aboutsummaryrefslogtreecommitdiffstats
path: root/doc/manual
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-09-20 02:27:46 -0400
committerJack Lloyd <[email protected]>2017-09-20 02:27:46 -0400
commitb480445b757fa28087b71b050571d71aca624659 (patch)
treed0ee2b09a64dd7690540808475e44ade48f99e55 /doc/manual
parent4dc1459c8f126a25167ddc6ebb4d88c175abc22d (diff)
Complete SRP6 doc
Still sparse but not actually truncated anymore. Closes #1029 [ci skip]
Diffstat (limited to 'doc/manual')
-rw-r--r--doc/manual/srp.rst36
1 files changed, 32 insertions, 4 deletions
diff --git a/doc/manual/srp.rst b/doc/manual/srp.rst
index 74b67d890..071f3ea19 100644
--- a/doc/manual/srp.rst
+++ b/doc/manual/srp.rst
@@ -8,7 +8,11 @@ password based key exchange protocol
A SRP client provides what is called a SRP *verifier* to the server.
This verifier is based on a password, but the password cannot be
easily derived from the verifier. Later, the client and server can
-perform an SRP exchange, in which
+perform an SRP exchange, which results in a shared key.
+
+SRP works in a discrete logarithm group. Special parameter sets for
+SRP6 are defined, denoted in the library as "modp/srp/<size>", for
+example "modp/srp/2048".
.. warning::
@@ -17,7 +21,6 @@ perform an SRP exchange, in which
impersonate the server to the client, so verifiers should be
carefully protected.
-
.. cpp:function:: BigInt generate_srp6_verifier( \
const std::string& identifier, \
const std::string& password, \
@@ -25,6 +28,26 @@ perform an SRP exchange, in which
const std::string& group_id, \
const std::string& hash_id)
+ Generates a new verifier using the specified password and salt.
+ This is stored by the server. The salt must also be stored.
+
+.. cpp:function:: std::string srp6_group_identifier( \
+ const BigInt& N, const BigInt& g)
+
+.. cpp:class:: SRP6_Server_Session
+
+ .. cpp:function:: BigInt step1(const BigInt& v, \
+ const std::string& group_id, \
+ const std::string& hash_id, \
+ RandomNumberGenerator& rng)
+
+ Takes a verifier (generated by generate_srp6_verifier)
+ along with the group_id (which must match
+
+ .. cpp:function:: SymmetricKey step2(const BigInt& A)
+
+ Takes the parameter A generated by srp6_client_agree,
+ and return the shared secret key.
.. cpp:function:: std::pair<BigInt,SymmetricKey> srp6_client_agree( \
const std::string& username, \
@@ -35,5 +58,10 @@ perform an SRP exchange, in which
const BigInt& B, \
RandomNumberGenerator& rng)
-.. cpp:function:: std::string srp6_group_identifier( \
- const BigInt& N, const BigInt& g)
+ The client receives these parameters from the server, except for
+ the username and password which are provided by the user. The
+ parameter B is the output of `step1`.
+
+ The client agreement step outputs a shared symmetric key along
+ with the parameter A which is returned to the server (and allows
+ it the compute the shared key).