ruby_home-srp 1.1.1 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ruby_home-srp.rb +65 -3
- data/lib/ruby_home-srp/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c2765c12b81526b0ac2b75ecb5a9fb72dc8eb9eacd15f202eae42b48173b7626
|
|
4
|
+
data.tar.gz: 1ce14f917cfb48914bf3672c86daf6f7eea433008818405acadc943dd68251ef
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6928695e8eddf92efce441554245f9fc434cd44da83225c25fa0c041ae87020acc14a375726094c9e746eb165a5994be68f991291efbab1e21171810aa0f6e1e
|
|
7
|
+
data.tar.gz: 345af332b94174d2fc10f16700be59a2d6a407dd8c53d49841efd862499d6150659ff0b09ad463e5614b1fb6f6d6a4064bbf0120d7b27eaffe875bf886db46e2
|
data/lib/ruby_home-srp.rb
CHANGED
|
@@ -26,7 +26,7 @@ module RubyHome
|
|
|
26
26
|
next unless s
|
|
27
27
|
shex = s.class == String ? s : '%x' % s
|
|
28
28
|
if shex.length > nlen
|
|
29
|
-
|
|
29
|
+
raise 'Bit width does not match - client uses different prime'
|
|
30
30
|
end
|
|
31
31
|
'0' * (nlen - shex.length) + shex
|
|
32
32
|
}.join('')
|
|
@@ -97,7 +97,7 @@ module RubyHome
|
|
|
97
97
|
|
|
98
98
|
class Verifier < ::SRP::Verifier
|
|
99
99
|
attr_reader :u
|
|
100
|
-
attr_writer :salt
|
|
100
|
+
attr_writer :salt, :b
|
|
101
101
|
|
|
102
102
|
def initialize group=3072
|
|
103
103
|
# select modulus (N) and generator (g)
|
|
@@ -173,7 +173,69 @@ module RubyHome
|
|
|
173
173
|
def generate_B xverifier
|
|
174
174
|
v = xverifier.to_i(16)
|
|
175
175
|
@b ||= random_bignum
|
|
176
|
-
@B = '%x' % SRP.calc_B(@b, k, v, @N, @g.hex)
|
|
176
|
+
@B = '%x' % SRP.calc_B(@b, @k, v, @N, @g.hex)
|
|
177
|
+
end
|
|
178
|
+
end
|
|
179
|
+
|
|
180
|
+
class Client < ::SRP::Client
|
|
181
|
+
attr_writer :a
|
|
182
|
+
|
|
183
|
+
def initialize group=3072
|
|
184
|
+
# select modulus (N) and generator (g)
|
|
185
|
+
@N, @g = SRP.Ng group
|
|
186
|
+
@k = SRP.calc_k(@N, @g)
|
|
187
|
+
end
|
|
188
|
+
|
|
189
|
+
# Phase 1 : Step 1 : Start the authentication process by generating the
|
|
190
|
+
# client 'a' and 'A' values. Public 'A' should later be sent along with
|
|
191
|
+
# the username, to the server verifier to continue the auth process. The
|
|
192
|
+
# internal secret 'a' value should remain private.
|
|
193
|
+
#
|
|
194
|
+
# @return [String] the value of 'A' in hex
|
|
195
|
+
def start_authentication
|
|
196
|
+
@a ||= SecureRandom.hex(32).hex
|
|
197
|
+
@A = "%x" % SRP.calc_A(@a, @N, @g.hex)
|
|
198
|
+
end
|
|
199
|
+
|
|
200
|
+
# Phase 2 : Step 1 : Process the salt and B values provided by the server.
|
|
201
|
+
#
|
|
202
|
+
# @param username [String] the client provided authentication username
|
|
203
|
+
# @param password [String] the client provided authentication password
|
|
204
|
+
# @param xsalt [String] the server provided salt for the username in hex
|
|
205
|
+
# @param xbb [String] the server verifier 'B' value in hex
|
|
206
|
+
# @return [String] the client 'M' value in hex
|
|
207
|
+
def process_challenge(username, password, xsalt, xbb)
|
|
208
|
+
raise ArgumentError, 'username must be a string' unless username.is_a?(String) && !username.empty?
|
|
209
|
+
raise ArgumentError, 'password must be a string' unless password.is_a?(String) && !password.empty?
|
|
210
|
+
raise ArgumentError, 'xsalt must be a string' unless xsalt.is_a?(String)
|
|
211
|
+
raise ArgumentError, 'xsalt must be a hex string' unless xsalt =~ /^[a-fA-F0-9]+$/
|
|
212
|
+
raise ArgumentError, 'xbb must be a string' unless xbb.is_a?(String)
|
|
213
|
+
raise ArgumentError, 'xbb must be a hex string' unless xbb =~ /^[a-fA-F0-9]+$/
|
|
214
|
+
|
|
215
|
+
# Convert the 'B' hex value to an Integer
|
|
216
|
+
bb = xbb.to_i(16)
|
|
217
|
+
|
|
218
|
+
# SRP-6a safety check
|
|
219
|
+
return false if (bb % @N).zero?
|
|
220
|
+
|
|
221
|
+
x = SRP.calc_x(username, password, xsalt)
|
|
222
|
+
u = SRP.calc_u(@A, xbb, @N)
|
|
223
|
+
|
|
224
|
+
# SRP-6a safety check
|
|
225
|
+
return false if u.zero?
|
|
226
|
+
|
|
227
|
+
# Calculate session key 'S' and secret key 'K'
|
|
228
|
+
@S = '%x' % SRP.calc_client_S(bb, @a, @k, x, u, @N, @g.hex)
|
|
229
|
+
@K = SRP.sha512_hex(@S)
|
|
230
|
+
|
|
231
|
+
# Calculate the 'M' matcher
|
|
232
|
+
@M = SRP.calc_M(username, xsalt, @A, xbb, @K, @N, @g)
|
|
233
|
+
|
|
234
|
+
# Calculate the H(A,M,K) verifier
|
|
235
|
+
@H_AMK = '%x' % SRP.calc_H_AMK(@A, '%x' % @M, @K, @N, @g)
|
|
236
|
+
|
|
237
|
+
# Return the 'M' matcher to be sent to the server
|
|
238
|
+
'%x' % @M
|
|
177
239
|
end
|
|
178
240
|
end
|
|
179
241
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_home-srp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Karl Entwistle
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-06-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: srp-rb
|