org.jboss.security.srp
Class SRPRemoteServer

java.lang.Object
  extended byjava.rmi.server.RemoteObject
      extended byjava.rmi.server.RemoteServer
          extended byjava.rmi.server.UnicastRemoteObject
              extended byorg.jboss.security.srp.SRPRemoteServer
All Implemented Interfaces:
java.rmi.Remote, java.io.Serializable, SRPRemoteServerInterface (src) , SRPServerInterface (src)

public class SRPRemoteServer
extends java.rmi.server.UnicastRemoteObject
implements SRPRemoteServerInterface (src)

An implementation of the RMI SRPRemoteServerInterface interface.

See Also:
Serialized Form

Field Summary
 
Fields inherited from class java.rmi.server.RemoteObject
ref
 
Constructor Summary
SRPRemoteServer(SRPVerifierStore (src)  verifierStore)
           
SRPRemoteServer(SRPVerifierStore (src)  verifierStore, int port)
           
SRPRemoteServer(SRPVerifierStore (src)  verifierStore, int port, java.rmi.server.RMIClientSocketFactory csf, java.rmi.server.RMIServerSocketFactory ssf)
           
 
Method Summary
 void addSRPServerListener(SRPServerListener (src)  listener)
           
 void close(java.lang.String username)
          Close the SRP session for the given username.
 void close(java.lang.String username, int sessionID)
           
 boolean getRequireAuxChallenge()
           
 SRPParameters (src) getSRPParameters(java.lang.String username)
          The start of a new client session.
 java.lang.Object[] getSRPParameters(java.lang.String username, boolean multipleSessions)
          Get the SRP parameters to use for this session and create an arbitrary session id to allow for multiple SRP sessions for this user.
 byte[] init(java.lang.String username, byte[] A)
          Initiate the SRP algorithm.
 byte[] init(java.lang.String username, byte[] A, int sessionID)
          Initiate the SRP algorithm.
 void removeSRPServerListener(SRPServerListener (src)  listener)
           
 void setRequireAuxChallenge(boolean flag)
           
 void setVerifierStore(SRPVerifierStore (src)  verifierStore)
           
 byte[] verify(java.lang.String username, byte[] M1)
          Verify the session key hash.
 byte[] verify(java.lang.String username, byte[] M1, int sessionID)
           
 byte[] verify(java.lang.String username, byte[] M1, java.lang.Object auxChallenge)
          Verify the session key hash.
 byte[] verify(java.lang.String username, byte[] M1, java.lang.Object auxChallenge, int sessionID)
           
 
Methods inherited from class java.rmi.server.UnicastRemoteObject
clone, exportObject, exportObject, exportObject, unexportObject
 
Methods inherited from class java.rmi.server.RemoteServer
getClientHost, getLog, setLog
 
Methods inherited from class java.rmi.server.RemoteObject
equals, getRef, hashCode, toString, toStub
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

SRPRemoteServer

public SRPRemoteServer(SRPVerifierStore (src)  verifierStore)
                throws java.rmi.RemoteException

SRPRemoteServer

public SRPRemoteServer(SRPVerifierStore (src)  verifierStore,
                       int port)
                throws java.rmi.RemoteException

SRPRemoteServer

public SRPRemoteServer(SRPVerifierStore (src)  verifierStore,
                       int port,
                       java.rmi.server.RMIClientSocketFactory csf,
                       java.rmi.server.RMIServerSocketFactory ssf)
                throws java.rmi.RemoteException
Method Detail

setVerifierStore

public void setVerifierStore(SRPVerifierStore (src)  verifierStore)

addSRPServerListener

public void addSRPServerListener(SRPServerListener (src)  listener)

removeSRPServerListener

public void removeSRPServerListener(SRPServerListener (src)  listener)

getRequireAuxChallenge

public boolean getRequireAuxChallenge()

setRequireAuxChallenge

public void setRequireAuxChallenge(boolean flag)

getSRPParameters

public SRPParameters (src)  getSRPParameters(java.lang.String username)
                               throws java.security.KeyException,
                                      java.rmi.RemoteException
The start of a new client session.

