diff options
author | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-07-03 12:15:38 +0000 |
---|---|---|
committer | Raif S. Naffah <raif@swiftdsl.com.au> | 2006-07-03 12:15:38 +0000 |
commit | d9b7c669504ba12e03f9edd959ce162973b59f4d (patch) | |
tree | cd8bfb638537da93c874dc1379bf3ae7ff106264 | |
parent | 779b1bd78374d6a28ea6cd66cbdd5899f6a852b4 (diff) | |
download | classpath-d9b7c669504ba12e03f9edd959ce162973b59f4d.tar.gz |
2006-07-03 Raif S. Naffah <raif@swiftdsl.com.au>
* gnu/javax/crypto/sasl/anonymous/AnonymousClient.java: Source formatting.
* gnu/javax/crypto/sasl/anonymous/AnonymousServer.java: Likewise.
* gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/CramMD5Client.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/CramMD5Server.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/CramMD5Util.java: Likewise.
* gnu/javax/crypto/sasl/crammd5/PasswordFile.java: Likewise.
* gnu/javax/crypto/sasl/plain/PasswordFile.java: Likewise.
* gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java: Likewise.
* gnu/javax/crypto/sasl/plain/PlainClient.java: Likewise.
* gnu/javax/crypto/sasl/plain/PlainRegistry.java: Likewise.
* gnu/javax/crypto/sasl/plain/PlainServer.java: Likewise.
* gnu/javax/crypto/sasl/srp/CALG.java: Likewise.
* gnu/javax/crypto/sasl/srp/ClientStore.java: Likewise.
* gnu/javax/crypto/sasl/srp/IALG.java: Likewise.
* gnu/javax/crypto/sasl/srp/KDF.java: Likewise.
* gnu/javax/crypto/sasl/srp/PasswordFile.java: Likewise.
* gnu/javax/crypto/sasl/srp/SecurityContext.java: Likewise.
* gnu/javax/crypto/sasl/srp/ServerStore.java: Likewise.
* gnu/javax/crypto/sasl/srp/SRP.java: Likewise.
* gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java: Likewise.
* gnu/javax/crypto/sasl/srp/SRPClient.java: Likewise.
* gnu/javax/crypto/sasl/srp/SRPRegistry.java: Likewise.
* gnu/javax/crypto/sasl/srp/SRPServer.java: Likewise.
* gnu/javax/crypto/sasl/srp/StoreEntry.java: Likewise.
* gnu/javax/crypto/sasl/AuthInfo.java: Likewise.
* gnu/javax/crypto/sasl/AuthInfoProviderFactory.java: Likewise.
* gnu/javax/crypto/sasl/ClientFactory.java: Likewise.
* gnu/javax/crypto/sasl/ClientMechanism.java: Likewise.
* gnu/javax/crypto/sasl/ConfidentialityException.java: Likewise.
* gnu/javax/crypto/sasl/IAuthInfoProvider.java: Likewise.
* gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java: Likewise.
* gnu/javax/crypto/sasl/IllegalMechanismStateException.java: Likewise.
* gnu/javax/crypto/sasl/InputBuffer.java: Likewise.
* gnu/javax/crypto/sasl/IntegrityException.java: Likewise.
* gnu/javax/crypto/sasl/NoSuchMechanismException.java: Likewise.
* gnu/javax/crypto/sasl/NoSuchUserException.java: Likewise.
* gnu/javax/crypto/sasl/OutputBuffer.java: Likewise.
* gnu/javax/crypto/sasl/SaslEncodingException.java: Likewise.
* gnu/javax/crypto/sasl/SaslInputStream.java: Likewise.
* gnu/javax/crypto/sasl/SaslOutputStream.java: Likewise.
* gnu/javax/crypto/sasl/SaslUtil.java: Likewise.
* gnu/javax/crypto/sasl/ServerFactory.java: Likewise.
* gnu/javax/crypto/sasl/ServerMechanism.java: Likewise.
* gnu/javax/crypto/sasl/UserAlreadyExistsException.java: Likewise.
48 files changed, 1060 insertions, 2261 deletions
@@ -1,3 +1,53 @@ +2006-07-03 Raif S. Naffah <raif@swiftdsl.com.au> + + * gnu/javax/crypto/sasl/anonymous/AnonymousClient.java: Source formatting. + * gnu/javax/crypto/sasl/anonymous/AnonymousServer.java: Likewise. + * gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/CramMD5Client.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/CramMD5Server.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/CramMD5Util.java: Likewise. + * gnu/javax/crypto/sasl/crammd5/PasswordFile.java: Likewise. + * gnu/javax/crypto/sasl/plain/PasswordFile.java: Likewise. + * gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java: Likewise. + * gnu/javax/crypto/sasl/plain/PlainClient.java: Likewise. + * gnu/javax/crypto/sasl/plain/PlainRegistry.java: Likewise. + * gnu/javax/crypto/sasl/plain/PlainServer.java: Likewise. + * gnu/javax/crypto/sasl/srp/CALG.java: Likewise. + * gnu/javax/crypto/sasl/srp/ClientStore.java: Likewise. + * gnu/javax/crypto/sasl/srp/IALG.java: Likewise. + * gnu/javax/crypto/sasl/srp/KDF.java: Likewise. + * gnu/javax/crypto/sasl/srp/PasswordFile.java: Likewise. + * gnu/javax/crypto/sasl/srp/SecurityContext.java: Likewise. + * gnu/javax/crypto/sasl/srp/ServerStore.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRP.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPClient.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPRegistry.java: Likewise. + * gnu/javax/crypto/sasl/srp/SRPServer.java: Likewise. + * gnu/javax/crypto/sasl/srp/StoreEntry.java: Likewise. + * gnu/javax/crypto/sasl/AuthInfo.java: Likewise. + * gnu/javax/crypto/sasl/AuthInfoProviderFactory.java: Likewise. + * gnu/javax/crypto/sasl/ClientFactory.java: Likewise. + * gnu/javax/crypto/sasl/ClientMechanism.java: Likewise. + * gnu/javax/crypto/sasl/ConfidentialityException.java: Likewise. + * gnu/javax/crypto/sasl/IAuthInfoProvider.java: Likewise. + * gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java: Likewise. + * gnu/javax/crypto/sasl/IllegalMechanismStateException.java: Likewise. + * gnu/javax/crypto/sasl/InputBuffer.java: Likewise. + * gnu/javax/crypto/sasl/IntegrityException.java: Likewise. + * gnu/javax/crypto/sasl/NoSuchMechanismException.java: Likewise. + * gnu/javax/crypto/sasl/NoSuchUserException.java: Likewise. + * gnu/javax/crypto/sasl/OutputBuffer.java: Likewise. + * gnu/javax/crypto/sasl/SaslEncodingException.java: Likewise. + * gnu/javax/crypto/sasl/SaslInputStream.java: Likewise. + * gnu/javax/crypto/sasl/SaslOutputStream.java: Likewise. + * gnu/javax/crypto/sasl/SaslUtil.java: Likewise. + * gnu/javax/crypto/sasl/ServerFactory.java: Likewise. + * gnu/javax/crypto/sasl/ServerMechanism.java: Likewise. + * gnu/javax/crypto/sasl/UserAlreadyExistsException.java: Likewise. + 2006-07-02 Anthony Green <green@redhat.com> * gnu/javax/sound/midi/file/MidiFileWriter.java (writeTrack): Make diff --git a/gnu/javax/crypto/sasl/AuthInfo.java b/gnu/javax/crypto/sasl/AuthInfo.java index 1e942559d..733d2f0bf 100644 --- a/gnu/javax/crypto/sasl/AuthInfo.java +++ b/gnu/javax/crypto/sasl/AuthInfo.java @@ -56,10 +56,6 @@ import java.util.StringTokenizer; */ public class AuthInfo { - - // Constants and variables - // ------------------------------------------------------------------------- - private static final ArrayList factories = new ArrayList(); static { @@ -72,14 +68,14 @@ public class AuthInfo { for (StringTokenizer st = new StringTokenizer(pkgs, "|"); st.hasMoreTokens();) { - clazz = st.nextToken(); - if (!"gnu.crypto.sasl".equals(clazz)) + clazz = st.nextToken().trim(); + if (! "gnu.javax.crypto.sasl".equals(clazz)) { clazz += ".AuthInfoProviderFactory"; try { - IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) Class.forName( - clazz).newInstance(); + IAuthInfoProviderFactory factory = + (IAuthInfoProviderFactory) Class.forName(clazz).newInstance(); factories.add(factory); } catch (ClassCastException ignored) @@ -99,33 +95,25 @@ public class AuthInfo } // always add ours last; unless it's already there if (!factories.contains(ours)) - { - factories.add(ours); - } + factories.add(ours); } - // Constructor(s) - // ------------------------------------------------------------------------- - /** Trivial constructor to enforce Singleton pattern. */ private AuthInfo() { super(); } - // Class methods - // ------------------------------------------------------------------------- - /** - * A convenience method to return the authentication information provider - * for a designated SASL mechnanism. It goes through all the installed - * provider factories, one at a time, and attempts to return a new instance - * of the provider for the designated mechanism. It stops at the first - * factory returning a non-null provider. - * + * A convenience method to return the authentication information provider for + * a designated SASL mechnanism. It goes through all the installed provider + * factories, one at a time, and attempts to return a new instance of the + * provider for the designated mechanism. It stops at the first factory + * returning a non-null provider. + * * @param mechanism the name of a SASL mechanism. * @return an implementation that provides {@link IAuthInfoProvider} for that - * mechanism; or <code>null</code> if none found. + * mechanism; or <code>null</code> if none found. */ public static IAuthInfoProvider getProvider(String mechanism) { @@ -134,9 +122,7 @@ public class AuthInfo IAuthInfoProviderFactory factory = (IAuthInfoProviderFactory) it.next(); IAuthInfoProvider result = factory.getInstance(mechanism); if (result != null) - { - return result; - } + return result; } return null; } diff --git a/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java b/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java index 6ba5fc562..c4fc816dc 100644 --- a/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java +++ b/gnu/javax/crypto/sasl/AuthInfoProviderFactory.java @@ -46,44 +46,22 @@ import gnu.javax.crypto.sasl.srp.SRPAuthInfoProvider; /** * The concrete SASL authentication information provider factory. */ -public class AuthInfoProviderFactory implements IAuthInfoProviderFactory +public class AuthInfoProviderFactory + implements IAuthInfoProviderFactory { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-args constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // IAuthInfoProviderFactory interface implementation ----------------------- - public IAuthInfoProvider getInstance(String mechanism) { if (mechanism == null) - { - return null; - } + return null; mechanism = mechanism.trim().toUpperCase(); if (mechanism.startsWith(Registry.SASL_SRP_MECHANISM)) - { - return new SRPAuthInfoProvider(); - } + return new SRPAuthInfoProvider(); if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) - { - return new CramMD5AuthInfoProvider(); - } + return new CramMD5AuthInfoProvider(); if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) - { - return new PlainAuthInfoProvider(); - } + return new PlainAuthInfoProvider(); return null; } } diff --git a/gnu/javax/crypto/sasl/ClientFactory.java b/gnu/javax/crypto/sasl/ClientFactory.java index ef184632c..84acfcd14 100644 --- a/gnu/javax/crypto/sasl/ClientFactory.java +++ b/gnu/javax/crypto/sasl/ClientFactory.java @@ -47,11 +47,11 @@ import gnu.javax.crypto.sasl.srp.SRPClient; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; +import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; -import java.util.HashMap; import javax.security.auth.callback.CallbackHandler; import javax.security.sasl.Sasl; @@ -62,53 +62,32 @@ import javax.security.sasl.SaslException; /** * The implementation of {@link SaslClientFactory}. */ -public class ClientFactory implements SaslClientFactory +public class ClientFactory + implements SaslClientFactory { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - public static final Set getNames() { - return Collections.unmodifiableSet(new HashSet( - Arrays.asList(getNamesInternal(null)))); + return Collections.unmodifiableSet(new HashSet(Arrays.asList(getNamesInternal(null)))); } private static final String[] getNamesInternal(Map props) { - String[] all = new String[] { Registry.SASL_SRP_MECHANISM, - Registry.SASL_CRAM_MD5_MECHANISM, - Registry.SASL_PLAIN_MECHANISM, - Registry.SASL_ANONYMOUS_MECHANISM }; - + String[] all = new String[] { + Registry.SASL_SRP_MECHANISM, + Registry.SASL_CRAM_MD5_MECHANISM, + Registry.SASL_PLAIN_MECHANISM, + Registry.SASL_ANONYMOUS_MECHANISM }; if (props == null) - { - return all; - } + return all; if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) - { - return new String[0]; - } - + return new String[0]; List result = new ArrayList(all.length); - ; for (int i = 0; i < all.length;) - { - result.add(all[i++]); - } - + result.add(all[i++]); if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props)) - { - result.remove(Registry.SASL_PLAIN_MECHANISM); - } + result.remove(Registry.SASL_PLAIN_MECHANISM); if (hasPolicy(Sasl.POLICY_NOACTIVE, props)) { result.remove(Registry.SASL_CRAM_MD5_MECHANISM); @@ -135,32 +114,19 @@ public class ClientFactory implements SaslClientFactory public static final ClientMechanism getInstance(String mechanism) { if (mechanism == null) - { - return null; - } + return null; mechanism = mechanism.trim().toUpperCase(); if (mechanism.equals(Registry.SASL_SRP_MECHANISM)) - { - return new SRPClient(); - } + return new SRPClient(); if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) - { - return new CramMD5Client(); - } + return new CramMD5Client(); if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) - { - return new PlainClient(); - } + return new PlainClient(); if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM)) - { - return new AnonymousClient(); - } + return new AnonymousClient(); return null; } - // Instance methods - // ------------------------------------------------------------------------- - public SaslClient createSaslClient(String[] mechanisms, String authorisationID, String protocol, String serverName, Map props, @@ -173,29 +139,21 @@ public class ClientFactory implements SaslClientFactory mechanism = mechanisms[i]; result = getInstance(mechanism); if (result != null) - { - break; - } + break; } - if (result != null) { HashMap attributes = new HashMap(); if (props != null) - { - attributes.putAll(props); - } + attributes.putAll(props); attributes.put(Registry.SASL_AUTHORISATION_ID, authorisationID); attributes.put(Registry.SASL_PROTOCOL, protocol); attributes.put(Registry.SASL_SERVER_NAME, serverName); attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh); - result.init(attributes); return result; } - - throw new SaslException( - "No supported mechanism found in given mechanism list"); + throw new SaslException("No supported mechanism found in given mechanism list"); } public String[] getMechanismNames(Map props) @@ -207,4 +165,4 @@ public class ClientFactory implements SaslClientFactory { return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName))); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/ClientMechanism.java b/gnu/javax/crypto/sasl/ClientMechanism.java index 45873ae6b..7f8e9c120 100644 --- a/gnu/javax/crypto/sasl/ClientMechanism.java +++ b/gnu/javax/crypto/sasl/ClientMechanism.java @@ -42,50 +42,37 @@ import gnu.java.security.Registry; import java.util.HashMap; import java.util.Map; + import javax.security.auth.callback.CallbackHandler; import javax.security.sasl.Sasl; import javax.security.sasl.SaslClient; import javax.security.sasl.SaslException; /** - * <p>A base class to facilitate implementing SASL client-side mechanisms.</p> + * A base class to facilitate implementing SASL client-side mechanisms. */ -public abstract class ClientMechanism implements SaslClient +public abstract class ClientMechanism + implements SaslClient { - - // Constants and variables - // ------------------------------------------------------------------------- - /** Name of this mechanism. */ protected String mechanism; - /** The authorisation identity. */ protected String authorizationID; - /** Name of protocol using this mechanism. */ protected String protocol; - /** Name of server to authenticate to. */ protected String serverName; - /** Properties of qualities desired for this mechanism. */ protected Map properties; - /** Callback handler to use with this mechanism instance. */ protected CallbackHandler handler; - /** Channel binding data to use with this mechanism instance. */ protected byte[] channelBinding; - /** Whether authentication phase is completed (true) or not (false). */ protected boolean complete = false; - /** The state of the authentication automaton. */ protected int state = -1; - // Constructor(s) - // ------------------------------------------------------------------------- - protected ClientMechanism(final String mechanism) { super(); @@ -94,20 +81,10 @@ public abstract class ClientMechanism implements SaslClient this.state = -1; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods to be implemented by concrete subclasses --------------- - protected abstract void initMechanism() throws SaslException; protected abstract void resetMechanism() throws SaslException; - // javax.security.sasl.SaslClient interface implementation ----------------- - public abstract byte[] evaluateChallenge(byte[] challenge) throws SaslException; @@ -121,20 +98,16 @@ public abstract class ClientMechanism implements SaslClient public byte[] unwrap(final byte[] incoming, final int offset, final int len) throws SaslException { - if (!isComplete()) - { - throw new IllegalMechanismStateException(); - } + if (! isComplete()) + throw new IllegalMechanismStateException(); return this.engineUnwrap(incoming, offset, len); } public byte[] wrap(final byte[] outgoing, final int offset, final int len) throws SaslException { - if (!isComplete()) - { - throw new IllegalMechanismStateException(); - } + if (! isComplete()) + throw new IllegalMechanismStateException(); return this.engineWrap(outgoing, offset, len); } @@ -145,58 +118,32 @@ public abstract class ClientMechanism implements SaslClient public Object getNegotiatedProperty(final String propName) { - if (!isComplete()) - { - throw new IllegalStateException(); - } + if (! isComplete()) + throw new IllegalStateException(); if (Sasl.QOP.equals(propName)) - { - return getNegotiatedQOP(); - } + return getNegotiatedQOP(); if (Sasl.STRENGTH.equals(propName)) - { - return getNegotiatedStrength(); - } + return getNegotiatedStrength(); if (Sasl.SERVER_AUTH.equals(propName)) - { - return getNegotiatedServerAuth(); - } + return getNegotiatedServerAuth(); if (Sasl.MAX_BUFFER.equals(propName)) - { - return getNegotiatedMaxBuffer(); - } + return getNegotiatedMaxBuffer(); if (Sasl.RAW_SEND_SIZE.equals(propName)) - { - return getNegotiatedRawSendSize(); - } + return getNegotiatedRawSendSize(); if (Sasl.POLICY_NOPLAINTEXT.equals(propName)) - { - return getNegotiatedPolicyNoPlainText(); - } + return getNegotiatedPolicyNoPlainText(); if (Sasl.POLICY_NOACTIVE.equals(propName)) - { - return getNegotiatedPolicyNoActive(); - } + return getNegotiatedPolicyNoActive(); if (Sasl.POLICY_NODICTIONARY.equals(propName)) - { - return getNegotiatedPolicyNoDictionary(); - } + return getNegotiatedPolicyNoDictionary(); if (Sasl.POLICY_NOANONYMOUS.equals(propName)) - { - return getNegotiatedPolicyNoAnonymous(); - } + return getNegotiatedPolicyNoAnonymous(); if (Sasl.POLICY_FORWARD_SECRECY.equals(propName)) - { - return getNegotiatedPolicyForwardSecrecy(); - } + return getNegotiatedPolicyForwardSecrecy(); if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName)) - { - return getNegotiatedPolicyPassCredentials(); - } + return getNegotiatedPolicyPassCredentials(); if (Sasl.REUSE.equals(propName)) - { - return getReuse(); - } + return getReuse(); return null; } @@ -204,8 +151,6 @@ public abstract class ClientMechanism implements SaslClient { } - // other Instance methods -------------------------------------------------- - public String getAuthorizationID() { return authorizationID; @@ -288,30 +233,23 @@ public abstract class ClientMechanism implements SaslClient } /** - * <p>Initialises the mechanism with designated attributes. Permissible names - * and values are mechanism specific.</p> - * + * Initialises the mechanism with designated attributes. Permissible names and + * values are mechanism specific. + * * @param attributes a set of name-value pairs that describes the desired - * future behaviour of this instance. + * future behaviour of this instance. * @throws IllegalMechanismStateException if the instance is already - * initialised. + * initialised. * @throws SaslException if an exception occurs during the process. */ public void init(final Map attributes) throws SaslException { if (state != -1) - { - throw new IllegalMechanismStateException("init()"); - } - + throw new IllegalMechanismStateException("init()"); if (properties == null) - { - properties = new HashMap(); - } + properties = new HashMap(); else - { - properties.clear(); - } + properties.clear(); if (attributes != null) { authorizationID = (String) attributes.get(Registry.SASL_AUTHORISATION_ID); @@ -322,35 +260,25 @@ public abstract class ClientMechanism implements SaslClient properties.putAll(attributes); } else - { - handler = null; - } + handler = null; if (authorizationID == null) - { - authorizationID = ""; - } + authorizationID = ""; if (protocol == null) - { - protocol = ""; - } + protocol = ""; if (serverName == null) - { - serverName = ""; - } + serverName = ""; if (channelBinding == null) - { - channelBinding = new byte[0]; - } + channelBinding = new byte[0]; initMechanism(); complete = false; state = 0; } /** - * <p>Resets the mechanism instance for re-initialisation and use with other - * characteristics.