Exemplo n.º 1
0
        /// <summary>
        ///
        /// </summary>
        public static void Test()
        {
            SecureRemotePassword server = new SecureRemotePassword(true, "USER", "PASSWORD", SRPParameters.Defaults);
            SecureRemotePassword client = new SecureRemotePassword(false, "USER", "PASSWORD", SRPParameters.Defaults);

            /* Typical communication works something like this:
             *
             * client: I want to log in. Here is my username and here is my PublicEphemeralValueA.
             * server: Here is the Salt and here is my PublicEphemeralValueB.
             *
             * Server looks up the username in the database and finds the associated password.
             *
             * client: Here's proof I have the correct session key (hence correct password)
             *         (sends client.ClientSessionKeyProof)
             * server: Thats valid. Here's proof that *I* have the correct session key:
             *         (sends server.ServerSessionKeyProof)
             *
             * client: Cheerio. *encrypts stuff using SessionKey*
             */
            Console.WriteLine("Client sending A = {0}", client.PublicEphemeralValueA.ToHexString());
            server.PublicEphemeralValueA = client.PublicEphemeralValueA;

            Console.WriteLine("Server sending salt = {0}", server.Salt.ToHexString());
            Console.WriteLine("Server sending B = {0}", server.PublicEphemeralValueB.ToHexString());
            client.Salt = server.Salt;
            client.PublicEphemeralValueB = server.PublicEphemeralValueB;

            /*
             *  Console.WriteLine("X = {0}", server.CredentialsHash.ToHexString());
             *  Console.WriteLine("a = {0}", client.secretEphemeralValueA.ToHexString());
             *  Console.WriteLine("b = {0}", server.secretEphemeralValueB.ToHexString());
             *  Console.WriteLine("v = {0}", server.Verifier.ToHexString());
             *  Console.WriteLine("U = {0}", server.ScramblingParameter.ToHexString());
             */

            // Note that session keys are never sent.
            Console.WriteLine("Server's session key = {0}", server.SessionKey.ToHexString());
            Console.WriteLine("Client's session key = {0}", client.SessionKey.ToHexString());

            // Are the session keys actually the same?
            Console.WriteLine("\nServer key == client key {0}", server.SessionKey == client.SessionKey);

            // This is how we can test it without sending actual session keys over the wire
            Console.WriteLine("Client proof valid: {0}", server.IsClientProofValid(client.ClientSessionKeyProof));
            Console.WriteLine("Server proof valid: {0}", client.IsServerProofValid(server.ServerSessionKeyProof));
        }
        /// <summary>
        /// 
        /// </summary>
        public static void Test()
        {
            SecureRemotePassword server = new SecureRemotePassword( true, "USER", "PASSWORD", SRPParameters.Defaults );
            SecureRemotePassword client = new SecureRemotePassword( false, "USER", "PASSWORD", SRPParameters.Defaults );

            /* Typical communication works something like this:
             * 
             * client: I want to log in. Here is my username and here is my PublicEphemeralValueA.
             * server: Here is the Salt and here is my PublicEphemeralValueB.
             * 
             * Server looks up the username in the database and finds the associated password.
             * 
             * client: Here's proof I have the correct session key (hence correct password)
             *         (sends client.ClientSessionKeyProof)
             * server: Thats valid. Here's proof that *I* have the correct session key:
             *         (sends server.ServerSessionKeyProof)
             * 
             * client: Cheerio. *encrypts stuff using SessionKey*
             */
            Console.WriteLine( "Client sending A = {0}", client.PublicEphemeralValueA.ToHexString() );
            server.PublicEphemeralValueA = client.PublicEphemeralValueA;

            Console.WriteLine( "Server sending salt = {0}", server.Salt.ToHexString() );
            Console.WriteLine( "Server sending B = {0}", server.PublicEphemeralValueB.ToHexString() );
            client.Salt = server.Salt;
            client.PublicEphemeralValueB = server.PublicEphemeralValueB;

            /*
                Console.WriteLine("X = {0}", server.CredentialsHash.ToHexString());
                Console.WriteLine("a = {0}", client.secretEphemeralValueA.ToHexString());
                Console.WriteLine("b = {0}", server.secretEphemeralValueB.ToHexString());
                Console.WriteLine("v = {0}", server.Verifier.ToHexString());
                Console.WriteLine("U = {0}", server.ScramblingParameter.ToHexString());
                */

            // Note that session keys are never sent.
            Console.WriteLine( "Server's session key = {0}", server.SessionKey.ToHexString() );
            Console.WriteLine( "Client's session key = {0}", client.SessionKey.ToHexString() );

            // Are the session keys actually the same?
            Console.WriteLine( "\nServer key == client key {0}", server.SessionKey == client.SessionKey );

            // This is how we can test it without sending actual session keys over the wire
            Console.WriteLine( "Client proof valid: {0}", server.IsClientProofValid( client.ClientSessionKeyProof ) );
            Console.WriteLine( "Server proof valid: {0}", client.IsServerProofValid( server.ServerSessionKeyProof ) );
        }
 public void IsClientProofValidTest()
 {
     bool isServer = false; // TODO: 初始化为适当的值
     SecureRemotePassword target = new SecureRemotePassword( isServer ); // TODO: 初始化为适当的值
     BigInteger client_proof = null; // TODO: 初始化为适当的值
     bool expected = false; // TODO: 初始化为适当的值
     bool actual;
     actual = target.IsClientProofValid( client_proof );
     Assert.AreEqual( expected, actual );
     Assert.Inconclusive( "验证此测试方法的正确性。" );
 }