botan-bindings-0.0.1.0: Raw Botan bindings
Copyright(c) Leo D 2023
LicenseBSD-3-Clause
Maintainerleo@apotheca.io
Stabilityexperimental
PortabilityPOSIX
Safe HaskellSafe-Inferred
LanguageHaskell2010

Botan.Bindings.SRP6

Description

The library contains an implementation of the SRP6-a password authenticated key exchange protocol.

A SRP client provides what is called a SRP verifier to the server. This verifier is based on a password, but the password cannot be easily derived from the verifier (however brute force attacks are possible). Later, the client and server can perform an SRP exchange, which results in a shared secret key. This key can be used for mutual authentication and/or encryption.

SRP works in a discrete logarithm group. Special parameter sets for SRP6 are defined, denoted in the library as “modpsrpsize”, for example “modpsrp2048”.

Warning

While knowledge of the verifier does not easily allow an attacker to get the raw password, they could still use the verifier to impersonate the server to the client, so verifiers should be protected as carefully as a plaintext password would be.

Synopsis

Documentation

data BotanSRP6ServerSessionStruct Source #

Opaque SRP-6 server session struct

newtype BotanSRP6ServerSession Source #

Botan SRP-6 server session object

Constructors

MkBotanSRP6ServerSession 

Fields

Instances

Instances details
Storable BotanSRP6ServerSession Source # 
Instance details

Defined in Botan.Bindings.SRP6

Methods

sizeOf :: BotanSRP6ServerSession -> Int #

alignment :: BotanSRP6ServerSession -> Int #

peekElemOff :: Ptr BotanSRP6ServerSession -> Int -> IO BotanSRP6ServerSession #

pokeElemOff :: Ptr BotanSRP6ServerSession -> Int -> BotanSRP6ServerSession -> IO () #

peekByteOff :: Ptr b -> Int -> IO BotanSRP6ServerSession #

pokeByteOff :: Ptr b -> Int -> BotanSRP6ServerSession -> IO () #

peek :: Ptr BotanSRP6ServerSession -> IO BotanSRP6ServerSession #

poke :: Ptr BotanSRP6ServerSession -> BotanSRP6ServerSession -> IO () #

Eq BotanSRP6ServerSession Source # 
Instance details

Defined in Botan.Bindings.SRP6

Methods

(==) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

(/=) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

Ord BotanSRP6ServerSession Source # 
Instance details

Defined in Botan.Bindings.SRP6

Methods

compare :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Ordering #

(<) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

(<=) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

(>) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

(>=) :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> Bool #

max :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> BotanSRP6ServerSession #

min :: BotanSRP6ServerSession -> BotanSRP6ServerSession -> BotanSRP6ServerSession #

botan_srp6_server_session_destroy :: FinalizerPtr BotanSRP6ServerSessionStruct Source #

Frees all resources of the SRP-6 server session object

botan_srp6_server_session_init Source #

Arguments

:: Ptr BotanSRP6ServerSession

srp6: SRP-6 server session object

-> IO CInt 

Initialize an SRP-6 server session object

botan_srp6_server_session_step1 Source #

Arguments

:: BotanSRP6ServerSession

srp6: SRP-6 server session object

-> ConstPtr Word8

verifier[]: the verification value saved from client registration

-> CSize

verifier_len: SRP-6 verifier value length

-> ConstPtr CChar

group_id: the SRP group id

-> ConstPtr CChar

hash_id: the SRP hash in use

-> BotanRNG

rng_obj: a random number generator object

-> Ptr Word8

B_pub[]: out buffer to store the SRP-6 B value

-> Ptr CSize

B_pub_len: SRP-6 B value length

-> IO CInt

0 on success, negative on failure

SRP-6 Server side step 1: Generate a server B-value

botan_srp6_server_session_step2 Source #

Arguments

:: BotanSRP6ServerSession

srp6: SRP-6 server session object

-> ConstPtr Word8

A[]: the client's value

-> CSize

A_len: the client's value length

-> Ptr Word8

key[]: out buffer to store the symmetric key value

-> Ptr CSize

key_len: symmetric key length

-> IO CInt

0 on success, negative on failure

SRP-6 Server side step 2: Generate the server shared key

botan_srp6_generate_verifier Source #

Arguments

:: ConstPtr CChar

identifier: a username or other client identifier

-> ConstPtr CChar

password: the secret used to authenticate user

-> ConstPtr Word8

salt[]: a randomly chosen value, at least 128 bits long

-> CSize

salt_len: the length of salt

-> ConstPtr CChar

group_id: specifies the shared SRP group

-> ConstPtr CChar

hash_id: specifies a secure hash function

-> Ptr Word8

verifier[]: out buffer to store the SRP-6 verifier value

-> Ptr CSize

verifier_len: SRP-6 verifier value length

-> IO CInt

0 on success, negative on failure

SRP-6 Client side step 1: Generate a new SRP-6 verifier

botan_srp6_client_agree Source #

Arguments

:: ConstPtr CChar

username: the username we are attempting login for

-> ConstPtr CChar

password: the password we are attempting to use

-> ConstPtr CChar

group_id: specifies the shared SRP group

-> ConstPtr CChar

hash_id: specifies a secure hash function

-> ConstPtr Word8

salt[]: is the salt value sent by the server

-> CSize

salt_len: the length of salt

-> ConstPtr Word8

uint8_t: B[] is the server's public value

-> CSize

B_len: is the server's public value length

-> BotanRNG

rng_obj: is a random number generator object

-> Ptr Word8

A[]: out buffer to store the SRP-6 A value

-> Ptr CSize

A_len: SRP-6 A verifier value length

-> Ptr Word8

K[]: out buffer to store the symmetric value

-> Ptr CSize

K_len: symmetric key length

-> IO CInt

0 on success, negative on failure

SRP6a Client side step 2: Generate a client A-value and the client shared key

botan_srp6_group_size Source #

Arguments

:: ConstPtr CChar

group_id

-> Ptr CSize

group_p_bytes

-> IO CInt 

Return the size, in bytes, of the prime associated with group_id