PAKE repository reorganization

15 files changed, 574 insertions, 0 deletions

diff --git a/srp/src/client.rs b/srp/src/client.rs
new file mode 100644
index 0000000..4348f4f
--- /dev/null
+++ b/srp/src/client.rs
@@ -0,0 +1,212 @@
+//! SRP client implementation.
+//! 
+//! # Usage
+//! First create SRP client struct by passing to it SRP parameters (shared
+//! between client and server) and randomly generated `a`:
+//! 
+//! ```ignore
+//! use srp::groups::G_2048;
+//! use sha2::Sha256;
+//!
+//! let a = rng.gen_iter::<u8>().take(64).collect::<Vec<u8>>();
+//! let client = SrpClient::<Sha256>::new(&a, &G_2048);
+//! ```
+//! 
+//! Next send handshake data (username and `a_pub`) to the server and receive
+//! `salt` and `b_pub`:
+//! 
+//! ```ignore
+//! let a_pub = client.get_a_pub();
+//! let (salt, b_pub) = conn.send_handshake(username, a_pub);
+//! ```
+//! 
+//! Compute private key using `salt` with any password hashing function.
+//! You can use method from SRP-6a, but it's recommended to use specialized
+//! password hashing algorithm instead (e.g. PBKDF2, argon2 or scrypt).
+//! Next create verifier instance, note that `get_verifier` consumes client and
+//! can return error in case of malicious `b_pub`.
+//! 
+//! ```ignore
+//! let private_key = srp_private_key::<Sha256>(username, password, salt);
+//! let verifier = client.get_verifier(&private_key, &b_pub)?;
+//! ```
+//!
+//! Finally verify the server: first generate user proof,
+//! send it to the server and verify server proof in the reply. Note that
+//! `verify_server` method will return error in case of incorrect server reply.
+//! 
+//! ```ignore
+//! let user_proof = verifier.get_proof();
+//! let server_proof = conn.send_proof(user_proof);
+//! let key = verifier.verify_server(server_proof)?;
+//! ```
+//! 
+//! `key` contains shared secret key between user and the server. Alternatively
+//! you can directly extract shared secret key using `get_key()` method and
+//! handle authentification through different (secure!) means (e.g. by using
+//! authentificated cipher mode).
+//! 
+//! For user registration on the server first generate salt (e.g. 32 bytes long)
+//! and get password verifier which depends on private key. Send useranme, salt
+//! and password verifier over protected channel to protect against MitM for
+//! registration.
+//! 
+//! ```ignore
+//! let pwd_verifier = client.get_password_verifier(&private_key);
+//! conn.send_registration_data(username, salt, pwd_verifier);
+//! ```
+
+//let buf = rng.gen_iter::<u8>().take(l).collect::<Vec<u8>>();
+use std::marker::PhantomData;
+
+use num::{BigUint, Zero};
+use digest::Digest;
+use generic_array::GenericArray;
+
+use tools::powm;
+use types::{SrpAuthError, SrpGroup};
+
+/// SRP client state before handshake with the server.
+pub struct SrpClient<'a, D: Digest> {
+    params: &'a SrpGroup,
+
+    a: BigUint,
+    a_pub: BigUint,
+
+    d: PhantomData<D>
+}
+
+/// SRP client state after handshake with the server.
+pub struct SrpClientVerifier<D: Digest> {
+    proof: GenericArray<u8, D::OutputSize>,
+    server_proof: GenericArray<u8, D::OutputSize>,
+    key: GenericArray<u8, D::OutputSize>,
+}
+
+/// Compute user private key as described in the RFC 5054. Consider using proper
+/// password hashing algorithm instead.
+pub fn srp_private_key<D: Digest>(username: &[u8], password: &[u8], salt: &[u8])
+    -> GenericArray<u8, D::OutputSize>
+{
+    let p = {
+        let mut d = D::new();
+        d.input(username);
+        d.input(b":");
+        d.input(password);
+        d.result()
+    };
+    let mut d = D::new();
+    d.input(salt);
+    d.input(&p);
+    d.result()
+}
+
+impl<'a, D: Digest> SrpClient<'a, D> {
+    /// Create new SRP client instance.
