Struct wow_srp::server::SrpVerifier [−][src]
pub struct SrpVerifier { /* fields omitted */ }Expand description
Creates and contains the username, password verifier, and salt values.
First step of the server, next is SrpProof.
These are values that should be stored in the database. Do NOT store raw passwords in the database.
The salt is a randomly generated 32 byte array of random data used as salt for the password verifier. The verifier is the result of SHA-1 hashing a combination of the username, password and salt. The salt is sent over the network for the client to use. The password verifier is used for generating the server public key, and should never leave the server. The private key is not exposed through any of the structs.
All byte arrays are little endian.
Example
use wow_srp::normalized_string::NormalizedString; use wow_srp::{error::NormalizedStringError, SALT_LENGTH, PASSWORD_VERIFIER_LENGTH}; use wow_srp::server::SrpVerifier; // Create salt and password verifier values for signup page fn to_database() -> Result<(), NormalizedStringError> { // See NormalizedString for specifics. let username = NormalizedString::new("Alice")?; let password = NormalizedString::new("password123")?; let verifier = SrpVerifier::from_username_and_password(username, password); assert_eq!("ALICE", verifier.username()); // Salt is randomly chosen and password_verifier depends on salt so we can't assert_eq // Store these values in the database for future authentication let password_verifier = verifier.password_verifier(); let salt = verifier.salt(); Ok(()) } // Authenticate client logging into game server fn from_database() -> Result<(), NormalizedStringError> { // Get these from the database let username = NormalizedString::new("Alice")?; let password_verifier = [0u8; PASSWORD_VERIFIER_LENGTH as usize]; let salt = [0u8; SALT_LENGTH as usize]; let verifier = SrpVerifier::from_database_values(username, password_verifier, salt); // Next step is continuing into the state machine, see into_proof() and SrpProof for more. let proof = verifier.into_proof(); Ok(()) }
Implementations
The normalized_string representation of the username,
see that for more details.
Called U and <username> in RFC2945.
The password verifier. Should not be used except for when saving to the database. Array is little endian.
Called v and <password verifier> in RFC2945.
Always 32 bytes (256 bits) in length
since the value is generated through
the remainder of a 32 byte value.
Salt value used for calculating verifier. Is sent to the client. Array is little endian.
Called s, <salt from passwd file> and <salt> in RFC2945.
Always 32 bytes (256 bits) in length since the packet sent to
the client has a fixed width.
pub fn from_username_and_password(
username: NormalizedString,
password: NormalizedString
) -> Self
pub fn from_username_and_password(
username: NormalizedString,
password: NormalizedString
) -> Self
See normalized_string for more information on the format.
Only use this for generating verifiers and salts to save to the database.
Never use this by saving raw usernames and passwords on the database.
pub const fn from_database_values(
username: NormalizedString,
password_verifier: [u8; 32],
salt: [u8; 32]
) -> Self
pub const fn from_database_values(
username: NormalizedString,
password_verifier: [u8; 32],
salt: [u8; 32]
) -> Self
See normalized_string for more information on the string format.
Both arrays are little endian.
Converts to an SrpProof, consuming the SrpVerifier.
Panics:
- Panics if the RNG returns an error. If RNG does not work the authentication server should not continue functioning and therefore panics.
- Very rarely panic if the server generated public key is invalid.
There are only two invalid states for the randomly generated server public key:
- All zeros.
- Exactly the same as the large safe prime.
This is 2 out of 2^256 possible states. The chances of this occurring naturally are very slim.
It is significantly more likely that the RNG of the system has been compromised in which case
authentication is not possible.