @user.verifier) % BIG_PRIME_N
+      @u = calculate_u
+    end
+
+    def initialize_client
+      @a = bigrand(32).hex
+      @aa = modpow(GENERATOR, @a) # A = g^a (mod N)
+    end
+
+    # client: K = H( (B - kg^x) ^ (a + ux) )
+    def client_secret
+      base = @bb
+      # base += BIG_PRIME_N * @multiplier
+      base -= modpow(GENERATOR, @user.private_key) * multiplier
+      base = base % BIG_PRIME_N
+      modpow(base, @user.private_key * @u + @a)
+    end
+
+    # server: K = H( (Av^u) ^ b )
+    # do not cache this - it's secret and someone might store the
+    # session in a CookieStore
+    def server_secret
+      base = (modpow(@user.verifier, @u) * @aa) % BIG_PRIME_N
+      modpow(base, @b)
+    end
+
+    # this is outdated - SRP 6a uses
+    # M = H(H(N) xor H(g), H(I), s, A, B, K)
+    def calculate_m(secret)
+      @k = sha256_int(secret).hex
+      n_xor_g_long = hn_xor_hg.bytes.map{|b| "%02x" % b.ord}.join.hex
+      username_hash = sha256_str(@user.username).hex
+      @m = sha256_int(n_xor_g_long, username_hash, @user.salt, @aa, @bb, @k).hex
+    end
+
+    def calculate_m2
+      sha256_int(@aa, @m, @k).hex
+    end
+
+    def calculate_u
+      sha256_int(@aa, @bb).hex
+    end
+  end
+end
+
+
+

data/lib/srp/util.rb

@@ -10,7 +10,7 @@ module SRP
 115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3
     EOS
 
-    BIG_PRIME_N = <<-EOS # 1024 bits modulus (N)
+    BIG_PRIME_N = <<-EOS.split.join.hex # 1024 bits modulus (N)
 eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c25657
 6d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089da
 d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
@@ -19,8 +19,12 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     EOS
     GENERATOR = 2 # g
 
+    def hn_xor_hg
+      byte_xor_hex(sha256_int(BIG_PRIME_N), sha256_int(GENERATOR))
+    end
+
     # a^n (mod m)
-    def modpow(a, n, m)
+    def modpow(a, n, m = BIG_PRIME_N)
       r = 1
       while true
         r = r * a % m if n[0] == 1
@@ -30,8 +34,15 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
       end
     end
 
-    def sha256_hex(h)
-      Digest::SHA2.hexdigest([h].pack('H*'))
+    #  Hashes the (long) int args
+    def sha256_int(*args)
+      sha256_hex(*args.map{|a| "%02x" % a})
+    end
+
+    #  Hashes the hex args
+    def sha256_hex(*args)
+      h = args.join('')
+      sha256_str([h].pack('H*'))
     end
 
     def sha256_str(s)
@@ -43,34 +54,26 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
     end
 
     def multiplier
-      return "c46d46600d87fef149bd79b81119842f3c20241fda67d06ef412d8f6d9479c58".hex % PRIME_N
       @k ||= calculate_multiplier
     end
 
     protected
 
     def calculate_multiplier
-      n = PRIME_N
-      g = GENERATOR
-      nhex = '%x' % [n]
-      nlen = nhex.length + (nhex.length.odd? ? 1 : 0 )
-      ghex = '%x' % [g]
-      hashin = '0' * (nlen - nhex.length) + nhex \
-        + '0' * (nlen - ghex.length) + ghex
-      sha256_hex(hashin).hex % n
+      sha256_int(BIG_PRIME_N, GENERATOR).hex
     end
 
-    def calculate_m(aa, bb, s)
-      hashin = '%x%x%x' % [aa, bb, s]
-      sha256_str(hashin).hex
+    # turn two hex strings into byte arrays and xor them
+    #
+    # returns byte array
+    def byte_xor_hex(a, b)
+      a = [a].pack('H*')
+      b = [b].pack('H*')
+      a.bytes.each_with_index.map do |a_byte, i|
+        (a_byte ^ (b[i] || 0)).chr
+      end.join
     end
 
-    def calculate_u(aa, bb, n)
-      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
-      aahex = '%x' % [aa]
-      bbhex = '%x' % [bb]
-      return sha256_str("%x%x" % [aa, bb]).hex
-    end
   end
 
 end

data/ruby-srp.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name              = "ruby-srp"
-  s.version           = "0.0.2"
+  s.version           = "0.1.0"
   s.platform          = Gem::Platform::RUBY
   s.authors           = ["Azul"]
   s.email             = ["azul@leap.se"]

data/test/auth_test.rb

@@ -1,23 +1,25 @@
 require File.expand_path(File.dirname(__FILE__) + '/test_helper')
 