</p> - * + * Resets the mechanism instance for re-initialisation and use with other + * characteristics. + * * @throws SaslException if an exception occurs during the process. */ public void reset() throws SaslException @@ -362,4 +290,4 @@ public abstract class ClientMechanism implements SaslClient complete = false; state = -1; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/ConfidentialityException.java b/gnu/javax/crypto/sasl/ConfidentialityException.java index adfc06593..62b685725 100644 --- a/gnu/javax/crypto/sasl/ConfidentialityException.java +++ b/gnu/javax/crypto/sasl/ConfidentialityException.java @@ -45,12 +45,12 @@ import javax.security.sasl.SaslException; * exception is thrown to indicate that a violation has occured during the * processing of a <i>confidentiality</i> protection filter. */ -public class ConfidentialityException extends SaslException +public class ConfidentialityException + extends SaslException { - /** - * Constructs a new instance of <code>ConfidentialityException</code> with no - * detail message. + * Constructs a new instance of <code>ConfidentialityException</code> with + * no detail message. */ public ConfidentialityException() { @@ -60,7 +60,7 @@ public class ConfidentialityException extends SaslException /** * Constructs a new instance of <code>ConfidentialityException</code> with * the specified detail message. - * + * * @param s the detail message. */ public ConfidentialityException(String s) @@ -71,7 +71,7 @@ public class ConfidentialityException extends SaslException /** * Constructs a new instance of <code>ConfidentialityException</code> with a * detailed message and a root exception. - * + * * @param s possibly null additional detail about the exception. * @param x a possibly null root exception that caused this one. */ diff --git a/gnu/javax/crypto/sasl/IAuthInfoProvider.java b/gnu/javax/crypto/sasl/IAuthInfoProvider.java index 2b913a137..60c50d5d4 100644 --- a/gnu/javax/crypto/sasl/IAuthInfoProvider.java +++ b/gnu/javax/crypto/sasl/IAuthInfoProvider.java @@ -47,71 +47,70 @@ import javax.security.sasl.AuthenticationException; */ public interface IAuthInfoProvider { - - // Constants - // ------------------------------------------------------------------------- - - // Methods - // ------------------------------------------------------------------------- - /** * Activates (initialises) this provider instance. SHOULD be the first method * invoked on the provider. - * + * * @param context a collection of name-value bindings describing the - * activation context. - * @throws AuthenticationException if an exception occurs during the operation. + * activation context. + * @throws AuthenticationException if an exception occurs during the + * operation. */ void activate(Map context) throws AuthenticationException; /** * Passivates (releases) this provider instance. SHOULD be the last method - * invoked on the provider. Once it is done, no other method may be invoked - * on the same instance before it is <i>activated</i> agains. - * - * @throws AuthenticationException if an exception occurs during the operation. + * invoked on the provider. Once it is done, no other method may be invoked on + * the same instance before it is <i>activated</i> agains. + * + * @throws AuthenticationException if an exception occurs during the + * operation. */ void passivate() throws AuthenticationException; /** * Checks if a user with a designated name is known to this provider. - * + * * @param userName the name of a user to check. - * @return <code>true</code> if the user with the designated name is known to - * this provider; <code>false</code> otherwise. - * @throws AuthenticationException if an exception occurs during the operation. + * @return <code>true</code> if the user with the designated name is known + * to this provider; <code>false</code> otherwise. + * @throws AuthenticationException if an exception occurs during the + * operation. */ boolean contains(String userName) throws AuthenticationException; /** * Returns a collection of information about a designated user. The contents * of the returned map is provider-specific of name-to-value mappings. - * + * * @param userID a map of name-to-value bindings that fully describe a user. * @return a collection of information about the designated user. - * @throws AuthenticationException if an exception occurs during the operation. + * @throws AuthenticationException if an exception occurs during the + * operation. */ Map lookup(Map userID) throws AuthenticationException; /** * Updates the credentials of a designated user. - * + * * @param userCredentials a map of name-to-value bindings that fully describe - * a user, including per new credentials. - * @throws AuthenticationException if an exception occurs during the operation. + * a user, including per new credentials. + * @throws AuthenticationException if an exception occurs during the + * operation. */ void update(Map userCredentials) throws AuthenticationException; /** * A provider may operate in more than mode; e.g. SRP-II caters for user - * credentials computed in more than one message digest algorithm. This - * method returns the set of name-to-value bindings describing the mode of - * the provider. - * + * credentials computed in more than one message digest algorithm. This method + * returns the set of name-to-value bindings describing the mode of the + * provider. + * * @param mode a unique identifier describing the operational mode. * @return a collection of name-to-value bindings describing the designated - * mode. - * @throws AuthenticationException if an exception occurs during the operation. + * mode. + * @throws AuthenticationException if an exception occurs during the + * operation. */ Map getConfiguration(String mode) throws AuthenticationException; -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java b/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java index e630b8da1..b6dc775d8 100644 --- a/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java +++ b/gnu/javax/crypto/sasl/IAuthInfoProviderFactory.java @@ -43,20 +43,13 @@ package gnu.javax.crypto.sasl; */ public interface IAuthInfoProviderFactory { - - // Constants - // ------------------------------------------------------------------------- - - // Methods - // ------------------------------------------------------------------------- - /** - * Returns an implementation of a provider for a designated mechanism - * capable of honouring {@link IAuthInfoProvider} requests. - * + * Returns an implementation of a provider for a designated mechanism capable + * of honouring {@link IAuthInfoProvider} requests. + * * @param mechanism the unique name of a mechanism. * @return an implementation of {@link IAuthInfoProvider} for that mechanism - * or <code>null</code> if none found. + * or <code>null</code> if none found. */ IAuthInfoProvider getInstance(String mechanism); -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/IllegalMechanismStateException.java b/gnu/javax/crypto/sasl/IllegalMechanismStateException.java index b46ad98e3..547ac4103 100644 --- a/gnu/javax/crypto/sasl/IllegalMechanismStateException.java +++ b/gnu/javax/crypto/sasl/IllegalMechanismStateException.java @@ -47,9 +47,9 @@ import javax.security.sasl.AuthenticationException; * invoked on incomplete mechanisms was invoked but the authentication phase of * that mechanism was already completed. */ -public class IllegalMechanismStateException extends AuthenticationException +public class IllegalMechanismStateException + extends AuthenticationException { - /** * Constructs a new instance of <code>IllegalMechanismStateException</code> * with no detail message. @@ -62,7 +62,7 @@ public class IllegalMechanismStateException extends AuthenticationException /** * Constructs a new instance of <code>IllegalMechanismStateException</code> * with the specified detail message. - * + * * @param detail the detail message. */ public IllegalMechanismStateException(String detail) @@ -73,7 +73,7 @@ public class IllegalMechanismStateException extends AuthenticationException /** * Constructs a new instance of <code>IllegalMechanismStateException</code> * with the specified detail message, and cause. - * + * * @param detail the detail message. * @param ex the original cause. */ diff --git a/gnu/javax/crypto/sasl/InputBuffer.java b/gnu/javax/crypto/sasl/InputBuffer.java index a64ea3e0e..d676a595d 100644 --- a/gnu/javax/crypto/sasl/InputBuffer.java +++ b/gnu/javax/crypto/sasl/InputBuffer.java @@ -45,39 +45,33 @@ import java.io.IOException; import java.math.BigInteger; /** - * <p>The implementation of an incoming SASL buffer.</p> - * - * <p>The data elements this class caters for are described in [1].</p> - * - * <p>References:</p> + * The implementation of an incoming SASL buffer. + * <p> + * The data elements this class caters for are described in [1]. + * <p> + * References: * <ol> - * <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt"> - * Secure Remote Password Authentication Mechanism</a>;<br/> - * draft-burdis-cat-srp-sasl-09,<br/> - * <a href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and - * <a href="mailto:raif@forge.com.au">Raïf S. Naffah</a>.</li> + * <li><a + * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt"> + * Secure Remote Password Authentication Mechanism</a>;<br/> + * draft-burdis-cat-srp-sasl-09,<br/> <a + * href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and <a + * href="mailto:raif@forge.com.au">Raïf S. Naffah</a>.</li> * </ol> */ public class InputBuffer { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The internal buffer stream containing the buffer's contents. */ protected ByteArrayInputStream in; - /** The length of the buffer, according to its header. */ protected int length; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Constructs a SASL buffer given the buffer's encoded form, including its - * header bytes.</p> - * - * @param frame the encoded form, including the header bytes, of a SASL buffer. + * Constructs a SASL buffer given the buffer's encoded form, including its + * header bytes. + * + * @param frame the encoded form, including the header bytes, of a SASL + * buffer. * @throws SaslEncodingException if the buffer is malformed. */ public InputBuffer(byte[] frame) throws SaslEncodingException @@ -85,17 +79,13 @@ public class InputBuffer this(); if (frame.length < 4) - { - throw new SaslEncodingException("SASL buffer header too short"); - } - - length = (frame[0] & 0xFF) << 24 | (frame[1] & 0xFF) << 16 - | (frame[2] & 0xFF) << 8 | (frame[3] & 0xFF); + throw new SaslEncodingException("SASL buffer header too short"); + length = (frame[0] & 0xFF) << 24 + | (frame[1] & 0xFF) << 16 + | (frame[2] & 0xFF) << 8 + | (frame[3] & 0xFF); if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) - { - throw new SaslEncodingException("SASL buffer size limit exceeded"); - } - + throw new SaslEncodingException("SASL buffer size limit exceeded"); in = new ByteArrayInputStream(frame, 4, length); } @@ -105,16 +95,13 @@ public class InputBuffer super(); } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of a SASL buffer given the buffer's encoded contents, - * excluding the buffer's header bytes.</p> - * - * <p>Calls the method with the same name and three arguments as: + * Returns an instance of a SASL buffer given the buffer's encoded contents, + * excluding the buffer's header bytes. + * <p> + * Calls the method with the same name and three arguments as: * <code>getInstance(raw, 0, raw.length)</code>. - * + * * @param raw the encoded form, excluding the header bytes, of a SASL buffer. * @return a new instance of {@link InputBuffer}. */ @@ -124,9 +111,9 @@ public class InputBuffer } /** - * <p>Returns an instance of a SASL buffer given the buffer's encoded - * contents, excluding the buffer's header bytes.</p> - * + * Returns an instance of a SASL buffer given the buffer's encoded contents, + * excluding the buffer's header bytes. + * * @param raw the encoded form, excluding the header bytes, of a SASL buffer. * @param offset offset where to start using raw bytes from. * @param len number of bytes to use. @@ -140,21 +127,8 @@ public class InputBuffer } /** - * <p>Converts four octets into the number that they represent.</p> - * - * @param b the four octets. - * @return the length. - */ - // public static int fourBytesToLength(byte[] b) throws SaslEncodingException { - // int result = b[0] << 24 | (b[1] & 0xFF) << 16 | (b[2] & 0xFF) << 8 | (b[3] & 0xFF); - // if (result > Registry.SASL_FOUR_BYTE_MAX_LIMIT || result < 0) { - // throw new SaslEncodingException("SASL EOS size limit exceeded"); - // } - // return result; - // } - /** - * <p>Converts two octets into the number that they represent.</p> - * + * Converts two octets into the number that they represent. + * * @param b the two octets. * @return the length. */ @@ -162,49 +136,37 @@ public class InputBuffer { final int result = (b[0] & 0xFF) << 8 | (b[1] & 0xFF); if (result > Registry.SASL_TWO_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException("SASL MPI/Text size limit exceeded"); - } + throw new SaslEncodingException("SASL MPI/Text size limit exceeded"); return result; } - // Instance methods - // ------------------------------------------------------------------------- - public boolean hasMoreElements() { return (in.available() > 0); } /** - * <p>Decodes a SASL scalar quantity, <code>count</code>-octet long, from the - * current buffer.</p> - * + * Decodes a SASL scalar quantity, <code>count</code>-octet long, from the + * current buffer. + * * @param count the number of octets of this scalar quantity. - * @return a native representation of a SASL scalar (unsigned integer) quantity. + * @return a native representation of a SASL scalar (unsigned integer) + * quantity. * @throws SaslEncodingException if an encoding exception occurs during the - * operation. + * operation. * @throws IOException if any other I/O exception occurs during the operation. */ public long getScalar(int count) throws IOException { if (count < 0 || count > 4) - { - throw new SaslEncodingException("Invalid SASL scalar octet count: " - + String.valueOf(count)); - } - if (!hasMoreElements()) - { - throw new SaslEncodingException( - "Not enough bytes for a scalar in buffer"); - } + throw new SaslEncodingException("Invalid SASL scalar octet count: " + + String.valueOf(count)); + if (! hasMoreElements()) + throw new SaslEncodingException("Not enough bytes for a scalar in buffer"); if (in.available() < count) - { - throw new SaslEncodingException("Illegal SASL scalar encoding"); - } + throw new SaslEncodingException("Illegal SASL scalar encoding"); byte[] element = new byte[count]; in.read(element); - long result = 0L; for (int i = 0; i < count; i++) { @@ -215,125 +177,96 @@ public class InputBuffer } /** - * <p>Decodes a SASL OS from the current buffer.</p> - * + * Decodes a SASL OS from the current buffer. + * * @return a native representation of a SASL OS. * @throws SaslEncodingException if an encoding exception occurs during the - * operation. + * operation. * @throws IOException if any other I/O exception occurs during the operation. */ public byte[] getOS() throws IOException { - if (!hasMoreElements()) - { - throw new SaslEncodingException( - "Not enough bytes for an octet-sequence in buffer"); - } + if (! hasMoreElements()) + throw new SaslEncodingException( + "Not enough bytes for an octet-sequence in buffer"); final int elementLength = in.read(); if (elementLength > Registry.SASL_ONE_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException( - "SASL octet-sequence size limit exceeded"); - } - + throw new SaslEncodingException("SASL octet-sequence size limit exceeded"); if (in.available() < elementLength) - { - throw new SaslEncodingException("Illegal SASL octet-sequence encoding"); - } - + throw new SaslEncodingException("Illegal SASL octet-sequence encoding"); byte[] result = new byte[elementLength]; in.read(result); - return result; } /** - * <p>Decodes a SASL EOS from the current buffer.</p> - * + * Decodes a SASL EOS from the current buffer. + * * @return a native representation of a SASL EOS. * @throws SaslEncodingException if an encoding exception occurs during the - * operation. + * operation. * @throws IOException if any other I/O exception occurs during the operation. */ public byte[] getEOS() throws IOException { if (in.available() < 2) - { - throw new SaslEncodingException( - "Not enough bytes for an extended octet-sequence in buffer"); - } - + throw new SaslEncodingException( + "Not enough bytes for an extended octet-sequence in buffer"); byte[] elementLengthBytes = new byte[2]; in.read(elementLengthBytes); final int elementLength = twoBytesToLength(elementLengthBytes); if (in.available() < elementLength) - { - throw new SaslEncodingException( - "Illegal SASL extended octet-sequence encoding"); - } - + throw new SaslEncodingException( + "Illegal SASL extended octet-sequence encoding"); byte[] result = new byte[elementLength]; in.read(result); - return result; } /** - * <p>Decodes a SASL MPI from the current buffer.</p> - * + * Decodes a SASL MPI from the current buffer. + * * @return a native representation of a SASL MPI. * @throws SaslEncodingException if an encoding exception occurs during the - * operation. + * operation. * @throws IOException if any other I/O exception occurs during the operation. */ public BigInteger getMPI() throws IOException { if (in.available() < 2) - { - throw new SaslEncodingException("Not enough bytes for an MPI in buffer"); - } + throw new SaslEncodingException("Not enough bytes for an MPI in buffer"); byte[] elementLengthBytes = new byte[2]; in.read(elementLengthBytes); final int elementLength = twoBytesToLength(elementLengthBytes); if (in.available() < elementLength) - { - throw new SaslEncodingException( - "Illegal SASL multi-precision integer encoding"); - } - + throw new SaslEncodingException( + "Illegal SASL multi-precision integer encoding"); byte[] element = new byte[elementLength]; in.read(element); - return new BigInteger(1, element); } /** - * <p>Decodes a SASL Text from the current buffer.</p> - * + * Decodes a SASL Text from the current buffer. + * * @return a native representation of a SASL Text. * @throws SaslEncodingException if an encoding exception occurs during the - * operation. + * operation. * @throws SaslEncodingException if the UTF-8 character encoding is not - * supported on this platform. + * supported on this platform. * @throws IOException if any other I/O exception occurs during the operation. */ public String getText() throws IOException { if (in.available() < 2) - { - throw new SaslEncodingException("Not enough bytes for a text in buffer"); - } + throw new SaslEncodingException("Not enough bytes for a text in buffer"); byte[] elementLengthBytes = new byte[2]; in.read(elementLengthBytes); final int elementLength = twoBytesToLength(elementLengthBytes); if (in.available() < elementLength) - { - throw new SaslEncodingException("Illegal SASL text encoding"); - } - + throw new SaslEncodingException("Illegal SASL text encoding"); byte[] element = new byte[elementLength]; in.read(element); - return new String(element, "UTF8"); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/IntegrityException.java b/gnu/javax/crypto/sasl/IntegrityException.java index 4a56ca2d5..9b793ce3e 100644 --- a/gnu/javax/crypto/sasl/IntegrityException.java +++ b/gnu/javax/crypto/sasl/IntegrityException.java @@ -46,9 +46,9 @@ import javax.security.sasl.SaslException; * processing of an <i>integrity</i> protection filter, including <i>replay * detection</i>. */ -public class IntegrityException extends SaslException +public class IntegrityException + extends SaslException { - /** * Constructs a new instance of <code>IntegrityException</code> with no * detail message. @@ -61,7 +61,7 @@ public class IntegrityException extends SaslException /** * Constructs a new instance of <code>IntegrityException</code> with the * specified detail message. - * + * * @param s the detail message. */ public IntegrityException(String s) @@ -72,7 +72,7 @@ public class IntegrityException extends SaslException /** * Constructs a new instance of <code>IntegrityException</code> with a * detailed message and a root exception. - * + * * @param s possibly null additional detail about the exception. * @param x a possibly null root exception that caused this one. */ @@ -80,4 +80,4 @@ public class IntegrityException extends SaslException { super(s, x); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/NoSuchMechanismException.java b/gnu/javax/crypto/sasl/NoSuchMechanismException.java index 65432082a..5b16a788c 100644 --- a/gnu/javax/crypto/sasl/NoSuchMechanismException.java +++ b/gnu/javax/crypto/sasl/NoSuchMechanismException.java @@ -44,19 +44,19 @@ import javax.security.sasl.SaslException; * A checked exception thrown to indicate that a designated SASL mechanism * implementation was not found. */ -public class NoSuchMechanismException extends SaslException +public class NoSuchMechanismException + extends SaslException { - /** * Constructs a <code>NoSuchMechanismException</code> with the specified * detail message. In the case of this exception, the detail message * designates the offending mechanism name. - * + * * @param arg the detail message, which in this case is the offending - * mechanism name. + * mechanism name. */ public NoSuchMechanismException(String arg) { super(arg); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/NoSuchUserException.java b/gnu/javax/crypto/sasl/NoSuchUserException.java index fe362c742..387339f60 100644 --- a/gnu/javax/crypto/sasl/NoSuchUserException.java +++ b/gnu/javax/crypto/sasl/NoSuchUserException.java @@ -44,9 +44,9 @@ import javax.security.sasl.AuthenticationException; * A checked exception thrown to indicate that a designated user is unknown to * the authentication layer. */ -public class NoSuchUserException extends AuthenticationException +public class NoSuchUserException + extends AuthenticationException { - /** Constructs a <code>NoSuchUserException</code> with no detail message. */ public NoSuchUserException() { @@ -55,9 +55,9 @@ public class NoSuchUserException extends AuthenticationException /** * Constructs a <code>NoSuchUserException</code> with the specified detail - * message. In the case of this exception, the detail message designates - * the offending username. - * + * message. In the case of this exception, the detail message designates the + * offending username. + * * @param arg the detail message, which in this case is the username. */ public NoSuchUserException(String arg) diff --git a/gnu/javax/crypto/sasl/OutputBuffer.java b/gnu/javax/crypto/sasl/OutputBuffer.java index d219e7e9f..92e34dfbf 100644 --- a/gnu/javax/crypto/sasl/OutputBuffer.java +++ b/gnu/javax/crypto/sasl/OutputBuffer.java @@ -46,31 +46,25 @@ import java.io.IOException; import java.math.BigInteger; /** - * <p>The implementation of an outgoing SASL buffer.</p> - * - * <p>The data elements this class caters for are described in [1].</p> - * - * <p>References:</p> + * The implementation of an outgoing SASL buffer. + * <p> + * The data elements this class caters for are described in [1]. + * <p> + * References: * <ol> - * <li><a href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt"> - * Secure Remote Password Authentication Mechanism</a>;<br/> - * draft-burdis-cat-srp-sasl-09,<br/> - * <a href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and - * <a href="mailto:raif@forge.com.au">Raïf S. Naffah</a>.</li> + * <li><a + * href="http://www.ietf.org/internet-drafts/draft-burdis-cat-srp-sasl-09.txt"> + * Secure Remote Password Authentication Mechanism</a>;<br/> + * draft-burdis-cat-srp-sasl-09,<br/> <a + * href="mailto:keith@rucus.ru.ac.za">Keith Burdis</a> and <a + * href="mailto:raif@forge.com.au">Raïf S. Naffah</a>.</li> * </ol> */ public class OutputBuffer { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The internal output stream. */ private ByteArrayOutputStream out; - // Constructor(s) - // ------------------------------------------------------------------------- - public OutputBuffer() { super(); @@ -78,16 +72,10 @@ public class OutputBuffer out = new ByteArrayOutputStream(); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Encodes a SASL scalar quantity, <code>count</code>-octet long, to the - * current buffer.</p> - * + * Encodes a SASL scalar quantity, <code>count</code>-octet long, to the + * current buffer. + * * @param count number of octets to encode <code>b</code> with. * @param b the scalar quantity. * @throws SaslEncodingException if an encoding size constraint is violated. @@ -96,21 +84,17 @@ public class OutputBuffer public void setScalar(int count, int b) throws IOException { if (count < 0 || count > 4) - { - throw new SaslEncodingException("Invalid SASL scalar octet count: " - + String.valueOf(count)); - } + throw new SaslEncodingException("Invalid SASL scalar octet count: " + + String.valueOf(count)); byte[] element = new byte[count]; for (int i = count; --i >= 0; b >>>= 8) - { - element[i] = (byte) b; - } + element[i] = (byte) b; out.write(element); } /** - * <p>Encodes a SASL OS to the current buffer.</p> - * + * Encodes a SASL OS to the current buffer. + * * @param b the OS element. * @throws SaslEncodingException if an encoding size constraint is violated. * @throws IOException if any other I/O exception occurs during the operation. @@ -119,16 +103,14 @@ public class OutputBuffer { final int length = b.length; if (length > Registry.SASL_ONE_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException("SASL octet-sequence too long"); - } + throw new SaslEncodingException("SASL octet-sequence too long"); out.write(length & 0xFF); out.write(b); } /** - * <p>Encodes a SASL EOS to the current buffer.</p> - * + * Encodes a SASL EOS to the current buffer. + * * @param b the EOS element. * @throws SaslEncodingException if an encoding size constraint is violated. * @throws IOException if any other I/O exception occurs during the operation. @@ -137,17 +119,15 @@ public class OutputBuffer { final int length = b.length; if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException("SASL extended octet-sequence too long"); - } - byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + throw new SaslEncodingException("SASL extended octet-sequence too long"); + byte[] lengthBytes = { (byte)(length >>> 8), (byte) length }; out.write(lengthBytes); out.write(b); } /** - * <p>Encodes a SASL MPI to the current buffer.</p> - * + * Encodes a SASL MPI to the current buffer. + * * @param val the MPI element. * @throws SaslEncodingException if an encoding size constraint is violated. * @throws IOException if any other I/O exception occurs during the operation. @@ -157,21 +137,19 @@ public class OutputBuffer byte[] b = Util.trim(val); final int length = b.length; if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException("SASL multi-precision integer too long"); - } - byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + throw new SaslEncodingException("SASL multi-precision integer too long"); + byte[] lengthBytes = { (byte)(length >>> 8), (byte) length }; out.write(lengthBytes); out.write(b); } /** - * <p>Encodes a SASL Text to the current buffer.</p> - * + * Encodes a SASL Text to the current buffer. + * * @param str the Text element. * @throws SaslEncodingException if an encoding size constraint is violated. * @throws SaslEncodingException if the UTF-8 encoding is not supported on - * this platform. + * this platform. * @throws IOException if any other I/O exception occurs during the operation. */ public void setText(String str) throws IOException @@ -179,18 +157,16 @@ public class OutputBuffer byte[] b = str.getBytes("UTF8"); final int length = b.length; if (length > Registry.SASL_TWO_BYTE_MAX_LIMIT) - { - throw new SaslEncodingException("SASL text too long"); - } - byte[] lengthBytes = { (byte) (length >>> 8), (byte) length }; + throw new SaslEncodingException("SASL text too long"); + byte[] lengthBytes = { (byte)(length >>> 8), (byte) length }; out.write(lengthBytes); out.write(b); } /** - * <p>Returns the encoded form of the current buffer including the 4-byte - * length header.