verifyClientProof static method
this is a scrum authentication verifier that will used to run the integration test for scrum authentication. This method is used on the router side to validate the challenge result.
Implementation
static bool verifyClientProof(
List<int> clientProof, Uint8List storedKey, String authMessage) {
var clientSignature = base64
.decode(CraAuthentication.encodeHmac(
storedKey, defaultKeyLength, authMessage.codeUnits))
.toList();
var recoveredClientKey = [
for (var i = 0; i < defaultKeyLength; ++i)
clientProof[i] ^ clientSignature[i]
];
var recoveredStoredKey =
SHA256Digest().process(Uint8List.fromList(recoveredClientKey)).toList();
for (var j = 0; j < storedKey.length; j++) {
if (recoveredStoredKey[j] != storedKey[j]) {
return false;
}
}
return true;
}