Overview Package Class Use Source Tree Index Deprecated About
Frames | No Frames

Source for gnu.javax.crypto.key.srp6.SRPKeyPairGenerator

   1: /* SRPKeyPairGenerator.java --
   2:    Copyright (C) 2003, 2006, 2010 Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.crypto.key.srp6;
  40: 
  41: import gnu.java.security.Configuration;
  42: import gnu.java.security.Registry;
  43: import gnu.java.security.key.IKeyPairGenerator;
  44: import gnu.java.security.util.PRNG;
  45: 
  46: import java.math.BigInteger;
  47: import java.security.KeyPair;
  48: import java.security.SecureRandom;
  49: import java.util.Map;
  50: import java.util.logging.Logger;
  51: 
  52: /**
  53:  * Reference:
  54:  * <ol>
  55:  * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br>
  56:  * Thomas J. Wu.</li>
  57:  * </ol>
  58:  */
  59: public class SRPKeyPairGenerator
  60:     implements IKeyPairGenerator
  61: {
  62:   private static final Logger log = Configuration.DEBUG ?
  63:                 Logger.getLogger(SRPKeyPairGenerator.class.getName()) : null;
  64: 
  65:   private static final BigInteger ZERO = BigInteger.ZERO;
  66:   private static final BigInteger ONE = BigInteger.ONE;
  67:   private static final BigInteger TWO = BigInteger.valueOf(2L);
  68:   private static final BigInteger THREE = BigInteger.valueOf(3L);
  69:   /** Property name of the length (Integer) of the modulus (N) of an SRP key. */
  70:   public static final String MODULUS_LENGTH = "gnu.crypto.srp.L";
  71:   /** Property name of the Boolean indicating wether or not to use defaults. */
  72:   public static final String USE_DEFAULTS = "gnu.crypto.srp.use.defaults";
  73:   /** Property name of the modulus (N) of an SRP key. */
  74:   public static final String SHARED_MODULUS = "gnu.crypto.srp.N";
  75:   /** Property name of the generator (g) of an SRP key. */
  76:   public static final String GENERATOR = "gnu.crypto.srp.g";
  77:   /** Property name of the user's verifier (v) for a Server SRP key. */
  78:   public static final String USER_VERIFIER = "gnu.crypto.srp.v";
  79:   /**
  80:    * Property name of an optional {@link SecureRandom} instance to use. The
  81:    * default is to use a classloader singleton from {@link PRNG}.
  82:    */
  83:   public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.srp.prng";
  84:   /** Default value for the modulus length. */
  85:   private static final int DEFAULT_MODULUS_LENGTH = 1024;
  86:   /** The optional {@link SecureRandom} instance to use. */
  87:   private SecureRandom rnd = null;
  88:   /** Bit length of the shared modulus. */
  89:   private int l;
  90:   /** The shared public modulus. */
  91:   private BigInteger N;
  92:   /** The Field generator. */
  93:   private BigInteger g;
  94:   /** The user's verifier MPI. */
  95:   private BigInteger v;
  96:   /** Our default source of randomness. */
  97:   private PRNG prng = null;
  98: 
  99:   // implicit 0-arguments constructor
 100: 
 101:   public String name()
 102:   {
 103:     return Registry.SRP_KPG;
 104:   }
 105: 
 106:   public void setup(Map attributes)
 107:   {
 108:     // do we have a SecureRandom, or should we use our own?
 109:     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
 110:     N = (BigInteger) attributes.get(SHARED_MODULUS);
 111:     if (N != null)
 112:       {
 113:         l = N.bitLength();
 114:         g = (BigInteger) attributes.get(GENERATOR);
 115:         if (g == null)
 116:           g = TWO;
 117:         SRPAlgorithm.checkParams(N, g);
 118:       }
 119:     else
 120:       { // generate or use default values for N and g
 121:         Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS);
 122:         if (useDefaults == null)
 123:           useDefaults = Boolean.TRUE;
 124:         Integer L = (Integer) attributes.get(MODULUS_LENGTH);
 125:         l = DEFAULT_MODULUS_LENGTH;
 126:         if (useDefaults.equals(Boolean.TRUE))
 127:           {
 128:             if (L != null)
 129:               {
 130:                 l = L.intValue();
 131:                 switch (l)
 132:                   {
 133:                   case 512:
 134:                     N = SRPAlgorithm.N_512;
 135:                     break;
 136:                   case 640:
 137:                     N = SRPAlgorithm.N_640;
 138:                     break;
 139:                   case 768:
 140:                     N = SRPAlgorithm.N_768;
 141:                     break;
 142:                   case 1024:
 143:                     N = SRPAlgorithm.N_1024;
 144:                     break;
 145:                   case 1280:
 146:                     N = SRPAlgorithm.N_1280;
 147:                     break;
 148:                   case 1536:
