-
Notifications
You must be signed in to change notification settings - Fork 0
/
scenario.spec.ts
122 lines (118 loc) · 4.08 KB
/
scenario.spec.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
import { expect, test } from "vitest";
import {
ClientSession,
ServerSession,
SRP_PARAMETERS_RFC5054_3072,
} from "../src";
test("it should perform client-server handshake properly", async () => {
const username = "hello";
const password = "world";
const clientSession = new ClientSession();
const serverSession = new ServerSession();
// 1. Calculate verifier, submit it along with salt to the server
const { salt, verifier } = await ClientSession.deriveVerifier({
username,
password,
});
// 2. Initialize client session
const { clientPublicEphemeral } = clientSession.initializeHandshake();
// 3. Retrieve verifier for the user, initialize server session
const { serverPublicEphemeral } = await serverSession.prepareHandshake({
username,
salt,
verifier,
});
// 4. Finalize client handshake with server's value
const { clientProof } = await clientSession.finalizeHandshake({
username,
password,
salt,
serverPublicEphemeral,
});
// 5. Server finalizes handshake, verifies this user
const { serverProof, clientVerified } = await serverSession.finalizeHandshake(
{ clientPublicEphemeral, clientProof }
);
expect(clientVerified).toBe(true);
// (Optional) 6. Client can verify server's proof
if (!serverProof) {
throw Error("serverProof is null, expected a non-null value");
}
const { serverVerified } = await clientSession.verifyServerProof(serverProof);
expect(serverVerified).toBe(true);
});
test("it should reject handshake with the incorrect password", async () => {
const username = "hello";
const clientSession = new ClientSession();
const serverSession = new ServerSession();
// 1. Calculate verifier, submit it along with salt to the server
const { salt, verifier } = await ClientSession.deriveVerifier({
username,
password: "world",
});
// 2. Initialize client session
const { clientPublicEphemeral } = clientSession.initializeHandshake();
// 3. Retrieve verifier for the user, initialize server session
const { serverPublicEphemeral } = await serverSession.prepareHandshake({
username,
salt,
verifier,
});
// 4. Finalize client handshake with server's value
const { clientProof } = await clientSession.finalizeHandshake({
username,
password: "invalid-password",
salt,
serverPublicEphemeral,
});
// 5. Server finalizes handshake, verifies this user
const { serverProof, clientVerified } = await serverSession.finalizeHandshake(
{ clientPublicEphemeral, clientProof }
);
expect(clientVerified).toBe(false);
expect(serverProof).toBe(null);
});
test("it should perform client-server handshake with RFC5054 3072 bit parameters properly", async () => {
const username = "hello";
const password = "world";
const clientSession = new ClientSession({
parameters: SRP_PARAMETERS_RFC5054_3072,
});
const serverSession = new ServerSession({
parameters: SRP_PARAMETERS_RFC5054_3072,
});
// 1. Calculate verifier, submit it along with salt to the server
const { salt, verifier } = await ClientSession.deriveVerifier(
{
username,
password,
},
{ parameters: SRP_PARAMETERS_RFC5054_3072 }
);
// 2. Initialize client session
const { clientPublicEphemeral } = clientSession.initializeHandshake();
// 3. Retrieve verifier for the user, initialize server session
const { serverPublicEphemeral } = await serverSession.prepareHandshake({
username,
salt,
verifier,
});
// 4. Finalize client handshake with server's value
const { clientProof } = await clientSession.finalizeHandshake({
username,
password,
salt,
serverPublicEphemeral,
});
// 5. Server finalizes handshake, verifies this user
const { serverProof, clientVerified } = await serverSession.finalizeHandshake(
{ clientPublicEphemeral, clientProof }
);
expect(clientVerified).toBe(true);
// (Optional) 6. Client verifies server's proof
if (!serverProof) {
throw Error("serverProof is null, expected a non-null value");
}
const { serverVerified } = await clientSession.verifyServerProof(serverProof);
expect(serverVerified).toBe(true);
});