public void TestSCRAMClient( Type algorithmType, String username, String password, String clientNonce, String serverSalt, String serverNonce, Int32 iterationCount, String clientProof, String serverProof, String clientPasswordDigest ) { var encoding = new UTF8Encoding(false, false).CreateDefaultEncodingInfo(); using (var client = ((BlockDigestAlgorithm)Activator.CreateInstance(algorithmType)).CreateSASLClientSCRAM(() => encoding.Encoding.GetBytes(clientNonce))) { var writeArray = new ResizableArray <Byte>(); var credentials = new SASLCredentialsSCRAMForClient( username, password ); // Phase 1. (var bytesWritten, var challengeResult) = client.ChallengeAsync(credentials.CreateChallengeArguments( null, // Initial phase does not read anything -1, -1, writeArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.MoreToCome); Assert.AreEqual("n,,n=" + username + ",r=" + clientNonce, encoding.Encoding.GetString(writeArray.Array, 0, bytesWritten)); // Phase 2. var serverBytes = encoding.Encoding.GetBytes("r=" + clientNonce + serverNonce + ",s=" + serverSalt + ",i=" + iterationCount); (bytesWritten, challengeResult) = client.ChallengeAsync(credentials.CreateChallengeArguments( serverBytes, 0, serverBytes.Length, writeArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.MoreToCome); Assert.AreEqual("c=biws,r=" + clientNonce + serverNonce + ",p=" + clientProof, encoding.Encoding.GetString(writeArray.Array, 0, bytesWritten)); Assert.AreEqual(clientPasswordDigest, Convert.ToBase64String(credentials.PasswordDigest)); // Phase 3 serverBytes = encoding.Encoding.GetBytes("v=" + serverProof); (bytesWritten, challengeResult) = client.ChallengeAsync(credentials.CreateChallengeArguments( serverBytes, 0, serverBytes.Length, writeArray, 0, encoding )).Result.First; Assert.AreEqual(challengeResult, SASLChallengeResult.Completed); Assert.AreEqual(bytesWritten, 0); } }
public void TestSCRAMClientAndServerInterop( Type algorithmType, String username, String password, String clientKeyDigest, // H(key_c) String serverKey, // key_s String serverSalt, Int32 iterationCount ) { var encoding = new UTF8Encoding(false, false).CreateDefaultEncodingInfo(); var serverCallbackCalled = 0; using (var client = ((BlockDigestAlgorithm)Activator.CreateInstance(algorithmType)).CreateSASLClientSCRAM()) using (var server = ((BlockDigestAlgorithm)Activator.CreateInstance(algorithmType)).CreateSASLServerSCRAM(async serverUsername => { Assert.AreEqual(username, serverUsername); // Simulate fetching data from DB (each user should have all these 4 attributes) await Task.Delay(100); Interlocked.Exchange(ref serverCallbackCalled, 1); return(new SASLCredentialsSCRAMForServer( Convert.FromBase64String(clientKeyDigest), Convert.FromBase64String(serverKey), Convert.FromBase64String(serverSalt), iterationCount )); })) { var clientWriteArray = new ResizableArray <Byte>(); var clientCredentials = new SASLCredentialsSCRAMForClient( username, password ); var serverWriteArray = new ResizableArray <Byte>(); var serverCredentials = new SASLCredentialsHolder(); // Client-first (var bytesWritten, var challengeResult) = client.ChallengeAsync(clientCredentials.CreateChallengeArguments( null, // Initial phase does not read anything -1, -1, clientWriteArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.MoreToCome); // Server-first (bytesWritten, challengeResult) = server.ChallengeAsync(serverCredentials.CreateServerMechanismArguments( clientWriteArray.Array, 0, bytesWritten, serverWriteArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.MoreToCome); Assert.AreNotEqual(0, serverCallbackCalled); // Client-final (bytesWritten, challengeResult) = client.ChallengeAsync(clientCredentials.CreateChallengeArguments( serverWriteArray.Array, 0, bytesWritten, clientWriteArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.MoreToCome); // Server-final (bytesWritten, challengeResult) = server.ChallengeAsync(serverCredentials.CreateServerMechanismArguments( clientWriteArray.Array, 0, bytesWritten, serverWriteArray, 0, encoding )).Result.First; Assert.IsTrue(bytesWritten > 0); Assert.AreEqual(challengeResult, SASLChallengeResult.Completed); // Client-validate (bytesWritten, challengeResult) = client.ChallengeAsync(clientCredentials.CreateChallengeArguments( serverWriteArray.Array, 0, bytesWritten, clientWriteArray, 0, encoding )).Result.First; Assert.AreEqual(bytesWritten, 0); Assert.AreEqual(challengeResult, SASLChallengeResult.Completed); } }