class OpenID::Server::DiffieHellmanSHA1ServerSession
An object that knows how to handle association requests with the Diffie-Hellman session type.
See OpenID Specs, Section 8: Establishing Associations <openid.net/specs/openid-authentication-2_0-12.html#associations>
Attributes
consumer_pubkey[RW]
The public key sent by the consumer in the associate request
dh[RW]
The Diffie-Hellman algorithm values for this request
session_type[R]
The #session_type for this association session.
Public Class Methods
from_message(message)
click to toggle source
Construct me from OpenID Message
Raises ProtocolError when parameters required to establish the session are missing.
# File lib/openid/server.rb, line 222 def self.from_message(message) dh_modulus = message.get_arg(OPENID_NS, 'dh_modulus') dh_gen = message.get_arg(OPENID_NS, 'dh_gen') if ((!dh_modulus and dh_gen) or (!dh_gen and dh_modulus)) if !dh_modulus missing = 'modulus' else missing = 'generator' end raise ProtocolError.new(message, sprintf('If non-default modulus or generator is ' + 'supplied, both must be supplied. Missing %s', missing)) end if dh_modulus or dh_gen dh_modulus = CryptUtil.base64_to_num(dh_modulus) dh_gen = CryptUtil.base64_to_num(dh_gen) dh = DiffieHellman.new(dh_modulus, dh_gen) else dh = DiffieHellman.from_defaults() end consumer_pubkey = message.get_arg(OPENID_NS, 'dh_consumer_public') if !consumer_pubkey raise ProtocolError.new(message, sprintf("Public key for DH-SHA1 session " + "not found in message %s", message)) end consumer_pubkey = CryptUtil.base64_to_num(consumer_pubkey) return self.new(dh, consumer_pubkey) end
new(dh, consumer_pubkey)
click to toggle source
Calls superclass method
OpenID::Server::BaseServerSession.new
# File lib/openid/server.rb, line 210 def initialize(dh, consumer_pubkey) super('DH-SHA1', ['HMAC-SHA1']) @hash_func = CryptUtil.method('sha1') @dh = dh @consumer_pubkey = consumer_pubkey end
Public Instance Methods
answer(secret)
click to toggle source
# File lib/openid/server.rb, line 260 def answer(secret) mac_key = @dh.xor_secret(@hash_func, @consumer_pubkey, secret) return { 'dh_server_public' => CryptUtil.num_to_base64(@dh.public), 'enc_mac_key' => Util.to_base64(mac_key), } end