Construct a one-time password system.
· Write a server code and a client code. The server code takes as input a username and a one-time password from the client and then sends a message back to the client if they are correct.
Specifications
add the function of password-based user authentication to the client/server. The goal of the program is very simple: the server prints out a message only when the user has entered his/her correct username and password.
Your server should construct its password system according to the following requirements.
· Salting. Generate a salt for each password.
· Hashing. The password is hashed along with the corresponding salt.
· Shadowing. You should create two files named passwd and shadow, respectively.
One-time password
You should adopt the following one-time password mechanism:
The client and server share a long term secret (salt) hard-coded in the programs.
After a user enters his username and long-term password, the client code should convert it into one-time password using the formula:
OPWD = Hashn(Hash(Password||salt)||n)
where OPWD denotes one-time password, || denotes a bitwise concatenation, Hashn denotes the number of times for hashing, Password denotes the long-term password and Secret denotes the secret shared between the server and the client.
The client sends OPWD to the server. Upon receiving it, the server retrieves the corresponding long-term password for the user and checks the following equation with equality:
OPWD = Hashn(hashed_password||n).
If the equality holds, then the server sends a message back to the client; otherwise, goes back the initial prompt asking the user to re-enter username and password.
The protocol is summarised as follows:
1. User sends username to the server.
2. Server selects a random number n and sends it back to User.
3. User computes OPWD = Hashn(Hash(Password||salt)||n) and sends it to Server.
4. Server checks OPWD = Hashn(hashed_password||n).
If it holds, prints back a message for acknowledgement; otherwise, goes back to the initial login prompt.
Below is the best that i have done/reference with mod from friends and website, with many errors like syntax errors which i dun understand.
it is the socket.cpp. i dun quite understand the questions too. plz try to enlighten me with watever help u can. Thank You.
#include <iostream>
using namespace std;
class Socket
{
public:
void Socket::SendLine();
std::string Socket::ReceiveLine
}
class SocketClient
{
public:
void SocketClient();
}
int Socket::nofSockets_= 0;
//Send
void Socket::SendLine(std::string s) {
s += '\n';
send(s_,s.c_str(),s.length(),0);
}
//Receive
std::string Socket::ReceiveLine() {
std::string ret;
while (1) {
char r;
switch(recv(s_, &r, 1, 0)) {
case 0: // not connected anymore;
// ... but last line sent
// might not end in \n,
// so return ret anyway.
return ret;
case -1:
return "";
// if (errno == EAGAIN) {
// return ret;
// } else {
// // not connected anymore
// return "";
// }
}
ret += r;
if (r == '\n') return ret;
}
}
// Client Socket
void SocketClient::SocketClient(const std::string& host, int port) : Socket() {
std::string error;
hostent *he;
if ((he = gethostbyname(host.c_str())) == 0) {
error = strerror(errno);
throw error;
}
sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr = *((in_addr *)he->h_addr);
memset(&(addr.sin_zero), 0, 8);
if (::connect(s_, (sockaddr *) &addr, sizeof(sockaddr))) {
error = strerror(WSAGetLastError());
throw error;
}
}
//Server
Socket* SocketServer::Accept() {
SOCKET new_sock = accept(s_, 0, 0);
if (new_sock == INVALID_SOCKET) {
int rc = WSAGetLastError();
if(rc==WSAEWOULDBLOCK) {
return 0; // non-blocking call, no request pending
}
else {
throw "Invalid Socket";
}
}
Socket* r = new Socket(new_sock);
return r;
}
1 2515
Construct a one-time password system.
· Write a server code and a client code. The server code takes as input a username and a one-time password from the client and then sends a message back to the client if they are correct.
Specifications
add the function of password-based user authentication to the client/server. The goal of the program is very simple: the server prints out a message only when the user has entered his/her correct username and password.
Your server should construct its password system according to the following requirements.
· Salting. Generate a salt for each password.
· Hashing. The password is hashed along with the corresponding salt.
· Shadowing. You should create two files named passwd and shadow, respectively.
One-time password
You should adopt the following one-time password mechanism:
The client and server share a long term secret (salt) hard-coded in the programs.
After a user enters his username and long-term password, the client code should convert it into one-time password using the formula:
OPWD = Hashn(Hash(Password||salt)||n)
where OPWD denotes one-time password, || denotes a bitwise concatenation, Hashn denotes the number of times for hashing, Password denotes the long-term password and Secret denotes the secret shared between the server and the client.
The client sends OPWD to the server. Upon receiving it, the server retrieves the corresponding long-term password for the user and checks the following equation with equality:
OPWD = Hashn(hashed_password||n).
