forked from wolfSSL/wolfssl
adds srp files to build process.
This commit is contained in:
Moisés Guimarães
18
configure.ac
18
configure.ac
@ -1648,6 +1648,22 @@ then
|
||||
fi
|
||||
|
||||
|
||||
# Secure Remote Password
|
||||
AC_ARG_ENABLE([srp],
|
||||
[ --enable-srp Enable Secure Remote Password (default: disabled)],
|
||||
[ ENABLED_SRP=$enableval ],
|
||||
[ ENABLED_SRP=no ]
|
||||
)
|
||||
|
||||
if test "x$ENABLED_SRP" = "xyes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_HAVE_SRP"
|
||||
fi
|
||||
|
||||
AM_CONDITIONAL([BUILD_SRP], [test "x$ENABLED_SRP" = "xyes"])
|
||||
|
||||
|
||||
|
||||
# Small Stack
|
||||
AC_ARG_ENABLE([smallstack],
|
||||
[ --enable-smallstack Enable Small Stack Usage (default: disabled)],
|
||||
@ -2351,10 +2367,10 @@ echo " * Session Ticket: $ENABLED_SESSION_TICKET"
|
||||
echo " * All TLS Extensions: $ENABLED_TLSX"
|
||||
echo " * PKCS#7 $ENABLED_PKCS7"
|
||||
echo " * wolfSCEP $ENABLED_WOLFSCEP"
|
||||
echo " * Secure Remote Password $ENABLED_SRP"
|
||||
echo " * Small Stack: $ENABLED_SMALL_STACK"
|
||||
echo " * valgrind unit tests: $ENABLED_VALGRIND"
|
||||
echo " * LIBZ: $ENABLED_LIBZ"
|
||||
echo " * Examples: $ENABLED_EXAMPLES"
|
||||
echo ""
|
||||
echo "---"
|
||||
|
||||
|
||||
@ -201,6 +201,10 @@ if BUILD_PKCS7
|
||||
src_libwolfssl_la_SOURCES += wolfcrypt/src/pkcs7.c
|
||||
endif
|
||||
|
||||
if BUILD_SRP
|
||||
src_libwolfssl_la_SOURCES += wolfcrypt/src/srp.c
|
||||
endif
|
||||
|
||||
# ssl files
|
||||
src_libwolfssl_la_SOURCES += \
|
||||
src/internal.c \
|
||||
@ -220,4 +224,3 @@ endif
|
||||
if BUILD_SNIFFER
|
||||
src_libwolfssl_la_SOURCES += src/sniffer.c
|
||||
endif
|
||||
|
||||
|
||||
@ -19,4 +19,8 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*/
|
||||
|
||||
#ifdef WOLFCRYPT_HAVE_SRP
|
||||
|
||||
#include <wolfssl/wolfcrypt/srp.h>
|
||||
|
||||
#endif /* WOLFCRYPT_HAVE_SRP */
|
||||
|
||||
@ -46,6 +46,7 @@ nobase_include_HEADERS+= \
|
||||
wolfssl/wolfcrypt/blake2-int.h \
|
||||
wolfssl/wolfcrypt/blake2-impl.h \
|
||||
wolfssl/wolfcrypt/tfm.h \
|
||||
wolfssl/wolfcrypt/srp.h \
|
||||
wolfssl/wolfcrypt/types.h \
|
||||
wolfssl/wolfcrypt/visibility.h \
|
||||
wolfssl/wolfcrypt/logging.h \
|
||||
@ -57,4 +58,3 @@ noinst_HEADERS+= \
|
||||
wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
|
||||
wolfssl/wolfcrypt/port/ti/ti-hash.h \
|
||||
wolfssl/wolfcrypt/port/ti/ti-ccm.h
|
||||
|
||||
|
||||
@ -19,12 +19,30 @@
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*/
|
||||
|
||||
#ifndef WOLF_CRYPT_SRP_H
|
||||
#define WOLF_CRYPT_SRP_H
|
||||
#ifndef WOLFCRYPT_SRP_H
|
||||
#define WOLFCRYPT_SRP_H
|
||||
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#include <wolfssl/wolfcrypt/sha256.h>
|
||||
#include <wolfssl/wolfcrypt/sha512.h>
|
||||
#include <wolfssl/wolfcrypt/integer.h>
|
||||
|
||||
#ifdef HAVE_SRP
|
||||
#ifdef WOLFCRYPT_HAVE_SRP
|
||||
|
||||
enum {
|
||||
#ifdef NO_SHA
|
||||
SRP_SHA = 1,
|
||||
#endif
|
||||
#ifdef NO_SHA256
|
||||
SRP_SHA256 = 2,
|
||||
#endif
|
||||
#ifndef WOLFSSL_SHA384
|
||||
SRP_SHA384 = 3,
|
||||
#endif
|
||||
#ifndef WOLFSSL_SHA512
|
||||
SRP_SHA512 = 4,
|
||||
#endif
|
||||
|
||||
/* Select the largest available hash for the buffer size. */
|
||||
#if defined(WOLFSSL_SHA512)
|
||||
@ -38,41 +56,43 @@
|
||||
#else
|
||||
#error "You have to have some kind of SHA hash if you want to use SRP."
