class CryptoToolchain::SRP::SimpleServer
Attributes
malicious[R]
malicious?[R]
recovered_password[R]
salt[R]
u[R]
Public Class Methods
new(n: CryptoToolchain::NIST_P, g: CryptoToolchain::NIST_G, k: 3, email: "charles@goodog.com", password: "i<3porkchops", privkey: nil, pubkey: nil, u: (rand(1..0x0000ffff)), malicious: false, salt: rand(1..0xffffffff), socket: )
click to toggle source
# File lib/crypto_toolchain/srp/simple_server.rb, line 6 def initialize(n: CryptoToolchain::NIST_P, g: CryptoToolchain::NIST_G, k: 3, email: "charles@goodog.com", password: "i<3porkchops", privkey: nil, pubkey: nil, u: (rand(1..0x0000ffff)), malicious: false, salt: rand(1..0xffffffff), socket: ) @n = n @g = g @k = k @email = email, @password = password @socket = socket @privkey = privkey || rand(1..0xffffffff) % n @pubkey = pubkey || g.modpow(@privkey, n) @u = u @salt = salt xH = Digest::SHA256.hexdigest("#{salt}#{password}") x = xH.to_i(16) @v = g.modpow(x, n) @malicious = malicious end
Public Instance Methods
crack(hmac)
click to toggle source
# File lib/crypto_toolchain/srp/simple_server.rb, line 47 def crack(hmac) wordlist.each_with_index do |word, i| _x = Digest::SHA256.hexdigest("#{salt}#{word}").to_i(16) _v = g.modpow(_x, n) _secret = (client_pubkey * _v.modpow(u, n)).modpow(privkey, n) _key = Digest::SHA256.hexdigest(_secret.to_s) word_hmac = OpenSSL::HMAC.hexdigest("SHA256", _key, salt.to_s) return word if word_hmac == hmac end nil end
hello_received(email, _client_pubkey)
click to toggle source
# File lib/crypto_toolchain/srp/simple_server.rb, line 29 def hello_received(email, _client_pubkey) @client_pubkey = _client_pubkey.to_i write_message("hello", salt, pubkey, u) # S = (A * v**u) ** b % N secret = (client_pubkey * v.modpow(u, n)).modpow(privkey, n) puts "SimpleServer generated secret #{secret}" if DEBUG @key = Digest::SHA256.hexdigest(secret.to_s) end
verify_received(hmac)
click to toggle source
Calls superclass method
CryptoToolchain::SRP::Server#verify_received
# File lib/crypto_toolchain/srp/simple_server.rb, line 59 def verify_received(hmac) if malicious? @recovered_password = crack(hmac) puts "Recovered #{@recovered_password}" if DEBUG end super(hmac) end
wordlist()
click to toggle source
# File lib/crypto_toolchain/srp/simple_server.rb, line 38 def wordlist return @wordlist if defined? @wordlist _words = File.readlines("/usr/share/dict/words"). shuffle[0...100]. map(&:strip) _words << "i<3porkchops" @wordlist = _words.shuffle end