Annotation of src/usr.bin/ssh/jpake.h, Revision 1.2
1.2 ! djm 1: /* $OpenBSD: jpake.h,v 1.1 2008/11/04 08:22:13 djm Exp $ */
1.1 djm 2: /*
3: * Copyright (c) 2008 Damien Miller. All rights reserved.
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: */
17:
18: #ifndef JPAKE_H
19: #define JPAKE_H
20:
21: #include <sys/types.h>
22:
23: #include <openssl/bn.h>
24:
25: /* Set JPAKE_DEBUG in CFLAGS for privacy-violating debugging */
26: #ifndef JPAKE_DEBUG
27: # define JPAKE_DEBUG_BN(a)
28: # define JPAKE_DEBUG_BUF(a)
29: # define JPAKE_DEBUG_CTX(a)
30: #else
1.2 ! djm 31: # define JPAKE_DEBUG_BN(a) debug3_bn a
! 32: # define JPAKE_DEBUG_BUF(a) debug3_buf a
1.1 djm 33: # define JPAKE_DEBUG_CTX(a) jpake_dump a
1.2 ! djm 34: #endif /* JPAKE_DEBUG */
1.1 djm 35:
36: #define KZP_ID_LEN 16 /* Length of client and server IDs */
37:
38: struct jpake_ctx {
39: /* Parameters */
1.2 ! djm 40: struct modp_group *grp;
1.1 djm 41:
42: /* Private values shared by client and server */
43: BIGNUM *s; /* Secret (salted, crypted password) */
44: BIGNUM *k; /* Derived key */
45:
46: /* Client private values (NULL for server) */
47: BIGNUM *x1; /* random in Zq */
48: BIGNUM *x2; /* random in Z*q */
49:
50: /* Server private values (NULL for server) */
51: BIGNUM *x3; /* random in Zq */
52: BIGNUM *x4; /* random in Z*q */
53:
54: /* Step 1: C->S */
55: u_char *client_id; /* Anti-replay nonce */
56: u_int client_id_len;
57: BIGNUM *g_x1; /* g^x1 */
58: BIGNUM *g_x2; /* g^x2 */
59:
60: /* Step 1: S->C */
61: u_char *server_id; /* Anti-replay nonce */
62: u_int server_id_len;
63: BIGNUM *g_x3; /* g^x3 */
64: BIGNUM *g_x4; /* g^x4 */
65:
66: /* Step 2: C->S */
67: BIGNUM *a; /* g^((x1+x3+x4)*x2*s) */
68:
69: /* Step 2: S->C */
70: BIGNUM *b; /* g^((x1+x2+x3)*x4*s) */
71:
72: /* Confirmation: C->S */
73: u_char *h_k_cid_sessid; /* H(k || client_id || session_id) */
74: u_int h_k_cid_sessid_len;
75:
76: /* Confirmation: S->C */
77: u_char *h_k_sid_sessid; /* H(k || server_id || session_id) */
78: u_int h_k_sid_sessid_len;
79: };
80:
81: /* jpake.c */
1.2 ! djm 82: struct modp_group *jpake_default_group(void);
1.1 djm 83: void jpake_dump(struct jpake_ctx *, const char *, ...)
84: __attribute__((__nonnull__ (2)))
85: __attribute__((format(printf, 2, 3)));
86: struct jpake_ctx *jpake_new(void);
87: void jpake_free(struct jpake_ctx *);
88:
1.2 ! djm 89: void jpake_step1(struct modp_group *, u_char **, u_int *,
1.1 djm 90: BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **,
91: u_char **, u_int *, u_char **, u_int *);
92:
1.2 ! djm 93: void jpake_step2(struct modp_group *, BIGNUM *,
1.1 djm 94: BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
95: const u_char *, u_int, const u_char *, u_int,
96: const u_char *, u_int, const u_char *, u_int,
97: BIGNUM **, u_char **, u_int *);
98:
99: void jpake_confirm_hash(const BIGNUM *,
100: const u_char *, u_int,
101: const u_char *, u_int,
102: u_char **, u_int *);
103:
1.2 ! djm 104: void jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *,
1.1 djm 105: BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
106: const u_char *, u_int, const u_char *, u_int,
107: const u_char *, u_int, const u_char *, u_int,
108: BIGNUM **, u_char **, u_int *);
109:
110: int jpake_check_confirm(const BIGNUM *, const u_char *, u_int,
111: const u_char *, u_int, const u_char *, u_int);
112:
113: #endif /* JPAKE_H */
114: