//!
//! For user registration on the server first generate salt (e.g. 32 bytes long)
//! and get password verifier which depends on private key. Send useranme, salt
-//! and password verifier over protected channel to protect against MitM for
-//! registration.
+//! and password verifier over protected channel to protect against
+//! Man-in-the-middle (MITM) attack for registration.
//!
//! ```ignore
//! let pwd_verifier = client.get_password_verifier(&private_key);
/// Get password verfier for user registration on the server
pub fn get_password_verifier(&self, private_key: &[u8]) -> Vec<u8> {
- let x = BigUint::from_bytes_be(&private_key);
+ let x = BigUint::from_bytes_be(private_key);
let v = self.params.powm(&x);
v.to_bytes_be()
}
return Err(SrpAuthError{ description: "Malicious b_pub value" })
}
- let x = BigUint::from_bytes_be(&private_key);
+ let x = BigUint::from_bytes_be(private_key);
let key = self.calc_key(&b_pub, &x, &u);
// M1 = H(A, B, K)
let proof = {
fn auth_test(reg_pwd: &[u8], auth_pwd: &[u8]) {
let mut rng = rand::os::OsRng::new().unwrap();
- let username = "alice".as_bytes();
+ let username = b"alice";
// Client instance creation
let a = rng.gen_iter::<u8>().take(64).collect::<Vec<u8>>();
let (salt, b_pub) = (&user.salt, server.get_b_pub());
// Client processes handshake reply
- let auth_priv_key = srp_private_key::<Sha256>(username, auth_pwd, &salt);
+ let auth_priv_key = srp_private_key::<Sha256>(username, auth_pwd, salt);
let client2 = client.process_reply(&auth_priv_key, &b_pub).unwrap();
let proof = client2.get_proof();
#[test]
fn good_password() {
- auth_test("password".as_bytes(), "password".as_bytes());
+ auth_test(b"password", b"password");
}
#[test]
#[should_panic]
fn bad_password() {
- auth_test("password".as_bytes(), "paSsword".as_bytes());
+ auth_test(b"password", b"paSsword");
}
projects / PAKEs.git / commitdiff