SimpleSRPServer


1   /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */
22  package org.jboss.test;
23  
24  import java.io.Serializable  ;
25  import java.math.BigInteger  ;
26  import java.rmi.RemoteException  ;
27  import java.security.KeyException  ;
28  import java.security.NoSuchAlgorithmException  ;
29  
30  import org.jboss.security.Util;
31  import org.jboss.security.srp.SRPConf;
32  import org.jboss.security.srp.SRPParameters;
33  import org.jboss.security.srp.SRPServerInterface;
34  import org.jboss.security.srp.SRPServerSession;
35  
36  /** A simple hard coded implementation of SRPServerInterface that validates
37   any given username to the password and salt provided to its constructor.
38   
39   @author Scott.Stark@jboss.org
40   @version $Revision: 40096 $
41   */
42  public class SimpleSRPServer implements SRPServerInterface
43  {
44     SRPParameters params;
45     SRPServerSession session;
46     char[] password;
47  
48     public Object  [] getSRPParameters(String   username, boolean mutipleSessions)
49           throws KeyException  , RemoteException  
50     {
51        return new Object  [0];
52     }
53  
54     public byte[] init(String   username, byte[] A, int sessionID) throws SecurityException  ,
55           NoSuchAlgorithmException  , RemoteException  
56     {
57        return new byte[0];
58     }
59  
60     public byte[] verify(String   username, byte[] M1, int sessionID)
61           throws SecurityException  , RemoteException  
62     {
63        return new byte[0];
64     }
65  
66     public byte[] verify(String   username, byte[] M1, Object   auxChallenge)
67           throws SecurityException  , RemoteException  
68     {
69        return new byte[0];
70     }
71  
72     public byte[] verify(String   username, byte[] M1, Object   auxChallenge, int sessionID)
73           throws SecurityException  , RemoteException  
74     {
75        return new byte[0];
76     }
77  
78     public void close(String   username, int sessionID) throws SecurityException  , RemoteException  
79     {
80     }
81  
82     SimpleSRPServer(char[] password, String   salt)
83     {
84        byte[] N = SRPConf.getDefaultParams().Nbytes();
85        byte[] g = SRPConf.getDefaultParams().gbytes();
86        byte[] s = Util.fromb64(salt);
87        params = new SRPParameters(N, g, s);
88        this.password = password;
89     }
90     
91     public SRPParameters getSRPParameters(String   username) throws KeyException  , RemoteException  
92     {
93        return params;
94     }
95     
96     public byte[] init(String   username,byte[] A) throws SecurityException  ,
97        NoSuchAlgorithmException  , RemoteException  
98     {
99        // Calculate the password verfier v
100       byte[] v = Util.calculateVerifier(username, password, params.s, params.N, params.g);
101       // Create an SRP session
102       session = new SRPServerSession(username, v, params);
103       byte[] B = session.exponential();
104       session.buildSessionKey(A);
105       
106       return B;
107    }
108    
109    public byte[] verify(String   username, byte[] M1) throws SecurityException  , RemoteException  
110    {
111       if( session.verify(M1) == false )
112          throw new SecurityException  ("Failed to verify M1");
113       return session.getServerResponse();
114    }
115   
116    /** Close the SRP session for the given username.
117     */
118    public void close(String   username) throws SecurityException  , RemoteException  
119    {
120    }
121 
122 }
123
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags