"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/auth/SecureRemotePassword/srp.h" between
Firebird-3.0.2.32703-0.tar.bz2 and Firebird-3.0.4.33054-0.tar.bz2

About: Firebird is a relational database offering many ANSI SQL standard features.

[ To the main Firebird source changes report ]

srp.h  (Firebird-3.0.2.32703-0.tar.bz2):srp.h  (Firebird-3.0.4.33054-0.tar.bz2)
#include "../common/BigInteger.h" #include "../common/BigInteger.h"
#include "../common/classes/alloc.h" #include "../common/classes/alloc.h"
#include "../common/classes/fb_string.h" #include "../common/classes/fb_string.h"
#include "../common/sha.h" #include "../common/sha.h"
#include "../common/sha2/sha2.h"
#define SRP_DEBUG 0 // >0 - prints some debug info #define SRP_DEBUG 0 // >0 - prints some debug info
// >1 - uses consts instead rando ms, NEVER use in PRODUCTION! // >1 - uses consts instead rando ms, NEVER use in PRODUCTION!
// for HANDSHAKE_DEBUG // for HANDSHAKE_DEBUG
#include "../remote/remot_proto.h" #include "../remote/remot_proto.h"
namespace Auth { namespace Auth {
/* /*
skipping to change at line 49 skipping to change at line 50
* name, and password. * name, and password.
* 5. Server computes session key from client * 5. Server computes session key from client
* public key, client name, and verifier * public key, client name, and verifier
* *
* For full details, see http://www.ietf.org/rfc/rfc5054.txt * For full details, see http://www.ietf.org/rfc/rfc5054.txt
* *
*/ */
class RemoteGroup; class RemoteGroup;
class Sha1 : public Firebird::Sha1 template <class SHA> class SecureHash : public SHA
{ {
public: public:
void getInt(Firebird::BigInteger& hash) void getInt(Firebird::BigInteger& hash)
{ {
Firebird::UCharBuffer tmp; Firebird::UCharBuffer tmp;
getHash(tmp); SHA::getHash(tmp);
hash.assign(tmp.getCount(), tmp.begin()); hash.assign(tmp.getCount(), tmp.begin());
} }
void processInt(const Firebird::BigInteger& data) void processInt(const Firebird::BigInteger& data)
{ {
Firebird::UCharBuffer bytes; Firebird::UCharBuffer bytes;
data.getBytes(bytes); data.getBytes(bytes);
process(bytes); SHA::process(bytes);
} }
void processStrippedInt(const Firebird::BigInteger& data) void processStrippedInt(const Firebird::BigInteger& data)
{ {
Firebird::UCharBuffer bytes; Firebird::UCharBuffer bytes;
data.getBytes(bytes); data.getBytes(bytes);
if (bytes.getCount()) if (bytes.getCount())
{ {
unsigned int n = (bytes[0] == 0) ? 1u : 0; unsigned int n = (bytes[0] == 0) ? 1u : 0;
process(bytes.getCount() - n, bytes.begin() + n); SHA::process(bytes.getCount() - n, bytes.begin() + n);
} }
} }
}; };
class RemotePassword : public Firebird::GlobalStorage class RemotePassword : public Firebird::GlobalStorage
{ {
private: private:
const RemoteGroup* group; const RemoteGroup* group;
Auth::Sha1 hash; Auth::SecureHash<Firebird::Sha1> hash;
Firebird::BigInteger privateKey; Firebird::BigInteger privateKey;
Firebird::BigInteger scramble; Firebird::BigInteger scramble;
protected:
virtual Firebird::BigInteger MakeProof(const Firebird::BigInteger n1, const
Firebird::BigInteger n2,
const char* salt, const Firebird::UCharBuffer& sessionKey) = 0;
public: public:
Firebird::BigInteger clientPublicKey; Firebird::BigInteger clientPublicKey;
Firebird::BigInteger serverPublicKey; Firebird::BigInteger serverPublicKey;
public: public:
RemotePassword(); RemotePassword();
static const char* plugName; static const char* plugName;
static const unsigned SRP_KEY_SIZE = 128; static const unsigned SRP_KEY_SIZE = 128;
static const unsigned SRP_VERIFIER_SIZE = SRP_KEY_SIZE; static const unsigned SRP_VERIFIER_SIZE = SRP_KEY_SIZE;
