From 60ce4dc3ea4531814d01b6c7181a480f1a87e067 Mon Sep 17 00:00:00 2001 From: Matthew Neeley Date: Thu, 27 Aug 2015 13:11:40 -0700 Subject: [PATCH] Add support for SRP as an alternative auth mechanism. --- core/src/main/scala/org/labrad/Client.scala | 3 +- .../main/scala/org/labrad/Connection.scala | 86 ++++++++--- .../scala/org/labrad/ServerConnection.scala | 3 +- .../main/scala/org/labrad/crypto/SRP.scala | 137 ++++++++++++++++++ .../main/scala/org/labrad/crypto/Util.scala | 38 +++++ .../main/scala/org/labrad/util/package.scala | 13 ++ .../org/labrad/manager/LoginHandler.scala | 49 ++++++- .../scala/org/labrad/manager/Manager.scala | 30 +++- 8 files changed, 329 insertions(+), 30 deletions(-) create mode 100644 core/src/main/scala/org/labrad/crypto/SRP.scala create mode 100644 core/src/main/scala/org/labrad/crypto/Util.scala diff --git a/core/src/main/scala/org/labrad/Client.scala b/core/src/main/scala/org/labrad/Client.scala index d3f1759..7a6ec33 100644 --- a/core/src/main/scala/org/labrad/Client.scala +++ b/core/src/main/scala/org/labrad/Client.scala @@ -12,7 +12,8 @@ class Client( val credential: Credential = Client.defaults.credential, val tls: TlsMode = Client.defaults.tls, val tlsCerts: Map[String, File] = Map(), - val workerGroup: EventLoopGroup = Connection.defaultWorkerGroup + val workerGroup: EventLoopGroup = Connection.defaultWorkerGroup, + val requireSrp: Boolean = false )( implicit val executionContext: ExecutionContext = ExecutionContext.global ) extends Connection { diff --git a/core/src/main/scala/org/labrad/Connection.scala b/core/src/main/scala/org/labrad/Connection.scala index fe3dedd..3d510d0 100644 --- a/core/src/main/scala/org/labrad/Connection.scala +++ b/core/src/main/scala/org/labrad/Connection.scala @@ -11,15 +11,18 @@ import java.net.{InetAddress, InetSocketAddress} import java.nio.{ByteOrder, CharBuffer} import java.nio.charset.StandardCharsets.UTF_8 import java.nio.file.Files -import java.security.MessageDigest +import java.security.{MessageDigest, SecureRandom} import java.util.concurrent.{ExecutionException, Executors, ThreadFactory, TimeUnit} import java.util.concurrent.atomic.{AtomicInteger, AtomicLong} +import org.bouncycastle.crypto.agreement.srp._ +import org.bouncycastle.crypto.digests.SHA1Digest import org.labrad.Labrad.Manager import org.labrad.Labrad.Authenticator +import org.labrad.crypto.{BigInts, SRP} import org.labrad.data._ import org.labrad.errors._ import org.labrad.events.MessageListener -import org.labrad.util.{Counter, LookupProvider, NettyUtil} +import org.labrad.util.{Counter, LookupProvider, NettyUtil, Util} import org.labrad.util.Futures._ import org.labrad.util.Paths._ import scala.concurrent.{Await, ExecutionContext, Future} @@ -78,6 +81,7 @@ trait Connection { val tls: TlsMode val tlsCerts: Map[String, File] val workerGroup: EventLoopGroup + val requireSrp: Boolean implicit val executionContext: ExecutionContext def credential: Credential @@ -212,21 +216,69 @@ trait Connection { ): Unit = { try { val loginResponse = credential match { - case Password("", password) => - // send first ping packet; response is password challenge - val Bytes(challenge) = Await.result(sendManagerRequest(), timeout) - - val md = MessageDigest.getInstance("MD5") - md.update(challenge) - md.update(UTF_8.encode(CharBuffer.wrap(password))) - val data = TreeData("s") // use s instead of y for backwards compatibility - data.setBytes(md.digest) - - // send password response; response is welcome message - try { - Await.result(sendManagerRequest(0, data), timeout) - } catch { - case e: ExecutionException => throw new IncorrectPasswordException + case Password(username @ "", password) => + val useSrp = if (requireSrp) { + true + } else { + // We will use SRP if manager supports it, so we send a PING to get manager features. + val resp = Await.result(sendManagerRequest(2, "PING".toData), timeout) + val features: Set[String] = resp match { + case Cluster(_, Arr(features @ _*)) => Set(features.map(_.getString): _*) + case _ => Set() + } + features.contains("srp") + } + + if (useSrp) { + // use SRP for login + val random = new