public void VerifierTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 BigInteger expected = null; // TODO: 初始化为适当的值 BigInteger actual; target.Verifier = expected; actual = target.Verifier; Assert.AreEqual( expected, actual ); Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void UsernameTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 string expected = string.Empty; // TODO: 初始化为适当的值 string actual; target.Username = expected; actual = target.Username; Assert.AreEqual( expected, actual ); Assert.Inconclusive( "验证此测试方法的正确性。" ); }
/// <summary> /// /// </summary> public static void Test() { SecureRemotePassword server = new SecureRemotePassword(true, "USER", "PASSWORD", SRPParameters.Defaults); SecureRemotePassword client = new SecureRemotePassword(false, "USER", "PASSWORD", SRPParameters.Defaults); /* Typical communication works something like this: * * client: I want to log in. Here is my username and here is my PublicEphemeralValueA. * server: Here is the Salt and here is my PublicEphemeralValueB. * * Server looks up the username in the database and finds the associated password. * * client: Here's proof I have the correct session key (hence correct password) * (sends client.ClientSessionKeyProof) * server: Thats valid. Here's proof that *I* have the correct session key: * (sends server.ServerSessionKeyProof) * * client: Cheerio. *encrypts stuff using SessionKey* */ Console.WriteLine("Client sending A = {0}", client.PublicEphemeralValueA.ToHexString()); server.PublicEphemeralValueA = client.PublicEphemeralValueA; Console.WriteLine("Server sending salt = {0}", server.Salt.ToHexString()); Console.WriteLine("Server sending B = {0}", server.PublicEphemeralValueB.ToHexString()); client.Salt = server.Salt; client.PublicEphemeralValueB = server.PublicEphemeralValueB; /* * Console.WriteLine("X = {0}", server.CredentialsHash.ToHexString()); * Console.WriteLine("a = {0}", client.secretEphemeralValueA.ToHexString()); * Console.WriteLine("b = {0}", server.secretEphemeralValueB.ToHexString()); * Console.WriteLine("v = {0}", server.Verifier.ToHexString()); * Console.WriteLine("U = {0}", server.ScramblingParameter.ToHexString()); */ // Note that session keys are never sent. Console.WriteLine("Server's session key = {0}", server.SessionKey.ToHexString()); Console.WriteLine("Client's session key = {0}", client.SessionKey.ToHexString()); // Are the session keys actually the same? Console.WriteLine("\nServer key == client key {0}", server.SessionKey == client.SessionKey); // This is how we can test it without sending actual session keys over the wire Console.WriteLine("Client proof valid: {0}", server.IsClientProofValid(client.ClientSessionKeyProof)); Console.WriteLine("Server proof valid: {0}", client.IsServerProofValid(server.ServerSessionKeyProof)); }
/// <summary> /// /// </summary> public Realm_RequestSessionResult( uint iSerial, WowAccount account, SecureRemotePassword srp ) : base( (long)RealmOpCode.CMSG_REQUEST_SESSION_RESULT, 0 /* ProcessNet.REALM_HEAD_SIZE + ? */ ) { WriterStream.Write( (byte)RealmOpCode.CMSG_REQUEST_SESSION_RESULT ); // ×ֶαàºÅ WriterStream.Write( (ushort)0 ); // ×Ö¶ÎÊ£Óà´óС ////////////////////////////////////////////////////////////////////////// WriterStream.Write( (uint)iSerial ); WriterStream.Write( true ); // ³É¹¦ WriterStream.Write( (uint)account.AccountGuid ); WriterStream.Write( (int)account.AccessLevel ); WriterStream.Write( (bool)account.IsTBC ); byte[] byteSessionKey = srp.SessionKey.GetBytes( 40 ); WriterStream.Write( byteSessionKey, 0, 40 ); ////////////////////////////////////////////////////////////////////////// WriterStream.Seek( 1, SeekOrigin.Begin ); WriterStream.Write( (ushort)( WriterStream.Length - ProcessNet.REALM_HEAD_SIZE ) ); }
//internal class AuthLogonProof_Result //{ // public byte m_iCommand = 0; // 0x01 CMD_AUTH_LOGON_PROOF // public byte m_iError = 0; // public byte[] M2 = new byte[20]; // public uint m_iUnk = 0; // public ushort m_iUnk2 = 0; //} /// <summary> /// 等于 AuthLogonProof_Result 结构 /// </summary> public Auth_AuthProofResult( SecureRemotePassword srp ) : base( (long)AuthOpCode.CMSG_AUTH_PROOF_RESULT, 0 ) { WriterStream.Write( (byte)AuthOpCode.CMSG_AUTH_PROOF_RESULT ); WriterStream.Write( (byte)LogineErrorInfo.LOGIN_SUCCESS ); ////////////////////////////////////////////////////////////////////////// WriterStream.Write( srp.ServerSessionKeyProof.GetBytes( 20 ), 0, 20 ); WriterStream.Fill( 0x0, 6 ); }
//internal class AuthLogonChallenge_Result //{ // public byte m_iCommand = (byte)RealmListOpCode.CMSG_AUTH_CHALLENGE_RESULT; // 0x00 CMD_AUTH_LOGON_CHALLENGE // public byte m_iError = 0; // 0 - ok // public byte m_iUnk = 0; // 0x00 // public byte[] m_iB = new byte[32]; // public byte m_iGLen = 1; // 0x01 // public byte[] m_iG = new byte[1]; // public byte m_iNLen = 32; // 0x20 // public byte[] m_iN = new byte[32]; // public byte[] m_iS = new byte[32]; // public byte[] m_iUnk2 = new byte[16]; // public byte m_iUnk3 = 0; //} /// <summary> /// 等于 AuthLogonChallenge_Result 结构 /// </summary> public Auth_AuthChallengeResult( SecureRemotePassword srp ) : base( (long)AuthOpCode.CMSG_AUTH_CHALLENGE_RESULT, 0 ) { WriterStream.Write( (byte)AuthOpCode.CMSG_AUTH_CHALLENGE_RESULT ); WriterStream.Write( (byte)LogineErrorInfo.LOGIN_SUCCESS ); ////////////////////////////////////////////////////////////////////////// WriterStream.Write( (byte)0 ); WriterStream.Write( srp.PublicEphemeralValueB.GetBytes( 32 ), 0, 32 ); WriterStream.Write( (byte)1 ); WriterStream.Write( srp.Generator.GetBytes( 1 ), 0, 1 ); WriterStream.Write( (byte)32 ); WriterStream.Write( srp.Modulus.GetBytes( 32 ), 0, 32 ); WriterStream.Write( srp.Salt.GetBytes( 32 ), 0, 32 ); BigInteger unknown = new BigInteger(); unknown.GenRandomBits( 128 /* 16 * 8 */ , new Random( 10 ) );/* 随机数 16字节 */ WriterStream.Write( unknown.GetBytes( 16 ), 0, 16 ); WriterStream.Write( (byte)0 ); }
public void SessionKeyRawTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 BigInteger actual; actual = target.SessionKeyRaw; Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void SecureRemotePasswordConstructorTest() { bool isServer = false; // TODO: 初始化为适当的值 string username = string.Empty; // TODO: 初始化为适当的值 string password = string.Empty; // TODO: 初始化为适当的值 SecureRemotePassword.SRPParameters parameters = null; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer, username, password, parameters ); Assert.Inconclusive( "TODO: 实现用来验证目标的代码" ); }
public void SecureRemotePasswordConstructorTest3() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); Assert.Inconclusive( "TODO: 实现用来验证目标的代码" ); }
public void HashTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 HashUtilities.HashDataBroker[] brokers = null; // TODO: 初始化为适当的值 BigInteger expected = null; // TODO: 初始化为适当的值 BigInteger actual; actual = target.Hash( brokers ); Assert.AreEqual( expected, actual ); Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void IsClientProofValidTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 BigInteger client_proof = null; // TODO: 初始化为适当的值 bool expected = false; // TODO: 初始化为适当的值 bool actual; actual = target.IsClientProofValid( client_proof ); Assert.AreEqual( expected, actual ); Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void CredentialsTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 string actual; actual = target.Credentials; Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void IsServerTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 bool actual; actual = target.IsServer; Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void ParametersTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 SecureRemotePassword.SRPParameters expected = null; // TODO: 初始化为适当的值 SecureRemotePassword.SRPParameters actual; target.Parameters = expected; actual = target.Parameters; Assert.AreEqual( expected, actual ); Assert.Inconclusive( "验证此测试方法的正确性。" ); }
public void ScramblingParameterTest() { bool isServer = false; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值 BigInteger actual; actual = target.ScramblingParameter; Assert.Inconclusive( "验证此测试方法的正确性。" ); }
/// <summary> /// /// </summary> /// <param name="serial"></param> /// <param name="realm"></param> public static void AddSRP( string strAccountName, SecureRemotePassword srp ) { s_SRPs.Add( strAccountName, srp ); }
/// <summary> /// /// </summary> public static void Test() { SecureRemotePassword server = new SecureRemotePassword( true, "USER", "PASSWORD", SRPParameters.Defaults ); SecureRemotePassword client = new SecureRemotePassword( false, "USER", "PASSWORD", SRPParameters.Defaults ); /* Typical communication works something like this: * * client: I want to log in. Here is my username and here is my PublicEphemeralValueA. * server: Here is the Salt and here is my PublicEphemeralValueB. * * Server looks up the username in the database and finds the associated password. * * client: Here's proof I have the correct session key (hence correct password) * (sends client.ClientSessionKeyProof) * server: Thats valid. Here's proof that *I* have the correct session key: * (sends server.ServerSessionKeyProof) * * client: Cheerio. *encrypts stuff using SessionKey* */ Console.WriteLine( "Client sending A = {0}", client.PublicEphemeralValueA.ToHexString() ); server.PublicEphemeralValueA = client.PublicEphemeralValueA; Console.WriteLine( "Server sending salt = {0}", server.Salt.ToHexString() ); Console.WriteLine( "Server sending B = {0}", server.PublicEphemeralValueB.ToHexString() ); client.Salt = server.Salt; client.PublicEphemeralValueB = server.PublicEphemeralValueB; /* Console.WriteLine("X = {0}", server.CredentialsHash.ToHexString()); Console.WriteLine("a = {0}", client.secretEphemeralValueA.ToHexString()); Console.WriteLine("b = {0}", server.secretEphemeralValueB.ToHexString()); Console.WriteLine("v = {0}", server.Verifier.ToHexString()); Console.WriteLine("U = {0}", server.ScramblingParameter.ToHexString()); */ // Note that session keys are never sent. Console.WriteLine( "Server's session key = {0}", server.SessionKey.ToHexString() ); Console.WriteLine( "Client's session key = {0}", client.SessionKey.ToHexString() ); // Are the session keys actually the same? Console.WriteLine( "\nServer key == client key {0}", server.SessionKey == client.SessionKey ); // This is how we can test it without sending actual session keys over the wire Console.WriteLine( "Client proof valid: {0}", server.IsClientProofValid( client.ClientSessionKeyProof ) ); Console.WriteLine( "Server proof valid: {0}", client.IsServerProofValid( server.ServerSessionKeyProof ) ); }
public void SecureRemotePasswordConstructorTest1() { string username = string.Empty; // TODO: 初始化为适当的值 BigInteger verifier = null; // TODO: 初始化为适当的值 BigInteger salt = null; // TODO: 初始化为适当的值 SecureRemotePassword target = new SecureRemotePassword( username, verifier, salt ); Assert.Inconclusive( "TODO: 实现用来验证目标的代码" ); }