SRPServerInterface


1   /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */
22  package org.jboss.security.srp;
23  
24  import java.rmi.RemoteException  ;
25  import java.security.KeyException  ;
26  import java.security.NoSuchAlgorithmException  ;
27  
28  /** An interface describing the message exchange of the SRP protocol as
29  described in RFC2945. This is an RMI compatible interface in that all methods
30  declare that they throw a RemoteException, but it does not extend from
31  java.rmi.Remote so that it cannot be used in place of a Remote object.
32  For an RMI interface see the SRPRemoteServerInterface.
33  
34  There are two versions of each method. One that takes an arbitrary session number
35  and one that does not. The session number form allows a user to maintain mutiple
36  SRP sessions.
37  
38  @see org.jboss.security.srp.SRPRemoteServerInterface
39  
40  @author Scott.Stark@jboss.org
41  @version $Revision: 40096 $
42  */
43  public interface SRPServerInterface
44  {
45      /** Get the SRP parameters to use for this session.
46       * @param username, the SRP username
47       * @return the users SRPParameters object
48      */
49      public SRPParameters getSRPParameters(String   username) throws KeyException  , RemoteException  ;
50      /** Get the SRP parameters to use for this session and create an arbitrary session id
51       * to allow for multiple SRP sessions for this user.
52       * @param username, the SRP username
53       * @param mutipleSessions, a flag that if true indicates the user may initiate mutiple
54       * sessions and an arbitrary session id will be created.
55       * @return an array of {SRPParameters, Integer} where element[0] is the SRPParameters
56       * object and element[1] is the session id as an Integer.
57      */
58      public Object  [] getSRPParameters(String   username, boolean mutipleSessions)
59        throws KeyException  , RemoteException  ;
60  
61      /** Initiate the SRP algorithm. The client sends their username and the
62       public key A to begin the SRP handshake.
63      @param username, the user ID by which the client is known.
64      @param A, the client public key = (g ^ a) % N
65      @return byte[], ephemeral server public key B = (v + g ^ b) % N
66      @throws KeyException, thrown if the username is not known by the server.
67      @throws RemoteException, thrown by remote implementations
68      */
69      public byte[] init(String   username, byte[] A) throws SecurityException  ,
70        NoSuchAlgorithmException  , RemoteException  ;
71      /** Initiate the SRP algorithm. The client sends their username and the
72       public key A to begin the SRP handshake.
73      @param username, the user ID by which the client is known.
74      @param A, the client public key = (g ^ a) % N
75      @param sessionID, the arbitrary session id obtained from getSRPParameters. A 0
76       indicates there is no sessionID.
77      @return byte[], ephemeral server public key B = (v + g ^ b) % N
78      @throws KeyException, thrown if the username is not known by the server.
79      @throws RemoteException, thrown by remote implementations
80      */
81      public byte[] init(String   username, byte[] A, int sessionID) throws SecurityException  ,
82        NoSuchAlgorithmException  , RemoteException  ;
83  
84      /** Verify the session key hash. The client sends their username and M1
85       hash to validate completion of the SRP handshake.
86  
87      @param username, the user ID by which the client is known. This is repeated to simplify
88          the server session management.
89      @param M1, the client hash of the session key; M1 = H(H(N) xor H(g) | H(U) | A | B | K)
90      @return M2, the server hash of the client challenge; M2 = H(A | M1 | K)
91      @throws SecurityException, thrown if M1 cannot be verified by the server
92      @throws RemoteException, thrown by remote implementations
93      */
94      public byte[] verify(String   username, byte[] M1) throws SecurityException  , RemoteException  ;
95      public byte[] verify(String   username, byte[] M1, int sessionID)
96            throws SecurityException  , RemoteException  ;
97  
98      /** Verify the session key hash. The client sends their username and M1
99       hash to validate completion of the SRP handshake.
100 
101     @param username, the user ID by which the client is known. This is repeated to simplify
102         the server session management.
103     @param M1, the client hash of the session key; M1 = H(H(N) xor H(g) | H(U) | A | B | K)
104     @param auxChallenge, an arbitrary addition data item that my be used as an additional
105      challenge. One example usage would be to send a hardware generated token that was encrypted
106      with the session private key for validation by the server.
107     @return M2, the server hash of the client challenge; M2 = H(A | M1 | K)
108     @throws SecurityException, thrown if M1 cannot be verified by the server
109     @throws RemoteException, thrown by remote implementations
110     */
111     public byte[] verify(String   username, byte[] M1, Object   auxChallenge)
112           throws SecurityException  , RemoteException  ;
113     public byte[] verify(String   username, byte[] M1, Object   auxChallenge, int sessionID)
114           throws SecurityException  , RemoteException  ;
115 
116     /** Close the SRP session for the given username.
117      */
118     public void close(String   username) throws SecurityException  , RemoteException  ;
119     public void close(String   username, int sessionID) throws SecurityException  , RemoteException  ;
120 }
121
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags