class OpenID::Server::DiffieHellmanSHA1ServerSession

An object that knows how to handle association requests with the Diffie-Hellman session type.

See OpenID Specs, Section 8: Establishing Associations <openid.net/specs/openid-authentication-2_0-12.html#associations>

Attributes

consumer_pubkey[RW]

The public key sent by the consumer in the associate request

dh[RW]

The Diffie-Hellman algorithm values for this request

session_type[R]

The #session_type for this association session.

Public Class Methods

from_message(message) click to toggle source

Construct me from OpenID Message

Raises ProtocolError when parameters required to establish the session are missing.

# File lib/openid/server.rb, line 222
def self.from_message(message)
  dh_modulus = message.get_arg(OPENID_NS, 'dh_modulus')
  dh_gen = message.get_arg(OPENID_NS, 'dh_gen')
  if ((!dh_modulus and dh_gen) or
      (!dh_gen and dh_modulus))

    if !dh_modulus
      missing = 'modulus'
    else
      missing = 'generator'
    end

    raise ProtocolError.new(message,
            sprintf('If non-default modulus or generator is ' +
                    'supplied, both must be supplied. Missing %s',
                    missing))
  end

  if dh_modulus or dh_gen
    dh_modulus = CryptUtil.base64_to_num(dh_modulus)
    dh_gen = CryptUtil.base64_to_num(dh_gen)
    dh = DiffieHellman.new(dh_modulus, dh_gen)
  else
    dh = DiffieHellman.from_defaults()
  end

  consumer_pubkey = message.get_arg(OPENID_NS, 'dh_consumer_public')
  if !consumer_pubkey
    raise ProtocolError.new(message,
            sprintf("Public key for DH-SHA1 session " +
                    "not found in message %s", message))
  end

  consumer_pubkey = CryptUtil.base64_to_num(consumer_pubkey)

  return self.new(dh, consumer_pubkey)
end
new(dh, consumer_pubkey) click to toggle source
Calls superclass method OpenID::Server::BaseServerSession.new
# File lib/openid/server.rb, line 210
def initialize(dh, consumer_pubkey)
  super('DH-SHA1', ['HMAC-SHA1'])

  @hash_func = CryptUtil.method('sha1')
  @dh = dh
  @consumer_pubkey = consumer_pubkey
end

Public Instance Methods

answer(secret) click to toggle source
# File lib/openid/server.rb, line 260
def answer(secret)
  mac_key = @dh.xor_secret(@hash_func,
                           @consumer_pubkey,
                           secret)
  return {
      'dh_server_public' => CryptUtil.num_to_base64(@dh.public),
      'enc_mac_key' => Util.to_base64(mac_key),
      }
end