From 65e2f56a8a10877964fb9fc57963d1bf8104801a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Thu, 20 Jun 2013 17:47:07 +0200
Subject: No binary library needed.
I've decided not to include any lib, but to copy the SRPParameters class
to our codebase and Util.trim method to ConfigHelper.
---
src/org/jboss/security/srp/SRPParameters.java | 150 ++++++++++++++++++++++++++
src/se/leap/leapclient/ConfigHelper.java | 20 ++++
src/se/leap/leapclient/LeapSRPSession.java | 69 ++++++------
src/se/leap/leapclient/ProviderAPI.java | 5 +-
4 files changed, 207 insertions(+), 37 deletions(-)
create mode 100644 src/org/jboss/security/srp/SRPParameters.java
(limited to 'src')
diff --git a/src/org/jboss/security/srp/SRPParameters.java b/src/org/jboss/security/srp/SRPParameters.java
new file mode 100644
index 0000000..4b188cb
--- /dev/null
+++ b/src/org/jboss/security/srp/SRPParameters.java
@@ -0,0 +1,150 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.srp;
+
+import java.io.Serializable;
+import java.util.Arrays;
+
+import org.spongycastle.util.encoders.Base64;
+
+/** The RFC2945 algorithm session parameters that the client and server
+agree to use. In addition to the base RFC2945 parameters, one can choose an
+alternate hash algorithm for the private session key.
+
+@author Scott.Stark@jboss.org
+@version $Revision: 57210 $
+*/
+public class SRPParameters implements Cloneable, Serializable
+{
+ /** The serial version ID.
+ * @since 1.2.4.1
+ */
+ private static final long serialVersionUID = 6438772808805276693L;
+
+ /** The algorithm safe-prime modulus */
+ public final byte[] N;
+ /** The algorithm primitive generator */
+ public final byte[] g;
+ /** The random password salt originally used to verify the password */
+ public final byte[] s;
+ /** The algorithm to hash the session key to produce K. To be consistent
+ with the RFC2945 description this must be SHA_Interleave as implemented
+ by the JBossSX security provider. For compatibility with earlier JBossSX
+ SRP releases the algorithm must be SHA_ReverseInterleave. This name is
+ passed to java.security.MessageDigest.getInstance(). */
+ public final String hashAlgorithm;
+ /** The algorithm to use for any encryption of data.
+ */
+ public final String cipherAlgorithm;
+ /** The cipher intialization vector bytes
+ */
+ public byte[] cipherIV;
+
+ /** Creates a new instance of SRPParameters */
+ public SRPParameters(byte[] N, byte[] g, byte[] s)
+ {
+ this(N, g, s, "SHA_Interleave", null);
+ }
+ public SRPParameters(byte[] N, byte[] g, byte[] s, String hashAlgorithm)
+ {
+ this(N, g, s, hashAlgorithm, null);
+ }
+ public SRPParameters(byte[] N, byte[] g, byte[] s, String hashAlgorithm,
+ String cipherAlgorithm)
+ {
+ this(N, g, s, hashAlgorithm, cipherAlgorithm, null);
+ }
+ public SRPParameters(byte[] N, byte[] g, byte[] s, String hashAlgorithm,
+ String cipherAlgorithm, byte[] cipherIV)
+ {
+ this.N = N;
+ this.g = g;
+ this.s = s;
+ if( hashAlgorithm == null )
+ hashAlgorithm = "SHA_Interleave";
+ this.hashAlgorithm = hashAlgorithm;
+ this.cipherAlgorithm = cipherAlgorithm;
+ this.cipherIV = cipherIV;
+ }
+
+ public Object clone()
+ {
+ Object clone = null;
+ try
+ {
+ clone = super.clone();
+ }
+ catch(CloneNotSupportedException e)
+ {
+ }
+ return clone;
+ }
+
+ public int hashCode()
+ {
+ int hashCode = hashAlgorithm.hashCode();
