aboutsummaryrefslogtreecommitdiff
path: root/src/util/srp.h
blob: 2d49b076e9283fbdedf10ddcabbd3eea4f0f2ac0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#! /bin/bash
function perform_lint() {
	echo "Performing LINT..."
	if hash clang-format-5.0 2>/dev/null; then
		CLANG_FORMAT=clang-format-5.0
	else
		CLANG_FORMAT=clang-format
	fi
	echo "LINT: Using binary $CLANG_FORMAT"
	CLANG_FORMAT_WHITELIST="util/travis/clang-format-whitelist.txt"

	files_to_lint="$(find src/ -name '*.cpp' -or -name '*.h')"

	local errorcount=0
	local fail=0
	for f in ${files_to_lint}; do
		d=$(diff -u "$f" <(${CLANG_FORMAT} "$f") || true)

		if ! [ -z "$d" ]; then
			whitelisted=$(awk '$1 == "'$f'" { print 1 }' "$CLANG_FORMAT_WHITELIST")

			# If file is not whitelisted, mark a failure
			if [ -z ${whitelisted} ]; then
				errorcount=$((errorcount+1))

				printf "The file %s is not compliant with the coding style" "$f"
				if [ ${errorcount} -gt 50 ]; then
					printf "\nToo many errors encountered previously, this diff is hidden.\n"
				else
					printf ":\n%s\n" "$d"
				fi

				fail=1
			fi
		fi
	done

	if [ "$fail" = 1 ]; then
		echo "LINT reports failure."
		exit 1
	fi

	echo "LINT OK"
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 07:17:35 +0000
Tom Cocagne, 2015 est31 <MTest31@outlook.com> * * Permission is hereby granted, free of charge, to any person obtaining a copy of * this software and associated documentation files (the "Software"), to deal in * the Software without restriction, including without limitation the rights to * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies * of the Software, and to permit persons to whom the Software is furnished to do * so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in all * copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. * */ /* * * Purpose: This is a direct implementation of the Secure Remote Password * Protocol version 6a as described by * http://srp.stanford.edu/design.html * * Author: tom.cocagne@gmail.com (Tom Cocagne) * * Dependencies: LibGMP * * Usage: Refer to test_srp.c for a demonstration * * Notes: * This library allows multiple combinations of hashing algorithms and * prime number constants. For authentication to succeed, the hash and * prime number constants must match between * srp_create_salted_verification_key(), srp_user_new(), * and srp_verifier_new(). A recommended approach is to determine the * desired level of security for an application and globally define the * hash and prime number constants to the predetermined values. * * As one might suspect, more bits means more security. As one might also * suspect, more bits also means more processing time. The test_srp.c * program can be easily modified to profile various combinations of * hash & prime number pairings. */ #ifndef SRP_H #define SRP_H struct SRPVerifier; struct SRPUser; typedef enum { SRP_NG_1024, SRP_NG_2048, SRP_NG_4096, SRP_NG_8192, SRP_NG_CUSTOM } SRP_NGType; typedef enum { /*SRP_SHA1,*/ /*SRP_SHA224,*/ SRP_SHA256, /*SRP_SHA384, SRP_SHA512*/ } SRP_HashAlgorithm; typedef enum { SRP_ERR, SRP_OK, } SRP_Result; // clang-format off /* Sets the memory functions used by srp. * Note: this doesn't set the memory functions used by gmp, * but it is supported to have different functions for srp and gmp. * Don't call this after you have already allocated srp structures. */ void srp_set_memory_functions( void *(*new_srp_alloc) (size_t), void *(*new_srp_realloc) (void *, size_t), void (*new_srp_free) (void *)); /* Out: bytes_v, len_v * * The caller is responsible for freeing the memory allocated for bytes_v * * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type. * If provided, they must contain ASCII text of the hexidecimal notation. * * If bytes_s == NULL, it is filled with random data. * The caller is responsible for freeing. * * Returns SRP_OK on success, and SRP_ERR on error. * bytes_s might be in this case invalid, don't free it. */ SRP_Result srp_create_salted_verification_key(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username_for_verifier, const unsigned char *password, size_t len_password, unsigned char **bytes_s, size_t *len_s, unsigned char **bytes_v, size_t *len_v, const char *n_hex, const char *g_hex); /* Out: bytes_B, len_B. * * On failure, bytes_B will be set to NULL and len_B will be set to 0 * * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type * * If bytes_b == NULL, random data is used for b. * * Returns pointer to SRPVerifier on success, and NULL on error. */ struct SRPVerifier* srp_verifier_new(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username, const unsigned char *bytes_s, size_t len_s, const unsigned char *bytes_v, size_t len_v, const unsigned char *bytes_A, size_t len_A, const unsigned char *bytes_b, size_t len_b, unsigned char** bytes_B, size_t *len_B, const char* n_hex, const char* g_hex); // clang-format on void srp_verifier_delete(struct SRPVerifier *ver); // srp_verifier_verify_session must have been called before int srp_verifier_is_authenticated(struct SRPVerifier *ver); const char *srp_verifier_get_username(struct SRPVerifier *ver); /* key_length may be null */ const unsigned char *srp_verifier_get_session_key( struct SRPVerifier *ver, size_t *key_length); size_t srp_verifier_get_session_key_length(struct SRPVerifier *ver); /* Verifies session, on success, it writes bytes_HAMK. * user_M must be exactly srp_verifier_get_session_key_length() bytes in size */ void srp_verifier_verify_session( struct SRPVerifier *ver, const unsigned char *user_M, unsigned char **bytes_HAMK); /*******************************************************************************/ /* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */ struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type, const char *username, const char *username_for_verifier, const unsigned char *bytes_password, size_t len_password, const char *n_hex, const char *g_hex); void srp_user_delete(struct SRPUser *usr); int srp_user_is_authenticated(struct SRPUser *usr); const char *srp_user_get_username(struct SRPUser *usr); /* key_length may be null */ const unsigned char *srp_user_get_session_key(struct SRPUser *usr, size_t *key_length); size_t srp_user_get_session_key_length(struct SRPUser *usr); // clang-format off /* Output: username, bytes_A, len_A. * If you don't want it get written, set username to NULL. * If bytes_a == NULL, random data is used for a. */ SRP_Result srp_user_start_authentication(struct SRPUser* usr, char **username, const unsigned char *bytes_a, size_t len_a, unsigned char **bytes_A, size_t* len_A); /* Output: bytes_M, len_M (len_M may be null and will always be * srp_user_get_session_key_length() bytes in size) */ void srp_user_process_challenge(struct SRPUser *usr, const unsigned char *bytes_s, size_t len_s, const unsigned char *bytes_B, size_t len_B, unsigned char **bytes_M, size_t *len_M); // clang-format on /* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */ void srp_user_verify_session(struct SRPUser *usr, const unsigned char *bytes_HAMK); #endif /* Include Guard */
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 07:17:35 +0000