If the equality holds, then the server sends a message back to the client; otherwise, goes back the initial prompt asking the user to re-enter username and password.
The protocol is summarised as follows:
1. User sends username to the server.
2. Server selects a random number n and sends it back to User.
3. User computes OPWD = Hashn(Hash(Password||salt)||n) and sends it to Server.
4. Server checks OPWD = Hashn(hashed_password||n).
If it holds, prints back a message for acknowledgement; otherwise, goes back to the initial login prompt.
Below is the best that i have done/reference with mod from friends and website, with many errors like syntax errors which i dun understand.
it is the socket.cpp. i dun quite understand the questions too. plz try to enlighten me with watever help u can. Thank You.
#include <iostream>
using namespace std;
class Socket
{
public:
void Socket::SendLine();
std::string Socket::ReceiveLine
}
class SocketClient
{
public:
void SocketClient();
}
int Socket::nofSockets_= 0;
//Send
void Socket::SendLine(std::string s) {
s += '\n';
send(s_,s.c_str(),s.length(),0);
}
//Receive
std::string Socket::ReceiveLine() {
std::string ret;
while (1) {
char r;
switch(recv(s_, &r, 1, 0)) {
case 0: // not connected anymore;
// ... but last line sent
// might not end in \n,
// so return ret anyway.
return ret;
case -1:
return "";
// if (errno == EAGAIN) {
// return ret;
// } else {
// // not connected anymore
// return "";
// }
}
ret += r;
if (r == '\n') return ret;
}
}
// Client Socket
void SocketClient::SocketClient(const std::string& host, int port) : Socket() {
std::string error;
hostent *he;
if ((he = gethostbyname(host.c_str())) == 0) {
error = strerror(errno);
throw error;
}
sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr = *((in_addr *)he->h_addr);
memset(&(addr.sin_zero), 0, 8);
if (::connect(s_, (sockaddr *) &addr, sizeof(sockaddr))) {
error = strerror(WSAGetLastError());
throw error;
}
}
//Server
Socket* SocketServer::Accept() {
SOCKET new_sock = accept(s_, 0, 0);
if (new_sock == INVALID_SOCKET) {
int rc = WSAGetLastError();
if(rc==WSAEWOULDBLOCK) {
return 0; // non-blocking call, no request pending
}
else {
throw "Invalid Socket";
}
}
Socket* r = new Socket(new_sock);
return r;
}
What is your problem ? Where did you get stuck up ?
Which of the functionality is missed out in the code pasted?
Can you elaborate a little bit ?
Regards,
Girish.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Cndistin |
last post by:
First I am sorry for the title but I an newbie enough to now know how to better
word it.
The problem part of my code is
class Application:
class Moon:
def __init__(self, name):
self.name =...
|
by: groleo |
last post by:
Hi.
I've searched a lot on google, but no one seems to develop
a socket class for c++?
I've found a lot of classes that works only on Windows.
The thing is that I need a BSD socket library.
I...
|
by: HABJAN ®iga |
last post by:
Is there a way to be notifyed (callback, event,...) when the connection of
socket was closed... The WinSock activex in vb6 had event ondisconnect...
I get exception when i try to send some data,...
|
by: notregister |
last post by:
Hi,
how do i use socket class to send data to a device which i have that IP
address and Port number e.g 169.254.192.155 RemotePort: 9100 or any IP
address that i want?
Pls advise Thanks
|
by: brettsbignose |
last post by:
Please inform me if microsoft has a better group to post this genre of
question on, but since I am working in vb.net, this was my best choice.
I am writing a program that can send UDP packets. ...
|
by: Anan18 |
last post by:
Use Integer variables to represent the private data of the class – the
numerator and the denominator. Provide a constructor that enables an
object of this class to be initialized when it is...
|
by: PaperPilot |
last post by:
Hi All:
I need some help with TCP sockets on VxWorks.
Does anybody know of a C++ socket class that works on VxWorks. This would be dead easy with Java, but management over my objections,...
|
by: ssherm01 |
last post by:
I'm using MS VS C++ .NET. I've written a multicast test utility that can
send IGMP packets for a user specified group address. As well, it can
send and receive UDP packets for a specified...
|
by: Piotrekk |
last post by:
Hi
I have a question related to Socket class. What are the advantages /
disadvantages of using Socket class comparing to TcpClient and
HttpWebRequest
Regards
Piotr Ko³odziej
|
by: kodart |
last post by:
Introduction
Performance is the main concern to most server application developers. That’s why many of them anticipate using .NET platform to develop high performance server application regardless...
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
| |