</p> - * + * Returns the encoded form of the current buffer including the 4-byte length + * header. + * * @throws SaslEncodingException if an encoding size constraint is violated. */ public byte[] encode() throws SaslEncodingException @@ -198,28 +174,25 @@ public class OutputBuffer byte[] buffer = wrap(); final int length = buffer.length; byte[] result = new byte[length + 4]; - result[0] = (byte) (length >>> 24); - result[1] = (byte) (length >>> 16); - result[2] = (byte) (length >>> 8); + result[0] = (byte)(length >>> 24); + result[1] = (byte)(length >>> 16); + result[2] = (byte)(length >>> 8); result[3] = (byte) length; System.arraycopy(buffer, 0, result, 4, length); - return result; } /** - * <p>Returns the encoded form of the current buffer excluding the 4-byte - * length header.</p> - * + * Returns the encoded form of the current buffer excluding the 4-byte length + * header. + * * @throws SaslEncodingException if an encoding size constraint is violated. */ public byte[] wrap() throws SaslEncodingException { final int length = out.size(); if (length > Registry.SASL_BUFFER_MAX_LIMIT || length < 0) - { - throw new SaslEncodingException("SASL buffer too long"); - } + throw new SaslEncodingException("SASL buffer too long"); return out.toByteArray(); } } diff --git a/gnu/javax/crypto/sasl/SaslEncodingException.java b/gnu/javax/crypto/sasl/SaslEncodingException.java index 9f4c59f1c..f6a74641d 100644 --- a/gnu/javax/crypto/sasl/SaslEncodingException.java +++ b/gnu/javax/crypto/sasl/SaslEncodingException.java @@ -44,9 +44,9 @@ import javax.security.sasl.SaslException; * A checked exception, thrown when an exception occurs while decoding a SASL * buffer and/or a SASL data element from/to a buffer. */ -public class SaslEncodingException extends SaslException +public class SaslEncodingException + extends SaslException { - /** Constructs a <code>SaslEncodingException</code> with no detail message. */ public SaslEncodingException() { @@ -56,11 +56,11 @@ public class SaslEncodingException extends SaslException /** * Constructs a <code>SaslEncodingException</code> with the specified detail * message. - * + * * @param s the detail message. */ public SaslEncodingException(String s) { super(s); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/SaslInputStream.java b/gnu/javax/crypto/sasl/SaslInputStream.java index 1bd305f5f..d127bf5ba 100644 --- a/gnu/javax/crypto/sasl/SaslInputStream.java +++ b/gnu/javax/crypto/sasl/SaslInputStream.java @@ -54,7 +54,8 @@ import javax.security.sasl.SaslServer; * An input stream that uses either a {@link SaslClient} or a {@link SaslServer} * to process the data through these entities' security layer filter(s). */ -public class SaslInputStream extends InputStream +public class SaslInputStream + extends InputStream { private static final Logger log = Logger.getLogger(SaslInputStream.class.getName()); private SaslClient client; @@ -63,16 +64,14 @@ public class SaslInputStream extends InputStream private InputStream source; private byte[] internalBuf; - // Constructor(s) - // ------------------------------------------------------------------------- - public SaslInputStream(SaslClient client, InputStream source) throws IOException { super(); this.client = client; - maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); server = null; this.source = source; } @@ -83,19 +82,12 @@ public class SaslInputStream extends InputStream super(); this.server = server; - maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); client = null; this.source = source; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // Overloaded java.io.InputStream methods ---------------------------------- - public int available() throws IOException { return (internalBuf == null) ? 0 : internalBuf.length; @@ -107,25 +99,25 @@ public class SaslInputStream extends InputStream } /** - * <p>Reads the next byte of data from the input stream. The value byte is + * Reads the next byte of data from the input stream. The value byte is * returned as an <code>int</code> in the range <code>0</code> to * <code>255</code>. If no byte is available because the end of the stream * has been reached, the value <code>-1</code> is returned. This method - * blocks until input data is available, the end of the stream is detected, - * or an exception is thrown.</p> - * - * <p>From a SASL mechanism provider's perspective, if a security layer has - * been negotiated, the underlying <i>source</i> is expected to contain SASL + * blocks until input data is available, the end of the stream is detected, or + * an exception is thrown. + * <p> + * From a SASL mechanism provider's perspective, if a security layer has been + * negotiated, the underlying <i>source</i> is expected to contain SASL * buffers, as defined in RFC 2222. Four octets in network byte order in the * front of each buffer identify the length of the buffer. The provider is * responsible for performing any integrity checking or other processing on * the buffer before returning the data as a stream of octets. For example, * the protocol driver's request for a single octet from the stream might; * i.e. an invocation of this method, may result in an entire SASL buffer - * being read and processed before that single octet can be returned.</p> - * - * @return the next byte of data, or <code>-1</code> if the end of the stream - * is reached. + * being read and processed before that single octet can be returned. + * + * @return the next byte of data, or <code>-1</code> if the end of the + * stream is reached. * @throws IOException if an I/O error occurs. */ public int read() throws IOException @@ -149,75 +141,74 @@ public class SaslInputStream extends InputStream int check = read(buf); result = (check > 0) ? (buf[0] & 0xFF) : -1; } - return result; } /** - * <p>Reads up to <code>len</code> bytes of data from the underlying - * <i>source</i> input stream into an array of bytes. An attempt is made to - * read as many as <code>len</code> bytes, but a smaller number may be read, - * possibly zero. The number of bytes actually read is returned as an - * integer.</p> - * - * <p>This method blocks until input data is available, end of file is - * detected, or an exception is thrown.</p> - * - * <p>If <code>b</code> is <code>null</code>, a {@link NullPointerException} is - * thrown.</p> - * - * <p>If <code>off</code> is negative, or <code>len</code> is negative, or - * <code>off+len</code> is greater than the length of the array <code>b</code>, - * then an {@link IndexOutOfBoundsException} is thrown.</p> - * - * <p>If <code>len</code> is zero, then no bytes are read and <code>0</code> + * Reads up to <code>len</code> bytes of data from the underlying <i>source</i> + * input stream into an array of bytes. An attempt is made to read as many as + * <code>len</code> bytes, but a smaller number may be read, possibly zero. + * The number of bytes actually read is returned as an integer. + * <p> + * This method blocks until input data is available, end of file is detected, + * or an exception is thrown. + * <p> + * If <code>b</code> is <code>null</code>, a {@link NullPointerException} + * is thrown. + * <p> + * If <code>off</code> is negative, or <code>len</code> is negative, or + * <code>off+len</code> is greater than the length of the array + * <code>b</code>, then an {@link IndexOutOfBoundsException} is thrown. + * <p> + * If <code>len</code> is zero, then no bytes are read and <code>0</code> * is returned; otherwise, there is an attempt to read at least one byte. If * no byte is available because the stream is at end of file, the value * <code>-1</code> is returned; otherwise, at least one byte is read and - * stored into <code>b</code>.</p> - * - * <p>The first byte read is stored into element <code>b[off]</code>, the - * next one into <code>b[off+1]</code>, and so on. The number of bytes read - * is, at most, equal to <code>len</code>. Let <code>k</code> be the number + * stored into <code>b</code>. + * <p> + * The first byte read is stored into element <code>b[off]</code>, the next + * one into <code>b[off+1]</code>, and so on. The number of bytes read is, + * at most, equal to <code>len</code>. Let <code>k</code> be the number * of bytes actually read; these bytes will be stored in elements * <code>b[off]</code> through <code>b[off+k-1]</code>, leaving elements - * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected.</p> - * - * <p>In every case, elements <code>b[0]</code> through <code>b[off]</code> + * <code>b[off+k]</code> through <code>b[off+len-1]</code> unaffected. + * <p> + * In every case, elements <code>b[0]</code> through <code>b[off]</code> * and elements <code>b[off+len]</code> through <code>b[b.length-1]</code> - * are unaffected.</p> - * - * <p>If the first byte cannot be read for any reason other than end of file, - * then an {@link IOException} is thrown. In particular, an {@link IOException} - * is thrown if the input stream has been closed.</p> - * - * <p>From the SASL mechanism provider's perspective, if a security layer has + * are unaffected. + * <p> + * If the first byte cannot be read for any reason other than end of file, + * then an {@link IOException} is thrown. In particular, an + * {@link IOException} is thrown if the input stream has been closed. + * <p> + * From the SASL mechanism provider's perspective, if a security layer has * been negotiated, the underlying <i>source</i> is expected to contain SASL * buffers, as defined in RFC 2222. Four octets in network byte order in the * front of each buffer identify the length of the buffer. The provider is * responsible for performing any integrity checking or other processing on * the buffer before returning the data as a stream of octets. The protocol * driver's request for a single octet from the stream might result in an - * entire SASL buffer being read and processed before that single octet can - * be returned.</p> - * + * entire SASL buffer being read and processed before that single octet can be + * returned. + * * @param b the buffer into which the data is read. * @param off the start offset in array <code>b</code> at which the data is - * wricodeen. + * wricodeen. * @param len the maximum number of bytes to read. * @return the total number of bytes read into the buffer, or <code>-1</code> - * if there is no more data because the end of the stream has been reached. + * if there is no more data because the end of the stream has been + * reached. * @throws IOException if an I/O error occurs. */ public int read(byte[] b, int off, int len) throws IOException { if (Configuration.DEBUG) - log.entering(this.getClass().getName(), "read", - new Object[] { b, Integer.valueOf(off), Integer.valueOf(len) }); + log.entering(this.getClass().getName(), "read", new Object[] { + b, Integer.valueOf(off), Integer.valueOf(len) + }); if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) || ((off + len) < 0)) - throw new IndexOutOfBoundsException("off=" + off - + ", len=" + len + throw new IndexOutOfBoundsException("off=" + off + ", len=" + len + ", b.length=" + b.length); if (len == 0) { @@ -254,7 +245,6 @@ public class SaslInputStream extends InputStream } return -1; } - if (len <= internalBuf.length) { result = len; @@ -274,10 +264,8 @@ public class SaslInputStream extends InputStream result = internalBuf.length; System.arraycopy(internalBuf, 0, b, off, result); internalBuf = null; - off += result; len -= result; - int remaining; // count of bytes remaining in buffer after an iteration int delta; // count of bytes moved to b after an iteration int datalen; @@ -295,9 +283,7 @@ public class SaslInputStream extends InputStream log.finer("Underlying stream exhausted. Breaking..."); break; } - datalen = data.length; - // copy [part of] the result to b remaining = (datalen <= len) ? 0 : datalen - len; delta = datalen - remaining; @@ -307,7 +293,6 @@ public class SaslInputStream extends InputStream internalBuf = new byte[remaining]; System.arraycopy(data, delta, internalBuf, 0, remaining); } - // update off, result and len off += delta; result += delta; @@ -322,20 +307,19 @@ public class SaslInputStream extends InputStream } if (Configuration.DEBUG) { - log.finer("Remaining: " + (internalBuf == null ? 0 : internalBuf.length)); + log.finer("Remaining: " + + (internalBuf == null ? 0 : internalBuf.length)); log.exiting(this.getClass().getName(), "read()", String.valueOf(result)); } return result; } - // other nstance methods --------------------------------------------------- - /** * Reads a SASL buffer from the underlying source if at least 4 bytes are * available. - * + * * @return the byte[] of decoded buffer contents, or null if the underlying - * source was exhausted. + * source was exhausted. * @throws IOException if an I/O exception occurs during the operation. */ private byte[] readSaslBuffer() throws IOException @@ -360,12 +344,12 @@ public class SaslInputStream extends InputStream log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } - if (realLength != 4) throw new IOException("Was expecting 4 but found " + realLength); - int bufferLength = result[0] << 24 | (result[1] & 0xFF) << 16 - | (result[2] & 0xFF) << 8 | (result[3] & 0xFF); - + int bufferLength = result[0] << 24 + | (result[1] & 0xFF) << 16 + | (result[2] & 0xFF) << 8 + | (result[3] & 0xFF); if (Configuration.DEBUG) log.finer("SASL buffer size: " + bufferLength); if (bufferLength > maxRawSendSize || bufferLength < 0) @@ -382,10 +366,9 @@ public class SaslInputStream extends InputStream log.throwing(this.getClass().getName(), "readSaslBuffer", x); throw x; } - if (realLength != bufferLength) - throw new IOException("Was expecting " + bufferLength - + " but found " + realLength); + throw new IOException("Was expecting " + bufferLength + " but found " + + realLength); if (Configuration.DEBUG) { log.finer("Incoming buffer (before security) (hex): " @@ -397,7 +380,6 @@ public class SaslInputStream extends InputStream result = client.unwrap(result, 0, realLength); else result = server.unwrap(result, 0, realLength); - if (Configuration.DEBUG) { log.finer("Incoming buffer (after security) (hex): " @@ -408,4 +390,4 @@ public class SaslInputStream extends InputStream } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/SaslOutputStream.java b/gnu/javax/crypto/sasl/SaslOutputStream.java index ce9d93242..d21f1f37a 100644 --- a/gnu/javax/crypto/sasl/SaslOutputStream.java +++ b/gnu/javax/crypto/sasl/SaslOutputStream.java @@ -53,7 +53,8 @@ import javax.security.sasl.SaslServer; * An output stream that uses either a {@link SaslClient} or a {@link SaslServer} * to process the data through these entities' security layer filter(s). */ -public class SaslOutputStream extends OutputStream +public class SaslOutputStream + extends OutputStream { private static final Logger log = Logger.getLogger(SaslOutputStream.class.getName()); private SaslClient client; @@ -61,16 +62,14 @@ public class SaslOutputStream extends OutputStream private int maxRawSendSize; private OutputStream dest; - // Constructor(s) - // ------------------------------------------------------------------------- - public SaslOutputStream(SaslClient client, OutputStream dest) throws IOException { super(); this.client = client; - maxRawSendSize = Integer.parseInt((String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) client.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); server = null; this.dest = dest; } @@ -81,17 +80,12 @@ public class SaslOutputStream extends OutputStream super(); this.server = server; - maxRawSendSize = Integer.parseInt((String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE)); + String size = (String) server.getNegotiatedProperty(Sasl.RAW_SEND_SIZE); + maxRawSendSize = Integer.parseInt(size); client = null; this.dest = dest; } - // Class methods - // ------------------------------------------------------------------------- - - // Overloaded java.io.OutputStream methods - // ------------------------------------------------------------------------- - public void close() throws IOException { dest.flush(); @@ -126,8 +120,7 @@ public class SaslOutputStream extends OutputStream log.entering(this.getClass().getName(), "write"); if ((off < 0) || (off > b.length) || (len < 0) || ((off + len) > b.length) || ((off + len) < 0)) - throw new IndexOutOfBoundsException("off=" + off - + ", len=" + len + throw new IndexOutOfBoundsException("off=" + off + ", len=" + len + ", b.length=" + b.length); if (len == 0) { @@ -163,14 +156,12 @@ public class SaslOutputStream extends OutputStream } length = output.length; result = new byte[length + 4]; - result[0] = (byte) (length >>> 24); - result[1] = (byte) (length >>> 16); - result[2] = (byte) (length >>> 8); + result[0] = (byte)(length >>> 24); + result[1] = (byte)(length >>> 16); + result[2] = (byte)(length >>> 8); result[3] = (byte) length; System.arraycopy(output, 0, result, 4, length); - dest.write(result); - off += chunckSize; len -= chunckSize; if (Configuration.DEBUG) @@ -181,4 +172,4 @@ public class SaslOutputStream extends OutputStream if (Configuration.DEBUG) log.exiting(this.getClass().getName(), "write"); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/SaslUtil.java b/gnu/javax/crypto/sasl/SaslUtil.java index cb8d88e69..4b0b697fe 100644 --- a/gnu/javax/crypto/sasl/SaslUtil.java +++ b/gnu/javax/crypto/sasl/SaslUtil.java @@ -47,30 +47,17 @@ import java.security.MessageDigest; */ public class SaslUtil { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - private SaslUtil() { super(); } - // Class methods - // ------------------------------------------------------------------------- - public static final boolean validEmailAddress(String address) { // need to do better than this return (address.indexOf("@") != -1); } - // Visualisation methods - // ------------------------------------------------------------------------- - /** Returns the context of the designated hash as a string. */ public static final String dump(MessageDigest md) { @@ -85,4 +72,4 @@ public class SaslUtil } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/ServerFactory.java b/gnu/javax/crypto/sasl/ServerFactory.java index e9b08dbd4..7aa379628 100644 --- a/gnu/javax/crypto/sasl/ServerFactory.java +++ b/gnu/javax/crypto/sasl/ServerFactory.java @@ -62,53 +62,33 @@ import javax.security.sasl.SaslServerFactory; /** * The implementation of the {@link SaslServerFactory}. */ -public class ServerFactory implements SaslServerFactory +public class ServerFactory + implements SaslServerFactory { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - public static final Set getNames() { - return Collections.unmodifiableSet(new HashSet( - Arrays.asList(getNamesInternal(null)))); + return Collections.unmodifiableSet(new HashSet(Arrays.asList(getNamesInternal(null)))); } private static final String[] getNamesInternal(Map props) { - String[] all = new String[] { Registry.SASL_SRP_MECHANISM, - Registry.SASL_CRAM_MD5_MECHANISM, - Registry.SASL_PLAIN_MECHANISM, - Registry.SASL_ANONYMOUS_MECHANISM }; - + String[] all = new String[] { + Registry.SASL_SRP_MECHANISM, + Registry.SASL_CRAM_MD5_MECHANISM, + Registry.SASL_PLAIN_MECHANISM, + Registry.SASL_ANONYMOUS_MECHANISM }; List result = new ArrayList(4); int i; for (i = 0; i < all.length;) - { - result.add(all[i++]); - } - + result.add(all[i++]); if (props == null) - { - return (String[]) result.toArray(new String[0]); // all - } - if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) - { // none - return new String[0]; - } - + return (String[]) result.toArray(new String[0]); // all + if (hasPolicy(Sasl.POLICY_PASS_CREDENTIALS, props)) // none + return new String[0]; if (hasPolicy(Sasl.POLICY_NOPLAINTEXT, props)) - { - result.remove(Registry.SASL_PLAIN_MECHANISM); - } + result.remove(Registry.SASL_PLAIN_MECHANISM); if (hasPolicy(Sasl.POLICY_NOACTIVE, props)) { result.remove(Registry.SASL_CRAM_MD5_MECHANISM); @@ -135,32 +115,19 @@ public class ServerFactory implements SaslServerFactory public static final ServerMechanism getInstance(String mechanism) { if (mechanism == null) - { - return null; - } + return null; mechanism = mechanism.trim().toUpperCase(); if (mechanism.equals(Registry.SASL_SRP_MECHANISM)) - { - return new SRPServer(); - } + return new SRPServer(); if (mechanism.equals(Registry.SASL_CRAM_MD5_MECHANISM)) - { - return new CramMD5Server(); - } + return new CramMD5Server(); if (mechanism.equals(Registry.SASL_PLAIN_MECHANISM)) - { - return new PlainServer(); - } + return new PlainServer(); if (mechanism.equals(Registry.SASL_ANONYMOUS_MECHANISM)) - { - return new AnonymousServer(); - } + return new AnonymousServer(); return null; } - // Instance methods - // ------------------------------------------------------------------------- - public SaslServer createSaslServer(String mechanism, String protocol, String serverName, Map props, CallbackHandler cbh) throws SaslException @@ -170,13 +137,10 @@ public class ServerFactory implements SaslServerFactory { HashMap attributes = new HashMap(); if (props != null) - { - attributes.putAll(props); - } + attributes.putAll(props); attributes.put(Registry.SASL_PROTOCOL, protocol); attributes.put(Registry.SASL_SERVER_NAME, serverName); attributes.put(Registry.SASL_CALLBACK_HANDLER, cbh); - result.init(attributes); } return result; @@ -191,4 +155,4 @@ public class ServerFactory implements SaslServerFactory { return "true".equalsIgnoreCase(String.valueOf(props.get(propertyName))); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/ServerMechanism.java b/gnu/javax/crypto/sasl/ServerMechanism.java index f12a075d9..75603a14a 100644 --- a/gnu/javax/crypto/sasl/ServerMechanism.java +++ b/gnu/javax/crypto/sasl/ServerMechanism.java @@ -45,51 +45,36 @@ import java.util.Map; import javax.security.auth.callback.CallbackHandler; import javax.security.sasl.Sasl; -import javax.security.sasl.SaslServer; import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; /** - * <p>A base class to facilitate implementing SASL server-side mechanisms.