Class: RubyHome::SRP::Client

Inherits:

SRP::Client

• Object
• SRP::Client
• RubyHome::SRP::Client

Defined in:

lib/ruby_home-srp.rb

Instance Attribute Summary

• #a ⇒ Object writeonly

  Sets the attribute a.

Instance Method Summary

• #initialize(group = 3072) ⇒ Client constructor

  A new instance of Client.

• #process_challenge(username, password, xsalt, xbb) ⇒ String

  Phase 2 : Step 1 : Process the salt and B values provided by the server.

• #start_authentication ⇒ String

  Phase 1 : Step 1 : Start the authentication process by generating the client ‘a’ and ‘A’ values.

Constructor Details

#initialize(group = 3072) ⇒ Client

Returns a new instance of Client.

# File 'lib/ruby_home-srp.rb', line 184

def initialize group=3072
  # select modulus (N) and generator (g)
  @N, @g = SRP.Ng group
  @k = SRP.calc_k(@N, @g)
end

Instance Attribute Details

#a=(value) ⇒ Object (writeonly)

Sets the attribute a

Parameters:

• value —

  the value to set the attribute a to.

# File 'lib/ruby_home-srp.rb', line 182

def a=(value)
  @a = value
end

Instance Method Details

#process_challenge(username, password, xsalt, xbb) ⇒ String

Phase 2 : Step 1 : Process the salt and B values provided by the server.

Parameters:

• username (String) —

  the client provided authentication username

• password (String) —

  the client provided authentication password

• xsalt (String) —

  the server provided salt for the username in hex

• xbb (String) —

  the server verifier ‘B’ value in hex

Returns:

• (String) —

  the client ‘M’ value in hex

Raises:

• (ArgumentError)

# File 'lib/ruby_home-srp.rb', line 208

def process_challenge(username, password, xsalt, xbb)
  raise ArgumentError, 'username must be a string' unless username.is_a?(String) && !username.empty?
  raise ArgumentError, 'password must be a string' unless password.is_a?(String) && !password.empty?
  raise ArgumentError, 'xsalt must be a string' unless xsalt.is_a?(String)
  raise ArgumentError, 'xsalt must be a hex string' unless xsalt =~ /^[a-fA-F0-9]+$/
  raise ArgumentError, 'xbb must be a string' unless xbb.is_a?(String)
  raise ArgumentError, 'xbb must be a hex string' unless xbb =~ /^[a-fA-F0-9]+$/

  # Convert the 'B' hex value to an Integer
  bb = xbb.to_i(16)

  # SRP-6a safety check
  return false if (bb % @N).zero?

  x = SRP.calc_x(username, password, xsalt)
  u = SRP.calc_u(@A, xbb, @N)

  # SRP-6a safety check
  return false if u.zero?

  # Calculate session key 'S' and secret key 'K'
  @S = SRP.calc_client_S(bb, @a, @k, x, u, @N, @g.hex).to_hex_string
  @K = SRP.sha512_hex(@S)

  # Calculate the 'M' matcher
  @M = SRP.calc_M(username, xsalt, @A, xbb, @K, @N, @g)

  # Calculate the H(A,M,K) verifier
  @H_AMK = SRP.calc_H_AMK(@A, @M.to_hex_string, @K, @N, @g).to_hex_string

  # Return the 'M' matcher to be sent to the server
  @M.to_hex_string
end

#start_authentication ⇒ String

Phase 1 : Step 1 : Start the authentication process by generating the client ‘a’ and ‘A’ values. Public ‘A’ should later be sent along with the username, to the server verifier to continue the auth process. The internal secret ‘a’ value should remain private.

Returns:

• (String) —

  the value of ‘A’ in hex

# File 'lib/ruby_home-srp.rb', line 196

def start_authentication
  @a ||= SecureRandom.hex(32).hex
  @A = SRP.calc_A(@a, @N, @g.hex).to_hex_string
end