srp-rb 1.0.0

data/lib/srp-rb.rb

@@ -0,0 +1,446 @@
+# -*- encoding: utf-8 -*-
+=begin
+This is a pure Ruby implementation of the Secure Remote
+Password protocol (SRP-6a). SRP is a cryptographically
+strong authentication protocol for password-based, mutual
+authentication over an insecure network connection.
+
+References
+ * http://srp.stanford.edu/
+ * http://srp.stanford.edu/demo/demo.html
+
+Copyright (c) 2012, Mikael Lammentausta
+All rights reserved.
+
+Following is the New BSD license:
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the Python Software Foundation nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL TOM COCAGNE BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+=end
+require "digest"
+require "openssl"
+require "srp-rb/version"
+
+module SRP
+  class << self
+
+    def sha1_hex(h)
+      Digest::SHA1.hexdigest([h].pack('H*'))
+    end
+
+    def sha1_str(s)
+      Digest::SHA1.hexdigest(s)
+    end
+
+    def bigrand(bytes)
+      OpenSSL::Random.random_bytes(bytes).unpack("H*")[0]
+    end
+
+    # a^n (mod m)
+    def modpow(a, n, m)
+      r = 1
+      while true
+        r = r * a % m if n[0] == 1
+        n >>= 1
+        return r if n == 0
+        a = a * a % m
+      end
+    end
+
+    # SHA1 hashing function with padding.
+    # Input is prefixed with 0 to meet N hex width.
+    def H(n, *a)
+      nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
+      hashin = a.map {|s|
+        next unless s
+        shex = s.class == String ? s : "%x" % s
+        if shex.length > nlen
+            raise "Bit width does not match - client uses different prime"
+        end
+        "0" * (nlen - shex.length) + shex
+      }.join('')
+      sha1_hex(hashin).hex % n
+    end
+
+    # Multiplier parameter
+    # k = H(N, g)   (in SRP-6a)
+    def calc_k(n, g)
+      H(n, n, g)
+    end
+
+    # Private key (derived from username, raw password and salt)
+    # x = H(salt || H(username || ':' || password))
+    def calc_x(username, password, salt)
+      spad = if salt.length.odd? then '0' else '' end
+      sha1_hex(spad + salt + sha1_str([username, password].join(':'))).hex
+    end
+
+    # Random scrambling parameter
+    # u = H(A, B)
+    def calc_u(xaa, xbb, n)
+      H(n, xaa, xbb)
+    end
+
+    # Password verifier
+    # v = g^x (mod N)
+    def calc_v(x, n, g)
+      modpow(g, x, n)
+    end
+
+    # A = g^a (mod N)
+    def calc_A(a, n, g)
+      modpow(g, a, n)
+    end
+
+    # B = g^b + k v (mod N)
+    def calc_B(b, k, v, n, g)
+      (modpow(g, b, n) + k * v) % n
+    end
+
+    # Client secret
+    # S = (B - (k * g^x)) ^ (a + (u * x)) % N
+    def calc_client_S(bb, a, k, x, u, n, g)
+      modpow((bb - k * modpow(g, x, n)) % n, (a+ x * u), n)
+    end
+
+    # Server secret
+    # S = (A * v^u) ^ b % N
+    def calc_server_S(aa, b, v, u, n)
+      modpow((modpow(v, u, n) * aa), b, n)
+    end
+
+    # M = H(H(N) xor H(g), H(I), s, A, B, K)
+    def calc_M(username, xsalt, xaa, xbb, xkk, n, g)
+      hn = sha1_hex("%x" % n).hex
+      hg = sha1_hex("%x" % g).hex
+      hxor = "%x" % (hn ^ hg)
+      hi = sha1_str(username)
+      return H(n, hxor, hi, xsalt, xaa, xbb, xkk)
+    end
+
+    # H(A, M, K)
+    def calc_H_AMK(xaa, xmm, xkk, n, g)
+      H(n, xaa, xmm, xkk)
+    end
+
+    def Ng(group)
+      case group
+      when 1024
+        @N = %w{
+          EEAF0AB9 ADB38DD6 9C33F80A FA8FC5E8 60726187 75FF3C0B 9EA2314C
+          9C256576 D674DF74 96EA81D3 383B4813 D692C6E0 E0D5D8E2 50B98BE4
+          8E495C1D 6089DAD1 5DC7D7B4 6154D6B6 CE8EF4AD 69B15D49 82559B29
+          7BCF1885 C529F566 660E57EC 68EDBC3C 05726CC0 2FD4CBF4 976EAA9A
+          FD5138FE 8376435B 9FC61D2F C0EB06E3
+        }.join.hex
+        @g = 2
+
+      when 1536
+        @N = %w{
+          9DEF3CAF B939277A B1F12A86 17A47BBB DBA51DF4 99AC4C80 BEEEA961
+          4B19CC4D 5F4F5F55 6E27CBDE 51C6A94B E4607A29 1558903B A0D0F843
+          80B655BB 9A22E8DC DF028A7C EC67F0D0 8134B1C8 B9798914 9B609E0B
+          E3BAB63D 47548381 DBC5B1FC 764E3F4B 53DD9DA1 158BFD3E 2B9C8CF5
+          6EDF0195 39349627 DB2FD53D 24B7C486 65772E43 7D6C7F8C E442734A
+          F7CCB7AE 837C264A E3A9BEB8 7F8A2FE9 B8B5292E 5A021FFF 5E91479E
+          8CE7A28C 2442C6F3 15180F93 499A234D CF76E3FE D135F9BB
+        }.join.hex
+        @g = 2
+
+      when 2048
+        @N = %w{
+          AC6BDB41 324A9A9B F166DE5E 1389582F AF72B665 1987EE07 FC319294
+          3DB56050 A37329CB B4A099ED 8193E075 7767A13D D52312AB 4B03310D
+          CD7F48A9 DA04FD50 E8083969 EDB767B0 CF609517 9A163AB3 661A05FB
+          D5FAAAE8 2918A996 2F0B93B8 55F97993 EC975EEA A80D740A DBF4FF74
+          7359D041 D5C33EA7 1D281E44 6B14773B CA97B43A 23FB8016 76BD207A
+          436C6481 F1D2B907 8717461A 5B9D32E6 88F87748 544523B5 24B0D57D
+          5EA77A27 75D2ECFA 032CFBDB F52FB378 61602790 04E57AE6 AF874E73
+          03CE5329 9CCC041C 7BC308D8 2A5698F3 A8D0C382 71AE35F8 E9DBFBB6
+          94B5C803 D89F7AE4 35DE236D 525F5475 9B65E372 FCD68EF2 0FA7111F
+          9E4AFF73
+        }.join.hex
+        @g = 2
+
+      when 3072
+        @N = %w{
+          FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08
+          8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B
+          302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9
+          A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6
+          49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8
+          FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+          670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C
+          180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718
+          3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D
+          04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D
+          B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226
+          1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+          BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC
+          E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF
+        }.join.hex
+        @g = 5
+
+      when 4096
+        @N = %w{
+          FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08
