wolfssl-doc/html/wolfssl_2wolfcrypt_2srp_8h_source.html

/* srp.h

 *

 * Copyright (C) 2006-2020 wolfSSL Inc.

 *

 * This file is part of wolfSSL.

 *

 * wolfSSL is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 2 of the License, or

 * (at your option) any later version.

 *

 * wolfSSL is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, write to the Free Software

 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA

 */


#ifdef WOLFCRYPT_HAVE_SRP


#ifndef WOLFCRYPT_SRP_H

#define WOLFCRYPT_SRP_H


#include <wolfssl/wolfcrypt/types.h>

#include <wolfssl/wolfcrypt/sha.h>

#include <wolfssl/wolfcrypt/sha256.h>

#include <wolfssl/wolfcrypt/sha512.h>

#include <wolfssl/wolfcrypt/integer.h>


#ifdef __cplusplus

    extern "C" {

#endif


/* Select the largest available hash for the buffer size. */

#if defined(WOLFSSL_SHA512)

    #define SRP_MAX_DIGEST_SIZE WC_SHA512_DIGEST_SIZE

#elif defined(WOLFSSL_SHA384)

    #define SRP_MAX_DIGEST_SIZE WC_SHA384_DIGEST_SIZE

#elif !defined(NO_SHA256)

    #define SRP_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE

#elif !defined(NO_SHA)

    #define SRP_MAX_DIGEST_SIZE WC_SHA_DIGEST_SIZE

#else

    #error "You have to have some kind of SHA hash if you want to use SRP."

#endif


/* Set the minimum number of bits acceptable in an SRP modulus */

#define SRP_MODULUS_MIN_BITS 512


/* Set the minimum number of bits acceptable for private keys (RFC 5054) */

#define SRP_PRIVATE_KEY_MIN_BITS 256


/* salt size for SRP password */

#define SRP_SALT_SIZE  16


typedef enum {

    SRP_CLIENT_SIDE  = 0,

    SRP_SERVER_SIDE  = 1,

} SrpSide;


typedef enum {

        SRP_TYPE_SHA    = 1,

        SRP_TYPE_SHA256 = 2,

        SRP_TYPE_SHA384 = 3,

        SRP_TYPE_SHA512 = 4,

} SrpType;


typedef struct {

    byte type;

    union {

        #ifndef NO_SHA

            wc_Sha sha;

        #endif

        #ifndef NO_SHA256

            wc_Sha256 sha256;

        #endif

        #ifdef WOLFSSL_SHA384

            wc_Sha384 sha384;

        #endif

        #ifdef WOLFSSL_SHA512

            wc_Sha512 sha512;

        #endif

    } data;

} SrpHash;


typedef struct Srp {

    SrpSide side;

    SrpType type;

    byte*   user;

    word32  userSz;

    byte*   salt;

    word32  saltSz;

    mp_int  N;

    mp_int  g;

    byte    k[SRP_MAX_DIGEST_SIZE];

    mp_int  auth;

    mp_int  priv;

    SrpHash client_proof;

    SrpHash server_proof;

    byte*   key;

    word32  keySz;

    int (*keyGenFunc_cb) (struct Srp* srp, byte* secret, word32 size);

    void*   heap;

} Srp;


WOLFSSL_API int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);


WOLFSSL_API void wc_SrpTerm(Srp* srp);


WOLFSSL_API int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);


WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,

                                          const byte* g,    word32 gSz,

                                          const byte* salt, word32 saltSz);


WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);


WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);


WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);


WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);


WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);


WOLFSSL_API int wc_SrpComputeKey(Srp* srp,

                                 byte* clientPubKey, word32 clientPubKeySz,

                                 byte* serverPubKey, word32 serverPubKeySz);


WOLFSSL_API int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);


WOLFSSL_API int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size);


