diff options
author | Sergio Giro <sgiro@google.com> | 2016-02-01 18:52:42 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2016-02-01 18:52:42 +0000 |
commit | 9218edabd1ef9852bc2f13115dcadc81b442dd6c (patch) | |
tree | 8229ff72c8cbb06f49dce3a8382930919fa6fc2b /bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java | |
parent | 9b30eb05e5be69d51881a0d1b31e503e97acd784 (diff) | |
parent | 397d32894b89b506dc318e0f83446187c9b76ebe (diff) | |
download | android_external_bouncycastle-9218edabd1ef9852bc2f13115dcadc81b442dd6c.tar.gz android_external_bouncycastle-9218edabd1ef9852bc2f13115dcadc81b442dd6c.tar.bz2 android_external_bouncycastle-9218edabd1ef9852bc2f13115dcadc81b442dd6c.zip |
Merge "Merge remote-tracking branch 'aosp/upstream-master' into merge-152-from-upstream"
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java new file mode 100644 index 0000000..c48b4ad --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java @@ -0,0 +1,69 @@ +package org.bouncycastle.crypto.tls; + +import java.math.BigInteger; + +import org.bouncycastle.crypto.Mac; +import org.bouncycastle.crypto.agreement.srp.SRP6VerifierGenerator; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.params.KeyParameter; +import org.bouncycastle.crypto.params.SRP6GroupParameters; +import org.bouncycastle.util.Strings; + +/** + * An implementation of {@link TlsSRPIdentityManager} that simulates the existence of "unknown" identities + * to obscure the fact that there is no verifier for them. + */ +public class SimulatedTlsSRPIdentityManager + implements TlsSRPIdentityManager +{ + private static final byte[] PREFIX_PASSWORD = Strings.toByteArray("password"); + private static final byte[] PREFIX_SALT = Strings.toByteArray("salt"); + + /** + * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3 + * + * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in + * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3 + * @return an instance of {@link SimulatedTlsSRPIdentityManager} + */ + public static SimulatedTlsSRPIdentityManager getRFC5054Default(SRP6GroupParameters group, byte[] seedKey) + { + SRP6VerifierGenerator verifierGenerator = new SRP6VerifierGenerator(); + verifierGenerator.init(group, TlsUtils.createHash(HashAlgorithm.sha1)); + + HMac mac = new HMac(TlsUtils.createHash(HashAlgorithm.sha1)); + mac.init(new KeyParameter(seedKey)); + + return new SimulatedTlsSRPIdentityManager(group, verifierGenerator, mac); + } + + protected SRP6GroupParameters group; + protected SRP6VerifierGenerator verifierGenerator; + protected Mac mac; + + public SimulatedTlsSRPIdentityManager(SRP6GroupParameters group, SRP6VerifierGenerator verifierGenerator, Mac mac) + { + this.group = group; + this.verifierGenerator = verifierGenerator; + this.mac = mac; + } + + public TlsSRPLoginParameters getLoginParameters(byte[] identity) + { + mac.update(PREFIX_SALT, 0, PREFIX_SALT.length); + mac.update(identity, 0, identity.length); + + byte[] salt = new byte[mac.getMacSize()]; + mac.doFinal(salt, 0); + + mac.update(PREFIX_PASSWORD, 0, PREFIX_PASSWORD.length); + mac.update(identity, 0, identity.length); + + byte[] password = new byte[mac.getMacSize()]; + mac.doFinal(password, 0); + + BigInteger verifier = verifierGenerator.generateVerifier(salt, identity, password); + + return new TlsSRPLoginParameters(group, verifier, salt); + } +} |