1/* 2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project 3 * All Rights Reserved. 4 * 5 * Permission is hereby granted, free of charge, to any person obtaining 6 * a copy of this software and associated documentation files (the 7 * "Software"), to deal in the Software without restriction, including 8 * without limitation the rights to use, copy, modify, merge, publish, 9 * distribute, sublicense, and/or sell copies of the Software, and to 10 * permit persons to whom the Software is furnished to do so, subject to 11 * the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be 14 * included in all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, 17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY 18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 19 * 20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL, 21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER 22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF 23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT 24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 25 * 26 * In addition, the following conditions apply: 27 * 28 * 1. Any software that incorporates the SRP authentication technology 29 * must display the following acknowlegment: 30 * "This product uses the 'Secure Remote Password' cryptographic 31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)." 32 * 33 * 2. Any software that incorporates all or part of the SRP distribution 34 * itself must also display the following acknowledgment: 35 * "This product includes software developed by Tom Wu and Eugene 36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)." 37 * 38 * 3. Redistributions in source or binary form must retain an intact copy 39 * of this copyright notice and list of conditions. 40 */ 41 42#include <stdio.h> 43#include "t_defines.h" 44#include "t_pwd.h" 45#include "t_server.h" 46 47int 48main(argc, argv) 49 int argc; 50 char * argv[]; 51{ 52 struct t_server * ts; 53 struct t_pw * tpw; 54 struct t_conf * tcnf; 55 struct t_num * B; 56 char username[MAXUSERLEN]; 57 char hexbuf[MAXHEXPARAMLEN]; 58 char buf[MAXPARAMLEN]; 59 struct t_num A; 60 unsigned char * skey; 61 unsigned char cbuf[20]; 62 FILE * fp; 63 FILE * fp2; 64 char confname[256]; 65 66 printf("Enter username: "); 67 fgets(username, sizeof(username), stdin); 68 username[strlen(username) - 1] = '\0'; 69 ts = t_serveropen(username); 70 71 if(ts == NULL) { 72 fprintf(stderr, "User %s not found\n", username); 73 exit(1); 74 } 75 76#if 0 77 printf("n: %s\n", t_tob64(hexbuf, ts->n.data, ts->n.len)); 78 printf("g: %s\n", t_tob64(hexbuf, ts->g.data, ts->g.len)); 79#endif 80 printf("index (to client): %d\n", ts->index); 81 printf("salt (to client): %s\n", t_tob64(hexbuf, ts->s.data, ts->s.len)); 82 83 B = t_servergenexp(ts); 84 printf("Enter A (from client): "); 85 fgets(hexbuf, sizeof(hexbuf), stdin); 86 A.data = buf; 87 A.len = t_fromb64(A.data, hexbuf); 88 89 printf("B (to client): %s\n", t_tob64(hexbuf, B->data, B->len)); 90 91 skey = t_servergetkey(ts, &A); 92 printf("Session key: %s\n", t_tohex(hexbuf, skey, 40)); 93 94 /* printf("[Expected response: %s]\n", t_tohex(hexbuf, cbuf, 16)); */ 95 96 printf("Enter response (from client): "); 97 fgets(hexbuf, sizeof(hexbuf), stdin); 98 hexbuf[strlen(hexbuf) - 1] = '\0'; 99 t_fromhex(cbuf, hexbuf); 100 101 if(t_serververify(ts, cbuf) == 0) { 102 printf("Authentication successful.\n"); 103 printf("Response (to client): %s\n", 104 t_tohex(hexbuf, t_serverresponse(ts), RESPONSE_LEN)); 105 } else 106 printf("Authentication failed.\n"); 107 108 t_serverclose(ts); 109 110 return 0; 111} 112