+          8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B
+          302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9
+          A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6
+          49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8
+          FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+          670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C
+          180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718
+          3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D
+          04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D
+          B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226
+          1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+          BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC
+          E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26
+          99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB
+          04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2
+          233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127
+          D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199
+          FFFFFFFF FFFFFFFF
+        }.join.hex
+        @g = 5
+
+      when 6144
+        @N = %w{
+          FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08
+          8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B
+          302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9
+          A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6
+          49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8
+          FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+          670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C
+          180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718
+          3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D
+          04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D
+          B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226
+          1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+          BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC
+          E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26
+          99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB
+          04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2
+          233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127
+          D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492
+          36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406
+          AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918
+          DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151
+          2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03
+          F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F
+          BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA
+          CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B
+          B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632
+          387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E
+          6DCC4024 FFFFFFFF FFFFFFFF
+        }.join.hex
+        @g = 5
+
+      when 8192
+        @N = %w{
+          FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08
+          8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B
+          302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9
+          A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6
+          49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8
+          FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+          670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C
+          180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718
+          3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D
+          04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D
+          B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226
+          1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+          BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC
+          E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26
+          99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB
+          04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2
+          233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127
+          D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492
+          36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406
+          AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918
+          DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151
+          2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03
+          F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F
+          BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA
+          CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B
+          B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632
+          387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E
+          6DBE1159 74A3926F 12FEE5E4 38777CB6 A932DF8C D8BEC4D0 73B931BA
+          3BC832B6 8D9DD300 741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C
+          5AE4F568 3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9
+          22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B 4BCBC886
+          2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A 062B3CF5 B3A278A6
+          6D2A13F8 3F44F82D DF310EE0 74AB6A36 4597E899 A0255DC1 64F31CC5
+          0846851D F9AB4819 5DED7EA1 B1D510BD 7EE74D73 FAF36BC3 1ECFA268
+          359046F4 EB879F92 4009438B 481C6CD7 889A002E D5EE382B C9190DA6
+          FC026E47 9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71
+          60C980DD 98EDD3DF FFFFFFFF FFFFFFFF
+        }.join.hex
+        @g = 19
+
+      else
+        raise NotImplementedError
+      end
+      return [@N, @g]
+    end
+  end
+
+
+  class Verifier
+    attr_reader :N, :g, :k, :A, :B, :b, :S, :K, :M, :H_AMK
+
+    def initialize group=1024
+      # select modulus (N) and generator (g)
+      @N, @g = SRP.Ng group
+      @k = SRP.calc_k(@N, @g)
+    end
+
+    # Initial user creation for the persistance layer.
