| Frames | No Frames |
1: /* SRP6SaslClient.java -- 2: Copyright (C) 2003, 2006 Free Software Foundation, Inc. 3: 4: This file is a part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2 of the License, or (at 9: your option) any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; if not, write to the Free Software 18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19: USA 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package gnu.javax.crypto.key.srp6; 40: 41: import gnu.java.security.hash.IMessageDigest; 42: import gnu.java.security.util.Util; 43: 44: import gnu.javax.crypto.key.KeyAgreementException; 45: import gnu.javax.crypto.key.IncomingMessage; 46: import gnu.javax.crypto.key.OutgoingMessage; 47: 48: import java.math.BigInteger; 49: 50: /** 51: * A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for the 52: * User (client side). 53: * <p> 54: * In this alternative, the exchange goes as follows: 55: * 56: * <pre> 57: * C -> S: I (identifies self) 58: * S -> C: N, g, s, B = 3v + gˆb (sends salt, b = random number) 59: * C -> S: A = gˆa (a = random number) 60: * </pre> 61: * 62: * <p> 63: * All elements are computed the same way as in the standard version. 64: * <p> 65: * Reference: 66: * <ol> 67: * <li><a 68: * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt"> 69: * Secure Remote Password Authentication Mechanism</a><br> 70: * K. Burdis, R. Naffah.</li> 71: * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br> 72: * Thomas J. Wu.</li> 73: * </ol> 74: */ 75: public class SRP6SaslClient 76: extends SRP6TLSClient 77: { 78: // default 0-arguments constructor 79: 80: protected OutgoingMessage computeSharedSecret(final IncomingMessage in) 81: throws KeyAgreementException 82: { 83: final OutgoingMessage result = super.computeSharedSecret(in); 84: final byte[] sBytes = Util.trim(K); 85: final IMessageDigest hash = srp.newDigest(); 86: hash.update(sBytes, 0, sBytes.length); 87: K = new BigInteger(1, hash.digest()); 88: return result; 89: } 90: }