SecureRandom() + val digest = new SHA1Digest() + val client = new SRP6Client() + + val Cluster(Str(groupName), Bytes(salt), Bytes(bBytes)) = + Await.result(sendManagerRequest(10, Str(username)), timeout) + + val group = SRP.groupFromString(groupName) + client.init(group, digest, random) + + val a = client.generateClientCredentials(salt, username.getBytes(UTF_8), + Util.utf8Bytes(password)) + val aBytes = BigInts.toUnsignedByteArray(a) + + val b = BigInts.fromUnsignedByteArray(bBytes) + client.calculateSecret(b.bigInteger) + + val m1 = client.calculateClientEvidenceMessage() + val m1Bytes = BigInts.toUnsignedByteArray(m1) + + val Cluster(loginResponse, Bytes(m2Bytes)) = try { + Await.result(sendManagerRequest(11, (aBytes, m1Bytes).toData), timeout) + } catch { + case e: ExecutionException => throw new IncorrectPasswordException + } + + val m2 = BigInts.fromUnsignedByteArray(m2Bytes) + if (!client.verifyServerEvidenceMessage(m2.bigInteger)) { + throw new Exception("unable to verify server SRP message M2") + } + loginResponse + + } else { + // send first ping packet; response is password challenge + val Bytes(challenge) = Await.result(sendManagerRequest(), timeout) + + val md = MessageDigest.getInstance("MD5") + md.update(challenge) + md.update(UTF_8.encode(CharBuffer.wrap(password))) + val data = TreeData("s") // use s instead of y for backwards compatibility + data.setBytes(md.digest) + + // send password response; response is welcome message + try { + Await.result(sendManagerRequest(0, data), timeout) + } catch { + case e: ExecutionException => throw new IncorrectPasswordException + } } case Password(username, password) => diff --git a/core/src/main/scala/org/labrad/ServerConnection.scala b/core/src/main/scala/org/labrad/ServerConnection.scala index 2be99eb..3fd940c 100644 --- a/core/src/main/scala/org/labrad/ServerConnection.scala +++ b/core/src/main/scala/org/labrad/ServerConnection.scala @@ -17,7 +17,8 @@ class ServerConnection( val tls: TlsMode = TlsMode.STARTTLS, val tlsCerts: Map[String, File] = Map(), handler: Packet => Future[Packet], - val workerGroup: EventLoopGroup = Connection.defaultWorkerGroup + val workerGroup: EventLoopGroup = Connection.defaultWorkerGroup, + val requireSrp: Boolean = false )( implicit val executionContext: ExecutionContext = ExecutionContext.global ) extends Connection with Logging { diff --git a/core/src/main/scala/org/labrad/crypto/SRP.scala b/core/src/main/scala/org/labrad/crypto/SRP.scala new file mode 100644 index 0000000..dce048d --- /dev/null +++ b/core/src/main/scala/org/labrad/crypto/SRP.scala @@ -0,0 +1,137 @@ +package org.labrad.crypto + +import java.math.BigInteger +import java.nio.charset.StandardCharsets.UTF_8 +import java.security.SecureRandom +import org.bouncycastle.crypto.agreement.srp._ +import org.bouncycastle.crypto.digests.SHA1Digest +import org.bouncycastle.crypto.params.SRP6GroupParameters +import scala.util.Try + +/** + * Secure Remote Password (SRP) parameter groups, as defined in https://tools.ietf.org/html/rfc5054 + */ +object SRP { + + def groupFromString(name: String): SRP6GroupParameters = { + name match { + case "1024" => Group1024 + case "1536" => Group1536 + case "2048" => Group2048 + case "4096" => Group4096 + case "8192" => Group8192 + case _ => sys.error(s"Invalid SRP group name: $name") + } + } + + lazy val Group1024 = group( + N = hex(""" + EEAF0AB9 ADB38DD6 9C33F80A FA8FC5E8 60726187 75FF3C0B 9EA2314C + 9C256576 D674DF74 96EA81D3 383B4813 D692C6E0 E0D5D8E2 50B98BE4 + 8E495C1D 6089DAD1 5DC7D7B4 6154D6B6 CE8EF4AD 69B15D49 82559B29 + 7BCF1885 C529F566 660E57EC 68EDBC3C 05726CC0 2FD4CBF4 976EAA9A + FD5138FE 8376435B 9FC61D2F C0EB06E3 + """), + g = 2 + ) + + lazy val Group1536 = group( + N = hex(""" + 9DEF3CAF B939277A B1F12A86 17A47BBB DBA51DF4 99AC4C80 BEEEA961 + 4B19CC4D 5F4F5F55 6E27CBDE 51C6A94B E4607A29 1558903B A0D0F843 + 80B655BB 9A22E8DC DF028A7C EC67F0D0 8134B1C8 B9798914 9B609E0B + E3BAB63D 47548381 DBC5B1FC 764E3F4B 53DD9DA1 158BFD3E 2B9C8CF5 + 6EDF0195 39349627 DB2FD53D 24B7C486 65772E43 7D6C7F8C E442734A + F7CCB7AE 837C264A E3A9BEB8 7F8A2FE9 B8B5292E 5A021FFF 5E91479E + 