srp.c 31 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696
  1. /* srp.c SRP unit tests
  2. *
  3. * Copyright (C) 2006-2015 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL. (formerly known as CyaSSL)
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU Geteral Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Geteral Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Geteral Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  20. */
  21. #ifdef HAVE_CONFIG_H
  22. #include <config.h>
  23. #endif
  24. #include <wolfssl/wolfcrypt/settings.h>
  25. #include <tests/unit.h>
  26. #include <wolfssl/wolfcrypt/sha512.h>
  27. #include <wolfssl/wolfcrypt/srp.h>
  28. #ifdef WOLFCRYPT_HAVE_SRP
  29. static byte username[] = "user";
  30. static word32 usernameSz = 4;
  31. static byte password[] = "password";
  32. static word32 passwordSz = 8;
  33. static byte N[] = {
  34. 0xD4, 0xC7, 0xF8, 0xA2, 0xB3, 0x2C, 0x11, 0xB8, 0xFB, 0xA9, 0x58, 0x1E,
  35. 0xC4, 0xBA, 0x4F, 0x1B, 0x04, 0x21, 0x56, 0x42, 0xEF, 0x73, 0x55, 0xE3,
  36. 0x7C, 0x0F, 0xC0, 0x44, 0x3E, 0xF7, 0x56, 0xEA, 0x2C, 0x6B, 0x8E, 0xEB,
  37. 0x75, 0x5A, 0x1C, 0x72, 0x30, 0x27, 0x66, 0x3C, 0xAA, 0x26, 0x5E, 0xF7,
  38. 0x85, 0xB8, 0xFF, 0x6A, 0x9B, 0x35, 0x22, 0x7A, 0x52, 0xD8, 0x66, 0x33,
  39. 0xDB, 0xDF, 0xCA, 0x43
  40. };
  41. static byte g[] = {
  42. 0x02
  43. };
  44. static byte salt[] = {
  45. 0x80, 0x66, 0x61, 0x5B, 0x7D, 0x33, 0xA2, 0x2E, 0x79, 0x18
  46. };
  47. static byte verifier[] = {
  48. 0x24, 0x5F, 0xA5, 0x1B, 0x2A, 0x28, 0xF8, 0xFF, 0xE2, 0xA0, 0xF8, 0x61,
  49. 0x7B, 0x0F, 0x3C, 0x05, 0xD6, 0x4A, 0x55, 0xDF, 0x74, 0x31, 0x54, 0x47,
  50. 0xA1, 0xFA, 0x9D, 0x25, 0x7B, 0x02, 0x88, 0x0A, 0xE8, 0x5A, 0xBA, 0x8B,
  51. 0xA2, 0xD3, 0x8A, 0x62, 0x46, 0x8C, 0xEC, 0x52, 0xBE, 0xDE, 0xFC, 0x75,
  52. 0xF5, 0xDB, 0x9C, 0x8C, 0x9B, 0x34, 0x7A, 0xE7, 0x4A, 0x5F, 0xBB, 0x96,
  53. 0x38, 0x19, 0xAB, 0x24
  54. };
  55. static byte a[] = {
  56. 0x37, 0x95, 0xF2, 0xA6, 0xF1, 0x6F, 0x0D, 0x58, 0xBF, 0xED, 0x44, 0x87,
  57. 0xE0, 0xB6, 0xCC, 0x1C, 0xA0, 0x50, 0xC6, 0x61, 0xBB, 0x36, 0xE0, 0x9A,
  58. 0xF3, 0xF7, 0x1E, 0x7A, 0x61, 0x86, 0x5A, 0xF5
  59. };
  60. static byte A[] = {
  61. 0x8D, 0x28, 0xC5, 0x6A, 0x46, 0x5C, 0x82, 0xDB, 0xC7, 0xF6, 0x8B, 0x62,
  62. 0x1A, 0xAD, 0xA1, 0x76, 0x1B, 0x55, 0xFF, 0xAB, 0x10, 0x2F, 0xFF, 0x4A,
  63. 0xAA, 0x46, 0xAD, 0x33, 0x64, 0xDE, 0x28, 0x2E, 0x82, 0x7A, 0xBE, 0xEA,
  64. 0x32, 0xFC, 0xD6, 0x14, 0x01, 0x71, 0xE6, 0xC8, 0xC9, 0x53, 0x69, 0x55,
  65. 0xE1, 0xF8, 0x3D, 0xDD, 0xC7, 0xD5, 0x21, 0xCE, 0xFF, 0x17, 0xFC, 0x23,
  66. 0xBF, 0xCF, 0x2D, 0xB0
  67. };
  68. static byte b[] = {
  69. 0x2B, 0xDD, 0x30, 0x30, 0x53, 0xAF, 0xD8, 0x3A, 0xE7, 0xE0, 0x17, 0x82,
  70. 0x39, 0x44, 0x2C, 0xDB, 0x30, 0x88, 0x0F, 0xC8, 0x88, 0xC2, 0xB2, 0xC1,
  71. 0x78, 0x43, 0x2F, 0xD5, 0x60, 0xD4, 0xDA, 0x43
  72. };
  73. static byte B[] = {
  74. 0xB5, 0x80, 0x36, 0x7F, 0x50, 0x89, 0xC1, 0x04, 0x42, 0x98, 0xD7, 0x6A,
  75. 0x37, 0x8E, 0xF1, 0x81, 0x52, 0xC5, 0x7A, 0xA1, 0xD5, 0xB7, 0x66, 0x84,
  76. 0xA1, 0x3E, 0x32, 0x82, 0x2B, 0x3A, 0xB5, 0xD7, 0x3D, 0x50, 0xF1, 0x58,
  77. 0xBD, 0x89, 0x75, 0xC7, 0x51, 0xCF, 0x6C, 0x03, 0xD4, 0xCA, 0xD5, 0x6E,
  78. 0x97, 0x4D, 0xA3, 0x1E, 0x19, 0x0B, 0xF0, 0xAA, 0x7D, 0x14, 0x90, 0x80,
  79. 0x0E, 0xC7, 0x92, 0xAD
  80. };
  81. static byte key[] = {
  82. 0x66, 0x00, 0x9D, 0x58, 0xB3, 0xD2, 0x0D, 0x4B, 0x69, 0x7F, 0xCF, 0x48,
  83. 0xFF, 0x8F, 0x15, 0x81, 0x4C, 0x4B, 0xFE, 0x9D, 0x85, 0x77, 0x88, 0x60,
  84. 0x1D, 0x1E, 0x51, 0xCF, 0x75, 0xCC, 0x58, 0x00, 0xE7, 0x8D, 0x22, 0x87,
  85. 0x13, 0x6C, 0x88, 0x55
  86. };
  87. static byte client_proof[] = {
