private void testClientCatchesBadB(BigInteger N, BigInteger g)
{
byte[] I = Encoding.UTF8.GetBytes("username");
byte[] P = Encoding.UTF8.GetBytes("password");
byte[] s = new byte[16];
random.NextBytes(s);
Srp6Client client = new Srp6Client();
client.Init(N, g, new Sha256Digest(), random);
client.GenerateClientCredentials(s, I, P);
try
{
client.CalculateSecret(BigInteger.Zero);
Fail("Client failed to detect invalid value for 'B'");
}
catch (CryptoException)
{
// Expected
}
try
{
client.CalculateSecret(N);
Fail("Client failed to detect invalid value for 'B'");
}
catch (CryptoException)
{
// Expected
}
}
private void testMutualVerification(BigInteger N, BigInteger g)
{
byte[] I = Encoding.UTF8.GetBytes("username");
byte[] P = Encoding.UTF8.GetBytes("password");
byte[] s = new byte[16];
random.NextBytes(s);
Srp6VerifierGenerator gen = new Srp6VerifierGenerator();
gen.Init(N, g, new Sha256Digest());
BigInteger v = gen.GenerateVerifier(s, I, P);
Srp6Client client = new Srp6Client();
client.Init(N, g, new Sha256Digest(), random);
Srp6Server server = new Srp6Server();
server.Init(N, g, v, new Sha256Digest(), random);
BigInteger A = client.GenerateClientCredentials(s, I, P);
BigInteger B = server.GenerateServerCredentials();
BigInteger clientS = client.CalculateSecret(B);
BigInteger serverS = server.CalculateSecret(A);
if (!clientS.Equals(serverS))
{
Fail("SRP agreement failed - client/server calculated different secrets");
}
}
private void processSRPKeyExchange(
MemoryStream inStr,
ISigner signer)
{
Stream sigIn = inStr;
if (signer != null)
{
signer.Init(false, this.serverPublicKey);
signer.BlockUpdate(this.clientRandom, 0, this.clientRandom.Length);
signer.BlockUpdate(this.serverRandom, 0, this.serverRandom.Length);
sigIn = new SignerStream(inStr, signer, null);
}
/*
* Parse the Structure
*/
byte[] NByte = TlsUtilities.ReadOpaque16(sigIn);
byte[] gByte = TlsUtilities.ReadOpaque16(sigIn);
byte[] sByte = TlsUtilities.ReadOpaque8(sigIn);
byte[] BByte = TlsUtilities.ReadOpaque16(sigIn);
if (signer != null)
{
byte[] sigByte = TlsUtilities.ReadOpaque16(sigIn);
/*
* Verify the Signature.
*/
if (!signer.VerifySignature(sigByte))
{
this.FailWithError(AL_fatal, AP_bad_certificate);
}
}
this.AssertEmpty(inStr);
BigInteger N = new BigInteger(1, NByte);
BigInteger g = new BigInteger(1, gByte);
byte[] s = sByte;
BigInteger B = new BigInteger(1, BByte);
Srp6Client srpClient = new Srp6Client();
srpClient.Init(N, g, new Sha1Digest(), random);
this.SRP_A = srpClient.GenerateClientCredentials(s, this.SRP_identity,
this.SRP_password);
try
{
BigInteger S = srpClient.CalculateSecret(B);
this.pms = BigIntegers.AsUnsignedByteArray(S);
}
catch (CryptoException)
{
this.FailWithError(AL_fatal, AP_illegal_parameter);
}
}