</p> + * A base class to facilitate implementing SASL server-side mechanisms. */ -public abstract class ServerMechanism implements SaslServer +public abstract class ServerMechanism + implements SaslServer { - - // Constants and variables - // ------------------------------------------------------------------------- - /** Name of this mechanism. */ protected String mechanism; - /** Name of protocol using this mechanism. */ protected String protocol; - /** Name of server to authenticate to. */ protected String serverName; - /** Properties of qualities desired for this mechanism. */ protected Map properties; - /** Callback handler to use with this mechanism instance. */ protected CallbackHandler handler; - /** Whether authentication phase is completed (true) or not (false). */ protected boolean complete = false; - /** The authorisation identity. */ protected String authorizationID; - /** Channel binding data to use with this mechanism instance. */ protected byte[] channelBinding; - /** The state of the authentication automaton. -1 means uninitialised. */ protected int state = -1; - /** The provider for authentication information. */ protected IAuthInfoProvider authenticator; - // Constructor(s) - // ------------------------------------------------------------------------- - protected ServerMechanism(final String mechanism) { super(); @@ -99,20 +84,10 @@ public abstract class ServerMechanism implements SaslServer this.state = -1; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods to be implemented by concrete subclasses --------------- - protected abstract void initMechanism() throws SaslException; protected abstract void resetMechanism() throws SaslException; - // javax.security.sasl.SaslServer interface implementation ----------------- - public abstract byte[] evaluateResponse(byte[] response) throws SaslException; public boolean isComplete() @@ -123,20 +98,16 @@ public abstract class ServerMechanism implements SaslServer public byte[] unwrap(final byte[] incoming, final int offset, final int len) throws SaslException { - if (!isComplete()) - { - throw new IllegalMechanismStateException(); - } + if (! isComplete()) + throw new IllegalMechanismStateException(); return this.engineUnwrap(incoming, offset, len); } public byte[] wrap(final byte[] outgoing, final int offset, final int len) throws SaslException { - if (!isComplete()) - { - throw new IllegalMechanismStateException(); - } + if (! isComplete()) + throw new IllegalMechanismStateException(); return this.engineWrap(outgoing, offset, len); } @@ -152,58 +123,32 @@ public abstract class ServerMechanism implements SaslServer public Object getNegotiatedProperty(final String propName) { - if (!isComplete()) - { - throw new IllegalStateException(); - } + if (! isComplete()) + throw new IllegalStateException(); if (Sasl.QOP.equals(propName)) - { - return getNegotiatedQOP(); - } + return getNegotiatedQOP(); if (Sasl.STRENGTH.equals(propName)) - { - return getNegotiatedStrength(); - } + return getNegotiatedStrength(); if (Sasl.SERVER_AUTH.equals(propName)) - { - return getNegotiatedServerAuth(); - } + return getNegotiatedServerAuth(); if (Sasl.MAX_BUFFER.equals(propName)) - { - return getNegotiatedMaxBuffer(); - } + return getNegotiatedMaxBuffer(); if (Sasl.RAW_SEND_SIZE.equals(propName)) - { - return getNegotiatedRawSendSize(); - } + return getNegotiatedRawSendSize(); if (Sasl.POLICY_NOPLAINTEXT.equals(propName)) - { - return getNegotiatedPolicyNoPlainText(); - } + return getNegotiatedPolicyNoPlainText(); if (Sasl.POLICY_NOACTIVE.equals(propName)) - { - return getNegotiatedPolicyNoActive(); - } + return getNegotiatedPolicyNoActive(); if (Sasl.POLICY_NODICTIONARY.equals(propName)) - { - return getNegotiatedPolicyNoDictionary(); - } + return getNegotiatedPolicyNoDictionary(); if (Sasl.POLICY_NOANONYMOUS.equals(propName)) - { - return getNegotiatedPolicyNoAnonymous(); - } + return getNegotiatedPolicyNoAnonymous(); if (Sasl.POLICY_FORWARD_SECRECY.equals(propName)) - { - return getNegotiatedPolicyForwardSecrecy(); - } + return getNegotiatedPolicyForwardSecrecy(); if (Sasl.POLICY_PASS_CREDENTIALS.equals(propName)) - { - return getNegotiatedPolicyPassCredentials(); - } + return getNegotiatedPolicyPassCredentials(); if (Sasl.REUSE.equals(propName)) - { - return getReuse(); - } + return getReuse(); return null; } @@ -212,8 +157,6 @@ public abstract class ServerMechanism implements SaslServer reset(); } - // other Instance methods -------------------------------------------------- - protected String getNegotiatedQOP() { return Registry.QOP_AUTH; @@ -291,30 +234,23 @@ public abstract class ServerMechanism implements SaslServer } /** - * <p>Initialises the mechanism with designated attributes. Permissible names - * and values are mechanism specific.</p> - * + * Initialises the mechanism with designated attributes. Permissible names and + * values are mechanism specific. + * * @param attributes a set of name-value pairs that describes the desired - * future behaviour of this instance. + * future behaviour of this instance. * @throws IllegalMechanismStateException if the instance is already - * initialised. + * initialised. * @throws SaslException if an exception occurs during the process. */ public void init(final Map attributes) throws SaslException { if (state != -1) - { - throw new IllegalMechanismStateException("init()"); - } - + throw new IllegalMechanismStateException("init()"); if (properties == null) - { - properties = new HashMap(); - } + properties = new HashMap(); else - { - properties.clear(); - } + properties.clear(); if (attributes != null) { protocol = (String) attributes.get(Registry.SASL_PROTOCOL); @@ -324,35 +260,24 @@ public abstract class ServerMechanism implements SaslServer properties.putAll(attributes); } else - { - handler = null; - } - + handler = null; if (protocol == null) - { - protocol = ""; - } + protocol = ""; if (serverName == null) - { - serverName = ""; - } + serverName = ""; if (authenticator != null) - { - authenticator.activate(properties); - } + authenticator.activate(properties); if (channelBinding == null) - { - channelBinding = new byte[0]; - } + channelBinding = new byte[0]; initMechanism(); complete = false; state = 0; } /** - * <p>Resets the mechanism instance for re-initialisation and use with other - * characteristics.</p> - * + * Resets the mechanism instance for re-initialisation and use with other + * characteristics. + * * @throws SaslException if an exception occurs during the process. */ public void reset() throws SaslException @@ -360,12 +285,10 @@ public abstract class ServerMechanism implements SaslServer resetMechanism(); properties.clear(); if (authenticator != null) - { - authenticator.passivate(); - } + authenticator.passivate(); protocol = serverName = null; channelBinding = null; complete = false; state = -1; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/UserAlreadyExistsException.java b/gnu/javax/crypto/sasl/UserAlreadyExistsException.java index 764a36df3..1563be917 100644 --- a/gnu/javax/crypto/sasl/UserAlreadyExistsException.java +++ b/gnu/javax/crypto/sasl/UserAlreadyExistsException.java @@ -44,9 +44,9 @@ import javax.security.sasl.SaslException; * A checked exception thrown to indicate that a designated user is already * known to the the authentication layer. */ -public class UserAlreadyExistsException extends SaslException +public class UserAlreadyExistsException + extends SaslException { - /** * Constructs a <code>UserAlreadyExistsException</code> with no detail * message. @@ -60,7 +60,7 @@ public class UserAlreadyExistsException extends SaslException * Constructs a <code>UserAlreadyExistsException</code> with the specified * detail message. In the case of this exception, the detail message * designates the offending username. - * + * * @param userName the detail message, which in this case is the username. */ public UserAlreadyExistsException(String userName) diff --git a/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java b/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java index f5b1faab2..87f5e5fb5 100644 --- a/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java +++ b/gnu/javax/crypto/sasl/anonymous/AnonymousClient.java @@ -44,35 +44,22 @@ import gnu.javax.crypto.sasl.IllegalMechanismStateException; import java.io.UnsupportedEncodingException; +import javax.security.sasl.AuthenticationException; import javax.security.sasl.SaslClient; import javax.security.sasl.SaslException; -import javax.security.sasl.AuthenticationException; /** - * <p>The ANONYMOUS client-side mechanism.</p> + * The ANONYMOUS client-side mechanism. */ -public class AnonymousClient extends ClientMechanism implements SaslClient +public class AnonymousClient + extends ClientMechanism + implements SaslClient { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - public AnonymousClient() { super(Registry.SASL_ANONYMOUS_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -81,8 +68,6 @@ public class AnonymousClient extends ClientMechanism implements SaslClient { } - // javax.security.sasl.SaslClient interface implementation ----------------- - public boolean hasInitialResponse() { return true; @@ -99,13 +84,10 @@ public class AnonymousClient extends ClientMechanism implements SaslClient private byte[] response() throws SaslException { - if (!AnonymousUtil.isValidTraceInformation(authorizationID)) - { - throw new AuthenticationException( - "Authorisation ID is not a valid email address"); - } + if (! AnonymousUtil.isValidTraceInformation(authorizationID)) + throw new AuthenticationException( + "Authorisation ID is not a valid email address"); complete = true; - // return authorizationID.getBytes(); final byte[] result; try { @@ -117,4 +99,4 @@ public class AnonymousClient extends ClientMechanism implements SaslClient } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java b/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java index 2c10f78a7..76456044c 100644 --- a/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java +++ b/gnu/javax/crypto/sasl/anonymous/AnonymousServer.java @@ -50,28 +50,15 @@ import javax.security.sasl.SaslServer; /** * The ANONYMOUS server-side mechanism. */ -public class AnonymousServer extends ServerMechanism implements SaslServer +public class AnonymousServer + extends ServerMechanism + implements SaslServer { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - public AnonymousServer() { super(Registry.SASL_ANONYMOUS_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -80,14 +67,10 @@ public class AnonymousServer extends ServerMechanism implements SaslServer { } - // javax.security.sasl.SaslServer interface implementation ----------------- - public byte[] evaluateResponse(final byte[] response) throws SaslException { if (response == null) - { - return null; - } + return null; try { authorizationID = new String(response, "UTF-8"); @@ -104,4 +87,4 @@ public class AnonymousServer extends ServerMechanism implements SaslServer authorizationID = null; throw new AuthenticationException("Invalid email address"); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java b/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java index 99e95eaec..9047ebd5c 100644 --- a/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java +++ b/gnu/javax/crypto/sasl/anonymous/AnonymousUtil.java @@ -45,65 +45,39 @@ import gnu.javax.crypto.sasl.SaslUtil; */ public class AnonymousUtil { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - /** Trivial private constructor to enforce Singleton pattern. */ private AnonymousUtil() { super(); } - // Class methods - // ------------------------------------------------------------------------- - static boolean isValidTraceInformation(String traceInformation) { if (traceInformation == null) - { - return false; - } + return false; if (traceInformation.length() == 0) - { - return true; - } + return true; if (SaslUtil.validEmailAddress(traceInformation)) - { - return true; - } + return true; return isValidToken(traceInformation); } static boolean isValidToken(String token) { if (token == null) - { - return false; - } + return false; if (token.length() == 0) - { - return false; - } + return false; if (token.length() > 255) - { - return false; - } + return false; if (token.indexOf('@') != -1) - { - return false; - } + return false; for (int i = 0; i < token.length(); i++) { char c = token.charAt(i); if (c < 0x20 || c > 0x7E) - { - return false; - } + return false; } return true; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java b/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java index cf73b6f98..dec0366c0 100644 --- a/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java +++ b/gnu/javax/crypto/sasl/crammd5/CramMD5AuthInfoProvider.java @@ -51,44 +51,26 @@ import javax.security.sasl.AuthenticationException; /** * The CRAM-MD5 mechanism authentication information provider implementation. */ -public class CramMD5AuthInfoProvider implements IAuthInfoProvider +public class CramMD5AuthInfoProvider + implements IAuthInfoProvider { - - // Constants and variables - // ------------------------------------------------------------------------- - private PasswordFile passwordFile = null; - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-args constrcutor - // Class methods - // ------------------------------------------------------------------------- - - // IAuthInfoProvider interface implementation - // ------------------------------------------------------------------------- - public void activate(Map context) throws AuthenticationException { try { if (context == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else { String pfn = (String) context.get(CramMD5Registry.PASSWORD_FILE); if (pfn == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else - { - passwordFile = new PasswordFile(pfn); - } + passwordFile = new PasswordFile(pfn); } } catch (IOException x) @@ -105,10 +87,8 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider public boolean contains(String userName) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("contains()", - new IllegalStateException()); - } + throw new AuthenticationException("contains()", + new IllegalStateException()); boolean result = false; try { @@ -124,18 +104,13 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider public Map lookup(Map userID) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("lookup()", - new IllegalStateException()); - } + throw new AuthenticationException("lookup()", new IllegalStateException()); Map result = new HashMap(); try { String userName = (String) userID.get(Registry.SASL_USERNAME); if (userName == null) - { - throw new NoSuchUserException(""); - } + throw new NoSuchUserException(""); String[] data = passwordFile.lookup(userName); result.put(Registry.SASL_USERNAME, data[0]); result.put(Registry.SASL_PASSWORD, data[1]); @@ -148,9 +123,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } + throw (AuthenticationException) x; throw new AuthenticationException("lookup()", x); } return result; @@ -159,10 +132,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider public void update(Map userCredentials) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("update()", - new IllegalStateException()); - } + throw new AuthenticationException("update()", new IllegalStateException()); try { String userName = (String) userCredentials.get(Registry.SASL_USERNAME); @@ -174,9 +144,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider String shell = (String) userCredentials.get(CramMD5Registry.SHELL_FIELD); if (uid == null || gid == null || gecos == null || dir == null || shell == null) - { - passwordFile.changePasswd(userName, password); - } + passwordFile.changePasswd(userName, password); else { String[] attributes = new String[] { uid, gid, gecos, dir, shell }; @@ -186,9 +154,7 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } + throw (AuthenticationException) x; throw new AuthenticationException("update()", x); } } @@ -197,4 +163,4 @@ public class CramMD5AuthInfoProvider implements IAuthInfoProvider { throw new AuthenticationException("", new UnsupportedOperationException()); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java b/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java index 094109ff9..c90cbe986 100644 --- a/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java +++ b/gnu/javax/crypto/sasl/crammd5/CramMD5Client.java @@ -56,25 +56,15 @@ import javax.security.sasl.SaslException; /** * The CRAM-MD5 SASL client-side mechanism. */ -public class CramMD5Client extends ClientMechanism implements SaslClient +public class CramMD5Client + extends ClientMechanism + implements SaslClient { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - public CramMD5Client() { super(Registry.SASL_CRAM_MD5_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -83,8 +73,6 @@ public class CramMD5Client extends ClientMechanism implements SaslClient { } - // javax.security.sasl.SaslClient interface implementation ----------------- - public boolean hasInitialResponse() { return false; @@ -93,30 +81,22 @@ public class CramMD5Client extends ClientMechanism implements SaslClient public byte[] evaluateChallenge(final byte[] challenge) throws SaslException { if (challenge == null) - { - throw new SaslException("null challenge"); - } + throw new SaslException("null challenge"); try { final String username; final char[] password; Callback[] callbacks; - - if ((!properties.containsKey(Registry.SASL_USERNAME)) - && (!properties.containsKey(Registry.SASL_PASSWORD))) + if ((! properties.containsKey(Registry.SASL_USERNAME)) + && (! properties.containsKey(Registry.SASL_PASSWORD))) { callbacks = new Callback[2]; - final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); final PasswordCallback pwdCB = new PasswordCallback("password: ", false); callbacks[0] = nameCB; @@ -128,47 +108,35 @@ public class CramMD5Client extends ClientMechanism implements SaslClient else { if (properties.containsKey(Registry.SASL_USERNAME)) - { - username = (String) properties.get(Registry.SASL_USERNAME); - } + username = (String) properties.get(Registry.SASL_USERNAME); else { callbacks = new Callback[1]; final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); callbacks[0] = nameCB; this.handler.handle(callbacks); username = nameCB.getName(); } if (properties.containsKey(Registry.SASL_PASSWORD)) - { - password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); - } + password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); else { callbacks = new Callback[1]; - final PasswordCallback pwdCB = new PasswordCallback( - "password: ", + final PasswordCallback pwdCB = new PasswordCallback("password: ", false); callbacks[0] = pwdCB; this.handler.handle(callbacks); password = pwdCB.getPassword(); } } - if (password == null) - { - throw new SaslException("null password supplied"); - } + throw new SaslException("null password supplied"); final byte[] digest; try { @@ -181,7 +149,6 @@ public class CramMD5Client extends ClientMechanism implements SaslClient final String response = username + " " + Util.toString(digest).toLowerCase(); this.complete = true; - return response.getBytes("UTF-8"); } catch (UnsupportedCallbackException x) @@ -198,4 +165,4 @@ public class CramMD5Client extends ClientMechanism implements SaslClient { return Registry.QOP_AUTH; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java b/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java index 1c61cace4..bbd46a3f2 100644 --- a/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java +++ b/gnu/javax/crypto/sasl/crammd5/CramMD5Registry.java @@ -45,22 +45,16 @@ public interface CramMD5Registry { /** Name of the password file (used by the server) property. */ String PASSWORD_FILE = "gnu.crypto.sasl.crammd5.password.file"; - /** Default password file (used by the server) pathname. */ String DEFAULT_PASSWORD_FILE = "/etc/passwd"; - /** Name of the UID field in the plain password file. */ String UID_FIELD = "crammd5.uid"; - /** Name of the GID field in the plain password file. */ String GID_FIELD = "crammd5.gid"; - /** Name of the GECOS field in the plain password file. */ String GECOS_FIELD = "crammd5.gecos"; - /** Name of the DIR field in the plain password file. */ String DIR_FIELD = "crammd5.dir"; - /** Name of the SHELL field in the plain password file. */ String SHELL_FIELD = "crammd5.shell"; -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java b/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java index d6622b6db..9be03414b 100644 --- a/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java +++ b/gnu/javax/crypto/sasl/crammd5/CramMD5Server.java @@ -55,29 +55,19 @@ import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; /** - * <p>The CRAM-MD5 SASL server-side mechanism.</p> + * The CRAM-MD5 SASL server-side mechanism. */ -public class CramMD5Server extends ServerMechanism implements SaslServer +public class CramMD5Server + extends ServerMechanism + implements SaslServer { - - // Constants and variables - // ------------------------------------------------------------------------- - private byte[] msgID; - // Constructor(s) - // ------------------------------------------------------------------------- - public CramMD5Server() { super(Registry.SASL_CRAM_MD5_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -86,8 +76,6 @@ public class CramMD5Server extends ServerMechanism implements SaslServer { } - // javax.security.sasl.SaslServer interface implementation ----------------- - public byte[] evaluateResponse(final byte[] response) throws SaslException { if (state == 0) @@ -96,7 +84,6 @@ public class CramMD5Server extends ServerMechanism implements SaslServer state++; return msgID; } - final String responseStr = new String(response); final int index = responseStr.lastIndexOf(" "); final String username = responseStr.substring(0, index); @@ -109,10 +96,8 @@ public class CramMD5Server extends ServerMechanism implements SaslServer { throw new AuthenticationException("evaluateResponse()", x); } - // Look up the password final char[] password = lookupPassword(username); - // Compute the digest byte[] digest; try @@ -125,19 +110,15 @@ public class CramMD5Server extends ServerMechanism implements SaslServer } try { - // digest = (new String(Util.toString(digest).toLowerCase())).getBytes("UTF-8"); digest = Util.toString(digest).toLowerCase().getBytes("UTF-8"); } catch (UnsupportedEncodingException x) { throw new AuthenticationException("evaluateResponse()", x); } - // Compare the received and computed digests - if (!Arrays.equals(digest, responseDigest)) - { - throw new AuthenticationException("Digest mismatch"); - } + if (! Arrays.equals(digest, responseDigest)) + throw new AuthenticationException("Digest mismatch"); state++; return null; } @@ -152,34 +133,26 @@ public class CramMD5Server extends ServerMechanism implements SaslServer return Registry.QOP_AUTH; } - // Other instance methods -------------------------------------------------- - private char[] lookupPassword(final String userName) throws SaslException { try { - if (!authenticator.contains(userName)) - { - throw new NoSuchUserException(userName); - } + if (! authenticator.contains(userName)) + throw new NoSuchUserException(userName); final Map userID = new HashMap(); userID.put(Registry.SASL_USERNAME, userName); final Map credentials = authenticator.lookup(userID); final String password = (String) credentials.get(Registry.SASL_PASSWORD); if (password == null) - { - throw new AuthenticationException("lookupPassword()", - new InternalError()); - } + throw new AuthenticationException("lookupPassword()", + new InternalError()); return password.toCharArray(); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new AuthenticationException("lookupPassword()", x); } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java b/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java index 6e7539349..214551221 100644 --- a/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java +++ b/gnu/javax/crypto/sasl/crammd5/CramMD5Util.java @@ -56,29 +56,17 @@ import javax.security.sasl.SaslException; */ class CramMD5Util { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - private CramMD5Util() { super(); } - // Class methods - // ------------------------------------------------------------------------- - static byte[] createMsgID() throws SaslException { - // <process-ID.clock@hostname> final String encoded; try { - encoded = Util.toBase64(Thread.currentThread().getName().getBytes( - "UTF-8")); + encoded = Util.toBase64(Thread.currentThread().getName().getBytes("UTF-8")); } catch (UnsupportedEncodingException x) { @@ -92,20 +80,15 @@ class CramMD5Util catch (UnknownHostException ignored) { } - final byte[] result; try { - result = new StringBuffer().append("<").append( - encoded.substring( - 0, - encoded.length())).append( - ".").append( - String.valueOf(System.currentTimeMillis())).append( - "@").append( - hostname).append( - ">").toString().getBytes( - "UTF-8"); + result = new StringBuffer("<") + .append(encoded.substring(0,encoded.length())) + .append(".").append(String.valueOf(System.currentTimeMillis())) + .append("@").append(hostname).append(">") + .toString() + .getBytes("UTF-8"); } catch (UnsupportedEncodingException x) { @@ -134,4 +117,4 @@ class CramMD5Util mac.update(data, 0, data.length); return mac.digest(); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/crammd5/PasswordFile.java b/gnu/javax/crypto/sasl/crammd5/PasswordFile.java index 081af4615..df9521116 100644 --- a/gnu/javax/crypto/sasl/crammd5/PasswordFile.java +++ b/gnu/javax/crypto/sasl/crammd5/PasswordFile.java @@ -59,26 +59,16 @@ import java.util.StringTokenizer; */ public class PasswordFile { - - // Constants and variables - // ------------------------------------------------------------------------- - private static String DEFAULT_FILE; static { DEFAULT_FILE = System.getProperty(CramMD5Registry.PASSWORD_FILE, CramMD5Registry.DEFAULT_PASSWORD_FILE); } - private HashMap entries; - private File passwdFile; - private long lastmod; - // Constructor(s) - // ------------------------------------------------------------------------- - public PasswordFile() throws IOException { this(DEFAULT_FILE); @@ -95,25 +85,14 @@ public class PasswordFile update(); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - public synchronized void add(final String user, final String