From: Miguel A. B. L. <ari...@us...> - 2007-03-06 22:42:31
|
Update of /cvsroot/arianne/marauroa/src/marauroa/server/game/container/test In directory sc8-pr-cvs11.sourceforge.net:/tmp/cvs-serv32731/src/marauroa/server/game/container/test Modified Files: TestSecureLogin.java Log Message: fixed the secure login process... no idea how it got broken. /me is investigating it. Index: TestSecureLogin.java =================================================================== RCS file: /cvsroot/arianne/marauroa/src/marauroa/server/game/container/test/TestSecureLogin.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TestSecureLogin.java 6 Mar 2007 20:41:49 -0000 1.1 --- TestSecureLogin.java 6 Mar 2007 22:42:25 -0000 1.2 *************** *** 2,5 **** --- 2,6 ---- import static org.junit.Assert.*; + import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; *************** *** 17,22 **** import org.junit.Test; public class TestSecureLogin { - private static PlayerEntryContainer cont; private static RSAKey key; --- 18,28 ---- import org.junit.Test; + /** + * Test the secure login procedure in the same way. + * + * @author miguel + * + */ public class TestSecureLogin { private static RSAKey key; *************** *** 28,32 **** @BeforeClass public static void setUp() throws IOException { ! cont=PlayerEntryContainer.getContainer(); key = new RSAKey( --- 34,41 ---- @BeforeClass public static void setUp() throws IOException { ! /* ! * Make sure database is initialized- ! */ ! PlayerEntryContainer.getContainer(); key = new RSAKey( *************** *** 40,51 **** try { String password="password"; byte[] serverNonce=Hash.random(Hash.hashLength()); byte[] clientNonce=Hash.random(Hash.hashLength()); byte[] clientNonceHash=Hash.hash(clientNonce); PlayerEntry.SecuredLoginInfo login=new PlayerEntry.SecuredLoginInfo(key, clientNonceHash, serverNonce); ! byte[] b1 = Hash.xor(clientNonce, Hash.hash(serverNonce)); if (b1 == null) { fail("B1 is null"); --- 49,62 ---- try { String password="password"; + byte[] serverNonce=Hash.random(Hash.hashLength()); byte[] clientNonce=Hash.random(Hash.hashLength()); byte[] clientNonceHash=Hash.hash(clientNonce); + byte[] serverNonceHash=Hash.hash(serverNonce); PlayerEntry.SecuredLoginInfo login=new PlayerEntry.SecuredLoginInfo(key, clientNonceHash, serverNonce); ! byte[] b1 = Hash.xor(clientNonceHash, serverNonce); if (b1 == null) { fail("B1 is null"); *************** *** 65,71 **** --- 76,125 ---- boolean result=login.verify(); + System.out.println(Hash.toHexString(Hash.hash("password"))); + assertTrue(result); } catch (Exception e) { e.printStackTrace(); + fail(); + } + } + + @Test + public void testLoginFailure() throws SQLException { + try { + String password="badpassword"; + + byte[] serverNonce=Hash.random(Hash.hashLength()); + byte[] clientNonce=Hash.random(Hash.hashLength()); + + byte[] clientNonceHash=Hash.hash(clientNonce); + byte[] serverNonceHash=Hash.hash(serverNonce); + + PlayerEntry.SecuredLoginInfo login=new PlayerEntry.SecuredLoginInfo(key, clientNonceHash, serverNonce); + + byte[] b1 = Hash.xor(clientNonceHash, serverNonce); + if (b1 == null) { + fail("B1 is null"); + } + + byte[] b2 = Hash.xor(b1, Hash.hash(password)); + if (b2 == null) { + fail("B2 is null"); + } + + byte[] cryptedPassword = key.encodeByteArray(b2); + + login.username="testUsername"; + login.clientNonce=clientNonce; + login.password=cryptedPassword; + + boolean result=login.verify(); + + System.out.println(Hash.toHexString(Hash.hash("password"))); + + assertFalse(result); + } catch (Exception e) { + e.printStackTrace(); + fail(); } } |