[JBoss-dev] CVS update: jbosssx/src/main/org/jboss/security/srp SRPClientSession.java SRPConf.java SRPServerInterface.java SRPServerSession.java

Wed, 04 Apr 2001 14:38:06 -0700 

  User: starksm 
  Date: 01/04/04 14:46:03

  Modified:    src/main/org/jboss/security/srp SRPClientSession.java
                        SRPConf.java SRPServerInterface.java
                        SRPServerSession.java
  Log:
  Reorganize the packaging a bit.
  
  Revision  Changes    Path
  1.2       +17 -5     jbosssx/src/main/org/jboss/security/srp/SRPClientSession.java
  
  Index: SRPClientSession.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/srp/SRPClientSession.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SRPClientSession.java     2001/03/06 08:35:30     1.1
  +++ SRPClientSession.java     2001/04/04 21:46:03     1.2
  @@ -8,16 +8,16 @@
   
   import java.io.IOException;
   import java.math.BigInteger;
  +import java.security.AccessController;
   import java.security.MessageDigest;
   import java.security.NoSuchAlgorithmException;
   import java.util.Arrays;
   
   import org.jboss.security.Util;
   
  -/** The client side logic to the SRP protocol. The class was derived from
  -the security.srp.SRPClient class. The class is intended to be used with a
  -SRPServerSession object via the SRPServerInterface. The SRP algorithm using
  -these classes consists of:
  +/** The client side logic to the SRP protocol. The class is intended to be used
  +with a SRPServerSession object via the SRPServerInterface. The SRP algorithm
  +using these classes consists of:
   
   1. Get server, SRPServerInterface server = (SRPServerInterface) Naming.lookup(...);
   2. Get SRP parameters, SRPParameters params = server.getSRPParameters(username);
  @@ -37,7 +37,7 @@
   authentication system developed by Tom Wu ([EMAIL PROTECTED]).
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.1 $
  +@version $Revision: 1.2 $
   */
   public class SRPClientSession
   {
  @@ -220,5 +220,17 @@
               PkgCategory.trace("verify M2: "+Util.tob64(myM2));
           }
           return valid;
  +    }
  +
  +    /** Returns the negotiated session key, K = SHA_Interleave(S)
  +    @return the private session key byte[]
  +    @throws SecurityException - if the current thread does not have an
  +     getSessionKey SRPPermission.
  +    */
  +    public byte[] getSessionKey() throws SecurityException
  +    {
  +        SRPPermission p = new SRPPermission("getSessionKey");
  +        AccessController.checkPermission(p);
  +        return key;
       }
   }
  
  
  
  1.2       +3 -2      jbosssx/src/main/org/jboss/security/srp/SRPConf.java
  
  Index: SRPConf.java
  ===================================================================
  RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/srp/SRPConf.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SRPConf.java      2001/03/06 08:35:30     1.1
  +++ SRPConf.java      2001/04/04 21:46:03     1.2
  @@ -11,13 +11,14 @@
   import org.jboss.security.Util;
   
   /** A port of the libsrp/t_conf.c predefined constants for the N & g parameters
  -of the SRP algorithm.
  +of the SRP algorithm. It contains a collection of "good" primes for N and the
  +corresponding the corresponding generator g.
   
   This product includes software developed by Tom Wu and Eugene
   Jhong for the SRP Distribution (http://srp.stanford.edu/srp/).
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.1 $
  +@version $Revision: 1.2 $
   */
   public class SRPConf
   {
  
  
  
  1.2       +6 -5      jbosssx/src/main/org/jboss/security/srp/SRPServerInterface.java
  
  Index: SRPServerInterface.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/srp/SRPServerInterface.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SRPServerInterface.java   2001/03/06 08:35:30     1.1
  +++ SRPServerInterface.java   2001/04/04 21:46:03     1.2
  @@ -11,14 +11,15 @@
   import java.security.KeyException;
   
   /** An interface describing the message exchange of the SRP protocol as
  -described in RFC2945. This is an RMI compatible interface, but it is not an
  -RMI interface so that it can be used without RMI. For an RMI interface see
  -SRPRemoteServerInterface
  +described in RFC2945. This is an RMI compatible interface in that all methods
  +declare that they throw a RemoteException, but it does not extend from
  +java.rmi.Remote so that it cannot be used in place of a Remote object.
  +For an RMI interface see the SRPRemoteServerInterface.
   
  -@see SRPRemoteServerInterface
  +@see org.jboss.security.srp.SRPRemoteServerInterface
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.1 $
  +@version $Revision: 1.2 $
   */
   public interface SRPServerInterface
   {
  
  
  
  1.2       +18 -8     jbosssx/src/main/org/jboss/security/srp/SRPServerSession.java
  
  Index: SRPServerSession.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/srp/SRPServerSession.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SRPServerSession.java     2001/03/06 08:35:31     1.1
  +++ SRPServerSession.java     2001/04/04 21:46:03     1.2
  @@ -8,16 +8,19 @@
   
   import java.io.IOException;
   import java.math.BigInteger;
  +import java.security.AccessController;
   import java.security.MessageDigest;
   import java.util.Arrays;
   
   import org.jboss.security.Util;
   
  -/** The server side logic to the SRP protocol. The class was derived from
  -the security.srp.SRPServer class. The class is intended to be used with a
  -SRPClientSession object via the SRPServerInterface. The SRP algorithm using
  -these classes consists of:
  +/** The server side logic to the SRP protocol. The class is the server side
  +equivalent of the SRPClientSession object. An implementation of
  +SRPServerInterface creates an SRPServerSession on the start of a login
  +session.
   
  +The client side algorithm using these classes consists of:
  +
   1. Get server, SRPServerInterface server = (SRPServerInterface) Naming.lookup(...);
   2. Get SRP parameters, SRPParameters params = server.getSRPParameters(username);
   3. Create a client session, SRPClientSession client = new 
SRPClientSession(username, password, params.s, params.N, params.g);
  @@ -36,7 +39,7 @@
   authentication system developed by Tom Wu ([EMAIL PROTECTED]).
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.1 $
  +@version $Revision: 1.2 $
   */
   public class SRPServerSession
   {
  @@ -204,10 +207,17 @@
           }
       }
   
  -    /**
  -    * @returns The secret shared session key between client and server
  +    /** Returns the negotiated session key, K = SHA_Interleave(S)
  +    @return the private session key byte[]
  +    @throws SecurityException - if the current thread does not have an
  +     getSessionKey SRPPermission.
       */
  -    public byte[] sessionKey() { return key; }
  +    public byte[] getSessionKey() throws SecurityException
  +    {
  +        SRPPermission p = new SRPPermission("getSessionKey");
  +        AccessController.checkPermission(p);
  +        return key;
  +    }
   
       /**
       @returns M2 = H(A | M | K)
  
  
  

_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development

Reply via email to