FAQ
I've created an implementation of SRP-6a:
github.com/tadglines/go-pkgs/crypto/srp
The design is from: http://srp.stanford.edu/design.html
It includes the groups (N and g) from rfc5054 and the groups from the
Stanford patch to OpenSSL.

I welcome comments and suggestions. A review from someone with extensive
crypto coding experience would be nice as well.

-Tad

--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

  • Michael Gehring at Sep 30, 2013 at 7:42 am
    Hi,

    srp.go:322+

    func (ss *ServerSession) VerifyClientAuthenticator(cauth []byte) bool {
      M := computeClientAutneticator(ss.SRP.HashFunc(), ss.SRP.Group, ss.username, ss.salt, ss._A.Bytes(), ss._B.Bytes(), ss.key)
      return subtle.ConstantTimeCompare(M, cauth) == 0
    }

    If the intent is to return true if M equals cauth, the above code is
    wrong. I guess you want to use '== 1' (see
    http://golang.org/pkg/crypto/subtle/#ConstantTimeCompare) here, but then
    all the tests fail.

    Same comment applies to ClientSession.VerifyServerAuthenticator.

    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Tad Glines at Sep 30, 2013 at 5:37 pm
    Thanks for pointing that out. For some reason I thought ConstantTimeCompare
    returned -1, 0, or 1. And now I can't figure out why I thought that.


    On Mon, Sep 30, 2013 at 12:42 AM, Michael Gehring wrote:

    Hi,

    srp.go:322+

    func (ss *ServerSession) VerifyClientAuthenticator(cauth []byte) bool {
    M := computeClientAutneticator(ss.SRP.HashFunc(), ss.SRP.Group,
    ss.username, ss.salt, ss._A.Bytes(), ss._B.Bytes(), ss.key)
    return subtle.ConstantTimeCompare(M, cauth) == 0
    }

    If the intent is to return true if M equals cauth, the above code is
    wrong. I guess you want to use '== 1' (see
    http://golang.org/pkg/crypto/subtle/#ConstantTimeCompare) here, but then
    all the tests fail.

    Same comment applies to ClientSession.VerifyServerAuthenticator.
    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.
  • Tad Glines at Sep 30, 2013 at 6:51 pm
    I've fixed the errors in the implementation and made an important
    modification to the API.
    It is not possible to specify a separate key derivation function. This was
    needed in order to be able to use key derivation functions like pbkdf2 or
    scrypt.
    I've added srp/pbkdf2 anbd srp/scrypt which each contain a convenience
    function that returns a key derivation function in the form expected by the
    srp package.

    On Mon, Sep 30, 2013 at 10:37 AM, Tad Glines wrote:

    Thanks for pointing that out. For some reason I thought
    ConstantTimeCompare returned -1, 0, or 1. And now I can't figure out why I
    thought that.


    On Mon, Sep 30, 2013 at 12:42 AM, Michael Gehring wrote:

    Hi,

    srp.go:322+

    func (ss *ServerSession) VerifyClientAuthenticator(cauth []byte) bool {
    M := computeClientAutneticator(ss.SRP.HashFunc(), ss.SRP.Group,
    ss.username, ss.salt, ss._A.Bytes(), ss._B.Bytes(), ss.key)
    return subtle.ConstantTimeCompare(M, cauth) == 0
    }

    If the intent is to return true if M equals cauth, the above code is
    wrong. I guess you want to use '== 1' (see
    http://golang.org/pkg/crypto/subtle/#ConstantTimeCompare) here, but then
    all the tests fail.

    Same comment applies to ClientSession.VerifyServerAuthenticator.
    --
    You received this message because you are subscribed to the Google Groups "golang-nuts" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/groups/opt_out.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupgolang-nuts @
categoriesgo
postedSep 30, '13 at 12:37a
activeSep 30, '13 at 6:51p
posts4
users2
websitegolang.org

2 users in discussion

Tad Glines: 3 posts Michael Gehring: 1 post

People

Translate

site design / logo © 2022 Grokbase