srp

package module

v0.0.0-...-54b7afd Latest Latest Go to latest Published: May 3, 2024 License: BSD-3-Clause Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/bodgit/srp

Links

Open Source Insights

README ¶

SRP

An implementation of SRP-6a as documented in RFC 5054 and RFC 2945. It also exports modified versions of routines allowing it to be used with AWS Cognito which uses a variation of SRP.

Generate the verifier:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	i, err := s.NewISV("username", "password")
	if err != nil {
		panic(err)
	}

	// Marshal and store i on the server against the identity
}

Example client:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	client, err := s.NewClient("username", "password")
	if err != nil {
		panic(err)
	}

	// Send identity and client.A() to the server, receive salt and B

	m1, err := client.Compute(salt, b)
	if err != nil {
		panic(err)
	}

	// Send m1 to the server, receive m2

	if err := client.Check(m2); err != nil {
		panic(err)
	}

	// Use client.Key()
}

Example server:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	// Receive identity and A from client, lookup/unmarshal ISV i

	server, err := s.NewServer(i, a)
	if err != nil {
		panic(err)
	}

	// Send server.Salt() and server.B() to the client, receive m1

	m2, err := server.Check(m1)
	if err != nil {
		panic(err)
	}

	// Send m2 to the client, use server.Key()
}

Other implementations

https://github.com/opencoff/go-srp - Calculates verifier value differently compared to RFC so session keys never match
https://github.com/Kong/go-srp - Calculates proof values differently compared to RFC but session keys match
https://github.com/posterity/srp - Interoperates fine

The last two implementations however assume that the client knows their salt value from the start rather than waiting for the server to provide it which doesn't match the behaviour documented in the RFC.

Documentation ¶

Index ¶

Variables
func K(f func(*SRP) *big.Int) func(*SRP) error
func U(f func(*SRP, *big.Int, *big.Int) *big.Int) func(*SRP) error
func X(f func(*SRP, []byte, []byte, []byte) *big.Int) func(*SRP) error
type Client
type Group
- func GetGroup(n int) (*Group, error)
- func NewGroup(g int64, size int, s string) (*Group, error)
type ISV
- func (i *ISV) MarshalBinary() ([]byte, error)
- func (i *ISV) UnmarshalBinary(b []byte) (err error)
type SRP
- func NewSRP(hash crypto.Hash, group *Group, options ...func(*SRP) error) (*SRP, error)
type Server

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrInvalidPublicKey means the public key is invalid.
	ErrInvalidPublicKey = errors.New("invalid public key")

	// ErrTrailingBytes means there were additional trailing bytes when
	// unmarshalling.
	ErrTrailingBytes = errors.New("trailing bytes")

	// ErrTooBig means the length of the value exceeds the size of a 16-bit
	// integer.
	ErrTooBig = fmt.Errorf("value exceeds %d bytes", math.MaxUint16)
)

Functions ¶

func K ¶

func K(f func(*SRP) *big.Int) func(*SRP) error

K overrides the default function for computing the multiplier.

func U ¶

func U(f func(*SRP, *big.Int, *big.Int) *big.Int) func(*SRP) error

U overrides the default function for computing the U value.

func X ¶

func X(f func(*SRP, []byte, []byte, []byte) *big.Int) func(*SRP) error

X overrides the default function for computing the X value.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client represents the client-side of an SRP session.

func (*Client) A ¶

func (c *Client) A() []byte

A returns the client public value.

func (*Client) Check ¶

func (c *Client) Check(m2 []byte) error

Check compares the M2 proof computed by the server with the clients copy.

func (*Client) Compute ¶

func (c *Client) Compute(salt, xB []byte) ([]byte, error)

Compute takes the salt and public value provided by the server and computes the proofs and shared key. It returns the M1 proof to be sent to the server.

func (*Client) Key ¶

func (c *Client) Key() []byte

Key returns the key shared with the server.

func (*Client) S ¶

func (c *Client) S() ([]byte, error)

S returns the computed S value after c.Compute() has been called, otherwise an error is returned.

func (*Client) SetIdentity ¶

func (c *Client) SetIdentity(identity []byte)

SetIdentity sets the client identity.

func (*Client) U ¶

func (c *Client) U() ([]byte, error)

U returns the computed U value after c.Compute() has been called, otherwise an error is returned.

type Group ¶

type Group struct {
	G    *big.Int
	N    *big.Int
	Size int
}

Group represents the SRP group parameters.

