Initial commit

verify program on PC with openssl library

srp.h

@@ -0,0 +1,208 @@
+/*
+ * Secure Remote Password 6a implementation
+ * Copyright (c) 2010 Tom Cocagne. All rights reserved.
+ * https://github.com/cocagne/csrp
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2013 Tom Cocagne
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is furnished to do
+ * so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ *
+ */
+
+/*
+ *
+ * Purpose:       This is a direct implementation of the Secure Remote Password
+ *                Protocol version 6a as described by
+ *                http://srp.stanford.edu/design.html
+ *
+ * Author:        [email protected] (Tom Cocagne)
+ *
+ * Dependencies:  OpenSSL (and Advapi32.lib on Windows)
+ *
+ * Usage:         Refer to test_srp.c for a demonstration
+ *
+ * Notes:
+ *    This library allows multiple combinations of hashing algorithms and
+ *    prime number constants. For authentication to succeed, the hash and
+ *    prime number constants must match between
+ *    srp_create_salted_verification_key(), srp_user_new(),
+ *    and srp_verifier_new(). A recommended approach is to determine the
+ *    desired level of security for an application and globally define the
+ *    hash and prime number constants to the predetermined values.
+ *
+ *    As one might suspect, more bits means more security. As one might also
+ *    suspect, more bits also means more processing time. The test_srp.c
+ *    program can be easily modified to profile various combinations of
+ *    hash & prime number pairings.
+ */
+
+#ifndef SRP_H
+#define SRP_H
+
+
+struct SRPVerifier;
+struct SRPUser;
+
+typedef enum
+{
+    SRP_NG_1024,
+    SRP_NG_2048,
+    SRP_NG_4096,
+    SRP_NG_8192,
+    SRP_NG_CUSTOM
+} SRP_NGType;
+
+typedef enum
+{
+    SRP_SHA1,
+    SRP_SHA224,
+    SRP_SHA256,
+    SRP_SHA384,
+    SRP_SHA512
+} SRP_HashAlgorithm;
+
+
+/* This library will automatically seed the OpenSSL random number generator
+ * using cryptographically sound random data on Windows & Linux. If this is
+ * undesirable behavior or the host OS does not provide a /dev/urandom file,
+ * this function may be called to seed the random number generator with
+ * alternate data.
+ *
+ * The random data should include at least as many bits of entropy as the
+ * largest hash function used by the application. So, for example, if a
+ * 512-bit hash function is used, the random data requies at least 512
+ * bits of entropy.
+ *
+ * Passing a null pointer to this function will cause this library to skip
+ * seeding the random number generator. This is only legitimate if it is
+ * absolutely known that the OpenSSL random number generator has already
+ * been sufficiently seeded within the running application.
+ *
+ * Notes:
+ *    * This function is optional on Windows & Linux and mandatory on all
+ *      other platforms.
+ */
+void srp_random_seed( const unsigned char * random_data, int data_length );
+
+
+/* Out: bytes_s, len_s, bytes_v, len_v
+ *
+ * The caller is responsible for freeing the memory allocated for bytes_s and bytes_v
+ *
+ * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type.
+ * If provided, they must contain ASCII text of the hexidecimal notation.
+ */
+void srp_create_salted_verification_key( SRP_HashAlgorithm alg,
+                                         SRP_NGType ng_type, const char * username,
+                                         const unsigned char * password, int len_password,
+                                         const unsigned char ** bytes_s, int * len_s,
+                                         const unsigned char ** bytes_v, int * len_v,
+                                         const char * n_hex, const char * g_hex );
+
+
+/* Out: bytes_B, len_B.
+ *
+ * On failure, bytes_B will be set to NULL and len_B will be set to 0
+ *
+ * The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type
+ */
+struct SRPVerifier *  srp_verifier_new( SRP_HashAlgorithm alg, SRP_NGType ng_type, const char * username,
+                                        const unsigned char * bytes_s, int len_s,
+                                        const unsigned char * bytes_v, int len_v,
+                                        const unsigned char * bytes_A, int len_A,
+                                        const unsigned char ** bytes_B, int * len_B,
+                                        const char * n_hex, const char * g_hex );
+
+
+void                  srp_verifier_delete( struct SRPVerifier * ver );
+
+
+int                   srp_verifier_is_authenticated( struct SRPVerifier * ver );
+
+
+const char *          srp_verifier_get_username( struct SRPVerifier * ver );
+
+/* key_length may be null */
+const unsigned char * srp_verifier_get_session_key( struct SRPVerifier * ver, int * key_length );
+
+
+int                   srp_verifier_get_session_key_length( struct SRPVerifier * ver );
+
+
+/* user_M must be exactly srp_verifier_get_session_key_length() bytes in size */
+void                  srp_verifier_verify_session( struct SRPVerifier * ver,
+                                                   const unsigned char * user_M,
+                                                   const unsigned char ** bytes_HAMK );
+
+/*******************************************************************************/
+
+/* The n_hex and g_hex parameters should be 0 unless SRP_NG_CUSTOM is used for ng_type */
+struct SRPUser *      srp_user_new( SRP_HashAlgorithm alg, SRP_NGType ng_type, const char * username,
+                                    const unsigned char * bytes_password, int len_password,
+                                    const char * n_hex, const char * g_hex );
+
+void                  srp_user_delete( struct SRPUser * usr );
+
+int                   srp_user_is_authenticated( struct SRPUser * usr);
+
+
+const char *          srp_user_get_username( struct SRPUser * usr );
+
+/* key_length may be null */
+const unsigned char * srp_user_get_session_key( struct SRPUser * usr, int * key_length );
+
+int                   srp_user_get_session_key_length( struct SRPUser * usr );
+
+/* Output: username, bytes_A, len_A */
+void                  srp_user_start_authentication( struct SRPUser * usr, const char ** username,
+                                                     const unsigned char ** bytes_A, int * len_A );
+
+/* Output: bytes_M, len_M  (len_M may be null and will always be
+ *                          srp_user_get_session_key_length() bytes in size) */
+void                  srp_user_process_challenge( struct SRPUser * usr,
+                                                  const unsigned char * bytes_s, int len_s,
+                                                  const unsigned char * bytes_B, int len_B,
+                                                  const unsigned char ** bytes_M, int * len_M );
+
+/* bytes_HAMK must be exactly srp_user_get_session_key_length() bytes in size */
+void                  srp_user_verify_session( struct SRPUser * usr, const unsigned char * bytes_HAMK );
+
+/* Adam 20160311, add for ARC_APP function. */
+
+
+void arc_srp_session_key_generator( SRP_HashAlgorithm alg,
+                                    SRP_NGType ng_type, const char * username,
+                                    const unsigned char * password, int len_password,
+                                    const unsigned char ** bytes_s, int * len_s,
+                                    const unsigned char ** bytes_v, int * len_v,
+                                    const char * n_hex, const char * g_hex
+                                  );
+
+struct SRPVerifier *  arc_srp_verifier( SRP_HashAlgorithm alg, SRP_NGType ng_type, const char * username,
+                                        const unsigned char * bytes_s, int len_s,
+                                        const unsigned char * bytes_v, int len_v,
+                                        const unsigned char * bytes_A, int len_A,
+                                        const unsigned char ** bytes_B, int * len_B,
+                                        const char * n_hex, const char * g_hex
+                                      );
+
+
+#endif /* Include Guard */

