verifySession method
Verifies the user's session and returns a server verifier for mutual authentication.
This method performs three critical steps:
- Derives the session key from the user's ephemeral public key (if not already derived)
- Verifies the user's session key verifier (M1) matches the expected value
- Generates a server session key verifier (M2) for the user to verify
Parameters:
userSessionKeyVerifier: The user's session key verifier (M1) received from the userephemeralUserPublicKey: The user's ephemeral public key (A) received from the user
Returns: Server session key verifier (M2) that should be sent back to the user so they can verify the server's identity
Throws:
- AuthenticationFailure if the user's session key verifier doesn't match the expected value, indicating invalid credentials or a potential attack
- InvalidParameterException if the ephemeral user public key is invalid
Side effects: Securely erases ephemeral keys, user ID, salt, and safe prime bytes after verification completes.
After this method succeeds, the sessionKey property contains the shared session key that can be used for encrypted communication.
Implementation
Future<Uint8List> verifySession({
required Uint8List userSessionKeyVerifier, required Uint8List ephemeralUserPublicKey
}) async {
if (_sessionKey == null) {
await deriveSessionKey(ephemeralUserPublicKey: ephemeralUserPublicKey);
}
// Verify user session key.
final expectedUserSessionKeyVerifier = await _deriveUserSessionKeyVerifier(
ephemeralUserPublicKey);
if (!expectedUserSessionKeyVerifier.shallowEquals(userSessionKeyVerifier)) {
throw AuthenticationFailure('User session key failed verification.');
}
// Create server verifier key.
// M2 = H(A, M, K)
final combined = Uint8List.fromList(
ephemeralUserPublicKey + userSessionKeyVerifier + _sessionKey!
);
final serverSessionKeyVerifier = await _hashFunction.hash(combined);
return serverSessionKeyVerifier;
}