ruby_home-srp 1.2.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ruby_home-srp.rb +16 -15
- data/lib/ruby_home-srp/core_ext/integer.rb +11 -0
- data/lib/ruby_home-srp/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 25c1031ea96aad4daa522389f599b23cf9b148998204c52dd2c1b881258fd2e0
|
|
4
|
+
data.tar.gz: 301889c571ab47dca2a89ef3892245f0139824330ca3369f0a8321a531fe9e86
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 40feab5b7ebdae59b7a151192ee8db6f0ce0d08e31e86389ab2da20f8e53436c6438097607f82d76171f2cd013e536c63374d83e181db11192a69e1c6d2db9ac
|
|
7
|
+
data.tar.gz: 923941e50d2632883cd71db798c824450d7e3309204b3a46754e0ada580471dcffa421601bf878d2d937c70eef7e7e082331de3b95f403878f8c45395b249d50
|
data/lib/ruby_home-srp.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require 'securerandom'
|
|
2
2
|
require 'srp'
|
|
3
|
+
require_relative 'ruby_home-srp/core_ext/integer'
|
|
3
4
|
|
|
4
5
|
module RubyHome
|
|
5
6
|
module SRP
|
|
@@ -21,10 +22,10 @@ module RubyHome
|
|
|
21
22
|
# hashing function with padding.
|
|
22
23
|
# Input is prefixed with 0 to meet N hex width.
|
|
23
24
|
def H(n, *a)
|
|
24
|
-
nlen = 2 * (((
|
|
25
|
+
nlen = 2 * (((n.to_hex_string).length * 4 + 7) >> 3)
|
|
25
26
|
hashin = a.map {|s|
|
|
26
27
|
next unless s
|
|
27
|
-
shex = s.class == String ? s :
|
|
28
|
+
shex = s.class == String ? s : s.to_hex_string
|
|
28
29
|
if shex.length > nlen
|
|
29
30
|
raise 'Bit width does not match - client uses different prime'
|
|
30
31
|
end
|
|
@@ -53,9 +54,9 @@ module RubyHome
|
|
|
53
54
|
|
|
54
55
|
# M = H(H(N) xor H(g), H(I), s, A, B, K)
|
|
55
56
|
def calc_M(username, xsalt, xaa, xbb, xkk, n, g)
|
|
56
|
-
hn = sha512_hex(
|
|
57
|
+
hn = sha512_hex(n.to_hex_string).hex
|
|
57
58
|
hg = sha512_hex(g).hex
|
|
58
|
-
hxor =
|
|
59
|
+
hxor = (hn ^ hg).to_hex_string
|
|
59
60
|
hi = sha512_str(username)
|
|
60
61
|
|
|
61
62
|
hashin = [hxor, hi, xsalt, xaa, xbb, xkk].join
|
|
@@ -112,7 +113,7 @@ module RubyHome
|
|
|
112
113
|
@salt ||= random_salt
|
|
113
114
|
x = SRP.calc_x(username, password, @salt)
|
|
114
115
|
v = SRP.calc_v(x, @N, @g.hex)
