search

secure-remote-password / srp.net

SRP-6a protocol implementation for .NET Standard 1.6+ and .NET Framework 3.5+
https://www.nuget.org/packages/srp
MIT License
64 stars 10 forks source link

SRP implementation on iOS swift and dotnet core webapi #6

Closed gmtek closed 5 years ago

gmtek commented 5 years ago

I am trying to implement Secure Remote Password (SRP-6a) protocol using iOS client and dot net core server. I am using https://github.com/Bouke/SRP at iOS client side and https://github.com/secure-remote-password/srp.net at dot net server side.

Here is my registration code at ios side.

        let n = "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73";
        let g = "02";
        let userName = "alice";

        let group = Group(prime: n, generator: g)!;

        let password = "myPassword";
        let regRequest = createSaltedVerificationKey(username: userName, password: password, group: group, algorithm: .sha512);

        let salt = String(BigUInt(regRequest.salt), radix: 16, uppercase: false);
        let verifier = String(BigUInt(regRequest.verificationKey), radix: 16, uppercase: false);

        print("\n Salt: \(salt)\n Verifier: \(verifier)\n")

Server stores userName, slat and verifier.

During user authentication the process is as follows:

Step 1: client sends the username to server and server returns the salt. Step 2: client generates its public key and send it to server

        let client = Client(username: userName, password: password, group: group, algorithm: .sha512);

        let (username, clientPublicKey) = client.startAuthentication();

        let clientPubKey = String(BigUInt(clientPublicKey), radix: 16, uppercase: false);
        print("\n clientPubKey: \(clientPubKey)\n");

Step 3: In response to client public key server shares it's own public key

            var customParams = SrpParameters.Create<SHA512>(n, g);

            var server = new SrpServer(customParams);

            var serverEphemeral = server.GenerateEphemeral(verifier);

            Console.WriteLine("Publickey: " + serverEphemeral.Public);

             // server stores client public key, userName, and serverEphemeral.Secret

Step 4: Client calculates verifier

        let saltString = "salt shared by server at Step 1";
        let saltBigInt = BigUInt(saltString, radix: 16)!;
        let salt = saltBigInt.serialize();

        let serverPubKeyString = "Server public key in Step 3";
        let serverPubKeyBigInt = BigUInt(serverPubKeyString, radix: 16)!;
        let serverPublicKey = serverPubKeyBigInt.serialize();

        do {
            let clientKeyProof = try client.processChallenge(salt: salt, publicKey: serverPublicKey);

            let clientKeyProofString = String(BigUInt(clientKeyProof), radix: 16, uppercase: false);
            print("\n clientKeyProof: \(clientKeyProofString)\n");

        } catch {

        }

Step 5: client shares clientKeyProofString with server and server verifies it. 

            var customParams = SrpParameters.Create<SHA512>(n, g);
            var server2 = new SrpServer(customParams);
            var serverSession = server2.DeriveSession(serverEphemeralSecret, clientPubKey, salt, userName, verifier, clientKeyProofString);

            Console.WriteLine("ServerProof: " + serverSession.Proof);

In this step I am getting System.Security.SecurityException: Client provided session proof is invalid.

Step 6: Client will verify serverProof

I am not able to proceed to step 6 as the exception on step 5. Any suggestion on what's going wrong here.

gmtek commented 5 years ago

When I looked into SRP.NET implementation details, it's the mismatch between actual M and expected M at DeriveSession method in SRPServer.cs (line no. 138).

yallie commented 5 years ago

Hi @gulshanmandal, thanks for your observations.

it's the mismatch between actual M and expected M at DeriveSession method in SRPServer.cs (line no. 138).

Which one do you think is wrong?

I used @idlesign's srptools to verify all computation steps. As far as I know, Bouke's SRP for iOS is also based on srptools. Can you try dumping all the intermediate steps as follows?

{
    "N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
    "g": "02",
    "I": "alice",
    "P": "myPassword",
    "s": "...salt....",
    "k": "...",
    "x": "...",
    "v": "...verifier...",
    "a": "...",
    "b": "...",
    "A": "...",
    "B": "...",
    "u": "...",
    "S": "...",
    "K": "...",
    "M1": "...",
    "M2": "..."
}

Note that some values are computed by the client, and some by the server.

gmtek commented 5 years ago

Here is logs for steps.

