| 1 | /* |
| 2 | * Copyright (c) 1997-1999 The Stanford SRP Authentication Project |
| 3 | * All Rights Reserved. |
| 4 | * |
| 5 | * Permission is hereby granted, free of charge, to any person obtaining |
| 6 | * a copy of this software and associated documentation files (the |
| 7 | * "Software"), to deal in the Software without restriction, including |
| 8 | * without limitation the rights to use, copy, modify, merge, publish, |
| 9 | * distribute, sublicense, and/or sell copies of the Software, and to |
| 10 | * permit persons to whom the Software is furnished to do so, subject to |
| 11 | * the following conditions: |
| 12 | * |
| 13 | * The above copyright notice and this permission notice shall be |
| 14 | * included in all copies or substantial portions of the Software. |
| 15 | * |
| 16 | * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, |
| 17 | * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY |
| 18 | * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. |
| 19 | * |
| 20 | * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL, |
| 21 | * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER |
| 22 | * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF |
| 23 | * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT |
| 24 | * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 25 | * |
| 26 | * In addition, the following conditions apply: |
| 27 | * |
| 28 | * 1. Any software that incorporates the SRP authentication technology |
| 29 | * must display the following acknowlegment: |
| 30 | * "This product uses the 'Secure Remote Password' cryptographic |
| 31 | * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)." |
| 32 | * |
| 33 | * 2. Any software that incorporates all or part of the SRP distribution |
| 34 | * itself must also display the following acknowledgment: |
| 35 | * "This product includes software developed by Tom Wu and Eugene |
| 36 | * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)." |
| 37 | * |
| 38 | * 3. Redistributions in source or binary form must retain an intact copy |
| 39 | * of this copyright notice and list of conditions. |
| 40 | */ |
| 41 | |
| 42 | #include <stdio.h> |
| 43 | #include "t_defines.h" |
| 44 | #include "t_pwd.h" |
| 45 | #include "t_server.h" |
| 46 | |
| 47 | int |
| 48 | main(argc, argv) |
| 49 | int argc; |
| 50 | char * argv[]; |
| 51 | { |
| 52 | struct t_server * ts; |
| 53 | struct t_pw * tpw; |
| 54 | struct t_conf * tcnf; |
| 55 | struct t_num * B; |
| 56 | char username[MAXUSERLEN]; |
| 57 | char hexbuf[MAXHEXPARAMLEN]; |
| 58 | char buf[MAXPARAMLEN]; |
| 59 | struct t_num A; |
| 60 | unsigned char * skey; |
| 61 | unsigned char cbuf[20]; |
| 62 | FILE * fp; |
| 63 | FILE * fp2; |
| 64 | char confname[256]; |
| 65 | |
| 66 | printf("Enter username: "); |
| 67 | fgets(username, sizeof(username), stdin); |
| 68 | username[strlen(username) - 1] = '\0'; |
| 69 | ts = t_serveropen(username); |
| 70 | |
| 71 | if(ts == NULL) { |
| 72 | fprintf(stderr, "User %s not found\n", username); |
| 73 | exit(1); |
| 74 | } |
| 75 | |
| 76 | #if 0 |
| 77 | printf("n: %s\n", t_tob64(hexbuf, ts->n.data, ts->n.len)); |
| 78 | printf("g: %s\n", t_tob64(hexbuf, ts->g.data, ts->g.len)); |
| 79 | #endif |
| 80 | printf("index (to client): %d\n", ts->index); |
| 81 | printf("salt (to client): %s\n", t_tob64(hexbuf, ts->s.data, ts->s.len)); |
| 82 | |
| 83 | B = t_servergenexp(ts); |
| 84 | printf("Enter A (from client): "); |
| 85 | fgets(hexbuf, sizeof(hexbuf), stdin); |
| 86 | A.data = buf; |
| 87 | A.len = t_fromb64(A.data, hexbuf); |
| 88 | |
| 89 | printf("B (to client): %s\n", t_tob64(hexbuf, B->data, B->len)); |
| 90 | |
| 91 | skey = t_servergetkey(ts, &A); |
| 92 | printf("Session key: %s\n", t_tohex(hexbuf, skey, 40)); |
| 93 | |
| 94 | /* printf("[Expected response: %s]\n", t_tohex(hexbuf, cbuf, 16)); */ |
| 95 | |
| 96 | printf("Enter response (from client): "); |
| 97 | fgets(hexbuf, sizeof(hexbuf), stdin); |
| 98 | hexbuf[strlen(hexbuf) - 1] = '\0'; |
| 99 | t_fromhex(cbuf, hexbuf); |
| 100 | |
| 101 | if(t_serververify(ts, cbuf) == 0) { |
| 102 | printf("Authentication successful.\n"); |
| 103 | printf("Response (to client): %s\n", |
| 104 | t_tohex(hexbuf, t_serverresponse(ts), RESPONSE_LEN)); |
| 105 | } else |
| 106 | printf("Authentication failed.\n"); |
| 107 | |
| 108 | t_serverclose(ts); |
| 109 | |
| 110 | return 0; |
| 111 | } |
| 112 | |
