Overview Package Class Use Source Tree Index Deprecated About
Frames | No Frames

Source for gnu.javax.crypto.key.srp6.SRP6TLSClient

   1: /* SRP6TLSClient.java --
   2:    Copyright (C) 2003, 2006 Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.crypto.key.srp6;
  40: 
  41: import gnu.java.security.util.Util;
  42: import gnu.javax.crypto.key.KeyAgreementException;
  43: import gnu.javax.crypto.key.IncomingMessage;
  44: import gnu.javax.crypto.key.OutgoingMessage;
  45: import gnu.javax.crypto.sasl.srp.SRP;
  46: 
  47: import java.math.BigInteger;
  48: import java.security.KeyPair;
  49: import java.security.SecureRandom;
  50: import java.util.HashMap;
  51: import java.util.Map;
  52: 
  53: /**
  54:  * A variation of the SRP6 key agreement protocol, for the client-side as
  55:  * proposed in <a
  56:  * href="http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt">Using
  57:  * SRP for TLS Authentication</a>. The only difference between it and the SASL
  58:  * variant is that the shared secret is the entity <code>S</code> and not
  59:  * <code>H(S)</code>.
  60:  */
  61: public class SRP6TLSClient
  62:     extends SRP6KeyAgreement
  63: {
  64:   /** The user's identity. */
  65:   private String I;
  66:   /** The user's cleartext password. */
  67:   private byte[] p;
  68:   /** The user's ephemeral key pair. */
  69:   private KeyPair userKeyPair;
  70: 
  71:   // default 0-arguments constructor
  72: 
  73:   protected void engineInit(final Map attributes) throws KeyAgreementException
  74:   {
  75:     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
  76:     final String md = (String) attributes.get(HASH_FUNCTION);
  77:     if (md == null || md.trim().length() == 0)
  78:       throw new KeyAgreementException("missing hash function");
  79:     srp = SRP.instance(md);
  80:     I = (String) attributes.get(USER_IDENTITY);
  81:     if (I == null)
  82:       throw new KeyAgreementException("missing user identity");
  83:     p = (byte[]) attributes.get(USER_PASSWORD);
  84:     if (p == null)
  85:       throw new KeyAgreementException("missing user password");
  86:   }
  87: 
  88:   protected OutgoingMessage engineProcessMessage(final IncomingMessage in)
  89:       throws KeyAgreementException
  90:   {
  91:     switch (step)
  92:       {
  93:       case 0:
  94:         return sendIdentity(in);
  95:       case 1:
  96:         return computeSharedSecret(in);
  97:       default:
  98:         throw new IllegalStateException("unexpected state");
  99:       }
 100:   }
 101: 
 102:   protected void engineReset()
 103:   {
 104:     I = null;
 105:     p = null;
 106:     userKeyPair = null;
 107:     super.engineReset();
 108:   }
 109: 
 110:   private OutgoingMessage sendIdentity(final IncomingMessage in)
 111:       throws KeyAgreementException
 112:   {
 113:     final OutgoingMessage result = new OutgoingMessage();
 114:     result.writeString(I);
 115:     return result;
 116:   }
 117: 
 118:   protected OutgoingMessage computeSharedSecret(final IncomingMessage in)
 119:       throws KeyAgreementException
 120:   {
 121:     N = in.readMPI();
 122:     g = in.readMPI();
 123:     final BigInteger s = in.readMPI();
 124:     final BigInteger B = in.readMPI();
 125:     // generate an ephemeral keypair
 126:     final SRPKeyPairGenerator kpg = new SRPKeyPairGenerator();
 127:     final Map attributes = new HashMap();
 128:     if (rnd != null)
 129:       attributes.put(SRPKeyPairGenerator.SOURCE_OF_RANDOMNESS, rnd);
 130:     attributes.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
 131:     attributes.put(SRPKeyPairGenerator.GENERATOR, g);
 132:     kpg.setup(attributes);
 133:     userKeyPair = kpg.generate();
 134:     final BigInteger A = ((SRPPublicKey) userKeyPair.getPublic()).getY();
 135:     final BigInteger u = uValue(A, B); // u = H(A | B)
 136:     final BigInteger x;
 137:     try
 138:       {
 139:         x = new BigInteger(1, srp.computeX(Util.trim(s), I, p));
 140:       }
 141:     catch (Exception e)
 142:       {
 143:         throw new KeyAgreementException("computeSharedSecret()", e);
 144:       }
 145:     // compute S = (B - 3g^x) ^ (a + ux)
 146:     final BigInteger a = ((SRPPrivateKey) userKeyPair.getPrivate()).getX();
 147:     final BigInteger S = B.subtract(THREE.multiply(g.modPow(x, N)))
 148:                           .modPow(a.add(u.multiply(x)), N);
 149:     K = S;
 150:     final OutgoingMessage result = new OutgoingMessage();
 151:     result.writeMPI(A);
 152:     complete = true;
 153:     return result;
 154:   }
 155: }

Overview Package Class Use Source Tree Index Deprecated About