|
|
115
|
-
return {:username => username, :verifier =>
|
|
116
|
+
return {:username => username, :verifier => v.to_hex_string, :salt => @salt}
|
|
116
117
|
end
|
|
117
118
|
|
|
118
119
|
# Authentication phase 1 - create challenge.
|
|
@@ -122,7 +123,7 @@ module RubyHome
|
|
|
122
123
|
generate_B(xverifier)
|
|
123
124
|
return {
|
|
124
125
|
:challenge => {:B => @B, :salt => xsalt},
|
|
125
|
-
:proof => {:B => @B, :b =>
|
|
126
|
+
:proof => {:B => @B, :b => @b.to_hex_string, :I => username, :s => xsalt, :v => xverifier}
|
|
126
127
|
}
|
|
127
128
|
end
|
|
128
129
|
|
|
@@ -142,15 +143,15 @@ module RubyHome
|
|
|
142
143
|
return false if @u == 0
|
|
143
144
|
|
|
144
145
|
# calculate session key
|
|
145
|
-
@S =
|
|
146
|
+
@S = SRP.calc_server_S(@A.to_i(16), @b, v, @u, @N).to_hex_string
|
|
146
147
|
@K = SRP.sha512_hex(@S)
|
|
147
148
|
|
|
148
149
|
# calculate match
|
|
149
|
-
@M =
|
|
150
|
+
@M = SRP.calc_M(username, xsalt, @A, @B, @K, @N, @g).to_hex_string
|
|
150
151
|
|
|
151
152
|
if @M == client_M
|
|
152
153
|
# authentication succeeded
|
|
153
|
-
@H_AMK =
|
|
154
|
+
@H_AMK = SRP.calc_H_AMK(@A, @M, @K, @N, @g).to_hex_string
|
|
154
155
|
return @H_AMK
|
|
155
156
|
end
|
|
156
157
|
return false
|
|
@@ -165,7 +166,7 @@ module RubyHome
|
|
|
165
166
|
end
|
|
166
167
|
|
|
167
168
|
def u
|
|
168
|
-
|
|
169
|
+
@u.to_hex_string
|
|
169
170
|
end
|
|
170
171
|
|
|
171
172
|
# generates challenge
|
|
@@ -173,7 +174,7 @@ module RubyHome
|
|
|
173
174
|
def generate_B xverifier
|
|
174
175
|
v = xverifier.to_i(16)
|
|
175
176
|
@b ||= random_bignum
|
|
176
|
-
@B =
|
|
177
|
+
@B = SRP.calc_B(@b, @k, v, @N, @g.hex).to_hex_string
|
|
177
178
|
end
|
|
178
179
|
end
|
|
179
180
|
|
|
@@ -194,7 +195,7 @@ module RubyHome
|
|
|
194
195
|
# @return [String] the value of 'A' in hex
|
|
195
196
|
def start_authentication
|
|
196
197
|
@a ||= SecureRandom.hex(32).hex
|
|
197
|
-
@A =
|
|
198
|
+
@A = SRP.calc_A(@a, @N, @g.hex).to_hex_string
|
|
198
199
|
end
|
|
199
200
|
|
|
200
201
|
# Phase 2 : Step 1 : Process the salt and B values provided by the server.
|
|
@@ -225,17 +226,17 @@ module RubyHome
|
|
|
225
226
|
return false if u.zero?
|
|
226
227
|
|
|
227
228
|
# Calculate session key 'S' and secret key 'K'
|
|
228
|
-
@S =
|
|
229
|
+
@S = SRP.calc_client_S(bb, @a, @k, x, u, @N, @g.hex).to_hex_string
|
|
229
230
|
@K = SRP.sha512_hex(@S)
|
|
230
231
|
|
|
231
232
|
# Calculate the 'M' matcher
|
|
232
233
|
@M = SRP.calc_M(username, xsalt, @A, xbb, @K, @N, @g)
|
|
233
234
|
|
|
234
235
|
# Calculate the H(A,M,K) verifier
|
|
235
|
-
@H_AMK =
|
|
236
|
+
@H_AMK = SRP.calc_H_AMK(@A, @M.to_hex_string, @K, @N, @g).to_hex_string
|
|
236
237
|
|
|
237
238
|
# Return the 'M' matcher to be sent to the server
|
|
238
|
-
|
|
239
|
+
@M.to_hex_string
|
|
239
240
|
end
|
|
240
241
|
end
|
|
241
242
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_home-srp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Karl Entwistle
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-07-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: srp-rb
|
|
@@ -62,6 +62,7 @@ extensions: []
|
|
|
62
62
|
extra_rdoc_files: []
|
|
63
63
|
files:
|
|
64
64
|
- lib/ruby_home-srp.rb
|
|
65
|
+
- lib/ruby_home-srp/core_ext/integer.rb
|
|
65
66
|
- lib/ruby_home-srp/version.rb
|
|
66
67
|
- spec/spec_helper.rb
|
|
67
68
|
homepage: https://github.com/karlentwistle/ruby_home-srp
|