aboutsummaryrefslogtreecommitdiff
path: root/srp/tests
diff options
context:
space:
mode:
Diffstat (limited to 'srp/tests')
-rw-r--r--srp/tests/bad_public.rs24
-rw-r--r--srp/tests/rfc5054.rs135
-rw-r--r--srp/tests/srp.rs80
3 files changed, 208 insertions, 31 deletions
diff --git a/srp/tests/bad_public.rs b/srp/tests/bad_public.rs
new file mode 100644
index 0000000..e18b38d
--- /dev/null
+++ b/srp/tests/bad_public.rs
@@ -0,0 +1,24 @@
+use num_bigint::BigUint;
+use num_traits::identities::Zero;
+use sha1::Sha1;
+use srp::client::SrpClient;
+use srp::groups::G_1024;
+use srp::server::SrpServer;
+
+#[test]
+#[should_panic]
+fn bad_a_pub() {
+ let server = SrpServer::<Sha1>::new(&G_1024);
+ server
+ .process_reply(b"", b"", &BigUint::zero().to_bytes_be())
+ .unwrap();
+}
+
+#[test]
+#[should_panic]
+fn bad_b_pub() {
+ let client = SrpClient::<Sha1>::new(&G_1024);
+ client
+ .process_reply(b"", b"", b"", b"", &BigUint::zero().to_bytes_be())
+ .unwrap();
+}
diff --git a/srp/tests/rfc5054.rs b/srp/tests/rfc5054.rs
new file mode 100644
index 0000000..e1aa711
--- /dev/null
+++ b/srp/tests/rfc5054.rs
@@ -0,0 +1,135 @@
+use hex_literal::hex;
+use num_bigint::BigUint;
+use sha1::Sha1;
+use srp::client::SrpClient;
+use srp::groups::G_1024;
+use srp::server::SrpServer;
+use srp::utils::{compute_k, compute_u};
+
+#[test]
+#[allow(clippy::many_single_char_names)]
+fn rfc5054() {
+ let i = b"alice";
+ let p = b"password123";
+ let s = hex!("BEB25379 D1A8581E B5A72767 3A2441EE");
+ let group = &G_1024;
+
+ let k = compute_k::<Sha1>(group);
+
+ assert_eq!(
+ k.to_bytes_be(),
+ hex!("7556AA04 5AEF2CDD 07ABAF0F 665C3E81 8913186F"),
+ "bad k value"
+ );
+
+ let identity_hash = SrpClient::<Sha1>::compute_identity_hash(i, p);
+ let x = SrpClient::<Sha1>::compute_x(identity_hash.as_slice(), &s);
+
+ assert_eq!(
+ x.to_bytes_be(),
+ hex!("94B7555A ABE9127C C58CCF49 93DB6CF8 4D16C124"),
+ "bad x value"
+ );
+
+ let client = SrpClient::<Sha1>::new(group);
+ let v = client.compute_v(&x);
+
+ assert_eq!(
+ v.to_bytes_be(),
+ hex!(
+ "
+ 7E273DE8 696FFC4F 4E337D05 B4B375BE B0DDE156 9E8FA00A 9886D812
+ 9BADA1F1 822223CA 1A605B53 0E379BA4 729FDC59 F105B478 7E5186F5
+ C671085A 1447B52A 48CF1970 B4FB6F84 00BBF4CE BFBB1681 52E08AB5
+ EA53D15C 1AFF87B2 B9DA6E04 E058AD51 CC72BFC9 033B564E 26480D78
+ E955A5E2 9E7AB245 DB2BE315 E2099AFB
+ "
+ ),
+ "bad v value"
+ );
+
+ let a = BigUint::from_bytes_be(&hex!(
+ "
+ 60975527 035CF2AD 1989806F 0407210B C81EDC04 E2762A56 AFD529DD
+ DA2D4393"
+ ));
+
+ let b = BigUint::from_bytes_be(&hex!(
+ "
+ E487CB59 D31AC550 471E81F0 0F6928E0 1DDA08E9 74A004F4 9E61F5D1
+ 05284D20"
+ ));
+
+ let a_pub = client.compute_a_pub(&a);
+
+ assert_eq!(
+ a_pub.to_bytes_be(),
+ hex!(
+ "
+ 61D5E490 F6F1B795 47B0704C 436F523D D0E560F0 C64115BB 72557EC4
+ 4352E890 3211C046 92272D8B 2D1A5358 A2CF1B6E 0BFCF99F 921530EC
+ 8E393561 79EAE45E 42BA92AE ACED8251 71E1E8B9 AF6D9C03 E1327F44
+ BE087EF0 6530E69F 66615261 EEF54073 CA11CF58 58F0EDFD FE15EFEA
+ B349EF5D 76988A36 72FAC47B 0769447B
+ "
+ ),
+ "bad a_pub value"
+ );
+
+ let server = SrpServer::<Sha1>::new(group);
+ let b_pub = server.compute_b_pub(&b, &k, &v);
+
+ assert_eq!(
+ b_pub.to_bytes_be(),
+ hex!(
+ "
+ BD0C6151 2C692C0C B6D041FA 01BB152D 4916A1E7 7AF46AE1 05393011
+ BAF38964 DC46A067 0DD125B9 5A981652 236F99D9 B681CBF8 7837EC99
+ 6C6DA044 53728610 D0C6DDB5 8B318885 D7D82C7F 8DEB75CE 7BD4FBAA
+ 37089E6F 9C6059F3 88838E7A 00030B33 1EB76840 910440B1 B27AAEAE
+ EB4012B7 D7665238 A8E3FB00 4B117B58
+ "
+ ),
+ "bad b_pub value"
+ );
+
+ let u = compute_u::<Sha1>(&a_pub.to_bytes_be(), &b_pub.to_bytes_be());
+
+ assert_eq!(
+ u.to_bytes_be(),
+ hex!("CE38B959 3487DA98 554ED47D 70A7AE5F 462EF019"),
+ "bad u value"
+ );
+
+ assert_eq!(
+ client
+ .compute_premaster_secret(&b_pub, &k, &x, &a, &u)
+ .to_bytes_be(),
+ hex!(
+ "
+ B0DC82BA BCF30674 AE450C02 87745E79 90A3381F 63B387AA F271A10D
+ 233861E3 59B48220 F7C4693C 9AE12B0A 6F67809F 0876E2D0 13800D6C
+ 41BB59B6 D5979B5C 00A172B4 A2A5903A 0BDCAF8A 709585EB 2AFAFA8F
