SRP_CLIENT_builtin_param_verify_cb(SRP * srp, const unsigned char * mod, int modlen, const unsigned char * gen, int genlen) { struct t_preconf * tpc; int i; for(i = 0; i < t_getprecount(); ++i) { tpc = t_getpreparam(i); if(tpc->modulus.len == modlen && tpc->generator.len == genlen && memcmp(tpc->modulus.data, mod, modlen) == 0 && memcmp(tpc->generator.data, gen, genlen) == 0) { return SRP_SUCCESS; /* Match found, done */ } } return SRP_ERROR; }
void ssrp_setup(int pindex, cstr **out_mod, cstr **out_gen) { SRP_initialize_library(); struct t_preconf *pc = NULL; pc = t_getpreparam(pindex); assert(pc != NULL && "Failed to get preparam."); CONFIG.modulus.len = pc->modulus.len; CONFIG.modulus.data = pc->modulus.data; CONFIG.generator.len = pc->generator.len; CONFIG.generator.data = pc->generator.data; CONFIG.index = pindex - 1; *out_mod = cstr_createn(pc->modulus.data, pc->modulus.len); assert(*out_mod != NULL && "Failed to create modulus string."); *out_gen = cstr_createn(pc->generator.data, pc->generator.len); assert(*out_gen != NULL && "Failed to create generator string."); }
static bool handle_prime(void) { struct ead_msg_salt *sb = EAD_DATA(msg, salt); salt.len = sb->len; memcpy(salt.data, sb->salt, salt.len); if (auth_type == EAD_AUTH_MD5) { memcpy(pw_salt, sb->ext_salt, MAXSALTLEN); pw_salt[MAXSALTLEN - 1] = 0; } tcp = t_getpreparam(sb->prime); tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &salt); if (!tc) { fprintf(stderr, "Client open failed\n"); return false; } return true; }
int main() { int index; struct t_client * tc; struct t_preconf *tcp; struct t_num n; struct t_num g; struct t_num s; struct t_num B; char username[MAXUSERLEN]; char hexbuf[MAXHEXPARAMLEN]; char buf1[MAXPARAMLEN], buf2[MAXPARAMLEN], buf3[MAXSALTLEN]; unsigned char cbuf[20]; struct t_num * A; unsigned char * skey; char pass[128]; printf("Enter username: "******"Enter index (from server): "); fgets(hexbuf, sizeof(hexbuf), stdin); index = atoi(hexbuf); tcp = t_getpreparam(index - 1); printf("Enter salt (from server): "); fgets(hexbuf, sizeof(hexbuf), stdin); s.data = buf3; s.len = t_fromb64(s.data, hexbuf); tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &s); if (tc == 0) { printf("invalid n, g\n"); exit(1); } A = t_clientgenexp(tc); printf("A (to server): %s\n", t_tob64(hexbuf, A->data, A->len)); t_getpass(pass, 128, "Enter password:"******"Enter B (from server): "); fgets(hexbuf, sizeof(hexbuf), stdin); B.data = buf1; B.len = t_fromb64(B.data, hexbuf); skey = t_clientgetkey(tc, &B); printf("Session key: %s\n", t_tohex(hexbuf, skey, 40)); printf("Response (to server): %s\n", t_tohex(hexbuf, t_clientresponse(tc), RESPONSE_LEN)); printf("Enter server response: "); fgets(hexbuf, sizeof(hexbuf), stdin); hexbuf[strlen(hexbuf) - 1] = '\0'; t_fromhex(cbuf, hexbuf); if (t_clientverify(tc, cbuf) == 0) printf("Server authentication successful.\n"); else printf("Server authentication failed.\n"); t_clientclose(tc); return 0; }
int tsrp_client_authenticate(int s, char *user, char *pass, TSRP_SESSION *tsrp) { int i, index; unsigned char username[MAXUSERLEN + 1], sbuf[MAXSALTLEN]; unsigned char msgbuf[MAXPARAMLEN + 1], bbuf[MAXPARAMLEN]; unsigned char passbuf[128], *skey; struct t_client *tc; struct t_preconf *tcp; /* @@@ should go away */ struct t_num salt, *A, B; /* Send the username. */ i = strlen(user); if (i > MAXUSERLEN) { i = MAXUSERLEN; } msgbuf[0] = i; memcpy(msgbuf + 1, user, i); if (send(s, msgbuf, i + 1, 0) < 0) { return 0; } memcpy(username, user, i); username[i] = '\0'; /* Get the prime index and salt. */ i = recv(s, msgbuf, 2, MSG_WAITALL); if (i <= 0) { return 0; } index = msgbuf[0]; if (index <= 0 || index > t_getprecount()) { return 0; } tcp = t_getpreparam(index - 1); salt.len = msgbuf[1]; if (salt.len > MAXSALTLEN) { return 0; } salt.data = sbuf; i = recv(s, sbuf, salt.len, MSG_WAITALL); if (i <= 0) { return 0; } /* @@@ t_clientopen() needs a variant that takes the index */ tc = t_clientopen(username, &tcp->modulus, &tcp->generator, &salt); if (tc == NULL) { return 0; } /* Calculate A and send it to the server. */ A = t_clientgenexp(tc); msgbuf[0] = A->len - 1; /* len is max 256 */ memcpy(msgbuf + 1, A->data, A->len); if (send(s, msgbuf, A->len + 1, 0) < 0) { return 0; } /* Ask the user for the passphrase. */ if (pass == NULL) { t_getpass(passbuf, sizeof(passbuf), "Enter password:"); pass = passbuf; } t_clientpasswd(tc, pass); /* Get B from the server. */ i = recv(s, msgbuf, 1, 0); if (i <= 0) { return 0; } B.len = msgbuf[0] + 1; B.data = bbuf; i = recv(s, bbuf, B.len, MSG_WAITALL); if (i <= 0) { return 0; } /* Compute the session key. */ skey = t_clientgetkey(tc, &B); if (skey == NULL) { return 0; } /* Send the response. */ if (send(s, t_clientresponse(tc), RESPONSE_LEN, 0) < 0) { return 0; } /* Get the server's response. */ i = recv(s, msgbuf, RESPONSE_LEN, MSG_WAITALL); if (i <= 0) { return 0; } if (t_clientverify(tc, msgbuf) != 0) { return 0; } /* All done. Now copy the key and clean up. */ if (tsrp) { memcpy(tsrp->username, username, strlen(username) + 1); memcpy(tsrp->key, skey, SESSION_KEY_LEN); } t_clientclose(tc); return 1; }