module Netmech_scram:SCRAM mechanism for authentication (RFC 5802)sig
..end
As we do not implement SASLprep, usernames and passwords are restricted
to US-ASCII.
typeptype =
[ `GSSAPI ]
`GSSAPI
is supportedtypemechanism =
[ `SHA_1 ]
type
profile = {
|
ptype : |
|||
|
mechanism : |
(* | Which mechanism | *) |
|
return_unknown_user : |
(* | Whether servers exhibit the fact that the user is unknown | *) |
|
iteration_count_limit : |
(* | Largest supported iteration number | *) |
typeserver_error =
[ `Channel_binding_not_supported
| `Channel_bindings_dont_match
| `Extension of string
| `Extensions_not_supported
| `Invalid_encoding
| `Invalid_proof
| `Invalid_username_encoding
| `No_resources
| `Other_error
| `Server_does_support_channel_binding
| `Unknown_user
| `Unsupported_channel_binding_type ]
type
client_session
type
server_session
exception Invalid_encoding of string * string
exception Invalid_username_encoding of string * string
Invalid_encoding
.exception Extensions_not_supported of string * string
Invalid_encoding
.exception Protocol_error of string
exception Invalid_server_signature
exception Server_error of server_error
val profile : ?return_unknown_user:bool ->
?iteration_count_limit:int -> ptype -> profile
val string_of_server_error : server_error -> string
val server_error_of_string : string -> server_error
s
first. The functions
client_emit_flag
and client_recv_flag
indicate now whether
the client needs to emit a new message, or whether it needs to
receive a message, respectively. Emission is done by client_emit_message
,
reception by client_recv_message
. If everything goes well, the
protocol state advances, and finally client_finish_flag
is true.
This indicates that the client is authenticated and that the server
knows the client's password. If an error occurs, an exception is
raised (see above for possibilities), and client_error_flag
signals
true
.val create_client_session : profile -> string -> string -> client_session
create_client_session p username password
: Creates a new client
session for profile p
so that the client authenticates as user
username
, and proves its identify with the given password
.val client_configure_channel_binding : client_session -> string -> unit
c
parameter (before encoding it via Base64. The function
needs to be called before sending the second message to the server.
It fails if called too late.val client_emit_flag : client_session -> bool
client_emit_message
can now be calledval client_recv_flag : client_session -> bool
client_recv_message
can now be calledval client_finish_flag : client_session -> bool
val client_error_flag : client_session -> bool
val client_channel_binding : client_session -> string
val client_emit_message : client_session -> string
val client_recv_message : client_session -> string -> unit
val client_protocol_key : client_session -> string option
val client_user_name : client_session -> string
val client_export : client_session -> string
val client_import : string -> client_session
client_finish_flag
is true).
The export format is just a marshalled Ocaml value.
s
first. The functions
server_emit_flag
and server_recv_flag
indicate now whether
the server needs to emit a new message, or whether it needs to
receive a message, respectively. Emission is done by server_emit_message
,
reception by server_recv_message
. If everything goes well, the
protocol state advances, and finally server_finish_flag
is true.
This indicates that the client could be authenticated.
If an error occurs, no exception is raised, and the protocol
advances nevertheless, and finally the server sends an error token
to the client. After this, server_error_flag
returns true.
val create_server_session : profile ->
(string -> string * string * int) -> server_session
create_server_session p auth
: Creates a new server session with
profile p
and authenticator function auth
.
The function is auth
is called when the credentials of the
client have been received to check whether the client can be
authenticated. It is called as
let (salted_password, salt, iteration_count) = auth username
where username
is the user name. The function can now raise
Not_found
if the user is unknown, or it can return the
shown triple. Note that the cleartext password needs not to
be known. salt
is a random string, and iteration_count
a
security parameter that should be at least 4096. Whereas salt
should be different for each user, the iteration_count
can be
chosen as a constant (e.g. 4096). Now salted_password
can be
computed from the cleartext password and these two extra parameters.
See salt_password
below.
val create_salt : unit -> string
val salt_password : string -> string -> int -> string
let salted_password = salt_password password salt iteration_count
As we do not implement SASLprep
only passwords consisting of
US-ASCII characters are accepted (Invalid_encoding
otherwise).
val server_emit_flag : server_session -> bool
server_emit_message
can now be calledval server_recv_flag : server_session -> bool
server_recv_message
can now be calledval server_finish_flag : server_session -> bool
val server_error_flag : server_session -> bool
val server_emit_message : server_session -> string
val server_recv_message : server_session -> string -> unit
val server_protocol_key : server_session -> string option
val server_channel_binding : server_session -> string option
val server_user_name : server_session -> string option
val server_export : server_session -> string
val server_import : string -> server_session
server_finish_flag
is true).
The export format is just a marshalled Ocaml value.
type
specific_keys = {
|
kc : |
|
ke : |
|
ki : |
module AES_CTS:sig
..end
module Cryptosystem:sig
..end
module Debug:sig
..end