def try_simplified_SRP_password(state, guess):
# hmac(K, salt) =
# hmac(sha256(S), salt) =
# hmac(sha256((A * v ** u)**b % n), salt) =
# hmac(sha256((A * ((g**x)** u))**b % n), salt) =
# hmac(sha256((A * ((g**SHA256(salt|password))** u))**b % n), salt) =
# and now we're down to thinks we know (minus password)
x = sha256(intToBytes(state["salt"]) + guess).hexdigest();
v = mypow(state["g"], int(x, 16), state["p"]);
v_u = mypow(v, state["u"], state["p"]);
S = mypow(state["A"] * v_u, state["b"], state["p"]);
mychal = myhmac(sha256, sha256(intToBytes(S)).digest(), intToBytes(state["salt"]));
return mychal == state["challenge"];
def simplified_SRP_validate(state):
expected = myhmac(sha256, state["S_K"], intToBytes(state["salt"]));
return expected == state["challenge"];
def simplified_SRP_step6(state):
state["challenge"] = myhmac(sha256, state["C_K"], intToBytes(state["salt"]));
return state;