-
★ Elder ★
Is this your full srp6 class? What does your BigIntegerExtensions class do? Any samples about your results?
-
Member
My SRP class changed a bit => SRP6
Here is the BigIntegerExtensions class, this is BigInteger Extensions Methods to perform some operations as ModPow, Multiply.... => BigIntegerExtensions
Some results :
N : 894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7
g : 7
s : 7C7204B6166AB55E8F273E6FFEF75D0141EECF1B3B5F68B70E2ED538B9E532A2
v : 15AB8A30B27F221645BB5E55DED1F9926A1DF84A3E5FA44F84EA3C8260397FF0
b : 12FBF3A724428D21BB9DF245E079B7F3
B : BD6176EDA7FE5CF1A1E13317A09A03AE89EF78FA27D511B29EA2F966C9EBC0FD
k : 3
This result failed after ServerLogonChallenge be sent to client...
Sucessful try :
N : 894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7
g : 7
s : 7C7204B6166AB55E8F273E6FFEF75D0141EECF1B3B5F68B70E2ED538B9E532A2
v : 15AB8A30B27F221645BB5E55DED1F9926A1DF84A3E5FA44F84EA3C8260397FF0
b : 3955043DDB869018C82938703C69B7E3
B : 6B21489E6EE8C7BC68328BDCF738BD1881AD165620A7C8196A1E8CF7BD500B1E
k : 3
u : 10789433402BC2A5C041B4788DFB87CAC9CE4178
K : 40129C9BDC07B135CF32AFDA50BA821524F8FEEB
M : 9F93CA126B5B036396915CF940E017535A23961E
M1 : C67C4E33F9F47F8D75F7E4A573D6D5429021B472
M2 : AD86FCDB37FCD6D3E15272C5AEA26834CE5D8F27
M and M1 are not equal.... password is correct though
Any idea ?
Thanks !
Last edited by julienguillot; 07-29-2017 at 05:59 AM.
-
★ Elder ★
I wonder.... why do you use additonal big methods to create bigintegers^^?
You can just new BigInteger(array.Concat(new byte[1])); if you want to create a new one from a byte array / random byte array^^.
Also the multiply, etc. extensions are not needed.
-
Member
Because i can reduce code with this Extension Methods ^^
But i will try to do without it and see if it's OK but i'm not sure....
-
★ Elder ★
Originally Posted by
julienguillot
Because i can reduce code with this Extension Methods ^^
But i will try to do without it and see if it's OK but i'm not sure....
oh right now it's more code with all these extensions :P
-
Member
To be honest, i took theses Extensions from other projects ^^... Seems we don't need it ^^
What do you use to generate random values ? Like b
-
★ Elder ★
In my old class I used this: Arctium/SRP6.cs at 8199c3f0d8f9974e0b0ebf1215953e8b39a7e7cf * mansemino/Arctium * GitHub
The MakeBigInteger method just does 'new BigInteger(array.Concat(new byte[1]));'
-
Member
Ok i modified my code.
But... salt is genereted as negative value....
s = new byte[32];
var random = RNGCryptoServiceProvider.Create();
random.GetBytes(s);
Salt = new BigInteger(s);
-
-
Post Thanks / Like - 1 Thanks
julienguillot (1 members gave Thanks to doityourself for this useful post)
-
Member
Here is my new class SRP6, thanks to you and your methods like MakeBigInteger, my first problem disappears !
I could create 10 accounts without error and they pass the ServerAuthChallenge many times !
Next step : make M = M1 !
I will stay in touch ^^
Thank you, i learned today much what i learn in one week ^^
-
Member
Hello,
Here is my method to generate u, S, K, M et M2 :
public void Step2(byte[] A, byte[] M1, string username)
{
// Generation de u = H(A | B)
byte[] u = SHA1.Create().ComputeHash(CombineData(A, B));
Scrambler = MakeBigInteger(u);
// Generation de S = (A * v^u) ^ b % N
ClientPublicEphemeral = MakeBigInteger(A);
BigInteger t1 = ClientPublicEphemeral * BigInteger.ModPow(Verifier, Scrambler, Modulus); // (A * v^u)
byte[] ss = BigInteger.ModPow(t1, ServerPrivateEphemeral, Modulus).ToByteArray();
//// Generation de K = H(S))
byte[] K = SHA1.Create().ComputeHash(ss);
SessionKey = MakeBigInteger(K);
// Generation de M1
//Client -> Serveur : M = H(H(N) xor H(g), H(I), s, A, B, K) (xor correspond au OU exclusif)
//Serveur->Client : H(A, M, K)
byte[] HN = SHA1.Create().ComputeHash(N);
byte[] Hg = SHA1.Create().ComputeHash(g);
byte[] HI = SHA1.Create().ComputeHash(Encoding.UTF8.GetBytes(username));
for (int i = 0; i < HN.Length; i++)
HN[i] ^= Hg[i];
byte[] M = SHA1.Create().ComputeHash(CombineData(HN, HI, s, A, B, K));
ClientSessionKeyProof = MakeBigInteger(M);
// Generation de M2 = H(A | M1 | K)
byte[] M2 = SHA1.Create().ComputeHash(CombineData(A, M, K));
ServerSessionKeyProof = MakeBigInteger(M2);
bool OK = M.Equals(M1);
}
But M always differs from M1. Where is the problem ?
To calculate M i need to do M = H(H(N) xor H(g), H(I), s, A, B, K), and compare it to M1 isn't it ?
Last edited by julienguillot; 07-29-2017 at 11:11 PM.
-
-
Post Thanks / Like - 1 Thanks
julienguillot (1 members gave Thanks to doityourself for this useful post)
-
Member
I looked at Mangos Two VB NET version (for WOTLK) and adapt my code as it...
But.... this is not yet successful.
My code => Here
-
Member
-
★ Elder ★
Originally Posted by
julienguillot
You're using lowercase username/pw now? Or do you upper them before the call?