Update CSRP-GMP to commit deaa11a7c29a73008

Backports 10 commits, with 8 commits
actually affecting source code:

695822e45d...deaa11a7c2
This commit is contained in:
est31 2016-04-10 04:08:22 +02:00
parent c566a8f2de
commit 9a04dfd0f5
2 changed files with 314 additions and 361 deletions

File diff suppressed because it is too large Load Diff

@ -56,12 +56,10 @@
#ifndef SRP_H
#define SRP_H
struct SRPVerifier;
struct SRPUser;
typedef enum
{
typedef enum {
SRP_NG_1024,
SRP_NG_2048,
SRP_NG_4096,
@ -69,8 +67,7 @@ typedef enum
SRP_NG_CUSTOM
} SRP_NGType;
typedef enum
{
typedef enum {
/*SRP_SHA1,*/
/*SRP_SHA224,*/
SRP_SHA256,
@ -78,12 +75,13 @@ typedef enum
SRP_SHA512*/
} SRP_HashAlgorithm;
typedef enum
{
SRP_OK,
typedef enum {
SRP_ERR,
SRP_OK,
} SRP_Result;
// clang-format off
/* Sets the memory functions used by srp.
* Note: this doesn't set the memory functions used by gmp,
* but it is supported to have different functions for srp and gmp.
@ -101,17 +99,18 @@ void srp_set_memory_functions(
* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type.
* If provided, they must contain ASCII text of the hexidecimal notation.
*
* If bytes_s == NULL, it is filled with random data. The caller is responsible for freeing.
* If bytes_s == NULL, it is filled with random data.
* The caller is responsible for freeing.
*
* Returns SRP_OK on success, and SRP_ERR on error.
* bytes_s might be in this case invalid, don't free it.
*/
SRP_Result srp_create_salted_verification_key( SRP_HashAlgorithm alg,
SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg,
SRP_NGType ng_type, const char *username_for_verifier,
const unsigned char *password, size_t len_password,
unsigned char **bytes_s, size_t *len_s,
unsigned char **bytes_v, size_t *len_v,
const char * n_hex, const char *g_hex );
const char *n_hex, const char *g_hex);
/* Out: bytes_B, len_B.
*
@ -132,54 +131,54 @@ struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
unsigned char** bytes_B, size_t *len_B,
const char* n_hex, const char* g_hex);
// clang-format on
void srp_verifier_delete( struct SRPVerifier* ver );
void srp_verifier_delete(struct SRPVerifier *ver);
// srp_verifier_verify_session must have been called before
int srp_verifier_is_authenticated( struct SRPVerifier* ver );
int srp_verifier_is_authenticated(struct SRPVerifier *ver);
const char * srp_verifier_get_username( struct SRPVerifier* ver );
const char *srp_verifier_get_username(struct SRPVerifier *ver);
/* key_length may be null */
const unsigned char* srp_verifier_get_session_key( struct SRPVerifier* ver,
size_t *key_length );
size_t srp_verifier_get_session_key_length(struct SRPVerifier* ver);
const unsigned char *srp_verifier_get_session_key(
struct SRPVerifier *ver, size_t *key_length);
size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver);
/* Verifies session, on success, it writes bytes_HAMK.
* user_M must be exactly srp_verifier_get_session_key_length() bytes in size
*/
void srp_verifier_verify_session( struct SRPVerifier* ver,
const unsigned char* user_M, unsigned char** bytes_HAMK );
void srp_verifier_verify_session(
struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK);
/*******************************************************************************/
/* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */
struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
const char *username, const char *username_for_verifier,
const unsigned char *bytes_password, size_t len_password,
const char *n_hex, const char *g_hex);
const unsigned char *bytes_password, size_t len_password, const char *n_hex,
const char *g_hex);
void srp_user_delete(struct SRPUser * usr);
void srp_user_delete(struct SRPUser *usr);
int srp_user_is_authenticated(struct SRPUser * usr);
int srp_user_is_authenticated(struct SRPUser *usr);
const char* srp_user_get_username(struct SRPUser * usr);
const char *srp_user_get_username(struct SRPUser *usr);
/* key_length may be null */
const unsigned char* srp_user_get_session_key(struct SRPUser* usr, size_t* key_length);
const unsigned char *srp_user_get_session_key(struct SRPUser *usr, size_t *key_length);
size_t srp_user_get_session_key_length(struct SRPUser* usr);
size_t srp_user_get_session_key_length(struct SRPUser *usr);
/* Output: username, bytes_A, len_A. If you don't want it get written, set username to NULL.
// clang-format off
/* Output: username, bytes_A, len_A.
* If you don't want it get written, set username to NULL.
* If bytes_a == NULL, random data is used for a. */
SRP_Result srp_user_start_authentication(struct SRPUser* usr, char** username,
const unsigned char* bytes_a, size_t len_a,
unsigned char** bytes_A, size_t* len_A);
SRP_Result srp_user_start_authentication(struct SRPUser* usr, char **username,
const unsigned char *bytes_a, size_t len_a,
unsigned char **bytes_A, size_t* len_A);
/* Output: bytes_M, len_M (len_M may be null and will always be
* srp_user_get_session_key_length() bytes in size) */
@ -187,8 +186,9 @@ void srp_user_process_challenge(struct SRPUser *usr,
const unsigned char *bytes_s, size_t len_s,
const unsigned char *bytes_B, size_t len_B,
unsigned char **bytes_M, size_t *len_M);
// clang-format on
/* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */
void srp_user_verify_session(struct SRPUser* usr, const unsigned char* bytes_HAMK);
void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK);
#endif /* Include Guard */