+    pub fn new(a: &[u8], params: &'a SrpGroup) -> Self {
+        let a = BigUint::from_bytes_be(a);
+        let a_pub = params.powm(&a);
+
+        Self { params, a, a_pub, d: Default::default() }
+    }
+
+    /// Get password verfier for user registration on the server
+    pub fn get_password_verifier(&self, private_key: &[u8]) -> Vec<u8> {
+        let x = BigUint::from_bytes_be(&private_key);
+        let v = self.params.powm(&x);
+        v.to_bytes_be()
+    }
+
+    fn calc_key(&self, b_pub: &BigUint, x: &BigUint, u: &BigUint)
+        -> GenericArray<u8, D::OutputSize>
+    {
+        let n = &self.params.n;
+        let k = self.params.compute_k::<D>();
+        let interm = (k * self.params.powm(x)) % n;
+        // Because we do operation in modulo N we can get: (kv + g^b) < kv
+        let v = if b_pub > &interm {
+            (b_pub - &interm) % n
+        } else {
+            (n + b_pub - &interm) % n
+        };
+        // S = |B - kg^x| ^ (a + ux)
+        let s = powm(&v, &(&self.a + (u*x) % n ), n);
+        D::digest(&s.to_bytes_be())
+    }
+
+    /// Process server reply to the handshake.
+    pub fn process_reply(self, private_key: &[u8], b_pub: &[u8])
+        -> Result<SrpClientVerifier<D>, SrpAuthError>
+    {
+        let u = {
+            let mut d = D::new();
+            d.input(&self.a_pub.to_bytes_be());
+            d.input(b_pub);
+            BigUint::from_bytes_be(&d.result())
+        };
+
+        let b_pub = BigUint::from_bytes_be(b_pub);
+
+        // Safeguard against malicious B
+        if &b_pub % &self.params.n == BigUint::zero() {
+            return Err(SrpAuthError{ description: "Malicious b_pub value" })
+        }
+
+        let x = BigUint::from_bytes_be(&private_key);
+        let key = self.calc_key(&b_pub, &x, &u);
+        // M1 = H(A, B, K)
+        let proof = {
+            let mut d = D::new();
+            d.input(&self.a_pub.to_bytes_be());
+            d.input(&b_pub.to_bytes_be());
+            d.input(&key);
+            d.result()
+        };
+
+        // M2 = H(A, M1, K)
+        let server_proof = {
+            let mut d = D::new();
+            d.input(&self.a_pub.to_bytes_be());
+            d.input(&proof);
+            d.input(&key);
+            d.result()
+        };
+
+        Ok(SrpClientVerifier {
+            proof: proof,
+            server_proof: server_proof,
+            key: key,
+        })
+    }
+
+    /// Get public ephemeral value for handshaking with the server.
+    pub fn get_a_pub(&self) -> Vec<u8> {
+        self.a_pub.to_bytes_be()
+    }
+}
+
+impl<D: Digest> SrpClientVerifier<D> {
+    /// Get shared secret key without authenticating server, e.g. for using with
+    /// authenticated encryption modes. DO NOT USE this method without
+    /// some kind of secure authentification.
+    pub fn get_key(self) -> GenericArray<u8, D::OutputSize> {
+        self.key
+    }
+
+    /// Verification data for sending to the server.
+    pub fn get_proof(&self) -> GenericArray<u8, D::OutputSize> {
+        self.proof.clone()
+    }
+
+    /// Verify server reply to verification data. It will return shared secret
+    /// key in case of success.
+    pub fn verify_server(self, reply: &[u8])
+        -> Result<GenericArray<u8, D::OutputSize>, SrpAuthError>
+    {
+        if self.server_proof.as_slice() != reply {
+            Err(SrpAuthError{ description: "Incorrect server proof" })
+        } else {
+            Ok(self.key)
+        }
+    }
+}
diff --git a/srp/src/groups.rs b/srp/src/groups.rs
new file mode 100644
index 0000000..246134e
--- /dev/null
+++ b/srp/src/groups.rs
@@ -0,0 +1,56 @@
+//! Groups from [RFC 5054](https://tools.ietf.org/html/rfc5054)
+//! 
