diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-05-05 10:28:40 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-05-05 10:28:40 +0000 |
| commit | 24b938de479d51c8568c61ce6f26c147bf8ae2fe (patch) | |
| tree | e8c78df253ffabce4d49d112982c9c698d725b7f /lib/auth_srp.c | |
| parent | 69506cfbc00b1396f2e04e9000a60d1fd2dd4b3b (diff) | |
| download | gnutls-24b938de479d51c8568c61ce6f26c147bf8ae2fe.tar.gz | |
cleanups for srp. Most mpi code has moved to gnutls_srp.c
Diffstat (limited to 'lib/auth_srp.c')
| -rw-r--r-- | lib/auth_srp.c | 205 |
1 files changed, 74 insertions, 131 deletions
diff --git a/lib/auth_srp.c b/lib/auth_srp.c index 244477e00c..a4b6e40c17 100644 --- a/lib/auth_srp.c +++ b/lib/auth_srp.c @@ -24,14 +24,15 @@ #include "auth_srp_passwd.h" #include "auth_srp.h" #include "gnutls_auth_int.h" +#include "gnutls_srp.h" -int gen_srp_server_kx( GNUTLS_KEY, opaque**); -int gen_srp_server_kx2( GNUTLS_KEY, opaque**); -int gen_srp_client_kx0( GNUTLS_KEY, opaque**); +int gen_srp_server_kx(GNUTLS_KEY, opaque **); +int gen_srp_server_kx2(GNUTLS_KEY, opaque **); +int gen_srp_client_kx0(GNUTLS_KEY, opaque **); -int proc_srp_server_kx( GNUTLS_KEY, opaque*, int); -int proc_srp_server_kx2( GNUTLS_KEY, opaque*, int); -int proc_srp_client_kx0( GNUTLS_KEY, opaque*, int); +int proc_srp_server_kx(GNUTLS_KEY, opaque *, int); +int proc_srp_server_kx2(GNUTLS_KEY, opaque *, int); +int proc_srp_client_kx0(GNUTLS_KEY, opaque *, int); MOD_AUTH_STRUCT srp_auth_struct = { "SRP", @@ -60,34 +61,40 @@ MOD_AUTH_STRUCT srp_auth_struct = { #define S key->KEY /* Send the first key exchange message ( g, n, s) */ -int gen_srp_server_kx( GNUTLS_KEY key, opaque** data) { +int gen_srp_server_kx(GNUTLS_KEY key, opaque ** data) +{ size_t n_g, n_n; uint16 _n_n, _n_g, _n_s; - size_t ret; + size_t ret; uint8 *data_n, *data_s; uint8 *data_g; - GNUTLS_SRP_PWD_ENTRY * pwd_entry; + GNUTLS_SRP_PWD_ENTRY *pwd_entry; + + if (key->username == NULL) { + return GNUTLS_E_INSUFICIENT_CRED; + } pwd_entry = _gnutls_srp_pwd_read_entry( key, key->username); - if (pwd_entry==NULL) { + if (pwd_entry == NULL) { return GNUTLS_E_PWD_ERROR; } gcry_mpi_print(GCRYMPI_FMT_USG, NULL, &n_g, pwd_entry->g); gcry_mpi_print(GCRYMPI_FMT_USG, NULL, &n_n, pwd_entry->n); + /* copy from pwd_entry to local variables (actually in state) */ G = gcry_mpi_alloc_like(pwd_entry->g); N = gcry_mpi_alloc_like(pwd_entry->n); V = gcry_mpi_alloc_like(pwd_entry->v); - mpi_set( G, pwd_entry->g); - mpi_set( N, pwd_entry->n); - mpi_set( V, pwd_entry->v); - + mpi_set(G, pwd_entry->g); + mpi_set(N, pwd_entry->n); + mpi_set(V, pwd_entry->v); + (*data) = gnutls_malloc(n_n + n_g + pwd_entry->salt_size + 6); - /* copy G (generator) */ + /* copy G (generator) to data */ data_g = (*data); gcry_mpi_print(GCRYMPI_FMT_USG, &data_g[2], &n_g, G); _n_g = n_g; @@ -110,10 +117,10 @@ int gen_srp_server_kx( GNUTLS_KEY key, opaque** data) { #endif /* copy the salt */ - data_s = &data_n[2+n_n]; + data_s = &data_n[2 + n_n]; _n_s = pwd_entry->salt_size; - memcpy( &data_s[2], pwd_entry->salt, _n_s); - + memcpy(&data_s[2], pwd_entry->salt, _n_s); + #ifndef WORDS_BIGENDIAN _n_s = byteswap16(_n_s); memcpy(data_s, &_n_s, 2); @@ -122,34 +129,22 @@ int gen_srp_server_kx( GNUTLS_KEY key, opaque** data) { #endif - ret = n_g+ n_n + pwd_entry->salt_size + 6; + ret = n_g + n_n + pwd_entry->salt_size + 6; gnutls_free(pwd_entry); - + return