This commit contains:

- SRP algorithm improved (validate method uses trim, and some other trims have been added). - Refactored calculatePasswordHash, so that it receives a String instead of a char array, and now it is capable of escaping "\" correctly. - A 1000*2 successful logins, with a new test that performs 1000 trials for 2 different username/password/server trios. Next step: think about how the user is going to trigger the log in fragment.
author: Parménides GV <parmegv@sdf.org> 2013-04-17 21:17:22 +0200
committer: Parménides GV <parmegv@sdf.org> 2013-04-29 17:09:12 +0200
commit: f9b9827ec1975cb01e83826f0ad77542e514b21f (patch)
tree: cfb82cfd03ab41cf917c01fa476769e7c9fc1c99 /src/se/leap/leapclient/ProviderAPI.java
parent: 8e47afc7f4f85b80d59d253378681cb85ec54d5c (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 5113ebc1..55686f70 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -109,7 +109,7 @@ public class ProviderAPI extends IntentService {
 
 		SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256");
 		//SRPClientSession client = new SRPClientSession(username, password.toCharArray(), params);
-		LeapSRPSession client = new LeapSRPSession(username, password.toCharArray(), params);
+		LeapSRPSession client = new LeapSRPSession(username, password, params);
 		byte[] A = client.exponential();
 		try {
 			JSONObject saltAndB = sendAToSRPServer(authentication_server, username, new BigInteger(1, A).toString(16));
@@ -117,14 +117,14 @@ public class ProviderAPI extends IntentService {
 				byte[] B = saltAndB.getString("B").getBytes();
 				salt = saltAndB.getString("salt");
 				params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256");
-				client = new LeapSRPSession(username, password.toCharArray(), params);
+				client = new LeapSRPSession(username, password, params);
 				A = client.exponential();
 				saltAndB = sendAToSRPServer(authentication_server, username, new BigInteger(1, A).toString(16));
 				byte[] Bbytes = new BigInteger(saltAndB.getString("B"), 16).toByteArray();
 				byte[] M1 = client.response(Bbytes);
 				byte[] M2 = sendM1ToSRPServer(authentication_server, username, M1);
 				if( client.verify(M2) == false )
-					throw new SecurityException("Failed to validate server reply");
+					throw new SecurityException("Failed to validate server reply: M2 = " + new BigInteger(1, M2).toString(16));
 				return true;
 			}
 			else return false;
author	Parménides GV <parmegv@sdf.org>	2013-04-17 21:17:22 +0200
committer	Parménides GV <parmegv@sdf.org>	2013-04-29 17:09:12 +0200
commit	f9b9827ec1975cb01e83826f0ad77542e514b21f (patch)
tree	cfb82cfd03ab41cf917c01fa476769e7c9fc1c99 /src/se/leap/leapclient/ProviderAPI.java
parent	8e47afc7f4f85b80d59d253378681cb85ec54d5c (diff)