Revert g to BigNum

adam-fowler · Oct 30, 2024 · 89a3eda · 89a3eda
1 parent e5aa66b
commit 89a3eda
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 13 deletions.
diff --git a/Sources/SRP/client.swift b/Sources/SRP/client.swift
@@ -32,7 +32,7 @@ public struct SRPClient<H: HashFunction> {
         var A: BigNum
         repeat {
             a = BigNum(bytes: SymmetricKey(size: .bits256))
-            A = configuration.g.number.power(a, modulus: configuration.N)
+            A = configuration.g.power(a, modulus: configuration.N)
         } while A % configuration.N == BigNum(0)
 
         return SRPKeyPair(public: SRPKey(A, padding: self.configuration.sizeN), private: SRPKey(a))
@@ -191,7 +191,7 @@ extension SRPClient {
         let x = BigNum(bytes: [UInt8](H.hash(data: salt + H.hash(data: message))))
 
         // calculate S = (B - k*g^x)^(a+u*x)
-        let S = (serverPublicKey.number - configuration.k * configuration.g.number.power(x, modulus: configuration.N)).power(clientKeys.private.number + u * x, modulus: configuration.N)
+        let S = (serverPublicKey.number - configuration.k * configuration.g.power(x, modulus: configuration.N)).power(clientKeys.private.number + u * x, modulus: configuration.N)
 
         return .init(S, padding: self.configuration.sizeN)
     }
@@ -205,7 +205,7 @@ extension SRPClient {
     /// generate password verifier
     public func generatePasswordVerifier(message: [UInt8], salt: [UInt8]) -> BigNum {
         let x = BigNum(bytes: [UInt8](H.hash(data: salt + H.hash(data: message))))
-        let verifier = configuration.g.number.power(x, modulus: configuration.N)
+        let verifier = configuration.g.power(x, modulus: configuration.N)
         return verifier
     }
 }
diff --git a/Sources/SRP/configuration.swift b/Sources/SRP/configuration.swift
@@ -6,7 +6,7 @@ public struct SRPConfiguration<H: HashFunction> {
     /// large safe prime
     public let N: BigNum
     /// multiplicative group generator
-    public let g: SRPKey
+    public let g: BigNum
     /// derived value from N and g. k = H( N | g )
     public let k: BigNum
     /// size in bytes of N
@@ -17,8 +17,8 @@ public struct SRPConfiguration<H: HashFunction> {
     public init(_ prime: Prime) {
         self.N = prime.group
         self.sizeN = Int(self.N.numBits() + 7) / 8
-        self.g = SRPKey(prime.generator, padding: self.sizeN)
-        self.k = BigNum(bytes: [UInt8](H.hash(data: self.N.bytes + self.g.bytes)))
+        self.g = prime.generator
+        self.k = BigNum(bytes: [UInt8](H.hash(data: self.N.bytes + self.g.bytes.pad(to: sizeN))))
     }
 
     /// Initialise SRPConfiguration with your own prime and multiplicative group generator
@@ -28,7 +28,7 @@ public struct SRPConfiguration<H: HashFunction> {
     public init(N: BigNum, g: BigNum) {
         self.N = N
         self.sizeN = Int(self.N.numBits() + 7) / 8
-        self.g = SRPKey(g, padding: self.sizeN)
+        self.g = g
         self.k = BigNum(bytes: [UInt8](H.hash(data: self.N.bytes + self.g.bytes.pad(to: sizeN))))
     }
 

diff --git a/Sources/SRP/server.swift b/Sources/SRP/server.swift
@@ -33,7 +33,7 @@ public struct SRPServer<H: HashFunction> {
         var B: BigNum
         repeat {
             b = BigNum(bytes: SymmetricKey(size: .bits256))
-            B = (configuration.k * verifier.number + configuration.g.number.power(b, modulus: configuration.N)) % configuration.N
+            B = (configuration.k * verifier.number + configuration.g.power(b, modulus: configuration.N)) % configuration.N
         } while B % configuration.N == BigNum(0)
 
         return SRPKeyPair(public: SRPKey(B, padding: self.configuration.sizeN), private: SRPKey(b))

