gnu.crypto.sasl.srp

Class PasswordFile

public class PasswordFile extends Object

The implementation of SRP password files.

For SRP, there are three (3) files:

  1. The password configuration file: tpasswd.conf. It contains the pairs <N,g> indexed by a number for each pair used for a user. By default, this file's pathname is constructed from the base password file pathname by prepending it with the ".conf" suffix.
  2. The base password file: tpasswd. It contains the related password entries for all the users with values computed using SRP's default message digest algorithm: SHA-1 (with 160-bit output block size).
  3. The extended password file: tpasswd2. Its name, by default, is constructed by adding the suffix "2" to the fully qualified pathname of the base password file. It contains, in addition to the same fields as the base password file, albeit with a different verifier value, an extra field identifying the message digest algorithm used to compute this (verifier) value.

This implementation assumes the following message digest algorithm codes:

IMPORTANT: This method computes the verifiers as described in RFC-2945, which differs from the description given on the web page for SRP-6.

Reference:

  1. SRP Protocol Design
    Thomas J. Wu.

Version: $Revision: 1.5 $

Constructor Summary
PasswordFile()
PasswordFile(File pwFile)
PasswordFile(String pwName)
PasswordFile(String pwName, String confName)
PasswordFile(String pwName, String pw2Name, String confName)
Method Summary
voidadd(String user, String passwd, byte[] salt, String index)
voidchangePasswd(String user, String passwd)
booleancontains(String user)
booleancontainsConfig(String index)

Checks if the current configuration file contains the <N, g> pair for the designated index.

String[]lookup(String user, String mdName)

Returns the triplet: verifier, salt and configuration file index, of a designated user, and a designated message digest algorithm name, as an array of strings.

String[]lookupConfig(String index)

Returns a pair of strings representing the pair of N and g MPIs for the designated index.

voidsavePasswd()

Constructor Detail

PasswordFile

public PasswordFile()

PasswordFile

public PasswordFile(File pwFile)

PasswordFile

public PasswordFile(String pwName)

PasswordFile

public PasswordFile(String pwName, String confName)

PasswordFile

public PasswordFile(String pwName, String pw2Name, String confName)

Method Detail

add

public void add(String user, String passwd, byte[] salt, String index)

changePasswd

public void changePasswd(String user, String passwd)

contains

public boolean contains(String user)

containsConfig

public boolean containsConfig(String index)

Checks if the current configuration file contains the <N, g> pair for the designated index.

Parameters: index a string representing 1-digit identification of an <N, g> pair used.

Returns: true if the designated index is that of a known <N, g> pair, and false otherwise.

Throws: IOException if an exception occurs during the process.

See Also: N_2048_BITS N_1536_BITS N_1280_BITS N_1024_BITS N_768_BITS N_640_BITS N_512_BITS

lookup

public String[] lookup(String user, String mdName)

Returns the triplet: verifier, salt and configuration file index, of a designated user, and a designated message digest algorithm name, as an array of strings.

Parameters: user the username. mdName the canonical name of the SRP's message digest algorithm.

Returns: a string array containing, in this order, the BASE-64 encodings of the verifier, the salt and the index in the password configuration file of the MPIs N and g of the designated user.

lookupConfig

public String[] lookupConfig(String index)

Returns a pair of strings representing the pair of N and g MPIs for the designated index.

Parameters: index a string representing 1-digit identification of an <N, g> pair to look up.

Returns: a pair of strings, arranged in an array, where the first (at index position #0) is the repesentation of the MPI N, and the second (at index position #1) is the representation of the MPI g. If the index refers to an unknown pair, then an empty string array is returned.

Throws: IOException if an exception occurs during the process.

savePasswd

public void savePasswd()
Copyright © 2001, 2002, 2003 Free Software Foundation, Inc. All Rights Reserved.