srp/A

@@ -0,0 +1 @@
+0B2129FA0D810A453F07827F3E7DB7D4F867B9F11BF7600DAB0A1B3D81E49861198EEB5BEB0128865CEB356ECB84DDE6E4F17D5B54964672737D3C51F34BA163171EB22955F0B47158FD7900DD617CE6BB2B3B3BCF75F8328AE0802C931BE0165A31B0EA4177A28C858690CBD36D1DCD3F9B16D9842B36CCCAC7B2E74A78C30890711DDDDE482316944EDDE17B6B1106A22B0357EA10B841A835FBD7CAF6773A512688BF03839FF4F0A6833446A49F7A7C64EF1557D3CCE37FC0E7700ACAC4B52F3C3FCE0B1D2C935DAFFB0F2A56CDF692F73DAB3C3383030A629AC47FB466A98897323EC6AECA8FA8B50FF0BB6FB352A73240394F9B55533587634425484C30

srp/B

@@ -0,0 +1 @@
+3D197209FC3F9419EF9CC9F05FE017183E00E8AD43A36FFB3049868454D2F5FA926F7F90B85CE2CE2F33DECBFF58D941786959F055BD7CFC60219CC250508A9E34054AE361D2E41C093D7429555A4B7DE475FAD6583D223143CB641555FF1336DE8775E7511D0DE304497DAF10B40A8B934E8377D104D705EB8CD3B8A5DD49844E2B6D75CF7BDCD3BE0716192A891A1D97EBAF5497F3A0ADD773B72E59F7E57F36AEC7E6BDCE086FB18CAC66C6A9A10253F84C68A9DF736BD3712CB26A75034DDF2B3B43FADD4B88288090F64817ECBBD091C6FE7C7C90D01CF69105603140FAC73BEE5C8A018F95AEF45588AA98E66FF9A68A1EEE6658C7591BBEEB8AE0EF8F

srp/s

@@ -0,0 +1 @@
+863D663D

srp/ver_Hamk

@@ -0,0 +1 @@
+63BA861AC3BF2A5555F2EE5EC912C477D9F367A54EDBEB38E9576BDD31F4A095

srp/ver_M

@@ -0,0 +1 @@
+28FC64206D089AD9FAFF44899182948F73B9544D73E7C8F0E6FA2E7BF2055CA5

srp/ver_S

@@ -0,0 +1 @@
+12440A8848C9D42939F7702DDD66DC9BA181D7C31C5BF7C664003925170600675126F85D0B0D63785C974FCDF3E095C55A25117DBEF974CAB28FBCC202F3A6A8F7FB17FA660097611254E81D41E12B148ED8C47BA50AFA39B7ED40CF7380EFE565BDB0AAF18CADD42C1A74C316660BD0241730CA528F63B913A7CEDEFE8A3668A14B2559BCFB304C8E45CCB58ACB5287E1C75F7DECF4A9187394C95D259974248372249A31C7ED094FC14CFE1B21EEA2F06D09274796FA8EF688B3D690A921E1BFB4B705D88D2CF071B181A49CCA3EC3D05CE4E482612B1C87DF259B482360FB26B7E1F25F6440F4FEFEF845A41D9979CCBA9B68440A4AFA8A200B0C3FB6CC93

