1193645Ssimon#include <openssl/opensslconf.h>
2193645Ssimon
3193645Ssimon#ifdef OPENSSL_NO_JPAKE
4193645Ssimon
5296341Sdelphij# include <stdio.h>
6193645Ssimon
7193645Ssimonint main(int argc, char *argv[])
8193645Ssimon{
9193645Ssimon    printf("No J-PAKE support\n");
10296341Sdelphij    return (0);
11193645Ssimon}
12193645Ssimon
13193645Ssimon#else
14193645Ssimon
15296341Sdelphij# include <openssl/jpake.h>
16296341Sdelphij# include <openssl/err.h>
17193645Ssimon
18193645Ssimonstatic void showbn(const char *name, const BIGNUM *bn)
19296341Sdelphij{
20193645Ssimon    fputs(name, stdout);
21193645Ssimon    fputs(" = ", stdout);
22193645Ssimon    BN_print_fp(stdout, bn);
23193645Ssimon    putc('\n', stdout);
24296341Sdelphij}
25193645Ssimon
26193645Ssimonstatic int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob)
27296341Sdelphij{
28193645Ssimon    JPAKE_STEP1 alice_s1;
29193645Ssimon    JPAKE_STEP1 bob_s1;
30193645Ssimon    JPAKE_STEP2 alice_s2;
31193645Ssimon    JPAKE_STEP2 bob_s2;
32193645Ssimon    JPAKE_STEP3A alice_s3a;
33193645Ssimon    JPAKE_STEP3B bob_s3b;
34193645Ssimon
35296341Sdelphij    /* Alice -> Bob: step 1 */
36193645Ssimon    puts("A->B s1");
37193645Ssimon    JPAKE_STEP1_init(&alice_s1);
38193645Ssimon    JPAKE_STEP1_generate(&alice_s1, alice);
39296341Sdelphij    if (!JPAKE_STEP1_process(bob, &alice_s1)) {
40296341Sdelphij        printf("Bob fails to process Alice's step 1\n");
41296341Sdelphij        ERR_print_errors_fp(stdout);
42296341Sdelphij        return 1;
43296341Sdelphij    }
44193645Ssimon    JPAKE_STEP1_release(&alice_s1);
45193645Ssimon
46296341Sdelphij    /* Bob -> Alice: step 1 */
47193645Ssimon    puts("B->A s1");
48193645Ssimon    JPAKE_STEP1_init(&bob_s1);
49193645Ssimon    JPAKE_STEP1_generate(&bob_s1, bob);
50296341Sdelphij    if (!JPAKE_STEP1_process(alice, &bob_s1)) {
51296341Sdelphij        printf("Alice fails to process Bob's step 1\n");
52296341Sdelphij        ERR_print_errors_fp(stdout);
53296341Sdelphij        return 2;
54296341Sdelphij    }
55193645Ssimon    JPAKE_STEP1_release(&bob_s1);
56193645Ssimon
57296341Sdelphij    /* Alice -> Bob: step 2 */
58193645Ssimon    puts("A->B s2");
59193645Ssimon    JPAKE_STEP2_init(&alice_s2);
60193645Ssimon    JPAKE_STEP2_generate(&alice_s2, alice);
61296341Sdelphij    if (!JPAKE_STEP2_process(bob, &alice_s2)) {
62296341Sdelphij        printf("Bob fails to process Alice's step 2\n");
63296341Sdelphij        ERR_print_errors_fp(stdout);
64296341Sdelphij        return 3;
65296341Sdelphij    }
66193645Ssimon    JPAKE_STEP2_release(&alice_s2);
67193645Ssimon
68296341Sdelphij    /* Bob -> Alice: step 2 */
69193645Ssimon    puts("B->A s2");
70193645Ssimon    JPAKE_STEP2_init(&bob_s2);
71193645Ssimon    JPAKE_STEP2_generate(&bob_s2, bob);
72296341Sdelphij    if (!JPAKE_STEP2_process(alice, &bob_s2)) {
73296341Sdelphij        printf("Alice fails to process Bob's step 2\n");
74296341Sdelphij        ERR_print_errors_fp(stdout);
75296341Sdelphij        return 4;
76296341Sdelphij    }
77193645Ssimon    JPAKE_STEP2_release(&bob_s2);
78193645Ssimon
79193645Ssimon    showbn("Alice's key", JPAKE_get_shared_key(alice));
80193645Ssimon    showbn("Bob's key  ", JPAKE_get_shared_key(bob));
81193645Ssimon
82296341Sdelphij    /* Alice -> Bob: step 3a */
83193645Ssimon    puts("A->B s3a");
84193645Ssimon    JPAKE_STEP3A_init(&alice_s3a);
85193645Ssimon    JPAKE_STEP3A_generate(&alice_s3a, alice);
86296341Sdelphij    if (!JPAKE_STEP3A_process(bob, &alice_s3a)) {
87296341Sdelphij        printf("Bob fails to process Alice's step 3a\n");
88296341Sdelphij        ERR_print_errors_fp(stdout);
89296341Sdelphij        return 5;
90296341Sdelphij    }
91193645Ssimon    JPAKE_STEP3A_release(&alice_s3a);
92296341Sdelphij
