wolfssl-doc/html/wolfssl_2wolfcrypt_2srp_8h_source.html

 /* srp.h
  *
  * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
  * wolfSSL is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 2 of the License, or
  * (at your option) any later version.
  *
  * wolfSSL is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */

 #ifdef WOLFCRYPT_HAVE_SRP

 #ifndef WOLFCRYPT_SRP_H
 #define WOLFCRYPT_SRP_H

 #include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/sha512.h>
 #include <wolfssl/wolfcrypt/integer.h>

 #ifdef __cplusplus
     extern "C" {
 #endif

 /* Select the largest available hash for the buffer size. */
 #if defined(WOLFSSL_SHA512)
     #define SRP_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE
 #elif defined(WOLFSSL_SHA384)
     #define SRP_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE
 #elif !defined(NO_SHA256)
     #define SRP_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
 #elif !defined(NO_SHA)
     #define SRP_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE
 #else
     #error "You have to have some kind of SHA hash if you want to use SRP."
 #endif

 /* Set the minimum number of bits acceptable in an SRP modulus */
 #define SRP_MODULUS_MIN_BITS 512

 /* Set the minimum number of bits acceptable for private keys (RFC 5054) */
 #define SRP_PRIVATE_KEY_MIN_BITS 256

 /* salt size for SRP password */
 #define SRP_SALT_SIZE  16

 typedef enum {
     SRP_CLIENT_SIDE  = 0,
     SRP_SERVER_SIDE  = 1,
 } SrpSide;

 typedef enum {
         SRP_TYPE_SHA    = 1,
         SRP_TYPE_SHA256 = 2,
         SRP_TYPE_SHA384 = 3,
         SRP_TYPE_SHA512 = 4,
 } SrpType;


 typedef struct {
     byte type;
     union {
         #ifndef NO_SHA
             wc_Sha sha;
         #endif
         #ifndef NO_SHA256
             wc_Sha256 sha256;
         #endif
         #ifdef WOLFSSL_SHA384
             wc_Sha384 sha384;
         #endif
         #ifdef WOLFSSL_SHA512
             wc_Sha512 sha512;
         #endif
     } data;
 } SrpHash;

 typedef struct Srp {
     SrpSide side;
     SrpType type;
     byte*   user;
     word32  userSz;
     byte*   salt;
     word32  saltSz;
     mp_int  N;
     mp_int  g;
     byte    k[SRP_MAX_DIGEST_SIZE];
     mp_int  auth;
     mp_int  priv;
     SrpHash client_proof;
     SrpHash server_proof;
     byte*   key;
     word32  keySz;
     int (*keyGenFunc_cb) (struct Srp* srp, byte* secret, word32 size);
     void*   heap;
 } Srp;

 WOLFSSL_API int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);

 WOLFSSL_API void wc_SrpTerm(Srp* srp);

 WOLFSSL_API int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);


 WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,
                                           const byte* g,    word32 gSz,
                                           const byte* salt, word32 saltSz);

 WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);

 WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);

 WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);

 WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);

 WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);


 WOLFSSL_API int wc_SrpComputeKey(Srp* srp,
                                  byte* clientPubKey, word32 clientPubKeySz,
                                  byte* serverPubKey, word32 serverPubKeySz);

 WOLFSSL_API int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);

 WOLFSSL_API int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size);

 #ifdef __cplusplus
    } /* extern "C" */
 #endif

 #endif /* WOLFCRYPT_SRP_H */
 #endif /* WOLFCRYPT_HAVE_SRP */
Srp::N
mp_int N
Definition: srp.h:110

sha.h

sha512.h

Srp::g
mp_int g
Definition: srp.h:111

Srp::k
byte k[SRP_MAX_DIGEST_SIZE]
Definition: srp.h:112

wc_SrpTerm
WOLFSSL_API void wc_SrpTerm(Srp *srp)
Releases the Srp struct resources after usage.
Definition: srp.c:267

wc_Sha256
Definition: sha256.h:132

Srp::priv
mp_int priv
Definition: srp.h:115

Srp::key
byte * key
Definition: srp.h:118

Srp::keyGenFunc_cb
int(* keyGenFunc_cb)(struct Srp *srp, byte *secret, word32 size)
Definition: srp.h:120