8CE7A28C 2442C6F3 15180F93 499A234D CF76E3FE D135F9BB + """), + g = 2 + ) + + lazy val Group2048 = group( + N = hex(""" + AC6BDB41 324A9A9B F166DE5E 1389582F AF72B665 1987EE07 FC319294 + 3DB56050 A37329CB B4A099ED 8193E075 7767A13D D52312AB 4B03310D + CD7F48A9 DA04FD50 E8083969 EDB767B0 CF609517 9A163AB3 661A05FB + D5FAAAE8 2918A996 2F0B93B8 55F97993 EC975EEA A80D740A DBF4FF74 + 7359D041 D5C33EA7 1D281E44 6B14773B CA97B43A 23FB8016 76BD207A + 436C6481 F1D2B907 8717461A 5B9D32E6 88F87748 544523B5 24B0D57D + 5EA77A27 75D2ECFA 032CFBDB F52FB378 61602790 04E57AE6 AF874E73 + 03CE5329 9CCC041C 7BC308D8 2A5698F3 A8D0C382 71AE35F8 E9DBFBB6 + 94B5C803 D89F7AE4 35DE236D 525F5475 9B65E372 FCD68EF2 0FA7111F + 9E4AFF73 + """), + g = 2 + ) + + lazy val Group4096 = group( + N = hex(""" + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 + 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B + 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 + A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 + 49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 + FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C + 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718 + 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D + 04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D + B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 + 1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC + E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26 + 99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB + 04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2 + 233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 + D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199 + FFFFFFFF FFFFFFFF + """), + g = 5 + ) + + lazy val Group8192 = group( + N = hex(""" + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 + 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B + 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 + A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 + 49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 + FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D + 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C + 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718 + 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D + 04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D + B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 + 1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C + BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC + E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26 + 99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB + 04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2 + 233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 + D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492 + 36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406 + AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918 + DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151 + 2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03 + F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F + BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA + CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B + B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632 + 387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E + 6DBE1159 74A3926F 12FEE5E4 38777CB6 A932DF8C D8BEC4D0 73B931BA + 3BC832B6 8D9DD300 741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C + 5AE4F568 3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9 + 22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B 4BCBC886 + 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A 062B3CF5 B3A278A6 + 6D2A13F8 3F44F82D DF310EE0 74AB6A36 4597E899 A0255DC1 64F31CC5 + 0846851D F9AB4819 5DED7EA1 B1D510BD 7EE74D73 FAF36BC3 1ECFA268 + 359046F4 EB879F92 4009438B 481C6CD7 889A002E D5EE382B C9190DA6 + FC026E47 9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71 + 60C980DD 98EDD3DF FFFFFFFF FFFFFFFF + """), + g = 19 + ) + + private def group(N: BigInt, g: BigInt) = new SRP6GroupParameters(N.bigInteger, g.bigInteger) + private