mirror of
				https://github.com/PowerShell/openssh-portable.git
				synced 2025-10-26 09:03:59 +01:00 
			
		
		
		
	[auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
     [sshconnect2.c]
     refactor the (disabled) Schnorr proof code to make it a little more
     generally useful
		
	
			
		
			
				
	
	
		
			115 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			115 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /* $OpenBSD: jpake.h,v 1.2 2009/03/05 07:18:19 djm Exp $ */
 | |
| /*
 | |
|  * Copyright (c) 2008 Damien Miller.  All rights reserved.
 | |
|  *
 | |
|  * Permission to use, copy, modify, and distribute this software for any
 | |
|  * purpose with or without fee is hereby granted, provided that the above
 | |
|  * copyright notice and this permission notice appear in all copies.
 | |
|  *
 | |
|  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 | |
|  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 | |
|  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 | |
|  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 | |
|  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 | |
|  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 | |
|  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 | |
|  */
 | |
| 
 | |
| #ifndef JPAKE_H
 | |
| #define JPAKE_H
 | |
| 
 | |
| #include <sys/types.h>
 | |
| 
 | |
| #include <openssl/bn.h>
 | |
| 
 | |
| /* Set JPAKE_DEBUG in CFLAGS for privacy-violating debugging */
 | |
| #ifndef JPAKE_DEBUG
 | |
| # define JPAKE_DEBUG_BN(a)
 | |
| # define JPAKE_DEBUG_BUF(a)
 | |
| # define JPAKE_DEBUG_CTX(a)
 | |
| #else
 | |
| # define JPAKE_DEBUG_BN(a)	debug3_bn a
 | |
| # define JPAKE_DEBUG_BUF(a)	debug3_buf a
 | |
| # define JPAKE_DEBUG_CTX(a)	jpake_dump a
 | |
| #endif /* JPAKE_DEBUG */
 | |
| 
 | |
| #define KZP_ID_LEN	16	/* Length of client and server IDs */
 | |
| 
 | |
| struct jpake_ctx {
 | |
| 	/* Parameters */
 | |
| 	struct modp_group *grp;
 | |
| 
 | |
| 	/* Private values shared by client and server */
 | |
| 	BIGNUM *s;			/* Secret (salted, crypted password) */
 | |
| 	BIGNUM *k;			/* Derived key */
 | |
| 
 | |
| 	/* Client private values (NULL for server) */
 | |
| 	BIGNUM *x1;			/* random in Zq */
 | |
| 	BIGNUM *x2;			/* random in Z*q */
 | |
| 
 | |
| 	/* Server private values (NULL for server) */
 | |
| 	BIGNUM *x3;			/* random in Zq */
 | |
| 	BIGNUM *x4;			/* random in Z*q */
 | |
| 
 | |
| 	/* Step 1: C->S */
 | |
| 	u_char *client_id;		/* Anti-replay nonce */
 | |
| 	u_int client_id_len;
 | |
| 	BIGNUM *g_x1;			/* g^x1 */
 | |
| 	BIGNUM *g_x2;			/* g^x2 */
 | |
| 
 | |
| 	/* Step 1: S->C */
 | |
| 	u_char *server_id;		/* Anti-replay nonce */
 | |
| 	u_int server_id_len;
 | |
| 	BIGNUM *g_x3;			/* g^x3 */
 | |
| 	BIGNUM *g_x4;			/* g^x4 */
 | |
| 
 | |
| 	/* Step 2: C->S */
 | |
| 	BIGNUM *a;			/* g^((x1+x3+x4)*x2*s) */
 | |
| 
 | |
| 	/* Step 2: S->C */
 | |
| 	BIGNUM *b;			/* g^((x1+x2+x3)*x4*s) */
 | |
| 
 | |
| 	/* Confirmation: C->S */
 | |
| 	u_char *h_k_cid_sessid;		/* H(k || client_id || session_id) */
 | |
| 	u_int h_k_cid_sessid_len;
 | |
| 
 | |
| 	/* Confirmation: S->C */
 | |
| 	u_char *h_k_sid_sessid;		/* H(k || server_id || session_id) */
 | |
| 	u_int h_k_sid_sessid_len;
 | |
| };
 | |
| 
 | |
| /* jpake.c */
 | |
| struct modp_group *jpake_default_group(void);
 | |
| void jpake_dump(struct jpake_ctx *, const char *, ...)
 | |
|     __attribute__((__nonnull__ (2)))
 | |
|     __attribute__((format(printf, 2, 3)));
 | |
| struct jpake_ctx *jpake_new(void);
 | |
| void jpake_free(struct jpake_ctx *);
 | |
| 
 | |
| void jpake_step1(struct modp_group *, u_char **, u_int *,
 | |
|     BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **,
 | |
|     u_char **, u_int *, u_char **, u_int *);
 | |
| 
 | |
| void jpake_step2(struct modp_group *, BIGNUM *,
 | |
|     BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
 | |
|     const u_char *, u_int, const u_char *, u_int,
 | |
|     const u_char *, u_int, const u_char *, u_int,
 | |
|     BIGNUM **, u_char **, u_int *);
 | |
| 
 | |
| void jpake_confirm_hash(const BIGNUM *,
 | |
|     const u_char *, u_int,
 | |
|     const u_char *, u_int,
 | |
|     u_char **, u_int *);
 | |
| 
 | |
| void jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *,
 | |
|     BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
 | |
|     const u_char *, u_int, const u_char *, u_int,
 | |
|     const u_char *, u_int, const u_char *, u_int,
 | |
|     BIGNUM **, u_char **, u_int *);
 | |
| 
 | |
| int jpake_check_confirm(const BIGNUM *, const u_char *, u_int,
 | |
|     const u_char *, u_int, const u_char *, u_int);
 | |
| 
 | |
| #endif /* JPAKE_H */
 | |
| 
 |