1/* 2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project 3 * All Rights Reserved. 4 * 5 * Permission is hereby granted, free of charge, to any person obtaining 6 * a copy of this software and associated documentation files (the 7 * "Software"), to deal in the Software without restriction, including 8 * without limitation the rights to use, copy, modify, merge, publish, 9 * distribute, sublicense, and/or sell copies of the Software, and to 10 * permit persons to whom the Software is furnished to do so, subject to 11 * the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be 14 * included in all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, 17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY 18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 19 * 20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL, 21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER 22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF 23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT 24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 25 * 26 * In addition, the following conditions apply: 27 * 28 * 1. Any software that incorporates the SRP authentication technology 29 * must display the following acknowlegment: 30 * "This product uses the 'Secure Remote Password' cryptographic 31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)." 32 * 33 * 2. Any software that incorporates all or part of the SRP distribution 34 * itself must also display the following acknowledgment: 35 * "This product includes software developed by Tom Wu and Eugene 36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)." 37 * 38 * 3. Redistributions in source or binary form must retain an intact copy 39 * of this copyright notice and list of conditions. 40 */ 41 42#include <stdio.h> 43#include "t_defines.h" 44#include "t_pwd.h" 45#include "t_client.h" 46 47int 48main() 49{ 50 int index; 51 struct t_client * tc; 52 struct t_preconf *tcp; 53 struct t_num s; 54 struct t_num B; 55 char username[MAXUSERLEN]; 56 char hexbuf[MAXHEXPARAMLEN]; 57 char buf1[MAXPARAMLEN], buf2[MAXPARAMLEN], buf3[MAXSALTLEN]; 58 unsigned char cbuf[20]; 59 struct t_num * A; 60 unsigned char * skey; 61 char pass[128]; 62 63 printf("Enter username: "); 64 fgets(username, sizeof(username), stdin); 65 username[strlen(username) - 1] = '\0'; 66 printf("Enter index (from server): "); 67 fgets(hexbuf, sizeof(hexbuf), stdin); 68 index = atoi(hexbuf); 69 tcp = t_getpreparam(index - 1); 70 printf("Enter salt (from server): "); 71 fgets(hexbuf, sizeof(hexbuf), stdin); 72 s.data = buf3; 73 s.len = t_fromb64(s.data, hexbuf); 74 75 tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &s); 76 if (tc == 0) { 77 printf("invalid n, g\n"); 78 exit(1); 79 } 80 81 A = t_clientgenexp(tc); 82 printf("A (to server): %s\n", t_tob64(hexbuf, A->data, A->len)); 83 84 t_getpass(pass, 128, "Enter password:"); 85 t_clientpasswd(tc, pass); 86 87 printf("Enter B (from server): "); 88 fgets(hexbuf, sizeof(hexbuf), stdin); 89 B.data = buf1; 90 B.len = t_fromb64(B.data, hexbuf); 91 92 skey = t_clientgetkey(tc, &B); 93 printf("Session key: %s\n", t_tohex(hexbuf, skey, 40)); 94 printf("Response (to server): %s\n", 95 t_tohex(hexbuf, t_clientresponse(tc), RESPONSE_LEN)); 96 97 printf("Enter server response: "); 98 fgets(hexbuf, sizeof(hexbuf), stdin); 99 hexbuf[strlen(hexbuf) - 1] = '\0'; 100 t_fromhex(cbuf, hexbuf); 101 102 if (t_clientverify(tc, cbuf) == 0) 103 printf("Server authentication successful.\n"); 104 else 105 printf("Server authentication failed.\n"); 106 107 t_clientclose(tc); 108 109 return 0; 110} 111