+    # Not part of the authentication process.
+    # Returns { <username>, <password verifier>, <salt> }
+    def generate_userauth username, password
+      @salt ||= random_salt
+      x = SRP.calc_x(username, password, @salt)
+      v = SRP.calc_v(x, @N, @g)
+      return {:username => username, :verifier => "%x" % v, :salt => @salt}
+    end
+
+    # Authentication phase 1 - create challenge.
+    # Returns Hash with challenge for client and proof to be stored on server.
+    # Parameters should be given in hex.
+    def get_challenge_and_proof username, xverifier, xsalt, xaa
+      # SRP-6a safety check
+      return false if (xaa.to_i(16) % @N) == 0
+      generate_B(xverifier)
+      return {
+        :challenge    => {:B => @B, :salt => xsalt},
+        :proof        => {:A => xaa, :B => @B, :b => "%x" % @b,
+                          :I => username, :s => xsalt, :v => xverifier}
+      }
+    end
+
+    # returns H_AMK on success, None on failure
+    # User -> Host:  M = H(H(N) xor H(g), H(I), s, A, B, K)
+    # Host -> User:  H(A, M, K)
+    def verify_session proof, client_M
+      @A = proof[:A]
+      @B = proof[:B]
+      @b = proof[:b].to_i(16)
+      username = proof[:I]
+      xsalt = proof[:s]
+      v = proof[:v].to_i(16)
+
+      u = SRP.calc_u(@A, @B, @N)
+      # SRP-6a safety check
+      return false if u == 0
+
+      # calculate session key
+      @S = "%x" % SRP.calc_server_S(@A.to_i(16), @b, v, u, @N)
+      @K = SRP.sha1_hex(@S)
+
+      # calculate match
+      @M = "%x" % SRP.calc_M(username, xsalt, @A, @B, @K, @N, @g)
+
+      if @M == client_M
+        # authentication succeeded
+        @H_AMK = "%x" % SRP.calc_H_AMK(@A, @M, @K, @N, @g)
+        return @H_AMK
+      end
+      return false
+    end
+
+    def random_salt
+      "%x" % SRP.bigrand(10).hex
+    end
+
+    def random_bignum
+      SRP.bigrand(32).hex
+    end
+
+    # generates challenge
+    # input verifier in hex
+    def generate_B xverifier
+      v = xverifier.to_i(16)
+      @b ||= random_bignum
+      @B = "%x" % SRP.calc_B(@b, k, v, @N, @g)
+    end
+  end # Verifier
+
+
+  class Client
+    attr_reader :N, :g, :k, :a, :A, :S, :K, :M, :H_AMK
+
+    def initialize group=1024
+      # select modulus (N) and generator (g)
+      @N, @g = SRP.Ng group
+      @k = SRP.calc_k(@N, @g)
+    end
+
+    def start_authentication
+      generate_A
+    end
+
+    # Process initiated authentication challenge.
+    # Returns M if authentication is successful, false otherwise.
+    # Salt and B should be given in hex.
+    def process_challenge username, password, xsalt, xbb
+      bb = xbb.to_i(16)
+      # SRP-6a safety check
+      return false if (bb % @N) == 0
+
+      x = SRP.calc_x(username, password, xsalt)
+      u = SRP.calc_u(@A, xbb, @N)
+
+      # SRP-6a safety check
+      return false if u == 0
+
+      # calculate session key
+      @S = "%x" % SRP.calc_client_S(bb, @a, @k, x, u, @N, @g)
+      @K = SRP.sha1_hex(@S)
+
+      # calculate match
+      @M = "%x" % SRP.calc_M(username, xsalt, @A, xbb, @K, @N, @g)
+
+      # calculate verifier
+      @H_AMK = "%x" % SRP.calc_H_AMK(@A, @M, @K, @N, @g)
+
+      return @M
+    end
+
+    def verify server_HAMK
+      return false unless @H_AMK
+      @H_AMK == server_HAMK
+    end
+
+    def random_bignum
+      SRP.bigrand(32).hex
+    end
+
+    def generate_A
+      @a ||= random_bignum
+      @A = "%x" % SRP.calc_A(@a, @N, @g)
+    end
+  end # Client
+end

data/lib/srp-rb/version.rb

@@ -0,0 +1,5 @@
+module Srp
+  module Rb
+    VERSION = "1.0.0"
+  end
+end

data/lib/srp.rb

@@ -0,0 +1 @@
+require 'srp-rb'

data/spec/srp_spec.rb

@@ -0,0 +1,474 @@
+# -*- encoding: utf-8 -*-
+=begin
+
+Copyright (c) 2012, Mikael Lammentausta
+All rights reserved.
