From 1868e180e8f56c310a52f4ed399dc9e34284957e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Thu, 21 Feb 2013 18:49:59 +0100
Subject: Started SRP authentication. Using NG_1024 with g = 2, and SHA256
 digest.

Next steps:
Implement async communication with the server to receive salt, send A
and receive B.
---
 src/se/leap/leapclient/ConfigHelper.java |  8 ++++++++
 src/se/leap/leapclient/ProviderAPI.java  | 24 ++++++++++++++++++++++++
 2 files changed, 32 insertions(+)

(limited to 'src/se/leap')

diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java
index 5301209c..533a426f 100644
--- a/src/se/leap/leapclient/ConfigHelper.java
+++ b/src/se/leap/leapclient/ConfigHelper.java
@@ -8,6 +8,7 @@ import java.io.FileNotFoundException;
 import java.io.FileWriter;
 import java.io.IOException;
 import java.io.InputStream;
+import java.math.BigInteger;
 
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -20,14 +21,21 @@ public class ConfigHelper {
 
 	final static String downloadJsonFilesBundleExtra = "downloadJSONFiles";
 	final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON";
+	final static String srpAuth = "srpAuth";
 	final static String provider_key = "provider";
 	final static String cert_key = "cert";
 	final static String eip_service_key = "eip";
 	public static final String PREFERENCES_KEY = "LEAPPreferences";
 	public static final String user_directory = "leap_android";
 	public static String provider_key_url = "provider_main_url";
+	final public static String username_key = "username";
+	final public static String password_key = "password";
 	final public static String eip_service_api_path = "/config/eip-service.json";
 	
+	final public static String NG_1024 = 
+			"EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3";
+	final public static BigInteger g = BigInteger.valueOf(2);
+	
 	final public static int CUSTOM_PROVIDER_ADDED = 0; 
 
 	static void saveSharedPref(String shared_preferences_key, JSONObject content) {
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 583eea06..e83e9e6e 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -1,8 +1,13 @@
 package se.leap.leapclient;
 
 import java.io.IOException;
+import java.math.BigInteger;
+import java.security.SecureRandom;
 import java.util.Scanner;
 
+import org.bouncycastle.crypto.agreement.srp.SRP6Client;
+import org.bouncycastle.crypto.digests.SHA256Digest;
+import org.bouncycastle.jcajce.provider.digest.Whirlpool.Digest;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.methods.HttpGet;
@@ -68,6 +73,25 @@ public class ProviderAPI extends IntentService {
 				e.printStackTrace();
 			}
 		}
+		else if ((task = task_for.getBundleExtra(ConfigHelper.srpAuth)) != null) {
+			String username = (String) task.get(ConfigHelper.username_key);
+			String password = (String) task.get(ConfigHelper.password_key);
+			SRP6Client srp_client = new SRP6Client();
+			srp_client.init(new BigInteger(ConfigHelper.NG_1024, 16), ConfigHelper.g, new SHA256Digest(), new SecureRandom());
+			// Receive salt from server
+			String salt = getSaltFromSRPServer();
+			BigInteger A = srp_client.generateClientCredentials(salt.getBytes(), username.getBytes(), password.getBytes());
+			//Send A to the server. Doing a http response with cookies?
+			//Receive server generated serverB
+			//S = calculateSecret(BigInteger serverB)
+			//K = H(S)
+			//Now the two parties have a shared, strong session key K. To complete authentication, they need to prove to each other that their keys match.
+		}
+	}
+
+	private String getSaltFromSRPServer() {
+		// TODO Auto-generated method stub
+		return null;
 	}
 
 	private String guessURL(String provider_main_url) {
-- 
cgit v1.2.3