+//! It is strongly recommended to use them instead of custom generated
+//! groups. Additionally it is not recommended to use `G_1024` and `G_1536`,
+//! they are provided only for compatability with the legacy software.
+use types::SrpGroup;
+use num::BigUint;
+
+lazy_static! {
+    pub static ref G_1024: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/1024.bin")),
+        g: BigUint::from_bytes_be(&[2]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_1536: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/1536.bin")),
+        g: BigUint::from_bytes_be(&[2]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_2048: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/2048.bin")),
+        g: BigUint::from_bytes_be(&[2]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_3072: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/3072.bin")),
+        g: BigUint::from_bytes_be(&[5]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_4096: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/4096.bin")),
+        g: BigUint::from_bytes_be(&[5]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_6144: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/6144.bin")),
+        g: BigUint::from_bytes_be(&[5]),
+    };
+}
+
+lazy_static! {
+    pub static ref G_8192: SrpGroup = SrpGroup {
+        n: BigUint::from_bytes_be(include_bytes!("groups/8192.bin")),
+        g: BigUint::from_bytes_be(&[19]),
+    };
+}
diff --git a/srp/src/groups/1024.bin b/srp/src/groups/1024.bin
new file mode 100644
index 0000000..7ce0aa3
--- /dev/null
+++ b/srp/src/groups/1024.bin
@@ -0,0 +1,3 @@
+�
+����֜3�
+����`ra�u�<��1L�%ev�t�t���8;H֒������P���I\`���]�״aTֶΎ��i�]I�U�){���)�ffW�h��<rl�/����n���Q8��vC[��/���
\ No newline at end of file
diff --git a/srp/src/groups/1536.bin b/srp/src/groups/1536.bin
new file mode 100644
index 0000000..c3a5972
--- /dev/null
+++ b/srp/src/groups/1536.bin
@@ -0,0 +1 @@
+��<��9'z��*��{�ۥ���L���aK�M_O_Un'��QƩK�`z)X�;���C��U��"����|�g�Ё4�ȹy��`�㺶=GT���ű�vN?KSݝ���>+���n�
�94�'�/�=$�Ćew.C}l��BsJ�̷��|&J㩾��/鸵).Z�^�G��碌$B���I�#M�v���5��
\ No newline at end of file
diff --git a/srp/src/groups/2048.bin b/srp/src/groups/2048.bin
new file mode 100644
index 0000000..23207c6
--- /dev/null
+++ b/srp/src/groups/2048.bin
@@ -0,0 +1,2 @@
+�k�A2J���f�^�X/�r�e���1��=�`P�s)˴��큓�uwg�=�#�K1
�H���P�9i��g��`��:�f�����)��/��U�y��^�
t
+���tsY�A��>�(Dkw;ʗ�:#��v� zCld��ҹ�F[�2��wHTE#�$��}^�z'u���,���/�xa`'��z毇Ns�S)��{��*V���Âq�5��������؟z�5�#mR_Tu�e�r�֎���J�s
\ No newline at end of file
diff --git a/srp/src/groups/3072.bin b/srp/src/groups/3072.bin
new file mode 100644
index 0000000..7e1a84d
--- /dev/null
+++ b/srp/src/groups/3072.bin
diff --git a/srp/src/groups/4096.bin b/srp/src/groups/4096.bin
new file mode 100644
index 0000000..82463c0
--- /dev/null
+++ b/srp/src/groups/4096.bin
diff --git a/srp/src/groups/6144.bin b/srp/src/groups/6144.bin
new file mode 100644
index 0000000..83a559a
--- /dev/null
+++ b/srp/src/groups/6144.bin
diff --git a/srp/src/groups/8192.bin b/srp/src/groups/8192.bin
new file mode 100644
index 0000000..b1f32ac
--- /dev/null
+++ b/srp/src/groups/8192.bin
diff --git a/srp/src/k_sha1_1024.bin b/srp/src/k_sha1_1024.bin
new file mode 100644
index 0000000..4408438
--- /dev/null
+++ b/srp/src/k_sha1_1024.bin
@@ -0,0 +1 @@
+uV�Z�,���f\>��o
\ No newline at end of file
diff --git a/srp/src/lib.rs b/srp/src/lib.rs
new file mode 100644
index 0000000..df11ae9
--- /dev/null
+++ b/srp/src/lib.rs
@@ -0,0 +1,79 @@
+//! [Secure Remote Password][1] (SRP) protocol implementation.
