File: srptest.c

package info (click to toggle)
libsrp-dev 1.1-1
  • links: PTS
  • area: main
  • in suites: potato, slink
  • size: 316 kB
  • ctags: 269
  • sloc: ansic: 2,627; sh: 274; makefile: 53
file content (137 lines) | stat: -rw-r--r-- 4,124 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
 
/*
 * Copyright (c) 1997 Stanford University
 *
 * The use of this software for revenue-generating purposes may require a
 * license from the owners of the underlying intellectual property.
 * Specifically, the SRP protocol may not be used for revenue-generating
 * purposes without license.
 *
 * Within that constraint, permission to use, copy, modify, and distribute
 * this software and its documentation for any purpose is hereby granted
 * without fee, provided that the above copyright notices and this permission
 * notice appear in all copies of the software and related documentation.
 *
 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 *
 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <stdio.h>
#include "t_defines.h"
#include "t_pwd.h"
#include "t_sha.h"

extern int errno;

main(argc, argv)
     int argc;
     char **argv;
{
  struct t_conf * tc;
  struct t_confent * tce;
  struct t_pw * tpw;
  struct t_pwent * ent;
  int i;
  unsigned char dout[SHA_DIGESTSIZE];
  SHA1_CTX ctxt;
  BigInteger N, g, xs, xp;
  char hexbuf[MAXHEXPARAMLEN];
  char username[16];
  char pass[128];

  t_random(hexbuf, 64);
  printf("Strong random numbers:\n");
  for(i = 0; i < 64; ++i)
    printf(" %02X", (unsigned char) hexbuf[i]);

#ifdef WEAKRAND
  t_rand(hexbuf, 64);
  printf("\nWeak random numbers:\n");
  for(i = 0; i < 64; ++i)
    printf(" %02X", (unsigned char) hexbuf[i]);
#endif
  printf("\n");

  if(argc > 1) {
    tpw = t_openpw(NULL);
    if(tpw == NULL) {
      fprintf(stderr, "t_openpw failed, errno=%d\n", errno);
      exit(1);
    }

    printf("Getting password entry for %s...\n", argv[1]);
    ent = t_getpwbyname(tpw, argv[1]);
    if(ent == NULL)
      printf("%s not found\n", argv[1]);
    else {
      printf("%s's public password (length %d) = ", argv[1], ent->password.len);
      for(i = 0; i < ent->password.len; ++i) {
	printf("%.2X ", ent->password.data[i]);
      }
      printf("\nIndex = %d\n", ent->index);
      tc = t_openconf(NULL);
      if(tc == NULL) {
	fprintf(stderr, "t_openconf failed, errno=%d\n", errno);
	exit(1);
      }
      tce = t_getconfbyindex(tc, ent->index);
      if(tce == NULL)
	printf("Index %d not found!\n", ent->index);
      else {
	printf("Modulus length = %d, modulus = ", tce->modulus.len);
	for(i = 0; i < tce->modulus.len; ++i) {
	  printf("%.2X ", tce->modulus.data[i]);
	}
	printf("\nGenerator length = %d, generator = ", tce->generator.len);
	for(i = 0; i < tce->generator.len; ++i) {
	  printf("%.2X ", tce->generator.data[i]);
	}
	printf("\n");
      }
      t_getpass(pass, 128, "Enter a password:");
      SHA1Init(&ctxt);
      SHA1Update(&ctxt, ent->name, strlen(ent->name));
      SHA1Update(&ctxt, ":", 1);
      SHA1Update(&ctxt, pass, strlen(pass));
      SHA1Final(dout, &ctxt);
      printf("Password hash = ");
      for(i = 0; i < sizeof(dout); ++i)
	printf("%.2X ", dout[i]);
      printf("\n");

      N = BigIntegerFromBytes(tce->modulus.data, tce->modulus.len);
      g = BigIntegerFromBytes(tce->generator.data, tce->generator.len);
      xs = BigIntegerFromBytes(dout, sizeof(dout));
      xp = BigIntegerFromInt(0);
      BigIntegerModExp(xp, g, xs, N);
      BigIntegerToHex(xp, hexbuf);

      BigIntegerFree(xp);
      BigIntegerFree(xs);
      BigIntegerFree(g);
      BigIntegerFree(N);

      t_closeconf(tc);

      printf("Public password: %s\n", hexbuf);
    }
    t_closepw(tpw);
  }
  else
    while(printf("login: "), gets(username) != NULL)
    {
      t_getpass(pass, 128, "Enter a password:");
      if(t_verifypw(username, pass) > 0)
	printf("Login accepted\n");
      else
	printf("Login incorrect\n");
    }
  return 0;
}