aboutsummaryrefslogtreecommitdiffstats
path: root/src/constructs
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-04-25 13:48:08 +0000
committerlloyd <[email protected]>2012-04-25 13:48:08 +0000
commitb72a44475d06263e1492f8913310b5f29515cba6 (patch)
tree680752dbd43999cea16851b9c196046d9e5fbd7f /src/constructs
parentedca5f211722ea6b9d99b8b5fce4603a1b9b422d (diff)
parentf14a9fdee7902ba1a4c962cfbabe29d5146e7c55 (diff)
propagate from branch 'net.randombit.botan.tls-state-machine' (head a4741cd07f50a9e1b29b0dd97c6fb8697c038ade)
to branch 'net.randombit.botan.cxx11' (head 116e5ff139c07000be431e07d3472cc8f3919b91)
Diffstat (limited to 'src/constructs')
-rw-r--r--src/constructs/srp6/srp6.cpp55
-rw-r--r--src/constructs/srp6/srp6.h71
-rw-r--r--src/constructs/srp6/srp6_files.cpp2
-rw-r--r--src/constructs/srp6/srp6_files.h4
4 files changed, 77 insertions, 55 deletions
diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp
index b2785e7f6..9ce0d18be 100644
--- a/src/constructs/srp6/srp6.cpp
+++ b/src/constructs/srp6/srp6.cpp
@@ -1,6 +1,6 @@
/*
-* SRP-6a
-* (C) 2011 Jack Lloyd
+* SRP-6a (RFC 5054 compatatible)
+* (C) 2011,2012 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -69,14 +69,37 @@ BigInt compute_x(const std::string& hash_id,
}
+std::string srp6_group_identifier(const BigInt& N, const BigInt& g)
+ {
+ /*
+ This function assumes that only one 'standard' SRP parameter set has
+ been defined for a particular bitsize. As of this writing that is the case.
+ */
+ try
+ {
+ const std::string group_name = "modp/srp/" + to_string(N.bits());
+
+ DL_Group group(group_name);
+
+ if(group.get_p() == N && group.get_g() == g)
+ return group_name;
+
+ throw std::runtime_error("Unknown SRP params");
+ }
+ catch(...)
+ {
+ throw Invalid_Argument("Bad SRP group parameters");
+ }
+ }
+
std::pair<BigInt, SymmetricKey>
-SRP6_Client_Session:: step1(const std::string& identifier,
- const std::string& password,
- const std::string& group_id,
- const std::string& hash_id,
- const MemoryRegion<byte>& salt,
- const BigInt& B,
- RandomNumberGenerator& rng)
+srp6_client_agree(const std::string& identifier,
+ const std::string& password,
+ const std::string& group_id,
+ const std::string& hash_id,
+ const MemoryRegion<byte>& salt,
+ const BigInt& B,
+ RandomNumberGenerator& rng)
{
DL_Group group(group_id);
const BigInt& g = group.get_g();
@@ -89,7 +112,7 @@ SRP6_Client_Session:: step1(const std::string& identifier,
BigInt k = hash_seq(hash_id, p_bytes, p, g);
- BigInt a(rng, p.bits() - 1);
+ BigInt a(rng, 256);
BigInt A = power_mod(g, a, p);
@@ -104,11 +127,11 @@ SRP6_Client_Session:: step1(const std::string& identifier,
return std::make_pair(A, Sk);
}
-BigInt SRP6_Client_Session::generate_verifier(const std::string& identifier,
- const std::string& password,
- const MemoryRegion<byte>& salt,
- const std::string& group_id,
- const std::string& hash_id)
+BigInt generate_srp6_verifier(const std::string& identifier,
+ const std::string& password,
+ const MemoryRegion<byte>& salt,
+ const std::string& group_id,
+ const std::string& hash_id)
{
const BigInt x = compute_x(hash_id, identifier, password, salt);
@@ -129,7 +152,7 @@ BigInt SRP6_Server_Session::step1(const BigInt& v,
BigInt k = hash_seq(hash_id, p_bytes, p, g);
- BigInt b(rng, p.bits() - 1);
+ BigInt b(rng, 256);
B = (v*k + power_mod(g, b, p)) % p;
diff --git a/src/constructs/srp6/srp6.h b/src/constructs/srp6/srp6.h
index 01bd2a4c7..4fd127c70 100644
--- a/src/constructs/srp6/srp6.h
+++ b/src/constructs/srp6/srp6.h
@@ -1,6 +1,6 @@
/*
* SRP-6a (RFC 5054 compatatible)
-* (C) 2011 Jack Lloyd
+* (C) 2011,2012 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -17,44 +17,43 @@
namespace Botan {
/**
-* Represents a SRP-6a client session
+* SRP6a Client side
+* @param username the username we are attempting login for
+* @param password the password we are attempting to use
+* @param group_id specifies the shared SRP group
+* @param hash_id specifies a secure hash function
+* @param salt is the salt value sent by the server
+* @param B is the server's public value
+* @param rng is a random number generator
+*
+* @return (A,K) the client public key and the shared secret key
*/
-class BOTAN_DLL SRP6_Client_Session
- {
- public:
+std::pair<BigInt,SymmetricKey>
+BOTAN_DLL srp6_client_agree(const std::string& username,
+ const std::string& password,
+ const std::string& group_id,
+ const std::string& hash_id,
+ const MemoryRegion<byte>& salt,
+ const BigInt& B,
+ RandomNumberGenerator& rng);
- /**
- * Client side step 1
- * @param username the username we are attempting login for
- * @param password the password we are attempting to use
- * @param group_id specifies the shared SRP group
- * @param hash_id specifies a secure hash function
- * @param salt is the salt value sent by the server
- * @param B is the server's public value
- * @param rng is a random number generator
- *
- * @return (A,K) the client public key and the shared secret key
- */
- std::pair<BigInt,SymmetricKey> step1(const std::string& username,
- const std::string& password,
- const std::string& group_id,
- const std::string& hash_id,
- const MemoryRegion<byte>& salt,
- const BigInt& B,
- RandomNumberGenerator& rng);
+/**
+* Generate a new SRP-6 verifier
+* @param identifier a username or other client identifier
+* @param password the secret used to authenticate user
+* @param salt a randomly chosen value, at least 128 bits long
+*/
+BigInt BOTAN_DLL generate_srp6_verifier(const std::string& identifier,
+ const std::string& password,
+ const MemoryRegion<byte>& salt,
+ const std::string& group_id,
+ const std::string& hash_id);
- /**
- * Generate a new SRP-6 verifier
- * @param identifier a username or other client identifier
- * @param password the secret used to authenticate user
- * @param salt a randomly chosen value, at least 128 bits long
- */
- static BigInt generate_verifier(const std::string& identifier,
- const std::string& password,
- const MemoryRegion<byte>& salt,
- const std::string& group_id,
- const std::string& hash_id);
- };
+/**
+* Return the group id for this SRP param set, or else thrown an
+* exception
+*/
+std::string BOTAN_DLL srp6_group_identifier(const BigInt& N, const BigInt& g);
/**
* Represents a SRP-6a server session
diff --git a/src/constructs/srp6/srp6_files.cpp b/src/constructs/srp6/srp6_files.cpp
index 2d685614f..bc321745f 100644
--- a/src/constructs/srp6/srp6_files.cpp
+++ b/src/constructs/srp6/srp6_files.cpp
@@ -51,7 +51,7 @@ SRP6_Authenticator_File::SRP6_Authenticator_File(const std::string& filename)
bool SRP6_Authenticator_File::lookup_user(const std::string& username,
BigInt& v,
- MemoryVector<byte>& salt,
+ MemoryRegion<byte>& salt,
std::string& group_id) const
{
std::map<std::string, SRP6_Data>::const_iterator i = entries.find(username);
diff --git a/src/constructs/srp6/srp6_files.h b/src/constructs/srp6/srp6_files.h
index 1def0fd51..4e3293423 100644
--- a/src/constructs/srp6/srp6_files.h
+++ b/src/constructs/srp6/srp6_files.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* A GnuTLS compatible SRP6 authenticator file
*/
-class SRP6_Authenticator_File
+class BOTAN_DLL SRP6_Authenticator_File
{
public:
/**
@@ -28,7 +28,7 @@ class SRP6_Authenticator_File
bool lookup_user(const std::string& username,
BigInt& v,
- MemoryVector<byte>& salt,
+ MemoryRegion<byte>& salt,
std::string& group_id) const;
private:
struct SRP6_Data