93296341Sdelphij    /* Bob -> Alice: step 3b */
94193645Ssimon    puts("B->A s3b");
95193645Ssimon    JPAKE_STEP3B_init(&bob_s3b);
96193645Ssimon    JPAKE_STEP3B_generate(&bob_s3b, bob);
97296341Sdelphij    if (!JPAKE_STEP3B_process(alice, &bob_s3b)) {
98296341Sdelphij        printf("Alice fails to process Bob's step 3b\n");
99296341Sdelphij        ERR_print_errors_fp(stdout);
100296341Sdelphij        return 6;
101296341Sdelphij    }
102193645Ssimon    JPAKE_STEP3B_release(&bob_s3b);
103193645Ssimon
104193645Ssimon    return 0;
105296341Sdelphij}
106193645Ssimon
107193645Ssimonint main(int argc, char **argv)
108296341Sdelphij{
109193645Ssimon    JPAKE_CTX *alice;
110193645Ssimon    JPAKE_CTX *bob;
111193645Ssimon    BIGNUM *p = NULL;
112193645Ssimon    BIGNUM *g = NULL;
113193645Ssimon    BIGNUM *q = NULL;
114193645Ssimon    BIGNUM *secret = BN_new();
115193645Ssimon    BIO *bio_err;
116193645Ssimon
117193645Ssimon    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
118193645Ssimon
119193645Ssimon    CRYPTO_malloc_debug_init();
120193645Ssimon    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
121193645Ssimon    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
122193645Ssimon
123193645Ssimon    ERR_load_crypto_strings();
124193645Ssimon
125296341Sdelphij    /*-
126193645Ssimon    BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
127193645Ssimon    BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
128193645Ssimon    BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
129193645Ssimon    */
130296341Sdelphij    /*-
131193645Ssimon    p = BN_new();
132193645Ssimon    BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
133193645Ssimon    */
134296341Sdelphij    /* Use a safe prime for p (that we found earlier) */
135296341Sdelphij    BN_hex2bn(&p,
136296341Sdelphij              "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
137193645Ssimon    showbn("p", p);
138193645Ssimon    g = BN_new();
139193645Ssimon    BN_set_word(g, 2);
140193645Ssimon    showbn("g", g);
141193645Ssimon    q = BN_new();
142193645Ssimon    BN_rshift1(q, p);
143193645Ssimon    showbn("q", q);
144193645Ssimon
145193645Ssimon    BN_rand(secret, 32, -1, 0);
146193645Ssimon
147296341Sdelphij    /* A normal run, expect this to work... */
148193645Ssimon    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
149193645Ssimon    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
150193645Ssimon
151296341Sdelphij    if (run_jpake(alice, bob) != 0) {
152296341Sdelphij        fprintf(stderr, "Plain JPAKE run failed\n");
153296341Sdelphij        return 1;
154296341Sdelphij    }
155193645Ssimon
156193645Ssimon    JPAKE_CTX_free(bob);
157193645Ssimon    JPAKE_CTX_free(alice);
158193645Ssimon
159296341Sdelphij    /* Now give Alice and Bob different secrets */
160193645Ssimon    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
161193645Ssimon    BN_add_word(secret, 1);
162193645Ssimon    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
163193645Ssimon
164296341Sdelphij    if (run_jpake(alice, bob) != 5) {
165296341Sdelphij        fprintf(stderr, "Mismatched secret JPAKE run failed\n");
166296341Sdelphij        return 1;
167296341Sdelphij    }
168193645Ssimon
169193645Ssimon    JPAKE_CTX_free(bob);
170193645Ssimon    JPAKE_CTX_free(alice);
171193645Ssimon
172193645Ssimon    BN_free(secret);
173193645Ssimon    BN_free(q);
174193645Ssimon    BN_free(g);
175193645Ssimon    BN_free(p);
176193645Ssimon
177193645Ssimon    CRYPTO_cleanup_all_ex_data();
178238405Sjkim    ERR_remove_thread_state(NULL);
179193645Ssimon    ERR_free_strings();
180193645Ssimon    CRYPTO_mem_leaks(bio_err);
181193645Ssimon
182193645Ssimon    return 0;
183296341Sdelphij}
184193645Ssimon
185193645Ssimon#endif
186