+ for(int i = 0; i < N.length; i ++)
+ hashCode += N[i];
+ for(int i = 0; i < g.length; i ++)
+ hashCode += g[i];
+ for(int i = 0; i < s.length; i ++)
+ hashCode += s[i];
+ return hashCode;
+ }
+
+ public boolean equals(Object obj)
+ {
+ boolean equals = false;
+ if( obj instanceof SRPParameters )
+ {
+ SRPParameters p = (SRPParameters) obj;
+ equals = hashAlgorithm.equals(p.hashAlgorithm);
+ if( equals == true )
+ equals = Arrays.equals(N, p.N);
+ if( equals == true )
+ equals = Arrays.equals(g, p.g);
+ if( equals == true )
+ equals = Arrays.equals(s, p.s);
+ }
+ return equals;
+ }
+
+ public String toString()
+ {
+ StringBuffer tmp = new StringBuffer(super.toString());
+ tmp.append('{');
+ tmp.append("N: ");
+ tmp.append(Base64.encode(N));
+ tmp.append("|g: ");
+ tmp.append(Base64.encode(g));
+ tmp.append("|s: ");
+ tmp.append(Base64.encode(s));
+ tmp.append("|hashAlgorithm: ");
+ tmp.append(hashAlgorithm);
+ tmp.append("|cipherAlgorithm: ");
+ tmp.append(cipherAlgorithm);
+ tmp.append("|cipherIV: ");
+ tmp.append(cipherIV);
+ tmp.append('}');
+ return tmp.toString();
+ }
+}
diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java
index cb4a550..dd20112 100644
--- a/src/se/leap/leapclient/ConfigHelper.java
+++ b/src/se/leap/leapclient/ConfigHelper.java
@@ -207,6 +207,26 @@ public class ConfigHelper {
return input_stream;
}
+ /**
+ * Treat the input as the MSB representation of a number,
+ * and lop off leading zero elements. For efficiency, the
+ * input is simply returned if no leading zeroes are found.
+ *
+ * @param in array to be trimmed
+ */
+ public static byte[] trim(byte[] in) {
+ if(in.length == 0 || in[0] != 0)
+ return in;
+
+ int len = in.length;
+ int i = 1;
+ while(in[i] == 0 && i < len)
+ ++i;
+ byte[] ret = new byte[len - i];
+ System.arraycopy(in, i, ret, 0, len - i);
+ return ret;
+ }
+
/**
* Sets class scope Shared Preferences
* @param shared_preferences
diff --git a/src/se/leap/leapclient/LeapSRPSession.java b/src/se/leap/leapclient/LeapSRPSession.java
index beb286d..d21ccff 100644
--- a/src/se/leap/leapclient/LeapSRPSession.java
+++ b/src/se/leap/leapclient/LeapSRPSession.java
@@ -4,9 +4,9 @@ import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
import java.util.Arrays;
-import org.jboss.security.Util;
import org.jboss.security.srp.SRPParameters;
/**
@@ -30,6 +30,7 @@ public class LeapSRPSession {
private BigInteger a;
private BigInteger A;
private byte[] K;
+ private SecureRandom pseudoRng;
/** The M1 = H(H(N) xor H(g) | H(U) | s | A | B | K) hash */
private MessageDigest clientHash;
/** The M2 = H(A | M | K) hash */
@@ -57,20 +58,20 @@ public class LeapSRPSession {
*/
public LeapSRPSession(String username, String password, SRPParameters params,
byte[] abytes) {
- try {
- // Initialize the secure random number and message digests
- Util.init();
- }
- catch(NoSuchAlgorithmException e) {
- }
-
this.params = params;
this.g = new BigInteger(1, params.g);
- N_bytes = Util.trim(params.N);
+ N_bytes = ConfigHelper.trim(params.N);
this.N = new BigInteger(1, N_bytes);
this.username = username;
this.password = password;
+ try {
+ pseudoRng = SecureRandom.getInstance("SHA1PRNG");
+ } catch (NoSuchAlgorithmException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
if( abytes != null ) {
A_LEN = 8*abytes.length;
/* TODO Why did they put this condition?