passwd, final String[] attributes) throws IOException { checkCurrent(); // check if the entry exists if (entries.containsKey(user)) - { - throw new UserAlreadyExistsException(user); - } + throw new UserAlreadyExistsException(user); if (attributes.length != 5) - { - throw new IllegalArgumentException("Wrong number of attributes"); - } - + throw new IllegalArgumentException("Wrong number of attributes"); final String[] fields = new String[7]; // create the new entry fields[0] = user; fields[1] = passwd; @@ -126,33 +105,26 @@ public class PasswordFile throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { // check if the entry exists - throw new NoSuchUserException(user); - } - - final String[] fields = (String[]) entries.get(user); // get the existing entry + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); + final String[] fields = (String[]) entries.get(user); // get existing entry fields[1] = passwd; // modify the password field entries.remove(user); // delete the existing entry entries.put(user, fields); // add the new entry - savePasswd(); } public synchronized String[] lookup(final String user) throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { - throw new NoSuchUserException(user); - } + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); return (String[]) entries.get(user); } public synchronized boolean contains(final String s) throws IOException { checkCurrent(); - return entries.containsKey(s); } @@ -165,9 +137,7 @@ public class PasswordFile private void checkCurrent() throws IOException { if (passwdFile.lastModified() > lastmod) - { - update(); - } + update(); } private synchronized void readPasswd(final InputStream in) throws IOException @@ -183,68 +153,39 @@ public class PasswordFile { fields[0] = st.nextToken(); // username st.nextToken(); - fields[1] = st.nextToken(); // passwd if (fields[1].equals(":")) - { - fields[1] = ""; - } + fields[1] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[2] = st.nextToken(); // uid if (fields[2].equals(":")) - { - fields[2] = ""; - } + fields[2] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[3] = st.nextToken(); // gid if (fields[3].equals(":")) - { - fields[3] = ""; - } + fields[3] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[4] = st.nextToken(); // gecos if (fields[4].equals(":")) - { - fields[4] = ""; - } + fields[4] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[5] = st.nextToken(); // dir if (fields[5].equals(":")) - { - fields[5] = ""; - } + fields[5] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[6] = st.nextToken(); // shell if (fields[6].equals(":")) - { - fields[6] = ""; - } + fields[6] = ""; } catch (NoSuchElementException x) { continue; } - entries.put(fields[0], fields); } } @@ -268,25 +209,21 @@ public class PasswordFile fields = (String[]) entries.get(key); sb = new StringBuffer(fields[0]); for (i = 1; i < fields.length; i++) - { - sb.append(":").append(fields[i]); - } + sb.append(":").append(fields[i]); pw.println(sb.toString()); } } finally { if (pw != null) - { - try - { - pw.flush(); - } - finally - { - pw.close(); - } - } + try + { + pw.flush(); + } + finally + { + pw.close(); + } try { fos.close(); @@ -298,4 +235,4 @@ public class PasswordFile } } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/plain/PasswordFile.java b/gnu/javax/crypto/sasl/plain/PasswordFile.java index 4ef6b8541..8ad225ab9 100644 --- a/gnu/javax/crypto/sasl/plain/PasswordFile.java +++ b/gnu/javax/crypto/sasl/plain/PasswordFile.java @@ -39,7 +39,6 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.plain; import gnu.classpath.SystemProperties; - import gnu.javax.crypto.sasl.NoSuchUserException; import gnu.javax.crypto.sasl.UserAlreadyExistsException; @@ -47,41 +46,30 @@ import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; +import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; -import java.io.IOException; import java.io.PrintWriter; import java.util.Enumeration; import java.util.Hashtable; -import java.util.StringTokenizer; import java.util.NoSuchElementException; +import java.util.StringTokenizer; /** * A representation of a Plain password file. */ public class PasswordFile { - - // Constants and variables - // ------------------------------------------------------------------------- - private static String DEFAULT_FILE; static { DEFAULT_FILE = SystemProperties.getProperty(PlainRegistry.PASSWORD_FILE, PlainRegistry.DEFAULT_PASSWORD_FILE); } - private Hashtable entries; - private File passwdFile; - - // private String[] last_params; private long lastmod; - // Constructor(s) - // ------------------------------------------------------------------------- - public PasswordFile() throws IOException { this(DEFAULT_FILE); @@ -98,31 +86,20 @@ public class PasswordFile update(); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - public synchronized void add(String user, String passwd, String[] attributes) throws IOException { checkCurrent(); if (entries.containsKey(user)) - { - throw new UserAlreadyExistsException(user); - } + throw new UserAlreadyExistsException(user); if (attributes.length != 5) - { - throw new IllegalArgumentException("Wrong number of attributes"); - } + throw new IllegalArgumentException("Wrong number of attributes"); // create the new entry String[] fields = new String[7]; fields[0] = user; fields[1] = passwd; System.arraycopy(attributes, 0, fields, 2, 5); entries.put(user, fields); - savePasswd(); } @@ -130,26 +107,20 @@ public class PasswordFile throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { - throw new NoSuchUserException(user); - } - + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); String[] fields = (String[]) entries.get(user); // get the existing entry fields[1] = passwd; // modify the password field entries.remove(user); // delete the existing entry entries.put(user, fields); // add the new entry - savePasswd(); } public synchronized String[] lookup(String user) throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { - throw new NoSuchUserException(user); - } + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); return (String[]) entries.get(user); } @@ -159,8 +130,6 @@ public class PasswordFile return entries.containsKey(s); } - //----------------------------------------------------------------// - private synchronized void update() throws IOException { lastmod = passwdFile.lastModified(); @@ -170,9 +139,7 @@ public class PasswordFile private void checkCurrent() throws IOException { if (passwdFile.lastModified() > lastmod) - { - update(); - } + update(); } private synchronized void readPasswd(InputStream in) throws IOException @@ -188,68 +155,39 @@ public class PasswordFile { fields[0] = st.nextToken(); // username st.nextToken(); - fields[1] = st.nextToken(); // passwd if (fields[1].equals(":")) - { - fields[1] = ""; - } + fields[1] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[2] = st.nextToken(); // uid if (fields[2].equals(":")) - { - fields[2] = ""; - } + fields[2] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[3] = st.nextToken(); // gid if (fields[3].equals(":")) - { - fields[3] = ""; - } + fields[3] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[4] = st.nextToken(); // gecos if (fields[4].equals(":")) - { - fields[4] = ""; - } + fields[4] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[5] = st.nextToken(); // dir if (fields[5].equals(":")) - { - fields[5] = ""; - } + fields[5] = ""; else - { - st.nextToken(); - } - + st.nextToken(); fields[6] = st.nextToken(); // shell if (fields[6].equals(":")) - { - fields[6] = ""; - } + fields[6] = ""; } catch (NoSuchElementException ignored) { continue; } - entries.put(fields[0], fields); } } @@ -273,37 +211,31 @@ public class PasswordFile fields = (String[]) entries.get(key); sb = new StringBuffer(fields[0]); for (int i = 1; i < fields.length; i++) - { - sb.append(":" + fields[i]); - } + sb.append(":" + fields[i]); pw.println(sb.toString()); } } finally { if (pw != null) - { - try - { - pw.flush(); - } - finally - { - pw.close(); - } - } + try + { + pw.flush(); + } + finally + { + pw.close(); + } if (fos != null) - { - try - { - fos.close(); - } - catch (IOException ignored) - { - } - } + try + { + fos.close(); + } + catch (IOException ignored) + { + } lastmod = passwdFile.lastModified(); } } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java b/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java index 9882ce9bb..e0cf82fb6 100644 --- a/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java +++ b/gnu/javax/crypto/sasl/plain/PlainAuthInfoProvider.java @@ -51,44 +51,26 @@ import javax.security.sasl.AuthenticationException; /** * The PLAIN mechanism authentication information provider implementation. */ -public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry +public class PlainAuthInfoProvider + implements IAuthInfoProvider, PlainRegistry { - - // Constants and variables - // ------------------------------------------------------------------------- - private PasswordFile passwordFile = null; - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-args constrcutor - // Class methods - // ------------------------------------------------------------------------- - - // IAuthInfoProvider interface implementation - // ------------------------------------------------------------------------- - public void activate(Map context) throws AuthenticationException { try { if (context == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else { String pfn = (String) context.get(PASSWORD_FILE); if (pfn == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else - { - passwordFile = new PasswordFile(pfn); - } + passwordFile = new PasswordFile(pfn); } } catch (IOException x) @@ -105,10 +87,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry public boolean contains(String userName) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("contains()", - new IllegalStateException()); - } + throw new AuthenticationException("contains()", + new IllegalStateException()); boolean result = false; try { @@ -124,18 +104,13 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry public Map lookup(Map userID) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("lookup()", - new IllegalStateException()); - } + throw new AuthenticationException("lookup()", new IllegalStateException()); Map result = new HashMap(); try { String userName = (String) userID.get(Registry.SASL_USERNAME); if (userName == null) - { - throw new NoSuchUserException(""); - } + throw new NoSuchUserException(""); String[] data = passwordFile.lookup(userName); result.put(Registry.SASL_USERNAME, data[0]); result.put(Registry.SASL_PASSWORD, data[1]); @@ -148,13 +123,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } - else - { - throw new AuthenticationException("lookup()", x); - } + throw (AuthenticationException) x; + throw new AuthenticationException("lookup()", x); } return result; } @@ -162,10 +132,7 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry public void update(Map userCredentials) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("update()", - new IllegalStateException()); - } + throw new AuthenticationException("update()", new IllegalStateException()); try { String userName = (String) userCredentials.get(Registry.SASL_USERNAME); @@ -177,9 +144,7 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry String shell = (String) userCredentials.get(SHELL_FIELD); if (uid == null || gid == null || gecos == null || dir == null || shell == null) - { - passwordFile.changePasswd(userName, password); - } + passwordFile.changePasswd(userName, password); else { String[] attributes = new String[] { uid, gid, gecos, dir, shell }; @@ -189,13 +154,8 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } - else - { - throw new AuthenticationException("update()", x); - } + throw (AuthenticationException) x; + throw new AuthenticationException("update()", x); } } @@ -203,4 +163,4 @@ public class PlainAuthInfoProvider implements IAuthInfoProvider, PlainRegistry { throw new AuthenticationException("", new UnsupportedOperationException()); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/plain/PlainClient.java b/gnu/javax/crypto/sasl/plain/PlainClient.java index 066db3770..5c60578db 100644 --- a/gnu/javax/crypto/sasl/plain/PlainClient.java +++ b/gnu/javax/crypto/sasl/plain/PlainClient.java @@ -48,30 +48,17 @@ import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; /** - * <p>The PLAIN SASL client-side mechanism.</p> + * The PLAIN SASL client-side mechanism. */ -public class PlainClient extends ClientMechanism implements SaslClient +public class PlainClient + extends ClientMechanism + implements SaslClient { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - public PlainClient() { super(Registry.SASL_PLAIN_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -80,8 +67,6 @@ public class PlainClient extends ClientMechanism implements SaslClient { } - // javax.security.sasl.SaslClient interface implementation ----------------- - public boolean hasInitialResponse() { return true; @@ -94,22 +79,16 @@ public class PlainClient extends ClientMechanism implements SaslClient final String username; final char[] password; Callback[] callbacks; - - if ((!properties.containsKey(Registry.SASL_USERNAME)) - && (!properties.containsKey(Registry.SASL_PASSWORD))) + if ((! properties.containsKey(Registry.SASL_USERNAME)) + && (! properties.containsKey(Registry.SASL_PASSWORD))) { callbacks = new Callback[2]; - final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); final PasswordCallback pwdCB = new PasswordCallback("password: ", false); callbacks[0] = nameCB; @@ -121,67 +100,49 @@ public class PlainClient extends ClientMechanism implements SaslClient else { if (properties.containsKey(Registry.SASL_USERNAME)) - { - username = (String) properties.get(Registry.SASL_USERNAME); - } + username = (String) properties.get(Registry.SASL_USERNAME); else { callbacks = new Callback[1]; final NameCallback nameCB; final String defaultName = System.getProperty("user.name"); if (defaultName == null) - { - nameCB = new NameCallback("username: "); - } + nameCB = new NameCallback("username: "); else - { - nameCB = new NameCallback("username: ", defaultName); - } + nameCB = new NameCallback("username: ", defaultName); callbacks[0] = nameCB; this.handler.handle(callbacks); username = nameCB.getName(); } - if (properties.containsKey(Registry.SASL_PASSWORD)) - { - password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); - } + password = ((String) properties.get(Registry.SASL_PASSWORD)).toCharArray(); else { callbacks = new Callback[1]; - final PasswordCallback pwdCB = new PasswordCallback( - "password: ", + final PasswordCallback pwdCB = new PasswordCallback("password: ", false); callbacks[0] = pwdCB; this.handler.handle(callbacks); password = pwdCB.getPassword(); } } - if (password == null) - { - throw new SaslException("null password supplied"); - } + throw new SaslException("null password supplied"); final StringBuffer sb = new StringBuffer(); if (authorizationID != null) - { - sb.append(authorizationID); - } + sb.append(authorizationID); sb.append('\0'); sb.append(username); sb.append('\0'); sb.append(password); this.complete = true; - final byte[] response = sb.toString().getBytes("UTF-8"); return response; } catch (Exception x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("evaluateChallenge()", x); } } @@ -190,4 +151,4 @@ public class PlainClient extends ClientMechanism implements SaslClient { return Registry.QOP_AUTH; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/plain/PlainRegistry.java b/gnu/javax/crypto/sasl/plain/PlainRegistry.java index 0b48c0ad3..84e176053 100644 --- a/gnu/javax/crypto/sasl/plain/PlainRegistry.java +++ b/gnu/javax/crypto/sasl/plain/PlainRegistry.java @@ -40,28 +40,18 @@ package gnu.javax.crypto.sasl.plain; public interface PlainRegistry { - - // Constants - // ------------------------------------------------------------------------- - /** Name of PLAIN password file property. */ String PASSWORD_FILE = "gnu.crypto.sasl.plain.password.file"; - /** Default fully qualified pathname of the PLAIN password file. */ String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; - /** Name of the UID field in the plain password file. */ String UID_FIELD = "plain.uid"; - /** Name of the GID field in the plain password file. */ String GID_FIELD = "plain.gid"; - /** Name of the GECOS field in the plain password file. */ String GECOS_FIELD = "plain.gecos"; - /** Name of the DIR field in the plain password file. */ String DIR_FIELD = "plain.dir"; - /** Name of the SHELL field in the plain password file. */ String SHELL_FIELD = "plain.shell"; -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/plain/PlainServer.java b/gnu/javax/crypto/sasl/plain/PlainServer.java index 205688473..52deef51e 100644 --- a/gnu/javax/crypto/sasl/plain/PlainServer.java +++ b/gnu/javax/crypto/sasl/plain/PlainServer.java @@ -54,30 +54,17 @@ import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; /** - * <p>The PLAIN SASL server-side mechanism.</p> + * The PLAIN SASL server-side mechanism. */ -public class PlainServer extends ServerMechanism implements SaslServer +public class PlainServer + extends ServerMechanism + implements SaslServer { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - public PlainServer() { super(Registry.SASL_PLAIN_MECHANISM); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // abstract methods implementation ----------------------------------------- - protected void initMechanism() throws SaslException { } @@ -86,43 +73,27 @@ public class PlainServer extends ServerMechanism implements SaslServer { } - // javax.security.sasl.SaslServer interface implementation ----------------- - public byte[] evaluateResponse(final byte[] response) throws SaslException { if (response == null) - { - return null; - } + return null; try { final String nullStr = new String("\0"); - final StringTokenizer strtok = new StringTokenizer( - new String(response), + final StringTokenizer strtok = new StringTokenizer(new String(response), nullStr, true); - authorizationID = strtok.nextToken(); - if (!authorizationID.equals(nullStr)) - { - strtok.nextToken(); - } + if (! authorizationID.equals(nullStr)) + strtok.nextToken(); else - { - authorizationID = null; - } + authorizationID = null; final String id = strtok.nextToken(); if (id.equals(nullStr)) - { - throw new SaslException("No identity given"); - } + throw new SaslException("No identity given"); if (authorizationID == null) - { - authorizationID = id; - } - if ((!authorizationID.equals(nullStr)) && (!authorizationID.equals(id))) - { - throw new SaslException("Delegation not supported"); - } + authorizationID = id; + if ((! authorizationID.equals(nullStr)) && (! authorizationID.equals(id))) + throw new SaslException("Delegation not supported"); strtok.nextToken(); final byte[] pwd; try @@ -134,9 +105,7 @@ public class PlainServer extends ServerMechanism implements SaslServer throw new SaslException("evaluateResponse()", x); } if (pwd == null) - { - throw new SaslException("No password given"); - } + throw new SaslException("No password given"); final byte[] password; try { @@ -146,10 +115,8 @@ public class PlainServer extends ServerMechanism implements SaslServer { throw new SaslException("evaluateResponse()", x); } - if (!Arrays.equals(pwd, password)) - { - throw new SaslException("Password incorrect"); - } + if (! Arrays.equals(pwd, password)) + throw new SaslException("Password incorrect"); this.complete = true; return null; } @@ -164,33 +131,25 @@ public class PlainServer extends ServerMechanism implements SaslServer return Registry.QOP_AUTH; } - // other methods ----------------------------------------------------------- - private char[] lookupPassword(final String userName) throws SaslException { try { - if (!authenticator.contains(userName)) - { - throw new NoSuchUserException(userName); - } + if (! authenticator.contains(userName)) + throw new NoSuchUserException(userName); final Map userID = new HashMap(); userID.put(Registry.SASL_USERNAME, userName); final Map credentials = authenticator.lookup(userID); final String password = (String) credentials.get(Registry.SASL_PASSWORD); if (password == null) - { - throw new SaslException("lookupPassword()", new InternalError()); - } + throw new SaslException("lookupPassword()", new InternalError()); return password.toCharArray(); } catch (IOException x) { if (x instanceof SaslException) - { - throw (SaslException) x; - } + throw (SaslException) x; throw new SaslException("lookupPassword()", x); } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/CALG.java b/gnu/javax/crypto/sasl/srp/CALG.java index 6215783d6..308543230 100644 --- a/gnu/javax/crypto/sasl/srp/CALG.java +++ b/gnu/javax/crypto/sasl/srp/CALG.java @@ -58,65 +58,55 @@ import java.util.HashMap; import javax.security.sasl.SaslException; /** - * <p>A Factory class that returns CALG (Confidentiality Algorithm) instances - * that operate as described in the draft-burdis-cat-sasl-srp-08.</p> - * - * <p>The designated CALG block cipher should be used in OFB (Output Feedback + * A Factory class that returns CALG (Confidentiality Algorithm) instances that + * operate as described in the draft-burdis-cat-sasl-srp-08. + * <p> + * The designated CALG block cipher should be used in OFB (Output Feedback * Block) mode in the ISO variant, as described in <i>The Handbook of Applied - * Cryptography</i>, algorithm 7.20.</p> - * - * <p>Let <code>k</code> be the block size of the chosen symmetric key block - * cipher algorithm; e.g. for AES this is <code>128</code> bits or <code>16</code> - * octets. The OFB mode used shall be of length/size <code>k</code>.</p> - * - * <p>It is recommended that block ciphers operating in OFB mode be used with an + * Cryptography</i>, algorithm 7.20. + * <p> + * Let <code>k</code> be the block size of the chosen symmetric key block + * cipher algorithm; e.g. for AES this is <code>128</code> bits or + * <code>16</code> octets. The OFB mode used shall be of length/size + * <code>k</code>. + * <p> + * It is recommended that block ciphers operating in OFB mode be used with an * Initial Vector (the mode's IV). In such a mode of operation - OFB with key * re-use - the IV need not be secret. For the mechanism in question the IVs - * shall be a random octet sequence of <code>k</code> bytes.</p> - * - * The input data to the confidentiality protection algorithm shall be - * a multiple of the symmetric cipher block size <code>k</code>. When the input + * shall be a random octet sequence of <code>k</code> bytes. + * <p> + * The input data to the confidentiality protection algorithm shall be a + * multiple of the symmetric cipher block size <code>k</code>. When the input * length is not a multiple of <code>k</code> octets, the data shall be padded - * according to the following scheme:</p> - * - * <p>Assuming the length of the input is <code>l</code> octets, + * according to the following scheme: + * <p> + * Assuming the length of the input is <code>l</code> octets, * <code>(k - (l mod k))</code> octets, all having the value * <code>(k - (l mod k))</code>, shall be appended to the original data. In * other words, the input is padded at the trailing end with one of the - * following sequences:</p> - * + * following sequences: * <pre> - * - * 01 -- if l mod k = k-1 - * 02 02 -- if l mod k = k-2 - * ... - * ... - * ... - * k k ... k k -- if l mod k = 0 - *</pre> - * - * <p>The padding can be removed unambiguously since all input is padded and no + * + * 01 -- if l mod k = k-1 + * 02 02 -- if l mod k = k-2 + * ... + * ... + * ... + * k k ... k k -- if l mod k = 0 + * </pre> + * <p> + * The padding can be removed unambiguously since all input is padded and no * padding sequence is a suffix of another. This padding method is well-defined * if and only if <code>k < 256</code> octets, which is the case with - * symmetric key block ciphers today, and in the forseeable future.