est31
/
csrp-gmp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update README to reflect recent changes

master
est31 2016-04-10 15:16:33 +02:00
parent deaa11a7c2
commit 94141a79e2
1 changed files with 9 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -2,8 +2,9 @@ csrp-gmp
======== ========
csrp-gmp is a minimal C implementation of the [Secure Remote Password csrp-gmp is a minimal C implementation of the [Secure Remote Password
protocol](http://srp.stanford.edu/), originally written by Tom Cocagne protocol](http://srp.stanford.edu/),
to depend on OpenSSL, ported to LibGMP by est31. [originally written](https://github.com/cocagne/csrp) by Tom Cocagne
to depend on OpenSSL, ported to LibGMP and highly improved by est31.
The project is intended for direct inclusion into utilizing programs. The project is intended for direct inclusion into utilizing programs.
It's only dependency is LibGMP. It's only dependency is LibGMP.
@ -31,16 +32,14 @@ the authenticated connection. However, successful authentication does
result in a cryptographically strong shared key that can be used result in a cryptographically strong shared key that can be used
for symmetric-key encryption. for symmetric-key encryption.
Porter's notes Various notes
-------------- -------------
Compared with [csrp](https://github.com/cocagne/csrp), some things
have changed for the outside.
As LibGMP doesn't ship with a cryptographically strong PRNG, strong As LibGMP doesn't ship with a cryptographically strong PRNG, strong
PRNGs provided (and seeded) by the OS are used instead. On non-Windows PRNGs provided (and seeded) by the OS are used instead. If you are on
operating systems, we try to read the file `/dev/urandom`, if this fails, a non-windows platform, make sure that the file `/dev/urandom` exists
we use a (poorly) seeded pcgrandom instead. The call `srp_random_seed` and can be read by the application. Support for custom seeding has
has been removed. been removed.
The call `srp_user_new` has a new parameter, `username_for_verifier`, The call `srp_user_new` has a new parameter, `username_for_verifier`,
allowing to use different usernames for verifier and srp login. allowing to use different usernames for verifier and srp login.
@ -59,11 +58,6 @@ over the login process, which is good for unit tests.
for [RFC 5054](https://tools.ietf.org/html/rfc5054) compatibility inside for [RFC 5054](https://tools.ietf.org/html/rfc5054) compatibility inside
`test_srp.c`. `test_srp.c`.
`RFC 5054` compatibility especially means that compatibility to csrp's
master branch has been dropped. `csrp-gmp` is compatible to the
[rfc5054_compat](https://github.com/cocagne/csrp/tree/rfc5054_compat)
branch of `csrp` though.
We ship with OpenSSL's implementation of the SHA256 and SHA-1 hash We ship with OpenSSL's implementation of the SHA256 and SHA-1 hash
algorithms. Support for other hash algoritms was dropped (but algorithms. Support for other hash algoritms was dropped (but
re-introducing is fairly easy, just copy from an OpenSSL source re-introducing is fairly easy, just copy from an OpenSSL source