  88. 0x0D, 0x49, 0xE1, 0x9C, 0x3A, 0x88, 0x43, 0x15, 0x45, 0xA8, 0xAC, 0xAB,
  89. 0xEA, 0x15, 0x1A, 0xEE, 0xF9, 0x38, 0x4D, 0x21
  90. };
  91. static byte server_proof[] = {
  92. 0xBD, 0xB1, 0x20, 0x70, 0x46, 0xC9, 0xD6, 0xCC, 0xE2, 0x1D, 0x75, 0xA2,
  93. 0xD0, 0xAF, 0xC5, 0xBC, 0xAE, 0x12, 0xFC, 0x75
  94. };
  95. static void test_SrpInit(void)
  96. {
  97. Srp srp;
  98. /* invalid params */
  99. AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(NULL, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  100. AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, 255, SRP_CLIENT_SIDE));
  101. AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, SRP_TYPE_SHA, 255 ));
  102. /* success */
  103. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  104. wc_SrpTerm(&srp);
  105. }
  106. static void test_SrpSetUsername(void)
  107. {
  108. Srp srp;
  109. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  110. /* invalid params */
  111. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(NULL, username, usernameSz));
  112. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(&srp, NULL, usernameSz));
  113. /* success */
  114. AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
  115. AssertIntEQ((int) usernameSz, srp.userSz);
  116. AssertIntEQ(0, XMEMCMP(srp.user, username, usernameSz));
  117. wc_SrpTerm(&srp);
  118. }
  119. static void test_SrpSetParams(void)
  120. {
  121. Srp srp;
  122. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  123. /* invalid call order */
  124. AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp, N, sizeof(N),
  125. g, sizeof(g),
  126. salt, sizeof(salt)));
  127. /* fix call order */
  128. AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
  129. /* invalid params */
  130. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL, N, sizeof(N),
  131. g, sizeof(g),
  132. salt, sizeof(salt)));
  133. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, NULL, sizeof(N),
  134. g, sizeof(g),
  135. salt, sizeof(salt)));
  136. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
  137. NULL, sizeof(g),
  138. salt, sizeof(salt)));
  139. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
  140. g, sizeof(g),
  141. NULL, sizeof(salt)));
  142. /* success */
  143. AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
  144. g, sizeof(g),
  145. salt, sizeof(salt)));
  146. AssertIntEQ(sizeof(salt), srp.saltSz);
  147. AssertIntEQ(0, XMEMCMP(srp.salt, salt, srp.saltSz));
  148. wc_SrpTerm(&srp);
  149. }
  150. static void test_SrpSetPassword(void)
  151. {
  152. Srp srp;
  153. byte v[64];
  154. word32 vSz = 0;
  155. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  156. AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
  157. /* invalid call order */
  158. AssertIntEQ(SRP_CALL_ORDER_E,
  159. wc_SrpSetPassword(&srp, password, passwordSz));
  160. AssertIntEQ(SRP_CALL_ORDER_E,
  161. wc_SrpGetVerifier(&srp, v, &vSz));
  162. /* fix call order */
  163. AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
  164. g, sizeof(g),
  165. salt, sizeof(salt)));
  166. /* invalid params */
  167. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(NULL, password, passwordSz));
  168. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(&srp, NULL, passwordSz));
  169. /* success */
  170. AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
  171. /* invalid params */
  172. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(NULL, v, &vSz));
  173. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(&srp, NULL, &vSz));
  174. AssertIntEQ(BUFFER_E, wc_SrpGetVerifier(&srp, v, &vSz));
  175. /* success */
