PageRenderTime 34ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 0ms

/projects/jboss-5.1.0/varia/src/test/org/jboss/test/TestJCEIntegration.java

https://gitlab.com/essere.lab.public/qualitas.class-corpus
Java | 171 lines | 125 code | 12 blank | 34 comment | 2 complexity | 6d679feb3de934338926ddc8513ec93d MD5 | raw file
  1. /*
  2. * JBoss, Home of Professional Open Source.
  3. * Copyright 2008, Red Hat Middleware LLC, and individual contributors
  4. * as indicated by the @author tags. See the copyright.txt file in the
  5. * distribution for a full listing of individual contributors.
  6. *
  7. * This is free software; you can redistribute it and/or modify it
  8. * under the terms of the GNU Lesser General Public License as
  9. * published by the Free Software Foundation; either version 2.1 of
  10. * the License, or (at your option) any later version.
  11. *
  12. * This software is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  15. * Lesser General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Lesser General Public
  18. * License along with this software; if not, write to the Free
  19. * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  20. * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  21. */
  22. package org.jboss.test;
  23. import java.io.Serializable;
  24. import java.math.BigInteger;
  25. import java.rmi.RemoteException;
  26. import java.security.AlgorithmParameters;
  27. import java.security.Key;
  28. import java.security.KeyException;
  29. import java.security.MessageDigest;
  30. import java.security.SecureRandom;
  31. import javax.crypto.Cipher;
  32. import javax.crypto.KeyGenerator;
  33. import javax.crypto.SealedObject;
  34. import javax.crypto.SecretKey;
  35. import javax.crypto.spec.SecretKeySpec;
  36. import org.jboss.logging.Logger;
  37. import org.apache.log4j.WriterAppender;
  38. import org.apache.log4j.NDC;
  39. import org.apache.log4j.PatternLayout;
  40. import org.jboss.logging.XLevel;
  41. import org.jboss.security.Util;
  42. import org.jboss.security.srp.SRPConf;
  43. import org.jboss.security.srp.SRPParameters;
  44. import org.jboss.security.srp.SRPServerInterface;
  45. import org.jboss.security.srp.SRPClientSession;
  46. import org.jboss.security.srp.SRPServerSession;
  47. /** Tests of using the Java Cryptography Extension framework with SRP.
  48. @author Scott.Stark@jboss.org
  49. @version $Revision: 81038 $
  50. */
  51. public class TestJCEIntegration
  52. {
  53. SimpleSRPServer server;
  54. SRPClientSession client;
  55. TestJCEIntegration() throws Exception
  56. {
  57. // Set up a simple configuration that logs on the console.
  58. Logger root = Logger.getRoot();
  59. root.setLevel(XLevel.TRACE);
  60. root.addAppender(new WriterAppender(new PatternLayout("%x%m%n"), System.out));
  61. Util.init();
  62. NDC.push("S,");
  63. server = new SimpleSRPServer("secret".toCharArray(), "123456");
  64. NDC.pop();
  65. NDC.remove();
  66. }
  67. void login(String username, char[] password) throws Exception
  68. {
  69. SRPParameters params = server.getSRPParameters(username);
  70. NDC.push("C,");
  71. client = new SRPClientSession(username, password, params);
  72. byte[] A = client.exponential();
  73. NDC.pop();
  74. NDC.push("S,");
  75. byte[] B = server.init(username, A);
  76. NDC.pop();
  77. NDC.push("C,");
  78. byte[] M1 = client.response(B);
  79. NDC.pop();
  80. NDC.push("S,");
  81. byte[] M2 = server.verify(username, M1);
  82. NDC.pop();
  83. NDC.push("C,");
  84. if( client.verify(M2) == false )
  85. throw new SecurityException("Failed to validate server reply");
  86. NDC.pop();
  87. NDC.remove();
  88. }
  89. /** Performs an SRP exchange and then use the resulting session key to
  90. encrypt/decrypt a msg. Also test that a random key cannot be used to
  91. decrypt the msg.
  92. */
  93. void testSecureExchange() throws Exception
  94. {
  95. login("jduke", "secret".toCharArray());
  96. System.out.println("Logged into server");
  97. byte[] kbytes = client.getSessionKey();
  98. System.out.println("Session key size = "+kbytes.length);
  99. SecretKeySpec clientKey = new SecretKeySpec(kbytes, "Blowfish");
  100. System.out.println("clientKey");
  101. Cipher cipher = Cipher.getInstance("Blowfish");
  102. cipher.init(Cipher.ENCRYPT_MODE, clientKey);
  103. SealedObject msg = new SealedObject("This is a secret", cipher);
  104. // Now use the server key to decrypt the msg
  105. byte[] skbytes = server.session.getSessionKey();
  106. SecretKeySpec serverKey = new SecretKeySpec(skbytes, "Blowfish");
  107. Cipher scipher = Cipher.getInstance("Blowfish");
  108. scipher.init(Cipher.DECRYPT_MODE, serverKey);
  109. String theMsg = (String) msg.getObject(scipher);
  110. System.out.println("Decrypted: "+theMsg);
  111. // Try a key that should fail
  112. KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
  113. kgen.init(320);
  114. SecretKey key = kgen.generateKey();
  115. cipher.init(Cipher.DECRYPT_MODE, key);
  116. try
  117. {
  118. String tmp = (String) msg.getObject(cipher);
  119. throw new IllegalArgumentException("Should have failed to decrypt the msg");
  120. }
  121. catch(Exception e)
  122. {
  123. System.out.println("Arbitrary key failed as expected");
  124. }
  125. }
  126. static void testKey() throws Exception
  127. {
  128. int size = 8 * 24;
  129. KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
  130. kgen.init(size);
  131. SecretKey key = kgen.generateKey();
  132. byte[] kbytes = key.getEncoded();
  133. System.out.println("key.Algorithm = "+key.getAlgorithm());
  134. System.out.println("key.Format = "+key.getFormat());
  135. System.out.println("key.Encoded Size = "+kbytes.length);
  136. SecureRandom rnd = SecureRandom.getInstance("SHA1PRNG");
  137. BigInteger bi = new BigInteger(320, rnd);
  138. byte[] k2bytes = bi.toByteArray();
  139. SecretKeySpec keySpec = new SecretKeySpec(k2bytes, "Blowfish");
  140. System.out.println("key2.Algorithm = "+key.getAlgorithm());
  141. System.out.println("key2.Format = "+key.getFormat());
  142. System.out.println("key2.Encoded Size = "+kbytes.length);
  143. }
  144. public static void main(String[] args)
  145. {
  146. try
  147. {
  148. System.setOut(System.err);
  149. TestJCEIntegration tst = new TestJCEIntegration();
  150. tst.testSecureExchange();
  151. //tst.testKey();
  152. }
  153. catch(Throwable t)
  154. {
  155. t.printStackTrace();
  156. }
  157. }
  158. }