Examples of SRPClientSession

org.jboss.security.srp.SRPClientSession
The client side logic to the SRP protocol. The class is intended to be used with a SRPServerSession object via the SRPServerInterface. The SRP algorithm using these classes consists of: 1. Get server, SRPServerInterface server = (SRPServerInterface) Naming.lookup(...); 2. Get SRP parameters, SRPParameters params = server.getSRPParameters(username); 3. Create a client session, SRPClientSession client = new SRPClientSession(username, password, params); 4. Exchange public keys, byte[] A = client.exponential(); byte[] B = server.init(username, A); 5. Exchange challenges, byte[] M1 = client.response(B); byte[] M2 = server.verify(username, M1); 6. Verify the server response, if( client.verify(M2) == false ) throw new SecurityException("Failed to validate server reply"); 7. Validation complete Note that these steps are stateful. They must be performed in order and a step cannot be repeated to update the session state. This product uses the 'Secure Remote Password' cryptographic authentication system developed by Tom Wu (tjw@CS.Stanford.EDU). @author Scott.Stark@jboss.org @version $Revision: 81038 $

Examples of org.jboss.security.srp.SRPClientSession

      InitialContext ctx = new InitialContext();
      SRPServerInterface server = (SRPServerInterface) ctx.lookup(serviceName);
      System.out.println("Found SRPServerInterface, "+server);
      SRPParameters params = server.getSRPParameters(username);
      System.out.println("Found params for username: " + username);
      SRPClientSession client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      byte[] B = server.init(username, A);
      System.out.println("Sent A public key, got B public key");
      byte[] M1 = client.response(B);
      byte[] M2 = server.verify(username, M1);
      System.out.println("Sent M1 challenge, got M2 challenge");
      if (client.verify(M2) == false)
         throw new SecurityException("Failed to validate server reply");
      System.out.println("Validation successful");
      server.close(username);
   }

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession


    public void testProtocol() throws Exception
    {
        SRPParameters params = server.getSRPParameters(username);
        NDC.push("C,");
        SRPClientSession client = new SRPClientSession(username, password, params);
        byte[] A = client.exponential();
        NDC.pop();
        NDC.push("S,");
        byte[] B = server.init(username, A);
        NDC.pop();
        NDC.push("C,");
        byte[] M1 = client.response(B);
        NDC.pop();
        NDC.push("S,");
        byte[] M2 = server.verify(username, M1);
        NDC.pop();
        NDC.push("C,");
        if( client.verify(M2) == false )
            throw new SecurityException("Failed to validate server reply");
        NDC.pop();
        NDC.remove();
    }

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

      }
      if( srpServer == null )
         throw new LoginException("Failed to access a SRPServerInterface instance");
      
      byte[] M1, M2;
      SRPClientSession client = null;
      try
      {   // Perform the SRP login protocol
         if( trace )
            log.trace("Getting SRP parameters for username: "+username);
         CryptoUtil.init();
         Object[] sessionInfo = srpServer.getSRPParameters(username, multipleSessions);
         params = (SRPParameters) sessionInfo[0];
         sessionID = (Integer) sessionInfo[1];
         if( sessionID == null )
            sessionID = new Integer(0);
         if( trace )
         {
            log.trace("SessionID: "+sessionID);
            log.trace("N: "+CryptoUtil.tob64(params.N));
            log.trace("g: "+CryptoUtil.tob64(params.g));
            log.trace("s: "+CryptoUtil.tob64(params.s));
            log.trace("cipherAlgorithm: "+params.cipherAlgorithm);
            log.trace("hashAlgorithm: "+params.hashAlgorithm);
         }
         byte[] hn = CryptoUtil.newDigest().digest(params.N);
         if( trace )
            log.trace("H(N): "+CryptoUtil.tob64(hn));
         byte[] hg = CryptoUtil.newDigest().digest(params.g);
         if( trace )
         {
            log.trace("H(g): "+CryptoUtil.tob64(hg));
            log.trace("Creating SRPClientSession");
         }


         if( abytes != null )
            client = new SRPClientSession(username, password, params, abytes);
         else
            client = new SRPClientSession(username, password, params);
         if( trace )
            log.trace("Generating client public key");


         byte[] A = client.exponential();
         if( trace )
            log.trace("Exchanging public keys");
         byte[] B = srpServer.init(username, A, sessionID.intValue());
         if( trace )
            log.trace("Generating server challenge");
         M1 = client.response(B);


         if( trace )
            log.trace("Exchanging challenges");
         sessionKey = client.getSessionKey();
         if( auxChallenge != null )
         {
            auxChallenge = encryptAuxChallenge(auxChallenge, params.cipherAlgorithm,
                  params.cipherIV, sessionKey);
            M2 = srpServer.verify(username, M1, auxChallenge, sessionID.intValue());
         }
         else
         {
            M2 = srpServer.verify(username, M1, sessionID.intValue());
         }
      }
      catch(Exception e)
      {
         if (e instanceof LoginException) throw (LoginException) e;
         final LoginException loginException = new LoginException("Failed to complete SRP login (" + e.getMessage() + ")");
         loginException.initCause(e);
         throw loginException;
      }


      if( trace )
         log.trace("Verifying server response");
      if( client.verify(M2) == false )
         throw new LoginException("Failed to validate server reply");
      if( trace )
         log.trace("Login succeeded");
      
      // Put the principal and the client challenge into the sharedState map

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

   }
   void login(String username, char[] password) throws Exception
   {
      SRPParameters params = server.getSRPParameters(username);
      NDC.push("C,");
      client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      NDC.pop();
      NDC.push("S,");
      byte[] B = server.init(username, A);
      NDC.pop();

