src/fontengine.cpp

/*
 * Secure Remote Password 6a implementation
 * https://github.com/est31/csrp-gmp
 *
 * The MIT License (MIT)
 *
 * Copyright (c) 2010, 2013 Tom Cocagne, 2015 est31 <MTest31@outlook.com>
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy of
 * this software and associated documentation files (the "Software"), to deal in
 * the Software without restriction, including without limitation the rights to
 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
 * of the Software, and to permit persons to whom the Software is furnished to do
 * so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 *
 */

/*
 *
 * Purpose:       This is a direct implementation of the Secure Remote Password
 *                Protocol version 6a as described by
 *                http://srp.stanford.edu/design.html
 *
 * Author:        tom.cocagne@gmail.com (Tom Cocagne)
 *
 * Dependencies:  LibGMP
 *
 * Usage:         Refer to test_srp.c for a demonstration
 *
 * Notes:
 *    This library allows multiple combinations of hashing algorithms and
 *    prime number constants. For authentication to succeed, the hash and
 *    prime number constants must match between
 *    srp_create_salted_verification_key(), srp_user_new(),
 *    and srp_verifier_new(). A recommended approach is to determine the
 *    desired level of security for an application and globally define the
 *    hash and prime number constants to the predetermined values.
 *
 *    As one might suspect, more bits means more security. As one might also
 *    suspect, more bits also means more processing time. The test_srp.c
 *    program can be easily modified to profile various combinations of
 *    hash & prime number pairings.
 */

#pragma once

struct SRPVerifier;
struct SRPUser;

typedef enum {
	SRP_NG_1024,
	SRP_NG_2048,
	SRP_NG_4096,
	SRP_NG_8192,
	SRP_NG_CUSTOM
} SRP_NGType;

typedef enum {
	/*SRP_SHA1,*/
	/*SRP_SHA224,*/
	SRP_SHA256,
	/*SRP_SHA384,
	SRP_SHA512*/
} SRP_HashAlgorithm;

typedef enum {
	SRP_ERR,
	SRP_OK,
} SRP_Result;

// clang-format off

/* Sets the memory functions used by srp.
 * Note: this doesn't set the memory functions used by gmp,
 * but it is supported to have different functions for srp and gmp.
 * Don't call this after you have already allocated srp structures.
 */
void srp_set_memory_functions(
	void *(*new_srp_alloc) (size_t),
	void *(*new_srp_realloc) (void *, size_t),
	void (*new_srp_free) (void *));

/* Out: bytes_v, len_v
 *
 * The caller is responsible for freeing the memory allocated for bytes_v
 *
 * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type.
 * If provided, they must contain ASCII text of the hexidecimal notation.
 *
 * If bytes_s == NULL, it is filled with random data.
 * The caller is responsible for freeing.
 *
 * Returns SRP_OK on success, and SRP_ERR on error.
 * bytes_s might be in this case invalid, don't free it.
 */
SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg,
	SRP_NGType ng_type, const char *username_for_verifier,
	const unsigned char *password, size_t len_password,
	unsigned char **bytes_s,  size_t *len_s,
	unsigned char **bytes_v, size_t *len_v,
	const char *n_hex, const char *g_hex);

/* Out: bytes_B, len_B.
 *
 * On failure, bytes_B will be set to NULL and len_B will be set to 0
 *
 * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type
 *
 * If bytes_b == NULL, random data is used for b.
 *
 * Returns pointer to SRPVerifier on success, and NULL on error.
 */
struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
	const char *username,
	const unsigned char *bytes_s, size_t len_s,
	const unsigned char *bytes_v, size_t len_v,
	const unsigned char *bytes_A, size_t len_A,
	const unsigned char *bytes_b, size_t len_b,
	unsigned char** bytes_B, size_t *len_B,
	const char* n_hex, const char* g_hex);

// clang-format on

void srp_verifier_delete(struct SRPVerifier *ver);

// srp_verifier_verify_session must have been called before
int srp_verifier_is_authenticated(struct SRPVerifier *ver);

const char *srp_verifier_get_username(struct SRPVerifier *ver);

/* key_length may be null */
const unsigned char *srp_verifier_get_session_key(
	struct SRPVerifier *ver, size_t *key_length);

size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver);

/* Verifies session, on success, it writes bytes_HAMK.
 * user_M must be exactly srp_verifier_get_session_key_length() bytes in size
 */
void srp_verifier_verify_session(
	struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK);

/*******************************************************************************/

/* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */
struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
	const char *username, const char *username_for_verifier,
	const unsigned char *bytes_password, size_t len_password, const char *n_hex,
	const char *g_hex);

void srp_user_delete(struct SRPUser *usr);

int srp_user_is_authenticated(struct SRPUser *usr);

const char *srp_user_get_username(struct SRPUser *usr);

/* key_length may be null */
const unsigned char *srp_user_get_session_key(struct SRPUser *usr, size_t *key_length);

size_t srp_user_get_session_key_length(struct SRPUser *usr);

// clang-format off

/* Output: username, bytes_A, len_A.
 * If you don't want it get written, set username to NULL.
 * If bytes_a == NULL, random data is used for a. */
SRP_Result srp_user_start_authentication(struct SRPUser* usr, char **username,
	const unsigned char *bytes_a, size_t len_a,
	unsigned char **bytes_A, size_t* len_A);

/* Output: bytes_M, len_M  (len_M may be null and will always be
 *                          srp_user_get_session_key_length() bytes in size) */
void srp_user_process_challenge(struct SRPUser *usr,
	const unsigned char *bytes_s, size_t len_s,
	const unsigned char *bytes_B, size_t len_B,
	unsigned char **bytes_M, size_t *len_M);
// clang-format on

/* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */
void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK);
	Commit message (Expand)	Author	Age
*	Modernize code: very last fixes (#6290)	Loïc Blot	2017-08-20
*	Isolate irrlicht references and use a singleton (#6041)	Loïc Blot	2017-06-26
*	Merge cguittfont lib in irrlicht change folder. (#6016)	Loïc Blot	2017-06-20
*	C++11 patchset 9: move hardcoded init parameters to class definitions (part 1...	Loïc Blot	2017-06-16
*	Font: attempt fallback font, abort if no fonts found.	Auke Kok	2017-03-05
*	Change i++ to ++i	David Jones	2015-08-25
*	Settings: pass name to callbacks by reference	est31	2015-07-09
*	Move globals from main.cpp to more sane locations	Craig Robbins	2015-04-01
*	For usages of assert() that are meant to persist in Release builds (when NDEB...	Craig Robbins	2015-03-07
*	Settings fixes Make the GameGlobalShaderConstantSetter use the settings callb...	gregorycu	2015-01-25
*	Revert "Make the GameGlobalShaderConstantSetter use the settings callback (8%...	Craig Robbins	2015-01-25
*	Make the GameGlobalShaderConstantSetter use the settings callback (8% perf im...	gregorycu	2015-01-23
*	FontEngine: Don't use file extension to check font file compatibility	kwolekr	2014-12-29
*	Fix MSVC compiling warnings and remove an unused texture	SmallJoker	2014-12-12
*	Fix segfault at exit caused by non grabbed font	Kahrl	2014-11-30
*	Make hud use fontengine too	sapier	2014-11-30
*	Implement proper font handling	sapier	2014-11-30