Srp
Definition: srp.h:103

wc_SrpGetVerifier
WOLFSSL_API int wc_SrpGetVerifier(Srp *srp, byte *verifier, word32 *size)
Gets the verifier. The client calculates the verifier with v = g ^ x % N. This function MAY be called...
Definition: srp.c:424

Srp::saltSz
word32 saltSz
Definition: srp.h:109

Srp::client_proof
SrpHash client_proof
Definition: srp.h:116

wc_SrpSetPassword
WOLFSSL_API int wc_SrpSetPassword(Srp *srp, const byte *password, word32 size)
Sets the password. Setting the password does not persists the clear password data in the srp structur...
Definition: srp.c:388

Srp::keySz
word32 keySz
Definition: srp.h:119

wc_SrpInit
WOLFSSL_API int wc_SrpInit(Srp *srp, SrpType type, SrpSide side)
Initializes the Srp struct for usage.
Definition: srp.c:191

Srp::type
SrpType type
Definition: srp.h:105

mp_int
Definition: integer.h:200

Srp::userSz
word32 userSz
Definition: srp.h:107

wc_SrpSetUsername
WOLFSSL_API int wc_SrpSetUsername(Srp *srp, const byte *username, word32 size)
Sets the username. This function MUST be called after wc_SrpInit.
Definition: srp.c:289

Srp::side
SrpSide side
Definition: srp.h:104

SrpType
SrpType
Definition: srp.h:74

wc_Sha512
Definition: sha512.h:116

wc_SrpSetPrivate
WOLFSSL_API int wc_SrpSetPrivate(Srp *srp, const byte *priv, word32 size)
Sets the private ephemeral value. The private ephemeral value is known as: a at the client side...
Definition: srp.c:458

wc_SrpSetVerifier
WOLFSSL_API int wc_SrpSetVerifier(Srp *srp, const byte *verifier, word32 size)
Sets the verifier. This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY...
Definition: srp.c:450

Srp::salt
byte * salt
Definition: srp.h:108

wc_SrpVerifyPeersProof
WOLFSSL_API int wc_SrpVerifyPeersProof(Srp *srp, byte *proof, word32 size)
Verifies the peers proof. This function MUST be called before wc_SrpGetSessionKey.
Definition: srp.c:730

types.h

sha256.h

Srp::user
byte * user
Definition: srp.h:106

wc_SrpGetPublic
WOLFSSL_API int wc_SrpGetPublic(Srp *srp, byte *pub, word32 *size)
Gets the public ephemeral value. The public ephemeral value is known as: A at the client side...
Definition: srp.c:494

Srp::heap
void * heap
Definition: srp.h:127

wc_Sha
Definition: wolfcaam_sha.h:68

wc_SrpGetProof
WOLFSSL_API int wc_SrpGetProof(Srp *srp, byte *proof, word32 *size)
Gets the proof. This function MUST be called after wc_SrpComputeKey.
Definition: srp.c:704

wc_SrpComputeKey
WOLFSSL_API int wc_SrpComputeKey(Srp *srp, byte *clientPubKey, word32 clientPubKeySz, byte *serverPubKey, word32 serverPubKeySz)
Computes the session key. The key can be accessed at srp->key after success.
Definition: srp.c:590

SrpHash
Definition: srp.h:85

Srp::server_proof
SrpHash server_proof
Definition: srp.h:117

wc_SrpSetParams
WOLFSSL_API int wc_SrpSetParams(Srp *srp, const byte *N, word32 nSz, const byte *g, word32 gSz, const byte *salt, word32 saltSz)
Sets the srp parameters based on the username.. Must be called after wc_SrpSetUsername.
Definition: srp.c:304

Srp::auth
mp_int auth
Definition: srp.h:113