Is there a way to use GMP libraries in node.js to credentials with SRP6

✔ Recommended Answer

I found the answer to my question a while ago. This can be done in Node.js using the Buffer and the following libs bigint-buffer, big-integer as I did it below.

const bigintBuffer = require(`bigint-buffer`)const BigInteger = require(`big-integer`)const crypto = require(`crypto`)/** * * @param {Buffer} salt * @param {string} identity * @param {string} password * @return {Buffer} */function computeVerifier (salt, identity, password) {    const hashIP = crypto.createHash(`sha1`)        .update(identity + `:` + password)        .digest()    const hashX = crypto.createHash(`sha1`)        .update(salt)        .update(hashIP)        .digest()    const x = bigintBuffer.toBigIntLE(hashX)    const g = BigInt(`0x7`)    const N = BigInt(`0x894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7`)    const verifier = BigInteger(g).modPow(x, N)    const lEVerifier = verifier.value.toString(16).match(/.{2}/g).reverse().join(``)    return Buffer.from(lEVerifier, `hex`)}// Testcrypto.randomBytes(32, (err, buf) => {    if (err) throw err;    computeVerifier(buf, `foo`, `bar`);});

If you want to use directly a library I created one which works for TrinityCore and AzerothCore:


Answered By: miorey

Method #2

Yes, it is possible to use the GMP library in Node.js to implement Secure Remote Password (SRP) protocol version 6 for authentication. The GMP library is a popular open-source library that provides high-precision arithmetic operations for integers, rational numbers, and floating-point numbers.

To use the GMP library in Node.js, you can install the "gmp" npm package, which is a Node.js binding for the GMP library. Once you have installed the package, you can use the functions provided by the GMP library to perform the necessary arithmetic operations required for SRP6 authentication.

Here is a high-level overview of the steps required to implement SRP6 using the GMP library in Node.js:

  1. Generate a large prime number (p) and a generator (g) for the group used in the SRP6 protocol. You can use the GMP library to generate these values.

  2. Generate a random salt value (s) for the user's password. You can use Node.js crypto library to generate a random salt value.

  3. Compute the user's verifier (v) using the user's salt value and password. You can use the GMP library to perform the necessary arithmetic operations to compute v.

  4. Generate a random private key (a) for the user and compute the corresponding public key (A) using the generator (g) and prime number (p). You can use the GMP library to perform these operations.

  5. Exchange the public keys (A and B) between the client and server.

  6. Compute the session key (K) using the client's private key (a), the server's public key (B), the prime number (p), and the generator (g). You can use the GMP library to perform these operations.

  7. Use the session key (K) to authenticate the user.

Overall, implementing SRP6 with the GMP library in Node.js requires a good understanding of the SRP6 protocol and the GMP library's arithmetic operations. You can find more detailed information and examples on the official documentation of the GMP library and the SRP6 protocol.


Most Popular

PhpStorm, return value is expected to be 'A', 'object' returned

Remove Unicode Zero Width Space PHP

Laravel file upload returns forbidden 403, file permission is 700 not 755