</p> + * symmetric key block ciphers today, and in the forseeable future. */ public final class CALG { - - // Constants and variables - // -------------------------------------------------------------------------- - private Assembly assembly; - private Object modeNdx; // initialisation key of the cascade's attributes - private int blockSize; // the underlying cipher's blocksize == IV length - private int keySize; // the underlying cipher's key size (in bytes). - // Constructor(s) - // -------------------------------------------------------------------------- - /** Private constructor to enforce instantiation through Factory method. */ private CALG(final int blockSize, final int keySize, final Object modeNdx, final Assembly assembly) @@ -129,12 +119,9 @@ public final class CALG this.assembly = assembly; } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of a SASL-SRP CALG implementation.</p> - * + * Returns an instance of a SASL-SRP CALG implementation. + * * @param algorithm the name of the symmetric cipher algorithm. * @return an instance of this object. */ @@ -144,118 +131,60 @@ public final class CALG final int blockSize = cipher.defaultBlockSize(); final int keySize = cipher.defaultKeySize(); final Cascade ofbCipher = new Cascade(); - final Object modeNdx = ofbCipher.append(Stage.getInstance( - ModeFactory.getInstance( - Registry.OFB_MODE, - cipher, - blockSize), - Direction.FORWARD)); + IMode ofbMode = ModeFactory.getInstance(Registry.OFB_MODE, + cipher, + blockSize); + Stage modeStage = Stage.getInstance(ofbMode, Direction.FORWARD); + final Object modeNdx = ofbCipher.append(modeStage); final IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD); - // the passed IV may be longer that what we need. ensure correct length - // byte[] realIV = null; - // if (iv.length == blockSize) { - // realIV = iv; - // } else { - // realIV = new byte[blockSize]; - // if (iv.length > blockSize) { - // System.arraycopy(iv, 0, realIV, 0, blockSize); - // } else { // shouldnt happen - // System.arraycopy(iv, 0, realIV, 0, iv.length); - // } - // } - - // HashMap modeAttributes = new HashMap(); - // modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone()); - // modeAttributes.put(IMode.IV, realIV); - final Assembly asm = new Assembly(); asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher)); asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7)); - - // HashMap attributes = new HashMap(); - // attributes.put(Assembly.DIRECTION, dir); - // attributes.put(modeNdx, modeAttributes); - // try { - // asm.init(attributes); - // } catch (TransformerException x) { - // throw new SaslException("getInstance()", x); - // } - return new CALG(blockSize, keySize, modeNdx, asm); } - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Initialises a SASL-SRP CALG implementation.</p> - * + * Initialises a SASL-SRP CALG implementation. + * * @param kdf the key derivation function. * @param iv the initial vector value to use. * @param dir whether this CALG is used for encryption or decryption. */ - // public void init(byte[] K, byte[] iv, Direction dir) throws SaslException { public void init(final KDF kdf, final byte[] iv, final Direction dir) throws SaslException { - // IBlockCipher cipher = CipherFactory.getInstance(algorithm); - // int blockSize = cipher.defaultBlockSize(); - // Cascade ofbCipher = new Cascade(); - // Object modeNdx = ofbCipher.append( - // Stage.getInstace( - // ModeFactory.getInstance(Registry.OFB_MODE, cipher, blockSize), - // Direction.FORWARD)); - // IPad pkcs7 = PadFactory.getInstance(Registry.PKCS7_PAD); - // the passed IV may be longer that what we need. ensure correct length final byte[] realIV; if (iv.length == blockSize) - { - realIV = iv; - } + realIV = iv; else { realIV = new byte[blockSize]; if (iv.length > blockSize) - { - System.arraycopy(iv, 0, realIV, 0, blockSize); - } - else - { // shouldnt happen - System.arraycopy(iv, 0, realIV, 0, iv.length); - } + System.arraycopy(iv, 0, realIV, 0, blockSize); + else // shouldnt happen + System.arraycopy(iv, 0, realIV, 0, iv.length); } - final HashMap modeAttributes = new HashMap(); - // modeAttributes.put(IBlockCipher.KEY_MATERIAL, K.clone()); final byte[] sk = kdf.derive(keySize); modeAttributes.put(IBlockCipher.KEY_MATERIAL, sk); - //System.out.println("**** Initialised CALG with: "+gnu.crypto.util.Util.dumpString(sk)); modeAttributes.put(IMode.IV, realIV); - - // Assembly asm = new Assembly(); - // asm.addPreTransformer(Transformer.getCascadeTransformer(ofbCipher)); - // asm.addPreTransformer(Transformer.getPaddingTransformer(pkcs7)); - final HashMap attributes = new HashMap(); attributes.put(Assembly.DIRECTION, dir); attributes.put(modeNdx, modeAttributes); try { - // asm.init(attributes); assembly.init(attributes); } catch (TransformerException x) { throw new SaslException("getInstance()", x); } - - // return new CALG(asm); } /** - * <p>Encrypts or decrypts, depending on the mode already set, a designated - * array of bytes and returns the result.</p> - * + * Encrypts or decrypts, depending on the mode already set, a designated array + * of bytes and returns the result. + * * @param data the data to encrypt/decrypt. * @return the decrypted/encrypted result. * @throws ConfidentialityException if an exception occurs duirng the process. @@ -266,9 +195,9 @@ public final class CALG } /** - * <p>Encrypts or decrypts, depending on the mode already set, a designated - * array of bytes and returns the result.</p> - * + * Encrypts or decrypts, depending on the mode already set, a designated array + * of bytes and returns the result. + * * @param data the data to encrypt/decrypt. * @param offset where to start in <code>data</code>. * @param length how many bytes to consider in <code>data</code>. @@ -289,4 +218,4 @@ public final class CALG } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/ClientStore.java b/gnu/javax/crypto/sasl/srp/ClientStore.java index ce16f4aa7..866e610d8 100644 --- a/gnu/javax/crypto/sasl/srp/ClientStore.java +++ b/gnu/javax/crypto/sasl/srp/ClientStore.java @@ -41,29 +41,19 @@ package gnu.javax.crypto.sasl.srp; import java.util.HashMap; /** - * <p>The client-side implementation of the SRP security context store.</p> + * The client-side implementation of the SRP security context store. */ public class ClientStore { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The underlying singleton. */ private static ClientStore singleton = null; - /** The map of uid --> SASL Security Context record. */ private static final HashMap uid2ssc = new HashMap(); - /** The map of sid --> Session timing record. */ private static final HashMap uid2ttl = new HashMap(); - /** A synchronisation lock. */ private static final Object lock = new Object(); - // Constructor(s) - // ------------------------------------------------------------------------- - /** Private constructor to enforce Singleton pattern. */ private ClientStore() { @@ -72,33 +62,25 @@ public class ClientStore // TODO: add a cleaning timer thread } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns the classloader Singleton.</p> - * + * Returns the classloader Singleton. + * * @return the classloader Singleton instance. */ static synchronized final ClientStore instance() { if (singleton == null) - { - singleton = new ClientStore(); - } + singleton = new ClientStore(); return singleton; } - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Returns a boolean flag indicating if the designated client's session is - * still alive or not.</p> - * + * Returns a boolean flag indicating if the designated client's session is + * still alive or not. + * * @param uid the identifier of the client whose session to check. * @return <code>true</code> if the designated client's session is still - * alive. <code>false</code> otherwise. + * alive. <code>false</code> otherwise. */ boolean isAlive(final String uid) { @@ -107,11 +89,11 @@ public class ClientStore { final Object obj = uid2ssc.get(uid); result = (obj != null); - if (result) - { // is it still alive? + if (result) // is it still alive? + { final StoreEntry sto = (StoreEntry) uid2ttl.get(uid); - if (!sto.isAlive()) - { // invalidate it + if (! sto.isAlive()) // invalidate it + { uid2ssc.remove(uid); uid2ttl.remove(uid); } @@ -121,11 +103,11 @@ public class ClientStore } /** - * <p>Records a mapping between a client's unique identifier and its security - * context.</p> - * - * @param uid the unique identifier of the SRP client for which the session - * is to be cached. + * Records a mapping between a client's unique identifier and its security + * context. + * + * @param uid the unique identifier of the SRP client for which the session is + * to be cached. * @param ttl the session's Time-To-Live indicator (in seconds). * @param ctx the client's security context. */ @@ -139,9 +121,9 @@ public class ClientStore } /** - * <p>Removes the mapping between the designated SRP client unique identifier - * and the its session security context (and other timing information).</p> - * + * Removes the mapping between the designated SRP client unique identifier and + * the its session security context (and other timing information). + * * @param uid the identifier of the client whose session is to invalidate. */ void invalidateSession(final String uid) @@ -154,9 +136,9 @@ public class ClientStore } /** - * <p>Returns an SRP client's security context record mapped by that client's - * unique identifier.</p> - * + * Returns an SRP client's security context record mapped by that client's + * unique identifier. + * * @param uid the identifier of the client whose session is to restore. * @return the SRP client's security context. */ @@ -170,4 +152,4 @@ public class ClientStore } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/IALG.java b/gnu/javax/crypto/sasl/srp/IALG.java index 51492f977..85c93700f 100644 --- a/gnu/javax/crypto/sasl/srp/IALG.java +++ b/gnu/javax/crypto/sasl/srp/IALG.java @@ -48,20 +48,14 @@ import java.util.HashMap; import javax.security.sasl.SaslException; /** - * <p>A Factory class that returns IALG (Integrity Algorithm) instances that - * operate as described in the draft-burdis-cat-sasl-srp-04 and later.</p> + * A Factory class that returns IALG (Integrity Algorithm) instances that + * operate as described in the draft-burdis-cat-sasl-srp-04 and later. */ -public final class IALG implements Cloneable +public final class IALG + implements Cloneable { - - // Constants and variables - // -------------------------------------------------------------------------- - private IMac hmac; - // Constructor(s) - // -------------------------------------------------------------------------- - /** Private constructor to enforce instantiation through Factory method. */ private IALG(final IMac hmac) { @@ -70,12 +64,9 @@ public final class IALG implements Cloneable this.hmac = hmac; } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of a SASL-SRP IALG implementation.</p> - * + * Returns an instance of a SASL-SRP IALG implementation. + * * @param algorithm the name of the HMAC algorithm. * @return an instance of this object. */ @@ -85,44 +76,24 @@ public final class IALG implements Cloneable final IMac hmac; hmac = MacFactory.getInstance(algorithm); if (hmac == null) - { - throw new SaslException("getInstance()", - new NoSuchAlgorithmException(algorithm)); - } - // try { - // byte[] sk = (byte[]) K.clone(); - // HashMap map = new HashMap(); - // map.put(IMac.MAC_KEY_MATERIAL, sk); - // hmac.init(map); - // } catch (InvalidKeyException x) { - // throw new SaslException("getInstance()", x); - // } + throw new SaslException("getInstance()", + new NoSuchAlgorithmException(algorithm)); return new IALG(hmac); } - // Instance methods - // ------------------------------------------------------------------------- - - // Cloneable interface implementation -------------------------------------- - public Object clone() throws CloneNotSupportedException { return new IALG((IMac) hmac.clone()); } - // other methdds ----------------------------------------------------------- - - // public void init(final byte[] K) throws SaslException { public void init(final KDF kdf) throws SaslException { try { - // final byte[] sk = (byte[]) K.clone(); final byte[] sk = kdf.derive(hmac.macSize()); final HashMap map = new HashMap(); map.put(IMac.MAC_KEY_MATERIAL, sk); hmac.init(map); - //System.out.println("**** Initialised IALG with: "+gnu.crypto.util.Util.dumpString(sk)); } catch (InvalidKeyException x) { @@ -146,8 +117,8 @@ public final class IALG implements Cloneable } /** - * <p>Returns the length (in bytes) of this SASL SRP Integrity Algorithm.</p> - * + * Returns the length (in bytes) of this SASL SRP Integrity Algorithm. + * * @return the length, in bytes, of this integrity protection algorithm. */ public int length() diff --git a/gnu/javax/crypto/sasl/srp/KDF.java b/gnu/javax/crypto/sasl/srp/KDF.java index 7a761cc06..aa3edac0c 100644 --- a/gnu/javax/crypto/sasl/srp/KDF.java +++ b/gnu/javax/crypto/sasl/srp/KDF.java @@ -47,45 +47,29 @@ import gnu.javax.crypto.prng.UMacGenerator; import java.util.HashMap; /** - * <p>The SASL-SRP KDF implementation, which is also used, depending on how it - * was instantiated, as a secure Pseudo Random Number Generator.</p> + * The SASL-SRP KDF implementation, which is also used, depending on how it was + * instantiated, as a secure Pseudo Random Number Generator. */ public class KDF { - - // Constants and variables - // ------------------------------------------------------------------------- - - private static final int AES_BLOCK_SIZE = 16; // default block size for the AES - + private static final int AES_BLOCK_SIZE = 16; // default block size for AES private static final int AES_KEY_SIZE = 16; // default key size for the AES - private static final byte[] buffer = new byte[1]; - /** Our default source of randomness. */ private static final PRNG prng = PRNG.getInstance(); - - /** The shared secret K to use. */ - // private byte[] keyMaterial; /** The underlying UMAC Generator instance. */ private UMacGenerator umac = null; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Constructs an instance of the <code>KDF</code> initialised with the - * designated shared secret bytes.</p> - * + * Constructs an instance of the <code>KDF</code> initialised with the + * designated shared secret bytes. + * * @param keyMaterial the SASL SRP shared secret (K) bytes. */ private KDF(final byte[] keyMaterial, final int ndx) { super(); - // if (ndx != 0) { - // this.keyMaterial = (byte[]) keyMaterial.clone(); - // } final HashMap map = new HashMap(); map.put(UMacGenerator.CIPHER, Registry.AES_CIPHER); map.put(UMacGenerator.INDEX, Integer.valueOf(ndx)); @@ -93,21 +77,16 @@ public class KDF final byte[] key = new byte[AES_KEY_SIZE]; System.arraycopy(keyMaterial, 0, key, 0, AES_KEY_SIZE); map.put(IBlockCipher.KEY_MATERIAL, key); - umac = new UMacGenerator(); umac.init(map); - //System.out.println("**** Initialised KDF with: "+gnu.crypto.util.Util.dumpString(key)); } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>A Factory mehod that returns an instance of a <code>KDF</code> based on - * supplied seed data.</p> - * + * A Factory mehod that returns an instance of a <code>KDF</code> based on + * supplied seed data. + * * @param K the SASL SRP shared secret for a <code>KDF</code> to be used for - * <i>CALG</i> and <i>IALG</i> setup. <code>null</code> otherwise. + * <i>CALG</i> and <i>IALG</i> setup. <code>null</code> otherwise. * @return an instance of a <code>KDF</code>. */ static final KDF getInstance(final byte[] K) @@ -134,36 +113,28 @@ public class KDF return (buffer[0] & 0xFF); } - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Returns a designated number of bytes suitable for use in the SASL SRP - * mechanism.</p> - * + * Returns a designated number of bytes suitable for use in the SASL SRP + * mechanism. + * * @param length the number of bytes needed. * @return a byte array containing the generated/selected bytes. */ public synchronized byte[] derive(final int length) { final byte[] result = new byte[length]; - // if (keyMaterial == null || length > keyMaterial.length) { try { umac.nextBytes(result, 0, length); } - catch (IllegalStateException x) - { // should not happen + catch (IllegalStateException x) // should not happen + { x.printStackTrace(System.err); } - catch (LimitReachedException x) - { // idem + catch (LimitReachedException x) // idem + { x.printStackTrace(System.err); } - // } else { - // System.arraycopy(keyMaterial, 0, result, 0, length); - // } - return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/PasswordFile.java b/gnu/javax/crypto/sasl/srp/PasswordFile.java index 70a4bb65c..36888df87 100644 --- a/gnu/javax/crypto/sasl/srp/PasswordFile.java +++ b/gnu/javax/crypto/sasl/srp/PasswordFile.java @@ -61,70 +61,58 @@ import java.util.NoSuchElementException; import java.util.StringTokenizer; /** - * <p>The implementation of SRP password files.</p> - * - * <p>For SRP, there are three (3) files: + * The implementation of SRP password files. + * <p> + * For SRP, there are three (3) files: * <ol> - * <li>The password configuration file: tpasswd.conf. It contains the pairs - * <N,g> indexed by a number for each pair used for a user. By default, - * this file's pathname is constructed from the base password file pathname - * by prepending it with the ".conf" suffix.</li> - * - * <li>The base password file: tpasswd. It contains the related password - * entries for all the users with values computed using SRP's default - * message digest algorithm: SHA-1 (with 160-bit output block size).</li> - * - * <li>The extended password file: tpasswd2. Its name, by default, is - * constructed by adding the suffix "2" to the fully qualified pathname of - * the base password file. It contains, in addition to the same fields as - * the base password file, albeit with a different verifier value, an extra - * field identifying the message digest algorithm used to compute this - * (verifier) value.</li> - * </ol></p> - * - * <p>This implementation assumes the following message digest algorithm codes: + * <li>The password configuration file: tpasswd.conf. It contains the pairs + * <N,g> indexed by a number for each pair used for a user. By default, this + * file's pathname is constructed from the base password file pathname by + * prepending it with the ".conf" suffix.</li> + * <li>The base password file: tpasswd. It contains the related password + * entries for all the users with values computed using SRP's default message + * digest algorithm: SHA-1 (with 160-bit output block size).</li> + * <li>The extended password file: tpasswd2. Its name, by default, is + * constructed by adding the suffix "2" to the fully qualified pathname of the + * base password file. It contains, in addition to the same fields as the base + * password file, albeit with a different verifier value, an extra field + * identifying the message digest algorithm used to compute this (verifier) + * value.</li> + * </ol> + * <p> + * This implementation assumes the following message digest algorithm codes: * <ul> - * <li>0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).</li> - * <li>1: MD5.</li> - * <li>2: RIPEMD-128.</li> - * <li>3: RIPEMD-160.</li> - * <li>4: SHA-256.</li> - * <li>5: SHA-384.</li> - * <li>6: SHA-512.</li> - * </ul></p> - * - * <p><b>IMPORTANT:</b> This method computes the verifiers as described in - * RFC-2945, which differs from the description given on the web page for - * SRP-6.</p> - * - * <p>Reference:</p> + * <li>0: the default hash algorithm, which is SHA-1 (or its alias SHA-160).</li> + * <li>1: MD5.</li> + * <li>2: RIPEMD-128.</li> + * <li>3: RIPEMD-160.</li> + * <li>4: SHA-256.</li> + * <li>5: SHA-384.</li> + * <li>6: SHA-512.</li> + * </ul> + * <p> + * <b>IMPORTANT:</b> This method computes the verifiers as described in + * RFC-2945, which differs from the description given on the web page for SRP-6. + * <p> + * Reference: * <ol> - * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br> - * Thomas J. Wu.</li> + * <li><a href="http://srp.stanford.edu/design.html">SRP Protocol Design</a><br> + * Thomas J. Wu.</li> * </ol> */ public class PasswordFile { - - // Constants and variables - // ------------------------------------------------------------------------- - // names of property keys used in this class private static final String USER_FIELD = "user"; - private static final String VERIFIERS_FIELD = "verifier"; - private static final String SALT_FIELD = "salt"; - private static final String CONFIG_FIELD = "config"; - private static String DEFAULT_FILE; static { DEFAULT_FILE = System.getProperty(SRPRegistry.PASSWORD_FILE, SRPRegistry.DEFAULT_PASSWORD_FILE); } - /** The SRP algorithm instances used by this object. */ private static final HashMap srps; static @@ -149,27 +137,19 @@ public class PasswordFile } private String confName, pwName, pw2Name; - private File configFile, passwdFile, passwd2File; - private long lastmodPasswdFile, lastmodPasswd2File; - private HashMap entries = new HashMap(); - private HashMap configurations = new HashMap(); - // default N values to use when creating a new password.conf file private static final BigInteger[] Nsrp = new BigInteger[] { - SRPAlgorithm.N_2048, - SRPAlgorithm.N_1536, - SRPAlgorithm.N_1280, - SRPAlgorithm.N_1024, - SRPAlgorithm.N_768, - SRPAlgorithm.N_640, - SRPAlgorithm.N_512 }; - - // Constructor(s) - // ------------------------------------------------------------------------- + SRPAlgorithm.N_2048, + SRPAlgorithm.N_1536, + SRPAlgorithm.N_1280, + SRPAlgorithm.N_1024, + SRPAlgorithm.N_768, + SRPAlgorithm.N_640, + SRPAlgorithm.N_512 }; public PasswordFile() throws IOException { @@ -205,63 +185,43 @@ public class PasswordFile update(); } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns a string representing the decimal value of an integer - * identifying the message digest algorithm to use for the SRP computations. - * </p> - * + * Returns a string representing the decimal value of an integer identifying + * the message digest algorithm to use for the SRP computations. + * * @param mdName the canonical name of a message digest algorithm. * @return a string representing the decimal value of an ID for that - * algorithm. + * algorithm. */ private static final String nameToID(final String mdName) { if (Registry.SHA_HASH.equalsIgnoreCase(mdName) || Registry.SHA1_HASH.equalsIgnoreCase(mdName) || Registry.SHA160_HASH.equalsIgnoreCase(mdName)) - { - return "0"; - } + return "0"; else if (Registry.MD5_HASH.equalsIgnoreCase(mdName)) - { - return "1"; - } + return "1"; else if (Registry.RIPEMD128_HASH.equalsIgnoreCase(mdName)) - { - return "2"; - } + return "2"; else if (Registry.RIPEMD160_HASH.equalsIgnoreCase(mdName)) - { - return "3"; - } + return "3"; else if (Registry.SHA256_HASH.equalsIgnoreCase(mdName)) - { - return "4"; - } + return "4"; else if (Registry.SHA384_HASH.equalsIgnoreCase(mdName)) - { - return "5"; - } + return "5"; else if (Registry.SHA512_HASH.equalsIgnoreCase(mdName)) - { - return "6"; - } + return "6"; return "0"; } - // SRP password configuration file methods --------------------------------- - /** - * <p>Checks if the current configuration file contains the <N, g> pair - * for the designated <code>index</code>.</p> - * + * Checks if the current configuration file contains the <N, g> pair for + * the designated <code>index</code>. + * * @param index a string representing 1-digit identification of an <N, g> - * pair used. - * @return <code>true</code> if the designated <code>index</code> is that of - * a known <N, g> pair, and <code>false</code> otherwise. + * pair used. + * @return <code>true</code> if the designated <code>index</code> is that + * of a known <N, g> pair, and <code>false</code> otherwise. * @throws IOException if an exception occurs during the process. * @see SRPRegistry#N_2048_BITS * @see SRPRegistry#N_1536_BITS @@ -279,16 +239,16 @@ public class PasswordFile } /** - * <p>Returns a pair of strings representing the pair of <code>N</code> and - * <code>g</code> MPIs for the designated <code>index</code>.