verifySession method

Future<void> verifySession(
  1. Uint8List serverSessionKeyVerifier
)

Verifies the server's identity by checking the server session key verifier.

This is the final step in the mutual authentication process. The server computes a verifier (M2) from its view of the session, and the user must verify it matches the expected value to confirm the server's identity.

Parameters:

  • serverSessionKeyVerifier: The server's session key verifier (M2) received from the server after it verified the user.

Throws:

  • AuthenticationFailure if the server's verifier doesn't match the expected value, indicating either a compromised server or network attack. Authentication should be abandoned in this case.

Side effects: Securely erases ephemeral keys and user session verifier after verification completes.

Implementation

Future<void> verifySession(Uint8List serverSessionKeyVerifier) async {
  // M2 = H(A, M, K)
  final combined = Uint8List.fromList(
      _ephemeralUserPublicKeyBytes! + _userSessionKeyVerifier + _sessionKey
  );
  final expectedServerSessionKeyVerifier = await _hashFunction.hash(combined);
  if (!serverSessionKeyVerifier.shallowEquals(expectedServerSessionKeyVerifier)) {
    throw AuthenticationFailure('Server session key failed verification.');
  }

  // Securely delete items no longer needed.
  _ephemeralUserPublicKeyBytes?.overwriteWithZeros();
  _ephemeralUserPublicKeyBytes = null;
  _userSessionKeyVerifier.overwriteWithZeros();
}