2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
5 * Permission is hereby granted, free of charge, to any person obtaining
6 * a copy of this software and associated documentation files (the
7 * "Software"), to deal in the Software without restriction, including
8 * without limitation the rights to use, copy, modify, merge, publish,
9 * distribute, sublicense, and/or sell copies of the Software, and to
10 * permit persons to whom the Software is furnished to do so, subject to
11 * the following conditions:
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 * In addition, the following conditions apply:
28 * 1. Any software that incorporates the SRP authentication technology
29 * must display the following acknowlegment:
30 * "This product uses the 'Secure Remote Password' cryptographic
31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
33 * 2. Any software that incorporates all or part of the SRP distribution
34 * itself must also display the following acknowledgment:
35 * "This product includes software developed by Tom Wu and Eugene
36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
38 * 3. Redistributions in source or binary form must retain an intact copy
39 * of this copyright notice and list of conditions.
43 #include "t_defines.h"
56 char username[MAXUSERLEN];
57 char hexbuf[MAXHEXPARAMLEN];
58 char buf[MAXPARAMLEN];
61 unsigned char cbuf[20];
66 printf("Enter username: ");
67 fgets(username, sizeof(username), stdin);
68 username[strlen(username) - 1] = '\0';
69 ts = t_serveropen(username);
72 fprintf(stderr, "User %s not found\n", username);
77 printf("n: %s\n", t_tob64(hexbuf, ts->n.data, ts->n.len));
78 printf("g: %s\n", t_tob64(hexbuf, ts->g.data, ts->g.len));
80 printf("index (to client): %d\n", ts->index);
81 printf("salt (to client): %s\n", t_tob64(hexbuf, ts->s.data, ts->s.len));
83 B = t_servergenexp(ts);
84 printf("Enter A (from client): ");
85 fgets(hexbuf, sizeof(hexbuf), stdin);
87 A.len = t_fromb64(A.data, hexbuf);
89 printf("B (to client): %s\n", t_tob64(hexbuf, B->data, B->len));
91 skey = t_servergetkey(ts, &A);
92 printf("Session key: %s\n", t_tohex(hexbuf, skey, 40));
94 /* printf("[Expected response: %s]\n", t_tohex(hexbuf, cbuf, 16)); */
96 printf("Enter response (from client): ");
97 fgets(hexbuf, sizeof(hexbuf), stdin);
98 hexbuf[strlen(hexbuf) - 1] = '\0';
99 t_fromhex(cbuf, hexbuf);
101 if(t_serververify(ts, cbuf) == 0) {
102 printf("Authentication successful.\n");
103 printf("Response (to client): %s\n",
104 t_tohex(hexbuf, t_serverresponse(ts), RESPONSE_LEN));
106 printf("Authentication failed.\n");