1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
//! [Secure Remote Password][1] (SRP) protocol implementation. //! //! This implementation is generic over hash functions using //! [`Digest`](https://docs.rs/digest) trait, so you will need to choose a hash //! function, e.g. `Sha256` from [`sha2`](https://crates.io/crates/sha2) crate. //! Additionally this crate allows to use a specialized password hashing //! algorithm for private key computation instead of method described in the //! SRP literature. //! //! Compatibility with over implementations was not yet tested. //! //! # Usage //! Add `srp` dependecy to your `Cargo.toml`: //! //! ```toml //! [dependencies] //! srp = "0.4" //! ``` //! //! and this to your crate root: //! //! ```rust //! extern crate srp; //! ``` //! //! Next read documentation for [`client`](client/index.html) and //! [`server`](server/index.html) modules. //! //! # Algorithm description //! Here we briefly describe implemented algroithm. For additionall information //! refer to SRP literature. All arithmetic is done modulo `N`, where `N` is a //! large safe prime (`N = 2q+1`, where `q` is prime). Additionally `g` MUST be //! a generator modulo `N`. It's STRONGLY recommended to use SRP parameters //! provided by this crate in the [`groups`](groups/index.html) module. //! //! | Client | Data transfer | Server | //! |------------------------|-------------------|---------------------------------| //! |`a_pub = g^a` | — `a_pub`, `I` —> | (lookup `s`, `v` for given `I`) | //! |`x = PH(P, s)` | <— `b_pub`, `s` — | `b_pub = k*v + g^b` | //! |`u = H(a_pub ‖ b_pub)` | | `u = H(a_pub ‖ b_pub)` | //! |`s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)` | //! |`K = H(s)` | | `K = H(s)` | //! |`M1 = H(A ‖ B ‖ K)` | — `M1` —> | (verify `M1`) | //! |(verify `M2`) | <— `M2` — | `M2 = H(A ‖ M1 ‖ K)` | //! //! Variables and notations have the following //! meaning: //! //! - `I` — user identity (username) //! - `P` — user password //! - `H` — one-way hash function //! - `PH` — password hashing algroithm, in the RFC 5054 described as //! `H(s ‖ H(I ‖ ":" ‖ P))` //! - `^` — (modular) exponentiation //! - `‖` — concatenation //! - `x` — user private key //! - `s` — salt generated by user and stored on the server //! - `v` — password verifier equal to `g^x` and stored on the server //! - `a`, `b` — secret ephemeral values (at least 256 bits in length) //! - `A`, `B` — Public ephemeral values //! - `u` — scrambling parameter //! - `k` — multiplier parameter (`k = H(N || g)` in SRP-6a) //! //! [1]: https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol //! [2]: https://tools.ietf.org/html/rfc5054 #![doc(html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo_small.png")] pub mod client; pub mod groups; pub mod server; mod tools; pub mod types;