Exemplo n.º 1
0
        public void ShouldAuthenticateOnTheServer()
        {
            var username         = "******";
            var password         = "******";
            var hash             = new HMACSHA256();
            var parameter        = new Bit2048();
            var srp              = new SecureRemoteProtocol(hash, parameter);
            var privateKey       = SecureRemoteProtocol.GetRandomNumber().ToBytes();
            var serverKey        = SecureRemoteProtocol.GetRandomNumber().ToBytes();
            var verificationKey1 = srp.CreateVerificationKey(username, password);

            var user1           = new SRPUser(username, password, hash, parameter);
            var a               = user1.GetEphemeralSecret();
            var authentication1 = user1.StartAuthentication();


            var user2           = new SRPUser(username, password, hash, parameter);
            var user2Ephemeral  = user2.GetEphemeralSecret();
            var authentication2 = user2.StartAuthentication();

            Assert.IsTrue(authentication1.PublicKey.CheckEquals(authentication2.PublicKey));

            var svr1 = new SRPVerifier(hash, parameter, verificationKey1,
                                       authentication1.PublicKey);

            var b          = svr1.GetEphemeralSecret();
            var challenge1 = svr1.GetChallenge();
            var session1   = user1.ProcessChallenge(challenge1);
            var session2   = user2.ProcessChallenge(challenge1);

            Assert.IsTrue(session1.Key.CheckEquals(session2.Key));
        }
Exemplo n.º 2
0
        static void StartClient()
        {
            var username   = "******";
            var password   = "******";
            var hash       = new HMACSHA256();
            var parameter  = new Bit2048();
            var srp        = new SecureRemoteProtocol(hash, parameter);
            var privateKey = SecureRemoteProtocol.GetRandomNumber().ToBytes();
            var serverKey  = SecureRemoteProtocol.GetRandomNumber().ToBytes();

            var verificationKey1 = srp.CreateVerificationKey(username, password);

            var user1           = new SRPUser(username, password, hash, parameter);
            var a               = user1.GetEphemeralSecret();
            var authentication1 = user1.StartAuthentication();

            var svr1 = new SRPVerifier(hash, parameter, verificationKey1,
                                       authentication1.PublicKey);

            var b          = svr1.GetEphemeralSecret();
            var challenge1 = svr1.GetChallenge();
            var session1   = user1.ProcessChallenge(challenge1);

            var hamk = svr1.VerifiySession(session1);
        }
Exemplo n.º 3
0
        public void ShouldAuthenticateSameUserTwice()
        {
            var username  = "******";
            var password  = "******";
            var hash      = new HMACSHA256();
            var parameter = new Bit2048();
            var user1     = new SRPUser(username, password, hash, parameter);

            var a = user1.GetEphemeralSecret();
            var authentication1 = user1.StartAuthentication();

            var user2          = new SRPUser(username, password, hash, parameter);
            var user2Ephemeral = user2.GetEphemeralSecret();

            Assert.IsTrue(a.CheckEquals(user2Ephemeral));

            var authentication2 = user2.StartAuthentication();

            Assert.AreEqual(authentication1.Username, authentication2.Username);
            Assert.IsTrue(authentication1.PublicKey.CheckEquals(authentication2.PublicKey));
        }