aboutsummaryrefslogtreecommitdiff
path: root/src/util/srp.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/srp.h')
-rw-r--r--src/util/srp.h91
1 files changed, 57 insertions, 34 deletions
diff --git a/src/util/srp.h b/src/util/srp.h
index 15a2b8a68..2d49b076e 100644
--- a/src/util/srp.h
+++ b/src/util/srp.h
@@ -56,12 +56,10 @@
#ifndef SRP_H
#define SRP_H
-
struct SRPVerifier;
struct SRPUser;
-typedef enum
-{
+typedef enum {
SRP_NG_1024,
SRP_NG_2048,
SRP_NG_4096,
@@ -69,8 +67,7 @@ typedef enum
SRP_NG_CUSTOM
} SRP_NGType;
-typedef enum
-{
+typedef enum {
/*SRP_SHA1,*/
/*SRP_SHA224,*/
SRP_SHA256,
@@ -78,6 +75,23 @@ typedef enum
SRP_SHA512*/
} SRP_HashAlgorithm;
+typedef enum {
+ SRP_ERR,
+ SRP_OK,
+} SRP_Result;
+
+// clang-format off
+
+/* Sets the memory functions used by srp.
+ * Note: this doesn't set the memory functions used by gmp,
+ * but it is supported to have different functions for srp and gmp.
+ * Don't call this after you have already allocated srp structures.
+ */
+void srp_set_memory_functions(
+ void *(*new_srp_alloc) (size_t),
+ void *(*new_srp_realloc) (void *, size_t),
+ void (*new_srp_free) (void *));
+
/* Out: bytes_v, len_v
*
* The caller is responsible for freeing the memory allocated for bytes_v
@@ -85,14 +99,18 @@ typedef enum
* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type.
* If provided, they must contain ASCII text of the hexidecimal notation.
*
- * If bytes_s == NULL, it is filled with random data. The caller is responsible for freeing.
+ * If bytes_s == NULL, it is filled with random data.
+ * The caller is responsible for freeing.
+ *
+ * Returns SRP_OK on success, and SRP_ERR on error.
+ * bytes_s might be in this case invalid, don't free it.
*/
-void srp_create_salted_verification_key( SRP_HashAlgorithm alg,
+SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg,
SRP_NGType ng_type, const char *username_for_verifier,
const unsigned char *password, size_t len_password,
unsigned char **bytes_s, size_t *len_s,
unsigned char **bytes_v, size_t *len_v,
- const char * n_hex, const char *g_hex );
+ const char *n_hex, const char *g_hex);
/* Out: bytes_B, len_B.
*
@@ -101,6 +119,8 @@ void srp_create_salted_verification_key( SRP_HashAlgorithm alg,
* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type
*
* If bytes_b == NULL, random data is used for b.
+ *
+ * Returns pointer to SRPVerifier on success, and NULL on error.
*/
struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
const char *username,
@@ -111,52 +131,54 @@ struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
unsigned char** bytes_B, size_t *len_B,
const char* n_hex, const char* g_hex);
+// clang-format on
-void srp_verifier_delete( struct SRPVerifier* ver );
+void srp_verifier_delete(struct SRPVerifier *ver);
+// srp_verifier_verify_session must have been called before
+int srp_verifier_is_authenticated(struct SRPVerifier *ver);
-int srp_verifier_is_authenticated( struct SRPVerifier* ver );
-
-
-const char * srp_verifier_get_username( struct SRPVerifier* ver );
+const char *srp_verifier_get_username(struct SRPVerifier *ver);
/* key_length may be null */
-const unsigned char* srp_verifier_get_session_key( struct SRPVerifier* ver,
- size_t *key_length );
-
-
-size_t srp_verifier_get_session_key_length(struct SRPVerifier* ver);
+const unsigned char *srp_verifier_get_session_key(
+ struct SRPVerifier *ver, size_t *key_length);
+size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver);
-/* user_M must be exactly srp_verifier_get_session_key_length() bytes in size */
-void srp_verifier_verify_session( struct SRPVerifier* ver,
- const unsigned char* user_M, unsigned char** bytes_HAMK );
+/* Verifies session, on success, it writes bytes_HAMK.
+ * user_M must be exactly srp_verifier_get_session_key_length() bytes in size
+ */
+void srp_verifier_verify_session(
+ struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK);
/*******************************************************************************/
/* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */
struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
const char *username, const char *username_for_verifier,
- const unsigned char *bytes_password, size_t len_password,
- const char *n_hex, const char *g_hex);
+ const unsigned char *bytes_password, size_t len_password, const char *n_hex,
+ const char *g_hex);
-void srp_user_delete(struct SRPUser * usr);
+void srp_user_delete(struct SRPUser *usr);
-int srp_user_is_authenticated(struct SRPUser * usr);
+int srp_user_is_authenticated(struct SRPUser *usr);
-
-const char* srp_user_get_username(struct SRPUser * usr);
+const char *srp_user_get_username(struct SRPUser *usr);
/* key_length may be null */
-const unsigned char* srp_user_get_session_key(struct SRPUser* usr, size_t* key_length);
+const unsigned char *srp_user_get_session_key(struct SRPUser *usr, size_t *key_length);
+
+size_t srp_user_get_session_key_length(struct SRPUser *usr);
-size_t srp_user_get_session_key_length(struct SRPUser* usr);
+// clang-format off
-/* Output: username, bytes_A, len_A. If you don't want it get written, set username to NULL.
+/* Output: username, bytes_A, len_A.
+ * If you don't want it get written, set username to NULL.
* If bytes_a == NULL, random data is used for a. */
-void srp_user_start_authentication(struct SRPUser* usr, char** username,
- const unsigned char* bytes_a, size_t len_a,
- unsigned char** bytes_A, size_t* len_A);
+SRP_Result srp_user_start_authentication(struct SRPUser* usr, char **username,
+ const unsigned char *bytes_a, size_t len_a,
+ unsigned char **bytes_A, size_t* len_A);
/* Output: bytes_M, len_M (len_M may be null and will always be
* srp_user_get_session_key_length() bytes in size) */
@@ -164,8 +186,9 @@ void srp_user_process_challenge(struct SRPUser *usr,
const unsigned char *bytes_s, size_t len_s,
const unsigned char *bytes_B, size_t len_B,
unsigned char **bytes_M, size_t *len_M);
+// clang-format on
/* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */
-void srp_user_verify_session(struct SRPUser* usr, const unsigned char* bytes_HAMK);
+void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK);
#endif /* Include Guard */
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 04:10:55 +0000