summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-02-21 18:49:59 +0100
committerParménides GV <parmegv@sdf.org>2013-02-21 18:49:59 +0100
commit1868e180e8f56c310a52f4ed399dc9e34284957e (patch)
tree8ba1082c38fe75581a6c5fa036011a9ff27e3899
parent233e8e1e9b1c524bc3c5ef0b29170586d2860d1f (diff)
Started SRP authentication. Using NG_1024 with g = 2, and SHA256 digest.
Next steps: Implement async communication with the server to receive salt, send A and receive B.
-rw-r--r--src/se/leap/leapclient/ConfigHelper.java8
-rw-r--r--src/se/leap/leapclient/ProviderAPI.java24
2 files changed, 32 insertions, 0 deletions
diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java
index 5301209..533a426 100644
--- a/src/se/leap/leapclient/ConfigHelper.java
+++ b/src/se/leap/leapclient/ConfigHelper.java
@@ -8,6 +8,7 @@ import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
+import java.math.BigInteger;
import org.json.JSONException;
import org.json.JSONObject;
@@ -20,14 +21,21 @@ public class ConfigHelper {
final static String downloadJsonFilesBundleExtra = "downloadJSONFiles";
final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON";
+ final static String srpAuth = "srpAuth";
final static String provider_key = "provider";
final static String cert_key = "cert";
final static String eip_service_key = "eip";
public static final String PREFERENCES_KEY = "LEAPPreferences";
public static final String user_directory = "leap_android";
public static String provider_key_url = "provider_main_url";
+ final public static String username_key = "username";
+ final public static String password_key = "password";
final public static String eip_service_api_path = "/config/eip-service.json";
+ final public static String NG_1024 =
+ "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3";
+ final public static BigInteger g = BigInteger.valueOf(2);
+
final public static int CUSTOM_PROVIDER_ADDED = 0;
static void saveSharedPref(String shared_preferences_key, JSONObject content) {
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 583eea0..e83e9e6 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -1,8 +1,13 @@
package se.leap.leapclient;
import java.io.IOException;
+import java.math.BigInteger;
+import java.security.SecureRandom;
import java.util.Scanner;
+import org.bouncycastle.crypto.agreement.srp.SRP6Client;
+import org.bouncycastle.crypto.digests.SHA256Digest;
+import org.bouncycastle.jcajce.provider.digest.Whirlpool.Digest;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
@@ -68,6 +73,25 @@ public class ProviderAPI extends IntentService {
e.printStackTrace();
}
}
+ else if ((task = task_for.getBundleExtra(ConfigHelper.srpAuth)) != null) {
+ String username = (String) task.get(ConfigHelper.username_key);
+ String password = (String) task.get(ConfigHelper.password_key);
+ SRP6Client srp_client = new SRP6Client();
+ srp_client.init(new BigInteger(ConfigHelper.NG_1024, 16), ConfigHelper.g, new SHA256Digest(), new SecureRandom());
+ // Receive salt from server
+ String salt = getSaltFromSRPServer();
+ BigInteger A = srp_client.generateClientCredentials(salt.getBytes(), username.getBytes(), password.getBytes());
+ //Send A to the server. Doing a http response with cookies?
+ //Receive server generated serverB
+ //S = calculateSecret(BigInteger serverB)
+ //K = H(S)
+ //Now the two parties have a shared, strong session key K. To complete authentication, they need to prove to each other that their keys match.
+ }
+ }
+
+ private String getSaltFromSRPServer() {
+ // TODO Auto-generated method stub
+ return null;
}
private String guessURL(String provider_main_url) {