Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // SRP-6 sample of client and server
- // refer this lib: https://github.com/secure-remote-password/srp.net
- static string verifier, salt;
- static SrpEphemeral clientEphemeral;
- static SrpEphemeral serverEphemeral;
- static void DoIt(string[] args)
- {
- var user = "vasyan";
- var psw = "123456";
- // register user in a system
- (salt, verifier) = SignUp(user, psw);// (user, salt, verifier) are transferred (open way) to the server and saved in DB
- // log in from client
- clientEphemeral = CLIENT_Login();
- // server receives from user 'user_name' and 'clientEphemeral.Public'
- serverEphemeral = SERVER_AcceptLogin(user, clientEphemeral.Public);
- // client receives from server salt and serverEphemeral.Public
- var clientSession = CLIENT_MakeSession(serverEphemeral.Public);
- // server receives clientSession.Proof and computes session key
- var serverSession = SERVER_AcceptSession(clientSession.Proof);
- if (serverSession == null) return;//! it means client provided wrong user/psw
- // server sends serverSession.Proof to the client to verify, client:
- Log.Warning("CLIENT: verify session...");
- if (CLIENT_VerifySession(clientSession, serverSession.Proof))
- Log.Trace("Session verified!");
- else
- Log.Error("Session FAILED!");
- }
- static (string, string) SignUp(string user, string psw)
- {
- var cliSRP = new SrpClient();
- var salt = cliSRP.GenerateSalt();
- var privateKey = cliSRP.DerivePrivateKey(salt, user, psw);
- var verifier = cliSRP.DeriveVerifier(privateKey);
- return (salt, verifier);
- }
- static SrpEphemeral CLIENT_Login()
- {
- var cliSRP = new SrpClient();
- return cliSRP.GenerateEphemeral();
- }
- static SrpEphemeral SERVER_AcceptLogin(string user, string cliPubKey)
- {
- var srvSRP = new SrpServer();
- return srvSRP.GenerateEphemeral(verifier);// server generates keys using user's verifier, obtained by user_name
- }
- static SrpSession CLIENT_MakeSession(string srvPubKey)
- {
- var cliSRP = new SrpClient();
- var privateKey = cliSRP.DerivePrivateKey(salt, "vasyan", "123456");
- return cliSRP.DeriveSession(clientEphemeral.Secret, srvPubKey, salt, "vasyan", privateKey);
- }
- static SrpSession SERVER_AcceptSession(string clientSessproof)
- {
- var srvSRP = new SrpServer();
- try {
- return srvSRP.DeriveSession(serverEphemeral.Secret, clientEphemeral.Public, salt, "vasyan", verifier, clientSessproof);
- } catch {
- Log.Error("Auth FAILED!");
- return null;
- }
- }
- static bool CLIENT_VerifySession(SrpSession cliSession, string srvSessProof)
- {
- var cliSRP = new SrpClient();
- try {
- cliSRP.VerifySession(clientEphemeral.Public, cliSession, srvSessProof);
- } catch { return false; }
- return true;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement