| Frames | No Frames |
1: /* SRPRegistry.java -- 2: Copyright (C) 2003, 2006 Free Software Foundation, Inc. 3: 4: This file is a part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2 of the License, or (at 9: your option) any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; if not, write to the Free Software 18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19: USA 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package gnu.javax.crypto.sasl.srp; 40: 41: import gnu.java.security.Registry; 42: 43: /** 44: * A list of key names designating the values exchanged between the server 45: * and client in an SRP communication authentication phase. 46: */ 47: public interface SRPRegistry 48: { 49: /** Indices of (N, g) parameter values for SRP (.conf) password database. */ 50: String N_2048_BITS = "1"; 51: String N_1536_BITS = "2"; 52: String N_1280_BITS = "3"; 53: String N_1024_BITS = "4"; 54: String N_768_BITS = "5"; 55: String N_640_BITS = "6"; 56: String N_512_BITS = "7"; 57: /** Available hash algorithms for all SRP calculations. */ 58: String[] SRP_ALGORITHMS = { 59: Registry.SHA160_HASH, // the default one 60: Registry.MD5_HASH, 61: Registry.RIPEMD128_HASH, 62: Registry.RIPEMD160_HASH, 63: 64: Registry.SHA256_HASH, 65: Registry.SHA384_HASH, 66: Registry.SHA512_HASH }; 67: /** 68: * The name of the default message digest algorithm to use when no name is 69: * explicitely given. In this implementation it is the <b>first</b> among 70: * those supported; i.e. the algorithm at index position #0: SHA with 71: * 160-bit output. 72: */ 73: String SRP_DEFAULT_DIGEST_NAME = SRP_ALGORITHMS[0]; 74: /** 75: * The property name of the message digest algorithm name to use in a given 76: * SRP incarnation. 77: */ 78: String SRP_DIGEST_NAME = "srp.digest.name"; 79: /** The public shared modulus: n. */ 80: String SHARED_MODULUS = "srp.N"; 81: /** The GF generator used: g. */ 82: String FIELD_GENERATOR = "srp.g"; 83: /** The list of server's available security options. */ 84: String AVAILABLE_OPTIONS = "srp.L"; 85: /** The client's chosen security options. */ 86: String CHOSEN_OPTIONS = "srp.o"; 87: /** The client's username. */ 88: String USER_NAME = "srp.U"; 89: /** The client's authorization ID. */ 90: String USER_ROLE = "srp.I"; 91: /** The user's salt. */ 92: String USER_SALT = "srp.s"; 93: /** The user's password verifier. */ 94: String PASSWORD_VERIFIER = "srp.v"; 95: /** The client's public ephemeral exponent: A. */ 96: String CLIENT_PUBLIC_KEY = "srp.A"; 97: /** The server's public ephemeral exponent: B. */ 98: String SERVER_PUBLIC_KEY = "srp.B"; 99: /** The client's evidence: M1. */ 100: String CLIENT_EVIDENCE = "srp.M1"; 101: /** The server's evidence: M2. */ 102: String SERVER_EVIDENCE = "srp.M2"; 103: /** Name of underlying hash algorithm for use with all SRP calculations. */ 104: String SRP_HASH = "gnu.crypto.sasl.srp.hash"; 105: /** Name of SRP mandatory service property. */ 106: String SRP_MANDATORY = "gnu.crypto.sasl.srp.mandatory"; 107: /** Name of SRP replay detection property. */ 108: String SRP_REPLAY_DETECTION = "gnu.crypto.sasl.srp.replay.detection"; 109: /** Name of SRP integrity protection property. */ 110: String SRP_INTEGRITY_PROTECTION = "gnu.crypto.sasl.srp.integrity"; 111: /** Name of SRP confidentiality protection property. */ 112: String SRP_CONFIDENTIALITY = "gnu.crypto.sasl.srp.confidentiality"; 113: /** Name of the main SRP password file pathname property. */ 114: String PASSWORD_FILE = "gnu.crypto.sasl.srp.password.file"; 115: /** 116: * Name of the SRP password database property --a reference to 117: * {@link PasswordFile} object. 118: */ 119: String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db"; 120: /** Default fully qualified pathname of the SRP password file. */ 121: String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; 122: /** Default value for replay detection security service. */ 123: boolean DEFAULT_REPLAY_DETECTION = true; 124: /** Default value for integrity protection security service. */ 125: boolean DEFAULT_INTEGRITY = true; // implied by the previous option 126: /** Default value for confidentiality protection security service. */ 127: boolean DEFAULT_CONFIDENTIALITY = false; 128: // constants defining HMAC names 129: String HMAC_SHA1 = "hmac-sha1"; 130: String HMAC_MD5 = "hmac-md5"; 131: String HMAC_RIPEMD_160 = "hmac-ripemd-160"; 132: /** Available HMAC algorithms for integrity protection. */ 133: String[] INTEGRITY_ALGORITHMS = { HMAC_SHA1, HMAC_MD5, HMAC_RIPEMD_160 }; 134: // constants defining Cipher names 135: String AES = "aes"; 136: String BLOWFISH = "blowfish"; 137: /** Available Cipher algorithms for confidentiality protection. */ 138: String[] CONFIDENTIALITY_ALGORITHMS = { AES, BLOWFISH }; 139: /** String for mandatory replay detection. */ 140: String OPTION_MANDATORY = "mandatory"; 141: /** String for mda: the SRP digest algorithm name. */ 142: String OPTION_SRP_DIGEST = "mda"; 143: /** String for mandatory replay detection. */ 144: String OPTION_REPLAY_DETECTION = "replay_detection"; 145: /** String for mandatory integrity protection. */ 146: String OPTION_INTEGRITY = "integrity"; 147: /** String for mandatory confidentiality protection. */ 148: String OPTION_CONFIDENTIALITY = "confidentiality"; 149: /** String for mandatory replay detection. */ 150: String OPTION_MAX_BUFFER_SIZE = "maxbuffersize"; 151: /** String for no mandatory security service. */ 152: String MANDATORY_NONE = "none"; 153: /** Default mandatory security service required. */ 154: String DEFAULT_MANDATORY = OPTION_REPLAY_DETECTION; 155: /** Name of the UID field in the plain password file. */ 156: String MD_NAME_FIELD = "srp.md.name"; 157: /** Name of the GID field in the plain password file. */ 158: String USER_VERIFIER_FIELD = "srp.user.verifier"; 159: /** Name of the GECOS field in the plain password file. */ 160: String SALT_FIELD = "srp.salt"; 161: /** Name of the SHELL field in the plain password file. */ 162: String CONFIG_NDX_FIELD = "srp.config.ndx"; 163: /** Minimum bitlength of the SRP public modulus. */ 164: int MINIMUM_MODULUS_BITLENGTH = 512; 165: }