srp

package

v0.0.0-...-d9cd95b Latest Latest Go to latest Published: Nov 8, 2022 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Venafi/venafi-go-srp

Links

Open Source Insights

Documentation ¶

Overview ¶

Package srp is port of node-srp to Go.

To use SRP, first decide on they parameters you will use. Both client and server must use the same set.

params := srp.GetParams(4096)

From the client... generate a new secret key, initialize the client, and compute A. Once you have A, you can send A to the server.

secret1 := srp.GenKey()
client := NewClient(params, salt, identity, secret, a)
srpA := client.computeA()

sendToServer(srpA)

From the server... generate another secret key, initialize the server, and compute B. Once you have B, you can send B to the client.

secret2 := srp.GenKey()
server := NewServer(params, verifier, secret2)
srpB := client.computeB()

sendToClient(srpB)

Once the client received B from the server, it can compute M1 based on A and B. Once you have M1, send M1 to the server.

client.setB(srpB)
srpM1 := client.ComputeM1()
sendM1ToServer(srpM1)

Once the server receives M1, it can verify that it is correct. If checkM1() returns an error, authentication failed. If it succeeds it should be sent to the client.

srpM2, err := server.checkM1(srpM1)

Once the client receives M2, it can verify that it is correct, and know that authentication was successful.

err = client.CheckM2(serverM2)

Now that both client and server have completed a successful authentication, they can both compute K independently. K can now be used as either a key to encrypt communication or as a session ID.

clientK := client.ComputeK()
serverK := server.ComputeK()

Index ¶

func BytesFromHexString(s string) []byte
func ComputeVerifier(params *SRPParams, salt, identity, password []byte) []byte
func GenKey() ([]byte, error)
type SRPClient
- func NewClient(params *SRPParams, salt, identity, password, secret1 []byte) *SRPClient
type SRPParams
- func GetParams(G int) (*SRPParams, error)
type SRPServer
- func NewServer(params *SRPParams, Vb []byte, S2b []byte) *SRPServer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BytesFromHexString ¶

func BytesFromHexString(s string) []byte

func ComputeVerifier ¶

func ComputeVerifier(params *SRPParams, salt, identity, password []byte) []byte

ComputeVerifier returns a verifier that is calculated as described in Section 3 of [SRP-RFC]

func GenKey ¶

func GenKey() ([]byte, error)

Types ¶

type SRPClient ¶

type SRPClient struct {
	Params     *SRPParams
	Secret1    *big.Int
	Multiplier *big.Int
	A          *big.Int
	X          *big.Int
	M1         []byte
	M2         []byte
	K          []byte
	// contains filtered or unexported fields
}

func (*SRPClient) CheckM2 ¶

func (c *SRPClient) CheckM2(M2 []byte) error

CheckM2 check M2 generated by server

func (*SRPClient) ComputeA ¶

func (c *SRPClient) ComputeA() []byte

ComputeA compute A

func (*SRPClient) ComputeK ¶

func (c *SRPClient) ComputeK() []byte

ComputeK compute client Session Key

func (*SRPClient) ComputeM1 ¶

func (c *SRPClient) ComputeM1() ([]byte, error)

ComputeM1 compute client proof

func (*SRPClient) SetB ¶

func (c *SRPClient) SetB(Bb []byte) error

SetB set B generated by server

func GetParams ¶

func GetParams(G int) (*SRPParams, error)

type SRPServer ¶

type SRPServer struct {
	Params   *SRPParams
	Verifier *big.Int
	Secret2  *big.Int
	B        *big.Int
	M1       []byte
	M2       []byte
	K        []byte
	// contains filtered or unexported fields
}

func (*SRPServer) CheckM1 ¶

func (s *SRPServer) CheckM1(M1 []byte) ([]byte, error)

CheckM1 check client proof

func (*SRPServer) ComputeB ¶

func (s *SRPServer) ComputeB() []byte

ComputeB server creates B

func (*SRPServer) ComputeK ¶

func (s *SRPServer) ComputeK() []byte

ComputeK compute session key

func (*SRPServer) MarshalBinary ¶

func (s *SRPServer) MarshalBinary() ([]byte, error)

MarshalBinary returns a binary gob with the complete state of the SRP object. It can be used in conjunction with UnmarshalBinary() to use this module in a context in which mutating state of objects is inappropriate.

func (*SRPServer) SetA ¶

func (s *SRPServer) SetA(A []byte) error

SetA set 'A' generated by client

func (*SRPServer) UnmarshalBinary ¶

func (s *SRPServer) UnmarshalBinary(data []byte) error

UnmarshalBinary unmarshal binary gob created with MarshalBinary.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

srp