Minetest 5.9.0-dev
 
Loading...
Searching...
No Matches
srp.h
Go to the documentation of this file.
1/*
2 * Secure Remote Password 6a implementation
3 * https://github.com/est31/csrp-gmp
4 *
5 * The MIT License (MIT)
6 *
7 * Copyright (c) 2010, 2013 Tom Cocagne, 2015 est31 <MTest31@outlook.com>
8 *
9 * Permission is hereby granted, free of charge, to any person obtaining a copy of
10 * this software and associated documentation files (the "Software"), to deal in
11 * the Software without restriction, including without limitation the rights to
12 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
13 * of the Software, and to permit persons to whom the Software is furnished to do
14 * so, subject to the following conditions:
15 *
16 * The above copyright notice and this permission notice shall be included in all
17 * copies or substantial portions of the Software.
18 *
19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
25 * SOFTWARE.
26 *
27 */
28
29/*
30 *
31 * Purpose: This is a direct implementation of the Secure Remote Password
32 * Protocol version 6a as described by
33 * http://srp.stanford.edu/design.html
34 *
35 * Author: tom.cocagne@gmail.com (Tom Cocagne)
36 *
37 * Dependencies: LibGMP
38 *
39 * Usage: Refer to test_srp.c for a demonstration
40 *
41 * Notes:
42 * This library allows multiple combinations of hashing algorithms and
43 * prime number constants. For authentication to succeed, the hash and
44 * prime number constants must match between
45 * srp_create_salted_verification_key(), srp_user_new(),
46 * and srp_verifier_new(). A recommended approach is to determine the
47 * desired level of security for an application and globally define the
48 * hash and prime number constants to the predetermined values.
49 *
50 * As one might suspect, more bits means more security. As one might also
51 * suspect, more bits also means more processing time. The test_srp.c
52 * program can be easily modified to profile various combinations of
53 * hash & prime number pairings.
54 */
55
56#pragma once
57
58struct SRPVerifier;
59struct SRPUser;
60
61typedef enum {
62 SRP_NG_1024,
63 SRP_NG_2048,
64 SRP_NG_4096,
65 SRP_NG_8192,
66 SRP_NG_CUSTOM
67} SRP_NGType;
68
69typedef enum {
70 /*SRP_SHA1,*/
71 /*SRP_SHA224,*/
72 SRP_SHA256,
73 /*SRP_SHA384,
74 SRP_SHA512*/
75} SRP_HashAlgorithm;
76
77typedef enum {
78 SRP_ERR,
79 SRP_OK,
80} SRP_Result;
81
82/* Sets the memory functions used by srp.
83 * Note: this doesn't set the memory functions used by gmp,
84 * but it is supported to have different functions for srp and gmp.
85 * Don't call this after you have already allocated srp structures.
86 */
87void srp_set_memory_functions(
88 void *(*new_srp_alloc) (size_t),
89 void *(*new_srp_realloc) (void *, size_t),
90 void (*new_srp_free) (void *));
91
92/* Out: bytes_v, len_v
93 *
94 * The caller is responsible for freeing the memory allocated for bytes_v
95 *
96 * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type.
97 * If provided, they must contain ASCII text of the hexidecimal notation.
98 *
99 * If bytes_s == NULL, it is filled with random data.
100 * The caller is responsible for freeing.
101 *
102 * Returns SRP_OK on success, and SRP_ERR on error.
103 * bytes_s might be in this case invalid, don't free it.
104 */
105SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg,
106 SRP_NGType ng_type, const char *username_for_verifier,
107 const unsigned char *password, size_t len_password,
108 unsigned char **bytes_s, size_t *len_s,
109 unsigned char **bytes_v, size_t *len_v,
110 const char *n_hex, const char *g_hex);
111
112/* Out: bytes_B, len_B.
113 *
114 * On failure, bytes_B will be set to NULL and len_B will be set to 0
115 *
116 * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type
117 *
118 * If bytes_b == NULL, random data is used for b.
119 *
120 * Returns pointer to SRPVerifier on success, and NULL on error.
121 */
122struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
123 const char *username,
124 const unsigned char *bytes_s, size_t len_s,
125 const unsigned char *bytes_v, size_t len_v,
126 const unsigned char *bytes_A, size_t len_A,
127 const unsigned char *bytes_b, size_t len_b,
128 unsigned char** bytes_B, size_t *len_B,
129 const char* n_hex, const char* g_hex);
130
131void srp_verifier_delete(struct SRPVerifier *ver);
132
133// srp_verifier_verify_session must have been called before
134int srp_verifier_is_authenticated(struct SRPVerifier *ver);
135
136const char *srp_verifier_get_username(struct SRPVerifier *ver);
137
138/* key_length may be null */
139const unsigned char *srp_verifier_get_session_key(
140 struct SRPVerifier *ver, size_t *key_length);
141
142size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver);
143
144/* Verifies session, on success, it writes bytes_HAMK.
145 * user_M must be exactly srp_verifier_get_session_key_length() bytes in size
146 */
147void srp_verifier_verify_session(
148 struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK);
149
150/*******************************************************************************/
151
152/* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */
153struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
154 const char *username, const char *username_for_verifier,
155 const unsigned char *bytes_password, size_t len_password, const char *n_hex,
156 const char *g_hex);
157
158void srp_user_delete(struct SRPUser *usr);
159
160int srp_user_is_authenticated(struct SRPUser *usr);
161
162const char *srp_user_get_username(struct SRPUser *usr);
163
164/* key_length may be null */
165const unsigned char *srp_user_get_session_key(struct SRPUser *usr, size_t *key_length);
166
167size_t srp_user_get_session_key_length(struct SRPUser *usr);
168
169/* Output: username, bytes_A, len_A.
