From 3ab74308e7ba1fda02d3427ec795eac397707199 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Mon, 5 May 2014 15:13:47 +0200
Subject: Sign up methods to be tested.

---
 .../java/se/leap/bitmaskclient/ProviderAPI.java    | 94 +++++++++++++++++++++-
 .../java/se/leap/bitmaskclient/LeapSRPSession.java | 20 ++++-
 2 files changed, 109 insertions(+), 5 deletions(-)

(limited to 'app/src')

diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
index 9f4b8d27..f8895983 100644
--- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -172,6 +172,13 @@ public class ProviderAPI extends IntentService {
 					receiver.send(PROVIDER_NOK, result);
 				}
 			}
+		} else if (action.equalsIgnoreCase(SRP_REGISTER)) {
+		    Bundle session_id_bundle = registerWithSRP(parameters);
+		    if(session_id_bundle.getBoolean(RESULT_KEY)) {
+			receiver.send(SRP_AUTHENTICATION_SUCCESSFUL, session_id_bundle);
+		    } else {
+			receiver.send(SRP_AUTHENTICATION_FAILED, session_id_bundle);
+		    }
 		} else if (action.equalsIgnoreCase(SRP_AUTH)) {
 			Bundle session_id_bundle = authenticateBySRP(parameters);
 				if(session_id_bundle.getBoolean(RESULT_KEY)) {
@@ -193,7 +200,66 @@ public class ProviderAPI extends IntentService {
 				}
 		}
 	}
-	
+
+    private Bundle registerWithSRP(Bundle task) {
+	Bundle session_id_bundle = new Bundle();
+	int progress = 0;
+		
+	String username = (String) task.get(LogInDialog.USERNAME);
+	String password = (String) task.get(LogInDialog.PASSWORD);
+	String authentication_server = (String) task.get(Provider.API_URL);
+	if(validUserLoginData(username, password)) {
+		
+	    SRPParameters params = new SRPParameters(new BigInteger(ConfigHelper.NG_1024, 16).toByteArray(), ConfigHelper.G.toByteArray(), BigInteger.ZERO.toByteArray(), "SHA-256");
+	    LeapSRPSession client = new LeapSRPSession(username, password, params);
+	    byte[] salted_password = client.calculateSaltedPassword();
+	    /* Calculate password verifier */
+	    BigInteger password_verifier = client.calculateV();
+	    /* Send to the server */
+	    try {
+		sendNewUserDataToSRPServer(authentication_server, username, new BigInteger(salted_password).toString(), password_verifier.toString());
+		broadcast_progress(progress++);
+	    } catch (ClientProtocolException e) {
+		// session_id_bundle.putBoolean(RESULT_KEY, false);
+		// session_id_bundle.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_client_http_user_message));
+		// session_id_bundle.putString(LogInDialog.USERNAME, username);
+	    } catch (IOException e) {
+		// session_id_bundle.putBoolean(RESULT_KEY, false);
+		// session_id_bundle.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_io_exception_user_message));
+		// session_id_bundle.putString(LogInDialog.USERNAME, username);
+	    } catch (JSONException e) {
+		// session_id_bundle.putBoolean(RESULT_KEY, false);
+		// session_id_bundle.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_json_exception_user_message));
+		// session_id_bundle.putString(LogInDialog.USERNAME, username);
+	    } catch (NoSuchAlgorithmException e) {
+		// session_id_bundle.putBoolean(RESULT_KEY, false);
+		// session_id_bundle.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_no_such_algorithm_exception_user_message));
+		// session_id_bundle.putString(LogInDialog.USERNAME, username);
+	    } catch (KeyManagementException e) {
+		// TODO Auto-generated catch block
+		e.printStackTrace();
+	    } catch (KeyStoreException e) {
+		// TODO Auto-generated catch block
+		e.printStackTrace();
+	    } catch (CertificateException e) {
+		// TODO Auto-generated catch block
+		e.printStackTrace();
+	    }
+
+	} else {
+	    if(!wellFormedPassword(password)) {
+		session_id_bundle.putBoolean(RESULT_KEY, false);
+		session_id_bundle.putString(LogInDialog.USERNAME, username);
+		session_id_bundle.putBoolean(LogInDialog.PASSWORD_INVALID_LENGTH, true);
+	    }
+	    if(username.isEmpty()) {
+		session_id_bundle.putBoolean(RESULT_KEY, false);
+		session_id_bundle.putBoolean(LogInDialog.USERNAME_MISSING, true);
+	    }
+	}
+		
+	return session_id_bundle;
+    }
 	/**
 	 * Starts the authentication process using SRP protocol.
 	 * 
@@ -374,6 +440,32 @@ public class ProviderAPI extends IntentService {
 		}
 		return session_idAndM2;
 	}
+
+	/**
+	 * Sends an HTTP POST request to the authentication server to register a new user.
+	 * @param server_url
+	 * @param username
+	 * @param salted_password
+	 * @param password_verifier   
+	 * @return response from authentication server
+	 * @throws ClientProtocolException
+	 * @throws IOException
+	 * @throws JSONException
+	 * @throws CertificateException 
+	 * @throws NoSuchAlgorithmException 
+	 * @throws KeyStoreException 
+	 * @throws KeyManagementException 
+	 */
+    private JSONObject sendNewUserDataToSRPServer(String server_url, String username, String salted_password, String password_verifier) throws ClientProtocolException, IOException, JSONException, KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
+		Map<String, String> parameters = new HashMap<String, String>();
+		parameters.put("user[login]", username);
+		parameters.put("user[password_salt]", salted_password);
+		parameters.put("user[password_verifier]", password_verifier);
+		return sendToServer(server_url + "/users.json", "POST", parameters);
+		
+		/*HttpPost post = new HttpPost(server_url + "/sessions.json" + "?" + "login=" + username + "&&" + "A=" + clientA);
+		return sendToServer(post);*/
+	}
 	
