Example #1
0
        public SRP6a(Account account)
        {
            this.Account = account;
            this.IdentitySalt = H.ComputeHash(Encoding.ASCII.GetBytes(this.Account.Email)).ToHexString(); // Identity salt that's hashed using account email.

            // calculate server's public ephemeral value.
            this.b = GetRandomBytes(128).ToBigInteger(); // server's secret ephemeral value.
            var gModb = BigInteger.ModPow(g, b, N); // pow(g, b, N)
            var k = H.ComputeHash(new byte[0].Concat(N.ToArray()).Concat(g.ToArray()).ToArray()).ToBigInteger(); // Multiplier parameter (k = H(N, g) in SRP-6a
            this.B = BigInteger.Remainder((this.Account.PasswordVerifier.ToBigInteger() * k) + gModb, N); // B = (k * v + pow(g, b, N)) % N

            // cook the logon challenge message
            this.LogonChallenge = new byte[0]
                .Concat(new byte[] { 0 }) // command = 0
                .Concat(this.IdentitySalt.ToByteArray()) // identity-salt - generated by hashing account email.
                .Concat(this.Account.Salt) // account-salt - generated on account creation.
                .Concat(B.ToArray()) // server's public ephemeral value (B)
                .Concat(SecondChallenge.ToArray()) // second challenge
                .ToArray();
        }
Example #2
0
        public SRP(string account, string password)
        {
            m_account = account;

            // workaround...
            m_accountSalt = HASH.ComputeHash(Encoding.ASCII.GetBytes(account)).ToHexString();

            var sBytes = GetRandomBytes(32);
            s = sBytes.ToPosBigInteger();

            var IBytes = HASH.ComputeHash(Encoding.ASCII.GetBytes(m_accountSalt.ToUpper() + ":" + password.ToUpper()));
            I = IBytes.ToPosBigInteger();

            var xBytes = HASH.ComputeHash(new byte[0]
                .Concat(sBytes)
                .Concat(IBytes)
                .ToArray());

            var x = xBytes.ToPosBigInteger();

            v = BigInteger.ModPow(g, x, N);

            b = GetRandomBytes(128).ToPosBigInteger();

            var gMod = BigInteger.ModPow(g, b, N);

            var kBytes = HASH.ComputeHash(new byte[0]
                .Concat(NBytes)
                .Concat(gBytes)
                .ToArray());

            var k = kBytes.ToPosBigInteger();

            B = BigInteger.Remainder((v * k) + gMod, N);

            var secondChallengeBytes1 = GetRandomBytes(128);
            m_secondChallengeServer1 = Extensions.ToPosBigInteger(secondChallengeBytes1);

            Response1 = new byte[0]
                .Concat(new byte[] { 0 }) // command == 0
                .Concat(m_accountSalt.ToByteArray()) // accountSalt
                .Concat(sBytes) // passwordSalt
                .Concat(B.ToArray()) // serverChallenge
                .Concat(secondChallengeBytes1) // secondaryChallenge
                .ToArray();
        }