001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.security.test;
023:
024: import java.math.BigInteger;
025: import java.security.SecureRandom;
026: import javax.crypto.Cipher;
027: import javax.crypto.KeyGenerator;
028: import javax.crypto.SealedObject;
029: import javax.crypto.SecretKey;
030: import javax.crypto.spec.SecretKeySpec;
031:
032: import org.apache.log4j.Category;
033: import org.apache.log4j.WriterAppender;
034: import org.apache.log4j.NDC;
035: import org.apache.log4j.PatternLayout;
036:
037: import org.jboss.logging.XLevel;
038: import org.jboss.security.Util;
039: import org.jboss.security.srp.SRPParameters;
040: import org.jboss.security.srp.SRPClientSession;
041:
042: /** Tests of using the Java Cryptography Extension framework with SRP.
043:
044: @author Scott.Stark@jboss.org
045: @version $Revision: 57210 $
046: */
047: public class TestJCEIntegration {
048: SimpleSRPServer server;
049: SRPClientSession client;
050:
051: TestJCEIntegration() throws Exception {
052: // Set up a simple configuration that logs on the console.
053: Category root = Category.getRoot();
054: root.setLevel(XLevel.TRACE);
055: root.addAppender(new WriterAppender(
056: new PatternLayout("%x%m%n"), System.out));
057: Util.init();
058: NDC.push("S,");
059: server = new SimpleSRPServer("secret".toCharArray(), "123456");
060: NDC.pop();
061: NDC.remove();
062: }
063:
064: void login(String username, char[] password) throws Exception {
065: SRPParameters params = server.getSRPParameters(username);
066: NDC.push("C,");
067: client = new SRPClientSession(username, password, params);
068: byte[] A = client.exponential();
069: NDC.pop();
070: NDC.push("S,");
071: byte[] B = server.init(username, A);
072: NDC.pop();
073: NDC.push("C,");
074: byte[] M1 = client.response(B);
075: NDC.pop();
076: NDC.push("S,");
077: byte[] M2 = server.verify(username, M1);
078: NDC.pop();
079: NDC.push("C,");
080: if (client.verify(M2) == false)
081: throw new SecurityException(
082: "Failed to validate server reply");
083: NDC.pop();
084: NDC.remove();
085: }
086:
087: /** Performs an SRP exchange and then use the resulting session key to
088: encrypt/decrypt a msg. Also test that a random key cannot be used to
089: decrypt the msg.
090: */
091: void testSecureExchange() throws Exception {
092: login("jduke", "secret".toCharArray());
093: System.out.println("Logged into server");
094: byte[] kbytes = client.getSessionKey();
095: System.out.println("Session key size = " + kbytes.length);
096: SecretKeySpec clientKey = new SecretKeySpec(kbytes, "Blowfish");
097: System.out.println("clientKey");
098:
099: Cipher cipher = Cipher.getInstance("Blowfish");
100: cipher.init(Cipher.ENCRYPT_MODE, clientKey);
101: SealedObject msg = new SealedObject("This is a secret", cipher);
102:
103: // Now use the server key to decrypt the msg
104: byte[] skbytes = server.session.getSessionKey();
105: SecretKeySpec serverKey = new SecretKeySpec(skbytes, "Blowfish");
106: Cipher scipher = Cipher.getInstance("Blowfish");
107: scipher.init(Cipher.DECRYPT_MODE, serverKey);
108: String theMsg = (String) msg.getObject(scipher);
109: System.out.println("Decrypted: " + theMsg);
110:
111: // Try a key that should fail
112: KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
113: kgen.init(320);
114: SecretKey key = kgen.generateKey();
115: cipher.init(Cipher.DECRYPT_MODE, key);
116: try {
117: String tmp = (String) msg.getObject(cipher);
118: throw new IllegalArgumentException(
119: "Should have failed to decrypt the msg");
120: } catch (Exception e) {
121: System.out.println("Arbitrary key failed as expected");
122: }
123: }
124:
125: static void testKey() throws Exception {
126: int size = 8 * 24;
127: KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
128: kgen.init(size);
129: SecretKey key = kgen.generateKey();
130: byte[] kbytes = key.getEncoded();
131: System.out.println("key.Algorithm = " + key.getAlgorithm());
132: System.out.println("key.Format = " + key.getFormat());
133: System.out.println("key.Encoded Size = " + kbytes.length);
134:
135: SecureRandom rnd = SecureRandom.getInstance("SHA1PRNG");
136: BigInteger bi = new BigInteger(320, rnd);
137: byte[] k2bytes = bi.toByteArray();
138: SecretKeySpec keySpec = new SecretKeySpec(k2bytes, "Blowfish");
139: System.out.println("key2.Algorithm = " + key.getAlgorithm());
140: System.out.println("key2.Format = " + key.getFormat());
141: System.out.println("key2.Encoded Size = " + kbytes.length);
142: }
143:
144: public static void main(String[] args) {
145: try {
146: System.setOut(System.err);
147: TestJCEIntegration tst = new TestJCEIntegration();
148: tst.testSecureExchange();
149: //tst.testKey();
150: } catch (Throwable t) {
151: t.printStackTrace();
152: }
153: }
154: }
|