private void testServerCatchesBadA(BigInteger N, BigInteger g) { byte[] I = Encoding.UTF8.GetBytes("username"); byte[] P = Encoding.UTF8.GetBytes("password"); byte[] s = new byte[16]; random.NextBytes(s); Srp6VerifierGenerator gen = new Srp6VerifierGenerator(); gen.Init(N, g, new Sha256Digest()); BigInteger v = gen.GenerateVerifier(s, I, P); Srp6Server server = new Srp6Server(); server.Init(N, g, v, new Sha256Digest(), random); server.GenerateServerCredentials(); try { server.CalculateSecret(BigInteger.Zero); Fail("Client failed to detect invalid value for 'A'"); } catch (CryptoException) { // Expected } try { server.CalculateSecret(N); Fail("Client failed to detect invalid value for 'A'"); } catch (CryptoException) { // Expected } }
private void testMutualVerification(BigInteger N, BigInteger g) { byte[] I = Encoding.UTF8.GetBytes("username"); byte[] P = Encoding.UTF8.GetBytes("password"); byte[] s = new byte[16]; random.NextBytes(s); Srp6VerifierGenerator gen = new Srp6VerifierGenerator(); gen.Init(N, g, new Sha256Digest()); BigInteger v = gen.GenerateVerifier(s, I, P); Srp6Client client = new Srp6Client(); client.Init(N, g, new Sha256Digest(), random); Srp6Server server = new Srp6Server(); server.Init(N, g, v, new Sha256Digest(), random); BigInteger A = client.GenerateClientCredentials(s, I, P); BigInteger B = server.GenerateServerCredentials(); BigInteger clientS = client.CalculateSecret(B); BigInteger serverS = server.CalculateSecret(A); if (!clientS.Equals(serverS)) { Fail("SRP agreement failed - client/server calculated different secrets"); } }