Documentation ¶
Overview ¶
prime.go - Generate safe primes
Copyright 2013-2023 arag0re <arag0re.eth-at-protonmail-dot-com> License: MIT
Package srp implements SRP-6a per [1]. It uses the standard library and the golang extended library and nothing else.
This implementation is accurate as of Aug 2012 edition of the SRP specification [1].
To verify that the client has generated the same key "K", the client sends "M" -- a hash of all the data it has and it received from the server. To validate that the server also has the same value, it requires the server to send its own proof. In the SRP paper [1], the authors use:
M1 = H(H(N) xor H(g), H(I), s, A, B, K) M2 = H(A, M, K)
In this implementation:
H = SHA1() k = H(N | g) t = H(I | ':' |P) x = H(s | t) I = clear text P = clear text
Per RFC-5054, we adopt the following padding convention:
k = H(PAD(N) | PAD(g)) u = H(PAD(A) | PAD(B))
References:
[1] http://srp.stanford.edu/design.html [2] http://srp.stanford.edu/
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MakeSRPVerifier ¶
MakeSRPVerifier decodes the encoded verifier into an SRP environment and Verifier instance. 'b' is an encoded verifier string previously returned by Verifier.Encode(). A caller of this function uses the identity provided by the SRP Client to lookup some DB to find the corresponding encoded verifier string; this encoded data contains enough information to create a valid SRP instance and Verifier instance.
func NewPrimeField ¶
Make a new prime field (safe prime & generator) that is 'nbits' long Return prime p, generator g
func ServerBegin ¶
ServerBegin processes the first message from an SRP client and returns a decoded identity string and client public key. The caller is expected to use the identity to lookup durable storage and find the corresponding encoded Verifier. This verifier is given to MakeSRPVerifier() to create an instance of SRP and Verifier.
Types ¶
type Client ¶
Client represents an SRP client instance
func (*Client) Credentials ¶
Credentials returns client public credentials to send to server Send <I, A> to server
func (*Client) Generate ¶
Generate validates the server public credentials and generate session key Return the mutual authenticator. NB: We don't send leak any information in error messages.
type SRP ¶
type SRP struct {
// contains filtered or unexported fields
}
SRP represents an environment for the client and server to share certain properties; notably the hash function and prime-field size. The default hash function is SHA1. Any valid hash function as documented in "crypto" can be used. There are two ways for creating an SRP environment:
New() NewWithHash()
func New ¶
New creates a new SRP environment 2048 bits use by SRP clients and Servers.The default hash function is SHA1.
func NewWithHash ¶
NewWithHash creates a new SRP environment using the hash function 'h' and 'bits' sized prime-field size.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server represents an SRP server instance
func UnmarshalServer ¶
UnmarshalServer parses the encoded string generated by Marshal and returns a populated Server struct with the data if possible, otherwise it returns an error.
func (*Server) ClientOk ¶
ClientOk verifies that the client has generated the same password as the server and return proof that the server too has done the same.
func (*Server) Credentials ¶
Credentials returns the server credentials (s,B) in a network portable format.
func (*Server) Marshal ¶
Marshal returns a string encoding of the Server. This encoded string can be stored by the server for use later in the SRP process in the case that the client and server can not maintain a session and thus a live copy of the Server struct.
type Verifier ¶
type Verifier struct {
// contains filtered or unexported fields
}
Verifier represents password verifier that resides on an SRP server.
func (*Verifier) Encode ¶
Encode the verifier into a portable format - returns a tuple <Identity, Verifier> as portable strings. The caller can store the Verifier against the Identity in non-volatile storage. An SRP client will supply Identity and its public key - whereupon, an SRP server will use the Identity as a key to lookup the rest of the encoded verifier data.