Source for gnu.javax.net.ssl.provider.SRPTrustManagerFactory

   1: /* SRPTrustManagerFactory.java -- trust manager for SRP.
   2:    Copyright (C) 2006  Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.net.ssl.provider;
  40: 
  41: import java.io.IOException;
  42: import java.math.BigInteger;
  43: 
  44: import java.security.InvalidAlgorithmParameterException;
  45: import java.security.KeyPair;
  46: import java.security.KeyStore;
  47: import java.security.Security;
  48: 
  49: import java.util.HashMap;
  50: 
  51: import javax.net.ssl.ManagerFactoryParameters;
  52: import javax.net.ssl.TrustManager;
  53: import javax.net.ssl.TrustManagerFactorySpi;
  54: 
  55: import gnu.java.security.key.IKeyPairGenerator;
  56: import gnu.javax.crypto.key.srp6.SRPKeyPairGenerator;
  57: import gnu.javax.crypto.sasl.srp.PasswordFile;
  58: import gnu.javax.crypto.sasl.srp.SRP;
  59: 
  60: import gnu.javax.net.ssl.SRPManagerParameters;
  61: import gnu.javax.net.ssl.SRPTrustManager;
  62: 
  63: /**
  64:  * This is an implementation of a {@link javax.net.ssl.TrustManagerFactory}
  65:  * engine for the ``SRP'' algorithm. You must initialize instances of this
  66:  * algorithm with {@link SRPManagerParameters}.
  67:  */
  68: public class SRPTrustManagerFactory extends TrustManagerFactorySpi
  69: {
  70: 
  71:   // Field.
  72:   // -------------------------------------------------------------------------
  73: 
  74:   private Manager current;
  75: 
  76:   // Constructor.
  77:   // -------------------------------------------------------------------------
  78: 
  79:   public SRPTrustManagerFactory()
  80:   {
  81:     super();
  82:   }
  83: 
  84:   // Instance methods.
  85:   // -------------------------------------------------------------------------
  86: 
  87:   protected TrustManager[] engineGetTrustManagers()
  88:   {
  89:     if (current == null)
  90:       throw new IllegalStateException("not initialized");
  91:     return new TrustManager[] { current };
  92:   }
  93: 
  94:   protected void engineInit(KeyStore ks)
  95:   {
  96:     throw new IllegalArgumentException("only accepts SRPManagerParameters");
  97:   }
  98: 
  99:   protected void engineInit(ManagerFactoryParameters params)
 100:     throws InvalidAlgorithmParameterException
 101:   {
 102:     if (params == null)
 103:       {
 104:         try
 105:           {
 106:             String srpPasswd = Util.getSecurityProperty("jessie.srp.password.file");
 107:             if (srpPasswd == null)
 108:               {
 109:                 current = new Manager(new PasswordFile());
 110:                 return;
 111:               }
 112:             String srpPasswd2 = Util.getSecurityProperty("jessie.srp.password.file2");
 113:             if (srpPasswd2 == null)
 114:               srpPasswd2 = srpPasswd + "2";
 115:             String srpConfig = Util.getSecurityProperty("jessie.srp.config");
 116:             if (srpConfig == null)
 117:               srpConfig = srpPasswd + ".conf";
 118:             current = new Manager(new PasswordFile(srpPasswd, srpPasswd2, srpConfig));
 119:             return;
 120:           }
 121:         catch (IOException ioe)
 122:           {
 123:             throw new InvalidAlgorithmParameterException("default initialization failed: "
 124:                                                          + ioe.toString());
 125:           }
 126:       }
 127:     if (params instanceof SRPManagerParameters)
 128:       {
 129:         current = new Manager(((SRPManagerParameters) params).getPasswordFile());
 130:         return;
 131:       }
 132:     throw new InvalidAlgorithmParameterException();
 133:   }
 134: 
 135:   // Inner class.
 136:   // -------------------------------------------------------------------------
 137: 
 138:   private class Manager implements SRPTrustManager
 139:   {
 140: 
 141:     // Field.
 142:     // -----------------------------------------------------------------------
 143: 
 144:     private final PasswordFile file;
 145: 
 146:     // Constructor.
 147:     // -----------------------------------------------------------------------
 148: 
 149:     Manager(PasswordFile file)
 150:     {
 151:       this.file = file;
 152:     }
 153: 
 154:     // Instance methods.
 155:     // -----------------------------------------------------------------------
 156: 
 157:     public boolean contains(String user)
 158:     {
 159:       try
 160:         {
 161:           return file.contains(user);
 162:         }
 163:       catch (IOException ioe) { }
 164:       return false;
 165:     }
 166: 
 167:     public KeyPair getKeyPair(String user)
 168:     {
 169:       try
 170:         {
 171:           if (file.contains(user))
 172:             {
 173:               SRP srp = SRP.instance("SHA");
 174:               String[] ent = file.lookup(user, "SHA");
 175:               String[] cnf = file.lookupConfig(ent[2]);
 176:               BigInteger v, N, g;
 177:               v = new BigInteger(1, gnu.java.security.util.Util.fromBase64(ent[0]));
 178:               N = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[0]));
 179:               g = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[1]));
 180:               IKeyPairGenerator kpg = new SRPKeyPairGenerator();
 181:               HashMap attr = new HashMap();
 182:               attr.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
 183:               attr.put(SRPKeyPairGenerator.GENERATOR, g);
 184:               attr.put(SRPKeyPairGenerator.USER_VERIFIER, v);
 185:               kpg.setup(attr);
 186:               return kpg.generate();
 187:             }
 188:         }
 189:       catch (IOException ioe) { }
 190:       return null;
 191:     }
 192: 
 193:     public byte[] getSalt(String user)
 194:     {
 195:       try
 196:         {
 197:           if (file.contains(user))
 198:             {
 199:               return gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[1]);
 200:             }
 201:         }
 202:       catch (IOException ioe) { }
 203:       return null;
 204:     }
 205: 
 206:     public BigInteger getVerifier(String user)
 207:     {
 208:       try
 209:         {
 210:           if (file.contains(user))
 211:             {
 212:               return new BigInteger(1,
 213:                 gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[0]));
 214:             }
 215:         }
 216:       catch (IOException ioe) { }
 217:       return null;
 218:     }
 219: 
 220:     public PasswordFile getPasswordFile()
 221:     {
 222:       return file;
 223:     }
 224:   }
 225: }