def hex(s: String): BigInt = BigInt(s.stripMargin.replaceAll("""\s""", ""), 16) +} diff --git a/core/src/main/scala/org/labrad/crypto/Util.scala b/core/src/main/scala/org/labrad/crypto/Util.scala new file mode 100644 index 0000000..e8c5857 --- /dev/null +++ b/core/src/main/scala/org/labrad/crypto/Util.scala @@ -0,0 +1,38 @@ +package org.labrad.crypto + +import scala.language.implicitConversions + +import java.math.BigInteger + +object BigInts { + object Implicits { + implicit def bigIntToBigInteger(n: BigInt): BigInteger = n.bigInteger + + implicit class RichBigInt(val x: BigInt) extends AnyVal { + def toUnsignedByteArray: Array[Byte] = { + val bytes = x.toByteArray + if (bytes.length >= 2 && bytes(0) == 0) bytes.tail else bytes + } + } + + implicit class RichBigInteger(val x: BigInteger) extends AnyVal { + def toUnsignedByteArray: Array[Byte] = { + val bytes = x.toByteArray + if (bytes.length >= 2 && bytes(0) == 0) bytes.tail else bytes + } + } + } + + def toUnsignedByteArray(b: BigInteger): Array[Byte] = { + val bytes = b.toByteArray + if (bytes.length >= 2 && bytes(0) == 0) bytes.tail else bytes + } + + def toUnsignedByteArray(b: BigInt): Array[Byte] = { + toUnsignedByteArray(b.bigInteger) + } + + def fromUnsignedByteArray(bytes: Array[Byte]): BigInt = { + BigInt(0.toByte +: bytes) + } +} diff --git a/core/src/main/scala/org/labrad/util/package.scala b/core/src/main/scala/org/labrad/util/package.scala index 4cb4e17..e687e32 100644 --- a/core/src/main/scala/org/labrad/util/package.scala +++ b/core/src/main/scala/org/labrad/util/package.scala @@ -2,6 +2,8 @@ package org.labrad.util import java.io.{File, IOException} import java.net.{DatagramSocket, ServerSocket, URI} +import java.nio.CharBuffer +import java.nio.charset.StandardCharsets.UTF_8 import java.util.regex.Pattern @@ -180,4 +182,15 @@ object Util { if (!ok) sys.error(s"failed to create directory: $dir") } } + + /** + * Get array of UTF-8 bytes from an array of Chars. + */ + def utf8Bytes(chars: Array[Char]): Array[Byte] = { + val charBuffer = CharBuffer.wrap(chars) + val byteBuffer = UTF_8.encode(charBuffer) + val bytes = Array.ofDim[Byte](byteBuffer.remaining) + byteBuffer.get(bytes) + bytes + } } diff --git a/manager/src/main/scala/org/labrad/manager/LoginHandler.scala b/manager/src/main/scala/org/labrad/manager/LoginHandler.scala index af5f0df..ba13c53 100644 --- a/manager/src/main/scala/org/labrad/manager/LoginHandler.scala +++ b/manager/src/main/scala/org/labrad/manager/LoginHandler.scala @@ -8,7 +8,9 @@ import java.net.{InetAddress, InetSocketAddress} import java.nio.charset.StandardCharsets.UTF_8 import java.nio.file.Files import java.util.concurrent.TimeoutException +import org.bouncycastle.crypto.agreement.srp.SRP6Server import org.labrad.ContextCodec +import org.labrad.crypto.BigInts import org.labrad.data._ import org.labrad.errors._ import org.labrad.manager.auth._ @@ -114,9 +116,13 @@ extends SimpleChannelInboundHandler[Packet] with Logging { // or we have upgraded with STARTTLS to a secure connection. private var isSecure: Boolean = tlsPolicy == TlsPolicy.ON + // challenge for old-style password auth private val challenge = Array.ofDim[Byte](256) Random.nextBytes(challenge) + // state for secure remote password (SRP) auth + private var srpServer: SRP6Server = _ + private var username: String = "" private var handle: (ChannelHandlerContext, Packet) => Data = { @@ -158,8 +164,15 @@ extends SimpleChannelInboundHandler[Packet] with Logging { d.setBytes(challenge) d + case Packet(req, 1, _, Seq(Record(10, Str("")))) => + val (groupName, salt, srpServer) = auth.srpInit() + this.srpServer = srpServer + val b = srpServer.generateServerCredentials() + handle = handleChallengeResponseSrp + Cluster(Str(groupName), Bytes(salt), Bytes(BigInts.toUnsignedByteArray(b))) + case Packet(req, 1, _, Seq(Record(2, Str("PING")))) => - ("PONG", Seq("auth-server")).toData // include manager features in ping response + ("PONG", Seq("auth-server", "srp")).toData // include manager features in ping response case Packet(req, 1, _, Seq(Record(Authenticator.METHODS_SETTING_ID, data))) => val