public static DeviceSecretVerifierConfigType GenerateDeviceVerifier()

in src/Amazon.Extensions.CognitoAuthentication/Util/AuthenticationHelper.cs [167:196]

• 24 lines of code
• 1 McCabe index (conditional complexity)

        public static DeviceSecretVerifierConfigType GenerateDeviceVerifier(string deviceGroupKey, string devicePass, string username)
        {
            Random r = new Random();
            byte[] userIdContent = CognitoAuthHelper.CombineBytes(
                Encoding.UTF8.GetBytes(deviceGroupKey),
                Encoding.UTF8.GetBytes(username),
                Encoding.UTF8.GetBytes(":"),
                Encoding.UTF8.GetBytes(devicePass)
            );

            byte[] userIdHash = CognitoAuthHelper.Sha256.ComputeHash(userIdContent);
            
            byte[] saltBytes = new byte[16];
            RandomNumberGenerator.Create().GetBytes(saltBytes);
            // setting the initial byte to 0-127 to avoid negative salt or password verifier error
            saltBytes[0] = (byte) r.Next(sbyte.MaxValue);
            
            byte[] xBytes = CognitoAuthHelper.CombineBytes(saltBytes, userIdHash);
            byte[] xDigest = CognitoAuthHelper.Sha256.ComputeHash(xBytes);
            BigInteger x = BigIntegerExtensions.FromUnsignedBigEndian(xDigest);

            var v = BigInteger.ModPow(g, x, N);
            byte[] vBytes = v.ToBigEndianByteArray();

            return new DeviceSecretVerifierConfigType
            {
                PasswordVerifier = Convert.ToBase64String(vBytes),
                Salt = Convert.ToBase64String(saltBytes)
            };
        }