Beispiel #1
0
        string SRPIdentifyToServer(KPRPCMessage srpem)
        {
            SRPParams    srp = srpem.srp;
            Error        error;
            KPRPCMessage data2client = new KPRPCMessage();

            data2client.protocol  = "setup";
            data2client.srp       = new SRPParams();
            data2client.srp.stage = "identifyToClient";
            data2client.version   = ProtocolVersion;

            // Generate a new random password
            // SRP isn't very susceptible to brute force attacks but we get 32 bits worth of randomness just in case
            byte[] password          = Utils.GetRandomBytes(4);
            string plainTextPassword = Utils.GetTypeablePassword(password);

            // caclulate the hash of our randomly generated password
            _srp.CalculatePasswordHash(plainTextPassword);


            if (string.IsNullOrEmpty(srp.I))
            {
                data2client.error = new Error(ErrorCode.AUTH_MISSING_PARAM, new string[] { "I" });
            }
            else if (string.IsNullOrEmpty(srp.A))
            {
                data2client.error = new Error(ErrorCode.AUTH_MISSING_PARAM, new string[] { "A" });
            }
            else
            {
                // Init relevant SRP protocol variables
                _srp.Setup();

                // Begin the SRP handshake
                error = _srp.Handshake(srp.I, srp.A);

                if (error.code > 0)
                {
                    data2client.error = error;
                }
                else
                {
                    // store the username and client name for future reference
                    userName   = _srp.I;
                    clientName = srpem.clientDisplayName;

                    data2client.srp.s = _srp.s;
                    data2client.srp.B = _srp.Bstr;

                    data2client.srp.securityLevel = securityLevel;

                    //pass the params through to the main kprpcext thread via begininvoke - that function will then create and show the form as a modal dialog
                    string secLevel = "low";
                    if (srp.securityLevel == 2)
                    {
                        secLevel = "medium";
                    }
                    else if (srp.securityLevel == 3)
                    {
                        secLevel = "high";
                    }
                    KPRPC.InvokeMainThread(new ShowAuthDialogDelegate(ShowAuthDialog), secLevel, srpem.clientDisplayName, srpem.clientDisplayDescription, plainTextPassword);
                }
            }

            return(Jayrock.Json.Conversion.JsonConvert.ExportToString(data2client));
        }