srp-rb 1.0.0 → 1.0.1

data/lib/srp-rb.rb

@@ -43,13 +43,20 @@ require "srp-rb/version"
 
 module SRP
   class << self
-
-    def sha1_hex(h)
-      Digest::SHA1.hexdigest([h].pack('H*'))
+    
+    attr_accessor :hash
+    
+    def sha1_hex(h, hash)
+      h = '0' + h if h.size % 2 != 0
+      klass = hash == 'sha-256' ?
+        Digest::SHA256 : Digest::SHA1
+      klass.hexdigest([h].pack('H*'))
     end
 
-    def sha1_str(s)
-      Digest::SHA1.hexdigest(s)
+    def sha1_str(s, hash)
+      klass = hash == 'sha-256' ?
+        Digest::SHA256 : Digest::SHA1
+      klass.hexdigest(s)
     end
 
     def bigrand(bytes)
@@ -70,6 +77,7 @@ module SRP
     # SHA1 hashing function with padding.
     # Input is prefixed with 0 to meet N hex width.
     def H(n, *a)
+      hash = a.pop
       nlen = 2 * ((('%x' % [n]).length * 4 + 7) >> 3)
       hashin = a.map {|s|
         next unless s
@@ -79,41 +87,56 @@ module SRP
         end
         "0" * (nlen - shex.length) + shex
       }.join('')
-      sha1_hex(hashin).hex % n
+      # warn "HASH: #{hashin}"
+      sha1_hex(hashin, hash).hex % n
     end
 
     # Multiplier parameter
     # k = H(N, g)   (in SRP-6a)
-    def calc_k(n, g)
-      H(n, n, g)
+    def calc_k(n, g, hash)
+      k1 = H(n, n, g, hash)
+      # warn "n: #{n.to_s(16)}"
+      # warn "g: #{g.to_s}"
+      # warn "k: #{k1.to_s(16)}"
+      H(n, n, g, hash)
     end
 
     # Private key (derived from username, raw password and salt)
     # x = H(salt || H(username || ':' || password))
-    def calc_x(username, password, salt)
+    def calc_x(username, password, salt, hash)
       spad = if salt.length.odd? then '0' else '' end
-      sha1_hex(spad + salt + sha1_str([username, password].join(':'))).hex
+      x1 = sha1_hex(spad + salt + sha1_str([username, password].join(':')), hash).hex
+      # warn "x: #{x1.to_s(16)}"
+      sha1_hex(spad + salt + sha1_str([username, password].join(':'), hash), hash).hex
     end
 
     # Random scrambling parameter
     # u = H(A, B)
-    def calc_u(xaa, xbb, n)
-      H(n, xaa, xbb)
+    def calc_u(xaa, xbb, n, hash)
+      u1 = H(n, xaa, xbb, hash)
+      # warn "u: #{u1.to_s(16)}"
+      H(n, xaa, xbb, hash)
     end
 
     # Password verifier
     # v = g^x (mod N)
     def calc_v(x, n, g)
+      v1 = modpow(g,x,n)
+      # warn "v: #{v1.to_s(16)}"
       modpow(g, x, n)
     end
 
     # A = g^a (mod N)
     def calc_A(a, n, g)
+      a1 = modpow(g,a,n)
+      # warn "A: #{a1.to_s(16)}"
       modpow(g, a, n)
     end
 
     # B = g^b + k v (mod N)
     def calc_B(b, k, v, n, g)
+      b1 = (modpow(g, b, n) + k * v) % n
+      # warn "B: #{b1.to_s(16)}"
       (modpow(g, b, n) + k * v) % n
     end
 
@@ -126,21 +149,23 @@ module SRP
     # Server secret
     # S = (A * v^u) ^ b % N
     def calc_server_S(aa, b, v, u, n)
+      s1 = modpow((modpow(v, u, n) * aa), b, n)
+      # warn "S: #{s1.to_s(16)}"
       modpow((modpow(v, u, n) * aa), b, n)
     end
 
     # M = H(H(N) xor H(g), H(I), s, A, B, K)
-    def calc_M(username, xsalt, xaa, xbb, xkk, n, g)
-      hn = sha1_hex("%x" % n).hex
-      hg = sha1_hex("%x" % g).hex
-      hxor = "%x" % (hn ^ hg)
-      hi = sha1_str(username)
-      return H(n, hxor, hi, xsalt, xaa, xbb, xkk)
+    def calc_M1(xaa, xbb, xkk, n, hash)
+      m1 = H(n, xaa, xbb, xkk, hash)
+      # warn "M1: #{m1.to_s(16)}"
+      return H(n, xaa, xbb, xkk, hash)
     end
 
     # H(A, M, K)
-    def calc_H_AMK(xaa, xmm, xkk, n, g)
-      H(n, xaa, xmm, xkk)
+    def calc_M2(xaa, xmm, xkk, n, hash)
+      m2 = H(n, xaa, xmm, xkk, hash)
+      # warn "M2: #{m2.to_s(16)}"
+      H(n, xaa, xmm, xkk, hash)
     end
 
     def Ng(group)
@@ -311,10 +336,11 @@ module SRP
   class Verifier
     attr_reader :N, :g, :k, :A, :B, :b, :S, :K, :M, :H_AMK
 
