3 use srp::client::SrpClient;
5 use srp::groups::G_2048;
6 use srp::server::SrpServer;
8 fn auth_test(true_pwd: &[u8], auth_pwd: &[u8]) {
9 let mut rng = rand::rngs::OsRng::new().unwrap();
10 let username = b"alice";
12 // Client instance creation
13 let client = SrpClient::<Sha256>::new(&G_2048);
17 let mut salt = [0u8; 16];
18 rng.fill_bytes(&mut salt);
19 let verifier = client.compute_verifier(username, true_pwd, &salt);
21 // Client sends username and verifier and salt to the Server for storage
25 // Begin Authentication
27 // User sends username
29 // Server instance creation
30 let server = SrpServer::<Sha256>::new(&G_2048);
32 // Server retrieves verifier, salt and computes a public B value
33 let mut b = [0u8; 64];
34 rng.fill_bytes(&mut b);
35 let (salt, b_pub) = (&salt, server.compute_public_ephemeral(&b, &verifier));
37 // Server sends salt and b_pub to client
39 // Client computes the public A value and the clientVerifier containing the key, m1, and m2
40 let mut a = [0u8; 64];
41 rng.fill_bytes(&mut a);
42 let client_verifier = client
43 .process_reply(&a, username, auth_pwd, salt, &b_pub)
45 let a_pub = client.compute_public_ephemeral(&a);
46 let client_proof = client_verifier.proof();
48 // Client sends a_pub and client_proof to server (M1)
50 // Server processes verification data
51 let server_verifier = server.process_reply(&b, &verifier, &a_pub).unwrap();
52 println!("Client verification on server");
53 server_verifier.verify_client(client_proof).unwrap();
54 let server_proof = server_verifier.proof();
55 let server_key = server_verifier.key();
57 // Server sends server_proof to server (M2)
59 // Client verifies server
60 println!("Server verification on client");
61 client_verifier.verify_server(server_proof).unwrap();
62 let client_key = client_verifier.key();
64 // our keys almost must equal but just an extra check
66 server_key, client_key,
67 "server and client keys are not equal"
73 auth_test(b"password", b"password");
79 auth_test(b"password", b"paSsword");
projects / PAKEs.git / blob