TestJCEIntegration


1   /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10  * the License, or (at your option) any later version.
11  *
12  * This software is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this software; if not, write to the Free
19  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21  */
22  package org.jboss.test;
23  
24  import java.io.Serializable  ;
25  import java.math.BigInteger  ;
26  import java.rmi.RemoteException  ;
27  import java.security.AlgorithmParameters  ;
28  import java.security.Key  ;
29  import java.security.KeyException  ;
30  import java.security.MessageDigest  ;
31  import java.security.SecureRandom  ;
32  import javax.crypto.Cipher;
33  import javax.crypto.KeyGenerator;
34  import javax.crypto.SealedObject;
35  import javax.crypto.SecretKey;
36  import javax.crypto.spec.SecretKeySpec;
37  
38  import org.jboss.logging.Logger;
39  import org.apache.log4j.WriterAppender;
40  import org.apache.log4j.NDC;
41  import org.apache.log4j.PatternLayout;
42  
43  import org.jboss.logging.XLevel;
44  import org.jboss.security.Util;
45  import org.jboss.security.srp.SRPConf;
46  import org.jboss.security.srp.SRPParameters;
47  import org.jboss.security.srp.SRPServerInterface;
48  import org.jboss.security.srp.SRPClientSession;
49  import org.jboss.security.srp.SRPServerSession;
50  
51  /** Tests of using the Java Cryptography Extension framework with SRP.
52  
53   @author Scott.Stark@jboss.org
54   @version $Revision: 58118 $
55   */
56  public class TestJCEIntegration
57  {
58     SimpleSRPServer server;
59     SRPClientSession client;
60     
61     TestJCEIntegration() throws Exception  
62     {
63        // Set up a simple configuration that logs on the console.
64        Logger root = Logger.getRoot();
65        root.setLevel(XLevel.TRACE);
66        root.addAppender(new WriterAppender(new PatternLayout("%x%m%n"), System.out));
67        Util.init();
68        NDC.push("S,");
69        server = new SimpleSRPServer("secret".toCharArray(), "123456");
70        NDC.pop();
71        NDC.remove();
72     }
73     void login(String   username, char[] password) throws Exception  
74     {
75        SRPParameters params = server.getSRPParameters(username);
76        NDC.push("C,");
77        client = new SRPClientSession(username, password, params);
78        byte[] A = client.exponential();
79        NDC.pop();
80        NDC.push("S,");
81        byte[] B = server.init(username, A);
82        NDC.pop();
83        NDC.push("C,");
84        byte[] M1 = client.response(B);
85        NDC.pop();
86        NDC.push("S,");
87        byte[] M2 = server.verify(username, M1);
88        NDC.pop();
89        NDC.push("C,");
90        if( client.verify(M2) == false )
91           throw new SecurityException  ("Failed to validate server reply");
92        NDC.pop();
93        NDC.remove();
94     }
95  
96     /** Performs an SRP exchange and then use the resulting session key to
97      encrypt/decrypt a msg. Also test that a random key cannot be used to
98      decrypt the msg.
99      */
100    void testSecureExchange() throws Exception  
101    {
102       login("jduke", "secret".toCharArray());
103       System.out.println("Logged into server");
104       byte[] kbytes = client.getSessionKey();
105       System.out.println("Session key size = "+kbytes.length);
106       SecretKeySpec clientKey = new SecretKeySpec(kbytes, "Blowfish");
107       System.out.println("clientKey");
108       
109       Cipher cipher = Cipher.getInstance("Blowfish");
110       cipher.init(Cipher.ENCRYPT_MODE, clientKey);
111       SealedObject msg = new SealedObject("This is a secret", cipher);
112       
113       // Now use the server key to decrypt the msg
114       byte[] skbytes = server.session.getSessionKey();
115       SecretKeySpec serverKey = new SecretKeySpec(skbytes, "Blowfish");
116       Cipher scipher = Cipher.getInstance("Blowfish");
117       scipher.init(Cipher.DECRYPT_MODE, serverKey);
118       String   theMsg = (String  ) msg.getObject(scipher);
119       System.out.println("Decrypted: "+theMsg);
120 
121       // Try a key that should fail
122       KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
123       kgen.init(320);
124       SecretKey key = kgen.generateKey();
125       cipher.init(Cipher.DECRYPT_MODE, key);
126       try
127       {
128          String   tmp = (String  ) msg.getObject(cipher);
129          throw new IllegalArgumentException  ("Should have failed to decrypt the msg");
130       }
131       catch(Exception   e)
132       {
133          System.out.println("Arbitrary key failed as expected");
134       }
135    }
136 
137    static void testKey() throws Exception  
138    {
139       int size = 8 * 24;
140       KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
141       kgen.init(size);
142       SecretKey key = kgen.generateKey();
143       byte[] kbytes = key.getEncoded();
144       System.out.println("key.Algorithm = "+key.getAlgorithm());
145       System.out.println("key.Format = "+key.getFormat());
146       System.out.println("key.Encoded Size = "+kbytes.length);
147       
148       SecureRandom   rnd = SecureRandom.getInstance("SHA1PRNG");
149       BigInteger   bi = new BigInteger  (320, rnd);
150       byte[] k2bytes = bi.toByteArray();
151       SecretKeySpec keySpec = new SecretKeySpec(k2bytes, "Blowfish");
152       System.out.println("key2.Algorithm = "+key.getAlgorithm());
153       System.out.println("key2.Format = "+key.getFormat());
154       System.out.println("key2.Encoded Size = "+kbytes.length);
155    }
156    
157    public static void main(String  [] args)
158    {
159       try
160       {
161          System.setOut(System.err);
162          TestJCEIntegration tst = new TestJCEIntegration();
163          tst.testSecureExchange();
164          //tst.testKey();
165       }
166       catch(Throwable   t)
167       {
168          t.printStackTrace();
169       }
170    }
171 }
172
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags