verifyClientProof static method

bool verifyClientProof(
  1. List<int> clientProof,
  2. Uint8List storedKey,
  3. String authMessage, {
  4. AuthenticationStringEncoding stringEncoding = AuthenticationStringEncoding.utf8,
})

this is a scrum authentication verifier that will used to run the integration test for scrum authentication. This method is used on the router side to validate the challenge result.

Implementation

static bool verifyClientProof(
    List<int> clientProof, Uint8List storedKey, String authMessage,
    {AuthenticationStringEncoding stringEncoding =
        AuthenticationStringEncoding.utf8}) {
  var clientSignature = base64
      .decode(CraAuthentication.encodeHmac(
          storedKey,
          defaultKeyLength,
          CraAuthentication.encodeString(authMessage,
              stringEncoding: stringEncoding)))
      .toList();
  var recoveredClientKey = [
    for (var i = 0; i < defaultKeyLength; ++i)
      clientProof[i] ^ clientSignature[i]
  ];
  var recoveredStoredKey =
      SHA256Digest().process(Uint8List.fromList(recoveredClientKey)).toList();
  for (var j = 0; j < storedKey.length; j++) {
    if (recoveredStoredKey[j] != storedKey[j]) {
      return false;
    }
  }
  return true;
}