2 * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
3 * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
4 * EdelKey project and contributed to the OpenSSL project 2004.
6 /* ====================================================================
7 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
62 #include <openssl/opensslconf.h>
64 # ifdef OPENSSL_NO_SRP
65 # error SRP is disabled.
75 # include <openssl/safestack.h>
76 # include <openssl/bn.h>
77 # include <openssl/crypto.h>
79 typedef struct SRP_gN_cache_st {
85 DEFINE_STACK_OF(SRP_gN_cache)
87 typedef struct SRP_user_pwd_st {
92 /* Not owned by us. */
99 void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
101 DEFINE_STACK_OF(SRP_user_pwd)
103 typedef struct SRP_VBASE_st {
104 STACK_OF(SRP_user_pwd) *users_pwd;
105 STACK_OF(SRP_gN_cache) *gN_cache;
106 /* to simulate a user */
113 * Structure interne pour retenir les couples N et g
115 typedef struct SRP_gN_st {
121 DEFINE_STACK_OF(SRP_gN)
123 SRP_VBASE *SRP_VBASE_new(char *seed_key);
124 void SRP_VBASE_free(SRP_VBASE *vb);
125 int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
127 /* This method ignores the configured seed and fails for an unknown user. */
128 DEPRECATEDIN_1_1_0(SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username))
129 /* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
130 SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
132 char *SRP_create_verifier(const char *user, const char *pass, char **salt,
133 char **verifier, const char *N, const char *g);
134 int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
135 BIGNUM **verifier, const BIGNUM *N,
138 # define SRP_NO_ERROR 0
139 # define SRP_ERR_VBASE_INCOMPLETE_FILE 1
140 # define SRP_ERR_VBASE_BN_LIB 2
141 # define SRP_ERR_OPEN_FILE 3
142 # define SRP_ERR_MEMORY 4
144 # define DB_srptype 0
145 # define DB_srpverifier 1
146 # define DB_srpsalt 2
149 # define DB_srpinfo 5
153 # define DB_SRP_INDEX 'I'
154 # define DB_SRP_VALID 'V'
155 # define DB_SRP_REVOKED 'R'
156 # define DB_SRP_MODIF 'v'
159 char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
160 SRP_gN *SRP_get_default_gN(const char *id);
162 /* server side .... */
163 BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
165 BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
166 int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
167 BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
169 /* client side .... */
170 BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
171 BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
172 BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
173 BIGNUM *a, BIGNUM *u);
174 int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
176 # define SRP_MINIMAL_N 1024