diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/fixtures/failed_js_login.json | 12 | ||||
-rw-r--r-- | test/fixtures/py_srp.json | 11 | ||||
-rw-r--r-- | test/fixtures/zero_padded_salt.json | 10 | ||||
-rw-r--r-- | test/session_test.rb | 97 | ||||
-rw-r--r-- | test/test_helper.rb | 1 |
5 files changed, 97 insertions, 34 deletions
diff --git a/test/fixtures/failed_js_login.json b/test/fixtures/failed_js_login.json new file mode 100644 index 0000000..0de652c --- /dev/null +++ b/test/fixtures/failed_js_login.json @@ -0,0 +1,12 @@ +{ + "username": "blues", + "password": "justtest", + "salt": "6a6ef9ce5cb998eb", + "verifier": "a5da6d376d503e22d93385db0244c382d1413d9f721ad9866dfc5e895cf2a3331514ceec5f48aceab58b260651cc9ee1ba96d906f67a6b4a7414c82d1333607ebe96403ecc86050224dc4c17b1d30efdbb451a68d1b6a25cce10f0e844082329d3cb46e1c3d46298a0de2cd3b8c6acc1a80c206f0f10ec8cd3c050babdf338ba", + "aa": "4decb8543891f5a744b1e9b5bc375a474bfe3c5417e1db176cefcc7ba915338a14f309f8e0a4c7641bc9c9b9bd2e91c4d1beda1772c30d0350c9ba44f7c5911dfe6bb593ac2a2b30f1f6e5ec8a656cb4947c1907cf62f8d7283cbe32eb44b02158b51091ae130afa6063bb28cdea9ae159d4f222571e146f8715bfa31af09868", + "b": "f393e04f8a0463b90227742217d7e1bbba82241a43beb372c4fc90539d24bdaf", + "bb": "dee64fd54daafc18b338c5783ade3ff4275dfee8c97008e2d9fb445880a2e1d452c822a35e8e3f012bc6facaa28022f8de3fb1d632667d635abde0afc0ca4ed06c9197ea88f379042b10bc7b7f816a1ec14fefe6e9adef4ab904315b3a3f36749f3f6d1083b0eb0029173770f8e9342b098298389ba49a88d4ea6b78a7f576a4", + "m": "ccf0c492f715484dc8343e22cd5967c2c5d01de743c5f0a9c5cfd017db1804c", + "s": "50973f6e8134f95bd04f54f522e6e57d957d0640f91f0a989ff775712b81d5856ae3bdd2aa9c5eda8019e9db18065519c99c33a62c7f12f98e7aed60b153feee9ab73ba1272b4d76aa002da8cd47c6da733c88a0e70d4c3d6752fd366d66efe40870d26fd5d1755883b9489721e1881376628bf6ef89902f35e5e7e31227e2f", + "k": "dd93e648abfe2ac6c6d46e062ded60b31ec043e55ceca1946ec29508f4c68461" +} diff --git a/test/fixtures/py_srp.json b/test/fixtures/py_srp.json new file mode 100644 index 0000000..1f1da1e --- /dev/null +++ b/test/fixtures/py_srp.json @@ -0,0 +1,11 @@ +{ + "username": "testuser", + "password": "password", + "salt": "4c78c3f8", + "verifier": "474c26aa42d11f20544a00f7bf9711c4b5cf7aab95ed448df82b95521b96668e7480b16efce81c861870302560ddf6604c67df54f1d04b99d5bb9d0f02c6051ada5dc9d594f0d4314e12f876cfca3dcd99fc9c98c2e6a5e04298b11061fb8549a22cde0564e91514080df79bca1c38c682214d65d590f66b3719f954b078b83c", + "aa": "9ff9d176b37d9100ad4d788b94ef887df6c88786f5fa2419c9a964001e1c1fa5cd22ea39dcf27682dac6cd8861d9de88184653451fd47f5654845ed24e828d531f95c44377c9bc3f5dd83a669716257c7b975a3a032d4d8adb605553cf4d45c483d7aceb7e6a23c5bd4b0aeeb2ef138b7fc75b27d9d706851c3ab9c721710272", + "b": "ce414b3b52d13a1f67416b7e00cdefb07c874291aed395efeab9435ec1ad6ac3", + "bb": "b2e852fe7af02d7931186f4958844b829d2976dd58c7bc7928ba3102ff269a9029c707112ab0b7cafdaf86a760f7b50ddd9c847e0c97f564d53cfd52daf61982f06582d49bbb3ea4ad6be55d513028eaf400a6d5a9d26b47689d3438a552716d65680d1b6ee77df3c9b3b6ba61023985562f2be4a6f1723282a2013160594565", + "m": "a0c066844117ffe7a7999f84356f3a7c8dce38e4e936eca2b6979ab0fce6ff6d", + "m2": "1f4a5ba9c5280b5b752465670f351bb1e61ff9ca06e02ad43c4418affeb3a1ef" +} diff --git