Beispiel #1
0
SRP_CLIENT_builtin_param_verify_cb(SRP * srp, const unsigned char * mod, int modlen, const unsigned char * gen, int genlen)
{
  struct t_preconf * tpc;
  int i;

  for(i = 0; i < t_getprecount(); ++i) {
    tpc = t_getpreparam(i);
    if(tpc->modulus.len == modlen && tpc->generator.len == genlen &&
       memcmp(tpc->modulus.data, mod, modlen) == 0 &&
       memcmp(tpc->generator.data, gen, genlen) == 0) {
      return SRP_SUCCESS;		/* Match found, done */
    }
  }
  return SRP_ERROR;
}
Beispiel #2
0
void ssrp_setup(int pindex, cstr **out_mod, cstr **out_gen) {
    SRP_initialize_library();

    struct t_preconf *pc = NULL;

    pc = t_getpreparam(pindex);
    assert(pc != NULL && "Failed to get preparam.");

    CONFIG.modulus.len = pc->modulus.len;
    CONFIG.modulus.data = pc->modulus.data;
    CONFIG.generator.len = pc->generator.len;
    CONFIG.generator.data = pc->generator.data;
    CONFIG.index = pindex - 1;

    *out_mod = cstr_createn(pc->modulus.data, pc->modulus.len);
    assert(*out_mod != NULL && "Failed to create modulus string.");

    *out_gen = cstr_createn(pc->generator.data, pc->generator.len);
    assert(*out_gen != NULL && "Failed to create generator string.");
}
Beispiel #3
0
static bool
handle_prime(void)
{
	struct ead_msg_salt *sb = EAD_DATA(msg, salt);

	salt.len = sb->len;
	memcpy(salt.data, sb->salt, salt.len);

	if (auth_type == EAD_AUTH_MD5) {
		memcpy(pw_salt, sb->ext_salt, MAXSALTLEN);
		pw_salt[MAXSALTLEN - 1] = 0;
	}

	tcp = t_getpreparam(sb->prime);
	tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &salt);
	if (!tc) {
		fprintf(stderr, "Client open failed\n");
		return false;
	}

	return true;
}
Beispiel #4
0
int
main()
{
  int index;
  struct t_client * tc;
  struct t_preconf *tcp;
  struct t_num n;
  struct t_num g;
  struct t_num s;
  struct t_num B;
  char username[MAXUSERLEN];
  char hexbuf[MAXHEXPARAMLEN];
  char buf1[MAXPARAMLEN], buf2[MAXPARAMLEN], buf3[MAXSALTLEN];
  unsigned char cbuf[20];
  struct t_num * A;
  unsigned char * skey;
  char pass[128];

  printf("Enter username: "******"Enter index (from server): ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  index = atoi(hexbuf);
  tcp = t_getpreparam(index - 1);
  printf("Enter salt (from server): ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  s.data = buf3;
  s.len = t_fromb64(s.data, hexbuf);

  tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &s);
  if (tc == 0) {
    printf("invalid n, g\n");
    exit(1);
  }

  A = t_clientgenexp(tc);
  printf("A (to server): %s\n", t_tob64(hexbuf, A->data, A->len));

  t_getpass(pass, 128, "Enter password:"******"Enter B (from server): ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  B.data = buf1;
  B.len = t_fromb64(B.data, hexbuf);

  skey = t_clientgetkey(tc, &B);
  printf("Session key: %s\n", t_tohex(hexbuf, skey, 40));
  printf("Response (to server): %s\n",
    t_tohex(hexbuf, t_clientresponse(tc), RESPONSE_LEN));

  printf("Enter server response: ");
  fgets(hexbuf, sizeof(hexbuf), stdin);
  hexbuf[strlen(hexbuf) - 1] = '\0';
  t_fromhex(cbuf, hexbuf);

  if (t_clientverify(tc, cbuf) == 0)
    printf("Server authentication successful.\n");
  else
    printf("Server authentication failed.\n");

  t_clientclose(tc);

  return 0;
}
Beispiel #5
0
int tsrp_client_authenticate(int s, char *user, char *pass, TSRP_SESSION *tsrp)
{
	int i, index;
	unsigned char username[MAXUSERLEN + 1], sbuf[MAXSALTLEN];
	unsigned char msgbuf[MAXPARAMLEN + 1], bbuf[MAXPARAMLEN];
	unsigned char passbuf[128], *skey;
	struct t_client *tc;
	struct t_preconf *tcp;          /* @@@ should go away */
	struct t_num salt, *A, B;

	/* Send the username. */

	i = strlen(user);
	if (i > MAXUSERLEN) {
		i = MAXUSERLEN;
	}
	msgbuf[0] = i;
	memcpy(msgbuf + 1, user, i);
	if (send(s, msgbuf, i + 1, 0) < 0) {
		return 0;
	}
	memcpy(username, user, i);
	username[i] = '\0';

	/* Get the prime index and salt. */

	i = recv(s, msgbuf, 2, MSG_WAITALL);
	if (i <= 0) {
		return 0;
	}
	index = msgbuf[0];
	if (index <= 0 || index > t_getprecount()) {
		return 0;
	}
	tcp = t_getpreparam(index - 1);
	salt.len = msgbuf[1];
	if (salt.len > MAXSALTLEN) {
		return 0;
	}
	salt.data = sbuf;
	i = recv(s, sbuf, salt.len, MSG_WAITALL);
	if (i <= 0) {
		return 0;
	}

	/* @@@ t_clientopen() needs a variant that takes the index */

	tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &salt);
	if (tc == NULL) {
		return 0;
	}

	/* Calculate A and send it to the server. */

	A = t_clientgenexp(tc);
	msgbuf[0] = A->len - 1;         /* len is max 256 */
	memcpy(msgbuf + 1, A->data, A->len);
	if (send(s, msgbuf, A->len + 1, 0) < 0) {
		return 0;
	}

	/* Ask the user for the passphrase. */

	if (pass == NULL) {
		t_getpass(passbuf, sizeof(passbuf), "Enter password:");
		pass = passbuf;
	}
	t_clientpasswd(tc, pass);

	/* Get B from the server. */

	i = recv(s, msgbuf, 1, 0);
	if (i <= 0) {
		return 0;
	}
	B.len = msgbuf[0] + 1;
	B.data = bbuf;
	i = recv(s, bbuf, B.len, MSG_WAITALL);
	if (i <= 0) {
		return 0;
	}

	/* Compute the session key. */

	skey = t_clientgetkey(tc, &B);
	if (skey == NULL) {
		return 0;
	}

	/* Send the response. */

	if (send(s, t_clientresponse(tc), RESPONSE_LEN, 0) < 0) {
		return 0;
	}

	/* Get the server's response. */

	i = recv(s, msgbuf, RESPONSE_LEN, MSG_WAITALL);
	if (i <= 0) {
		return 0;
	}
	if (t_clientverify(tc, msgbuf) != 0) {
		return 0;
	}

	/* All done.  Now copy the key and clean up. */

	if (tsrp) {
		memcpy(tsrp->username, username, strlen(username) + 1);
		memcpy(tsrp->key, skey, SESSION_KEY_LEN);
	}
	t_clientclose(tc);

	return 1;
}