-class User
+# single user test server.
+# You obviously want sth. different for real life.
+class Server
 
-  include SRP::Authentication
+  attr_accessor :salt, :verifier, :username
 
-  attr_accessor :salt, :verifier
-
-  def initialize(salt, verifier)
+  def initialize(salt, verifier, username)
     @salt = salt
     @verifier = verifier
+    @username = username
   end
 
   def handshake(login, aa)
-    @session = initialize_auth(aa)
+    # this can be serialized and needs to be persisted between requests
+    @session = SRP::Session.new(self, aa)
     return @session.bb
   end
 
   def validate(m)
-    authenticate(m, @session)
+    @session.authenticate(m)
   end
 
 end
@@ -28,19 +30,21 @@ class AuthTest < Test::Unit::TestCase
     @username = 'user'
     @password = 'opensesami'
     @client = SRP::Client.new(@username, @password)
-    @server = User.new(@client.salt, @client.verifier)
+    @server = Server.new(@client.salt, @client.verifier, @username)
   end
 
   def test_successful_auth
-    assert @client.authenticate(@server, @username, @password)
+    assert @client.authenticate(@server)
   end
 
-  def test_wrong_password
-    assert !@client.authenticate(@server, @username, "wrong password")
+  def test_a_wrong_password
+    client = SRP::Client.new(@username, "wrong password", @client.salt)
+    assert !client.authenticate(@server)
   end
 
   def test_wrong_username
-    assert !@client.authenticate(@server, "wrong username", @password)
+    client = SRP::Client.new("wrong username", @password, @client.salt)
+    assert !client.authenticate(@server)
   end
 end
 

data/test/client_test.rb

@@ -0,0 +1,27 @@
+require File.expand_path(File.dirname(__FILE__) + '/test_helper')
+
+class ClientTest < Test::Unit::TestCase
+
+  def setup
+    @login = "testuser"
+    @password = "password"
+  end
+
+  def test_calculation_of_private_key
+    @client = SRP::Client.new(@login, @password, "7686acb8".hex)
+    assert_equal "84d6bb567ddf584b1d8c8728289644d45dbfbb02deedd05c0f64db96740f0398",
+      "%x" % @client.send(:private_key)
+  end
+
+  # using python srp:
+  # s,V = pysrp.create_salted_verification_key("testuser", "password", pysrp.SHA256, pysrp.NG_1024)
+
+  def test_verifier
+    @client = SRP::Client.new(@login, @password, '4c78c3f8'.hex)
+    v = '474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c'
+    assert_equal v, "%x" % @client.verifier
+  end
+end
+
+
+

data/test/session_test.rb

@@ -0,0 +1,28 @@
+require File.expand_path(File.dirname(__FILE__) + '/test_helper')
+
+class SessionTest < Test::Unit::TestCase
+
+  attr_accessor :salt, :verifier, :username
+
+  def setup
+    @username = "testuser"
+    @password = "password"
+    @salt = '4c78c3f8'.hex
+    @client = SRP::Client.new(@username, @password, @salt)
+    @verifier = @client.verifier
+  end
+
+  def test_equivalance_to_py_srp
+    aa = '9ff9d176b37d9100ad4d788b94ef887df6c88786f5fa2419c9a964001e1c1fa5cd22ea39dcf27682dac6cd8861d9de88184653451fd47f5654845ed24e828d531f95c44377c9bc3f5dd83a669716257c7b975a3a032d4d8adb605553cf4d45c483d7aceb7e6a23c5bd4b0aeeb2ef138b7fc75b27d9d706851c3ab9c721710272'.hex
+    b = 'ce414b3b52d13a1f67416b7e00cdefb07c874291aed395efeab9435ec1ad6ac3'.hex
+    bb = 'b2e852fe7af02d7931186f4958844b829d2976dd58c7bc7928ba3102ff269a9029c707112ab0b7cafdaf86a760f7b50ddd9c847e0c97f564d53cfd52daf61982f06582d49bbb3ea4ad6be55d513028eaf400a6d5a9d26b47689d3438a552716d65680d1b6ee77df3c9b3b6ba61023985562f2be4a6f1723282a2013160594565'.hex
+    m = 'a0c066844117ffe7a7999f84356f3a7c8dce38e4e936eca2b6979ab0fce6ff6d'.hex
+    m2 = '1f4a5ba9c5280b5b752465670f351bb1e61ff9ca06e02ad43c4418affeb3a1ef'.hex
+    session = SRP::Session.new(self, aa)
+    session.send(:initialize_server, aa, b) # seeding b to compare to py_srp
+    assert_equal bb.to_s(16), session.bb.to_s(16)
+    assert_equal m2, session.authenticate(m)
+  end
+
+
+end