 149:                     N = SRPAlgorithm.N_1536;
 150:                     break;
 151:                   case 2048:
 152:                     N = SRPAlgorithm.N_2048;
 153:                     break;
 154:                   default:
 155:                     throw new IllegalArgumentException(
 156:                         "unknown default shared modulus bit length");
 157:                   }
 158:                 g = TWO;
 159:                 l = N.bitLength();
 160:               }
 161:           }
 162:         else // generate new N and g
 163:           {
 164:             if (L != null)
 165:               {
 166:                 l = L.intValue();
 167:                 if ((l % 256) != 0 || l < 512 || l > 2048)
 168:                   throw new IllegalArgumentException(
 169:                       "invalid shared modulus bit length");
 170:               }
 171:           }
 172:       }
 173:     // are we using this generator on the server side, or the client side?
 174:     v = (BigInteger) attributes.get(USER_VERIFIER);
 175:   }
 176: 
 177:   public KeyPair generate()
 178:   {
 179:     if (N == null)
 180:       {
 181:         BigInteger[] params = generateParameters();
 182:         BigInteger q = params[0];
 183:         N = params[1];
 184:         g = params[2];
 185:         if (Configuration.DEBUG)
 186:           {
 187:             log.fine("q: " + q.toString(16));
 188:             log.fine("N: " + N.toString(16));
 189:             log.fine("g: " + g.toString(16));
 190:           }
 191:       }
 192:     return (v != null ? hostKeyPair() : userKeyPair());
 193:   }
 194: 
 195:   private synchronized BigInteger[] generateParameters()
 196:   {
 197:     // N A large safe prime (N = 2q+1, where q is prime)
 198:     // g A generator modulo N
 199:     BigInteger q, p, g;
 200:     byte[] qBytes = new byte[l / 8];
 201:     do
 202:       {
 203:         do
 204:           {
 205:             nextRandomBytes(qBytes);
 206:             q = new BigInteger(1, qBytes);
 207:             q = q.setBit(0).setBit(l - 2).clearBit(l - 1);
 208:           }
 209:         while (! q.isProbablePrime(80));
 210:         p = q.multiply(TWO).add(ONE);
 211:       }
 212:     while (p.bitLength() != l || ! p.isProbablePrime(80));
 213:     // compute g. from FIPS-186, Appendix 4: e == 2
 214:     BigInteger p_minus_1 = p.subtract(ONE);
 215:     g = TWO;
 216:     // Set h = any integer, where 1 < h < p - 1 and
 217:     // h differs from any value previously tried
 218:     for (BigInteger h = TWO; h.compareTo(p_minus_1) < 0; h = h.add(ONE))
 219:       {
 220:         // Set g = h**2 mod p
 221:         g = h.modPow(TWO, p);
 222:         // If g = 1, go to step 3
 223:         if (! g.equals(ONE))
 224:           break;
 225:       }
 226:     return new BigInteger[] { q, p, g };
 227:   }
 228: 
 229:   private KeyPair hostKeyPair()
 230:   {
 231:     byte[] bBytes = new byte[(l + 7) / 8];
 232:     BigInteger b, B;
 233:     do
 234:       {
 235:         do
 236:           {
 237:             nextRandomBytes(bBytes);
 238:             b = new BigInteger(1, bBytes);
 239:           }
 240:         while (b.compareTo(ONE) <= 0 || b.compareTo(N) >= 0);
 241:         B = THREE.multiply(v).add(g.modPow(b, N)).mod(N);
 242:       }
 243:     while (B.compareTo(ZERO) == 0 || B.compareTo(N) >= 0);
 244:     KeyPair result = new KeyPair(new SRPPublicKey(new BigInteger[] { N, g, B }),
 245:                                  new SRPPrivateKey(new BigInteger[] { N, g, b, v }));
 246:     return result;
 247:   }
 248: 
 249:   private KeyPair userKeyPair()
 250:   {
 251:     byte[] aBytes = new byte[(l + 7) / 8];
 252:     BigInteger a, A;
 253:     do
 254:       {
 255:         do
 256:           {
 257:             nextRandomBytes(aBytes);
 258:             a = new BigInteger(1, aBytes);
 259:           }
 260:         while (a.compareTo(ONE) <= 0 || a.compareTo(N) >= 0);
 261:         A = g.modPow(a, N);
 262:       }
 263:     while (A.compareTo(ZERO) == 0 || A.compareTo(N) >= 0);
 264:     KeyPair result = new KeyPair(new SRPPublicKey(new BigInteger[] { N, g, A }),
 265:                                  new SRPPrivateKey(new BigInteger[] { N, g, a }));
 266:     return result;
 267:   }
 268: 
 269:   private void nextRandomBytes(byte[] buffer)
 270:   {
 271:     if (rnd != null)
 272:       rnd.nextBytes(buffer);
 273:     else
 274:       getDefaultPRNG().nextBytes(buffer);
 275:   }
 276: 
 277:   private PRNG getDefaultPRNG()
 278:   {
 279:     if (prng == null)
 280:       prng = PRNG.getInstance();
 281: 
 282:     return prng;
 283:   }
 284: }

Overview Package Class Use Source Tree Index Deprecated About