+//! 
+//! This implementation is generic over hash functions using
+//! [`Digest`](https://docs.rs/digest) trait, so you will need to choose a hash
+//! function, e.g. `Sha256` from [`sha2`](https://crates.io/crates/sha2) crate.
+//! Additionally this crate allows to use a specialized password hashing
+//! algorithm for private key computation instead of method described in the
+//! SRP literature.
+//! 
+//! Compatability with over implementations was not yet tested.
+//! 
+//! # Usage
+//! Add `srp` dependecy to your `Cargo.toml`:
+//! 
+//! ```toml
+//! [dependencies]
+//! rand = "0.3"
+//! ```
+//!
+//! and this to your crate root:
+//!
+//! ```rust
+//! extern crate srp;
+//! ```
+//!
+//! Next read documentation for [`client`](client/index.html) and
+//! [`server`](server/index.html) modules.
+//!
+//! # Algorithm description
+//! Here we briefly describe implemented algroithm. For additionall information
+//! refer to SRP literature. All arithmetic is done modulo `N`, where `N` is a 
+//! large safe prime (`N = 2q+1`, where `q` is prime). Additionally `g` MUST be
+//! a generator modulo `N`. It's STRONGLY recommended to use SRP parameters
+//! provided by this crate in the [`groups`](groups/index.html) module.
+//! 
+//!        Client           |               |      Server
+//! ------------------------|---------------|------------------------
+//!                         |    — `I` —>   | (lookup `s`, `v`)
+//! `x = PH(P, s)`          | <— `s`, `v` — | 
+//! `a_pub = g^a`           |  — `a_pub` —> | `b_pub = k*v + g^b`
+//! `u = H(a_pub || b_pub)` |  <— `b_pub` — | `u = H(a_pub || b_pub)`
+//! `s = (b_pub - k*g^x)^(a+u*x)` |         | `S = (b_pub - k*g^x)^(a+u*x)`
+//! `K = H(s)`              |               | `K = H(s)`
+//! `M1 = H(A || B || K)`   |   — `M1` —>   | (verify `M1`)
+//! (verify `M2`)           |   <— `M2` —   | `M2 = H(A || M1 || K)`
+//! 
+//! `||` denotes concatenation, variables and notations have the following
+//! meaning:
+//! 
+//! - `I` — user identity (username)
+//! - `P` — user password
+//! - `H` — one-way hash function
+//! - `PH` — password hashing algroithm, in the RFC 5054 described as
+//! `H(s || H(I || ":" || P))`
+//! - `^` — (modular) exponentiation
+//! - `x` — user private key
+//! - `s` — salt generated by user and stored on the server
+//! - `v` — password verifier equal to `g^x` and stored on the server
+//! - `a`, `b` — secret ephemeral values (at least 256 bits in length)
+//! - `A`, `B` — Public ephemeral values
+//! - `u` — scrambling parameter
+//! - `k` — multiplier parameter (`k = H(N || g)` in SRP-6a)
+//!
+//! [1]: https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol
+//! [2]: https://tools.ietf.org/html/rfc5054
+extern crate num;
+extern crate digest;
+extern crate generic_array;
+#[macro_use]
+extern crate lazy_static;
+
+#[cfg(test)]
+extern crate sha_1;
+
+mod tools;
+pub mod client;
+pub mod server;
+pub mod types;
+pub mod groups;
diff --git a/srp/src/prime.bin b/srp/src/prime.bin
new file mode 100644
index 0000000..d2109b7
--- /dev/null
+++ b/srp/src/prime.bin
@@ -0,0 +1 @@
+�_�P<���=�èyCp^	>H�h�w
��B��b{+2,Z�u��HEX����r�Ӌt���o �'��Tw����;��䪗�D��l'$����2�/A�-�t�c��K2�-懘2��u�7�
\ No newline at end of file
diff --git a/srp/src/server.rs b/srp/src/server.rs
new file mode 100644
index 0000000..137d6b3
--- /dev/null
+++ b/srp/src/server.rs
@@ -0,0 +1,136 @@
+//! SRP server implementation
+//!