|
||||
#endif
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes. */
|
||||
mp_int g; /**< Generator. A generator modulo N. */
|
||||
mp_int a; /**< Private ephemeral value. Random. */
|
||||
mp_int A; /**< Public ephemeral value. pow(g, a, N) */
|
||||
mp_int B; /**< Server's public ephemeral value. */
|
||||
mp_int s; /**< Session key. */
|
||||
byte k[SRP_MAX_DIGEST_SIZE]; /**< Multiplier parameeter. H(N, g) */
|
||||
byte x[SRP_MAX_DIGEST_SIZE]; /**< Priv key. H(salt, H(user, ":", pswd)) */
|
||||
byte u[SRP_MAX_DIGEST_SIZE]; /**< Random scrambling parameeter. */
|
||||
byte type; /**< Hash type, SHA[1:256:384:512] */
|
||||
byte* user; /**< Username, login. */
|
||||
word32 userSz; /**< Username length. */
|
||||
byte* salt; /**< Small salt. */
|
||||
word32 saltSz; /**< Salt length. */
|
||||
byte* pswd; /**< Password. */
|
||||
word32 pswdSz; /**< Password length. */
|
||||
} SrpClient;
|
||||
|
||||
typedef struct {
|
||||
mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes. */
|
||||
mp_int g; /**< Generator. A generator modulo N. */
|
||||
mp_int b; /**< Private ephemeral value. */
|
||||
mp_int B; /**< Public ephemeral value. */
|
||||
mp_int A; /**< Client's public ephemeral value. */
|
||||
mp_int v; /**< Verifier. v = pow(g, x, N) */
|
||||
} SrpServer;
|
||||
|
||||
typedef struct {
|
||||
mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes. */
|
||||
mp_int g; /**< Generator. A generator modulo N. */
|
||||
mp_int s; /**< Session key. */
|
||||
byte k[SRP_MAX_DIGEST_SIZE]; /**< Multiplier parameeter. H(N, g) */
|
||||
mp_int v; /**< Verifier. v = pow(g, x, N) */
|
||||
byte u[SRP_MAX_DIGEST_SIZE]; /**< Random scrambling parameeter. */
|
||||
byte type; /**< Hash type, SHA[1:256:384:512] */
|
||||
byte side; /**< Client or Server side. */
|
||||
byte* user; /**< Username, login. */
|
||||
word32 userSz; /**< Username length. */
|
||||
byte* salt; /**< Small salt. */
|
||||
word32 saltSz; /**< Salt length. */
|
||||
} SrpServer;
|
||||
union {
|
||||
SrpClient client;
|
||||
SrpServer server;
|
||||
} specific;
|
||||
} Srp;
|
||||
|
||||
#endif /* HAVE_SRP */
|
||||
int SrpInit(Srp* srp, byte* N, word32 nSz, byte* g, word32 gSz);
|
||||
|
||||
#endif /* WOLFCRYPT_HAVE_SRP */
|
||||
#endif /* WOLF_CRYPT_SRP_H */
|
||||
|
||||
Reference in New Issue
Block a user