C# (CSharp) SrpParameters.Hash Examples

Programming Language: C# (CSharp)

Class/Type: SrpParameters

Method/Function: Hash

Examples at hotexamples.com: 2

C# (CSharp) SrpParameters.Hash - 2 examples found. These are the top rated real world C# (CSharp) examples of SrpParameters.Hash extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Create(4)

Create3072(3)

Create2048(2)

Hash(2)

Create1024(1)

Create1536(1)

Create4096(1)

Create6144(1)

Create8192(1)

Pad(1)

ToString(1)

Example #1

Show file

File: SrpAuthProvider.cs Project: attackgithub/JsonServices

        private AuthResponse AuthStep1(AuthRequest authRequest)
        {
            // first step never fails: User -> Host: I, A = g^a (identifies self, a = random number)
            var userName = authRequest.GetUserName();
            var clientEphemeralPublic = authRequest.GetClientPublicEphemeral();
            var account = AuthRepository.FindByName(userName);

            if (account != null)
            {
                // save the data for the second authentication step
                var salt            = account.Salt;
                var verifier        = account.Verifier;
                var serverEphemeral = SrpServer.GenerateEphemeral(verifier);
                PendingAuthentications[authRequest.GetLoginSession()] = new Step1Data
                {
                    Account = account,
                    ClientEphemeralPublic = clientEphemeralPublic,
                    ServerEphemeral       = serverEphemeral,
                };

                // Host -> User: s, B = kv + g^b (sends salt, b = random number)
                return(ResponseStep1(salt, serverEphemeral.Public, authRequest.GetLoginSession()));
            }

            var fakeSalt      = SrpParameters.Hash(userName + UnknownUserSalt).ToHex();
            var fakeEphemeral = SrpServer.GenerateEphemeral(fakeSalt);

            return(ResponseStep1(fakeSalt, fakeEphemeral.Public, authRequest.GetLoginSession()));
        }

Example #2

Show file

        private AuthResponseMessage AuthStep1(AuthRequestMessage authRequest)
        {
            // first step never fails: User -> Host: I, A = g^a (identifies self, a = random number)
            var userName = (string)authRequest.Credentials[SrpProtocolConstants.SRP_USERNAME];
            var clientEphemeralPublic = (string)authRequest.Credentials[SrpProtocolConstants.SRP_CLIENT_PUBLIC_EPHEMERAL];
            var account = AuthRepository.FindByName(userName);

            if (account != null)
            {
                // save the data for the second authentication step
                var salt            = account.Salt;
                var verifier        = account.Verifier;
                var serverEphemeral = SrpServer.GenerateEphemeral(verifier);
                PendingAuthentications[authRequest.SessionID] = new Step1Data
                {
                    Account = account,
                    ClientEphemeralPublic = clientEphemeralPublic,
                    ServerEphemeral       = serverEphemeral
                };

                // Host -> User: s, B = kv + g^b (sends salt, b = random number)
                return(ResponseStep1(salt, serverEphemeral.Public));
            }

            // generate fake salt and B values so that attacker cannot tell whether the given user exists or not
            var fakeSalt      = SrpParameters.Hash(userName + UnknownUserSalt).ToHex();
            var fakeEphemeral = SrpServer.GenerateEphemeral(fakeSalt);

            return(ResponseStep1(fakeSalt, fakeEphemeral.Public));
        }