Module: Net::IMAP::SASL::ScramAlgorithm

Included in:
ScramAuthenticator
Defined in:
lib/net/imap/sasl/scram_algorithm.rb

Overview

For method descriptions, see RFC5802 §2.2 and RFC5802 §3.

Instance Method Summary collapse

Instance Method Details

#auth_messageObject



35
36
37
38
39
40
41
42
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 35

def auth_message
  [
    client_first_message_bare,
    server_first_message,
    client_final_message_without_proof,
  ]
    .join(",")
end

#client_keyObject



48
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 48

def client_key;       HMAC(salted_password, "Client Key") end

#client_proofObject



53
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 53

def client_proof;     XOR(client_key, client_signature)   end

#client_signatureObject



51
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 51

def client_signature; HMAC(stored_key, auth_message)      end

#H(str) ⇒ Object



24
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 24

def H(str) digest.digest str end

#Hi(str, salt, iterations) ⇒ Object



13
14
15
16
17
18
19
20
21
22
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 13

def Hi(str, salt, iterations)
  length = digest.digest_length
  OpenSSL::KDF.pbkdf2_hmac(
    str,
    salt:       salt,
    iterations: iterations,
    length: length,
    hash: digest,
  )
end

#HMAC(key, data) ⇒ Object



26
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 26

def HMAC(key, data) OpenSSL::HMAC.digest(digest, key, data) end

#Normalize(str) ⇒ Object



11
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 11

def Normalize(str) SASL.saslprep(str) end

#salted_passwordObject



44
45
46
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 44

def salted_password
  Hi(Normalize(password), salt, iterations)
end

#server_keyObject



49
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 49

def server_key;       HMAC(salted_password, "Server Key") end

#server_signatureObject



52
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 52

def server_signature; HMAC(server_key, auth_message)      end

#stored_keyObject



50
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 50

def stored_key;       H(client_key)                       end

#XOR(str1, str2) ⇒ Object



28
29
30
31
32
33
# File 'lib/net/imap/sasl/scram_algorithm.rb', line 28

def XOR(str1, str2)
  str1.unpack("C*")
    .zip(str2.unpack("C*"))
    .map {|a, b| a ^ b }
    .pack("C*")
end