Specified by:
getSRPParameters in interface SRPServerInterface (src)
Returns:
the users SRPParameters object
Throws:
java.security.KeyException
java.rmi.RemoteException

getSRPParameters

public java.lang.Object[] getSRPParameters(java.lang.String username,
                                           boolean multipleSessions)
                                    throws java.security.KeyException,
                                           java.rmi.RemoteException
Description copied from interface: SRPServerInterface (src)
Get the SRP parameters to use for this session and create an arbitrary session id to allow for multiple SRP sessions for this user.

Specified by:
getSRPParameters in interface SRPServerInterface (src)
Returns:
an array of {SRPParameters, Integer} where element[0] is the SRPParameters object and element[1] is the session id as an Integer.
Throws:
java.security.KeyException
java.rmi.RemoteException

init

public byte[] init(java.lang.String username,
                   byte[] A)
            throws java.lang.SecurityException,
                   java.security.NoSuchAlgorithmException,
                   java.rmi.RemoteException
Description copied from interface: SRPServerInterface (src)
Initiate the SRP algorithm. The client sends their username and the public key A to begin the SRP handshake.

Specified by:
init in interface SRPServerInterface (src)
Returns:
byte[], ephemeral server public key B = (v + g ^ b) % N
Throws:
java.lang.SecurityException
java.security.NoSuchAlgorithmException
java.rmi.RemoteException

init

public byte[] init(java.lang.String username,
                   byte[] A,
                   int sessionID)
            throws java.lang.SecurityException,
                   java.security.NoSuchAlgorithmException,
                   java.rmi.RemoteException
Description copied from interface: SRPServerInterface (src)
Initiate the SRP algorithm. The client sends their username and the public key A to begin the SRP handshake.

Specified by:
init in interface SRPServerInterface (src)
Returns:
byte[], ephemeral server public key B = (v + g ^ b) % N
Throws:
java.lang.SecurityException
java.security.NoSuchAlgorithmException
java.rmi.RemoteException

verify

public byte[] verify(java.lang.String username,
                     byte[] M1)
              throws java.lang.SecurityException,
                     java.rmi.RemoteException
Description copied from interface: SRPServerInterface (src)
Verify the session key hash. The client sends their username and M1 hash to validate completion of the SRP handshake.

Specified by:
verify in interface SRPServerInterface (src)
Returns:
M2, the server hash of the client challenge; M2 = H(A | M1 | K)
Throws:
java.lang.SecurityException
java.rmi.RemoteException

verify

public byte[] verify(java.lang.String username,
                     byte[] M1,
                     int sessionID)
              throws java.lang.SecurityException,
                     java.rmi.RemoteException
Specified by:
verify in interface SRPServerInterface (src)
Throws:
java.lang.SecurityException
java.rmi.RemoteException

verify

public byte[] verify(java.lang.String username,
                     byte[] M1,
                     java.lang.Object auxChallenge)
              throws java.lang.SecurityException,
                     java.rmi.RemoteException
Verify the session key hash. The client sends their username and M1 hash to validate completion of the SRP handshake.

Specified by:
verify in interface SRPServerInterface (src)
Parameters:
username - - the user ID by which the client is known. This is repeated to simplify the server session management.
M1 - - the client hash of the session key; M1 = H(H(N) xor H(g) | H(U) | A | B | K)
auxChallenge - - an arbitrary addition data item that my be used as an additional challenge. One example usage would be to send a hardware generated token that was encrypted with the session private key for validation by the server.
Returns:
M2, the server hash of the client challenge; M2 = H(A | M1 | K)
Throws:
java.lang.SecurityException - thrown if M1 cannot be verified by the server
java.rmi.RemoteException - thrown by remote implementations

verify

public byte[] verify(java.lang.String username,
                     byte[] M1,
                     java.lang.Object auxChallenge,
                     int sessionID)
              throws java.lang.SecurityException,
                     java.rmi.RemoteException
Specified by:
verify in interface SRPServerInterface (src)
Throws:
java.lang.SecurityException
java.rmi.RemoteException

close

public void close(java.lang.String username)
           throws java.lang.SecurityException,
                  java.rmi.RemoteException
Close the SRP session for the given username.

Specified by:
close in interface SRPServerInterface (src)
Throws:
java.lang.SecurityException
java.rmi.RemoteException

close

public void close(java.lang.String username,
                  int sessionID)
           throws java.lang.SecurityException,
                  java.rmi.RemoteException
Specified by:
close in interface SRPServerInterface (src)
Throws:
java.lang.SecurityException
java.rmi.RemoteException