+
+Following is the New BSD license:
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+    * Neither the name of the Python Software Foundation nor the
+      names of its contributors may be used to endorse or promote products
+      derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL TOM COCAGNE BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+=end
+require 'srp'
+
+# monkey-patch API to define a, b and salt presetters
+class SRP::Verifier
+  def set_b val
+    @b = val
+  end
+  def set_salt val
+    @salt = val
+  end
+end
+class SRP::Client
+  def set_a val
+    @a = val
+  end
+end
+
+describe SRP do
+  ###
+  ### Test SRP functions.
+  ### Values are from http://srp.stanford.edu/demo/demo.html
+  ### using 256 bit values.
+  ###
+  context "@module-functions" do
+    before :all do
+      @N = "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3".to_i(16)
+      @g = 2
+      @username = "user"
+      @password = "password"
+      @salt = "16ccfa081895fe1ed0bb"
+      @a = "7ec87196e320a2f8dfe8979b1992e0d34439d24471b62c40564bb4302866e1c2".to_i(16)
+      @b = "8143e2f299852a05717427ea9d87c6146e747d0da6e95f4390264e55a43ae96".to_i(16)
+    end
+
+    it "should calculate k" do
+      k = SRP.calc_k(@N, @g)
+      ("%x" % k).should == "dbe5dfe0704fee4c85ff106ecd38117d33bcfe50"
+      ("%b" % k).length.should == 160
+    end
+
+    it "should calculate x" do
+      x = SRP.calc_x(@username, @password, @salt)
+      ("%x" % x).should == "bdd0a4e1c9df4082684d8d358b8016301b025375"
+      ("%b" % x).length.should == 160
+    end
+
+    it "should calculate verifier" do
+      x = "bdd0a4e1c9df4082684d8d358b8016301b025375".to_i(16)
+      v = SRP.calc_v(x, @N, @g)
+      ("%x" % v).should == "ce36e101ed8c37ed98ba4e441274dabd1062f3440763eb98bd6058e5400b6309"
+      ("%b" % v).length.should == 256
+    end
+
+    it "should calculate u" do
+      aa = "b1c4827b0ce416953789db123051ed990023f43b396236b86e12a2c69638fb8e"
+      bb = "fbc56086bb51e26ee1a8287c0a7f3fd4e067e55beb8530b869b10b961957ff68"
+      u = SRP.calc_u(aa, bb, @N)
+      ("%x" % u).should == "c60b17ddf568dd5743d0e3ba5621646b742432c5"
+      ("%b" % u).length.should == 160
+    end
+
+    it "should calculate public client value A" do
+      aa = SRP.calc_A(@a, @N, @g)
+      ("%x" % aa).should == "b1c4827b0ce416953789db123051ed990023f43b396236b86e12a2c69638fb8e"
+      ("%b" % aa).length.should == 256
+    end
+
+    it "should calculate public server value B" do
+      k = "dbe5dfe0704fee4c85ff106ecd38117d33bcfe50".to_i(16)
+      v = "ce36e101ed8c37ed98ba4e441274dabd1062f3440763eb98bd6058e5400b6309".to_i(16)
+      bb = SRP.calc_B(@b, k, v, @N, @g)
+      ("%x" % bb).should == "fbc56086bb51e26ee1a8287c0a7f3fd4e067e55beb8530b869b10b961957ff68"
+      ("%b" % bb).length.should == 256
+    end
+
+    it "should calculate session key from client params" do
+      bb = "fbc56086bb51e26ee1a8287c0a7f3fd4e067e55beb8530b869b10b961957ff68".to_i(16)
+      k = "dbe5dfe0704fee4c85ff106ecd38117d33bcfe50".to_i(16)
+      x = "bdd0a4e1c9df4082684d8d358b8016301b025375".to_i(16)
+      u = "c60b17ddf568dd5743d0e3ba5621646b742432c5".to_i(16)
+      a = @a
+      ss = SRP.calc_client_S(bb, a, k, x, u, @N, @g)
+      ("%x" % ss).should == "a606c182e364d2c15f9cdbeeeb63bb00c831d1da65eedc1414f21157d0312a5a"
+      ("%b" % ss).length.should == 256
+    end
+
+    it "should calculate session key from server params" do
+      aa = "b1c4827b0ce416953789db123051ed990023f43b396236b86e12a2c69638fb8e".to_i(16)
+      v = "ce36e101ed8c37ed98ba4e441274dabd1062f3440763eb98bd6058e5400b6309".to_i(16)
+      u = "c60b17ddf568dd5743d0e3ba5621646b742432c5".to_i(16)
+      b = @b
+      ss = SRP.calc_server_S(aa, b, v, u, @N)
+      ("%x" % ss).should == "a606c182e364d2c15f9cdbeeeb63bb00c831d1da65eedc1414f21157d0312a5a"
+      ("%b" % ss).length.should == 256
+    end
+
+    it "should calculate M" do
+      xaa = "b1c4827b0ce416953789db123051ed990023f43b396236b86e12a2c69638fb8e"
+      xbb = "fbc56086bb51e26ee1a8287c0a7f3fd4e067e55beb8530b869b10b961957ff68"
+      xss = "a606c182e364d2c15f9cdbeeeb63bb00c831d1da65eedc1414f21157d0312a5a"
+      xkk = SRP.sha1_hex(xss)
+      xkk.should == "5844898ea6e5f5d9b737bc0ba2fb9d5edd3f8e67"
+      mm = SRP.calc_M(@username, @salt, xaa, xbb, xkk, @N, @g)
+      ("%x" % mm).should == "2da30b225850c17720ed483ae6d04bcb67e4448e"
+    end
+
+    it "should calculate H(AMK)" do
+      xaa = "b1c4827b0ce416953789db123051ed990023f43b396236b86e12a2c69638fb8e"
+      xmm = "d597503056af882d5b27b419302ac7b2ea9d7468"
+      xkk = "5844898ea6e5f5d9b737bc0ba2fb9d5edd3f8e67"
+      h_amk = SRP.calc_H_AMK(xaa, xmm, xkk, @N, @g)
+      ("%x" % h_amk).should == "ffc955a9227f1bf1d87d66bebecba081f54dbb7a"
+    end
+  end
+
+
+  ###
+  ### Test predefined values for N and g.
+  ### Values are from vectors listed in RFC 5054 Appendix B.
+  ###
+  context "@predefined-Ng" do
+    it "should be 1024 bits" do
+      srp = SRP::Verifier.new(1024)
+      nn = srp.N
+      ("%x" % nn).should == "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"
+      ("%b" % nn).length.should == 1024
+      srp.g.should == 2
+    end
+
+    it "should be 1536 bits" do
+      srp = SRP::Verifier.new(1536)
+      nn = srp.N
+      ("%b" % nn).length.should == 1536
+      srp.g.should == 2
+    end
+
+    it "should be 2048 bits" do
+      srp = SRP::Verifier.new(2048)
+      nn = srp.N
+      ("%b" % nn).length.should == 2048
+      srp.g.should == 2
+    end
+
+    it "should be 3072 bits" do
+      srp = SRP::Verifier.new(3072)
+      nn = srp.N
+      ("%b" % nn).length.should == 3072
+      srp.g.should == 5
+    end
+
+    it "should be 4096 bits" do
+      srp = SRP::Verifier.new(4096)
+      nn = srp.N
+      ("%b" % nn).length.should == 4096
+      srp.g.should == 5
+    end
+
+    it "should be 6144 bits" do
+      srp = SRP::Verifier.new(6144)
+      nn = srp.N
+      ("%b" % nn).length.should == 6144
+      srp.g.should == 5
+    end
+
+    it "should be 8192 bits" do
+      srp = SRP::Verifier.new(8192)
+      nn = srp.N
+      ("%b" % nn).length.should == 8192
+      srp.g.should == 19
+    end
+  end
+
+
+  ###
+  ### Test server-side Verifier.
+  ### Values are from http://srp.stanford.edu/demo/demo.html
+  ### using 1024 bit values.
