From 69c299b9c891d92ff7e5bc87e32b9acb10901b91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 7 May 2014 13:55:46 +0200 Subject: Signup protocol coded. UI next. --- .../java/se/leap/bitmaskclient/LeapSRPSession.java | 34 ++++++++++------------ 1 file changed, 16 insertions(+), 18 deletions(-) (limited to 'app/src/main/java/se/leap') diff --git a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java index 8d95cdb8..f8279b64 100644 --- a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java +++ b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java @@ -16,13 +16,13 @@ */ package se.leap.bitmaskclient; + import java.io.UnsupportedEncodingException; import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Arrays; - import org.jboss.security.srp.SRPParameters; /** @@ -42,6 +42,7 @@ public class LeapSRPSession { final public static String M2 = "M2"; final public static String TOKEN = "token"; final public static String AUTHORIZATION_HEADER= "Authorization"; + final public static String TAG= "Leap SRP session class tag"; private SRPParameters params; private String username; @@ -155,15 +156,11 @@ public class LeapSRPSession { return x_digest_bytes; } - public byte[] calculateSaltedPassword() { + public byte[] calculateNewSalt() { try { - BigInteger salt = new BigInteger(128, SecureRandom.getInstance("SHA1PRNG")); - MessageDigest salted_password = newDigest(); - salted_password.update(salt.toByteArray()); - salted_password.update(password.getBytes()); - return salted_password.digest(); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block + BigInteger salt = new BigInteger(64, SecureRandom.getInstance("SHA1PRNG")); + return salt.toByteArray(); + } catch(NoSuchAlgorithmException e) { e.printStackTrace(); } return null; @@ -173,11 +170,9 @@ public class LeapSRPSession { * @return the value of V */ public BigInteger calculateV(String username, String password, byte[] salt) { - String k_string = "bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0"; - BigInteger k = new BigInteger(k_string, 16); byte[] x_bytes = calculatePasswordHash(username, password, ConfigHelper.trim(salt)); x = new BigInteger(1, x_bytes); - BigInteger v = k.multiply(g.modPow(x, N)); // g^x % N + BigInteger v = g.modPow(x, N); // g^x % N return v; } @@ -224,13 +219,11 @@ public class LeapSRPSession { * @return the parameter M1 * @throws NoSuchAlgorithmException */ - public byte[] response(byte[] salt_bytes, byte[] Bbytes) throws NoSuchAlgorithmException { + public byte[] response(byte[] salt_bytes, byte[] Bbytes) throws NoSuchAlgorithmException { // Calculate x = H(s | H(U | ':' | password)) byte[] M1 = null; if(new BigInteger(1, Bbytes).mod(new BigInteger(1, N_bytes)) != BigInteger.ZERO) { - // Calculate v = kg^x mod N - this.v = calculateV(username, password, salt_bytes); - + this.v = calculateV(username, password, salt_bytes); // H(N) byte[] digest_of_n = newDigest().digest(N_bytes); @@ -294,8 +287,9 @@ public class LeapSRPSession { BigInteger B = new BigInteger(1, Bbytes); BigInteger u = new BigInteger(1, u_bytes); - - BigInteger B_minus_v = B.subtract(v); + String k_string = "bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0"; + BigInteger k = new BigInteger(k_string, 16); + BigInteger B_minus_v = B.subtract(k.multiply(v)); BigInteger a_ux = a.add(u.multiply(x)); BigInteger S = B_minus_v.modPow(a_ux, N); return S; @@ -349,4 +343,8 @@ public class LeapSRPSession { } return md; } + + public byte[] getK() { + return K; + } } -- cgit v1.2.3