diff options
| author | Parménides GV <parmegv@sdf.org> | 2013-03-30 11:20:07 +0100 |
|---|---|---|
| committer | Parménides GV <parmegv@sdf.org> | 2013-03-30 11:20:07 +0100 |
| commit | 7af9519591ea481718b4f903b97463250cc5f116 (patch) | |
| tree | d1451edea5f3bde390c771295cd808a798d3fd63 /src/se/leap/leapclient/ProviderAPI.java | |
| parent | 54ad71d09d6cb61fad62d1376cd7b3bf237e16f9 (diff) | |
Trial for srpforjava: it does not work since it implements SRP-6, and
not SRP-6a. That means, for example, that M1 is calculated differently
from what we need.
Diffstat (limited to 'src/se/leap/leapclient/ProviderAPI.java')
| -rw-r--r-- | src/se/leap/leapclient/ProviderAPI.java | 31 |
1 files changed, 14 insertions, 17 deletions
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index aa1ce30..b8d6a76 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -15,12 +15,13 @@ import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPut; import org.apache.http.cookie.Cookie; import org.apache.http.impl.client.DefaultHttpClient; -import org.jboss.security.srp.SRPClientSession; -import org.jboss.security.srp.SRPParameters; -import org.jboss.security.srp.SRPServerInterface; import org.json.JSONException; import org.json.JSONObject; +import com.jordanzimmerman.SRPClientSession; +import com.jordanzimmerman.SRPConstants; +import com.jordanzimmerman.SRPFactory; + import se.leap.leapclient.ProviderListContent.ProviderItem; import android.app.IntentService; @@ -121,20 +122,20 @@ public class ProviderAPI extends IntentService { String password = (String) task.get(ConfigHelper.password_key); String authentication_server = (String) task.get(ConfigHelper.srp_server_url_key); - SRPParameters params = new SRPParameters(ConfigHelper.NG_1024.getBytes(), "2".getBytes(), "salt".getBytes(), "SHA-256"); - SRPClientSession client = new SRPClientSession(username, password.toCharArray(), params); - byte[] A = client.exponential(); + SRPConstants constants = new SRPConstants(new BigInteger(ConfigHelper.NG_1024, 16), ConfigHelper.g); + SRPFactory factory = SRPFactory.getInstance(constants); + SRPClientSession session = factory.newClientSession(password.getBytes()); + session.setSalt_s(new BigInteger("1")); + byte[] A = session.getPublicKey_A().toString(16).getBytes(); try { JSONObject saltAndB = sendAToSRPServer(authentication_server, username, getHexString(A)); - byte[] B = saltAndB.getString("B").getBytes(); + String B = saltAndB.getString("B"); String salt = saltAndB.getString("salt"); - params = new SRPParameters(ConfigHelper.NG_1024.getBytes(), "2".getBytes(), salt.getBytes(), "SHA-256"); - client = new SRPClientSession(username, password.toCharArray(), params); - client.exponential(); - byte[] M1 = client.response(B); + session.setSalt_s(new BigInteger(salt, 16)); + session.setServerPublicKey_B(new BigInteger(B, 16)); + byte[] M1 = session.getEvidenceValue_M1().toString(16).getBytes(); byte[] M2 = sendM1ToSRPServer(authentication_server, username, M1); - if( client.verify(M2) == false ) - throw new SecurityException("Failed to validate server reply"); + session.validateServerEvidenceValue_M2(new BigInteger(getHexString(M2), 16)); return true; } catch (ClientProtocolException e1) { // TODO Auto-generated catch block @@ -148,10 +149,6 @@ public class ProviderAPI extends IntentService { // TODO Auto-generated catch block e1.printStackTrace(); return false; - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; } } |