 	/**
 	 * Executes an HTTP request expecting a JSON response.
diff --git a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java
index a317d95e..db091300 100644
--- a/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java
+++ b/app/src/main/java/se/leap/bitmaskclient/LeapSRPSession.java
@@ -155,12 +155,25 @@ public class LeapSRPSession {
 		return x_digest_bytes;
 	}
 
+    public byte[] calculateSaltedPassword() {
+	try {
+	    BigInteger salt = new BigInteger(128, SecureRandom.getInstance("SHA1PRNG"));
+	    MessageDigest salted_password = newDigest();
+	    salted_password.update(salt.toByteArray());
+	    salted_password.update(password.getBytes());
+	    return salted_password.digest();
+	} catch (NoSuchAlgorithmException e) {
+	    // TODO Auto-generated catch block
+	    e.printStackTrace();
+	}
+	return null;
+    }
 	/**
 	 * Calculates the parameter V of the SRP-6a algorithm.
-	 * @param k_string constant k predefined by the SRP server implementation.
 	 * @return the value of V
 	 */
-	private BigInteger calculateV(String k_string) {
+	public BigInteger calculateV() {
+	    	String k_string = "bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0";
 		BigInteger k = new BigInteger(k_string, 16);
 		BigInteger v = k.multiply(g.modPow(x, N));  // g^x % N
 		return v;
@@ -217,8 +230,7 @@ public class LeapSRPSession {
 			this.x = new BigInteger(1, xb);
 
 			// Calculate v = kg^x mod N
-			String k_string = "bf66c44a428916cad64aa7c679f3fd897ad4c375e9bbb4cbf2f5de241d618ef0";
-			this.v = calculateV(k_string);
+			this.v = calculateV();
 
 			// H(N)
 			byte[] digest_of_n = newDigest().digest(N_bytes);
-- 
cgit v1.2.3