  176. vSz = sizeof(v);
  177. AssertIntEQ(0, wc_SrpGetVerifier(&srp, v, &vSz));
  178. AssertIntEQ(vSz, sizeof(verifier));
  179. AssertIntEQ(0, XMEMCMP(verifier, v, vSz));
  180. /* invalid params - client side srp */
  181. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, v, vSz));
  182. wc_SrpTerm(&srp);
  183. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
  184. /* invalid params */
  185. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(NULL, v, vSz));
  186. AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, NULL, vSz));
  187. /* success */
  188. AssertIntEQ(0, wc_SrpSetVerifier(&srp, v, vSz));
  189. wc_SrpTerm(&srp);
  190. }
  191. static void test_SrpGetPublic(void)
  192. {
  193. Srp srp;
  194. byte public[64];
  195. word32 publicSz = 0;
  196. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  197. AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
  198. AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
  199. g, sizeof(g),
  200. salt, sizeof(salt)));
  201. /* invalid call order */
  202. AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, public, &publicSz));
  203. /* fix call order */
  204. AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
  205. /* invalid params */
  206. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(NULL, public, &publicSz));
  207. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, NULL, &publicSz));
  208. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, public, NULL));
  209. AssertIntEQ(BUFFER_E, wc_SrpGetPublic(&srp, public, &publicSz));
  210. /* success */
  211. publicSz = sizeof(public);
  212. AssertIntEQ(0, wc_SrpSetPrivate(&srp, a, sizeof(a)));
  213. AssertIntEQ(0, wc_SrpGetPublic(&srp, public, &publicSz));
  214. AssertIntEQ(publicSz, sizeof(A));
  215. AssertIntEQ(0, XMEMCMP(public, A, publicSz));
  216. wc_SrpTerm(&srp);
  217. AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
  218. AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
  219. AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
  220. g, sizeof(g),
  221. salt, sizeof(salt)));
  222. /* invalid call order */
  223. AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, public, &publicSz));
  224. /* fix call order */
  225. AssertIntEQ(0, wc_SrpSetVerifier(&srp, verifier, sizeof(verifier)));
  226. /* success */
  227. AssertIntEQ(0, wc_SrpSetPrivate(&srp, b, sizeof(b)));
  228. AssertIntEQ(0, wc_SrpGetPublic(&srp, public, &publicSz));
  229. AssertIntEQ(publicSz, sizeof(B));
  230. AssertIntEQ(0, XMEMCMP(public, B, publicSz));
  231. wc_SrpTerm(&srp);
  232. }
  233. static void test_SrpComputeKey(void)
  234. {
  235. Srp cli, srv;
  236. byte clientPubKey[64];
  237. byte serverPubKey[64];
  238. word32 clientPubKeySz = 64;
  239. word32 serverPubKeySz = 64;
  240. AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  241. AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
  242. /* invalid call order */
  243. AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpComputeKey(&cli,
  244. clientPubKey, clientPubKeySz,
  245. serverPubKey, serverPubKeySz));
  246. /* fix call order */
  247. AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
  248. AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
  249. AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
  250. g, sizeof(g),
  251. salt, sizeof(salt)));
  252. AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
  253. g, sizeof(g),
  254. salt, sizeof(salt)));
  255. AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
  256. AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
  257. AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