a/test/fixtures/zero_padded_salt.json b/test/fixtures/zero_padded_salt.json new file mode 100644 index 0000000..cb83fc3 --- /dev/null +++ b/test/fixtures/zero_padded_salt.json @@ -0,0 +1,10 @@ +{ + "username": "RLNFB7", + "password": "NRH9NRT958BO", + "salt": "0401b02e", + "verifier": "943c7bf983b9afd0e08ba7d9c9da68cbf8bc88f05d564f002bd669130bb66ceb2b5aafa5c4a9cac09f42a17f7079b67a964365022283cc249446a165ca9e02855d188ca193bf0b4703d0d83254623e3e91576ba1f3b353981836226f3e9c36b7592a6a0daa608018273e7d3a3cb8615eee3606af9eec4a83e1947c8717f9415e", + "aa": "ea40a95b4ccf1934767e9098f0f5639f5b83321eb77137f3c7b50bb90323651ebbe14b08956e471d4b96ae12c96814fbc56bfe408afd4cffca17d53dc30653a2e9e0e57f5b97e8736a5a90470708a32f63e6417651303e331d6c3bf3d229379dd746fb9f47220ee52b6da008ce88710de27c058841d56644d58e98e1c8795371", + "b": "78e12fc099be1409e0fce3bf84484d89d58710bcc3d8a0e05227fb291be3fb28", + "bb": "d8d50a862b7e8a897f8b0554c4a474e8aa152bd08f23436773fbb977e81cbf5e8262937ffb7ad6b72e3aa7f72deec947cdb286ab466e490d7c544bf443331ad12657c8f9bb2aabf508b73ea1ed29d03a060f5f2a70baef858bdb79c5c878844c058fe10c2cc746b0fb701e98d8d6405ab7d0b65bb4f87cf8e47b25ae4ee6e53b", + "m": "d5cbec7254ce66f421ceddbfe8a0a8991b5be2aa9c25d868f073f4459dfc358b" +} diff --git a/test/session_test.rb b/test/session_test.rb index df117dc..dc97077 100644 --- a/test/session_test.rb +++ b/test/session_test.rb @@ -3,48 +3,77 @@ require 'json' class SessionTest < Test::Unit::TestCase - attr_accessor :salt, :verifier, :username + Struct.new("Client", :username, :salt, :verifier) - def setup - @username = "testuser" - @password = "password" - @salt = '4c78c3f8'.hex + def test_equivalance_to_py_srp + data = fixture(:py_srp) + client = stub_client(data) + session = init_session(client, data) + + assert_same_values(data, session.internal_state) + assert_equal client, session.authenticate(data[:m].hex) + assert_equal({:M2 => data[:m2]}, session.to_hash) + assert_equal({'M2' => data[:m2]}.to_json, session.to_json) + end + + def test_zero_padded_salt + data = fixture(:zero_padded_salt) + client = stub_client(data) + session = init_session(client, data) + state = session.internal_state + # Zero padding of the salt would cause next assertion to fail. + # But we are only interested in the calculated results anyway. + state.delete(:salt) + + assert_same_values(data, state) + assert_equal client, session.authenticate(data[:m].hex) + end + + def test_failing_js_login + data = fixture(:failed_js_login) + client = stub_client(data) + session = init_session(client, data) + + assert_same_values(data, session.internal_state) + assert_equal client, session.authenticate(data[:m].hex) + end + + def fixture(filename) + path = File.expand_path("../fixtures/#{filename}.json", __FILE__) + HashWithIndifferentAccess[JSON.parse(File.read(path))] + end + + + + def stub_client(data) + @username = data[:username] + @password = data[:password] + @salt = data[:salt].hex @client = SRP::Client.new @username, :password => @password, :salt => @salt @verifier = @client.verifier + Struct::Client.new @username, @salt, @verifier end - def test_equivalance_to_py_srp - aa = '9ff9d176b37d9100ad4d788b94ef887df6c88786f5fa2419c9a964001e1c1fa5cd22ea39dcf27682dac6cd8861d9de88184653451fd47f5654845ed24e828d531f95c44377c9bc3f5dd83a669716257c7b975a3a032d4d8adb605553cf4d45c483d7aceb7e6a23c5bd4b0aeeb2ef138b7fc75b27d9d706851c3ab9c721710272'.hex - b = 'ce414b3b52d13a1f67416b7e00cdefb07c874291aed395efeab9435ec1ad6ac3'.hex - bb = 'b2e852fe7af02d7931186f4958844b829d2976dd58c7bc7928ba3102ff269a9029c707112ab0b7cafdaf86a760f7b50ddd9c847e0c97f564d53cfd52daf61982f06582d49bbb3ea4ad6be55d513028eaf400a6d5a9d26b47689d3438a552716d65680d1b6ee77df3c9b3b6ba61023985562f2be4a6f1723282a2013160594565'.hex - m = 'a0c066844117ffe7a7999f84356f3a7c8dce38e4e936eca2b6979ab0fce6ff6d'.hex - m2 = '1f4a5ba9c5280b5b752465670f351bb1e61ff9ca06e02ad43c4418affeb3a1ef'.hex - session = SRP::Session.new(self, aa) - session.send(:initialize_server, aa, b) # seeding b to compare to py_srp - assert_equal bb.to_s(16), session.bb.to_s(16) - assert_equal self, session.authenticate(m) - assert_equal({'M2' => m2.to_s(16)}.to_json, session.to_json) - assert_equal({:M2 => m2.to_s(16)}, session.to_hash) + def init_session(client, data) + aa = data[:aa].hex + b = data[:b].hex + session = SRP::Session.new(client, aa) + # seed b to compare to py_srp + session.send(:initialize_server, aa, b) + session end - def test_zero_padded_salt - @username = "RLNFB7" - password = "NRH9NRT958BO" - @salt = "0401b02e".hex - @verifier = "943c7bf983b9afd0e08ba7d9c9da68cbf8bc88f05d564f002bd669130bb66ceb2b5aafa5c4a9cac09f42a17f7079b67a964365022283cc249446a165ca9e02855d188ca193bf0b4703d0d83254623e3e91576ba1f3b353981836226f3e9c36b7592a6a0daa608018273e7d3a3cb8615eee3606af9eec4a83e1947c8717f9415e".hex - aa = "ea40a95b4ccf1934767e9098f0f5639f5b83321eb77137f3c7b50bb90323651ebbe14b08956e471d4b96ae12c96814fbc56bfe408afd4cffca17d53dc30653a2e9e0e57f5b97e8736a5a90470708a32f63e6417651303e331d6c3bf3d229379dd746fb9f47220ee52b6da008ce88710de27c058841d56644d58e98e1c8795371".hex - b = "78e12fc099be1409e0fce3bf84484d89d58710bcc3d8a0e05227fb291be3fb28".hex - bb = "d8d50a862b7e8a897f8b0554c4a474e8aa152bd08f23436773fbb977e81cbf5e8262937ffb7ad6b72e3aa7f72deec947cdb286ab466e490d7c544bf443331ad12657c8f9bb2aabf508b73ea1ed29d03a060f5f2a70baef858bdb79c5c878844c058fe10c2cc746b0fb701e98d8d6405ab7d0b65bb4f87cf8e47b25ae4ee6e53b".hex - m = "d5cbec7254ce66f421ceddbfe8a0a8991b5be2aa9c25d868f073f4459dfc358b".hex - client = SRP::Client.new @username, - :password => password, - :salt => @salt - assert_equal @verifier.to_s(16), client.verifier.to_s(16) - session = SRP::Session.new(self, aa) - session.send(:initialize_server, aa, b) # seeding b to compare to py_srp - assert_equal bb.to_s(16), session.bb.to_s(16) - assert session.authenticate(m) + # check all values in a hash against expectations. + # + # Note this will NOT assert all expected keys are set. + # So an empty Hash will always pass. + def assert_same_values(expected, actual) + actual.each_pair do |k,v| + next unless expected[k] + assert_equal expected[k], v, "Values for #{k} are not matching" + end end + end diff --git a/test/test_helper.rb b/test/test_helper.rb index 65be0d5..23ff39a 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -1,3 +1,4 @@ require "rubygems" require 'test/unit' +require 'activesupport' # for HashWithIndifferentAccess require File.expand_path(File.dirname(__FILE__) + '/../lib/ruby-srp.rb') |