ServerSrpData - jimdroberts/FishMMO GitHub Wiki

Description

ServerSrpData manages the server-side state and data for a Secure Remote Password (SRP) authentication session in FishMMO. It stores ephemeral values, user credentials, and handles proof verification during the SRP handshake.

API Access

Fields

  • public string UserName { get; private set; }

    The username of the client for this SRP session.

  • public string PublicClientEphemeral { get; private set; }

    The public ephemeral value sent by the client.

  • public SrpServer SrpServer { get; private set; }

    The SRP server instance handling cryptographic operations.

  • public string Salt { get; private set; }

    The salt value used for password hashing and verification.

  • public string Verifier { get; private set; }

    The verifier value derived from the user's password and salt.

  • public SrpEphemeral ServerEphemeral { get; private set; }

    The server's ephemeral values for the SRP handshake.

  • public SrpSession Session { get; private set; }

    The current SRP session, established after proof verification.

  • public SrpState State { get; set; }

    The current state of the SRP authentication process.

Methods

  • public ServerSrpData(SrpParameters parameters, string username, string publicClientEphemeral, string salt, string verifier)

    Initializes a new SRP session with the provided parameters, username, client ephemeral, salt, and verifier. Parameters: - SrpParameters parameters: SRP cryptographic parameters. - string username: The username for the session. - string publicClientEphemeral: The client's public ephemeral value. - string salt: The salt for password hashing. - string verifier: The verifier for password validation.

  • public bool GetProof(string clientProof, out string serverProof)

    Verifies the client's proof and generates the server's proof for the SRP handshake. Parameters: - string clientProof: The proof sent by the client. - out string serverProof: The server's proof to return to the client. Returns: True if proof verification succeeds, false otherwise.

Basic Usage

Setup

  1. Create a new ServerSrpData instance when starting an SRP authentication session.
  2. Use the constructor to initialize with SRP parameters, username, client ephemeral, salt, and verifier.
  3. Call GetProof to verify the client's proof and obtain the server's proof during authentication.

Example

// Example 1: Creating and using ServerSrpData
var srpData = new ServerSrpData(parameters, username, clientEphemeral, salt, verifier);
string serverProof;
bool success = srpData.GetProof(clientProof, out serverProof);
if (success)
{
    // Send serverProof to client
}
else
{
    // Handle authentication failure
}

Best Practices

  • Always validate the client's proof before establishing a session.
  • Store salts and verifiers securely and never transmit them in plaintext.
  • Handle exceptions and authentication failures gracefully to avoid leaking sensitive information.
  • Use strong SRP parameters and keep cryptographic libraries up to date.
⚠️ **GitHub.com Fallback** ⚠️