Ejemplo n.º 1
0
        private void testMutualVerification(Srp6GroupParameters group)
        {
            byte[] I = Encoding.UTF8.GetBytes("username");
            byte[] P = Encoding.UTF8.GetBytes("password");
            byte[] s = new byte[16];
            random.NextBytes(s);

            Srp6VerifierGenerator gen = new Srp6VerifierGenerator();

            gen.Init(group, new Sha256Digest());
            BigInteger v = gen.GenerateVerifier(s, I, P);

            Srp6Client client = new Srp6Client();

            client.Init(group, new Sha256Digest(), random);

            Srp6Server server = new Srp6Server();

            server.Init(group, v, new Sha256Digest(), random);

            BigInteger A = client.GenerateClientCredentials(s, I, P);
            BigInteger B = server.GenerateServerCredentials();

            BigInteger clientS = client.CalculateSecret(B);
            BigInteger serverS = server.CalculateSecret(A);

            if (!clientS.Equals(serverS))
            {
                Fail("SRP agreement failed - client/server calculated different secrets");
            }
        }
Ejemplo n.º 2
0
        private void testClientCatchesBadB(Srp6GroupParameters group)
        {
            byte[] I = Encoding.UTF8.GetBytes("username");
            byte[] P = Encoding.UTF8.GetBytes("password");
            byte[] s = new byte[16];
            random.NextBytes(s);

            Srp6Client client = new Srp6Client();

            client.Init(group, new Sha256Digest(), random);

            client.GenerateClientCredentials(s, I, P);

            try
            {
                client.CalculateSecret(BigInteger.Zero);
                Fail("Client failed to detect invalid value for 'B'");
            }
            catch (CryptoException)
            {
                // Expected
            }

            try
            {
                client.CalculateSecret(group.N);
                Fail("Client failed to detect invalid value for 'B'");
            }
            catch (CryptoException)
            {
                // Expected
            }
        }
Ejemplo n.º 3
0
        public static BigInteger Srp6Response(string username, byte[] password, byte[] salt, BigInteger B, out BigInteger token)
        {
            var random = new SecureRandom(new CryptoApiRandomGenerator());

            var I = Encoding.UTF8.GetBytes(username);
            var p = FromInput(password, salt);

            var client = new Srp6Client();

            client.Init(GroupParameters, new Sha256Digest(), random);
            token = client.GenerateClientCredentials(salt, I, p);
            client.CalculateSecret(B);
            return(client.CalculateClientEvidenceMessage());
        }
Ejemplo n.º 4
0
        public override void ProcessServerKeyExchange(Stream input)
        {
            SecurityParameters securityParameters = mContext.SecurityParameters;
            SignerInputBuffer  signerInputBuffer  = null;
            Stream             input2             = input;

            if (mTlsSigner != null)
            {
                signerInputBuffer = new SignerInputBuffer();
                input2            = (Stream)(object)new TeeInputStream(input, (Stream)(object)signerInputBuffer);
            }
            ServerSrpParams serverSrpParams = ServerSrpParams.Parse(input2);

            if (signerInputBuffer != null)
            {
                DigitallySigned digitallySigned = ParseSignature(input);
                ISigner         signer          = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);
                signerInputBuffer.UpdateSigner(signer);
                if (!signer.VerifySignature(digitallySigned.Signature))
                {
                    throw new TlsFatalAlert(51);
                }
            }
            mSrpGroup = new Srp6GroupParameters(serverSrpParams.N, serverSrpParams.G);
            if (!mGroupVerifier.Accept(mSrpGroup))
            {
                throw new TlsFatalAlert(71);
            }
            mSrpSalt = serverSrpParams.S;
            try
            {
                mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, serverSrpParams.B);
            }
            catch (CryptoException alertCause)
            {
                throw new TlsFatalAlert(47, alertCause);
            }
            mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(2), mContext.SecureRandom);
        }