/srp

Primary LanguageGoBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

GitHub release Build Status Coverage Status Go Report Card GoDoc Go version Go version

SRP

An implementation of SRP-6a as documented in RFC 5054 and RFC 2945. It also exports modified versions of routines allowing it to be used with AWS Cognito which uses a variation of SRP.

Generate the verifier:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	i, err := s.NewISV("username", "password")
	if err != nil {
		panic(err)
	}

	// Marshal and store i on the server against the identity
}

Example client:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	client, err := s.NewClient("username", "password")
	if err != nil {
		panic(err)
	}

	// Send identity and client.A() to the server, receive salt and B

	m1, err := client.Compute(salt, b)
	if err != nil {
		panic(err)
	}

	// Send m1 to the server, receive m2

	if err := client.Check(m2); err != nil {
		panic(err)
	}

	// Use client.Key()
}

Example server:

package main

import "github.com/bodgit/srp"

func main() {
	g, err := srp.GetGroup(1024)
	if err != nil {
		panic(err)
	}

	s, err := srp.NewSRP(crypto.SHA1, g)
	if err != nil {
		panic(err)
	}

	// Receive identity and A from client, lookup/unmarshal ISV i

	server, err := s.NewServer(i, a)
	if err != nil {
		panic(err)
	}

	// Send server.Salt() and server.B() to the client, receive m1

	m2, err := server.Check(m1)
	if err != nil {
		panic(err)
	}

	// Send m2 to the client, use server.Key()
}

Other implementations

The last two implementations however assume that the client knows their salt value from the start rather than waiting for the server to provide it which doesn't match the behaviour documented in the RFC.