ret; } -/* send the second key exchange message ( B = (v + g^b) % N) */ -int gen_srp_server_kx2( GNUTLS_KEY key, opaque** data) { - size_t n_b, bits; +/* send the second key exchange message */ +int gen_srp_server_kx2(GNUTLS_KEY key, opaque ** data) +{ + size_t n_b; uint16 _n_b; - MPI tmpB; uint8 *data_b; - GNUTLS_MAC_HANDLE td; - opaque* hd; - MPI tmp1, tmp2; - uint32 u; - - bits = gcry_mpi_get_nbits( key->client_p); - _b = mpi_new(bits); /* FIXME: allocate in secure memory */ - gcry_mpi_randomize( _b, bits, GCRY_STRONG_RANDOM); - - tmpB = mpi_new(bits); /* FIXME: allocate in secure memory */ - B = mpi_new(bits); /* FIXME: allocate in secure memory */ - mpi_powm( tmpB, G, _b, N); - mpi_addm( B, V, tmpB, N); - - mpi_release(tmpB); - + + /* calculate: B = (v + g^b) % N */ + B = _gnutls_calc_srp_B( &_b, G, N, V); + gcry_mpi_print(GCRYMPI_FMT_USG, NULL, &n_b, B); (*data) = gnutls_malloc(n_b + 2); @@ -166,62 +161,45 @@ int gen_srp_server_kx2( GNUTLS_KEY key, opaque** data) { memcpy(data_b, &_n_b, 2); #endif - /* hash B to get u */ - td = gnutls_hash_init( GNUTLS_MAC_SHA); - gnutls_hash( td, &data_b[2], n_b); - hd = gnutls_hash_deinit(td); - memcpy( &u, hd, sizeof(u)); - gnutls_free(hd); - - key->u = mpi_set_ui( NULL, u); + /* calculate u */ + key->u = _gnutls_calc_srp_u(B); - /* CALC HERE */ /* S = (A * v^u) ^ b % N */ - - S = gcry_mpi_alloc_like(N); - tmp1 = gcry_mpi_alloc_like(N); - tmp2 = gcry_mpi_alloc_like(N); - - mpi_pow(tmp1, V, key->u); - mpi_mul(tmp2, A, tmp1); - mpi_release(tmp1); + S = _gnutls_calc_srp_S1( A, _b, key->u, V, N); - mpi_powm( S, tmp2, _b, N); - mpi_release(tmp2); - mpi_release(A); mpi_release(_b); mpi_release(V); mpi_release(key->u); mpi_release(B); + return n_b + 2; } /* return A = g^a % N */ -int gen_srp_client_kx0( GNUTLS_KEY key, opaque** data) { - size_t n_a, bits; +int gen_srp_client_kx0(GNUTLS_KEY key, opaque ** data) +{ + size_t n_a; uint16 _n_a; uint8 *data_a; char *username; char *password; - SRP_CLIENT_CREDENTIALS* cred = _gnutls_get_kx_cred( key, GNUTLS_KX_SRP); + SRP_CLIENT_CREDENTIALS *cred = + _gnutls_get_kx_cred(key, GNUTLS_KX_SRP); + + if (cred == NULL) + return GNUTLS_E_INSUFICIENT_CRED; - if (cred==NULL) return GNUTLS_E_INSUFICIENT_CRED; - username = cred->username; password = cred->password; - if (username==NULL || password == NULL) - return GNUTLS_E_INSUFICIENT_CRED; - - bits = gcry_mpi_get_nbits( N); - _a = mpi_new(bits); /* FIXME: allocate in secure memory */ - gcry_mpi_randomize(_a, bits, GCRY_STRONG_RANDOM); + if (username == NULL || password == NULL) + return GNUTLS_E_INSUFICIENT_CRED; + + /* calc A = g^a % N */ + A = _gnutls_calc_srp_A( &_a, G, N); - A = mpi_new(bits); /* FIXME: allocate in secure memory */ - mpi_powm( A, G, _a, N); - gcry_mpi_print(GCRYMPI_FMT_USG, NULL, &n_a, A); (*data) = gnutls_malloc(n_a + 2); @@ -241,26 +219,28 @@ int gen_srp_client_kx0( GNUTLS_KEY key, opaque** data) { } /* receive the first key exchange message ( g, n, s) */ -int proc_srp_server_kx( GNUTLS_KEY key, opaque* data, int data_size) { +int proc_srp_server_kx(GNUTLS_KEY key, opaque * data, int data_size) +{ uint16 n_s, n_g, n_n; size_t _n_s, _n_g, _n_n; uint8 *data_n; uint8 *data_g; uint8 *data_s; int i; - GNUTLS_MAC_HANDLE td; - opaque* hd; + opaque *hd; char *username; char *password; - SRP_CLIENT_CREDENTIALS* cred = _gnutls_get_kx_cred( key, GNUTLS_KX_SRP); + SRP_CLIENT_CREDENTIALS *cred = + _gnutls_get_kx_cred(key, GNUTLS_KX_SRP); + + if (cred == NULL) + return GNUTLS_E_INSUFICIENT_CRED; - if (cred==NULL) return GNUTLS_E_INSUFICIENT_CRED; - username = cred->username; password = cred->password; - if (username==NULL || password == NULL) - return GNUTLS_E_INSUFICIENT_CRED; + if (username == NULL || password == NULL) + return GNUTLS_E_INSUFICIENT_CRED; i = 0; memcpy(&n_g, &data[i], 2); @@ -302,47 +282,33 @@ int proc_srp_server_kx( GNUTLS_KEY key, opaque* data, int data_size) { _n_g = n_g; _n_n = n_n; - if (gcry_mpi_scan(&N, - GCRYMPI_FMT_USG, data_n, &_n_n) != 0) { + if (gcry_mpi_scan(&N, GCRYMPI_FMT_USG, data_n, &_n_n) != 0) { gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } - if (gcry_mpi_scan(&G, - GCRYMPI_FMT_USG, data_g, &_n_g) != 0) { + if (gcry_mpi_scan(&G, GCRYMPI_FMT_USG, data_g, &_n_g) != 0) { gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } /* generate x = SHA(s | SHA(U | ":" | p)) */ - td = gnutls_hash_init( GNUTLS_MAC_SHA); - gnutls_hash( td, username, strlen(username)); - gnutls_hash( td, ":", 1); - gnutls_hash( td, password, strlen(password)); - hd = gnutls_hash_deinit(td); - - td = gnutls_hash_init( GNUTLS_MAC_SHA); - gnutls_hash( td, data_s, n_s); - gnutls_hash( td, hd, 20); - gnutls_free(hd); - - hd = gnutls_hash_deinit(td); - + hd = _gnutls_calc_srp_sha( username, password, data_s, n_s); _n_g = 20; - if (gcry_mpi_scan(&key->x, - GCRYMPI_FMT_USG, hd, &_n_g) != 0) { + if (gcry_mpi_scan(&key->x, GCRYMPI_FMT_USG, hd, &_n_g) != 0) { gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } gnutls_free(hd); - return 0; } -int proc_srp_client_kx0( GNUTLS_KEY key, opaque* data, int data_size) { +/* just read A and put it to state */ +int proc_srp_client_kx0(GNUTLS_KEY key, opaque * data, int data_size) +{ uint16 n_A; size_t _n_A; @@ -351,8 +317,7 @@ int proc_srp_client_kx0( GNUTLS_KEY key, opaque* data, int data_size) { n_A = byteswap16(n_A); #endif _n_A = n_A; - if (gcry_mpi_scan(&A, - GCRYMPI_FMT_USG, &data[2], &_n_A)) { + if (gcry_mpi_scan(&A, GCRYMPI_FMT_USG, &data[2], &_n_A)) { gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } @@ -361,45 +326,24 @@ int proc_srp_client_kx0( GNUTLS_KEY key, opaque* data, int data_size) { } -int proc_srp_server_kx2( GNUTLS_KEY key, opaque* data, int data_size) { +int proc_srp_server_kx2(GNUTLS_KEY key, opaque * data, int data_size) +{ uint16 n_B; size_t _n_B; - MPI tmp1, tmp2, tmp3, tmp4; memcpy(&n_B, &data[0], 2); #ifndef WORDS_BIGENDIAN n_B = byteswap16(n_B); #endif _n_B = n_B; - if (gcry_mpi_scan(&B, - GCRYMPI_FMT_USG, &data[2], &_n_B)) { + if (gcry_mpi_scan(&B, GCRYMPI_FMT_USG, &data[2], &_n_B)) { gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } - /* CALC HERE */ /* S = (B - g^x) ^ (a + u * x) % N */ + S = _gnutls_calc_srp_S2( B, G, key->x, _a, key->u, N); - S = gcry_mpi_alloc_like(N); - tmp1 = gcry_mpi_alloc_like(N); - tmp2 = gcry_mpi_alloc_like(N); - - mpi_pow(tmp1, G, V); - mpi_sub(tmp2, B, tmp1); - mpi_release(tmp1); - - - tmp3 = gcry_mpi_alloc_like(N); - tmp4 = gcry_mpi_alloc_like(N); - - mpi_add( tmp3, key->u, V); - mpi_add( tmp4, _a, tmp3); - mpi_release(tmp3); - - mpi_powm( S, tmp2, tmp4, N); - mpi_release(tmp2); - mpi_release(tmp4); - mpi_release(A); mpi_release(_b); mpi_release(V); @@ -407,4 +351,3 @@ int proc_srp_server_kx2( GNUTLS_KEY key, opaque* data, int data_size) { mpi_release(B); return 0; } - |