summaryrefslogtreecommitdiff
path: root/package/ead/src/tinysrp/srvtest.c
blob: e09d501ad33c3fac9482c32a7ea1d72ee0954a0b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
 * Copyright (c) 1997-1999  The Stanford SRP Authentication Project
 * All Rights Reserved.
 *
 * Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the
 * "Software"), to deal in the Software without restriction, including
 * without limitation the rights to use, copy, modify, merge, publish,
 * distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to
 * the following conditions:
 *
 * The above copyright notice and this permission notice shall be
 * included in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 *
 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
 * In addition, the following conditions apply:
 *
 * 1. Any software that incorporates the SRP authentication technology
 *    must display the following acknowlegment:
 *    "This product uses the 'Secure Remote Password' cryptographic
 *     authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
 *
 * 2. Any software that incorporates all or part of the SRP distribution
 *    itself must also display the following acknowledgment:
 *    "This product includes software developed by Tom Wu and Eugene
 *     Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
 *
 * 3. Redistributions in source or binary form must retain an intact copy
 *    of this copyright notice and list of conditions.
 */

#include <stdio.h>
#include "t_defines.h"
#include "t_pwd.h"
#include "t_server.h"

int
main(argc, argv)
     int argc;
     char * argv[];
{
  struct t_server * ts;
  struct t_pw * tpw;
  struct t_conf * tcnf;
  struct t_num * B;
  char username[MAXUSERLEN];
  char hexbuf[MAXHEXPARAMLEN];
  char buf[MAXPARAMLEN];
  struct t_num A;
  unsigned char * skey;
  unsigned char cbuf[20];
  FILE * fp;
  FILE * fp2;
  char confname[256];

  printf("Enter username: ");
  fgets(username, sizeof(username), stdin);
  username[strlen(username) - 1] = '\0';
  ts = t_serveropen(username);

  if(ts == NULL) {
    fprintf(stderr, "User %s not found\n", username);
    exit(1);
  }

#if 0
  printf("n: %s\n", t_tob64(hexbuf, ts->n.data, ts->n.len));
  printf("g: %s\n", t_tob64(hexbuf, ts->g.data, ts->g.len));
#endif
  printf("index (to client): %d\n", ts->index);
  printf("salt (to client): %s\n", t_tob64(hexbuf, ts->s.data, ts->s.len));

  B = t_servergenexp(ts);
  printf("Enter A (from client): ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  A.data = buf;
  A.len = t_fromb64(A.data, hexbuf);

  printf("B (to client): %s\n", t_tob64(hexbuf, B->data, B->len));

  skey = t_servergetkey(ts, &A);
  printf("Session key: %s\n", t_tohex(hexbuf, skey, 40));

  /* printf("[Expected response: %s]\n", t_tohex(hexbuf, cbuf, 16)); */

  printf("Enter response (from client): ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  hexbuf[strlen(hexbuf) - 1] = '\0';
  t_fromhex(cbuf, hexbuf);

  if(t_serververify(ts, cbuf) == 0) {
    printf("Authentication successful.\n");
    printf("Response (to client): %s\n",
      t_tohex(hexbuf, t_serverresponse(ts), RESPONSE_LEN));
  } else
    printf("Authentication failed.\n");

  t_serverclose(ts);

  return 0;
}