Ejemplo n.º 1
0
        private void testServerCatchesBadA(BigInteger N, BigInteger g)
        {
            byte[] I = Encoding.UTF8.GetBytes("username");
            byte[] P = Encoding.UTF8.GetBytes("password");
            byte[] s = new byte[16];
            random.NextBytes(s);

            Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
            gen.Init(N, g, new Sha256Digest());
            BigInteger v = gen.GenerateVerifier(s, I, P);

            Srp6Server server = new Srp6Server();
            server.Init(N, g, v, new Sha256Digest(), random);

            server.GenerateServerCredentials();

            try
            {
                server.CalculateSecret(BigInteger.Zero);
                Fail("Client failed to detect invalid value for 'A'");
            }
            catch (CryptoException)
            {
                // Expected
            }

            try
            {
                server.CalculateSecret(N);
                Fail("Client failed to detect invalid value for 'A'");
            }
            catch (CryptoException)
            {
                // Expected
            }
        }
Ejemplo n.º 2
0
        private void testMutualVerification(BigInteger N, BigInteger g)
        {
            byte[] I = Encoding.UTF8.GetBytes("username");
            byte[] P = Encoding.UTF8.GetBytes("password");
            byte[] s = new byte[16];
            random.NextBytes(s);

            Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
            gen.Init(N, g, new Sha256Digest());
            BigInteger v = gen.GenerateVerifier(s, I, P);

            Srp6Client client = new Srp6Client();
            client.Init(N, g, new Sha256Digest(), random);

            Srp6Server server = new Srp6Server();
            server.Init(N, g, v, new Sha256Digest(), random);

            BigInteger A = client.GenerateClientCredentials(s, I, P);
            BigInteger B = server.GenerateServerCredentials();

            BigInteger clientS = client.CalculateSecret(B);
            BigInteger serverS = server.CalculateSecret(A);

            if (!clientS.Equals(serverS))
            {
                Fail("SRP agreement failed - client/server calculated different secrets");
            }
        }