func GetGroup ¶

func GetGroup(n int) (*Group, error)

GetGroup returns the RFC 5054 group for the prime of n bits.

func NewGroup ¶

func NewGroup(g int64, size int, s string) (*Group, error)

NewGroup returns a Group with the generator g, and a prime of size bits set to the bytes decoded from s.

type ISV ¶

type ISV struct {
	Identity []byte `json:"identity"`
	Salt     []byte `json:"salt"`
	Verifier []byte `json:"verifier"`
}

ISV holds the triplet of the Identity, Salt, and Verifier. It implements encoding.BinaryMarshaler and encoding.BinaryUnmarshaler so it can be serialized to and from persistent storage.

func (*ISV) MarshalBinary ¶

func (i *ISV) MarshalBinary() ([]byte, error)

MarshalBinary satisfies the encoding.BinaryMarshaler interface.

func (*ISV) UnmarshalBinary ¶

func (i *ISV) UnmarshalBinary(b []byte) (err error)

UnmarshalBinary satisfies the encoding.BinaryUnmarshaler interface.

type SRP ¶

type SRP struct {
	// contains filtered or unexported fields
}

SRP manages the various computations used in the SRP protocol.

func NewSRP ¶

func NewSRP(hash crypto.Hash, group *Group, options ...func(*SRP) error) (*SRP, error)

NewSRP returns a new SRP using the chosen hash and group along with any options.

func (*SRP) Group ¶

func (s *SRP) Group() *Group

Group returns the Group in use.

func (*SRP) HashBytes ¶

func (s *SRP) HashBytes(a ...[]byte) []byte

HashBytes hashes each passed byte slice and returns the digest.

func (*SRP) HashInt ¶

func (s *SRP) HashInt(a ...[]byte) *big.Int

HashInt hashes each passed byte slice and returns the digest as a big.Int.

func (*SRP) NewClient ¶

func (s *SRP) NewClient(identity, password []byte) (*Client, error)

NewClient creates a new Client using the identity and password.

func (*SRP) NewISV ¶

func (s *SRP) NewISV(identity, password []byte) (*ISV, error)

NewISV creates a new ISV containing the identity, salt and verifier.

func (*SRP) NewServer ¶

func (s *SRP) NewServer(i *ISV, xA []byte) (*Server, error)

NewServer creates a new Server using the ISV and the client public value.

func (*SRP) SetK ¶

func (s *SRP) SetK(f func(*SRP) *big.Int) error

SetK overrides the default function for computing the multiplier.

func (*SRP) SetU ¶

func (s *SRP) SetU(f func(*SRP, *big.Int, *big.Int) *big.Int) error

SetU overrides the default function for computing the U value.

func (*SRP) SetX ¶

func (s *SRP) SetX(f func(*SRP, []byte, []byte, []byte) *big.Int) error

SetX overrides the default function for computing the X value.

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Server represents the server-side of an SRP session. It implements encoding.BinaryMarshaler and encoding.BinaryUnmarshaler so it can be serialized to and from persistent storage.

func (*Server) B ¶

func (s *Server) B() []byte

B returns the server public value.

func (*Server) Check ¶

func (s *Server) Check(m1 []byte) ([]byte, error)

Check compares the M1 proof computed by the client with the servers copy. If it is identical then the servers M2 proof is returned to be sent back to the client.

func (*Server) Key ¶

func (s *Server) Key() []byte

Key returns the key shared with the client.

func (*Server) MarshalBinary ¶

func (s *Server) MarshalBinary() ([]byte, error)

MarshalBinary satisfies the encoding.BinaryMarshaler interface.

func (*Server) Reset ¶

func (s *Server) Reset(srp *SRP, i *ISV, xA []byte) error

Reset resets s to its initial state using the passed parameters.

func (*Server) Salt ¶

func (s *Server) Salt() []byte

Salt returns the client salt value.

func (*Server) UnmarshalBinary ¶

func (s *Server) UnmarshalBinary(b []byte) error

UnmarshalBinary satisfies the encoding.BinaryUnmarshaler interface.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cognito Package cognito contains the SRP primitives that differ between RFC 5054 and the AWS Cognito implementation.	Package cognito contains the SRP primitives that differ between RFC 5054 and the AWS Cognito implementation.
internal
rfc5054 Package rfc5054 provides the prime numbers and test vectors documented in RFC 5054.	Package rfc5054 provides the prime numbers and test vectors documented in RFC 5054.
util

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL