summaryrefslogtreecommitdiff
path: root/package/ead/src/tinysrp/t_client.h
diff options
context:
space:
mode:
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-12-24 10:42:12 +0000
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-12-24 10:42:12 +0000
commit85f89d5d09dac0d926aaead2615b154ff4beb65a (patch)
tree91368c1d3b51e419ca42ee0196df3553a19b976e /package/ead/src/tinysrp/t_client.h
parent2b020ab72106f0529f63a2c9c27ff4933f65494e (diff)
add the 'ead' package (emergency access daemon),
which can provide remote access to your device, even if the ip and firewall settings are broken git-svn-id: svn://svn.openwrt.org/openwrt/trunk@13738 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/ead/src/tinysrp/t_client.h')
-rw-r--r--package/ead/src/tinysrp/t_client.h148
1 files changed, 148 insertions, 0 deletions
diff --git a/package/ead/src/tinysrp/t_client.h b/package/ead/src/tinysrp/t_client.h
new file mode 100644
index 0000000000..42922aff1b
--- /dev/null
+++ b/package/ead/src/tinysrp/t_client.h
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
+ * All Rights Reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
+ * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
+ * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
+ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
+ * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
+ * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * In addition, the following conditions apply:
+ *
+ * 1. Any software that incorporates the SRP authentication technology
+ * must display the following acknowlegment:
+ * "This product uses the 'Secure Remote Password' cryptographic
+ * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
+ *
+ * 2. Any software that incorporates all or part of the SRP distribution
+ * itself must also display the following acknowledgment:
+ * "This product includes software developed by Tom Wu and Eugene
+ * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
+ *
+ * 3. Redistributions in source or binary form must retain an intact copy
+ * of this copyright notice and list of conditions.
+ */
+
+#ifndef T_CLIENT_H
+#define T_CLIENT_H
+
+#include "t_sha.h"
+
+#if !defined(P)
+#ifdef __STDC__
+#define P(x) x
+#else
+#define P(x) ()
+#endif
+#endif
+
+/* For building dynamic link libraries under windows, windows NT
+ * using MSVC1.5 or MSVC2.0
+ */
+
+#ifndef _DLLDECL
+#define _DLLDECL
+
+#ifdef MSVC15 /* MSVC1.5 support for 16 bit apps */
+#define _MSVC15EXPORT _export
+#define _MSVC20EXPORT
+#define _DLLAPI _export _pascal
+#define _TYPE(a) a _MSVC15EXPORT
+#define DLLEXPORT 1
+
+#elif MSVC20
+#define _MSVC15EXPORT
+#define _MSVC20EXPORT _declspec(dllexport)
+#define _DLLAPI
+#define _TYPE(a) _MSVC20EXPORT a
+#define DLLEXPORT 1
+
+#else /* Default, non-dll. Use this for Unix or DOS */
+#define _MSVC15DEXPORT
+#define _MSVC20EXPORT
+#define _DLLAPI
+#define _TYPE(a) a
+#endif
+#endif
+
+#define ALEN 32
+#define MIN_MOD_BYTES 64 /* 512 bits */
+
+struct t_client {
+ struct t_num n;
+ struct t_num g;
+ struct t_num s;
+
+ struct t_num a;
+ struct t_num A;
+
+ struct t_num p;
+ struct t_num v;
+
+ SHA1_CTX hash, ckhash;
+
+ char username[MAXUSERLEN];
+ unsigned char session_key[SESSION_KEY_LEN];
+ unsigned char session_response[RESPONSE_LEN];
+
+ unsigned char nbuf[MAXPARAMLEN], gbuf[MAXPARAMLEN], sbuf[MAXSALTLEN];
+ unsigned char pbuf[MAXPARAMLEN], vbuf[MAXPARAMLEN];
+ unsigned char abuf[ALEN], Abuf[MAXPARAMLEN];
+};
+
+/*
+ * SRP client-side negotiation
+ *
+ * This code negotiates the client side of an SRP exchange.
+ * "t_clientopen" accepts a username, and N, g, and s parameters,
+ * which are usually sent by the server in the first round.
+ * The client should then call...
+ * "t_clientgenexp" will generate a random 256-bit exponent and
+ * raise g to that power, returning the result. This result
+ * should be sent to the server as w(p).
+ * "t_clientpasswd" accepts the user's password, which should be
+ * entered locally and updates the client's state.
+ * "t_clientgetkey" accepts the exponential y(p), which should
+ * be sent by the server in the next round and computes the
+ * 256-bit session key. This data should be saved before the
+ * session is closed.
+ * "t_clientresponse" computes the session key proof as SHA(y(p), K).
+ * "t_clientclose" closes the session and frees its memory.
+ *
+ * Note that authentication is not performed per se; it is up
+ * to either/both sides of the protocol to now verify securely
+ * that their session keys agree in order to establish authenticity.
+ * One possible way is through "oracle hashing"; one side sends
+ * r, the other replies with H(r,K), where H() is a hash function.
+ *
+ * t_clientresponse and t_clientverify now implement a version of
+ * the session-key verification described above.
+ */
+_TYPE( struct t_client * )
+ t_clientopen P((const char *, struct t_num *, struct t_num *,
+ struct t_num *));
+_TYPE( struct t_num * ) t_clientgenexp P((struct t_client *));
+_TYPE( void ) t_clientpasswd P((struct t_client *, char *));
+_TYPE( unsigned char * )
+ t_clientgetkey P((struct t_client *, struct t_num *));
+_TYPE( int ) t_clientverify P((struct t_client *, unsigned char *));
+_TYPE( unsigned char * ) t_clientresponse P((struct t_client *));
+_TYPE( void ) t_clientclose P((struct t_client *));
+
+#endif