srp

README

go-srp

Introduction

srp libaray used in all Protonmail clients

License

Copyright (c) 2019 Proton Technologies AG

Please see LICENSE file for the license.

Doc

Secure Remote Password (SRP) Protocol

Folders

The root folder contains the main logic.

The windows folder contains the warpper for .net.

Setup

Setup Go Mobile and build/bind the source code:

Go Mobile repo: https://github.com/golang/mobile

Go Mobile wiki: https://github.com/golang/go/wiki/Mobile

1. Install Go: brew install go

2. Install Gomobile: go get -u golang.org/x/mobile/cmd/gomobile

3. Install Gobind: go install golang.org/x/mobile/cmd/gobind

4. Install Android SDK and NDK using Android Studio

5. Set env: export ANDROID_HOME="/AndroidSDK" (path to your SDK)

6. Init gomobile: gomobile init -ndk /AndroidSDK/ndk-bundle/ (path to your NDK)

7. Copy Go module dependencies to the vendor directory: go mod vendor

8. Build examples: gomobile build -target=android #or ios

   Bind examples: gomobile bind -target ios -o frameworks/name.framework gomobile bind -target android

   The bind will create framework for iOS and jar&aar files for Android (x86_64 and ARM).

Other notes

If you wish to use build.sh, you may need to modify the paths in it.

use go mod

go mod vender

./build.sh

use glide

glide i
./build.sh

Dependencies

bcrypt

golang.org/x/mobile

ProtonMail Crypto

Documentation

Index

• Variables
• func GetModulusKey() string
• func HashPassword(authVersion int, password, userName string, salt, modulus []byte) ([]byte, error)
• func MailboxPassword(password string, salt []byte) (hashed string, err error)
• func RandomBits(bits int) ([]byte, error)
• func RandomBytes(byes int) (raw []byte, err error)
• func VersionNumber() string
• type Auth
  • func NewAuth(version int, username, password, salt, signedModulus, serverEphemeral string) (auth *Auth, err error)
  • func NewAuthForVerifier(password, signedModulus string, rawSalt []byte) (auth *Auth, err error)
  • func (s *Auth) GenerateProofs(bitLength int) (res *Proofs, err error)
  • func (s *Auth) GenerateVerifier(bitLength int) ([]byte, error)
• type Proofs

Variables

var (
	// ErrDataAfterModulus found extra data after decode the modulus
	ErrDataAfterModulus = errors.New("pm-srp: extra data after modulus")

	// ErrInvalidSignature invalid modulus signature
	ErrInvalidSignature = errors.New("pm-srp: invalid modulus signature")

	RandReader = rand.Reader
)

Functions

func GetModulusKey

func GetModulusKey() string

func HashPassword

func HashPassword(authVersion int, password, userName string, salt, modulus []byte) ([]byte, error)

HashPassword returns the hash of password argument. Based on version number following arguments are used in addition to password: * 0, 1, 2: userName and modulus * 3, 4: salt and modulus

func MailboxPassword

func MailboxPassword(password string, salt []byte) (hashed string, err error)

MailboxPassword get mailbox password hash

Parameters:

• password string: a mailbox password
• salt []byte: a salt is random 128 bits data

Returns:

• hashed string: a hashed password
• err error: throw error

func RandomBits

func RandomBits(bits int) ([]byte, error)

func RandomBytes

func RandomBytes(byes int) (raw []byte, err error)

func VersionNumber

func VersionNumber() string

VersionNumber get current libaray version

Types

type Auth

type Auth struct {
	Modulus, ServerEphemeral, HashedPassword []byte
}

Auth stores byte data for the calculation of SRP proofs.

• Changed SrpAuto to Auth because the name will be used as srp.SrpAuto by other packages and as SrpSrpAuth on mobile
• Also the data from the API called Auth. it could be match the meaning and reduce the confusion

func NewAuth

func NewAuth(version int, username, password, salt, signedModulus, serverEphemeral string) (auth *Auth, err error)

NewAuth Creates new Auth from strings input. Salt and server ephemeral are in base64 format. Modulus is base64 with signature attached. The signature is verified against server key. The version controls password hash algorithm.

Parameters:

• version int: The *x* component of the vector.
• username string: The *y* component of the vector.
• password string: The *z* component of the vector.
• salt string:

Returns:

• auth *Auth: the pre caculated auth information
• err error: throw error

Usage:

Warnings:

• Be carefull! Poos can hurt.

func NewAuthForVerifier

func NewAuthForVerifier(password, signedModulus string, rawSalt []byte) (auth *Auth, err error)

NewAuthForVerifier Creates new Auth from strings input. Salt and server ephemeral are in base64 format. Modulus is base64 with signature attached. The signature is verified against server key. The version controls password hash algorithm.

Parameters:

• version int: The *x* component of the vector.
• username string: The *y* component of the vector.
• password string: The *z* component of the vector.
• salt string:

Returns:

• auth *Auth: the pre caculated auth information
• err error: throw error

Usage:

Warnings:

• none.

func (*Auth) GenerateProofs

func (s *Auth) GenerateProofs(bitLength int) (res *Proofs, err error)

GenerateProofs calculates SPR proofs.

func (*Auth) GenerateVerifier

func (s *Auth) GenerateVerifier(bitLength int) ([]byte, error)

GenerateVerifier verifier for update pwds and create accounts

type Proofs

type Proofs struct {
	ClientProof, ClientEphemeral, ExpectedServerProof []byte
}

Proofs Srp Proofs object. Changed SrpProofs to Proofs because the name will be used as srp.SrpProofs by other packages and as SrpSrpProofs on mobile ClientProof []byte client proof ClientEphemeral []byte calculated from ExpectedServerProof []byte