-    def initialize group=1024
+    def initialize(group = 1024, hash = 'sha-1')
       # select modulus (N) and generator (g)
-      @N, @g = SRP.Ng group
-      @k = SRP.calc_k(@N, @g)
+      @N, @g = SRP.Ng(group)
+      @hash = hash
+      @k = SRP.calc_k(@N, @g, @hash)
     end
 
     # Initial user creation for the persistance layer.
@@ -322,7 +348,8 @@ module SRP
     # Returns { <username>, <password verifier>, <salt> }
     def generate_userauth username, password
       @salt ||= random_salt
-      x = SRP.calc_x(username, password, @salt)
+      # warn "salt: #{@salt}"
+      x = SRP.calc_x(username, password, @salt, @hash)
       v = SRP.calc_v(x, @N, @g)
       return {:username => username, :verifier => "%x" % v, :salt => @salt}
     end
@@ -334,6 +361,7 @@ module SRP
       # SRP-6a safety check
       return false if (xaa.to_i(16) % @N) == 0
       generate_B(xverifier)
+      # warn "A: #{xaa}"
       return {
         :challenge    => {:B => @B, :salt => xsalt},
         :proof        => {:A => xaa, :B => @B, :b => "%x" % @b,
@@ -348,31 +376,35 @@ module SRP
       @A = proof[:A]
       @B = proof[:B]
       @b = proof[:b].to_i(16)
+      # warn "b: #{@b}"
+      
       username = proof[:I]
       xsalt = proof[:s]
       v = proof[:v].to_i(16)
 
-      u = SRP.calc_u(@A, @B, @N)
+      u = SRP.calc_u(@A, @B, @N, @hash)
       # SRP-6a safety check
       return false if u == 0
 
       # calculate session key
       @S = "%x" % SRP.calc_server_S(@A.to_i(16), @b, v, u, @N)
-      @K = SRP.sha1_hex(@S)
 
-      # calculate match
-      @M = "%x" % SRP.calc_M(username, xsalt, @A, @B, @K, @N, @g)
+      @K = SRP.sha1_hex(@S, @hash)
+      # warn "K: #{@K}"
 
+      # calculate match
+      @M = "%x" % SRP.calc_M1(@A, @B, @K, @N, @hash)
+      
       if @M == client_M
         # authentication succeeded
-        @H_AMK = "%x" % SRP.calc_H_AMK(@A, @M, @K, @N, @g)
+        @H_AMK = "%x" % SRP.calc_M2(@A, @M, @K, @N, @hash)
         return @H_AMK
       end
       return false
     end
 
     def random_salt
-      "%x" % SRP.bigrand(10).hex
+      "%x" % SRP.bigrand(16).hex
     end
 
     def random_bignum
@@ -392,14 +424,17 @@ module SRP
   class Client
     attr_reader :N, :g, :k, :a, :A, :S, :K, :M, :H_AMK
 
-    def initialize group=1024
+    def initialize(group, hash)
       # select modulus (N) and generator (g)
-      @N, @g = SRP.Ng group
-      @k = SRP.calc_k(@N, @g)
+      @N, @g = SRP.Ng(group)
+      @hash = hash
+      @k = SRP.calc_k(@N, @g, @hash)
     end
 
     def start_authentication
-      generate_A
+      a = generate_A
+      # warn "A: #{a.to_s(16)}"
+      a
     end
 
     # Process initiated authentication challenge.
@@ -410,21 +445,21 @@ module SRP
       # SRP-6a safety check
       return false if (bb % @N) == 0
 
-      x = SRP.calc_x(username, password, xsalt)
-      u = SRP.calc_u(@A, xbb, @N)
+      x = SRP.calc_x(username, password, xsalt, @hash)
+      u = SRP.calc_u(@A, xbb, @N, @hash)
 
       # SRP-6a safety check
       return false if u == 0
 
       # calculate session key
       @S = "%x" % SRP.calc_client_S(bb, @a, @k, x, u, @N, @g)
-      @K = SRP.sha1_hex(@S)
+      @K = SRP.sha1_hex(@S, hash)
 
       # calculate match
-      @M = "%x" % SRP.calc_M(username, xsalt, @A, xbb, @K, @N, @g)
+      @M = "%x" % SRP.calc_M1(@A, xbb, @K, @N, @hash)
 
       # calculate verifier
-      @H_AMK = "%x" % SRP.calc_H_AMK(@A, @M, @K, @N, @g)
+      @H_AMK = "%x" % SRP.calc_M2(@A, @M, @K, @N, @hash)
 
       return @M
     end
@@ -440,7 +475,8 @@ module SRP
 
     def generate_A
       @a ||= random_bignum
+      # warn "a: #{@a}"
       @A = "%x" % SRP.calc_A(@a, @N, @g)
     end
   end # Client
-end
+end

data/lib/srp-rb/version.rb

@@ -1,5 +1,5 @@
 module Srp
   module Rb
-    VERSION = "1.0.0"
+    VERSION = "1.0.1"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: srp-rb
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-06-25 00:00:00.000000000 Z
+date: 2013-12-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec