diff options
| author | lloyd <[email protected]> | 2012-04-05 01:17:22 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-04-05 01:17:22 +0000 |
| commit | cdde9a171e3fcb164e7946c198ba4d8f9ef486fb (patch) | |
| tree | 779416f51711e9e71684e0260a755703e955576e /src/constructs | |
| parent | cc041b2a855331b33a6458377498625b05f076bb (diff) | |
Remove the client SRP6 class, really free standing functions are fine
for this.
Add a new function that identifies a named SRP group from the N/g
params - this is important as we need to verify the SRP groups, the
easiest way to do that is to to force them to be a known/published
value.
Add the 1536, 3072, 4096, 6144, and 8192 bit groups from RFC 5054
Diffstat (limited to 'src/constructs')
| -rw-r--r-- | src/constructs/srp6/srp6.cpp | 47 | ||||
| -rw-r--r-- | src/constructs/srp6/srp6.h | 68 |
2 files changed, 68 insertions, 47 deletions
diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp index 287f0bdfb..cb9bf27bc 100644 --- a/src/constructs/srp6/srp6.cpp +++ b/src/constructs/srp6/srp6.cpp @@ -69,14 +69,37 @@ BigInt compute_x(const std::string& hash_id, } +std::string srp6_group_identifier(const BigInt& N, const BigInt& g) + { + /* + This function assumes that only one 'standard' SRP parameter set has + been defined for a particular bitsize. As of this writing that is the case. + */ + try + { + const std::string group_name = "modp/srp/" + to_string(N.bits()); + + DL_Group group(group_name); + + if(group.get_p() == N && group.get_g() == g) + return group_name; + + throw std::runtime_error("Unknown SRP params"); + } + catch(...) + { + throw Invalid_Argument("Bad SRP group parameters"); + } + } + std::pair<BigInt, SymmetricKey> -SRP6_Client_Session:: step1(const std::string& identifier, - const std::string& password, - const std::string& group_id, - const std::string& hash_id, - const MemoryRegion<byte>& salt, - const BigInt& B, - RandomNumberGenerator& rng) +srp6_client_agree(const std::string& identifier, + const std::string& password, + const std::string& group_id, + const std::string& hash_id, + const MemoryRegion<byte>& salt, + const BigInt& B, + RandomNumberGenerator& rng) { DL_Group group(group_id); const BigInt& g = group.get_g(); @@ -104,11 +127,11 @@ SRP6_Client_Session:: step1(const std::string& identifier, return std::make_pair(A, Sk); } -BigInt SRP6_Client_Session::generate_verifier(const std::string& identifier, - const std::string& password, - const MemoryRegion<byte>& salt, - const std::string& group_id, - const std::string& hash_id) +BigInt generate_srp6_verifier(const std::string& identifier, + const std::string& password, + const MemoryRegion<byte>& salt, + const std::string& group_id, + const std::string& hash_id) { const BigInt x = compute_x(hash_id, identifier, password, salt); diff --git a/src/constructs/srp6/srp6.h b/src/constructs/srp6/srp6.h index 01bd2a4c7..bf5cb4863 100644 --- a/src/constructs/srp6/srp6.h +++ b/src/constructs/srp6/srp6.h @@ -17,44 +17,42 @@ namespace Botan { /** -* Represents a SRP-6a client session +* SRP6a Client side +* @param username the username we are attempting login for +* @param password the password we are attempting to use +* @param group_id specifies the shared SRP group +* @param hash_id specifies a secure hash function +* @param salt is the salt value sent by the server +* @param B is the server's public value +* @param rng is a random number generator +* +* @return (A,K) the client public key and the shared secret key */ -class BOTAN_DLL SRP6_Client_Session - { - public: +std::pair<BigInt,SymmetricKey> srp6_client_agree(const std::string& username, + const std::string& password, + const std::string& group_id, + const std::string& hash_id, + const MemoryRegion<byte>& salt, + const BigInt& B, + RandomNumberGenerator& rng); - /** - * Client side step 1 - * @param username the username we are attempting login for - * @param password the password we are attempting to use - * @param group_id specifies the shared SRP group - * @param hash_id specifies a secure hash function - * @param salt is the salt value sent by the server - * @param B is the server's public value - * @param rng is a random number generator - * - * @return (A,K) the client public key and the shared secret key - */ - std::pair<BigInt,SymmetricKey> step1(const std::string& username, - const std::string& password, - const std::string& group_id, - const std::string& hash_id, - const MemoryRegion<byte>& salt, - const BigInt& B, - RandomNumberGenerator& rng); +/** +* Generate a new SRP-6 verifier +* @param identifier a username or other client identifier +* @param password the secret used to authenticate user +* @param salt a randomly chosen value, at least 128 bits long +*/ +BigInt generate_srp6_verifier(const std::string& identifier, + const std::string& password, + const MemoryRegion<byte>& salt, + const std::string& group_id, + const std::string& hash_id); - /** - * Generate a new SRP-6 verifier - * @param identifier a username or other client identifier - * @param password the secret used to authenticate user - * @param salt a randomly chosen value, at least 128 bits long - */ - static BigInt generate_verifier(const std::string& identifier, - const std::string& password, - const MemoryRegion<byte>& salt, - const std::string& group_id, - const std::string& hash_id); - }; +/** +* Return the group id for this SRP param set, or else thrown an +* exception +*/ +std::string srp6_group_identifier(const BigInt& N, const BigInt& g); /** * Represents a SRP-6a server session |