srp/ver_k

@@ -0,0 +1 @@
+05B9E8EF059C6B32EA59FC1D322D37F04AA30BAE5AA9003B8321E21DDB04E300

test_srp.c

@@ -0,0 +1,146 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/time.h>
+
+
+#include "srp.h"
+
+
+#define NITER          1
+#define TEST_HASH      SRP_SHA1
+#define TEST_NG        SRP_NG_1024
+
+unsigned long long get_usec()
+{
+    struct timeval t;
+    gettimeofday(&t, NULL);
+    return (((unsigned long long)t.tv_sec) * 1000000) + t.tv_usec;
+}
+
+const char * test_n_hex = "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496"
+   "EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8E"
+   "F4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA"
+   "9AFD5138FE8376435B9FC61D2FC0EB06E3";
+const char * test_g_hex = "2";
+
+
+int main( int argc, char * argv[] )
+{
+    struct SRPVerifier * ver;
+    struct SRPUser     * usr;
+
+    const unsigned char * bytes_s = 0;
+    const unsigned char * bytes_v = 0;
+    const unsigned char * bytes_A = 0;
+    const unsigned char * bytes_B = 0;
+
+    const unsigned char * bytes_M    = 0;
+    const unsigned char * bytes_HAMK = 0;
+
+    int len_s   = 0;
+    int len_v   = 0;
+    int len_A   = 0;
+    int len_B   = 0;
+    int len_M   = 0;
+    int i;
+
+    unsigned long long start;
+    unsigned long long duration;
+
+    const char * username = "arcCEIF";
+    const char * password = "192.168.1.2";
+
+    const char * auth_username = 0;
+    const char * n_hex         = 0;
+    const char * g_hex         = 0;
+
+    SRP_HashAlgorithm alg     = SRP_SHA256;
+    SRP_NGType        ng_type = SRP_NG_2048; //TEST_NG;
+
+    if (ng_type == SRP_NG_CUSTOM)
+    {
+        n_hex = test_n_hex;
+        g_hex = test_g_hex;
+    }
+
+
+    printf("=============srp_create_salted_verification_key=============\n");
+    srp_create_salted_verification_key( alg, ng_type, username,
+                (const unsigned char *)password,
+                strlen(password),
+                &bytes_s, &len_s, &bytes_v, &len_v, n_hex, g_hex );
+
+
+
+    start = get_usec();
+
+    for( i = 0; i < NITER; i++ )
+    {
+        usr =  srp_user_new( alg, ng_type, username,
+                             (const unsigned char *)password,
+                             strlen(password), n_hex, g_hex );
+
+        printf("=============srp_user_start_authentication=============\n");
+
+        srp_user_start_authentication( usr, &auth_username, &bytes_A, &len_A );
+
+        printf("=============srp_verifier_new=============\n");
+
+        /* User -> Host: (username, bytes_A) */
+        ver =  srp_verifier_new( alg, ng_type, username, bytes_s, len_s, bytes_v, len_v,
+                                 bytes_A, len_A, & bytes_B, &len_B, n_hex, g_hex );
+
+        if ( !bytes_B )
+        {
+            printf("Verifier SRP-6a safety check violated!\n");
+            goto cleanup;
+        }
+
+        printf("=============srp_user_process_challenge=============\n");
+
+        /* Host -> User: (bytes_s, bytes_B) */
+        srp_user_process_challenge( usr, bytes_s, len_s, bytes_B, len_B, &bytes_M, &len_M );
+
+        if ( !bytes_M )
+        {
+            printf("User SRP-6a safety check violation!\n");
+            goto cleanup;
+        }
+
+        printf("=============srp_verifier_verify_session=============\n");
+
+        /* User -> Host: (bytes_M) */
+        srp_verifier_verify_session( ver, bytes_M, &bytes_HAMK );
+
+        if ( !bytes_HAMK )
+        {
+            printf("User authentication failed!\n");
+            goto cleanup;
+        }
+
+        printf("=============srp_user_verify_session=============\n");
+
+        /* Host -> User: (HAMK) */
+        srp_user_verify_session( usr, bytes_HAMK );
+
+        if ( !srp_user_is_authenticated(usr) )
+        {
+            printf("Server authentication failed!\n");
+        }
+
+cleanup:
+        srp_verifier_delete( ver );
+        srp_user_delete( usr );
+    }
+
+    duration = get_usec() - start;
+
+    printf("Usec per call: %d\n", (int)(duration / NITER));
+
+
+    free( (char *)bytes_s );
+    free( (char *)bytes_v );
+
+    return 0;
+}