resp = doAuthRequest(Authenticator.METHODS_SETTING_ID, data) @@ -200,14 +213,34 @@ extends SimpleChannelInboundHandler[Packet] with Logging { resp } - private def handleChallengeResponse(ctx: ChannelHandlerContext, packet: Packet): Data = packet match { - case Packet(req, 1, _, Seq(Record(0, Bytes(response)))) if req > 0 => - if (!auth.authenticate(challenge, response)) throw LabradException(2, "Incorrect password") - handle = handleIdentification - Str("LabRAD 2.0") + private def handleChallengeResponse(ctx: ChannelHandlerContext, packet: Packet): Data = { + packet match { + case Packet(req, 1, _, Seq(Record(0, Bytes(response)))) if req > 0 => + if (!auth.authenticate(challenge, response)) throw LabradException(2, "Incorrect password") + handle = handleIdentification + Str("LabRAD 2.0") - case _ => - throw LabradException(1, "Invalid authentication packet") + case _ => + throw LabradException(1, "Invalid authentication packet") + } + } + + private def handleChallengeResponseSrp(ctx: ChannelHandlerContext, packet: Packet): Data = { + packet match { + case Packet(req, 1, _, Seq(Record(11, Cluster(Bytes(aBytes), Bytes(m1Bytes))))) if req > 0 => + val a = BigInts.fromUnsignedByteArray(aBytes) + val m1 = BigInts.fromUnsignedByteArray(m1Bytes) + srpServer.calculateSecret(a.bigInteger) + if (!srpServer.verifyClientEvidenceMessage(m1.bigInteger)) { + throw LabradException(2, "Incorrect password") + } + val m2 = srpServer.calculateServerEvidenceMessage() + handle = handleIdentification + Cluster(Str("LabRAD 2.0"), Bytes(BigInts.toUnsignedByteArray(m2))) + + case _ => + throw LabradException(1, "Invalid authentication packet") + } } private def handleIdentification(ctx: ChannelHandlerContext, packet: Packet): Data = packet match { diff --git a/manager/src/main/scala/org/labrad/manager/Manager.scala b/manager/src/main/scala/org/labrad/manager/Manager.scala index 6b75308..eb6a2b7 100644 --- a/manager/src/main/scala/org/labrad/manager/Manager.scala +++ b/manager/src/main/scala/org/labrad/manager/Manager.scala @@ -5,16 +5,17 @@ import io.netty.handler.ssl.util.SelfSignedCert import io.netty.util.DomainNameMapping import java.io.File import java.net.{InetAddress, URI} -import java.nio.CharBuffer import java.nio.charset.StandardCharsets.UTF_8 import java.nio.file.Files import java.security.{MessageDigest, SecureRandom} +import org.bouncycastle.crypto.agreement.srp._ +import org.bouncycastle.crypto.digests.SHA1Digest import org.clapper.argot._ import org.clapper.argot.ArgotConverters._ import org.labrad.{Labrad, Password, ServerConfig, ServerInfo, TlsMode} import org.labrad.annotations._ import org.labrad.concurrent.ExecutionContexts -import org.labrad.crypto.{CertConfig, Certs} +import org.labrad.crypto.{CertConfig, Certs, SRP} import org.labrad.data._ import org.labrad.errors._ import org.labrad.manager.auth._ @@ -29,18 +30,41 @@ import scala.concurrent.duration._ trait AuthService { def authenticate(challenge: Array[Byte], response: Array[Byte]): Boolean + def srpInit(): (String, Array[Byte], SRP6Server) } class AuthServiceImpl(password: Array[Char]) extends AuthService { def authenticate(challenge: Array[Byte], response: Array[Byte]): Boolean = { val md = MessageDigest.getInstance("MD5") md.update(challenge) - md.update(UTF_8.encode(CharBuffer.wrap(password))) + md.update(passwordBytes) val expected = md.digest var same = expected.length == response.length for ((a, b) <- expected zip response) same = same & (a == b) same } + + private lazy val passwordBytes = Util.utf8Bytes(password) + + private lazy val srpSalt: Array[Byte] = { + val random = new SecureRandom() + val bytes = Array.ofDim[Byte](32) + random.nextBytes(bytes) + bytes + } + + private lazy val srpVerifier: BigInt = { + val digest = new SHA1Digest() + val gen = new SRP6VerifierGenerator() + gen.init(SRP.Group1024, digest) + gen.generateVerifier(srpSalt, "".getBytes(UTF_8), passwordBytes) + } + + def srpInit(): (String, Array[Byte], SRP6Server) = { + val server = new SRP6Server() + server.init(SRP.Group1024, srpVerifier.bigInteger, new SHA1Digest(), new SecureRandom()) + ("1024", srpSalt, server) + } }