  258. AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
  259. AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
  260. AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
  261. AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
  262. AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
  263. /* invalid params */
  264. AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(NULL,
  265. clientPubKey, clientPubKeySz,
  266. serverPubKey, serverPubKeySz));
  267. AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
  268. NULL, clientPubKeySz,
  269. serverPubKey, serverPubKeySz));
  270. AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
  271. clientPubKey, 0,
  272. serverPubKey, serverPubKeySz));
  273. AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
  274. clientPubKey, clientPubKeySz,
  275. NULL, serverPubKeySz));
  276. AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
  277. clientPubKey, clientPubKeySz,
  278. serverPubKey, 0));
  279. /* success */
  280. AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
  281. serverPubKey, serverPubKeySz));
  282. AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
  283. serverPubKey, serverPubKeySz));
  284. AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
  285. AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
  286. wc_SrpTerm(&cli);
  287. wc_SrpTerm(&srv);
  288. }
  289. static void test_SrpGetProofAndVerify(void)
  290. {
  291. Srp cli, srv;
  292. byte clientPubKey[64];
  293. byte serverPubKey[64];
  294. word32 clientPubKeySz = 64;
  295. word32 serverPubKeySz = 64;
  296. byte clientProof[SRP_MAX_DIGEST_SIZE];
  297. byte serverProof[SRP_MAX_DIGEST_SIZE];
  298. word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
  299. word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
  300. AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
  301. AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
  302. AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
  303. AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
  304. AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
  305. g, sizeof(g),
  306. salt, sizeof(salt)));
  307. AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
  308. g, sizeof(g),
  309. salt, sizeof(salt)));
  310. AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
  311. AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
  312. AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
  313. AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
  314. AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
  315. AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
  316. AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
  317. AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
  318. AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
  319. serverPubKey, serverPubKeySz));
  320. AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
  321. AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
  322. serverPubKey, serverPubKeySz));
  323. AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
  324. /* invalid params */
  325. serverProofSz = 0;
  326. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(NULL, clientProof,&clientProofSz));
  327. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, NULL, &clientProofSz));
  328. AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, clientProof,NULL));
  329. AssertIntEQ(BUFFER_E, wc_SrpGetProof(&srv, serverProof,&serverProofSz));
  330. AssertIntEQ(BAD_FUNC_ARG,
  331. wc_SrpVerifyPeersProof(NULL, clientProof, clientProofSz));
  332. AssertIntEQ(BAD_FUNC_ARG,