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

   
   public void testProtocol() throws Exception
   {
      SRPParameters params = server.getSRPParameters(username);
      NDC.push("C,");
      SRPClientSession client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      NDC.pop();
      NDC.push("S,");
      byte[] B = server.init(username, A);
      NDC.pop();
      NDC.push("C,");
      byte[] M1 = client.response(B);
      NDC.pop();
      NDC.push("S,");
      byte[] M2 = server.verify(username, M1);
      NDC.pop();
      NDC.push("C,");
      if( client.verify(M2) == false )
         throw new SecurityException("Failed to validate server reply");
      NDC.pop();
      NDC.remove();
   }

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

      }
      if( srpServer == null )
         throw new LoginException("Failed to access a SRPServerInterface instance");
      
      byte[] M1, M2;
      SRPClientSession client = null;
      try
      {   // Perform the SRP login protocol
         if( trace )
            log.trace("Getting SRP parameters for username: "+username);
         CryptoUtil.init();
         Object[] sessionInfo = srpServer.getSRPParameters(username, multipleSessions);
         params = (SRPParameters) sessionInfo[0];
         sessionID = (Integer) sessionInfo[1];
         if( sessionID == null )
            sessionID = new Integer(0);
         if( trace )
         {
            log.trace("SessionID: "+sessionID);
            log.trace("N: "+CryptoUtil.tob64(params.N));
            log.trace("g: "+CryptoUtil.tob64(params.g));
            log.trace("s: "+CryptoUtil.tob64(params.s));
            log.trace("cipherAlgorithm: "+params.cipherAlgorithm);
            log.trace("hashAlgorithm: "+params.hashAlgorithm);
         }
         byte[] hn = CryptoUtil.newDigest().digest(params.N);
         if( trace )
            log.trace("H(N): "+CryptoUtil.tob64(hn));
         byte[] hg = CryptoUtil.newDigest().digest(params.g);
         if( trace )
         {
            log.trace("H(g): "+CryptoUtil.tob64(hg));
            log.trace("Creating SRPClientSession");
         }


         if( abytes != null )
            client = new SRPClientSession(username, password, params, abytes);
         else
            client = new SRPClientSession(username, password, params);
         if( trace )
            log.trace("Generating client public key");


         byte[] A = client.exponential();
         if( trace )
            log.trace("Exchanging public keys");
         byte[] B = srpServer.init(username, A, sessionID.intValue());
         if( trace )
            log.trace("Generating server challenge");
         M1 = client.response(B);


         if( trace )
            log.trace("Exchanging challenges");
         sessionKey = client.getSessionKey();
         if( auxChallenge != null )
         {
            auxChallenge = encryptAuxChallenge(auxChallenge, params.cipherAlgorithm,
                  params.cipherIV, sessionKey);
            M2 = srpServer.verify(username, M1, auxChallenge, sessionID.intValue());
         }
         else
         {
            M2 = srpServer.verify(username, M1, sessionID.intValue());
         }
      }
      catch(Exception e)
      {
         log.warn("Failed to complete SRP login", e);
         throw new LoginException("Failed to complete SRP login, msg="+e.getMessage());
      }


      if( trace )
         log.trace("Verifying server response");
      if( client.verify(M2) == false )
         throw new LoginException("Failed to validate server reply");
      if( trace )
         log.trace("Login succeeded");
      
      // Put the principal and the client challenge into the sharedState map

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

      InitialContext ctx = new InitialContext();
      SRPServerInterface server = (SRPServerInterface) ctx.lookup(serviceName);
      System.out.println("Found SRPServerInterface, "+server);
      SRPParameters params = server.getSRPParameters(username);
      System.out.println("Found params for username: " + username);
      SRPClientSession client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      byte[] B = server.init(username, A);
      System.out.println("Sent A public key, got B public key");
      byte[] M1 = client.response(B);
      byte[] M2 = server.verify(username, M1);
      System.out.println("Sent M1 challenge, got M2 challenge");
      if (client.verify(M2) == false)
         throw new SecurityException("Failed to validate server reply");
      System.out.println("Validation successful");
      server.close(username);
   }

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession


    public void testProtocol() throws Exception
    {
        SRPParameters params = server.getSRPParameters(username);
        NDC.push("C,");
        SRPClientSession client = new SRPClientSession(username, password, params);
        byte[] A = client.exponential();
        NDC.pop();
        NDC.push("S,");
        byte[] B = server.init(username, A);
        NDC.pop();
        NDC.push("C,");
        byte[] M1 = client.response(B);
        NDC.pop();
        NDC.push("S,");
        byte[] M2 = server.verify(username, M1);
        NDC.pop();
        NDC.push("C,");
        if( client.verify(M2) == false )
            throw new SecurityException("Failed to validate server reply");
        NDC.pop();
        NDC.remove();
    }

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

   }
   void login(String username, char[] password) throws Exception
   {
      SRPParameters params = server.getSRPParameters(username);
      NDC.push("C,");
      client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      NDC.pop();
      NDC.push("S,");
      byte[] B = server.init(username, A);
      NDC.pop();

View Full Code Here

Examples of org.jboss.security.srp.SRPClientSession

   
   public void testProtocol() throws Exception
   {
      SRPParameters params = server.getSRPParameters(username);
      NDC.push("C,");
      SRPClientSession client = new SRPClientSession(username, password, params);
      byte[] A = client.exponential();
      NDC.pop();
      NDC.push("S,");
      byte[] B = server.init(username, A);
      NDC.pop();
      NDC.push("C,");
      byte[] M1 = client.response(B);
      NDC.pop();
      NDC.push("S,");
      byte[] M2 = server.verify(username, M1);
      NDC.pop();
      NDC.push("C,");
      if( client.verify(M2) == false )
         throw new SecurityException("Failed to validate server reply");
      NDC.pop();
      NDC.remove();
   }

View Full Code Here

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.