2 * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
5 * Permission is hereby granted, free of charge, to any person obtaining
6 * a copy of this software and associated documentation files (the
7 * "Software"), to deal in the Software without restriction, including
8 * without limitation the rights to use, copy, modify, merge, publish,
9 * distribute, sublicense, and/or sell copies of the Software, and to
10 * permit persons to whom the Software is furnished to do so, subject to
11 * the following conditions:
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
18 * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
20 * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
21 * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
22 * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
23 * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
24 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
26 * In addition, the following conditions apply:
28 * 1. Any software that incorporates the SRP authentication technology
29 * must display the following acknowlegment:
30 * "This product uses the 'Secure Remote Password' cryptographic
31 * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
33 * 2. Any software that incorporates all or part of the SRP distribution
34 * itself must also display the following acknowledgment:
35 * "This product includes software developed by Tom Wu and Eugene
36 * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
38 * 3. Redistributions in source or binary form must retain an intact copy
39 * of this copyright notice and list of conditions.
43 #include "t_defines.h"
52 struct t_preconf
*tcp
;
55 char username
[MAXUSERLEN
];
56 char hexbuf
[MAXHEXPARAMLEN
];
57 char buf1
[MAXPARAMLEN
], buf2
[MAXPARAMLEN
], buf3
[MAXSALTLEN
];
58 unsigned char cbuf
[20];
63 printf("Enter username: ");
64 fgets(username
, sizeof(username
), stdin
);
65 username
[strlen(username
) - 1] = '\0';
66 printf("Enter index (from server): ");
67 fgets(hexbuf
, sizeof(hexbuf
), stdin
);
69 tcp
= t_getpreparam(index
- 1);
70 printf("Enter salt (from server): ");
71 fgets(hexbuf
, sizeof(hexbuf
), stdin
);
73 s
.len
= t_fromb64(s
.data
, hexbuf
);
75 tc
= t_clientopen(username
, &tcp
->modulus
, &tcp
->generator
, &s
);
77 printf("invalid n, g\n");
81 A
= t_clientgenexp(tc
);
82 printf("A (to server): %s\n", t_tob64(hexbuf
, A
->data
, A
->len
));
84 t_getpass(pass
, 128, "Enter password:");
85 t_clientpasswd(tc
, pass
);
87 printf("Enter B (from server): ");
88 fgets(hexbuf
, sizeof(hexbuf
), stdin
);
90 B
.len
= t_fromb64(B
.data
, hexbuf
);
92 skey
= t_clientgetkey(tc
, &B
);
93 printf("Session key: %s\n", t_tohex(hexbuf
, skey
, 40));
94 printf("Response (to server): %s\n",
95 t_tohex(hexbuf
, t_clientresponse(tc
), RESPONSE_LEN
));
97 printf("Enter server response: ");
98 fgets(hexbuf
, sizeof(hexbuf
), stdin
);
99 hexbuf
[strlen(hexbuf
) - 1] = '\0';
100 t_fromhex(cbuf
, hexbuf
);
102 if (t_clientverify(tc
, cbuf
) == 0)
103 printf("Server authentication successful.\n");
105 printf("Server authentication failed.\n");