2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
5 * Permission is hereby granted, free of charge, to any person obtaining
6 * a copy of this software and associated documentation files (the
7 * "Software"), to deal in the Software without restriction, including
8 * without limitation the rights to use, copy, modify, merge, publish,
9 * distribute, sublicense, and/or sell copies of the Software, and to
10 * permit persons to whom the Software is furnished to do so, subject to
11 * the following conditions:
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 * In addition, the following conditions apply:
28 * 1. Any software that incorporates the SRP authentication technology
29 * must display the following acknowlegment:
30 * "This product uses the 'Secure Remote Password' cryptographic
31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
33 * 2. Any software that incorporates all or part of the SRP distribution
34 * itself must also display the following acknowledgment:
35 * "This product includes software developed by Tom Wu and Eugene
36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
38 * 3. Redistributions in source or binary form must retain an intact copy
39 * of this copyright notice and list of conditions.
58 #ifdef MSVC15 /* MSVC1.5 support for 16 bit apps */
59 #define _MSVC15EXPORT _export
61 #define _DLLAPI _export _pascal
62 #define _TYPE(a) a _MSVC15EXPORT
67 #define _MSVC20EXPORT _declspec(dllexport)
69 #define _TYPE(a) _MSVC20EXPORT a
72 #else /* Default, non-dll. Use this for Unix or DOS */
73 #define _MSVC15DEXPORT
92 SHA1_CTX oldhash
, hash
, oldckhash
, ckhash
;
94 unsigned char session_key
[SESSION_KEY_LEN
];
95 unsigned char session_response
[RESPONSE_LEN
];
97 unsigned char nbuf
[MAXPARAMLEN
], gbuf
[MAXPARAMLEN
], vbuf
[MAXPARAMLEN
];
98 unsigned char saltbuf
[MAXSALTLEN
], bbuf
[BLEN
], Bbuf
[MAXPARAMLEN
];
102 * SRP server-side negotiation
104 * This code negotiates the server side of an SRP exchange.
105 * "t_serveropen" accepts a username (sent by the client), a pointer
106 * to an open password file, and a pointer to an open configuration
107 * file. The server should then call...
108 * "t_servergenexp" will generate a random 256-bit exponent and
109 * raise g (from the configuration file) to that power, returning
110 * the result. This result should be sent to the client as y(p).
111 * "t_servergetkey" accepts the exponential w(p), which should be
112 * sent by the client, and computes the 256-bit session key.
113 * This data should be saved before the session is closed.
114 * "t_serverresponse" computes the session key proof as SHA(w(p), K).
115 * "t_serverclose" closes the session and frees its memory.
117 * Note that authentication is not performed per se; it is up
118 * to either/both sides of the protocol to now verify securely
119 * that their session keys agree in order to establish authenticity.
120 * One possible way is through "oracle hashing"; one side sends
121 * r, the other replies with H(r,K), where H() is a hash function.
123 * t_serverresponse and t_serververify now implement a version of
124 * the session-key verification described above.
126 _TYPE( struct t_server
* )
127 t_serveropen
P((const char *));
128 _TYPE( struct t_server
* )
129 t_serveropenfromfiles
P((const char *, struct t_pw
*, struct t_conf
*));
130 _TYPE( struct t_server
* )
131 t_serveropenraw
P((struct t_pwent
*, struct t_confent
*));
132 _TYPE( struct t_num
* ) t_servergenexp
P((struct t_server
*));
133 _TYPE( unsigned char * ) t_servergetkey
P((struct t_server
*, struct t_num
*));
134 _TYPE( int ) t_serververify
P((struct t_server
*, unsigned char *));
135 _TYPE( unsigned char * ) t_serverresponse
P((struct t_server
*));
136 _TYPE( void ) t_serverclose
P((struct t_server
*));
This page took 0.050718 seconds and 5 git commands to generate.