public void Authenticate()
{
var clientFirstMessage = new ClientFirstMessage(_username, _nonce);
Send(clientFirstMessage.Message);
var serverFirstMessage = ServerFirstMessage.ParseResponse(Receive());
var hashedPassword = Hash.ComputeHash(Encoding.UTF8.GetBytes(_password), serverFirstMessage.Salt.Value,
serverFirstMessage.Iterations.Value);
var clientKey = Hash.ComputeHash(Encoding.UTF8.GetBytes("Client Key"), hashedPassword);
var serverKey = Hash.ComputeHash(Encoding.UTF8.GetBytes("Server Key"), hashedPassword);
var storedKey = Hash.ComputeHash(clientKey);
var clientFinalMessage = new ClientFinalMessage(clientFirstMessage, serverFirstMessage);
var authMessage =
$"{clientFirstMessage.BareMessage},{serverFirstMessage},{clientFinalMessage.MessageWithoutProof}";
var clientSignature = Hash.ComputeHash(Encoding.UTF8.GetBytes(authMessage), storedKey);
var serverSignature = Hash.ComputeHash(Encoding.UTF8.GetBytes(authMessage), serverKey);
var clientProof = clientKey.ExclusiveOr(clientSignature);
clientFinalMessage.SetProof(clientProof);
Send(clientFinalMessage.Message);
var serverFinalMessage = ServerFinalMessage.ParseResponse(Receive());
if (!serverFinalMessage.ServerSignature.Equals(serverSignature))
{
throw new InvalidOperationException();
}
}
public void When_MessageDoesNotContainASignature_ParseShouldThrowAnException()
{
Should.Throw <MessageParseException>(() =>
{
var _ = ServerFinalMessage.Parse("r=invalid");
});
}
public void When_MessageAnError_ParseShouldThrowAnException()
{
Should.Throw <MessageParseException>(() =>
{
var _ = ServerFinalMessage.Parse("e=error");
});
}
public void When_ParsingAMessage_PropertiesShouldBeValid()
{
var message = ServerFinalMessage.Parse("v=rmF9pqV8S7suAoZWja4dJRkFsKQ=");
message.ServerSignature?.Value.ShouldBe(HexToByte("ae617da6a57c4bbb2e0286568dae1d251905b0a4"));
}