diff --git a/Sources/SRP/srp.swift b/Sources/SRP/srp.swift
@@ -19,7 +19,8 @@ public struct SRP<H: HashFunction> {
         hashSharedSecret: [UInt8]
     ) -> [UInt8] {
         // M = H(H(N)^ H(g)) | H(username) | salt | client key | server key | H(shared secret))
-        let N_xor_g = [UInt8](H.hash(data: configuration.N.bytes)) ^ [UInt8](H.hash(data: configuration.g.bytes))
+        let g = SRPKey(configuration.g, padding: configuration.sizeN)
+        let N_xor_g = [UInt8](H.hash(data: configuration.N.bytes)) ^ [UInt8](H.hash(data: g.bytes))
         let hashUser = H.hash(data: [UInt8](username.utf8))
         let M1 = [UInt8](N_xor_g) + hashUser + salt
         let M2 = clientPublicKey.bytes + serverPublicKey.bytes + hashSharedSecret

diff --git a/Tests/SRPTests/SRPTests.swift b/Tests/SRPTests/SRPTests.swift
@@ -130,13 +130,13 @@ final class SRPTests: XCTestCase {
 
         let a = BigNum(hex: "60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DDDA2D4393")!
         // copied from client.swift
-        let A = configuration.g.number.power(a, modulus: configuration.N)
+        let A = configuration.g.power(a, modulus: configuration.N)
 
         XCTAssertEqual(A.hex, "61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC44352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEAB349EF5D76988A3672FAC47B0769447B".lowercased())
 
         let b = BigNum(hex: "E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D105284D20")!
         // copied from server.swift
-        let B = (configuration.k * verifier + configuration.g.number.power(b, modulus: configuration.N)) % configuration.N
+        let B = (configuration.k * verifier + configuration.g.power(b, modulus: configuration.N)) % configuration.N
 
         XCTAssertEqual(B.hex, "BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC996C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAEEB4012B7D7665238A8E3FB004B117B58".lowercased())
 
@@ -172,13 +172,13 @@ final class SRPTests: XCTestCase {
 
         let b = BigNum(hex: "00f3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f")!
         // copied from server.swift
-        let B = (configuration.k * verifier + configuration.g.number.power(b, modulus: configuration.N)) % configuration.N
+        let B = (configuration.k * verifier + configuration.g.power(b, modulus: configuration.N)) % configuration.N
 
         XCTAssertEqual(SRPKey(B, padding: configuration.sizeN).hex, "0022ce5a7b9d81277172caa20b0f1efb4643b3becc53566473959b07b790d3c3f08650d5531c19ad30ebb67bdb481d1d9cf61bf272f8439848fdda58a4e6abc5abb2ac496da5098d5cbf90e29b4b110e4e2c033c70af73925fa37457ee13ea3e8fde4ab516dff1c2ae8e57a6b264fb9db637eeeae9b5e43dfaba9b329d3b8770ce89888709e026270e474eef822436e6397562f284778673a1a7bc12b6883d1c21fbc27ffb3dbeb85efda279a69a19414969113f10451603065f0a012666645651dde44a52f4d8de113e2131321df1bf4369d2585364f9e536c39a4dce33221be57d50ddccb4384e3612bbfd03a268a36e4f7e01de651401e108cc247db50392")
 
         let a = BigNum(hex: "00f2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d7")!
         // copied from client.swift
-        let A = configuration.g.number.power(a, modulus: configuration.N)
+        let A = configuration.g.power(a, modulus: configuration.N)
 
         XCTAssertEqual(SRPKey(A, padding: configuration.sizeN).hex, "007da76cb7e77af5ab61f334dbd5a958513afcdf0f47ab99271fc5f7860fe2132e5802ca79d2e5c064bb80a38ee08771c98a937696698d878d78571568c98a1c40cc6e7cb101988a2f9ba3d65679027d4d9068cb8aad6ebff0101bab6d52b5fdfa81d2ed48bba119d4ecdb7f3f478bd236d5749f2275e9484f2d0a9259d05e49d78a23dd26c60bfba04fd346e5146469a8c3f010a627be81c58ded1caaef2363635a45f97ca0d895cc92ace1d09a99d6beb6b0dc0829535c857a419e834db12864cd6ee8a843563b0240520ff0195735cd9d316842d5d3f8ef7209a0bb4b54ad7374d73e79be2c3975632de562c596470bb27bad79c3e2fcddf194e1666cb9fc")