+  ###
+  context "@verifier" do
+    before :all do
+      @username = "user"
+      @password = "password"
+      @salt = "16ccfa081895fe1ed0bb"
+      @a = "7ec87196e320a2f8dfe8979b1992e0d34439d24471b62c40564bb4302866e1c2"
+      @b = "8143e2f299852a05717427ea9d87c6146e747d0da6e95f4390264e55a43ae96"
+    end
+
+    it "should calculate k" do
+      k = SRP::Verifier.new(1024).k
+      k.should == "7556aa045aef2cdd07abaf0f665c3e818913186f".to_i(16)
+    end
+
+    it "should generate salt and verifier" do
+      auth = SRP::Verifier.new(1024).generate_userauth(@username, @password)
+      auth[:username].should == @username
+      auth[:verifier].should be
+      auth[:salt].should be
+    end
+
+    it "should calculate verifier with given salt" do
+      srp = SRP::Verifier.new(1024)
+      srp.set_salt @salt
+      auth = srp.generate_userauth(@username, @password)
+      v = auth[:verifier]
+      salt = auth[:salt]
+      salt.should == @salt
+      v.should == "321307d87ca3462f5b0cb5df295bea04498563794e5401899b2f32dd5cab5b7de9da78e7d62ea235e6d7f43a4ea09fea7c0dafdee6e79a1d12e2e374048deeaf5ba7c68e2ad952a3f5dc084400a7f1599a31d6d9d50269a9208db88f84090e8aa3c7b019f39529dcc19baa985a8d7ffb2d7628071d2313c9eaabc504d3333688"
+    end
+
+    it "should generate salt and calculate verifier" do
+      srp = SRP::Verifier.new(1024)
+      auth = srp.generate_userauth(@username, @password)
+      v = auth[:verifier]
+      salt = auth[:salt]
+      ("%b" % v.to_i(16)).length.should >= 1000
+      ("%b" % salt.to_i(16)).length.should >= 50
+    end
+
+    it "should generate B with predefined b" do
+      v = "321307d87ca3462f5b0cb5df295bea04498563794e5401899b2f32dd5cab5b7de9da78e7d62ea235e6d7f43a4ea09fea7c0dafdee6e79a1d12e2e374048deeaf5ba7c68e2ad952a3f5dc084400a7f1599a31d6d9d50269a9208db88f84090e8aa3c7b019f39529dcc19baa985a8d7ffb2d7628071d2313c9eaabc504d3333688"
+      srp = SRP::Verifier.new(1024)
+      srp.set_b @b.to_i(16)
+      bb = srp.generate_B(v)
+      bb.should == "56777d24af1121bd6af6aeb84238ff8d250122fe75ed251db0f47c289642ae7adb9ef319ce3ab23b6ecc97e5904749fc42f12bb016ecf39691db541f066667b8399bfa685c82b03ad8f92f75975ed086dbe0d470d4dd907ce11b19ee41b74aee72bd8445cde6b58c01f678e39ed9cd6b93c79382637df90777a96c10a768c510"
+    end
+
+     it "should generate B" do
+      srp = SRP::Verifier.new(1024)
+      bb = srp.generate_B("0")
+      ("%b" % bb.to_i(16)).length.should >= 1000
+      ("%b" % srp.b).length.should > 200
+    end
+
+    it "should calculate server session and key" do
+      # A is received in phase 1
+      aa = "165366e23a10006a62fb8a0793757a299e2985103ad2e8cdee0cc37cac109f3f338ee12e2440eda97bfa7c75697709a5dc66faadca7806d43ea5839757d134ae7b28dd3333049198cc8d328998b8cd8352ff4e64b3bd5f08e40148d69b0843bce18cbbb30c7e4760296da5c92717fcac8bddc7875f55302e55d90a34226868d2"
+      # B and b are saved from phase 1
+      bb = "56777d24af1121bd6af6aeb84238ff8d250122fe75ed251db0f47c289642ae7adb9ef319ce3ab23b6ecc97e5904749fc42f12bb016ecf39691db541f066667b8399bfa685c82b03ad8f92f75975ed086dbe0d470d4dd907ce11b19ee41b74aee72bd8445cde6b58c01f678e39ed9cd6b93c79382637df90777a96c10a768c510"
+      # v is from db
+      v = "321307d87ca3462f5b0cb5df295bea04498563794e5401899b2f32dd5cab5b7de9da78e7d62ea235e6d7f43a4ea09fea7c0dafdee6e79a1d12e2e374048deeaf5ba7c68e2ad952a3f5dc084400a7f1599a31d6d9d50269a9208db88f84090e8aa3c7b019f39529dcc19baa985a8d7ffb2d7628071d2313c9eaabc504d3333688"
+      _proof = {:A => aa, :B => bb, :b => @b, 
+        :I => @username, :s => @salt, :v => v}
+      srp = SRP::Verifier.new(1024)
+      srp.verify_session(_proof, "match insignificant")
+      ss = srp.S
+      ss.should == "7f44592cc616e0d761b2d3309d513b69b386c35f3ed9b11e6d43f15799b673d6dcfa4117b4456af978458d62ad61e1a37be625f46d2a5bd9a50aae359e4541275f0f4bd4b4caed9d2da224b491231f905d47abd9953179aa608854b84a0e0c6195e73715932b41ab8d0d4a2977e7642163be6802c5907fb9e233b8c96e457314"
+      kk = srp.K
+      kk.should == "404bf923682abeeb3c8c9164d2cdb6b6ba21b64d"
+    end
+