  333. wc_SrpVerifyPeersProof(&cli, NULL, clientProofSz));
  334. AssertIntEQ(BUFFER_E,
  335. wc_SrpVerifyPeersProof(&srv, serverProof, serverProofSz));
  336. serverProofSz = SRP_MAX_DIGEST_SIZE;
  337. /* success */
  338. AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
  339. AssertIntEQ(0, XMEMCMP(clientProof, client_proof, sizeof(client_proof)));
  340. AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
  341. AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
  342. AssertIntEQ(0, XMEMCMP(serverProof, server_proof, sizeof(server_proof)));
  343. AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
  344. wc_SrpTerm(&cli);
  345. wc_SrpTerm(&srv);
  346. }
  347. static int sha512_key_gen(Srp* srp, byte* secret, word32 size)
  348. {
  349. Sha512 hash;
  350. int r;
  351. srp->key = (byte*)XMALLOC(SHA512_DIGEST_SIZE, NULL, DYNAMIC_TYPE_SRP);
  352. if (srp->key == NULL)
  353. return MEMORY_E;
  354. srp->keySz = SHA512_DIGEST_SIZE;
  355. r = wc_InitSha512(&hash);
  356. if (!r) r = wc_Sha512Update(&hash, secret, size);
  357. if (!r) r = wc_Sha512Final(&hash, srp->key);
  358. XMEMSET(&hash, 0, sizeof(Sha512));
  359. return r;
  360. }
  361. static void test_SrpKeyGenFunc_cb(void)
  362. {
  363. Srp cli, srv;
  364. byte clientPubKey[1024];
  365. byte serverPubKey[1024];
  366. word32 clientPubKeySz = 1024;
  367. word32 serverPubKeySz = 1024;
  368. byte clientProof[SRP_MAX_DIGEST_SIZE];
  369. byte serverProof[SRP_MAX_DIGEST_SIZE];
  370. word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
  371. word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
  372. byte username_[] = "alice";
  373. word32 usernameSz_ = 5;
  374. byte password_[] = "password123";
  375. word32 passwordSz_ = 11;
  376. byte N_[] = {
  377. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
  378. 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
  379. 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
  380. 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
  381. 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
  382. 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
  383. 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
  384. 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
  385. 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
  386. 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
  387. 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
  388. 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
  389. 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
  390. 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
  391. 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
  392. 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
  393. 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
  394. 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
  395. 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
  396. 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
  397. 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
  398. 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
  399. 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
  400. 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
  401. 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
  402. 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
  403. 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
  404. 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
  405. 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
  406. 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
  407. 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
  408. 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
  409. };
  410. byte g_[] = {
  411. 0x05
  412. };
  413. byte salt_[] = {
  414. 0xBE, 0xB2, 0x53, 0x79, 0xD1, 0xA8, 0x58, 0x1E, 0xB5, 0xA7, 0x27, 0x67,
  415. 0x3A, 0x24, 0x41, 0xEE
  416. };
  417. byte verifier_[] = {
  418. 0x9B, 0x5E, 0x06, 0x17, 0x01, 0xEA, 0x7A, 0xEB, 0x39, 0xCF, 0x6E, 0x35,
  419. 0x19, 0x65, 0x5A, 0x85, 0x3C, 0xF9, 0x4C, 0x75, 0xCA, 0xF2, 0x55, 0x5E,
  420. 0xF1, 0xFA, 0xF7, 0x59, 0xBB, 0x79, 0xCB, 0x47, 0x70, 0x14, 0xE0, 0x4A,
  421. 0x88, 0xD6, 0x8F, 0xFC, 0x05, 0x32, 0x38, 0x91, 0xD4, 0xC2, 0x05, 0xB8,
  422. 0xDE, 0x81, 0xC2, 0xF2, 0x03, 0xD8, 0xFA, 0xD1, 0xB2, 0x4D, 0x2C, 0x10,
  423. 0x97, 0x37, 0xF1, 0xBE, 0xBB, 0xD7, 0x1F, 0x91, 0x24, 0x47, 0xC4, 0xA0,
  424. 0x3C, 0x26, 0xB9, 0xFA, 0xD8, 0xED, 0xB3, 0xE7, 0x80, 0x77, 0x8E, 0x30,
  425. 0x25, 0x29, 0xED, 0x1E, 0xE1, 0x38, 0xCC, 0xFC, 0x36, 0xD4, 0xBA, 0x31,
  426. 0x3C, 0xC4, 0x8B, 0x14, 0xEA, 0x8C, 0x22, 0xA0, 0x18, 0x6B, 0x22, 0x2E,
  427. 0x65, 0x5F, 0x2D, 0xF5, 0x60, 0x3F, 0xD7, 0x5D, 0xF7, 0x6B, 0x3B, 0x08,
  428. 0xFF, 0x89, 0x50, 0x06, 0x9A, 0xDD, 0x03, 0xA7, 0x54, 0xEE, 0x4A, 0xE8,
  429. 0x85, 0x87, 0xCC, 0xE1, 0xBF, 0xDE, 0x36, 0x79, 0x4D, 0xBA, 0xE4, 0x59,
  430. 0x2B, 0x7B, 0x90, 0x4F, 0x44, 0x2B, 0x04, 0x1C, 0xB1, 0x7A, 0xEB, 0xAD,
  431. 0x1E, 0x3A, 0xEB, 0xE3, 0xCB, 0xE9, 0x9D, 0xE6, 0x5F, 0x4B, 0xB1, 0xFA,
  432. 0x00, 0xB0, 0xE7, 0xAF, 0x06, 0x86, 0x3D, 0xB5, 0x3B, 0x02, 0x25, 0x4E,
  433. 0xC6, 0x6E, 0x78, 0x1E, 0x3B, 0x62, 0xA8, 0x21, 0x2C, 0x86, 0xBE, 0xB0,
  434. 0xD5, 0x0B, 0x5B, 0xA6, 0xD0, 0xB4, 0x78, 0xD8, 0xC4, 0xE9, 0xBB, 0xCE,
  435. 0xC2, 0x17, 0x65, 0x32, 0x6F, 0xBD, 0x14, 0x05, 0x8D, 0x2B, 0xBD, 0xE2,
  436. 0xC3, 0x30, 0x45, 0xF0, 0x38, 0x73, 0xE5, 0x39, 0x48, 0xD7, 0x8B, 0x79,
  437. 0x4F, 0x07, 0x90, 0xE4, 0x8C, 0x36, 0xAE, 0xD6, 0xE8, 0x80, 0xF5, 0x57,
  438. 0x42, 0x7B, 0x2F, 0xC0, 0x6D, 0xB5, 0xE1, 0xE2, 0xE1, 0xD7, 0xE6, 0x61,
  439. 0xAC, 0x48, 0x2D, 0x18, 0xE5, 0x28, 0xD7, 0x29, 0x5E, 0xF7, 0x43, 0x72,
  440. 0x95, 0xFF, 0x1A, 0x72, 0xD4, 0x02, 0x77, 0x17, 0x13, 0xF1, 0x68, 0x76,
  441. 0xDD, 0x05, 0x0A, 0xE5, 0xB7, 0xAD, 0x53, 0xCC, 0xB9, 0x08, 0x55, 0xC9,
  442. 0x39, 0x56, 0x64, 0x83, 0x58, 0xAD, 0xFD, 0x96, 0x64, 0x22, 0xF5, 0x24,
  443. 0x98, 0x73, 0x2D, 0x68, 0xD1, 0xD7, 0xFB, 0xEF, 0x10, 0xD7, 0x80, 0x34,
  444. 0xAB, 0x8D, 0xCB, 0x6F, 0x0F, 0xCF, 0x88, 0x5C, 0xC2, 0xB2, 0xEA, 0x2C,
  445. 0x3E, 0x6A, 0xC8, 0x66, 0x09, 0xEA, 0x05, 0x8A, 0x9D, 0xA8, 0xCC, 0x63,
  446. 0x53, 0x1D, 0xC9, 0x15, 0x41, 0x4D, 0xF5, 0x68, 0xB0, 0x94, 0x82, 0xDD,
  447. 0xAC, 0x19, 0x54, 0xDE, 0xC7, 0xEB, 0x71, 0x4F, 0x6F, 0xF7, 0xD4, 0x4C,
  448. 0xD5, 0xB8, 0x6F, 0x6B, 0xD1, 0x15, 0x81, 0x09, 0x30, 0x63, 0x7C, 0x01,
  449. 0xD0, 0xF6, 0x01, 0x3B, 0xC9, 0x74, 0x0F, 0xA2, 0xC6, 0x33, 0xBA, 0x89
  450. };
  451. byte a_[] = {
  452. 0x60, 0x97, 0x55, 0x27, 0x03, 0x5C, 0xF2, 0xAD, 0x19, 0x89, 0x80, 0x6F,
  453. 0x04, 0x07, 0x21, 0x0B, 0xC8, 0x1E, 0xDC, 0x04, 0xE2, 0x76, 0x2A, 0x56,
  454. 0xAF, 0xD5, 0x29, 0xDD, 0xDA, 0x2D, 0x43, 0x93
  455. };
  456. byte A_[] = {
  457. 0xFA, 0xB6, 0xF5, 0xD2, 0x61, 0x5D, 0x1E, 0x32, 0x35, 0x12, 0xE7, 0x99,
  458. 0x1C, 0xC3, 0x74, 0x43, 0xF4, 0x87, 0xDA, 0x60, 0x4C, 0xA8, 0xC9, 0x23,
  459. 0x0F, 0xCB, 0x04, 0xE5, 0x41, 0xDC, 0xE6, 0x28, 0x0B, 0x27, 0xCA, 0x46,
  460. 0x80, 0xB0, 0x37, 0x4F, 0x17, 0x9D, 0xC3, 0xBD, 0xC7, 0x55, 0x3F, 0xE6,
  461. 0x24, 0x59, 0x79, 0x8C, 0x70, 0x1A, 0xD8, 0x64, 0xA9, 0x13, 0x90, 0xA2,
  462. 0x8C, 0x93, 0xB6, 0x44, 0xAD, 0xBF, 0x9C, 0x00, 0x74, 0x5B, 0x94, 0x2B,
  463. 0x79, 0xF9, 0x01, 0x2A, 0x21, 0xB9, 0xB7, 0x87, 0x82, 0x31, 0x9D, 0x83,
  464. 0xA1, 0xF8, 0x36, 0x28, 0x66, 0xFB, 0xD6, 0xF4, 0x6B, 0xFC, 0x0D, 0xDB,