Registration:

Bouke's SRP
createSaltedVerificationKey
{
  "N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
  "g": "2",
  "alg": "sha512",
  "I": "alice",
  "p": "myPassword",
  "s": "cbb78cfd2672fb8128ff4060a35c8446",
  "x": "96c56918908aa5e2691a0d3e97db3804761cc9fe01ffc429f1b52bfc8b7872405d4bafe0627fa5d7e220d3707c5d9e9dc6264f7a69338c18f4211cb5033c94aa",
  "v": "969bf1347bbb3230bb7e03cb86007cf92534b7fa773d70434e2d054b2286b6af52c75a8e89501e164f2a305d13fe1a6b6e4532d2f52d5764ae3caa64eddfef423c7c64951d1c7db6344f0c028dfdb7a51a28a96c2061d21a9243c9c7924d3b66a34790cb6236ac079f410142e4616e4604dbd1d026762f13fdfa77714d54537314678ae6638bc394ab724550099f7f32a8c0fbdb2421acdfea74e9415842e4977eef5d2d1d54d699640a510b1127c4adffc781529be8eb7dc82636e8351f6ec705ac1038fa762a8be6b5951c8769d0a98808afcf5523e734fcb6b28b9d2c15ed21b634693f87a41a4ea746c94eae75f0e1fa3baa71a1688f04081164aab09699"
}

Password Verification:

  1. Client Public Key generation

    Bouke's SRP
client init
{
"N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
"g": "2",
"alg": "sha512",
"I": "alice",
"p": "myPassword",
"a": "ab21f435f7e2bb4d875fbdf791ce8a0b16a1ccf22c9eaa1820dd277dc0e045caebce7835d7a282b10175225cce238a171b1ba892935723208e311d9a03bd7a481581a02f7a0e60fd78eee3280c5dee741e945c9555c32849e4ef6af18e75e65376502800cb81998af9b2ccd30bf1bdf65fdf4f8b2e212aa2468a2a49ea928807",
"A": "95a6cb11196ef881cd6924e8646792a719bc4f1b267b588965f017d7447e40d064015a5c3e54e1da8bfa57b9774f79a85713553dd402ab04e55ced913a058ce9ce38f0a5032413778cf76ffe7fabc7de655c4c23ce615a9c20ede8a47196ca503bc50e89e192646d00cfed2d1560c450a5fc3e650f5c502100fad55d4f89069582ebe7e6d13f368569969f12d672d87a320008a341cebc7f10b3647377c9660ea82fdc1bb148939f3a82353911793e1cf2bc43ad889869057c72fcffaf959d208234de0d4dfe9930edfd6d53a18f93c228d267dbba13722ab5b14808cf1b5f40a302f4b2992dc746cf2692fe7a0ba6add795e60de1711661afcfad8da0a36490"
}

  2. Server public key generation

    SRP.NET
GenerateEphemeral
{
"N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
"g": "02",
"alg": "SHA512",
"k": "ee881e03028fe8958639bec52094eb6127081e7ea8e7d0f2618ac8a2a8df48d66f44ec14659a56822279817d1fa484b5a13f1495c1d77c112ed424971721a43c",
"v": "969bf1347bbb3230bb7e03cb86007cf92534b7fa773d70434e2d054b2286b6af52c75a8e89501e164f2a305d13fe1a6b6e4532d2f52d5764ae3caa64eddfef423c7c64951d1c7db6344f0c028dfdb7a51a28a96c2061d21a9243c9c7924d3b66a34790cb6236ac079f410142e4616e4604dbd1d026762f13fdfa77714d54537314678ae6638bc394ab724550099f7f32a8c0fbdb2421acdfea74e9415842e4977eef5d2d1d54d699640a510b1127c4adffc781529be8eb7dc82636e8351f6ec705ac1038fa762a8be6b5951c8769d0a98808afcf5523e734fcb6b28b9d2c15ed21b634693f87a41a4ea746c94eae75f0e1fa3baa71a1688f04081164aab09699",
"b": "996ffe6ea2e4d9076dd8bf266907a4d228834bb2406b45868d1274185c1768970161fe748dfd89f07ede037559217643fee31343a6e842c953251c74334dd49d",
"B": "881d864d4d048a1d447c3c5cd49009ce4ca71f9ede41ba1fdd3b6e1489ad069a48be4e3b91a5fb752d02d40137fc97cb96f905e25fb4a03b2ad9df2dbe049a8d898dc93068bd094b91017fd27a6b8cacdad1aa58fc2edec9d4f2c2687033529924f55c18c1a72e18d166c8e8e8f91708ffa11380ca7e4a6b6ee1b361614a2c78f7123104383b14f465580e413695f3acbdde15e63495a86669bf1c400a15c909606aeb0f911ff848e898834534e99ee4b9284f0b1d03ff2225e351fa11ec5c0356a96e66201e1f1d53928977b47254491dfd18b72c864c65b74faf78fc1f72c3545411668a63f53d5db01c5149d7cb888170de2e5a92ef2ef4fe4633730cb181"
}

