public void Authenticate() { var clientFirstMessage = new ClientFirstMessage(_username, _nonce); Send(clientFirstMessage.Message); var serverFirstMessage = ServerFirstMessage.ParseResponse(Receive()); var hashedPassword = Hash.ComputeHash(Encoding.UTF8.GetBytes(_password), serverFirstMessage.Salt.Value, serverFirstMessage.Iterations.Value); var clientKey = Hash.ComputeHash(Encoding.UTF8.GetBytes("Client Key"), hashedPassword); var serverKey = Hash.ComputeHash(Encoding.UTF8.GetBytes("Server Key"), hashedPassword); var storedKey = Hash.ComputeHash(clientKey); var clientFinalMessage = new ClientFinalMessage(clientFirstMessage, serverFirstMessage); var authMessage = $"{clientFirstMessage.BareMessage},{serverFirstMessage},{clientFinalMessage.MessageWithoutProof}"; var clientSignature = Hash.ComputeHash(Encoding.UTF8.GetBytes(authMessage), storedKey); var serverSignature = Hash.ComputeHash(Encoding.UTF8.GetBytes(authMessage), serverKey); var clientProof = clientKey.ExclusiveOr(clientSignature); clientFinalMessage.SetProof(clientProof); Send(clientFinalMessage.Message); var serverFinalMessage = ServerFinalMessage.ParseResponse(Receive()); if (!serverFinalMessage.ServerSignature.Equals(serverSignature)) { throw new InvalidOperationException(); } }
public void When_Created_PropertiesShouldBeValid() { var clientFirst = new ClientFirstMessage("user", "nonce"); var serverFirst = new ServerFirstMessage(4096, "nonce", "salt"); var message = new ClientFinalMessage(clientFirst, serverFirst); message.Channel.Value.ShouldBe("biws"); message.Nonce.Value.ShouldBe("nonce"); message.Proof.ShouldBeNull(); message.Message.ShouldBe("c=biws,r=nonce,"); message.MessageWithoutProof.ShouldBe("c=biws,r=nonce"); }
public void When_ProofIsSetAsString_PropertiesShouldBeValid() { var clientFirst = new ClientFirstMessage("user", "nonce"); var serverFirst = new ServerFirstMessage(4096, "nonce", "salt"); var message = new ClientFinalMessage(clientFirst, serverFirst); message.SetProof("bf45fcbf7073d93d022466c94321745fe1c8e13b"); message.Channel.Value.ShouldBe("biws"); message.Nonce.Value.ShouldBe("nonce"); message.Proof?.ToString().ShouldBe("p=bf45fcbf7073d93d022466c94321745fe1c8e13b"); message.Message.ShouldBe("c=biws,r=nonce,p=bf45fcbf7073d93d022466c94321745fe1c8e13b"); message.MessageWithoutProof.ShouldBe("c=biws,r=nonce"); }
private Response ProcessChallenge(Challenge tag) { _serverResponse = _encoding.GetString(tag.Bytes); _serverFirstMessage = ServerFirstMessage.ParseResponse(_serverResponse); _clientFinalMessage = new ClientFinalMessage(_clientFirstMessage, _serverFirstMessage); CalculateProofs(); var message = Client.Registry.GetTag <Response>(Response.XmlName); message.Bytes = _encoding.GetBytes(_clientFinalMessage.Message); return(message); }
private Tag ProcessChallenge(Tag tag) { _serverResponse = _encoding.GetString(tag.Bytes); _serverFirstMessage = ServerFirstMessage.ParseResponse(_serverResponse); Logger.Log(LogLevel.Debug, $"Server NONCE: {_serverFirstMessage.Nonce}"); _clientFinalMessage = new ClientFinalMessage(_clientFirstMessage, _serverFirstMessage); CalculateProofs(); Logger.Log(LogLevel.Debug, $"Client final after proof: {_clientFinalMessage.Message}"); var message = Client.Registry.GetTag <Response>(Response.XmlName); message.Bytes = _encoding.GetBytes(_clientFinalMessage.Message); return(message); }