srp: Support Apple's SRP variant (a small change) #217
Description
In Apple's implementation of SRP, in corecrypto, they don't hash the username in the identity_hash:
#[must_use]
pub fn compute_identity_hash_with_username_in_x(username: &[u8], password: &[u8], username_in_x: bool) -> Output<D> {
let mut d = D::new();
if username_in_x {
d.update(username);
}
d.update(b":");
d.update(password);
d.finalize()
}There seems to be a demand as multiple forks of this repo are reimplementing this, py-srp also implements it.
About the actual code, compute_identity_hash is a public function and does not take any parameter currently, so it cannot be retrofitted there without changing the API (the most sensible way of doing it imo would have been to add a field in the SrpClient, but that means adding &self as a parameter, and that breaks a unit test). Another function could also be added like the one for rfc5054 (which is also the variant implemented by Apple), but this may be too much? I don't know.
If you have a clear idea, I can write the PR.