@@ -105,15 +106,15 @@ public class LeapSRPSession {
byte[] colon = {};
String encoding = "ISO-8859-1";
try {
- user = Util.trim(username.getBytes(encoding));
- colon = Util.trim(":".getBytes(encoding));
- password_bytes = Util.trim(password.getBytes(encoding));
+ user = ConfigHelper.trim(username.getBytes(encoding));
+ colon = ConfigHelper.trim(":".getBytes(encoding));
+ password_bytes = ConfigHelper.trim(password.getBytes(encoding));
}
catch(UnsupportedEncodingException e) {
// Use the default platform encoding
- user = Util.trim(username.getBytes());
- colon = Util.trim(":".getBytes());
- password_bytes = Util.trim(password.getBytes());
+ user = ConfigHelper.trim(username.getBytes());
+ colon = ConfigHelper.trim(":".getBytes());
+ password_bytes = ConfigHelper.trim(password.getBytes());
}
// Build the hash
@@ -152,7 +153,7 @@ public class LeapSRPSession {
{
//TODO Check if length matters in the order, when b2 is smaller than b1 or viceversa
byte[] xor_digest = new BigInteger(1, b1).xor(new BigInteger(1, b2)).toByteArray();
- return Util.trim(xor_digest);
+ return ConfigHelper.trim(xor_digest);
}
/**
@@ -166,11 +167,11 @@ public class LeapSRPSession {
if( a == null ) {
BigInteger one = BigInteger.ONE;
do {
- a = new BigInteger(A_LEN, Util.getPRNG());
+ a = new BigInteger(A_LEN, pseudoRng);
} while(a.compareTo(one) <= 0);
}
A = g.modPow(a, N);
- Abytes = Util.trim(A.toByteArray());
+ Abytes = ConfigHelper.trim(A.toByteArray());
}
return Abytes;
}
@@ -186,7 +187,7 @@ public class LeapSRPSession {
*/
public byte[] response(byte[] salt_bytes, byte[] Bbytes) throws NoSuchAlgorithmException {
// Calculate x = H(s | H(U | ':' | password))
- byte[] xb = calculatePasswordHash(username, password, Util.trim(salt_bytes));
+ byte[] xb = calculatePasswordHash(username, password, ConfigHelper.trim(salt_bytes));
this.x = new BigInteger(1, xb);
// Calculate v = kg^x mod N
@@ -204,36 +205,36 @@ public class LeapSRPSession {
clientHash.update(xor_digest);
// clientHash = H(N) xor H(g) | H(U)
- byte[] username_digest = newDigest().digest(Util.trim(username.getBytes()));
- username_digest = Util.trim(username_digest);
+ byte[] username_digest = newDigest().digest(ConfigHelper.trim(username.getBytes()));
+ username_digest = ConfigHelper.trim(username_digest);
clientHash.update(username_digest);
// clientHash = H(N) xor H(g) | H(U) | s
- clientHash.update(Util.trim(salt_bytes));
+ clientHash.update(ConfigHelper.trim(salt_bytes));
K = null;
// clientHash = H(N) xor H(g) | H(U) | A
- byte[] Abytes = Util.trim(A.toByteArray());
+ byte[] Abytes = ConfigHelper.trim(A.toByteArray());
clientHash.update(Abytes);
// clientHash = H(N) xor H(g) | H(U) | s | A | B
- Bbytes = Util.trim(Bbytes);
+ Bbytes = ConfigHelper.trim(Bbytes);
clientHash.update(Bbytes);
// Calculate S = (B - kg^x) ^ (a + u * x) % N
BigInteger S = calculateS(Bbytes);
- byte[] S_bytes = Util.trim(S.toByteArray());
+ byte[] S_bytes = ConfigHelper.trim(S.toByteArray());
// K = SessionHash(S)
String hash_algorithm = params.hashAlgorithm;
MessageDigest sessionDigest = MessageDigest.getInstance(hash_algorithm);
