gnu.javax.crypto.sasl.srp
Class PasswordFile
The implementation of SRP password files.
For SRP, there are three (3) files:
- The password configuration file: tpasswd.conf. It contains the pairs
<N,g> indexed by a number for each pair used for a user. By default, this
file's pathname is constructed from the base password file pathname by
prepending it with the ".conf" suffix.
- The base password file: tpasswd. It contains the related password
entries for all the users with values computed using SRP's default message
digest algorithm: SHA-1 (with 160-bit output block size).
- The extended password file: tpasswd2. Its name, by default, is
constructed by adding the suffix "2" to the fully qualified pathname of the
base password file. It contains, in addition to the same fields as the base
password file, albeit with a different verifier value, an extra field
identifying the message digest algorithm used to compute this (verifier)
value.
This implementation assumes the following message digest algorithm codes:
- 0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).
- 1: MD5.
- 2: RIPEMD-128.
- 3: RIPEMD-160.
- 4: SHA-256.
- 5: SHA-384.
- 6: SHA-512.
IMPORTANT: This method computes the verifiers as described in
RFC-2945, which differs from the description given on the web page for SRP-6.
Reference:
- SRP Protocol Design
Thomas J. Wu.
void | add(String user, String passwd, byte[] salt, String index)
|
void | changePasswd(String user, String passwd)
|
boolean | contains(String user)
|
boolean | containsConfig(String index)- Checks if the current configuration file contains the <N, g> pair for
the designated
index.
|
String[] | lookup(String user, String mdName)- Returns the triplet: verifier, salt and configuration file index, of a
designated user, and a designated message digest algorithm name, as an
array of strings.
|
String[] | lookupConfig(String index)- Returns a pair of strings representing the pair of
N and
g MPIs for the designated index.
|
void | savePasswd()
|
clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait |
PasswordFile
public PasswordFile()
throws IOException The basic constructor. Object is special, because it has no
superclass, so there is no call to super().
containsConfig
public boolean containsConfig(String index)
throws IOException Checks if the current configuration file contains the <N, g> pair for
the designated index.
index - a string representing 1-digit identification of an <N, g>
pair used.
true if the designated index is that
of a known <N, g> pair, and false otherwise.
IOException - if an exception occurs during the process.
lookup
public String[] lookup(String user,
String mdName)
throws IOException Returns the triplet: verifier, salt and configuration file index, of a
designated user, and a designated message digest algorithm name, as an
array of strings.
user - the username.mdName - the canonical name of the SRP's message digest algorithm.
- a string array containing, in this order, the BASE-64 encodings of
the verifier, the salt and the index in the password configuration
file of the MPIs N and g of the designated user.
lookupConfig
public String[] lookupConfig(String index)
throws IOException Returns a pair of strings representing the pair of N and
g MPIs for the designated index.
index - a string representing 1-digit identification of an <N, g>
pair to look up.
- a pair of strings, arranged in an array, where the first (at index
position #0) is the repesentation of the MPI
N, and
the second (at index position #1) is the representation of the MPI
g. If the index refers to an unknown
pair, then an empty string array is returned.
IOException - if an exception occurs during the process.
PasswordFile.java --
Copyright (C) 2003, 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version.