gazagnaire.org / monopampam
My own corner of monopam
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

ocaml-srp: enable MDX on lib/srp.mli, fix broken doc example

Run mdx on lib/srp.mli so the {[ ... ]} odoc block now type-checks
the registration + authentication flow against the real API.

The example used `username`/`password` as free names, shadowed `salt`
across stages of the protocol, and trailed off with `(* key_c =
key_s *)` in prose. Restructured as toplevel bindings: real username
and password literals, distinct names for `reg_salt` and
`server_salt` so the protocol stages stay readable, and an
`assert (String.equal key_c key_s)` that documents (and verifies)
the SRP claim that both sides derive the same session key.

Both compute_session_key calls return `(string, [`Msg of string])
result`; the example uses `Result.get_ok` so the expected-success
path stays one line, while a Msg payload still surfaces as a
documented exception in the example output.

Thomas Gazagnaire c772eab0 fb671fbe

+24 -15
+4
ocaml-srp/lib/dune
··· 2 2 (name srp) 3 3 (public_name srp) 4 4 (libraries zarith digestif nox-crypto-rng)) 5 + 6 + (mdx 7 + (files srp.mli) 8 + (libraries srp nox-crypto-rng nox-crypto-rng.unix))
+20 -15
ocaml-srp/lib/srp.mli
··· 46 46 {1 Usage} 47 47 48 48 {[ 49 + let () = Crypto_rng_unix.use_default () 50 + let username = "alice" 51 + let password = "p@ssword" 52 + 49 53 (* Registration: compute verifier to store on server *) 50 - let salt = Crypto_rng.generate 16 in 51 - let verifier = Srp.compute_verifier ~salt ~username ~password in 52 - (* Store username, salt, verifier on server *) 54 + let reg_salt = Crypto_rng.generate 16 55 + let verifier = Srp.compute_verifier ~salt:reg_salt ~username ~password 53 56 54 - (* Authentication *) 55 - let client = Srp.Client.create ~username ~password in 56 - let big_a = Srp.Client.public_key client in 57 - (* Send username and big_a to server *) 57 + (* Authentication: client and server exchange public keys *) 58 + let client = Srp.Client.create ~username ~password 59 + let big_a = Srp.Client.public_key client 60 + 61 + let server = Srp.Server.create ~username ~salt:reg_salt ~verifier 62 + let big_b = Srp.Server.public_key server 63 + let server_salt = Srp.Server.salt server 58 64 59 - let server = Srp.Server.create ~username ~salt ~verifier in 60 - let big_b = Srp.Server.public_key server in 61 - let salt = Srp.Server.salt server in 62 - (* Send salt and big_b to client *) 65 + (* Both derive the same session key *) 66 + let key_c = 67 + Result.get_ok 68 + (Srp.Client.compute_session_key client ~salt:server_salt ~big_b) 69 + let key_s = 70 + Result.get_ok (Srp.Server.compute_session_key server ~big_a) 63 71 64 - (* Both compute session key *) 65 - let key_c = Srp.Client.compute_session_key client ~salt ~big_b in 66 - let key_s = Srp.Server.compute_session_key server ~big_a in 67 - (* key_c = key_s *) 72 + let () = assert (String.equal key_c key_s) 68 73 ]} *) 69 74 70 75 (** {1 Constants} *)