gnu.crypto.sasl.srp
Class PasswordFile
java.lang.Object
gnu.crypto.sasl.srp.PasswordFile
public class PasswordFile
extends java.lang.Object
The implementation of SRP password files.
For SRP, there are three (3) files:
- The password configuration file: tpasswd.conf. It contains the pairs
<N,g> indexed by a number for each pair used for a user. By default,
this file's pathname is constructed from the base password file pathname
by prepending it with the ".conf" suffix.
- The base password file: tpasswd. It contains the related password
entries for all the users with values computed using SRP's default
message digest algorithm: SHA-1 (with 160-bit output block size).
- The extended password file: tpasswd2. Its name, by default, is
constructed by adding the suffix "2" to the fully qualified pathname of
the base password file. It contains, in addition to the same fields as
the base password file, albeit with a different verifier value, an extra
field identifying the message digest algorithm used to compute this
(verifier) value.
This implementation assumes the following message digest algorithm codes:
- 0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).
- 1: MD5.
- 2: RIPEMD-128.
- 3: RIPEMD-160.
- 4: SHA-256.
- 5: SHA-384.
- 6: SHA-512.
IMPORTANT: This method computes the verifiers as described in
RFC-2945, which differs from the description given on the web page for
SRP-6.
Reference:
- SRP Protocol Design
Thomas J. Wu.
Version:
void | add(String user, String passwd, byte[] salt, String index)
|
void | changePasswd(String user, String passwd)
|
boolean | contains(String user)
|
boolean | containsConfig(String index) - Checks if the current configuration file contains the <N, g> pair
for the designated
index .
|
String[] | lookup(String user, String mdName) - Returns the triplet: verifier, salt and configuration file index, of a
designated user, and a designated message digest algorithm name, as an
array of strings.
|
String[] | lookupConfig(String index) - Returns a pair of strings representing the pair of
N and
g MPIs for the designated index .
|
void | savePasswd()
|
PasswordFile
public PasswordFile()
throws IOException
PasswordFile
public PasswordFile(File pwFile)
throws IOException
PasswordFile
public PasswordFile(String pwName)
throws IOException
PasswordFile
public PasswordFile(String pwName,
String confName)
throws IOException
PasswordFile
public PasswordFile(String pwName,
String pw2Name,
String confName)
throws IOException
add
public void add(String user,
String passwd,
byte[] salt,
String index)
throws IOException
changePasswd
public void changePasswd(String user,
String passwd)
throws IOException
contains
public boolean contains(String user)
throws IOException
containsConfig
public boolean containsConfig(String index)
throws IOException
Checks if the current configuration file contains the <N, g> pair
for the designated index
.
index
- a string representing 1-digit identification of an <N, g>
pair used.
true
if the designated index
is that of
a known <N, g> pair, and false
otherwise.
SRPRegistry.N_2048_BITS
, SRPRegistry.N_1536_BITS
, SRPRegistry.N_1280_BITS
, SRPRegistry.N_1024_BITS
, SRPRegistry.N_768_BITS
, SRPRegistry.N_640_BITS
, SRPRegistry.N_512_BITS
lookup
public String[] lookup(String user,
String mdName)
throws IOException
Returns the triplet: verifier, salt and configuration file index, of a
designated user, and a designated message digest algorithm name, as an
array of strings.
user
- the username.mdName
- the canonical name of the SRP's message digest algorithm.
- a string array containing, in this order, the BASE-64 encodings of
the verifier, the salt and the index in the password configuration file of
the MPIs N and g of the designated user.
lookupConfig
public String[] lookupConfig(String index)
throws IOException
Returns a pair of strings representing the pair of N
and
g
MPIs for the designated index
.
index
- a string representing 1-digit identification of an <N, g>
pair to look up.
- a pair of strings, arranged in an array, where the first (at index
position #0) is the repesentation of the MPI
N
, and the
second (at index position #1) is the representation of the MPI
g
. If the index
refers to an unknown pair, then
an empty string array is returned.
savePasswd
public void savePasswd()
throws IOException
Copyright © 2001, 2002, 2003
Free Software Foundation,
Inc. All Rights Reserved.