170 * If you don't want it get written, set username to NULL.
171 * If bytes_a == NULL, random data is used for a. */
172SRP_Result srp_user_start_authentication(struct SRPUser* usr, char **username,
173 const unsigned char *bytes_a, size_t len_a,
174 unsigned char **bytes_A, size_t* len_A);
175
176/* Output: bytes_M, len_M (len_M may be null and will always be
177 * srp_user_get_session_key_length() bytes in size) */
178void srp_user_process_challenge(struct SRPUser *usr,
179 const unsigned char *bytes_s, size_t len_s,
180 const unsigned char *bytes_B, size_t len_B,
181 unsigned char **bytes_M, size_t *len_M);
182
183/* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */
184void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK);
srp_user_get_session_key
const unsigned char * srp_user_get_session_key(struct SRPUser *usr, size_t *key_length)
Definition: srp.cpp:906
SRP_HashAlgorithm
SRP_HashAlgorithm
Definition: srp.h:69
SRP_SHA256
@ SRP_SHA256
Definition: srp.h:72
srp_verifier_new
struct SRPVerifier * srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username, const unsigned char *bytes_s, size_t len_s, const unsigned char *bytes_v, size_t len_v, const unsigned char *bytes_A, size_t len_A, const unsigned char *bytes_b, size_t len_b, unsigned char **bytes_B, size_t *len_B, const char *n_hex, const char *g_hex)
Definition: srp.cpp:648
srp_user_is_authenticated
int srp_user_is_authenticated(struct SRPUser *usr)
Definition: srp.cpp:896
srp_user_new
struct SRPUser * srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username, const char *username_for_verifier, const unsigned char *bytes_password, size_t len_password, const char *n_hex, const char *g_hex)
Definition: srp.cpp:816
SRP_NGType
SRP_NGType
Definition: srp.h:61
SRP_NG_CUSTOM
@ SRP_NG_CUSTOM
Definition: srp.h:66
SRP_NG_4096
@ SRP_NG_4096
Definition: srp.h:64
SRP_NG_2048
@ SRP_NG_2048
Definition: srp.h:63
SRP_NG_1024
@ SRP_NG_1024
Definition: srp.h:62
SRP_NG_8192
@ SRP_NG_8192
Definition: srp.h:65
srp_create_salted_verification_key
SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username_for_verifier, const unsigned char *password, size_t len_password, unsigned char **bytes_s, size_t *len_s, unsigned char **bytes_v, size_t *len_v, const char *n_hex, const char *g_hex)
Definition: srp.cpp:587
srp_user_delete
void srp_user_delete(struct SRPUser *usr)
Definition: srp.cpp:874
srp_verifier_delete
void srp_verifier_delete(struct SRPVerifier *ver)
Definition: srp.cpp:770
srp_user_start_authentication
SRP_Result srp_user_start_authentication(struct SRPUser *usr, char **username, const unsigned char *bytes_a, size_t len_a, unsigned char **bytes_A, size_t *len_A)
Definition: srp.cpp:918
srp_user_get_username
const char * srp_user_get_username(struct SRPUser *usr)
Definition: srp.cpp:901
srp_verifier_get_session_key_length
size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver)
Definition: srp.cpp:798
srp_user_verify_session
void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK)
Definition: srp.cpp:1022
SRP_Result
SRP_Result
Definition: srp.h:77
SRP_ERR
@ SRP_ERR
Definition: srp.h:78
SRP_OK
@ SRP_OK
Definition: srp.h:79
srp_verifier_get_session_key
const unsigned char * srp_verifier_get_session_key(struct SRPVerifier *ver, size_t *key_length)
Definition: srp.cpp:791
srp_verifier_get_username
const char * srp_verifier_get_username(struct SRPVerifier *ver)
Definition: srp.cpp:786
srp_user_process_challenge
void srp_user_process_challenge(struct SRPUser *usr, const unsigned char *bytes_s, size_t len_s, const unsigned char *bytes_B, size_t len_B, unsigned char **bytes_M, size_t *len_M)
Definition: srp.cpp:950
srp_verifier_verify_session
void srp_verifier_verify_session(struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK)
Definition: srp.cpp:804
srp_user_get_session_key_length
size_t srp_user_get_session_key_length(struct SRPUser *usr)
Definition: srp.cpp:912
srp_set_memory_functions
void srp_set_memory_functions(void *(*new_srp_alloc)(size_t), void *(*new_srp_realloc)(void *, size_t), void(*new_srp_free)(void *))
Definition: srp.cpp:83
srp_verifier_is_authenticated
int srp_verifier_is_authenticated(struct SRPVerifier *ver)
Definition: srp.cpp:781
SRPUser
Definition: srp.cpp:241
SRPUser::username
char * username
Definition: srp.cpp:252
SRPUser::password
unsigned char * password
Definition: srp.cpp:254
SRPUser::bytes_A
unsigned char * bytes_A
Definition: srp.cpp:249
SRPVerifier
Definition: srp.cpp:228
SRPVerifier::username
char * username
Definition: srp.cpp:232
SRPVerifier::bytes_B
unsigned char * bytes_B
Definition: srp.cpp:233