public SRP6a(Account account) { this.Account = account; this.IdentitySalt = H.ComputeHash(Encoding.ASCII.GetBytes(this.Account.Email)).ToHexString(); // Identity salt that's hashed using account email. // calculate server's public ephemeral value. this.b = GetRandomBytes(128).ToBigInteger(); // server's secret ephemeral value. var gModb = BigInteger.ModPow(g, b, N); // pow(g, b, N) var k = H.ComputeHash(new byte[0].Concat(N.ToArray()).Concat(g.ToArray()).ToArray()).ToBigInteger(); // Multiplier parameter (k = H(N, g) in SRP-6a this.B = BigInteger.Remainder((this.Account.PasswordVerifier.ToBigInteger() * k) + gModb, N); // B = (k * v + pow(g, b, N)) % N // cook the logon challenge message this.LogonChallenge = new byte[0] .Concat(new byte[] { 0 }) // command = 0 .Concat(this.IdentitySalt.ToByteArray()) // identity-salt - generated by hashing account email. .Concat(this.Account.Salt) // account-salt - generated on account creation. .Concat(B.ToArray()) // server's public ephemeral value (B) .Concat(SecondChallenge.ToArray()) // second challenge .ToArray(); }
public SRP(string account, string password) { m_account = account; // workaround... m_accountSalt = HASH.ComputeHash(Encoding.ASCII.GetBytes(account)).ToHexString(); var sBytes = GetRandomBytes(32); s = sBytes.ToPosBigInteger(); var IBytes = HASH.ComputeHash(Encoding.ASCII.GetBytes(m_accountSalt.ToUpper() + ":" + password.ToUpper())); I = IBytes.ToPosBigInteger(); var xBytes = HASH.ComputeHash(new byte[0] .Concat(sBytes) .Concat(IBytes) .ToArray()); var x = xBytes.ToPosBigInteger(); v = BigInteger.ModPow(g, x, N); b = GetRandomBytes(128).ToPosBigInteger(); var gMod = BigInteger.ModPow(g, b, N); var kBytes = HASH.ComputeHash(new byte[0] .Concat(NBytes) .Concat(gBytes) .ToArray()); var k = kBytes.ToPosBigInteger(); B = BigInteger.Remainder((v * k) + gMod, N); var secondChallengeBytes1 = GetRandomBytes(128); m_secondChallengeServer1 = Extensions.ToPosBigInteger(secondChallengeBytes1); Response1 = new byte[0] .Concat(new byte[] { 0 }) // command == 0 .Concat(m_accountSalt.ToByteArray()) // accountSalt .Concat(sBytes) // passwordSalt .Concat(B.ToArray()) // serverChallenge .Concat(secondChallengeBytes1) // secondaryChallenge .ToArray(); }