data/test/util_test.rb

@@ -0,0 +1,39 @@
+require File.expand_path(File.dirname(__FILE__) + '/test_helper')
+
+class UtilTest < Test::Unit::TestCase
+
+  include SRP::Util
+
+  # comparing to the hash created with python srp lib to make sure
+  # we use the same constants and hash the same way.
+  def test_sha256_of_prime
+    n = BIG_PRIME_N
+    nhex = '%x' % [n]
+    assert_equal "494b6a801b379f37c9ee25d5db7cd70ffcfe53d01b7c9e4470eaca46bda24b39",
+      sha256_hex(nhex)
+  end
+
+  def test_hashing
+    x = sha256_str("testuser:password")
+    assert_equal 'a5376a27a385bcd791d76cbd6484e1bde130129210e4647a4583e49f45de107f',
+      x
+  end
+
+  def test_packing_hex_to_byte_string
+    shex = "7686acb8"
+    assert_equal [118, 134, 172, 184].pack('C*'), [shex].pack('H*')
+  end
+
+  def test_multiplier
+    # >>> "%x" % pysrp.H(sha, N, g)
+    assert_equal 'bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0',
+      "%x" % multiplier
+  end
+
+  def test_hn_xor_hg
+    # >>> binascii.hexlify (pysrp.HNxorg(hashlib.sha256, N, g))
+    assert_equal '928ade491bc87bba9eb578701d44d30ed9080e60e542ba0d3b9c20ded9f592bf',
+      hn_xor_hg.bytes.map{|b| "%02x" % b.ord}.join
+  end
+
+end

metadata

@@ -5,9 +5,9 @@ version: !ruby/object:Gem::Version
   prerelease: 
   segments: 
   - 0
+  - 1
   - 0
-  - 2
-  version: 0.0.2
+  version: 0.1.0
 platform: ruby
 authors: 
 - Azul
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-08-06 00:00:00 Z
+date: 2012-10-05 00:00:00 Z
 dependencies: []
 
 description: SRP client and server based on version 6 of the standard
@@ -29,6 +29,8 @@ extra_rdoc_files: []
 
 files: 
 - .gitmodules
+- .travis.yml
+- Rakefile
 - Readme.md
 - example/config.ru
 - example/http-srp.rb
@@ -47,12 +49,15 @@ files:
 - example/views/signup.erb
 - example/views/verify.erb
 - lib/ruby-srp.rb
-- lib/srp/authentication.rb
 - lib/srp/client.rb
+- lib/srp/session.rb
 - lib/srp/util.rb
 - ruby-srp.gemspec
 - test/auth_test.rb
+- test/client_test.rb
+- test/session_test.rb
 - test/test_helper.rb
+- test/util_test.rb
 homepage: http://github.com/leapdev/ruby.srp
 licenses: []
 

data/lib/srp/authentication.rb

@@ -1,59 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/util')
-
-module SRP
-  module Authentication
-
-    include Util
-
-    class Session
-      include Util
-      attr_accessor :aa, :bb
-
-      def initialize(aa, verifier)
-        @aa = aa
-        @b = bigrand(32).hex
-        # B = g^b + k v (mod N)
-        @bb = (modpow(GENERATOR, @b, PRIME_N) + multiplier * verifier) % PRIME_N
-      end
-
-      def u
-        calculate_u(aa, bb, PRIME_N)
-      end
-
-      # do not cache this - it's secret and someone might store the
-      # session in a CookieStore
-      def secret(verifier)
-        base = (modpow(verifier, u, PRIME_N) * aa) % PRIME_N
-        modpow(base, @b, PRIME_N)
-      end
-
-      def m1(verifier)
-        calculate_m(aa, bb, secret(verifier))
-      end
-
-      def m2(m1, verifier)
-        calculate_m(aa, m1, secret(verifier))
-      end
-
-    end
-
-    def initialize_auth(aa)
-      return Session.new(aa, verifier)
-    end
-
-    def authenticate!(m, session)
-      authenticate(m, session) || raise(SRP::WrongPassword)
-    end
-
-    def authenticate(m, session)
-      if(m == session.m1(verifier))
-        return session.m2(m, verifier)
-      end
-    end
-
-
-  end
-
-end
-
-