public void VerifyAuthenticationExchange() {
string username = "******", password = "******",
cnonce = "fyko+d2lbbFgONRv9qkxdawL";
SaslMechanism s = new SaslScramSha1(username, password, cnonce);
string initialResponse = Encoding.UTF8.GetString(
s.GetResponse(new byte[0]));
// Verify the syntax of the client-first-message.
Match m = Regex.Match(initialResponse,
"^[nyp],(a=[^,]+)?,(m=[^,]+,)?n=([^,]+),r=([^,]+)(,.*)?");
Assert.IsTrue(m.Success);
Assert.AreEqual<string>(username, m.Groups[3].ToString());
Assert.AreEqual<string>(cnonce, m.Groups[4].ToString());
// Hand the client the server-first-message.
byte[] serverFirst = Encoding.UTF8.GetBytes(
"r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92," +
"i=4096");
string clientFinal = Encoding.UTF8.GetString(
s.GetResponse(serverFirst));
string expectedClientFinal = "c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfc" +
"NHYJY1ZVvWVs7j,p=v0X8v3Bz2T0CJGbJQyF0X+HI4Ts=";
Assert.AreEqual<string>(expectedClientFinal, clientFinal);
// Hand the client the server-last-message.
byte[] serverLast = Encoding.UTF8.GetBytes("v=rmF9pqV8S7suAoZWja4dJ" +
"RkFsKQ=");
clientFinal = Encoding.UTF8.GetString(s.GetResponse(serverLast));
Assert.AreEqual<string>(String.Empty, clientFinal);
}
public void VerifyClientFirstMessage() {
SaslMechanism m = new SaslScramSha1("Foo", "Bar");
string clientInitial = Encoding.UTF8.GetString(
m.GetResponse(new byte[0]));
// Verify the syntax of the client-first-message.
bool valid = Regex.IsMatch(clientInitial,
"^[nyp],(a=[^,]+)?,(m=[^,]+,)?n=[^,]+,(r=[^,]+)(,.*)?");
Assert.IsTrue(valid);
}
public void TamperedNonce() {
SaslMechanism m = new SaslScramSha1("Foo", "Bar");
// Skip the initial client response.
m.GetResponse(new byte[0]);
// Hand the client a server-first-message containing a nonce which is
// missing the mandatory client-nonce part.
byte[] serverFirst = Encoding.UTF8.GetBytes("r=123456789,s=MTIzNDU2" +
"Nzg5,i=4096");
// This should raise an exception.
m.GetResponse(serverFirst);
}