search

tuomaura / eap-noob

Nimble out-of-band authentication for EAP (EAP-NOOB)
14 stars 11 forks source link

I want to know how to generate OOB messages on the server. #7

Open INKYUSONGG opened 5 years ago

INKYUSONGG commented 5 years ago

How do I generate OOB message on the server when Server -> Peer ?

I want to know if there is source code.

I would also like to know the file name and location if it exists.

Thank you for always kind replying.

ms-s commented 5 years ago

Please contact me via email at mohit.sethi@aalto.fi and I can help you better. I will also be able to answer you faster.

ms-s commented 5 years ago

The server->peer direction is implemented in version 2.5 of the code here: https://github.com/tuomaura/eap-noob/releases/tag/2.5.

This version of the code has everything working but it is implementing the older version 02 of the draft and uses a different elliptic curve and database scheme. Note that this will require you to downgrade to an older version of openssl.

The server->peer direction is implemented in the nodejs server. We have tested 2 methods of sending the OOB message from the server to the peer: 1. through NFC on an android phone and 2. through a QR code that is shown to a peer device with a camera.

The code for sending server to peer is spread into 3 files: profile.ejs, deviceadd.ejs, and oobmessage.py. The reason for this complexity is that a server would typically have many users each of which is adding many IoT devices.

Therefore, there can be many devices which have completed the initial exchange with the server. The user has to login to the server, search for the device he/she is adding based on things such as the device name, manufacturer name, serial number etc. (in deviceadd.ejs) and then transfer the oob message (either by showing the peer device a QR code or by tapping NFC). The oob message is generated in the 'def get_oob_message(peer_id, path):' function in the oobmessage.py file.

You can also find more information on how the oob message from the server is sent to the peer over NFC in section 6.2 here: https://aaltodoc.aalto.fi/bitstream/handle/123456789/27982/master_Thagadur_Prakash_Shiva_2017.pdf

As the standardization of EAP-NOOB progresses in the IETF, we are also planning to update the latest version of the code in the EAP-NOOB repository to support server->peer direction.