/// <summary> /// Validates the server's key by asking it to authenticate to the client. /// </summary> private async Task VerifyServer() { var token = GpgAuthToken.NewToken(); var encryptedToken = await _pgp.EncryptStringAsync(token.Token, _serverKey); var auth = new Dictionary <string, dynamic> { { "gpg_auth", new Dictionary <string, dynamic> { { "keyid", _clientKey.Fingerprint }, { "server_verify_token", encryptedToken } } } }; var result = await _session.Post(URL_LOGIN, auth).SendAsync(); result.ThrowIfFailed(); GpgAuthHeaders.Validate(result.Response.Headers, GpgAuthState.VerifyServer); var verifyToken = new GpgAuthToken(result.Response.Headers.GetValue("X-GPGAuth-Verify-Response")); if (verifyToken.Token != token.Token) { throw new Exception("The server failed to prove it can use the advertised OpenPGP key."); } }