  465. 0x2E, 0x1A, 0xB6, 0xE4, 0xB4, 0x5A, 0x99, 0x06, 0xB8, 0x2E, 0x37, 0xF0,
  466. 0x5D, 0x6F, 0x97, 0xF6, 0xA3, 0xEB, 0x6E, 0x18, 0x20, 0x79, 0x75, 0x9C,
  467. 0x4F, 0x68, 0x47, 0x83, 0x7B, 0x62, 0x32, 0x1A, 0xC1, 0xB4, 0xFA, 0x68,
  468. 0x64, 0x1F, 0xCB, 0x4B, 0xB9, 0x8D, 0xD6, 0x97, 0xA0, 0xC7, 0x36, 0x41,
  469. 0x38, 0x5F, 0x4B, 0xAB, 0x25, 0xB7, 0x93, 0x58, 0x4C, 0xC3, 0x9F, 0xC8,
  470. 0xD4, 0x8D, 0x4B, 0xD8, 0x67, 0xA9, 0xA3, 0xC1, 0x0F, 0x8E, 0xA1, 0x21,
  471. 0x70, 0x26, 0x8E, 0x34, 0xFE, 0x3B, 0xBE, 0x6F, 0xF8, 0x99, 0x98, 0xD6,
  472. 0x0D, 0xA2, 0xF3, 0xE4, 0x28, 0x3C, 0xBE, 0xC1, 0x39, 0x3D, 0x52, 0xAF,
  473. 0x72, 0x4A, 0x57, 0x23, 0x0C, 0x60, 0x4E, 0x9F, 0xBC, 0xE5, 0x83, 0xD7,
  474. 0x61, 0x3E, 0x6B, 0xFF, 0xD6, 0x75, 0x96, 0xAD, 0x12, 0x1A, 0x87, 0x07,
  475. 0xEE, 0xC4, 0x69, 0x44, 0x95, 0x70, 0x33, 0x68, 0x6A, 0x15, 0x5F, 0x64,
  476. 0x4D, 0x5C, 0x58, 0x63, 0xB4, 0x8F, 0x61, 0xBD, 0xBF, 0x19, 0xA5, 0x3E,
  477. 0xAB, 0x6D, 0xAD, 0x0A, 0x18, 0x6B, 0x8C, 0x15, 0x2E, 0x5F, 0x5D, 0x8C,
  478. 0xAD, 0x4B, 0x0E, 0xF8, 0xAA, 0x4E, 0xA5, 0x00, 0x88, 0x34, 0xC3, 0xCD,
  479. 0x34, 0x2E, 0x5E, 0x0F, 0x16, 0x7A, 0xD0, 0x45, 0x92, 0xCD, 0x8B, 0xD2,
  480. 0x79, 0x63, 0x93, 0x98, 0xEF, 0x9E, 0x11, 0x4D, 0xFA, 0xAA, 0xB9, 0x19,
  481. 0xE1, 0x4E, 0x85, 0x09, 0x89, 0x22, 0x4D, 0xDD, 0x98, 0x57, 0x6D, 0x79,
  482. 0x38, 0x5D, 0x22, 0x10, 0x90, 0x2E, 0x9F, 0x9B, 0x1F, 0x2D, 0x86, 0xCF,
  483. 0xA4, 0x7E, 0xE2, 0x44, 0x63, 0x54, 0x65, 0xF7, 0x10, 0x58, 0x42, 0x1A,
  484. 0x01, 0x84, 0xBE, 0x51, 0xDD, 0x10, 0xCC, 0x9D, 0x07, 0x9E, 0x6F, 0x16,
  485. 0x04, 0xE7, 0xAA, 0x9B, 0x7C, 0xF7, 0x88, 0x3C, 0x7D, 0x4C, 0xE1, 0x2B,
  486. 0x06, 0xEB, 0xE1, 0x60, 0x81, 0xE2, 0x3F, 0x27, 0xA2, 0x31, 0xD1, 0x84,
  487. 0x32, 0xD7, 0xD1, 0xBB, 0x55, 0xC2, 0x8A, 0xE2, 0x1F, 0xFC, 0xF0, 0x05,
  488. 0xF5, 0x75, 0x28, 0xD1, 0x5A, 0x88, 0x88, 0x1B, 0xB3, 0xBB, 0xB7, 0xFE
  489. };
  490. byte b_[] = {
  491. 0xE4, 0x87, 0xCB, 0x59, 0xD3, 0x1A, 0xC5, 0x50, 0x47, 0x1E, 0x81, 0xF0,
  492. 0x0F, 0x69, 0x28, 0xE0, 0x1D, 0xDA, 0x08, 0xE9, 0x74, 0xA0, 0x04, 0xF4,
  493. 0x9E, 0x61, 0xF5, 0xD1, 0x05, 0x28, 0x4D, 0x20
  494. };
  495. byte B_[] = {
  496. 0x40, 0xF5, 0x70, 0x88, 0xA4, 0x82, 0xD4, 0xC7, 0x73, 0x33, 0x84, 0xFE,
  497. 0x0D, 0x30, 0x1F, 0xDD, 0xCA, 0x90, 0x80, 0xAD, 0x7D, 0x4F, 0x6F, 0xDF,
  498. 0x09, 0xA0, 0x10, 0x06, 0xC3, 0xCB, 0x6D, 0x56, 0x2E, 0x41, 0x63, 0x9A,
  499. 0xE8, 0xFA, 0x21, 0xDE, 0x3B, 0x5D, 0xBA, 0x75, 0x85, 0xB2, 0x75, 0x58,
  500. 0x9B, 0xDB, 0x27, 0x98, 0x63, 0xC5, 0x62, 0x80, 0x7B, 0x2B, 0x99, 0x08,
  501. 0x3C, 0xD1, 0x42, 0x9C, 0xDB, 0xE8, 0x9E, 0x25, 0xBF, 0xBD, 0x7E, 0x3C,
  502. 0xAD, 0x31, 0x73, 0xB2, 0xE3, 0xC5, 0xA0, 0xB1, 0x74, 0xDA, 0x6D, 0x53,
  503. 0x91, 0xE6, 0xA0, 0x6E, 0x46, 0x5F, 0x03, 0x7A, 0x40, 0x06, 0x25, 0x48,
  504. 0x39, 0xA5, 0x6B, 0xF7, 0x6D, 0xA8, 0x4B, 0x1C, 0x94, 0xE0, 0xAE, 0x20,
  505. 0x85, 0x76, 0x15, 0x6F, 0xE5, 0xC1, 0x40, 0xA4, 0xBA, 0x4F, 0xFC, 0x9E,
  506. 0x38, 0xC3, 0xB0, 0x7B, 0x88, 0x84, 0x5F, 0xC6, 0xF7, 0xDD, 0xDA, 0x93,
  507. 0x38, 0x1F, 0xE0, 0xCA, 0x60, 0x84, 0xC4, 0xCD, 0x2D, 0x33, 0x6E, 0x54,
  508. 0x51, 0xC4, 0x64, 0xCC, 0xB6, 0xEC, 0x65, 0xE7, 0xD1, 0x6E, 0x54, 0x8A,
  509. 0x27, 0x3E, 0x82, 0x62, 0x84, 0xAF, 0x25, 0x59, 0xB6, 0x26, 0x42, 0x74,
  510. 0x21, 0x59, 0x60, 0xFF, 0xF4, 0x7B, 0xDD, 0x63, 0xD3, 0xAF, 0xF0, 0x64,
  511. 0xD6, 0x13, 0x7A, 0xF7, 0x69, 0x66, 0x1C, 0x9D, 0x4F, 0xEE, 0x47, 0x38,
  512. 0x26, 0x03, 0xC8, 0x8E, 0xAA, 0x09, 0x80, 0x58, 0x1D, 0x07, 0x75, 0x84,
  513. 0x61, 0xB7, 0x77, 0xE4, 0x35, 0x6D, 0xDA, 0x58, 0x35, 0x19, 0x8B, 0x51,
  514. 0xFE, 0xEA, 0x30, 0x8D, 0x70, 0xF7, 0x54, 0x50, 0xB7, 0x16, 0x75, 0xC0,
  515. 0x8C, 0x7D, 0x83, 0x02, 0xFD, 0x75, 0x39, 0xDD, 0x1F, 0xF2, 0xA1, 0x1C,
  516. 0xB4, 0x25, 0x8A, 0xA7, 0x0D, 0x23, 0x44, 0x36, 0xAA, 0x42, 0xB6, 0xA0,
  517. 0x61, 0x5F, 0x3F, 0x91, 0x5D, 0x55, 0xCC, 0x3B, 0x96, 0x6B, 0x27, 0x16,
  518. 0xB3, 0x6E, 0x4D, 0x1A, 0x06, 0xCE, 0x5E, 0x5D, 0x2E, 0xA3, 0xBE, 0xE5,
  519. 0xA1, 0x27, 0x0E, 0x87, 0x51, 0xDA, 0x45, 0xB6, 0x0B, 0x99, 0x7B, 0x0F,
  520. 0xFD, 0xB0, 0xF9, 0x96, 0x2F, 0xEE, 0x4F, 0x03, 0xBE, 0xE7, 0x80, 0xBA,
  521. 0x0A, 0x84, 0x5B, 0x1D, 0x92, 0x71, 0x42, 0x17, 0x83, 0xAE, 0x66, 0x01,
  522. 0xA6, 0x1E, 0xA2, 0xE3, 0x42, 0xE4, 0xF2, 0xE8, 0xBC, 0x93, 0x5A, 0x40,
  523. 0x9E, 0xAD, 0x19, 0xF2, 0x21, 0xBD, 0x1B, 0x74, 0xE2, 0x96, 0x4D, 0xD1,
  524. 0x9F, 0xC8, 0x45, 0xF6, 0x0E, 0xFC, 0x09, 0x33, 0x8B, 0x60, 0xB6, 0xB2,
  525. 0x56, 0xD8, 0xCA, 0xC8, 0x89, 0xCC, 0xA3, 0x06, 0xCC, 0x37, 0x0A, 0x0B,
  526. 0x18, 0xC8, 0xB8, 0x86, 0xE9, 0x5D, 0xA0, 0xAF, 0x52, 0x35, 0xFE, 0xF4,
  527. 0x39, 0x30, 0x20, 0xD2, 0xB7, 0xF3, 0x05, 0x69, 0x04, 0x75, 0x90, 0x42
  528. };
  529. byte key_[] = {
  530. 0x5C, 0xBC, 0x21, 0x9D, 0xB0, 0x52, 0x13, 0x8E, 0xE1, 0x14, 0x8C, 0x71,
  531. 0xCD, 0x44, 0x98, 0x96, 0x3D, 0x68, 0x25, 0x49, 0xCE, 0x91, 0xCA, 0x24,
  532. 0xF0, 0x98, 0x46, 0x8F, 0x06, 0x01, 0x5B, 0xEB, 0x6A, 0xF2, 0x45, 0xC2,
  533. 0x09, 0x3F, 0x98, 0xC3, 0x65, 0x1B, 0xCA, 0x83, 0xAB, 0x8C, 0xAB, 0x2B,
  534. 0x58, 0x0B, 0xBF, 0x02, 0x18, 0x4F, 0xEF, 0xDF, 0x26, 0x14, 0x2F, 0x73,
  535. 0xDF, 0x95, 0xAC, 0x50
  536. };
  537. AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA512, SRP_CLIENT_SIDE));
  538. AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA512, SRP_SERVER_SIDE));
  539. AssertIntEQ(0, wc_SrpSetUsername(&cli, username_, usernameSz_));
  540. AssertIntEQ(0, wc_SrpSetUsername(&srv, username_, usernameSz_));
  541. AssertIntEQ(0, wc_SrpSetParams(&cli, N_, sizeof(N_),
  542. g_, sizeof(g_),
  543. salt_, sizeof(salt_)));
  544. AssertIntEQ(0, wc_SrpSetParams(&srv, N_, sizeof(N_),
  545. g_, sizeof(g_),
  546. salt_, sizeof(salt_)));
  547. AssertIntEQ(0, wc_SrpSetPassword(&cli, password_, passwordSz_));
  548. AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier_, sizeof(verifier_)));
  549. AssertIntEQ(0, wc_SrpSetPrivate(&cli, a_, sizeof(a_)));
  550. AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
  551. AssertIntEQ(0, XMEMCMP(clientPubKey, A_, clientPubKeySz));
  552. AssertIntEQ(0, wc_SrpSetPrivate(&srv, b_, sizeof(b_)));
  553. AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
  554. AssertIntEQ(0, XMEMCMP(serverPubKey, B_, serverPubKeySz));
  555. cli.keyGenFunc_cb = sha512_key_gen;
  556. AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
  557. serverPubKey, serverPubKeySz));
  558. AssertIntEQ(0, XMEMCMP(cli.key, key_, sizeof(key_)));
  559. srv.keyGenFunc_cb = sha512_key_gen;
  560. AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
  561. serverPubKey, serverPubKeySz));
  562. AssertIntEQ(0, XMEMCMP(srv.key, key_, sizeof(key_)));
  563. AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
  564. AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
  565. AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
  566. AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
  567. wc_SrpTerm(&cli);
  568. wc_SrpTerm(&srv);
  569. }
  570. #endif
  571. void SrpTest(void)
  572. {
  573. #ifdef WOLFCRYPT_HAVE_SRP
  574. test_SrpInit();
  575. test_SrpSetUsername();
  576. test_SrpSetParams();
  577. test_SrpSetPassword();
  578. test_SrpGetPublic();
  579. test_SrpComputeKey();
  580. test_SrpGetProofAndVerify();
  581. test_SrpKeyGenFunc_cb();
  582. #endif
  583. }