+    it "should calculate verifier M and server proof" do
+      # A is received in phase 1
+      aa = "165366e23a10006a62fb8a0793757a299e2985103ad2e8cdee0cc37cac109f3f338ee12e2440eda97bfa7c75697709a5dc66faadca7806d43ea5839757d134ae7b28dd3333049198cc8d328998b8cd8352ff4e64b3bd5f08e40148d69b0843bce18cbbb30c7e4760296da5c92717fcac8bddc7875f55302e55d90a34226868d2"
+      # B and b are saved from phase 1
+      bb = "56777d24af1121bd6af6aeb84238ff8d250122fe75ed251db0f47c289642ae7adb9ef319ce3ab23b6ecc97e5904749fc42f12bb016ecf39691db541f066667b8399bfa685c82b03ad8f92f75975ed086dbe0d470d4dd907ce11b19ee41b74aee72bd8445cde6b58c01f678e39ed9cd6b93c79382637df90777a96c10a768c510"
+      # v is from db
+      v = "321307d87ca3462f5b0cb5df295bea04498563794e5401899b2f32dd5cab5b7de9da78e7d62ea235e6d7f43a4ea09fea7c0dafdee6e79a1d12e2e374048deeaf5ba7c68e2ad952a3f5dc084400a7f1599a31d6d9d50269a9208db88f84090e8aa3c7b019f39529dcc19baa985a8d7ffb2d7628071d2313c9eaabc504d3333688"
+      # S is validated
+      ss = "7f44592cc616e0d761b2d3309d513b69b386c35f3ed9b11e6d43f15799b673d6dcfa4117b4456af978458d62ad61e1a37be625f46d2a5bd9a50aae359e4541275f0f4bd4b4caed9d2da224b491231f905d47abd9953179aa608854b84a0e0c6195e73715932b41ab8d0d4a2977e7642163be6802c5907fb9e233b8c96e457314"
+      # K = H(S)
+      kk = SRP.sha1_hex(ss)
+      client_M = "52fb39fcacc2d909675ea3cf2b967980fc40ae0"
+      _proof = {:A => aa, :B => bb, :b => @b, 
+        :I => @username, :s => @salt, :v => v}
+      srp = SRP::Verifier.new(1024)
+      srp.verify_session(_proof, client_M)
+      srp.M.should == client_M
+      srp.H_AMK.should == "d3668cebb1cba4b3d4a4cd8edde9d89279b9d1e9"
+    end
+  end
+
+
+  ###
+  ### Test Client.
+  ### Values are from http://srp.stanford.edu/demo/demo.html
+  ### using 1024 bit values.
+  ###
+  context "@client" do
+    before :all do
+      @username = "user"
+      @password = "password"
+      @salt = "16ccfa081895fe1ed0bb"
+      @a = "7ec87196e320a2f8dfe8979b1992e0d34439d24471b62c40564bb4302866e1c2"
+      @b = "8143e2f299852a05717427ea9d87c6146e747d0da6e95f4390264e55a43ae96"
+    end
+
+    it "should generate A from random a" do
+      srp = SRP::Client.new(1024)
+      aa1 = srp.generate_A
+      ("%b" % aa1.to_i(16)).length.should >= 1000
+      ("%b" % srp.generate_A.to_i(16)).length.should >= 200
+      srp = SRP::Client.new(1024)
+      aa2 = srp.generate_A
+      ("%b" % aa2.to_i(16)).length.should >= 1000
+      ("%b" % srp.generate_A.to_i(16)).length.should >= 200
+      aa1.should_not == aa2
+    end
+
+    it "should calculate A" do
+      srp = SRP::Client.new(1024)
+      srp.set_a @a.to_i(16)
+      aa = srp.generate_A
+      aa.should == "165366e23a10006a62fb8a0793757a299e2985103ad2e8cdee0cc37cac109f3f338ee12e2440eda97bfa7c75697709a5dc66faadca7806d43ea5839757d134ae7b28dd3333049198cc8d328998b8cd8352ff4e64b3bd5f08e40148d69b0843bce18cbbb30c7e4760296da5c92717fcac8bddc7875f55302e55d90a34226868d2"
+    end
+
+    it "should calculate client session and key" do
+      srp = SRP::Client.new(1024)
+      srp.set_a @a.to_i(16)
+      aa = srp.generate_A # created in phase 1
+      bb = "56777d24af1121bd6af6aeb84238ff8d250122fe75ed251db0f47c289642ae7adb9ef319ce3ab23b6ecc97e5904749fc42f12bb016ecf39691db541f066667b8399bfa685c82b03ad8f92f75975ed086dbe0d470d4dd907ce11b19ee41b74aee72bd8445cde6b58c01f678e39ed9cd6b93c79382637df90777a96c10a768c510"
+      mm = srp.process_challenge(@username, @password, @salt, bb)
+      ss = srp.S
+      ss.should == "7f44592cc616e0d761b2d3309d513b69b386c35f3ed9b11e6d43f15799b673d6dcfa4117b4456af978458d62ad61e1a37be625f46d2a5bd9a50aae359e4541275f0f4bd4b4caed9d2da224b491231f905d47abd9953179aa608854b84a0e0c6195e73715932b41ab8d0d4a2977e7642163be6802c5907fb9e233b8c96e457314"
+      kk = srp.K
+      kk.should == "404bf923682abeeb3c8c9164d2cdb6b6ba21b64d"
+    end
+  end
+
+
+  ###
+  ### Simulate actual authentication scenario over HTTP
+  ### when the server is RESTful and has to persist authentication
+  ### state between challenge and response.