</p> - * + * Returns a pair of strings representing the pair of <code>N</code> and + * <code>g</code> MPIs for the designated <code>index</code>. + * * @param index a string representing 1-digit identification of an <N, g> - * pair to look up. + * pair to look up. * @return a pair of strings, arranged in an array, where the first (at index - * position #0) is the repesentation of the MPI <code>N</code>, and the - * second (at index position #1) is the representation of the MPI - * <code>g</code>. If the <code>index</code> refers to an unknown pair, then - * an empty string array is returned. + * position #0) is the repesentation of the MPI <code>N</code>, and + * the second (at index position #1) is the representation of the MPI + * <code>g</code>. If the <code>index</code> refers to an unknown + * pair, then an empty string array is returned. * @throws IOException if an exception occurs during the process. */ public synchronized String[] lookupConfig(final String index) @@ -297,14 +257,10 @@ public class PasswordFile checkCurrent(); String[] result = null; if (configurations.containsKey(index)) - { - result = (String[]) configurations.get(index); - } + result = (String[]) configurations.get(index); return result; } - // SRP base and extended password configuration files methods -------------- - public synchronized boolean contains(final String user) throws IOException { checkCurrent(); @@ -317,9 +273,7 @@ public class PasswordFile { checkCurrent(); if (entries.containsKey(user)) - { - throw new UserAlreadyExistsException(user); - } + throw new UserAlreadyExistsException(user); final HashMap fields = new HashMap(4); fields.put(USER_FIELD, user); // 0 fields.put(VERIFIERS_FIELD, newVerifiers(user, salt, passwd, index)); // 1 @@ -333,10 +287,8 @@ public class PasswordFile throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { - throw new NoSuchUserException(user); - } + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); final HashMap fields = (HashMap) entries.get(user); final byte[] salt; try @@ -368,27 +320,23 @@ public class PasswordFile finally { if (pw1 != null) - { - try - { - pw1.flush(); - } - finally - { - pw1.close(); - } - } + try + { + pw1.flush(); + } + finally + { + pw1.close(); + } if (pw2 != null) - { - try - { - pw2.flush(); - } - finally - { - pw2.close(); - } - } + try + { + pw2.flush(); + } + finally + { + pw2.close(); + } try { f1.close(); @@ -409,24 +357,22 @@ public class PasswordFile } /** - * <p>Returns the triplet: verifier, salt and configuration file index, of a + * Returns the triplet: verifier, salt and configuration file index, of a * designated user, and a designated message digest algorithm name, as an - * array of strings.</p> - * + * array of strings. + * * @param user the username. * @param mdName the canonical name of the SRP's message digest algorithm. * @return a string array containing, in this order, the BASE-64 encodings of - * the verifier, the salt and the index in the password configuration file of - * the MPIs N and g of the designated user. + * the verifier, the salt and the index in the password configuration + * file of the MPIs N and g of the designated user. */ public synchronized String[] lookup(final String user, final String mdName) throws IOException { checkCurrent(); - if (!entries.containsKey(user)) - { - throw new NoSuchUserException(user); - } + if (! entries.containsKey(user)) + throw new NoSuchUserException(user); final HashMap fields = (HashMap) entries.get(user); final HashMap verifiers = (HashMap) fields.get(VERIFIERS_FIELD); final String salt = (String) fields.get(SALT_FIELD); @@ -435,8 +381,6 @@ public class PasswordFile return new String[] { verifier, salt, index }; } - // Other instance methods -------------------------------------------------- - private synchronized void readOrCreateConf() throws IOException { configurations.clear(); @@ -468,13 +412,9 @@ public class PasswordFile finally { if (pw0 != null) - { - pw0.close(); - } + pw0.close(); else if (f0 != null) - { - f0.close(); - } + f0.close(); } } } @@ -510,26 +450,27 @@ public class PasswordFile { ndx = (String) it.next(); mpi = (String[]) configurations.get(ndx); - sb = new StringBuffer(ndx).append(":").append(mpi[0]).append(":").append( - mpi[1]); + sb = new StringBuffer(ndx) + .append(":").append(mpi[0]) + .append(":").append(mpi[1]); pw.println(sb.toString()); } } /** - * <p>Compute the new verifiers for the designated username and password.</p> - * - * <p><b>IMPORTANT:</b> This method computes the verifiers as described in + * Compute the new verifiers for the designated username and password. + * <p> + * <b>IMPORTANT:</b> This method computes the verifiers as described in * RFC-2945, which differs from the description given on the web page for - * SRP-6.</p> - * + * SRP-6. + * * @param user the user's name. * @param s the user's salt. * @param password the user's password * @param index the index of the <N, g> pair to use for this user. * @return a {@link java.util.Map} of user verifiers. * @throws UnsupportedEncodingException if the US-ASCII decoder is not - * available on this platform. + * available on this platform. */ private HashMap newVerifiers(final String user, final byte[] s, final String password, final String index) @@ -539,7 +480,6 @@ public class PasswordFile final String[] mpi = (String[]) configurations.get(index); final BigInteger N = new BigInteger(1, Util.fromBase64(mpi[0])); final BigInteger g = new BigInteger(1, Util.fromBase64(mpi[1])); - final HashMap result = new HashMap(srps.size()); BigInteger x, v; SRP srp; @@ -550,7 +490,6 @@ public class PasswordFile x = new BigInteger(1, srp.computeX(s, user, password)); v = g.modPow(x, N); final String verifier = Util.toBase64(v.toByteArray()); - result.put(digestID, verifier); } return result; @@ -559,7 +498,6 @@ public class PasswordFile private synchronized void update() throws IOException { entries.clear(); - FileInputStream fis; passwdFile = new File(pwName); lastmodPasswdFile = passwdFile.lastModified(); @@ -587,9 +525,7 @@ public class PasswordFile { if (passwdFile.lastModified() > lastmodPasswdFile || passwd2File.lastModified() > lastmodPasswd2File) - { - update(); - } + update(); } private void readPasswd(final InputStream in) throws IOException @@ -611,16 +547,13 @@ public class PasswordFile { throw new IOException("SRP base password file corrupt"); } - final HashMap verifiers = new HashMap(6); verifiers.put("0", verifier); - final HashMap fields = new HashMap(4); fields.put(USER_FIELD, user); fields.put(VERIFIERS_FIELD, verifiers); fields.put(SALT_FIELD, salt); fields.put(CONFIG_FIELD, index); - entries.put(user, fields); } } @@ -644,7 +577,6 @@ public class PasswordFile { throw new IOException("SRP extended password file corrupt"); } - fields = (HashMap) entries.get(user); if (fields != null) { @@ -666,33 +598,28 @@ public class PasswordFile { user = (String) i.next(); fields = (HashMap) entries.get(user); - if (!user.equals(fields.get(USER_FIELD))) - { - throw new IOException("Inconsistent SRP password data"); - } + if (! user.equals(fields.get(USER_FIELD))) + throw new IOException("Inconsistent SRP password data"); verifiers = (HashMap) fields.get(VERIFIERS_FIELD); - sb1 = new StringBuffer().append(user).append(":").append( - (String) verifiers.get("0")).append( - ":").append( - (String) fields.get(SALT_FIELD)).append( - ":").append( - (String) fields.get(CONFIG_FIELD)); + sb1 = new StringBuffer(user) + .append(":").append((String) verifiers.get("0")) + .append(":").append((String) fields.get(SALT_FIELD)) + .append(":").append((String) fields.get(CONFIG_FIELD)); pw1.println(sb1.toString()); // write extended information j = verifiers.keySet().iterator(); while (j.hasNext()) { digestID = (String) j.next(); - if (!"0".equals(digestID)) + if (! "0".equals(digestID)) { // #0 is the default digest, already present in tpasswd! - sb2 = new StringBuffer().append(digestID).append(":").append( - user).append( - ":").append( - (String) verifiers.get(digestID)); + sb2 = new StringBuffer(digestID) + .append(":").append(user) + .append(":").append((String) verifiers.get(digestID)); pw2.println(sb2.toString()); } } } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/SRP.java b/gnu/javax/crypto/sasl/srp/SRP.java index d3eb596d4..437e42a5a 100644 --- a/gnu/javax/crypto/sasl/srp/SRP.java +++ b/gnu/javax/crypto/sasl/srp/SRP.java @@ -47,27 +47,18 @@ import java.math.BigInteger; import java.util.HashMap; /** - * <p>A Factory class that returns SRP Singletons that know all SRP-related + * A Factory class that returns SRP Singletons that know all SRP-related * mathematical computations and protocol-related operations for both the - * client- and server-sides.</p> + * client- and server-sides. */ public final class SRP { - - // Constants and variables - // -------------------------------------------------------------------------- - /** The map of already instantiated SRP algorithm instances. */ private static final HashMap algorithms = new HashMap(); - private static final byte COLON = (byte) 0x3A; - /** The underlying message digest algorithm used for all SRP calculations. */ private IMessageDigest mda; - // Constructor(s) - // -------------------------------------------------------------------------- - /** Trivial private constructor to enforce Singleton pattern. */ private SRP(final IMessageDigest mda) { @@ -76,25 +67,18 @@ public final class SRP this.mda = mda; } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of this object that uses the designated message - * digest algorithm as its digest function.</p> - * + * Returns an instance of this object that uses the designated message digest + * algorithm as its digest function. + * * @return an instance of this object for the designated digest name. */ public static synchronized SRP instance(String mdName) { if (mdName != null) - { - mdName = mdName.trim().toLowerCase(); - } + mdName = mdName.trim().toLowerCase(); if (mdName == null || mdName.equals("")) - { - mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME; - } + mdName = SRPRegistry.SRP_DEFAULT_DIGEST_NAME; SRP result = (SRP) algorithms.get(mdName); if (result == null) { @@ -110,31 +94,24 @@ public final class SRP { final byte[] result = new byte[length]; for (int i = 0; i < length; ++i) - { - result[i] = (byte) (b1[i] ^ b2[i]); - } + result[i] = (byte)(b1[i] ^ b2[i]); return result; } - // Instance methods - // ------------------------------------------------------------------------- - /** @return the message digest algorithm name used by this instance. */ public String getAlgorithm() { return mda.name(); } - // Message Digest algorithm related methods -------------------------------- - /** - * <p>Returns a new instance of the SRP message digest algorithm --which is + * Returns a new instance of the SRP message digest algorithm --which is * SHA-160 by default, but could be anything else provided the proper - * conditions as specified in the SRP specifications.</p> - * + * conditions as specified in the SRP specifications. + * * @return a new instance of the underlying SRP message digest algorithm. * @throws RuntimeException if the implementation of the message digest - * algorithm does not support cloning. + * algorithm does not support cloning. */ public IMessageDigest newDigest() { @@ -142,12 +119,12 @@ public final class SRP } /** - * <p>Convenience method to return the result of digesting the designated - * input with a new instance of the SRP message digest algorithm.</p> - * + * Convenience method to return the result of digesting the designated input + * with a new instance of the SRP message digest algorithm. + * * @param src some bytes to digest. - * @return the bytes constituting the result of digesting the designated - * input with a new instance of the SRP message digest algorithm. + * @return the bytes constituting the result of digesting the designated input + * with a new instance of the SRP message digest algorithm. */ public byte[] digest(final byte[] src) { @@ -157,13 +134,13 @@ public final class SRP } /** - * <p>Convenience method to return the result of digesting the designated - * input with a new instance of the SRP message digest algorithm.</p> - * + * Convenience method to return the result of digesting the designated input + * with a new instance of the SRP message digest algorithm. + * * @param src a String whose bytes (using US-ASCII encoding) are to be - * digested. - * @return the bytes constituting the result of digesting the designated - * input with a new instance of the SRP message digest algorithm. + * digested. + * @return the bytes constituting the result of digesting the designated input + * with a new instance of the SRP message digest algorithm. * @throws UnsupportedEncodingException if US-ASCII charset is not found. */ public byte[] digest(final String src) throws UnsupportedEncodingException @@ -171,17 +148,15 @@ public final class SRP return digest(src.getBytes("US-ASCII")); } - // Other methods ----------------------------------------------------------- - /** - * <p>Convenience method to XOR N bytes from two arrays; N being the output - * size of the SRP message digest algorithm.</p> - * + * Convenience method to XOR N bytes from two arrays; N being the output size + * of the SRP message digest algorithm. + * * @param a the first byte array. * @param b the second one. * @return N bytes which are the result of the XOR operations on the first N - * bytes from the designated arrays. N is the size of the SRP message digest - * algorithm; eg. 20 for SHA-160. + * bytes from the designated arrays. N is the size of the SRP message + * digest algorithm; eg. 20 for SHA-160. */ public byte[] xor(final byte[] a, final byte[] b) { @@ -212,7 +187,6 @@ public final class SRP hash.update(b, 0, b.length); hash.update(cn, 0, cn.length); hash.update(cCB, 0, cCB.length); - return hash.digest(); } @@ -235,14 +209,13 @@ public final class SRP b = digest(o); hash.update(b, 0, b.length); hash.update(sid, 0, sid.length); - hash.update((byte) (ttl >>> 24)); - hash.update((byte) (ttl >>> 16)); - hash.update((byte) (ttl >>> 8)); + hash.update((byte)(ttl >>> 24)); + hash.update((byte)(ttl >>> 16)); + hash.update((byte)(ttl >>> 8)); hash.update((byte) ttl); hash.update(cIV, 0, cIV.length); hash.update(sIV, 0, sIV.length); hash.update(sCB, 0, sCB.length); - return hash.digest(); } @@ -252,7 +225,6 @@ public final class SRP hash.update(K, 0, K.length); hash.update(cn, 0, cn.length); hash.update(sn, 0, sn.length); - return hash.digest(); } @@ -276,10 +248,8 @@ public final class SRP hash.update(COLON); hash.update(p, 0, p.length); final byte[] up = hash.digest(); - hash.update(s, 0, s.length); hash.update(up, 0, up.length); - return hash.digest(); } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java b/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java index 9ea21efb6..3a43a94a0 100644 --- a/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java +++ b/gnu/javax/crypto/sasl/srp/SRPAuthInfoProvider.java @@ -50,37 +50,21 @@ import java.util.Map; import javax.security.sasl.AuthenticationException; /** - * <p>The SRP mechanism authentication information provider implementation.</p> + * The SRP mechanism authentication information provider implementation. */ -public class SRPAuthInfoProvider implements IAuthInfoProvider +public class SRPAuthInfoProvider + implements IAuthInfoProvider { - - // Constants and variables - // ------------------------------------------------------------------------- - private PasswordFile passwordFile = null; - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-args constrcutor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // IAuthInfoProvider interface implementation ------------------------------ - public void activate(Map context) throws AuthenticationException { try { if (context == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else { passwordFile = (PasswordFile) context.get(SRPRegistry.PASSWORD_DB); @@ -88,13 +72,9 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider { String pfn = (String) context.get(SRPRegistry.PASSWORD_FILE); if (pfn == null) - { - passwordFile = new PasswordFile(); - } + passwordFile = new PasswordFile(); else - { - passwordFile = new PasswordFile(pfn); - } + passwordFile = new PasswordFile(pfn); } } } @@ -112,10 +92,8 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider public boolean contains(String userName) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("contains()", - new IllegalStateException()); - } + throw new AuthenticationException("contains()", + new IllegalStateException()); boolean result = false; try { @@ -131,20 +109,14 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider public Map lookup(Map userID) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("lookup()", - new IllegalStateException()); - } + throw new AuthenticationException("lookup()", new IllegalStateException()); Map result = new HashMap(); try { String userName = (String) userID.get(Registry.SASL_USERNAME); if (userName == null) - { - throw new NoSuchUserException(""); - } + throw new NoSuchUserException(""); String mdName = (String) userID.get(SRPRegistry.MD_NAME_FIELD); - String[] data = passwordFile.lookup(userName, mdName); result.put(SRPRegistry.USER_VERIFIER_FIELD, data[0]); result.put(SRPRegistry.SALT_FIELD, data[1]); @@ -153,9 +125,7 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } + throw (AuthenticationException) x; throw new AuthenticationException("lookup()", x); } return result; @@ -165,7 +135,6 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider { if (passwordFile == null) throw new AuthenticationException("update()", new IllegalStateException()); - try { String userName = (String) userCredentials.get(Registry.SASL_USERNAME); @@ -173,20 +142,14 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider String salt = (String) userCredentials.get(SRPRegistry.SALT_FIELD); String config = (String) userCredentials.get(SRPRegistry.CONFIG_NDX_FIELD); if (salt == null || config == null) - { - passwordFile.changePasswd(userName, password); - } + passwordFile.changePasswd(userName, password); else - { - passwordFile.add(userName, password, Util.fromBase64(salt), config); - } + passwordFile.add(userName, password, Util.fromBase64(salt), config); } catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } + throw (AuthenticationException) x; throw new AuthenticationException("update()", x); } } @@ -194,10 +157,8 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider public Map getConfiguration(String mode) throws AuthenticationException { if (passwordFile == null) - { - throw new AuthenticationException("getConfiguration()", - new IllegalStateException()); - } + throw new AuthenticationException("getConfiguration()", + new IllegalStateException()); Map result = new HashMap(); try { @@ -208,11 +169,9 @@ public class SRPAuthInfoProvider implements IAuthInfoProvider catch (Exception x) { if (x instanceof AuthenticationException) - { - throw (AuthenticationException) x; - } + throw (AuthenticationException) x; throw new AuthenticationException("getConfiguration()", x); } return result; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/SRPClient.java b/gnu/javax/crypto/sasl/srp/SRPClient.java index 231a49480..f4ef4cc34 100644 --- a/gnu/javax/crypto/sasl/srp/SRPClient.java +++ b/gnu/javax/crypto/sasl/srp/SRPClient.java @@ -81,7 +81,9 @@ import javax.security.sasl.SaslException; /** * The SASL-SRP client-side mechanism. */ -public class SRPClient extends ClientMechanism implements SaslClient +public class SRPClient + extends ClientMechanism + implements SaslClient { private static final Logger log = Logger.getLogger(SRPClient.class.getName()); private String uid; // the unique key for this type of client @@ -107,7 +109,8 @@ public class SRPClient extends ClientMechanism implements SaslClient private int outCounter = 0; private IALG inMac, outMac; // if !null, use for integrity private CALG inCipher, outCipher; // if !null, use for confidentiality - private IKeyAgreementParty clientHandler = KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA); + private IKeyAgreementParty clientHandler = + KeyAgreementFactory.getPartyAInstance(Registry.SRP_SASL_KA); /** Our default source of randomness. */ private PRNG prng = null; @@ -118,8 +121,8 @@ public class SRPClient extends ClientMechanism implements SaslClient protected void initMechanism() throws SaslException { - // we shall keep track of the sid (and the security context of this - // SRP client) based on the initialisation parameters of an SRP session. + // we shall keep track of the sid (and the security context of this SRP + // client) based on the initialisation parameters of an SRP session. // we shall compute a unique key for those parameters and key the sid // (and the security context) accordingly. // 1. compute the mapping key. use MD5 (the fastest) for this purpose @@ -182,7 +185,6 @@ public class SRPClient extends ClientMechanism implements SaslClient sIV = null; inMac = outMac = null; inCipher = outCipher = null; - sid = null; ttl = 0; cn = null; @@ -243,7 +245,6 @@ public class SRPClient extends ClientMechanism implements SaslClient { // integrity bytes are at the end of the stream final int macBytesCount = inMac.length(); final int payloadLength = len - macBytesCount; - // final byte[] received_mac = frameIn.getOS(); final byte[] received_mac = new byte[macBytesCount]; System.arraycopy(incoming, offset + payloadLength, received_mac, 0, macBytesCount); @@ -255,16 +256,16 @@ public class SRPClient extends ClientMechanism implements SaslClient inCounter++; if (Configuration.DEBUG) log.fine("inCounter=" + inCounter); - inMac.update(new byte[] { (byte) (inCounter >>> 24), - (byte) (inCounter >>> 16), - (byte) (inCounter >>> 8), - (byte) inCounter }); + inMac.update(new byte[] { + (byte)(inCounter >>> 24), + (byte)(inCounter >>> 16), + (byte)(inCounter >>> 8), + (byte) inCounter }); } - final byte[] computed_mac = inMac.doFinal(); if (Configuration.DEBUG) log.fine("Computed MAC: " + Util.dumpString(computed_mac)); - if (!Arrays.equals(received_mac, computed_mac)) + if (! Arrays.equals(received_mac, computed_mac)) throw new IntegrityException("engineUnwrap()"); // deal with the payload, which can be either plain or encrypted if (inCipher != null) @@ -318,10 +319,11 @@ public class SRPClient extends ClientMechanism implements SaslClient outCounter++; if (Configuration.DEBUG) log.fine("outCounter=" + outCounter); - outMac.update(new byte[] { (byte)(outCounter >>> 24), - (byte)(outCounter >>> 16), - (byte)(outCounter >>> 8), - (byte) outCounter }); + outMac.update(new byte[] { + (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); @@ -342,10 +344,11 @@ public class SRPClient extends ClientMechanism implements SaslClient outCounter++; if (Configuration.DEBUG) log.fine("outCounter=" + outCounter); - outMac.update(new byte[] { (byte)(outCounter >>> 24), - (byte)(outCounter >>> 16), - (byte)(outCounter >>> 8), - (byte) outCounter }); + outMac.update(new byte[] { + (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); @@ -371,7 +374,6 @@ public class SRPClient extends ClientMechanism implements SaslClient { if (inCipher != null) return Registry.QOP_AUTH_CONF; - return Registry.QOP_AUTH_INT; } return Registry.QOP_AUTH; @@ -383,7 +385,6 @@ public class SRPClient extends ClientMechanism implements SaslClient { if (inCipher != null) return Registry.STRENGTH_HIGH; - return Registry.STRENGTH_MEDIUM; } return Registry.STRENGTH_LOW; @@ -399,8 +400,6 @@ public class SRPClient extends ClientMechanism implements SaslClient return Registry.REUSE_TRUE; } - // other methods ----------------------------------------------------------- - private byte[] sendIdentities() throws SaslException { if (Configuration.DEBUG) @@ -421,7 +420,6 @@ public class SRPClient extends ClientMechanism implements SaslClient } else cn = new byte[0]; - final OutputBuffer frameOut = new OutputBuffer(); try { @@ -465,8 +463,8 @@ public class SRPClient extends ClientMechanism implements SaslClient try { ack = (int) frameIn.getScalar(1); - if (ack == 0x00) - { // new session + if (ack == 0x00) // new session + { N = frameIn.getMPI(); if (Configuration.DEBUG) log.fine("Got N (modulus): " + Util.dump(N)); @@ -483,8 +481,8 @@ public class SRPClient extends ClientMechanism implements SaslClient if (Configuration.DEBUG) log.fine("Got L (available options): \"" + L + "\""); } - else if (ack == 0xFF) - { // session re-use + else if (ack == 0xFF) // session re-use + { sn = frameIn.getOS(); if (Configuration.DEBUG) log.fine("Got sn (server nonce): " + Util.dumpString(sn)); @@ -644,9 +642,8 @@ public class SRPClient extends ClientMechanism implements SaslClient } if (Configuration.DEBUG) log.fine("Expected: " + Util.dumpString(expected)); - if (!Arrays.equals(M2, expected)) + if (! Arrays.equals(M2, expected)) throw new AuthenticationException("M2 mismatch"); - setupSecurityServices(false); if (Configuration.DEBUG) log.exiting(this.getClass().getName(), "receiveEvidence"); @@ -749,13 +746,11 @@ public class SRPClient extends ClientMechanism implements SaslClient if (Configuration.DEBUG) log.fine("mda: <" + option + ">"); for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) - { - if (SRPRegistry.SRP_ALGORITHMS[i].equals(option)) - { - mdName = option; - break; - } - } + if (SRPRegistry.SRP_ALGORITHMS[i].equals(option)) + { + mdName = option; + break; + } } else if (option.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) replaydetectionAvailable = true; @@ -765,14 +760,12 @@ public class SRPClient extends ClientMechanism implements SaslClient if (Configuration.DEBUG) log.fine("ialg: <" + option + ">"); for (i = 0; i < SRPRegistry.INTEGRITY_ALGORITHMS.length; i++) - { - if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) - { - chosenIntegrityAlgorithm = option; - integrityAvailable = true; - break; - } - } + if (SRPRegistry.INTEGRITY_ALGORITHMS[i].equals(option)) + { + chosenIntegrityAlgorithm = option; + integrityAvailable = true; + break; + } } else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) { @@ -780,14 +773,12 @@ public class SRPClient extends ClientMechanism implements SaslClient if (Configuration.DEBUG) log.fine("calg: <" + option + ">"); for (i = 0; i < SRPRegistry.CONFIDENTIALITY_ALGORITHMS.length; i++) - { - if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) - { - chosenConfidentialityAlgorithm = option; - confidentialityAvailable = true; - break; - } - } + if (SRPRegistry.CONFIDENTIALITY_ALGORITHMS[i].equals(option)) + { + chosenConfidentialityAlgorithm = option; + confidentialityAvailable = true; + break; + } } else if (option.startsWith(SRPRegistry.OPTION_MANDATORY + "=")) mandatory = option.substring(option.indexOf('=') + 1); @@ -799,22 +790,27 @@ public class SRPClient extends ClientMechanism implements SaslClient rawSendSize = Integer.parseInt(maxBufferSize); if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT || rawSendSize < 1) - throw new AuthenticationException("Illegal value for 'maxbuffersize' option"); + throw new AuthenticationException( + "Illegal value for 'maxbuffersize' option"); } catch (NumberFormatException x) { - throw new AuthenticationException(SRPRegistry.OPTION_MAX_BUFFER_SIZE - + "=" + maxBufferSize, - x); + throw new AuthenticationException( + SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=" + maxBufferSize, x); } } } - replayDetection = replaydetectionAvailable - && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION)).booleanValue(); - boolean integrity = integrityAvailable - && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION)).booleanValue(); - boolean confidentiality = confidentialityAvailable - && Boolean.valueOf((String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY)).booleanValue(); + String s; + Boolean flag; + s = (String) properties.get(SRPRegistry.SRP_REPLAY_DETECTION); + flag = Boolean.valueOf(s); + replayDetection = replaydetectionAvailable && flag.booleanValue(); + s = (String) properties.get(SRPRegistry.SRP_INTEGRITY_PROTECTION); + flag = Boolean.valueOf(s); + boolean integrity = integrityAvailable && flag.booleanValue(); + s = (String) properties.get(SRPRegistry.SRP_CONFIDENTIALITY); + flag = Boolean.valueOf(s); + boolean confidentiality = confidentialityAvailable && flag.booleanValue(); // make sure we do the right thing if (SRPRegistry.OPTION_REPLAY_DETECTION.equals(mandatory)) { @@ -830,7 +826,8 @@ public class SRPClient extends ClientMechanism implements SaslClient { if (chosenIntegrityAlgorithm == null) throw new AuthenticationException( - "Replay detection is required but no integrity protection algorithm was chosen"); + "Replay detection is required but no integrity protection " + + "algorithm was chosen"); } if (integrity) { @@ -950,7 +947,6 @@ public class SRPClient extends ClientMechanism implements SaslClient { if (prng == null) prng = PRNG.getInstance(); - return prng; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/SRPRegistry.java b/gnu/javax/crypto/sasl/srp/SRPRegistry.java index 9f7bba8e9..d474cb6f8 100644 --- a/gnu/javax/crypto/sasl/srp/SRPRegistry.java +++ b/gnu/javax/crypto/sasl/srp/SRPRegistry.java @@ -41,35 +41,29 @@ package gnu.javax.crypto.sasl.srp; import gnu.java.security.Registry; /** - * <p>A list of key names designating the values exchanged between the server - * and client in an SRP communication authentication phase.</p> + * A list of key names designating the values exchanged between the server + * and client in an SRP communication authentication phase. */ public interface SRPRegistry { - /** Indices of (N, g) parameter values for SRP (.conf) password database. */ String N_2048_BITS = "1"; - String N_1536_BITS = "2"; - String N_1280_BITS = "3"; - String N_1024_BITS = "4"; - String N_768_BITS = "5"; - String N_640_BITS = "6"; - String N_512_BITS = "7"; - /** Available hash algorithms for all SRP calculations. */ - String[] SRP_ALGORITHMS = { Registry.SHA160_HASH, // the default one - Registry.MD5_HASH, Registry.RIPEMD128_HASH, - Registry.RIPEMD160_HASH, - - Registry.SHA256_HASH, Registry.SHA384_HASH, - Registry.SHA512_HASH }; - + String[] SRP_ALGORITHMS = { + Registry.SHA160_HASH, // the default one + Registry.MD5_HASH, + Registry.RIPEMD128_HASH, + Registry.RIPEMD160_HASH, + + Registry.SHA256_HASH, + Registry.SHA384_HASH, + Registry.SHA512_HASH }; /** * The name of the default message digest algorithm to use when no name is * explicitely given. In this implementation it is the <b>first</b> among @@ -77,143 +71,95 @@ public interface SRPRegistry * 160-bit output. */ String SRP_DEFAULT_DIGEST_NAME = SRP_ALGORITHMS[0]; - /** * The property name of the message digest algorithm name to use in a given * SRP incarnation. */ String SRP_DIGEST_NAME = "srp.digest.name"; - /** The public shared modulus: n. */ String SHARED_MODULUS = "srp.N"; - /** The GF generator used: g. */ String FIELD_GENERATOR = "srp.g"; - /** The list of server's available security options. */ String AVAILABLE_OPTIONS = "srp.L"; - /** The client's chosen security options. */ String CHOSEN_OPTIONS = "srp.o"; - /** The client's username. */ String USER_NAME = "srp.U"; - /** The client's authorization ID. */ String USER_ROLE = "srp.I"; - /** The user's salt. */ String USER_SALT = "srp.s"; - /** The user's password verifier. */ String PASSWORD_VERIFIER = "srp.v"; - /** The client's public ephemeral exponent: A. */ String CLIENT_PUBLIC_KEY = "srp.A"; - /** The server's public ephemeral exponent: B. */ String SERVER_PUBLIC_KEY = "srp.B"; - /** The client's evidence: M1. */ String CLIENT_EVIDENCE = "srp.M1"; - /** The server's evidence: M2. */ String SERVER_EVIDENCE = "srp.M2"; - /** Name of underlying hash algorithm for use with all SRP calculations. */ String SRP_HASH = "gnu.crypto.sasl.srp.hash"; - /** Name of SRP mandatory service property. */ String SRP_MANDATORY = "gnu.crypto.sasl.srp.mandatory"; - /** Name of SRP replay detection property. */ String SRP_REPLAY_DETECTION = "gnu.crypto.sasl.srp.replay.detection"; - /** Name of SRP integrity protection property. */ String SRP_INTEGRITY_PROTECTION = "gnu.crypto.sasl.srp.integrity"; - /** Name of SRP confidentiality protection property. */ String SRP_CONFIDENTIALITY = "gnu.crypto.sasl.srp.confidentiality"; - /** Name of the main SRP password file pathname property. */ String PASSWORD_FILE = "gnu.crypto.sasl.srp.password.file"; - /** * Name of the SRP password database property --a reference to * {@link PasswordFile} object. */ String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db"; - /** Default fully qualified pathname of the SRP password file. */ String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; - /** Default value for replay detection security service. */ boolean DEFAULT_REPLAY_DETECTION = true; - /** Default value for integrity protection security service. */ boolean DEFAULT_INTEGRITY = true; // implied by the previous option - /** Default value for confidentiality protection security service. */ boolean DEFAULT_CONFIDENTIALITY = false; - // constants defining HMAC names String HMAC_SHA1 = "hmac-sha1"; - String HMAC_MD5 = "hmac-md5"; - String HMAC_RIPEMD_160 = "hmac-ripemd-160"; - /** Available HMAC algorithms for integrity protection. */ String[] INTEGRITY_ALGORITHMS = { HMAC_SHA1, HMAC_MD5, HMAC_RIPEMD_160 }; - // constants defining Cipher names String AES = "aes"; - String BLOWFISH = "blowfish"; - /** Available Cipher algorithms for confidentiality protection. */ String[] CONFIDENTIALITY_ALGORITHMS = { AES, BLOWFISH }; - /** String for mandatory replay detection. */ String OPTION_MANDATORY = "mandatory"; - /** String for mda: the SRP digest algorithm name. */ String OPTION_SRP_DIGEST = "mda"; - /** String for mandatory replay detection. */ String OPTION_REPLAY_DETECTION = "replay_detection"; - /** String for mandatory integrity protection. */ String OPTION_INTEGRITY = "integrity"; - /** String for mandatory confidentiality protection. */ String OPTION_CONFIDENTIALITY = "confidentiality"; - /** String for mandatory replay detection. */ String OPTION_MAX_BUFFER_SIZE = "maxbuffersize"; - /** String for no mandatory security service. */ String MANDATORY_NONE = "none"; - /** Default mandatory security service required. */ - // String DEFAULT_MANDATORY = MANDATORY_NONE; String DEFAULT_MANDATORY = OPTION_REPLAY_DETECTION; - - // String DEFAULT_MANDATORY = OPTION_INTEGRITY; - // String DEFAULT_MANDATORY = OPTION_CONFIDENTIALITY; - /** Name of the UID field in the plain password file. */ String MD_NAME_FIELD = "srp.md.name"; - /** Name of the GID field in the plain password file. */ String USER_VERIFIER_FIELD = "srp.user.verifier"; - /** Name of the GECOS field in the plain password file. */ String SALT_FIELD = "srp.salt"; - /** Name of the SHELL field in the plain password file. */ String CONFIG_NDX_FIELD = "srp.config.ndx"; - /** Minimum bitlength of the SRP public modulus. */ int MINIMUM_MODULUS_BITLENGTH = 512; -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/SRPServer.java b/gnu/javax/crypto/sasl/srp/SRPServer.java index fa7cdae9c..ff7e4e9d6 100644 --- a/gnu/javax/crypto/sasl/srp/SRPServer.java +++ b/gnu/javax/crypto/sasl/srp/SRPServer.java @@ -73,7 +73,9 @@ import javax.security.sasl.SaslServer; /** * The SASL-SRP server-side mechanism. */ -public class SRPServer extends ServerMechanism implements SaslServer +public class SRPServer + extends ServerMechanism + implements SaslServer { private static final Logger log = Logger.getLogger(SRPServer.class.getName()); private String U = null; // client's username @@ -97,7 +99,8 @@ public class SRPServer extends ServerMechanism implements SaslServer private int outCounter = 0; private IALG inMac, outMac; // if !null, use for integrity private CALG inCipher, outCipher; // if !null, use for confidentiality - private IKeyAgreementParty serverHandler = KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA); + private IKeyAgreementParty serverHandler = + KeyAgreementFactory.getPartyBInstance(Registry.SRP_SASL_KA); /** Our default source of randomness. */ private PRNG prng = null; @@ -124,7 +127,6 @@ public class SRPServer extends ServerMechanism implements SaslServer K = null; inMac = outMac = null; inCipher = outCipher = null; - sid = null; } @@ -135,7 +137,6 @@ public class SRPServer extends ServerMechanism implements SaslServer case 0: if (response == null) return null; - state++; return sendProtocolElements(response); case 1: @@ -180,17 +181,17 @@ public class SRPServer extends ServerMechanism implements SaslServer inCounter++; if (Configuration.DEBUG) log.fine("inCounter=" + String.valueOf(inCounter)); - inMac.update(new byte[] { (byte)(inCounter >>> 24), - (byte)(inCounter >>> 16), - (byte)(inCounter >>> 8), - (byte) inCounter }); + inMac.update(new byte[] { + (byte)(inCounter >>> 24), + (byte)(inCounter >>> 16), + (byte)(inCounter >>> 8), + (byte) inCounter }); } final byte[] computed_mac = inMac.doFinal(); if (Configuration.DEBUG) log.fine("Computed MAC: " + Util.dumpString(computed_mac)); - if (!Arrays.equals(received_mac, computed_mac)) + if (! Arrays.equals(received_mac, computed_mac)) throw new IntegrityException("engineUnwrap()"); - // deal with the payload, which can be either plain or encrypted if (inCipher != null) result = inCipher.doFinal(incoming, offset, payloadLength); @@ -252,10 +253,11 @@ public class SRPServer extends ServerMechanism implements SaslServer outCounter++; if (Configuration.DEBUG) log.fine("outCounter=" + outCounter); - outMac.update(new byte[] { (byte)(outCounter >>> 24), - (byte)(outCounter >>> 16), - (byte)(outCounter >>> 8), - (byte) outCounter }); + outMac.update(new byte[] { + (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); @@ -276,10 +278,11 @@ public class SRPServer extends ServerMechanism implements SaslServer outCounter++; if (Configuration.DEBUG) log.fine("outCounter=" + outCounter); - outMac.update(new byte[] { (byte)(outCounter >>> 24), - (byte)(outCounter >>> 16), - (byte)(outCounter >>> 8), - (byte) outCounter }); + outMac.update(new byte[] { + (byte)(outCounter >>> 24), + (byte)(outCounter >>> 16), + (byte)(outCounter >>> 8), + (byte) outCounter }); } final byte[] C = outMac.doFinal(); out.write(C); @@ -305,7 +308,6 @@ public class SRPServer extends ServerMechanism implements SaslServer { if (inCipher != null) return Registry.QOP_AUTH_CONF; - return Registry.QOP_AUTH_INT; } return Registry.QOP_AUTH; @@ -317,7 +319,6 @@ public class SRPServer extends ServerMechanism implements SaslServer { if (inCipher != null) return Registry.STRENGTH_HIGH; - return Registry.STRENGTH_MEDIUM; } return Registry.STRENGTH_LOW; @@ -383,7 +384,6 @@ public class SRPServer extends ServerMechanism implements SaslServer outCipher = ctx.getOutCipher(); if (sn == null || sn.length != 16) sn = new byte[16]; - getDefaultPRNG().nextBytes(sn); setupSecurityServices(false); final OutputBuffer frameOut = new OutputBuffer(); @@ -543,9 +543,8 @@ public class SRPServer extends ServerMechanism implements SaslServer throw new AuthenticationException("sendEvidence()", x); } // Verify client evidence - if (!Arrays.equals(M1, expected)) + if (! Arrays.equals(M1, expected)) throw new AuthenticationException("M1 mismatch"); - setupSecurityServices(true); final byte[] M2; try @@ -673,8 +672,8 @@ public class SRPServer extends ServerMechanism implements SaslServer else if (option.startsWith(SRPRegistry.OPTION_INTEGRITY + "=")) { if (integrity) - throw new AuthenticationException("Only one integrity algorithm may be chosen"); - + throw new AuthenticationException( + "Only one integrity algorithm may be chosen"); option = option.substring(option.indexOf('=') + 1); if (Configuration.DEBUG) log.fine("algorithm: <" + option + ">"); @@ -694,8 +693,8 @@ public class SRPServer extends ServerMechanism implements SaslServer else if (option.startsWith(SRPRegistry.OPTION_CONFIDENTIALITY + "=")) { if (confidentiality) - throw new AuthenticationException("Only one confidentiality algorithm may be chosen"); - + throw new AuthenticationException( + "Only one confidentiality algorithm may be chosen"); option = option.substring(option.indexOf('=') + 1); if (Configuration.DEBUG) log.fine("algorithm: <" + option + ">"); @@ -720,13 +719,13 @@ public class SRPServer extends ServerMechanism implements SaslServer rawSendSize = Integer.parseInt(maxBufferSize); if (rawSendSize > Registry.SASL_BUFFER_MAX_LIMIT || rawSendSize < 1) - throw new AuthenticationException("Illegal value for 'maxbuffersize' option"); + throw new AuthenticationException( + "Illegal value for 'maxbuffersize' option"); } catch (NumberFormatException x) { - throw new AuthenticationException(SRPRegistry.OPTION_MAX_BUFFER_SIZE - + "=" + maxBufferSize, - x); + throw new AuthenticationException( + SRPRegistry.OPTION_MAX_BUFFER_SIZE + "=" + maxBufferSize, x); } } } @@ -734,23 +733,26 @@ public class SRPServer extends ServerMechanism implements SaslServer if (replayDetection) { if (! integrity) - throw new AuthenticationException("Missing integrity protection algorithm " - + "but replay detection is chosen"); + throw new AuthenticationException( + "Missing integrity protection algorithm but replay detection is chosen"); } if (mandatory.equals(SRPRegistry.OPTION_REPLAY_DETECTION)) { if (! replayDetection) - throw new AuthenticationException("Replay detection is mandatory but was not chosen"); + throw new AuthenticationException( + "Replay detection is mandatory but was not chosen"); } if (mandatory.equals(SRPRegistry.OPTION_INTEGRITY)) { if (! integrity) - throw new AuthenticationException("Integrity protection is mandatory but was not chosen"); + throw new AuthenticationException( + "Integrity protection is mandatory but was not chosen"); } if (mandatory.equals(SRPRegistry.OPTION_CONFIDENTIALITY)) { if (! confidentiality) - throw new AuthenticationException("Confidentiality is mandatory but was not chosen"); + throw new AuthenticationException( + "Confidentiality is mandatory but was not chosen"); } int blockSize = 0; if (chosenConfidentialityAlgorithm != null) @@ -833,7 +835,6 @@ public class SRPServer extends ServerMechanism implements SaslServer { if (prng == null) prng = PRNG.getInstance(); - return prng; } } diff --git a/gnu/javax/crypto/sasl/srp/SecurityContext.java b/gnu/javax/crypto/sasl/srp/SecurityContext.java index feca25cad..1111d95b4 100644 --- a/gnu/javax/crypto/sasl/srp/SecurityContext.java +++ b/gnu/javax/crypto/sasl/srp/SecurityContext.java @@ -39,41 +39,23 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.srp; /** - * <p>A package-private placeholder for an SRP security context.</p> + * A package-private placeholder for an SRP security context. */ class SecurityContext { - - // Constants and variables - // ------------------------------------------------------------------------- - private String mdName; - private byte[] sid; - private byte[] K; - private byte[] cIV; - private byte[] sIV; - private boolean replayDetection; - private int inCounter; - private int outCounter; - private IALG inMac; - private IALG outMac; - private CALG inCipher; - private CALG outCipher; - // Constructor(s) - // ------------------------------------------------------------------------- - SecurityContext(final String mdName, final byte[] sid, final byte[] K, final byte[] cIV, final byte[] sIV, final boolean replayDetection, final int inCounter, @@ -96,12 +78,6 @@ class SecurityContext this.outCipher = outCipher; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - String getMdName() { return mdName; @@ -161,4 +137,4 @@ class SecurityContext { return outCipher; } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/ServerStore.java b/gnu/javax/crypto/sasl/srp/ServerStore.java index 99bf96a94..e9b1a7282 100644 --- a/gnu/javax/crypto/sasl/srp/ServerStore.java +++ b/gnu/javax/crypto/sasl/srp/ServerStore.java @@ -41,32 +41,21 @@ package gnu.javax.crypto.sasl.srp; import java.util.HashMap; /** - * <p>The server-side implementation of the SRP security context store.</p> + * The server-side implementation of the SRP security context store. */ public class ServerStore { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The underlying singleton. */ private static ServerStore singleton = null; - /** The map of sid --> Security Context record. */ private static final HashMap sid2ssc = new HashMap(); - /** The map of sid --> Session timing record. */ private static final HashMap sid2ttl = new HashMap(); - /** A synchronisation lock. */ private static final Object lock = new Object(); - /** A counter to generate legible SIDs. */ private static int counter = 0; - // Constructor(s) - // ------------------------------------------------------------------------- - /** Private constructor to enforce Singleton pattern. */ private ServerStore() { @@ -75,48 +64,38 @@ public class ServerStore // TODO: add a cleaning timer thread } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns the classloader Singleton.</p> - * + * Returns the classloader Singleton. + * * @return the classloader Singleton instance. */ static synchronized final ServerStore instance() { if (singleton == null) - { - singleton = new ServerStore(); - } + singleton = new ServerStore(); return singleton; } /** - * <p>Returns a legible new session identifier.</p> - * + * Returns a legible new session identifier. + * * @return a new session identifier. */ static synchronized final byte[] getNewSessionID() { final String sid = String.valueOf(++counter); - return new StringBuffer("SID-").append( - "0000000000".substring( - 0, - 10 - sid.length())).append( - sid).toString().getBytes(); + return new StringBuffer("SID-") + .append("0000000000".substring(0, 10 - sid.length())).append(sid) + .toString().getBytes(); } - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Returns a boolean flag indicating if the designated session is still - * alive or not.</p> - * + * Returns a boolean flag indicating if the designated session is still alive + * or not. + * * @param sid the identifier of the session to check. * @return <code>true</code> if the designated session is still alive. - * <code>false</code> otherwise. + * <code>false</code> otherwise. */ boolean isAlive(final byte[] sid) { @@ -130,8 +109,8 @@ public class ServerStore if (ctx != null) { result = ctx.isAlive(); - if (!result) - { // invalidate it en-passant + if (! result) // invalidate it en-passant + { sid2ssc.remove(key); sid2ttl.remove(key); } @@ -142,9 +121,9 @@ public class ServerStore } /** - * <p>Records a mapping between a session identifier and the Security Context - * of the designated SRP server mechanism instance.</p> - * + * Records a mapping between a session identifier and the Security Context of + * the designated SRP server mechanism instance. + * * @param ttl the session's Time-To-Live indicator (in seconds). * @param ctx the server's security context. */ @@ -159,11 +138,11 @@ public class ServerStore } /** - * <p>Updates the mapping between the designated session identifier and the - * designated server's SASL Security Context. In the process, computes - * and return the underlying mechanism server's evidence that shall be - * returned to the client in a session re-use exchange.</p> - * + * Updates the mapping between the designated session identifier and the + * designated server's SASL Security Context. In the process, computes and + * return the underlying mechanism server's evidence that shall be returned to + * the client in a session re-use exchange. + * * @param sid the identifier of the session to restore. * @return an SRP server's security context. */ @@ -180,8 +159,8 @@ public class ServerStore } /** - * <p>Removes all information related to the designated session ID.</p> - * + * Removes all information related to the designated session ID. + * * @param sid the identifier of the seesion to invalidate. */ void invalidateSession(final byte[] sid) @@ -193,4 +172,4 @@ public class ServerStore sid2ttl.remove(key); } } -}
\ No newline at end of file +} diff --git a/gnu/javax/crypto/sasl/srp/StoreEntry.java b/gnu/javax/crypto/sasl/srp/StoreEntry.java index c5041fa4b..130678ebd 100644 --- a/gnu/javax/crypto/sasl/srp/StoreEntry.java +++ b/gnu/javax/crypto/sasl/srp/StoreEntry.java @@ -39,21 +39,13 @@ exception statement from your version. */ package gnu.javax.crypto.sasl.srp; /** - * <p>A simple timing-related object for use by SRP re-use code.</p> + * A simple timing-related object for use by SRP re-use code. */ class StoreEntry { - - // Constants and variables - // ------------------------------------------------------------------------- - private boolean perenial; - private long timeToDie; - // Constructor(s) - // ------------------------------------------------------------------------- - StoreEntry(int ttl) { super(); @@ -70,20 +62,14 @@ class StoreEntry } } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - /** - * <p>Returns <code>true</code> if the Time-To_live period has not elapsed.</p> - * + * Returns <code>true</code> if the Time-To_live period has not elapsed. + * * @return <code>true</code> if the Time-To-Live period (in seconds) has not - * elapsed yet; <code>false</code> otherwise. + * elapsed yet; <code>false</code> otherwise. */ boolean isAlive() { return (perenial ? true : (System.currentTimeMillis() < timeToDie)); } -}
\ No newline at end of file +} |