I developed an identical code in Java using the Spring boot framework to save the data in the database but the SALT and the Verifier generated apparently are not valid for trinity Core
@RestController
public class RegisterController7 {
private static AccountRepository accountRepository = null;
public RegisterController7(AccountRepository accountRepository) {
this.accountRepository = accountRepository;
}
@GetMapping("/hola7")
public String test() throws NoSuchAlgorithmException, DecoderException {
String username = "test";
String password = "test";
byte[] salt = generateRandomSalt2();
System.out.println("Salt: " + bytesToHex(salt));
byte[] verifier = calculateSRP6Verifier(username, password, salt);
System.out.println("Verifier: " + bytesToHex(verifier));
boolean isVerified = verifySRP6(username, password, salt, verifier);
System.out.println("Is Verified: " + isVerified);
AccountEntity accountEntity = new AccountEntity();
accountEntity.setId(20);
accountEntity.setSalt(salt);
accountEntity.setVerifier(verifier);
accountEntity.setUsername("test".toUpperCase());
accountRepository.save(accountEntity);
return "555";
}
public static byte[] calculateSRP6Verifier(String username, String password, byte[] salt) throws NoSuchAlgorithmException {
// Algoritmo constants
BigInteger g = new BigInteger("7");
BigInteger N = new BigInteger("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", 16);
// Calculate first hash
String h1Hex = sha1(username.toUpperCase() + ":" + password.toUpperCase());
// Calculate second hash
String h2Hex = sha1(bytesToHex(salt) + h1Hex);
BigInteger h2 = new BigInteger(h2Hex, 16);
// g^h2 mod N
BigInteger verifier = g.modPow(h2, N);
// Convert verifier to a byte array (little-endian)
byte[] verifierBytes = verifier.toByteArray();
// Pad to 32 bytes, remembering that zeros go on the end in little-endian!
if (verifierBytes.length < 32) {
byte[] paddedVerifier = new byte[32];
System.arraycopy(verifierBytes, 0, paddedVerifier, 32 - verifierBytes.length, verifierBytes.length);
verifierBytes = paddedVerifier;
}
// Done!
return verifierBytes;
}
public static byte[] generateRandomSalt() {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[32];
random.nextBytes(salt);
return salt;
}
public static byte[] generateRandomSalt2() {
SecureRandom secureRandom = new SecureRandom();
byte[] randomBytes = new byte[32]; // Aquí especificamos el tamaño en bytes
secureRandom.nextBytes(randomBytes);
return randomBytes;
}
public static boolean verifySRP6(String user, String pass, byte[] salt, byte[] verifier) throws NoSuchAlgorithmException {
// Algoritmo constants
BigInteger g = new BigInteger("7");
BigInteger N = new BigInteger("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", 16);
// Calculate x
String xHex = sha1(bytesToHex(salt) + sha1(user.toUpperCase() + ":" + pass.toUpperCase()));
BigInteger x = new BigInteger(xHex, 16);
// Calculate v
BigInteger v = g.modPow(x, N);
// Verify the result
byte[] vBytes = v.toByteArray();
byte[] paddedVerifier = new byte[32];
System.arraycopy(vBytes, 0, paddedVerifier, 32 - vBytes.length, vBytes.length);
System.out.println("Verifier2: " + bytesToHex(paddedVerifier));
System.out.println("Verifier2: " + bytesToHex(verifier));
for (int i = 0; i < 32; i++) {
if (paddedVerifier[i] != verifier[i]) {
return false;
}
}
return true;
}
private static String sha1(String input) throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] bytes = md.digest(input.getBytes());
return bytesToHex(bytes);
}
private static String bytesToHex(byte[] bytes) {
StringBuilder sb = new StringBuilder(bytes.length * 2); // Estimación de la longitud final
for (byte b : bytes) {
sb.append(String.format("%02X", b));
}
return sb.toString();
}
}