  3. Client proof generation

    Bouke's SRP
processChallenge
{
"N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
"g": "2",
"alg": "sha512",
"I": "alice",
"p": "myPassword",
"a": "ab21f435f7e2bb4d875fbdf791ce8a0b16a1ccf22c9eaa1820dd277dc0e045caebce7835d7a282b10175225cce238a171b1ba892935723208e311d9a03bd7a481581a02f7a0e60fd78eee3280c5dee741e945c9555c32849e4ef6af18e75e65376502800cb81998af9b2ccd30bf1bdf65fdf4f8b2e212aa2468a2a49ea928807",
"A": "95a6cb11196ef881cd6924e8646792a719bc4f1b267b588965f017d7447e40d064015a5c3e54e1da8bfa57b9774f79a85713553dd402ab04e55ced913a058ce9ce38f0a5032413778cf76ffe7fabc7de655c4c23ce615a9c20ede8a47196ca503bc50e89e192646d00cfed2d1560c450a5fc3e650f5c502100fad55d4f89069582ebe7e6d13f368569969f12d672d87a320008a341cebc7f10b3647377c9660ea82fdc1bb148939f3a82353911793e1cf2bc43ad889869057c72fcffaf959d208234de0d4dfe9930edfd6d53a18f93c228d267dbba13722ab5b14808cf1b5f40a302f4b2992dc746cf2692fe7a0ba6add795e60de1711661afcfad8da0a36490",
"B": "74be7eac267fe58df76d219d59154c895598f05f7154effb6e117a8e44e1a0db6e0948df3c74d8d75dc6da64bcc221a607ff5472fdd39828387f1fdb06c62dfb0d91254fb6d59510361d420d7bd72681716adc7c02331781d0d83e7a0f6da430cde899be93d9af1ec7db2a4c7defb442ae88106a41597f3281f0bc048842ed331fc90118cb5f4a9154fa59568425c00a1c2745ad5ebffac7f51b958a99db642eae021f739e3e0ee405d044acaa502cbc1861ddf215b0f53efe8c16ca5e6bd969b937d32685a957ca6aa67fae69b2f341ddd7672ceca8afc6b70f782e87887caa9a533012d684c8b42989247ab1af6c47a5f8efdf683d1b917be5a4078c33588f",
"u": "5df6eec569bf7f04d312178c5453662f1890ffb12e81c24f4177704b8b2e3067a6f04e5c73e5e39e6a1517786ac3e855e6b6c553d5260019225151859a09ad84",
"k": "ee881e03028fe8958639bec52094eb6127081e7ea8e7d0f2618ac8a2a8df48d66f44ec14659a56822279817d1fa484b5a13f1495c1d77c112ed424971721a43c",
"x": "a4406eb506a32663fc24b874af5eca1bcf7d44fadcb43694517e3766481fa82344bcc963c82593e4b3a57d6c5c9760f6332eeb3d241ddaeed3312ccdeef4ae6b",
"v": "32dbba7c4447d81db8fd62b073b29eeaaeb693363d97db506d651cab7ddcb841a1de9a7c755fcf93f49ea0eff0e2dd888205a7120b6c785b320ad39b7db61a9919371be7f802d605a93467c02ac11ce4e030fc1797d1d4cf7e28ed9e049f224b013ab2d6f51f30c19e5415255d10ae52ea9c315040b48ca9ba22badcc88e474bfcdb34712e432b469c3361212df89bca986b71bd490ec993d47c2a23c9f5e012bb3aa11e626ac089dd8019de91cde775b1ea98a048b5eb39a1f033e7b2930d3d6e63369faad6873cf5da85e044d5e3d8074d8342b995e9d24ec581cdbef38d39d8f3c07d9ef54fae2f7941d3007d03dc86bde9dfd7ee8bb598763ebdd63ed185",
"S": "2ee61ddb109e38fc1c79f7a731e87440fdf0e8c07815e6e341492988fc4bb7d24cc586c557a2c39c8c781f58fbf754709b9857932b53cd1e19baf52a68ba8bbfbff16d187724aba0e66cd5ca6db9d34fdbb6aee04e0a78e9e5ee497146f5a6b4e55697eb2d4b7207cd2585163e2d41d72b6c30a7e468d29e37969600b1ea7a7263d7bfef1c93b49af65cc2d4a038f038d9a76bcf98afde943ec6d40de2d7b61ca65ae71f166de4320e5dba4e55897edad623aa798630f16f497eda141b5d1c49df38b0cd990c94f8ecea00ea4d52cdf86b8aaf1ed9af08aba0830cd0da51d070fc83701d7421662201ea6053e30cfe8a71852ba168007d3aeaa15b98f09997ec",
"K": "b28e38418bda08eb16d321b7374268c0166ea6b0d956701979a35d4d4abcee7555eb2bdfe9b2244f7a453a7bbda3a4bac991391e8fd8448ad3f79c1f4bde80f8",
"M1": "e26dfdd15abd7d9a44bd2a74792127c4a6bedec55bdebf05ff009d0de2de4dc2bc98fb3c860a594b527f153fa3f10c333cfce8b1e5f42fa6f1014208d5ea7af4",
"HAMK": "c09615f143d075d2f95c9fc775d5823adaabd1e91facf26b1d41decabe49357aa09d341e67be0bdea47309de5e5c98ba4f8de3d6ed21d3eddcad92f3e25c00a6"
}

