diff options
| author | Parménides GV <parmegv@sdf.org> | 2013-02-21 18:49:59 +0100 |
|---|---|---|
| committer | Parménides GV <parmegv@sdf.org> | 2013-02-21 18:49:59 +0100 |
| commit | 1868e180e8f56c310a52f4ed399dc9e34284957e (patch) | |
| tree | 8ba1082c38fe75581a6c5fa036011a9ff27e3899 /src/se/leap/leapclient/ProviderAPI.java | |
| parent | 233e8e1e9b1c524bc3c5ef0b29170586d2860d1f (diff) | |
Started SRP authentication. Using NG_1024 with g = 2, and SHA256 digest.
Next steps:
Implement async communication with the server to receive salt, send A
and receive B.
Diffstat (limited to 'src/se/leap/leapclient/ProviderAPI.java')
| -rw-r--r-- | src/se/leap/leapclient/ProviderAPI.java | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index 583eea06..e83e9e6e 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -1,8 +1,13 @@ package se.leap.leapclient; import java.io.IOException; +import java.math.BigInteger; +import java.security.SecureRandom; import java.util.Scanner; +import org.bouncycastle.crypto.agreement.srp.SRP6Client; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.jcajce.provider.digest.Whirlpool.Digest; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpGet; @@ -68,6 +73,25 @@ public class ProviderAPI extends IntentService { e.printStackTrace(); } } + else if ((task = task_for.getBundleExtra(ConfigHelper.srpAuth)) != null) { + String username = (String) task.get(ConfigHelper.username_key); + String password = (String) task.get(ConfigHelper.password_key); + SRP6Client srp_client = new SRP6Client(); + srp_client.init(new BigInteger(ConfigHelper.NG_1024, 16), ConfigHelper.g, new SHA256Digest(), new SecureRandom()); + // Receive salt from server + String salt = getSaltFromSRPServer(); + BigInteger A = srp_client.generateClientCredentials(salt.getBytes(), username.getBytes(), password.getBytes()); + //Send A to the server. Doing a http response with cookies? + //Receive server generated serverB + //S = calculateSecret(BigInteger serverB) + //K = H(S) + //Now the two parties have a shared, strong session key K. To complete authentication, they need to prove to each other that their keys match. + } + } + + private String getSaltFromSRPServer() { + // TODO Auto-generated method stub + return null; } private String guessURL(String provider_main_url) { |