static const unsigned SRP_SALT_SIZE = 32; static const unsigned SRP_SALT_SIZE = 32;
static Firebird::string pluginName(unsigned bits);
Firebird::BigInteger getUserHash(const char* account, Firebird::BigInteger getUserHash(const char* account,
const ch ar* salt, const ch ar* salt,
const ch ar* password); const ch ar* password);
Firebird::BigInteger computeVerifier(const Firebird::string& account, Firebird::BigInteger computeVerifier(const Firebird::string& account,
const Firebird::string& salt, const Firebird::string& salt,
const Firebird::string& password); const Firebird::string& password);
void genClientKey(Firebird::string& clientPubKey); void genClientKey(Firebird::string& clientPubKey);
void genServerKey(Firebird::string& serverPubKey, const Firebird::UCharBu ffer& verifier); void genServerKey(Firebird::string& serverPubKey, const Firebird::UCharBu ffer& verifier);
void computeScramble(); void computeScramble();
void clientSessionKey(Firebird::UCharBuffer& sessionKey, const char* acco unt, void clientSessionKey(Firebird::UCharBuffer& sessionKey, const char* acco unt,
const char* salt, const char* p assword, const char* salt, const char* p assword,
const char* serverPubKey); const char* serverPubKey);
void serverSessionKey(Firebird::UCharBuffer& sessionKey, void serverSessionKey(Firebird::UCharBuffer& sessionKey,
const char* clientPubKey, const char* clientPubKey,
const Firebird::UCharBuffer& ve rifier); const Firebird::UCharBuffer& ve rifier);
Firebird::BigInteger clientProof(const char* account, Firebird::BigInteger clientProof(const char* account,
const ch ar* salt, const ch ar* salt,
const Fi rebird::UCharBuffer& sessionKey); const Fi rebird::UCharBuffer& sessionKey);
}; };
template <class SHA> class RemotePasswordImpl : public RemotePassword
{
protected:
Firebird::BigInteger MakeProof(const Firebird::BigInteger n1, const Fireb
ird::BigInteger n2,
const char* salt, const Firebird::UCharBuffer& sessionKey)
{
Auth::SecureHash<SHA> digest;
digest.processInt(n1); // H(prime) ^ H(g
)
digest.processInt(n2); // H(I)
digest.process(salt); // s
digest.processInt(clientPublicKey); // A
digest.processInt(serverPublicKey); // B
digest.process(sessionKey); // K
Firebird::BigInteger rc;
digest.getInt(rc);
return rc;
}
};
#if SRP_DEBUG > 0 #if SRP_DEBUG > 0
void dumpIt(const char* name, const Firebird::BigInteger& bi); void dumpIt(const char* name, const Firebird::BigInteger& bi);
void dumpIt(const char* name, const Firebird::UCharBuffer& data); void dumpIt(const char* name, const Firebird::UCharBuffer& data);
void dumpIt(const char* name, const Firebird::string& str); void dumpIt(const char* name, const Firebird::string& str);
void dumpBin(const char* name, const Firebird::string& str); void dumpBin(const char* name, const Firebird::string& str);
#else #else
void static inline dumpIt(const char* /*name*/, const Firebird::BigInteger& /*bi */) { } void static inline dumpIt(const char* /*name*/, const Firebird::BigInteger& /*bi */) { }
void static inline dumpIt(const char* /*name*/, const Firebird::UCharBuffer& /*d ata*/) { } void static inline dumpIt(const char* /*name*/, const Firebird::UCharBuffer& /*d ata*/) { }
void static inline dumpIt(const char* /*name*/, const Firebird::string& /*str*/) { } void static inline dumpIt(const char* /*name*/, const Firebird::string& /*str*/) { }
void static inline dumpBin(const char* /*name*/, const Firebird::string& /*str*/ ) { } void static inline dumpBin(const char* /*name*/, const Firebird::string& /*str*/ ) { }
 End of changes. 9 change blocks. 
5 lines changed or deleted 35 lines changed or added
To the Header Files section of the Firebird source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)