#ifdef __cplusplus

   } /* extern "C" */

#endif


#endif /* WOLFCRYPT_SRP_H */

#endif /* WOLFCRYPT_HAVE_SRP */

wc_SrpTerm
WOLFSSL_API void wc_SrpTerm(Srp *srp)
Releases the Srp struct resources after usage.
Definition srp.c:267

wc_SrpInit
WOLFSSL_API int wc_SrpInit(Srp *srp, SrpType type, SrpSide side)
Initializes the Srp struct for usage.
Definition srp.c:191

wc_SrpGetVerifier
WOLFSSL_API int wc_SrpGetVerifier(Srp *srp, byte *verifier, word32 *size)
Gets the verifier. The client calculates the verifier with v = g ^ x % N. This function MAY be called...
Definition srp.c:424

wc_SrpGetPublic
WOLFSSL_API int wc_SrpGetPublic(Srp *srp, byte *pub, word32 *size)
Gets the public ephemeral value. The public ephemeral value is known as: A at the client side....
Definition srp.c:494

wc_SrpSetPrivate
WOLFSSL_API int wc_SrpSetPrivate(Srp *srp, const byte *priv, word32 size)
Sets the private ephemeral value. The private ephemeral value is known as: a at the client side....
Definition srp.c:458

wc_SrpSetPassword
WOLFSSL_API int wc_SrpSetPassword(Srp *srp, const byte *password, word32 size)
Sets the password. Setting the password does not persists the clear password data in the srp structur...
Definition srp.c:388

wc_SrpVerifyPeersProof
WOLFSSL_API int wc_SrpVerifyPeersProof(Srp *srp, byte *proof, word32 size)
Verifies the peers proof. This function MUST be called before wc_SrpGetSessionKey.
Definition srp.c:730

wc_SrpSetVerifier
WOLFSSL_API int wc_SrpSetVerifier(Srp *srp, const byte *verifier, word32 size)
Sets the verifier. This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY.
Definition srp.c:450

wc_SrpSetUsername
WOLFSSL_API int wc_SrpSetUsername(Srp *srp, const byte *username, word32 size)
Sets the username. This function MUST be called after wc_SrpInit.
Definition srp.c:289

wc_SrpComputeKey
WOLFSSL_API int wc_SrpComputeKey(Srp *srp, byte *clientPubKey, word32 clientPubKeySz, byte *serverPubKey, word32 serverPubKeySz)
Computes the session key. The key can be accessed at srp->key after success.
Definition srp.c:590

wc_SrpGetProof
WOLFSSL_API int wc_SrpGetProof(Srp *srp, byte *proof, word32 *size)
Gets the proof. This function MUST be called after wc_SrpComputeKey.
Definition srp.c:704

SrpHash
Definition srp.h:85

Srp
Definition srp.h:103

Srp::N
mp_int N
Definition srp.h:110

Srp::saltSz
word32 saltSz
Definition srp.h:109

Srp::server_proof
SrpHash server_proof
Definition srp.h:117

Srp::client_proof
SrpHash client_proof
Definition srp.h:116

Srp::user
byte * user
Definition srp.h:106

Srp::priv
mp_int priv
Definition srp.h:115

Srp::keyGenFunc_cb
int(* keyGenFunc_cb)(struct Srp *srp, byte *secret, word32 size)
Definition srp.h:120

Srp::side
SrpSide side
Definition srp.h:104

Srp::k
byte k[SRP_MAX_DIGEST_SIZE]
Definition srp.h:112

Srp::auth
mp_int auth
Definition srp.h:113

Srp::keySz
word32 keySz
Definition srp.h:119

Srp::heap
void * heap
Definition srp.h:127

Srp::salt
byte * salt
Definition srp.h:108

Srp::key
byte * key
Definition srp.h:118

Srp::userSz
word32 userSz
Definition srp.h:107

Srp::g
mp_int g
Definition srp.h:111

Srp::type
SrpType type
Definition srp.h:105

mp_int
Definition integer.h:200

wc_Sha256
Definition sha256.h:132

wc_Sha512
Definition sha512.h:116

wc_Sha
Definition wolfcaam_sha.h:68

sha256.h

sha512.h

sha.h

SrpType
SrpType
Definition srp.h:74

wc_SrpSetParams
WOLFSSL_API int wc_SrpSetParams(Srp *srp, const byte *N, word32 nSz, const byte *g, word32 gSz, const byte *salt, word32 saltSz)
Definition srp.c:304

types.h