/// <summary> /// Requests that the provided stream be authenticated /// </summary> /// <param name="stream"></param> /// <param name="additionalChallenge">Additional data to include in the challenge. If using SSL certificates, /// adding the thumbprint to the challenge will allow detecting man in the middle attacks.</param> /// <returns></returns> public SrpServerSession AuthenticateAsServer(Stream stream, byte[] additionalChallenge = null) { if (additionalChallenge is null) { additionalChallenge = new byte[] { } } ; // Header // C => S // int16 usernameLength (max 1024 characters) // byte[] usernameBytes int len = stream.ReadInt16(); if (len < 0 || len > 1024) { return(null); } byte[] usernameBytes = stream.ReadBytes(len); string username = UTF8.GetString(usernameBytes); SrpUserCredential user = Users.Lookup(username); SrpServerSession session = new SrpServerSession(user); if (session.TryAuthenticate(stream, additionalChallenge)) { return(session); } return(null); } }
/// <summary> /// Requests that the provided stream be authenticated /// </summary> /// <param name="stream"></param> /// <param name="additionalChallenge">Additional data to include in the challenge. If using SSL certificates, /// adding the thumbprint to the challenge will allow detecting man in the middle attacks.</param> /// <returns></returns> public SrpServerSession AuthenticateAsServer(Stream stream, byte[] additionalChallenge = null) { if (additionalChallenge == null) additionalChallenge = new byte[] { }; // Header // C => S // int16 usernameLength (max 1024 characters) // byte[] usernameBytes int len = stream.ReadInt16(); if (len < 0 || len > 1024) return null; var usernameBytes = stream.ReadBytes(len); var username = UTF8.GetString(usernameBytes); var user = Users.Lookup(username); var session = new SrpServerSession(user); if (session.TryAuthenticate(stream, additionalChallenge)) { return session; } return null; }