+//! # Usage
+//! First receive user's username and public value `a_pub`, retrieve from a
+//! database `UserRecord` for a given username, generate `b` (e.g. 512 bits
+//! long) and initialize SRP server instance:
+//! 
+//! ```ignore
+//! use srp::groups::G_2048;
+//!
+//! let (username, a_pub) = conn.receive_handshake();
+//! let user = db.retrieve_user_record(username);
+//! let b = rng.gen_iter::<u8>().take(64).collect::<Vec<u8>>();
+//! let server = SrpServer::<Sha256>::new(&user, &a_pub, &b, &G_2048)?;
+//! ```
+//! 
+//! Next send to user `b_pub` and `salt` from user record:
+//! 
+//! ```ignore
+//! let b_pub = server.get_b_pub();
+//! conn.reply_to_handshake(&user.salt, b_pub);
+//! ```
+//! 
+//! And finally recieve user proof, verify it and send server proof in the
+//! reply:
+//! 
+//! ```ignore
+//! let user_proof = conn.receive_proof();
+//! let server_proof = server.verify(user_proof)?;
+//! conn.send_proof(server_proof);
+//! ```
+//! 
+//! To get the shared secret use `get_key` method. As alternative to using
+//! `verify` method it's also possible to use this key for authentificated
+//! encryption.
+use std::marker::PhantomData;
+
+use num::{BigUint, Zero};
+use digest::Digest;
+use generic_array::GenericArray;
+
+use tools::powm;
+use types::{SrpAuthError, SrpGroup};
+
+/// Data provided by users upon registration, usually stored in the database.
+pub struct UserRecord<'a> {
+    pub username: &'a [u8],
+    pub salt: &'a [u8],
+    /// Password verifier
+    pub verifier: &'a [u8],
+}
+
+/// SRP server state
+pub struct SrpServer<D: Digest> {
+    b: BigUint,
+    a_pub: BigUint,
+    b_pub: BigUint,
+
+    key: GenericArray<u8, D::OutputSize>,
+
+    d: PhantomData<D>
+}
+
+impl< D: Digest> SrpServer< D> {
+    /// Create new server state.
+    pub fn new(user: &UserRecord, a_pub: &[u8], b: &[u8], params: &SrpGroup)
+        -> Result<Self, SrpAuthError>
+    {
+        let a_pub = BigUint::from_bytes_be(a_pub);
+        // Safeguard against malicious A
+        if &a_pub % &params.n == BigUint::zero() {
+            return Err(SrpAuthError { description: "Malicious a_pub value" })
+        }
+        let v = BigUint::from_bytes_be(user.verifier);
+        let b = BigUint::from_bytes_be(b)  % &params.n;
+        let k = params.compute_k::<D>();
+        // kv + g^b
+        let interm = (k * &v) % &params.n;
+        let b_pub = (interm + &params.powm(&b)) % &params.n;
+        // H(A || B)
+        let u = {
+            let mut d = D::new();
+            d.input(&a_pub.to_bytes_be());
+            d.input(&b_pub.to_bytes_be());
+            d.result()
+        };
+        let d = Default::default();
+        //(Av^u) ^ b
+        let key = {
+            let u =  BigUint::from_bytes_be(&u);
+            let t = (&a_pub * powm(&v, &u, &params.n)) % &params.n;
+            let s = powm(&t, &b, &params.n);
+            D::digest(&s.to_bytes_be())
+        };
+        Ok(Self { b, a_pub, b_pub, key, d})
+    }
+
+    /// Get private `b` value. (see `new_with_b` documentation)
+    pub fn get_b(&self) -> Vec<u8> {
+        self.b.to_bytes_be()
+    }
+
+    /// Get public `b_pub` value for sending to the user.
