summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/ProviderAPI.java
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-04-17 21:17:22 +0200
committerParménides GV <parmegv@sdf.org>2013-04-29 17:09:12 +0200
commitf9b9827ec1975cb01e83826f0ad77542e514b21f (patch)
treecfb82cfd03ab41cf917c01fa476769e7c9fc1c99 /src/se/leap/leapclient/ProviderAPI.java
parent8e47afc7f4f85b80d59d253378681cb85ec54d5c (diff)
This commit contains:
- SRP algorithm improved (validate method uses trim, and some other trims have been added). - Refactored calculatePasswordHash, so that it receives a String instead of a char array, and now it is capable of escaping "\" correctly. - A 1000*2 successful logins, with a new test that performs 1000 trials for 2 different username/password/server trios. Next step: think about how the user is going to trigger the log in fragment.
Diffstat (limited to 'src/se/leap/leapclient/ProviderAPI.java')
-rw-r--r--src/se/leap/leapclient/ProviderAPI.java6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 5113ebc1..55686f70 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -109,7 +109,7 @@ public class ProviderAPI extends IntentService {
SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256");
//SRPClientSession client = new SRPClientSession(username, password.toCharArray(), params);
- LeapSRPSession client = new LeapSRPSession(username, password.toCharArray(), params);
+ LeapSRPSession client = new LeapSRPSession(username, password, params);
byte[] A = client.exponential();
try {
JSONObject saltAndB = sendAToSRPServer(authentication_server, username, new BigInteger(1, A).toString(16));
@@ -117,14 +117,14 @@ public class ProviderAPI extends IntentService {
byte[] B = saltAndB.getString("B").getBytes();
salt = saltAndB.getString("salt");
params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), new BigInteger("2").toByteArray(), new BigInteger(salt, 16).toByteArray(), "SHA-256");
- client = new LeapSRPSession(username, password.toCharArray(), params);
+ client = new LeapSRPSession(username, password, params);
A = client.exponential();
saltAndB = sendAToSRPServer(authentication_server, username, new BigInteger(1, A).toString(16));
byte[] Bbytes = new BigInteger(saltAndB.getString("B"), 16).toByteArray();
byte[] M1 = client.response(Bbytes);
byte[] M2 = sendM1ToSRPServer(authentication_server, username, M1);
if( client.verify(M2) == false )
- throw new SecurityException("Failed to validate server reply");
+ throw new SecurityException("Failed to validate server reply: M2 = " + new BigInteger(1, M2).toString(16));
return true;
}
else return false;