1193645Ssimon#include <openssl/opensslconf.h> 2193645Ssimon 3193645Ssimon#ifdef OPENSSL_NO_JPAKE 4193645Ssimon 5296341Sdelphij# include <stdio.h> 6193645Ssimon 7193645Ssimonint main(int argc, char *argv[]) 8193645Ssimon{ 9193645Ssimon printf("No J-PAKE support\n"); 10296341Sdelphij return (0); 11193645Ssimon} 12193645Ssimon 13193645Ssimon#else 14193645Ssimon 15296341Sdelphij# include <openssl/jpake.h> 16296341Sdelphij# include <openssl/err.h> 17193645Ssimon 18193645Ssimonstatic void showbn(const char *name, const BIGNUM *bn) 19296341Sdelphij{ 20193645Ssimon fputs(name, stdout); 21193645Ssimon fputs(" = ", stdout); 22193645Ssimon BN_print_fp(stdout, bn); 23193645Ssimon putc('\n', stdout); 24296341Sdelphij} 25193645Ssimon 26193645Ssimonstatic int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob) 27296341Sdelphij{ 28193645Ssimon JPAKE_STEP1 alice_s1; 29193645Ssimon JPAKE_STEP1 bob_s1; 30193645Ssimon JPAKE_STEP2 alice_s2; 31193645Ssimon JPAKE_STEP2 bob_s2; 32193645Ssimon JPAKE_STEP3A alice_s3a; 33193645Ssimon JPAKE_STEP3B bob_s3b; 34193645Ssimon 35296341Sdelphij /* Alice -> Bob: step 1 */ 36193645Ssimon puts("A->B s1"); 37193645Ssimon JPAKE_STEP1_init(&alice_s1); 38193645Ssimon JPAKE_STEP1_generate(&alice_s1, alice); 39296341Sdelphij if (!JPAKE_STEP1_process(bob, &alice_s1)) { 40296341Sdelphij printf("Bob fails to process Alice's step 1\n"); 41296341Sdelphij ERR_print_errors_fp(stdout); 42296341Sdelphij return 1; 43296341Sdelphij } 44193645Ssimon JPAKE_STEP1_release(&alice_s1); 45193645Ssimon 46296341Sdelphij /* Bob -> Alice: step 1 */ 47193645Ssimon puts("B->A s1"); 48193645Ssimon JPAKE_STEP1_init(&bob_s1); 49193645Ssimon JPAKE_STEP1_generate(&bob_s1, bob); 50296341Sdelphij if (!JPAKE_STEP1_process(alice, &bob_s1)) { 51296341Sdelphij printf("Alice fails to process Bob's step 1\n"); 52296341Sdelphij ERR_print_errors_fp(stdout); 53296341Sdelphij return 2; 54296341Sdelphij } 55193645Ssimon JPAKE_STEP1_release(&bob_s1); 56193645Ssimon 57296341Sdelphij /* Alice -> Bob: step 2 */ 58193645Ssimon puts("A->B s2"); 59193645Ssimon JPAKE_STEP2_init(&alice_s2); 60193645Ssimon JPAKE_STEP2_generate(&alice_s2, alice); 61296341Sdelphij if (!JPAKE_STEP2_process(bob, &alice_s2)) { 62296341Sdelphij printf("Bob fails to process Alice's step 2\n"); 63296341Sdelphij ERR_print_errors_fp(stdout); 64296341Sdelphij return 3; 65296341Sdelphij } 66193645Ssimon JPAKE_STEP2_release(&alice_s2); 67193645Ssimon 68296341Sdelphij /* Bob -> Alice: step 2 */ 69193645Ssimon puts("B->A s2"); 70193645Ssimon JPAKE_STEP2_init(&bob_s2); 71193645Ssimon JPAKE_STEP2_generate(&bob_s2, bob); 72296341Sdelphij if (!JPAKE_STEP2_process(alice, &bob_s2)) { 73296341Sdelphij printf("Alice fails to process Bob's step 2\n"); 74296341Sdelphij ERR_print_errors_fp(stdout); 75296341Sdelphij return 4; 76296341Sdelphij } 77193645Ssimon JPAKE_STEP2_release(&bob_s2); 78193645Ssimon 79193645Ssimon showbn("Alice's key", JPAKE_get_shared_key(alice)); 80193645Ssimon showbn("Bob's key ", JPAKE_get_shared_key(bob)); 81193645Ssimon 82296341Sdelphij /* Alice -> Bob: step 3a */ 83193645Ssimon puts("A->B s3a"); 84193645Ssimon JPAKE_STEP3A_init(&alice_s3a); 85193645Ssimon JPAKE_STEP3A_generate(&alice_s3a, alice); 86296341Sdelphij if (!JPAKE_STEP3A_process(bob, &alice_s3a)) { 87296341Sdelphij printf("Bob fails to process Alice's step 3a\n"); 88296341Sdelphij ERR_print_errors_fp(stdout); 89296341Sdelphij return 5; 90296341Sdelphij } 91193645Ssimon JPAKE_STEP3A_release(&alice_s3a); 92296341Sdelphij 93296341Sdelphij /* Bob -> Alice: step 3b */ 94193645Ssimon puts("B->A s3b"); 95193645Ssimon JPAKE_STEP3B_init(&bob_s3b); 96193645Ssimon JPAKE_STEP3B_generate(&bob_s3b, bob); 97296341Sdelphij if (!JPAKE_STEP3B_process(alice, &bob_s3b)) { 98296341Sdelphij printf("Alice fails to process Bob's step 3b\n"); 99296341Sdelphij ERR_print_errors_fp(stdout); 100296341Sdelphij return 6; 101296341Sdelphij } 102193645Ssimon JPAKE_STEP3B_release(&bob_s3b); 103193645Ssimon 104193645Ssimon return 0; 105296341Sdelphij} 106193645Ssimon 107193645Ssimonint main(int argc, char **argv) 108296341Sdelphij{ 109193645Ssimon JPAKE_CTX *alice; 110193645Ssimon JPAKE_CTX *bob; 111193645Ssimon BIGNUM *p = NULL; 112193645Ssimon BIGNUM *g = NULL; 113193645Ssimon BIGNUM *q = NULL; 114193645Ssimon BIGNUM *secret = BN_new(); 115193645Ssimon BIO *bio_err; 116193645Ssimon 117193645Ssimon bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); 118193645Ssimon 119193645Ssimon CRYPTO_malloc_debug_init(); 120193645Ssimon CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); 121193645Ssimon CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 122193645Ssimon 123193645Ssimon ERR_load_crypto_strings(); 124193645Ssimon 125296341Sdelphij /*- 126193645Ssimon BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7"); 127193645Ssimon BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a"); 128193645Ssimon BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5"); 129193645Ssimon */ 130296341Sdelphij /*- 131193645Ssimon p = BN_new(); 132193645Ssimon BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL); 133193645Ssimon */ 134296341Sdelphij /* Use a safe prime for p (that we found earlier) */ 135296341Sdelphij BN_hex2bn(&p, 136296341Sdelphij "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F"); 137193645Ssimon showbn("p", p); 138193645Ssimon g = BN_new(); 139193645Ssimon BN_set_word(g, 2); 140193645Ssimon showbn("g", g); 141193645Ssimon q = BN_new(); 142193645Ssimon BN_rshift1(q, p); 143193645Ssimon showbn("q", q); 144193645Ssimon 145193645Ssimon BN_rand(secret, 32, -1, 0); 146193645Ssimon 147296341Sdelphij /* A normal run, expect this to work... */ 148193645Ssimon alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret); 149193645Ssimon bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret); 150193645Ssimon 151296341Sdelphij if (run_jpake(alice, bob) != 0) { 152296341Sdelphij fprintf(stderr, "Plain JPAKE run failed\n"); 153296341Sdelphij return 1; 154296341Sdelphij } 155193645Ssimon 156193645Ssimon JPAKE_CTX_free(bob); 157193645Ssimon JPAKE_CTX_free(alice); 158193645Ssimon 159296341Sdelphij /* Now give Alice and Bob different secrets */ 160193645Ssimon alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret); 161193645Ssimon BN_add_word(secret, 1); 162193645Ssimon bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret); 163193645Ssimon 164296341Sdelphij if (run_jpake(alice, bob) != 5) { 165296341Sdelphij fprintf(stderr, "Mismatched secret JPAKE run failed\n"); 166296341Sdelphij return 1; 167296341Sdelphij } 168193645Ssimon 169193645Ssimon JPAKE_CTX_free(bob); 170193645Ssimon JPAKE_CTX_free(alice); 171193645Ssimon 172193645Ssimon BN_free(secret); 173193645Ssimon BN_free(q); 174193645Ssimon BN_free(g); 175193645Ssimon BN_free(p); 176193645Ssimon 177193645Ssimon CRYPTO_cleanup_all_ex_data(); 178238405Sjkim ERR_remove_thread_state(NULL); 179193645Ssimon ERR_free_strings(); 180193645Ssimon CRYPTO_mem_leaks(bio_err); 181193645Ssimon 182193645Ssimon return 0; 183296341Sdelphij} 184193645Ssimon 185193645Ssimon#endif 186