+    pub fn get_b_pub(&self) -> Vec<u8> {
+        self.b_pub.to_bytes_be()
+    }
+
+    /// Get shared secret between user and the server. (do not forget to verify
+    /// that keys are the same!)
+    pub fn get_key(&self) -> GenericArray<u8, D::OutputSize> {
+        self.key.clone()
+    }
+
+    /// Process user proof of having the same shared secret and compute
+    /// server proof for sending to the user.
+    pub fn verify(&self, user_proof: &[u8])
+        -> Result<GenericArray<u8, D::OutputSize>, SrpAuthError>
+    {
+        // M = H(A, B, K)
+        let mut d = D::new();
+        d.input(&self.a_pub.to_bytes_be());
+        d.input(&self.b_pub.to_bytes_be());
+        d.input(&self.key);
+
+        if user_proof == d.result().as_slice() {
+            // H(A, M, K)
+            let mut d = D::new();
+            d.input(&self.a_pub.to_bytes_be());
+            d.input(user_proof);
+            d.input(&self.key);
+            Ok(d.result())
+        } else {
+            Err(SrpAuthError { description: "Incorrect user proof" })
+        }
+    }
+}
diff --git a/srp/src/tools.rs b/srp/src/tools.rs
new file mode 100644
index 0000000..8cb6910
--- /dev/null
+++ b/srp/src/tools.rs
@@ -0,0 +1,19 @@
+use num::BigUint;
+
+pub fn powm(base: &BigUint, exp: &BigUint, modulus: &BigUint) -> BigUint {
+    let zero = BigUint::new(vec![0]);
+    let one = BigUint::new(vec![1]);
+    let two = BigUint::new(vec![2]);
+    let mut exp = exp.clone();
+    let mut result = one.clone();
+    let mut base = base % modulus;
+
+    while exp > zero {
+        if &exp % &two == one {
+            result = (result * &base) % modulus;
+        }
+        exp = exp >> 1;
+        base = (&base * &base) % modulus;
+    }
+    result
+}
diff --git a/srp/src/types.rs b/srp/src/types.rs
new file mode 100644
index 0000000..810132c
--- /dev/null
+++ b/srp/src/types.rs
@@ -0,0 +1,64 @@
+//! Additional SRP types.
+use std::{fmt, error};
+use num::BigUint;
+use tools::powm;
+use digest::Digest;
+
+/// SRP authentification error.
+#[derive(Debug, Copy, Clone, Eq, PartialEq)]
+pub struct SrpAuthError {
+    pub(crate) description: &'static str
+}
+
+impl fmt::Display for SrpAuthError {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "SRP authentification error")
+    }
+}
+
+impl error::Error for SrpAuthError {
+    fn description(&self) -> &str {
+        self.description
+    }
+}
+
+/// Group used for SRP computations
+#[derive(Debug, Clone, Eq, PartialEq)]
+pub struct SrpGroup {
+    /// A large safe prime (N = 2q+1, where q is prime)
+    pub n: BigUint,
+    /// A generator modulo N
+    pub g: BigUint,
+}
+
+impl SrpGroup {
+    pub(crate) fn powm(&self, v: &BigUint) -> BigUint {
+        powm(&self.g, v, &self.n)
+    }
+
+    /// Compute `k` with given hash function and return SRP parameters
+    pub(crate) fn compute_k<D: Digest>(&self) -> BigUint {
+        let n = self.n.to_bytes_be();
+        let g_bytes = self.g.to_bytes_be();
+        let mut buf = vec![0u8; n.len()];
+        let l = n.len() - g_bytes.len();
+        buf[l..].copy_from_slice(&g_bytes);
+
+        let mut d = D::new();
+        d.input(&n);
+        d.input(&buf);
+        BigUint::from_bytes_be(&d.result())
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use ::groups::G_1024;
+    use sha_1::Sha1;
+
+    #[test]
+    fn test_k_1024_sha1() {
+        let k = G_1024.compute_k::<Sha1>().to_bytes_be();
+        assert_eq!(&k, include_bytes!("k_sha1_1024.bin"));
+    }
+}