+ 3499B200 210DCC1F 10EB3394 3CD67FC8 8A2F39A4 BE5BEC4E C0A3212D
+ C346D7E4 74B29EDE 8A469FFE CA686E5A
+ "
+ ),
+ "bad client premaster"
+ );
+
+ assert_eq!(
+ server
+ .compute_premaster_secret(&a_pub, &v, &u, &b)
+ .to_bytes_be(),
+ hex!(
+ "
+ B0DC82BA BCF30674 AE450C02 87745E79 90A3381F 63B387AA F271A10D
+ 233861E3 59B48220 F7C4693C 9AE12B0A 6F67809F 0876E2D0 13800D6C
+ 41BB59B6 D5979B5C 00A172B4 A2A5903A 0BDCAF8A 709585EB 2AFAFA8F
+ 3499B200 210DCC1F 10EB3394 3CD67FC8 8A2F39A4 BE5BEC4E C0A3212D
+ C346D7E4 74B29EDE 8A469FFE CA686E5A
+ "
+ ),
+ "bad server premaster"
+ );
+}
diff --git a/srp/tests/srp.rs b/srp/tests/srp.rs
index bf6c30f..b59a4dd 100644
--- a/srp/tests/srp.rs
+++ b/srp/tests/srp.rs
@@ -1,53 +1,71 @@
use rand::RngCore;
use sha2::Sha256;
+use srp::client::SrpClient;
-use srp::client::{srp_private_key, SrpClient};
use srp::groups::G_2048;
-use srp::server::{SrpServer, UserRecord};
+use srp::server::SrpServer;
-fn auth_test(reg_pwd: &[u8], auth_pwd: &[u8]) {
+fn auth_test(true_pwd: &[u8], auth_pwd: &[u8]) {
let mut rng = rand::rngs::OsRng::new().unwrap();
let username = b"alice";
// Client instance creation
- let mut a = [0u8; 64];
- rng.fill_bytes(&mut a);
- let client = SrpClient::<Sha256>::new(&a, &G_2048);
+ let client = SrpClient::<Sha256>::new(&G_2048);
+
+ // Begin Registration
- // Registration
let mut salt = [0u8; 16];
rng.fill_bytes(&mut salt);
- let reg_priv_key = srp_private_key::<Sha256>(username, reg_pwd, &salt);
- let verif = client.get_password_verifier(&reg_priv_key);
-
- // User sends handshake
- let a_pub = client.get_a_pub();
-
- // Server retrieve user record from db and processes handshake
- let user = UserRecord {
- username,
- salt: &salt,
- verifier: &verif,
- };
+ let verifier = client.compute_verifier(username, true_pwd, &salt);
+
+ // Client sends username and verifier and salt to the Server for storage
+
+ // Registration Ends
+
+ // Begin Authentication
+
+ // User sends username
+
+ // Server instance creation
+ let server = SrpServer::<Sha256>::new(&G_2048);
+
+ // Server retrieves verifier, salt and computes a public B value
let mut b = [0u8; 64];
rng.fill_bytes(&mut b);
- let server = SrpServer::<Sha256>::new(&user, &a_pub, &b, &G_2048).unwrap();
- let (salt, b_pub) = (&user.salt, server.get_b_pub());
+ let (salt, b_pub) = (&salt, server.compute_public_ephemeral(&b, &verifier));
+
+ // Server sends salt and b_pub to client
- // Client processes handshake reply
- let auth_priv_key = srp_private_key::<Sha256>(username, auth_pwd, salt);
- let client2 = client.process_reply(&auth_priv_key, &b_pub).unwrap();
- let proof = client2.get_proof();
+ // Client computes the public A value and the clientVerifier containing the key, m1, and m2
+ let mut a = [0u8; 64];
+ rng.fill_bytes(&mut a);
+ let client_verifier = client
+ .process_reply(&a, username, auth_pwd, salt, &b_pub)
+ .unwrap();
+ let a_pub = client.compute_public_ephemeral(&a);
+ let client_proof = client_verifier.proof();
+
+ // Client sends a_pub and client_proof to server (M1)
// Server processes verification data
- println!("Client verification");
- let proof2 = server.verify(&proof).unwrap();
- let server_key = server.get_key();
+ let server_verifier = server.process_reply(&b, &verifier, &a_pub).unwrap();
+ println!("Client verification on server");
+ server_verifier.verify_client(client_proof).unwrap();
+ let server_proof = server_verifier.proof();
+ let server_key = server_verifier.key();
+
+ // Server sends server_proof to server (M2)
// Client verifies server
- println!("Server verification");
- let user_key = client2.verify_server(&proof2).unwrap();
- assert_eq!(server_key, user_key, "server and client keys are not equal");
+ println!("Server verification on client");
+ client_verifier.verify_server(server_proof).unwrap();
+ let client_key = client_verifier.key();
+
+ // our keys almost must equal but just an extra check
+ assert_eq!(
+ server_key, client_key,
+ "server and client keys are not equal"
+ );
}
#[test]
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-20 13:31:58 +0000