  4. Server verification

    SRP.NET
DeriveSession
{
"N": "ac6bdb41324a9a9bf166de5e1389582faf72b6651987ee07fc3192943db56050a37329cbb4a099ed8193e0757767a13dd52312ab4b03310dcd7f48a9da04fd50e8083969edb767b0cf6095179a163ab3661a05fbd5faaae82918a9962f0b93b855f97993ec975eeaa80d740adbf4ff747359d041d5c33ea71d281e446b14773bca97b43a23fb801676bd207a436c6481f1d2b9078717461a5b9d32e688f87748544523b524b0d57d5ea77a2775d2ecfa032cfbdbf52fb3786160279004e57ae6af874e7303ce53299ccc041c7bc308d82a5698f3a8d0c38271ae35f8e9dbfbb694b5c803d89f7ae435de236d525f54759b65e372fcd68ef20fa7111f9e4aff73",
"g": "02",
"k": "ee881e03028fe8958639bec52094eb6127081e7ea8e7d0f2618ac8a2a8df48d66f44ec14659a56822279817d1fa484b5a13f1495c1d77c112ed424971721a43c",
"alg": "SHA512",
"b": "996ffe6ea2e4d9076dd8bf266907a4d228834bb2406b45868d1274185c1768970161fe748dfd89f07ede037559217643fee31343a6e842c953251c74334dd49d",
"B": "881d864d4d048a1d447c3c5cd49009ce4ca71f9ede41ba1fdd3b6e1489ad069a48be4e3b91a5fb752d02d40137fc97cb96f905e25fb4a03b2ad9df2dbe049a8d898dc93068bd094b91017fd27a6b8cacdad1aa58fc2edec9d4f2c2687033529924f55c18c1a72e18d166c8e8e8f91708ffa11380ca7e4a6b6ee1b361614a2c78f7123104383b14f465580e413695f3acbdde15e63495a86669bf1c400a15c909606aeb0f911ff848e898834534e99ee4b9284f0b1d03ff2225e351fa11ec5c0356a96e66201e1f1d53928977b47254491dfd18b72c864c65b74faf78fc1f72c3545411668a63f53d5db01c5149d7cb888170de2e5a92ef2ef4fe4633730cb181",
"A": "95a6cb11196ef881cd6924e8646792a719bc4f1b267b588965f017d7447e40d064015a5c3e54e1da8bfa57b9774f79a85713553dd402ab04e55ced913a058ce9ce38f0a5032413778cf76ffe7fabc7de655c4c23ce615a9c20ede8a47196ca503bc50e89e192646d00cfed2d1560c450a5fc3e650f5c502100fad55d4f89069582ebe7e6d13f368569969f12d672d87a320008a341cebc7f10b3647377c9660ea82fdc1bb148939f3a82353911793e1cf2bc43ad889869057c72fcffaf959d208234de0d4dfe9930edfd6d53a18f93c228d267dbba13722ab5b14808cf1b5f40a302f4b2992dc746cf2692fe7a0ba6add795e60de1711661afcfad8da0a36490",
"s": "cbb78cfd2672fb8128ff4060a35c8446",
"I": "alice",
"v": "969bf1347bbb3230bb7e03cb86007cf92534b7fa773d70434e2d054b2286b6af52c75a8e89501e164f2a305d13fe1a6b6e4532d2f52d5764ae3caa64eddfef423c7c64951d1c7db6344f0c028dfdb7a51a28a96c2061d21a9243c9c7924d3b66a34790cb6236ac079f410142e4616e4604dbd1d026762f13fdfa77714d54537314678ae6638bc394ab724550099f7f32a8c0fbdb2421acdfea74e9415842e4977eef5d2d1d54d699640a510b1127c4adffc781529be8eb7dc82636e8351f6ec705ac1038fa762a8be6b5951c8769d0a98808afcf5523e734fcb6b28b9d2c15ed21b634693f87a41a4ea746c94eae75f0e1fa3baa71a1688f04081164aab09699",
