summaryrefslogtreecommitdiff
path: root/test/session_test.rb
blob: dc97077ab3edeca2aa59af4bc1606dd5ca2c067b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

require File.expand_path(File.dirname(__FILE__) + '/test_helper')
require 'json'

class SessionTest < Test::Unit::TestCase

  Struct.new("Client", :username, :salt, :verifier)

  def test_equivalance_to_py_srp
    data = fixture(:py_srp)
    client = stub_client(data)
    session = init_session(client, data)

    assert_same_values(data, session.internal_state)
    assert_equal client, session.authenticate(data[:m].hex)
    assert_equal({:M2 => data[:m2]}, session.to_hash)
    assert_equal({'M2' => data[:m2]}.to_json, session.to_json)
  end

  def test_zero_padded_salt
    data = fixture(:zero_padded_salt)
    client = stub_client(data)
    session = init_session(client, data)
    state = session.internal_state
    # Zero padding of the salt would cause next assertion to fail.
    # But we are only interested in the calculated results anyway.
    state.delete(:salt)

    assert_same_values(data, state)
    assert_equal client, session.authenticate(data[:m].hex)
  end

  def test_failing_js_login
    data = fixture(:failed_js_login)
    client = stub_client(data)
    session = init_session(client, data)

    assert_same_values(data, session.internal_state)
    assert_equal client, session.authenticate(data[:m].hex)
  end

  def fixture(filename)
    path = File.expand_path("../fixtures/#{filename}.json", __FILE__)
    HashWithIndifferentAccess[JSON.parse(File.read(path))]
  end



  def stub_client(data)
    @username = data[:username]
    @password = data[:password]
    @salt = data[:salt].hex
    @client = SRP::Client.new @username,
      :password => @password,
      :salt => @salt
    @verifier = @client.verifier
    Struct::Client.new @username, @salt, @verifier
  end

  def init_session(client, data)
    aa = data[:aa].hex
    b  = data[:b].hex
    session = SRP::Session.new(client, aa)
    # seed b to compare to py_srp
    session.send(:initialize_server, aa, b)
    session
  end

  # check all values in a hash against expectations.
  #
  # Note this will NOT assert all expected keys are set.
  # So an empty Hash will always pass.
  def assert_same_values(expected, actual)
    actual.each_pair do |k,v|
      next unless expected[k]
      assert_equal expected[k], v, "Values for #{k} are not matching"
    end
  end

end
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 11:06:11 +0000