Root/package/ead/src/tinysrp/t_client.h

1/*
2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
3 * All Rights Reserved.
4 *
5 * Permission is hereby granted, free of charge, to any person obtaining
6 * a copy of this software and associated documentation files (the
7 * "Software"), to deal in the Software without restriction, including
8 * without limitation the rights to use, copy, modify, merge, publish,
9 * distribute, sublicense, and/or sell copies of the Software, and to
10 * permit persons to whom the Software is furnished to do so, subject to
11 * the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
19 *
20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
25 *
26 * In addition, the following conditions apply:
27 *
28 * 1. Any software that incorporates the SRP authentication technology
29 * must display the following acknowlegment:
30 * "This product uses the 'Secure Remote Password' cryptographic
31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
32 *
33 * 2. Any software that incorporates all or part of the SRP distribution
34 * itself must also display the following acknowledgment:
35 * "This product includes software developed by Tom Wu and Eugene
36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
37 *
38 * 3. Redistributions in source or binary form must retain an intact copy
39 * of this copyright notice and list of conditions.
40 */
41
42#ifndef T_CLIENT_H
43#define T_CLIENT_H
44
45#include "t_sha.h"
46
47#if !defined(P)
48#ifdef __STDC__
49#define P(x) x
50#else
51#define P(x) ()
52#endif
53#endif
54
55/* For building dynamic link libraries under windows, windows NT
56 * using MSVC1.5 or MSVC2.0
57 */
58
59#ifndef _DLLDECL
60#define _DLLDECL
61
62#ifdef MSVC15 /* MSVC1.5 support for 16 bit apps */
63#define _MSVC15EXPORT _export
64#define _MSVC20EXPORT
65#define _DLLAPI _export _pascal
66#define _TYPE(a) a _MSVC15EXPORT
67#define DLLEXPORT 1
68
69#elif MSVC20
70#define _MSVC15EXPORT
71#define _MSVC20EXPORT _declspec(dllexport)
72#define _DLLAPI
73#define _TYPE(a) _MSVC20EXPORT a
74#define DLLEXPORT 1
75
76#else /* Default, non-dll. Use this for Unix or DOS */
77#define _MSVC15DEXPORT
78#define _MSVC20EXPORT
79#define _DLLAPI
80#define _TYPE(a) a
81#endif
82#endif
83
84#define ALEN 32
85#define MIN_MOD_BYTES 64 /* 512 bits */
86
87struct t_client {
88  struct t_num n;
89  struct t_num g;
90  struct t_num s;
91
92  struct t_num a;
93  struct t_num A;
94
95  struct t_num p;
96  struct t_num v;
97
98  SHA1_CTX hash, ckhash;
99
100  char username[MAXUSERLEN];
101  unsigned char session_key[SESSION_KEY_LEN];
102  unsigned char session_response[RESPONSE_LEN];
103
104  unsigned char nbuf[MAXPARAMLEN], gbuf[MAXPARAMLEN], sbuf[MAXSALTLEN];
105  unsigned char pbuf[MAXPARAMLEN], vbuf[MAXPARAMLEN];
106  unsigned char abuf[ALEN], Abuf[MAXPARAMLEN];
107};
108
109/*
110 * SRP client-side negotiation
111 *
112 * This code negotiates the client side of an SRP exchange.
113 * "t_clientopen" accepts a username, and N, g, and s parameters,
114 * which are usually sent by the server in the first round.
115 * The client should then call...
116 * "t_clientgenexp" will generate a random 256-bit exponent and
117 * raise g to that power, returning the result. This result
118 * should be sent to the server as w(p).
119 * "t_clientpasswd" accepts the user's password, which should be
120 * entered locally and updates the client's state.
121 * "t_clientgetkey" accepts the exponential y(p), which should
122 * be sent by the server in the next round and computes the
123 * 256-bit session key. This data should be saved before the
124 * session is closed.
125 * "t_clientresponse" computes the session key proof as SHA(y(p), K).
126 * "t_clientclose" closes the session and frees its memory.
127 *
128 * Note that authentication is not performed per se; it is up
129 * to either/both sides of the protocol to now verify securely
130 * that their session keys agree in order to establish authenticity.
131 * One possible way is through "oracle hashing"; one side sends
132 * r, the other replies with H(r,K), where H() is a hash function.
133 *
134 * t_clientresponse and t_clientverify now implement a version of
135 * the session-key verification described above.
136 */
137_TYPE( struct t_client * )
138  t_clientopen P((const char *, struct t_num *, struct t_num *,
139          struct t_num *));
140_TYPE( struct t_num * ) t_clientgenexp P((struct t_client *));
141_TYPE( void ) t_clientpasswd P((struct t_client *, char *));
142_TYPE( unsigned char * )
143  t_clientgetkey P((struct t_client *, struct t_num *));
144_TYPE( int ) t_clientverify P((struct t_client *, unsigned char *));
145_TYPE( unsigned char * ) t_clientresponse P((struct t_client *));
146_TYPE( void ) t_clientclose P((struct t_client *));
147
148#endif
149

Archive Download this file

Branches:
backfire
history
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-10-11
uclibc_nptl



interactive