Struct wow_srp::server::SrpVerifier

source · 
pub struct SrpVerifier { /* private fields */ }
Available on crate features srp-default-math or srp-fast-math only.
Expand description

Creates and contains the username, password verifier, and salt values. First step of the server, next is SrpProof.

These are values that should be stored in the database. Do NOT store raw passwords in the database.

The salt is a randomly generated 32 byte array of random data used as salt for the password verifier. The verifier is the result of SHA-1 hashing a combination of the username, password and salt. The salt is sent over the network for the client to use. The password verifier is used for generating the server public key, and should never leave the server. The private key is not exposed through any of the structs.

All byte arrays are little endian.

§Example

use wow_srp::normalized_string::NormalizedString;
use wow_srp::{error::NormalizedStringError, SALT_LENGTH, PASSWORD_VERIFIER_LENGTH};
use wow_srp::server::SrpVerifier;

// Create salt and password verifier values for signup page
fn to_database() -> Result<(), NormalizedStringError> {
    // See NormalizedString for specifics.
    let username = NormalizedString::new("Alice")?;
    let password = NormalizedString::new("password123")?;

    let verifier = SrpVerifier::from_username_and_password(username, password);

    assert_eq!("ALICE", verifier.username());

    // Salt is randomly chosen and password_verifier depends on salt so we can't assert_eq
    // Store these values in the database for future authentication
    let password_verifier = verifier.password_verifier();
    let salt = verifier.salt();

    Ok(())
}

// Authenticate client logging into game server
fn from_database() -> Result<(), NormalizedStringError> {
    // Get these from the database
    let username = NormalizedString::new("Alice")?;
    let password_verifier = [0u8; PASSWORD_VERIFIER_LENGTH as usize];
    let salt = [0u8; SALT_LENGTH as usize];

    let verifier = SrpVerifier::from_database_values(username, password_verifier, salt);

    // Next step is continuing into the state machine, see into_proof() and SrpProof for more.
    let proof = verifier.into_proof();

    Ok(())
}

Implementations§

source§

impl SrpVerifier

source

pub fn username(&self) -> &str

The normalized_string representation of the username, see that for more details.

Called U and <username> in RFC2945.

source

pub const fn password_verifier(&self) -> &[u8; 32]

The password verifier. Should not be used except for when saving to the database. Array is little endian.

Called v and <password verifier> in RFC2945. Always 32 bytes (256 bits) in length since the value is generated through the remainder of a 32 byte value.

source

pub const fn salt(&self) -> &[u8; 32]

Salt value used for calculating verifier. Is sent to the client. Array is little endian.

Called s, <salt from passwd file> and <salt> in RFC2945. Always 32 bytes (256 bits) in length since the packet sent to the client has a fixed width.

source

pub fn from_username_and_password( username: NormalizedString, password: NormalizedString ) -> Self

See normalized_string for more information on the format. Only use this for generating verifiers and salts to save to the database. Never use this by saving raw usernames and passwords on the database.

source

pub const fn from_database_values( username: NormalizedString, password_verifier: [u8; 32], salt: [u8; 32] ) -> Self

See normalized_string for more information on the string format. Both arrays are little endian.

source

pub fn into_proof(self) -> SrpProof

Converts to an SrpProof, consuming the SrpVerifier.

§Panics
  • Panics if the RNG returns an error. If RNG does not work the authentication server should not continue functioning and therefore panics.
  • Very rarely panic if the server generated public key is invalid.

There are only two invalid states for the randomly generated server public key:

This is 2 out of 2^256 possible states. The chances of this occurring naturally are very slim. It is significantly more likely that the RNG of the system has been compromised in which case authentication is not possible.

Trait Implementations§

source§

impl Clone for SrpVerifier

source§

fn clone(&self) -> SrpVerifier

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for SrpVerifier

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Hash for SrpVerifier

source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
source§

impl Ord for SrpVerifier

source§

fn cmp(&self, other: &SrpVerifier) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized + PartialOrd,

Restrict a value to a certain interval. Read more
source§

impl PartialEq for SrpVerifier

source§

fn eq(&self, other: &SrpVerifier) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl PartialOrd for SrpVerifier

source§

fn partial_cmp(&self, other: &SrpVerifier) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · source§

fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · source§

fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · source§

fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · source§

fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more
source§

impl Eq for SrpVerifier

source§

impl StructuralPartialEq for SrpVerifier

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Az for T

source§

fn az<Dst>(self) -> Dst
where T: Cast<Dst>,

Casts the value.
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<Src, Dst> CastFrom<Src> for Dst
where Src: Cast<Dst>,

source§

fn cast_from(src: Src) -> Dst

Casts the value.
source§

impl<T> CheckedAs for T

source§

fn checked_as<Dst>(self) -> Option<Dst>
where T: CheckedCast<Dst>,

Casts the value.
source§

impl<Src, Dst> CheckedCastFrom<Src> for Dst
where Src: CheckedCast<Dst>,

source§

fn checked_cast_from(src: Src) -> Option<Dst>

Casts the value.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> OverflowingAs for T

source§

fn overflowing_as<Dst>(self) -> (Dst, bool)
where T: OverflowingCast<Dst>,

Casts the value.
source§

impl<Src, Dst> OverflowingCastFrom<Src> for Dst
where Src: OverflowingCast<Dst>,

source§

fn overflowing_cast_from(src: Src) -> (Dst, bool)

Casts the value.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> SaturatingAs for T

source§

fn saturating_as<Dst>(self) -> Dst
where T: SaturatingCast<Dst>,

Casts the value.
source§

impl<Src, Dst> SaturatingCastFrom<Src> for Dst
where Src: SaturatingCast<Dst>,

source§

fn saturating_cast_from(src: Src) -> Dst

Casts the value.
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> UnwrappedAs for T

source§

fn unwrapped_as<Dst>(self) -> Dst
where T: UnwrappedCast<Dst>,

Casts the value.
source§

impl<Src, Dst> UnwrappedCastFrom<Src> for Dst
where Src: UnwrappedCast<Dst>,

source§

fn unwrapped_cast_from(src: Src) -> Dst

Casts the value.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WrappingAs for T

source§

fn wrapping_as<Dst>(self) -> Dst
where T: WrappingCast<Dst>,

Casts the value.
source§

impl<Src, Dst> WrappingCastFrom<Src> for Dst
where Src: WrappingCast<Dst>,

source§

fn wrapping_cast_from(src: Src) -> Dst

Casts the value.