+  ###
+  context "@authentication" do
+    before :all do
+      @username = "leonardo"
+      password = "icnivad"
+      @auth = SRP::Verifier.new(1024).generate_userauth(@username, password)
+      # imitate database persistance layer
+      @db = {@username => {
+        :verifier => @auth[:verifier],
+        :salt     => @auth[:salt],
+        }}
+    end
+
+    it "should authenticate" do
+      client = SRP::Client.new(1024)
+      verifier = SRP::Verifier.new(1024)
+      # phase 1
+      # (client)
+      aa = client.generate_A
+      # (server)
+      v = @auth[:verifier]
+      salt = @auth[:salt]
+      bb = verifier.generate_B v
+      b = "%x" % verifier.b
+      # phase 2
+      # (client)
+      client_M = client.process_challenge(@username, "icnivad", salt, bb)
+      # (server)
+      _proof = {:A => aa, :B => bb, :b => b, :I => @username, :s => salt, :v => v}
+      server_H_AMK = verifier.verify_session(_proof, client_M)
+      server_H_AMK.should be
+      # (client)
+      client.H_AMK.should == server_H_AMK
+    end
+
+    it "should not authenticate" do
+      client = SRP::Client.new(1024)
+      verifier = SRP::Verifier.new(1024)
+      # phase 1
+      # (client)
+      aa = client.generate_A
+      # (server)
+      v = @auth[:verifier]
+      salt = @auth[:salt]
+      bb = verifier.generate_B v
+      b = "%x" % verifier.b
+      # phase 2
+      # (client)
+      client_M = client.process_challenge(@username, "wrong password", salt, bb)
+      # (server)
+      _proof = {:A => aa, :B => bb, :b => b, :I => @username, :s => salt, :v => v}
+      verifier.verify_session(_proof, client_M).should == false
+      verifier.H_AMK.should_not be
+    end
+
+    it "should be applied in async authentication with stateless server" do
+      username = @username
+
+      # client generates A and begins authentication process
+      client = SRP::Client.new(1024)
+      aa = client.start_authentication()
+
+
+      #
+      # username and A are received  (client --> server)
+      #
+
+      # server finds user from "database"
+      _user = @db[username]
+      _user.should_not be_nil
+      v = _user[:verifier]
+      salt = _user[:salt]
+
+      # server generates B, saves A and B to database
+      srp = SRP::Verifier.new(1024)
+      _session = srp.get_challenge_and_proof username, v, salt, aa
+      _session[:challenge][:B].should == srp.B
+      _session[:challenge][:salt].should == salt
+      # store proof to memory
+      _user[:session_proof] = _session[:proof]
+      # clear variables to simulate end of phase 1
+      srp = username = v = bb = salt = nil
+      # server sends salt and B
+      client_response = _session[:challenge]
+
+
+      #
+      # client receives B and salt  (server --> client)
+      #
+      bb = client_response[:B]
+      salt = client_response[:salt]
+      # client generates session key
+      # at this point _client_srp.a should be persisted!! calculate_client_key is stateful!
+      mmc = client.process_challenge @username, "icnivad", salt, bb
+      client.A.should be
+      client.M.should == mmc
+      client.K.should be
+      client.H_AMK.should be
+      # client sends M --> server
+      client_M = client.M
+
+      #
+      # server receives client session key  (client --> server)
+      #
+      username = @username
+      _user = @db[username]
+      # retrive session from database
+      proof = _user[:session_proof]
+      srp = SRP::Verifier.new(1024)
+      verification = srp.verify_session(proof, client_M)
+      verification.should_not == false
+
+      # Now the two parties have a shared, strong session key K.
+      # To complete authentication, they need to prove to each other that their keys match.
+
+      client.verify(verification).should == true
+      verification.should == client.H_AMK
+    end
+  end
+end

metadata

@@ -0,0 +1,68 @@
+--- !ruby/object:Gem::Specification
+name: srp-rb
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+  prerelease: 
+platform: ruby
+authors:
+- lamikae
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-06-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ! "\n    Ruby implementation of the Secure Remote Password protocol (SRP-6a).\n
+  \   SRP is a cryptographically strong authentication protocol for \n    password-based,
+  mutual authentication over an insecure network connection."
+email:
+- ''
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/srp-rb/version.rb
+- lib/srp-rb.rb
+- lib/srp.rb
+- spec/srp_spec.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: srp-rb
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: Secure Remote Password protocol SRP-6a.
+test_files:
+- spec/srp_spec.rb