- K = Util.trim(sessionDigest.digest(S_bytes));
+ K = ConfigHelper.trim(sessionDigest.digest(S_bytes));
// clientHash = H(N) xor H(g) | H(U) | A | B | K
clientHash.update(K);
- byte[] M1 = Util.trim(clientHash.digest());
+ byte[] M1 = ConfigHelper.trim(clientHash.digest());
// serverHash = Astr + M + K
serverHash.update(Abytes);
@@ -249,8 +250,8 @@ public class LeapSRPSession {
* @return the parameter S
*/
private BigInteger calculateS(byte[] Bbytes) {
- byte[] Abytes = Util.trim(A.toByteArray());
- Bbytes = Util.trim(Bbytes);
+ byte[] Abytes = ConfigHelper.trim(A.toByteArray());
+ Bbytes = ConfigHelper.trim(Bbytes);
byte[] u_bytes = getU(Abytes, Bbytes);
BigInteger B = new BigInteger(1, Bbytes);
@@ -270,10 +271,10 @@ public class LeapSRPSession {
*/
public byte[] getU(byte[] Abytes, byte[] Bbytes) {
MessageDigest u_digest = newDigest();
- u_digest.update(Util.trim(Abytes));
- u_digest.update(Util.trim(Bbytes));
+ u_digest.update(ConfigHelper.trim(Abytes));
+ u_digest.update(ConfigHelper.trim(Bbytes));
byte[] u_digest_bytes = u_digest.digest();
- return Util.trim(new BigInteger(1, u_digest_bytes).toByteArray());
+ return ConfigHelper.trim(new BigInteger(1, u_digest_bytes).toByteArray());
}
/**
@@ -283,8 +284,8 @@ public class LeapSRPSession {
public boolean verify(byte[] M2)
{
// M2 = H(A | M1 | K)
- M2 = Util.trim(M2);
- byte[] myM2 = Util.trim(serverHash.digest());
+ M2 = ConfigHelper.trim(M2);
+ byte[] myM2 = ConfigHelper.trim(serverHash.digest());
boolean valid = Arrays.equals(M2, myM2);
return valid;
}
diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java
index 4dfe200..00d7d82 100644
--- a/src/se/leap/leapclient/ProviderAPI.java
+++ b/src/se/leap/leapclient/ProviderAPI.java
@@ -41,7 +41,6 @@ import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
-import org.jboss.security.Util;
import org.jboss.security.srp.SRPParameters;
import org.json.JSONException;
import org.json.JSONObject;
@@ -214,7 +213,7 @@ public class ProviderAPI extends IntentService {
* @throws JSONException
*/
private JSONObject sendM1ToSRPServer(String server_url, String username, byte[] m1) throws ClientProtocolException, IOException, JSONException {
- HttpPut put = new HttpPut(server_url + "/sessions/" + username +".json" + "?" + "client_auth" + "=" + new BigInteger(1, Util.trim(m1)).toString(16));
+ HttpPut put = new HttpPut(server_url + "/sessions/" + username +".json" + "?" + "client_auth" + "=" + new BigInteger(1, ConfigHelper.trim(m1)).toString(16));
JSONObject json_response = sendToServer(put);
JSONObject session_idAndM2 = new JSONObject();
@@ -223,7 +222,7 @@ public class ProviderAPI extends IntentService {
Cookie session_id_cookie = LeapHttpClient.getInstance(getApplicationContext()).getCookieStore().getCookies().get(0);
session_idAndM2.put(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id_cookie.getName());
session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue());
- session_idAndM2.put(ConfigHelper.M2_KEY, Util.trim(M2_not_trimmed));
+ session_idAndM2.put(ConfigHelper.M2_KEY, ConfigHelper.trim(M2_not_trimmed));
}
return session_idAndM2;
}
--
cgit v1.2.3