Documentation
¶
Overview ¶
Package crsign provides functionality for signing challenge data in challenge-response authentication.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RespondChallenge ¶
RespondChallenge is used by clients to sign the challenge string contained in the CHALLENGE message using the given password. If the CHALLENGE message contains salting information, then a derived key is computed using PBKDF2, and that derived key is used to sign the challenge string. If there is no salt, then no derived key is computed and the raw password is used to sign the challenge, which is identical to calling SignChallenge().
Set h to nil to use default hash sha256. This is provided in case the server-side PBKDF2 uses a different hash algorithm.
Example Client Use:
func clientCRAuthFunc(c *wamp.Challenge) (string, wamp.Dict) {
// Get user password and return signature.
password := AskUserPassoword()
return RespondChallenge(password, c, nil), wamp.Dict{}
}
// Configure and create new client.
cfg := client.Config{
...
AuthHandlers: map[string]client.AuthFunc{
"wampcra": clientCRAuthFunc,
},
}
cli, err = client.ConnectNet(routerAddr, cfg)
func SignChallenge ¶
SignChallenge computes the HMAC-SHA256, using the given key, over the challenge string, and returns the result as a base64-encoded string.
func SignChallengeBytes ¶
SignChallenge computes the HMAC-SHA256, using the given key, over the challenge string, and returns the result.
func VerifySignature ¶
VerifySignature compares a signature to a signature that the computed over the given chalenge string using the key. The signature is a base64-encoded string, generally presented by a client, and the challenge string and key are used to compute the expected HMAC signature. If these are the same, then true is returned.
Types ¶
This section is empty.
Source Files