ClientSrpData - jimdroberts/FishMMO GitHub Wiki

Description

The ClientSrpData class manages Secure Remote Password (SRP) protocol operations on the client side for FishMMO. It handles the generation of ephemeral values, salt, verifier, client proof, and session verification, enabling secure authentication and registration processes.

API Access

Properties

  • public SrpClient SrpClient { get; private set; }

    The SRP client instance used for authentication operations.

  • public SrpEphemeral ClientEphemeral { get; private set; }

    The ephemeral values generated by the client for SRP authentication.

  • public SrpSession Session { get; private set; }

    The current SRP session, containing proof and session keys.

Methods

  • public ClientSrpData(SrpParameters parameters)

    Constructs a new ClientSrpData instance and initializes the SRP client and ephemeral values using the provided parameters.

  • public void GetSaltAndVerifier(string username, string password, out string salt, out string verifier)

    Generates a salt and verifier for the given username and password. Used for account registration or password changes.

  • public bool GetProof(string username, string password, string salt, string serverPublicEphemeral, out string proof)

    Generates a client proof for SRP authentication using provided credentials and server ephemeral value. Returns true if successful.

  • public bool Verify(string serverProof, out string result)

    Verifies the server's proof to complete the SRP authentication session. Returns true if verification succeeded.

Basic Usage

Setup

  1. Create a ClientSrpData instance with the desired SRP parameters.
  2. Use GetSaltAndVerifier during registration to generate salt and verifier for the server.
  3. Use GetProof during login to generate the client proof for authentication.
  4. Use Verify to validate the server's proof and complete the authentication session.

Example

var parameters = SrpParameters.Create2048<SHA512>();
var srpData = new ClientSrpData(parameters);

// Registration
srpData.GetSaltAndVerifier("username", "password", out var salt, out var verifier);
// Send salt and verifier to server

// Login
bool proofOk = srpData.GetProof("username", "password", salt, serverPublicEphemeral, out var proof);
// Send proof to server

// Verification
bool verified = srpData.Verify(serverProof, out var result);

Best Practices

  • Always use strong SRP parameters (e.g., 2048-bit or higher).
  • Never store or transmit plain-text passwords.
  • Handle exceptions and failed verifications gracefully.
  • Dispose of sensitive data as soon as possible.
  • Use this class only in secure, encrypted communication channels.
⚠️ **GitHub.com Fallback** ⚠️