"u": "eb90f4adb587bc506eecde10500c00b8ad4ac59796bf6dda0110628390f36f74b95606ad6d0775e8a2fc72229d42cbd2aa7092fc264d26c9d7075503efafd370",
"S": "315ed044875baed2a48361c24126769850ef87d604e2dcd45388657847f212210711666920549b4d1d61b7c2e28af45dc5889e57d3357f552219dbc244b52ef8cc436cb2b427554e33fbc914feb1df56426d60aa3b8c9155d3c164adbdb0a24f9bc727a98d9cc93aec455a6aef4886111580733de59de09924ec116ddf73be4e27cd2067603e056d94d8416156d0267fd8b48b382018371b9efeb2121c3a9ee030121283f40f9ad8de0d83fcd00ac9e981c79fd2b207fbad002514f827cb2405a0412e7eb4d7487d8229c75d06451fbbe53b3a6623cec45e5d71918068b87a19fae6a47a1cd687b3e8d5c829cdef9a94bf66023bc1cfc0310c8a845bf571ea55",
"K": "04bc59623cc017c79ac566ca6bb31693b219e061f5e540cedd43568518e4d6277a8ef21eef9c2fcbf412ccce069d23436a301f5ff1269a2fc8c212c3c3b4cf48",
"M1": "e26dfdd15abd7d9a44bd2a74792127c4a6bedec55bdebf05ff009d0de2de4dc2bc98fb3c860a594b527f153fa3f10c333cfce8b1e5f42fa6f1014208d5ea7af4",
"M2": "704253ff00cb870833b49ff42b99b96cd44fe0abfd5c89c2e2a00b011d40d2ec7f5d9777b96f3ced4a019fc2fd9333f072ca84af3a8497c7b32ab289a56ad058"
}
gmtek commented 5 years ago

That's weird why server public key changes during computation?

This is how I am feeding Server Public key to Bouke's SRP

let serverPubKeyBigInt = BigUInt(serverPubKeyString, radix: 16)!;
        let serverPublicKey = serverPubKeyBigInt.serialize();

        do {
            let clientKeyProof = try client.processChallenge(salt: salt, publicKey: serverPublicKey);

            let clientKeyProofString = String(BigUInt(clientKeyProof), radix: 16, uppercase: false);
            print("\n clientKeyProof: \(clientKeyProofString)\n");

        } catch {

        }

Below is client side code to print hex value of BigUInt

extension BigUInt {
    public var hexString : String {
        get {
            return String(self, radix: 16, uppercase: false);
        }
    }
}
gmtek commented 5 years ago

I found the problem..I have made a silly mistake while passing the server public key.

yallie commented 5 years ago

Here is logs for steps.

Thanks @gulshanmandal! The dump can be processed the same way it's done in the unit tests. That would reveal the exact step that gives the wrong result.

I found the problem..I have made a silly mistake while passing the server public key.

Great! So everything works now?

Would you mind sharing your code snippets for the Bouke's SRP authentication?

A small sample setup to interoperate with the srp.net backend for this project: https://github.com/secure-remote-password/implementations