Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#ifndef BSSPEKE_H
#define BSSPEKE_H
#define BSSPEKE_VERIFY_CLIENT_MODIFIER "client"
#define BSSPEKE_VERIFY_CLIENT_MODIFIER_LEN 6
#define BSSPEKE_VERIFY_SERVER_MODIFIER "server"
#define BSSPEKE_VERIFY_SERVER_MODIFIER_LEN 6
#define BSSPEKE_MIN_PHF_BLOCKS 100000
#define BSSPEKE_MIN_PHF_ITERATIONS 3
typedef struct {
// Login credentials
uint8_t *client_id;
size_t client_id_len;
uint8_t *password;
size_t password_len;
// Server identifier
uint8_t *server_id;
size_t server_id_len;
// Random number to blind the password in the OPRF
uint8_t r[32];
// Server's ephemeral public key
uint8_t B[32];
// Ephemeral keypair
uint8_t a[32];
//uint8_t A[32];
// Session key
uint8_t K_c[32];
} bsspeke_client_ctx;
typedef struct {
uint8_t *server_id;
size_t server_id_len;
uint8_t *client_id;
size_t client_id_len;
// Stored ECDH parameters for the given user
//uint8_t P[32]; // Base point
uint8_t V[32]; // User's long-term public key
// Ephemeral keypair
uint8_t b[32];
uint8_t B[32];
// User's ephemeral public key
uint8_t A[32];
// Session key
uint8_t K_s[32];
} bsspeke_server_ctx;
typedef struct {
char *client_id;
uint8_t *blind;
} bsspeke_msg1_t;
typedef struct {
uint8_t blind_salt[32];
uint8_t B[32];
uint32_t phf_blocks;
uint32_t phf_iterations;
} bsspeke_msg2_t;
typedef struct {
uint8_t A[32];
uint8_t client_verifier[32];
} bsspeke_msg3_t;
typedef struct {
uint8_t server_verifier[32];
} bsspeke_msg4_t;
#endif