Changes

The current stub just submits plaintext first interaction with the keyserver takes an email+password pair and receives back (signToken, kA, wrap(kB), token). It uses no key-stretching, nor SRP. The full replacement uses This starts by using key-stretching to transform the email+password into a "masterKey", then feeds this into an SRP protocol to get a session key. It uses this session key to decrypt a bundle of encrypted data from the keyserver, resulting in three values: kA, wrap(kB), and the signToken (or resetToken). The masterKey is also used to derive the key that will decrypt wrap(kB) into the actual kB value.