Source for gnu.javax.net.ssl.provider.SRPTrustManagerFactory

   1: /* SRPTrustManagerFactory.java -- trust manager for SRP.
   2:    Copyright (C) 2006  Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.net.ssl.provider;
  40: 
  41: import java.io.IOException;
  42: import java.math.BigInteger;
  43: 
  44: import java.security.InvalidAlgorithmParameterException;
  45: import java.security.KeyPair;
  46: import java.security.KeyStore;
  47: import java.util.HashMap;
  48: 
  49: import javax.net.ssl.ManagerFactoryParameters;
  50: import javax.net.ssl.TrustManager;
  51: import javax.net.ssl.TrustManagerFactorySpi;
  52: 
  53: import gnu.java.security.key.IKeyPairGenerator;
  54: import gnu.javax.crypto.key.srp6.SRPKeyPairGenerator;
  55: import gnu.javax.crypto.sasl.srp.PasswordFile;
  56: import gnu.javax.crypto.sasl.srp.SRP;
  57: 
  58: import gnu.javax.net.ssl.SRPManagerParameters;
  59: import gnu.javax.net.ssl.SRPTrustManager;
  60: 
  61: /**
  62:  * This is an implementation of a {@link javax.net.ssl.TrustManagerFactory}
  63:  * engine for the ``SRP'' algorithm. You must initialize instances of this
  64:  * algorithm with {@link SRPManagerParameters}.
  65:  */
  66: public class SRPTrustManagerFactory extends TrustManagerFactorySpi
  67: {
  68: 
  69:   // Field.
  70:   // -------------------------------------------------------------------------
  71: 
  72:   private Manager current;
  73: 
  74:   // Constructor.
  75:   // -------------------------------------------------------------------------
  76: 
  77:   public SRPTrustManagerFactory()
  78:   {
  79:     super();
  80:   }
  81: 
  82:   // Instance methods.
  83:   // -------------------------------------------------------------------------
  84: 
  85:   protected TrustManager[] engineGetTrustManagers()
  86:   {
  87:     if (current == null)
  88:       throw new IllegalStateException("not initialized");
  89:     return new TrustManager[] { current };
  90:   }
  91: 
  92:   protected void engineInit(KeyStore ks)
  93:   {
  94:     throw new IllegalArgumentException("only accepts SRPManagerParameters");
  95:   }
  96: 
  97:   protected void engineInit(ManagerFactoryParameters params)
  98:     throws InvalidAlgorithmParameterException
  99:   {
 100:     if (params == null)
 101:       {
 102:         try
 103:           {
 104:             String srpPasswd = Util.getSecurityProperty("jessie.srp.password.file");
 105:             if (srpPasswd == null)
 106:               {
 107:                 current = new Manager(new PasswordFile());
 108:                 return;
 109:               }
 110:             String srpPasswd2 = Util.getSecurityProperty("jessie.srp.password.file2");
 111:             if (srpPasswd2 == null)
 112:               srpPasswd2 = srpPasswd + "2";
 113:             String srpConfig = Util.getSecurityProperty("jessie.srp.config");
 114:             if (srpConfig == null)
 115:               srpConfig = srpPasswd + ".conf";
 116:             current = new Manager(new PasswordFile(srpPasswd, srpPasswd2, srpConfig));
 117:             return;
 118:           }
 119:         catch (IOException ioe)
 120:           {
 121:             throw new InvalidAlgorithmParameterException("default initialization failed: "
 122:                                                          + ioe.toString());
 123:           }
 124:       }
 125:     if (params instanceof SRPManagerParameters)
 126:       {
 127:         current = new Manager(((SRPManagerParameters) params).getPasswordFile());
 128:         return;
 129:       }
 130:     throw new InvalidAlgorithmParameterException();
 131:   }
 132: 
 133:   // Inner class.
 134:   // -------------------------------------------------------------------------
 135: 
 136:   private class Manager implements SRPTrustManager
 137:   {
 138: 
 139:     // Field.
 140:     // -----------------------------------------------------------------------
 141: 
 142:     private final PasswordFile file;
 143: 
 144:     // Constructor.
 145:     // -----------------------------------------------------------------------
 146: 
 147:     Manager(PasswordFile file)
 148:     {
 149:       this.file = file;
 150:     }
 151: 
 152:     // Instance methods.
 153:     // -----------------------------------------------------------------------
 154: 
 155:     public boolean contains(String user)
 156:     {
 157:       try
 158:         {
 159:           return file.contains(user);
 160:         }
 161:       catch (IOException ioe) { }
 162:       return false;
 163:     }
 164: 
 165:     public KeyPair getKeyPair(String user)
 166:     {
 167:       try
 168:         {
 169:           if (file.contains(user))
 170:             {
 171:               SRP srp = SRP.instance("SHA");
 172:               String[] ent = file.lookup(user, "SHA");
 173:               String[] cnf = file.lookupConfig(ent[2]);
 174:               BigInteger v, N, g;
 175:               v = new BigInteger(1, gnu.java.security.util.Util.fromBase64(ent[0]));
 176:               N = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[0]));
 177:               g = new BigInteger(1, gnu.java.security.util.Util.fromBase64(cnf[1]));
 178:               IKeyPairGenerator kpg = new SRPKeyPairGenerator();
 179:               HashMap attr = new HashMap();
 180:               attr.put(SRPKeyPairGenerator.SHARED_MODULUS, N);
 181:               attr.put(SRPKeyPairGenerator.GENERATOR, g);
 182:               attr.put(SRPKeyPairGenerator.USER_VERIFIER, v);
 183:               kpg.setup(attr);
 184:               return kpg.generate();
 185:             }
 186:         }
 187:       catch (IOException ioe) { }
 188:       return null;
 189:     }
 190: 
 191:     public byte[] getSalt(String user)
 192:     {
 193:       try
 194:         {
 195:           if (file.contains(user))
 196:             {
 197:               return gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[1]);
 198:             }
 199:         }
 200:       catch (IOException ioe) { }
 201:       return null;
 202:     }
 203: 
 204:     public BigInteger getVerifier(String user)
 205:     {
 206:       try
 207:         {
 208:           if (file.contains(user))
 209:             {
 210:               return new BigInteger(1,
 211:                 gnu.java.security.util.Util.fromBase64(file.lookup(user, "SHA")[0]));
 212:             }
 213:         }
 214:       catch (IOException ioe) { }
 215:       return null;
 216:     }
 217: 
 218:     public PasswordFile getPasswordFile()
 219:     {
 220:       return file;
 221:     }
 222:   }
 223: }