1 /* SRPRegistry.java -- 2 Copyright (C) 2003, 2006 Free Software Foundation, Inc. 3 4 This file is a part of GNU Classpath. 5 6 GNU Classpath is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2 of the License, or (at 9 your option) any later version. 10 11 GNU Classpath is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GNU Classpath; if not, write to the Free Software 18 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 19 USA 20 21 Linking this library statically or dynamically with other modules is 22 making a combined work based on this library. Thus, the terms and 23 conditions of the GNU General Public License cover the whole 24 combination. 25 26 As a special exception, the copyright holders of this library give you 27 permission to link this library with independent modules to produce an 28 executable, regardless of the license terms of these independent 29 modules, and to copy and distribute the resulting executable under 30 terms of your choice, provided that you also meet, for each linked 31 independent module, the terms and conditions of the license of that 32 module. An independent module is a module which is not derived from 33 or based on this library. If you modify this library, you may extend 34 this exception to your version of the library, but you are not 35 obligated to do so. If you do not wish to do so, delete this 36 exception statement from your version. */ 37 38 39 package gnu.javax.crypto.sasl.srp; 40 41 import gnu.java.security.Registry; 42 43 /** 44 * A list of key names designating the values exchanged between the server 45 * and client in an SRP communication authentication phase. 46 */ 47 public interface SRPRegistry 48 { 49 /** Indices of (N, g) parameter values for SRP (.conf) password database. */ 50 String N_2048_BITS = "1"; 51 String N_1536_BITS = "2"; 52 String N_1280_BITS = "3"; 53 String N_1024_BITS = "4"; 54 String N_768_BITS = "5"; 55 String N_640_BITS = "6"; 56 String N_512_BITS = "7"; 57 /** Available hash algorithms for all SRP calculations. */ 58 String[] SRP_ALGORITHMS = { 59 Registry.SHA160_HASH, // the default one 60 Registry.MD5_HASH, 61 Registry.RIPEMD128_HASH, 62 Registry.RIPEMD160_HASH, 63 64 Registry.SHA256_HASH, 65 Registry.SHA384_HASH, 66 Registry.SHA512_HASH }; 67 /** 68 * The name of the default message digest algorithm to use when no name is 69 * explicitely given. In this implementation it is the <b>first</b> among 70 * those supported; i.e. the algorithm at index position #0: SHA with 71 * 160-bit output. 72 */ 73 String SRP_DEFAULT_DIGEST_NAME = SRP_ALGORITHMS[0]; 74 /** 75 * The property name of the message digest algorithm name to use in a given 76 * SRP incarnation. 77 */ 78 String SRP_DIGEST_NAME = "srp.digest.name"; 79 /** The public shared modulus: n. */ 80 String SHARED_MODULUS = "srp.N"; 81 /** The GF generator used: g. */ 82 String FIELD_GENERATOR = "srp.g"; 83 /** The list of server's available security options. */ 84 String AVAILABLE_OPTIONS = "srp.L"; 85 /** The client's chosen security options. */ 86 String CHOSEN_OPTIONS = "srp.o"; 87 /** The client's username. */ 88 String USER_NAME = "srp.U"; 89 /** The client's authorization ID. */ 90 String USER_ROLE = "srp.I"; 91 /** The user's salt. */ 92 String USER_SALT = "srp.s"; 93 /** The user's password verifier. */ 94 String PASSWORD_VERIFIER = "srp.v"; 95 /** The client's public ephemeral exponent: A. */ 96 String CLIENT_PUBLIC_KEY = "srp.A"; 97 /** The server's public ephemeral exponent: B. */ 98 String SERVER_PUBLIC_KEY = "srp.B"; 99 /** The client's evidence: M1. */ 100 String CLIENT_EVIDENCE = "srp.M1"; 101 /** The server's evidence: M2. */ 102 String SERVER_EVIDENCE = "srp.M2"; 103 /** Name of underlying hash algorithm for use with all SRP calculations. */ 104 String SRP_HASH = "gnu.crypto.sasl.srp.hash"; 105 /** Name of SRP mandatory service property. */ 106 String SRP_MANDATORY = "gnu.crypto.sasl.srp.mandatory"; 107 /** Name of SRP replay detection property. */ 108 String SRP_REPLAY_DETECTION = "gnu.crypto.sasl.srp.replay.detection"; 109 /** Name of SRP integrity protection property. */ 110 String SRP_INTEGRITY_PROTECTION = "gnu.crypto.sasl.srp.integrity"; 111 /** Name of SRP confidentiality protection property. */ 112 String SRP_CONFIDENTIALITY = "gnu.crypto.sasl.srp.confidentiality"; 113 /** Name of the main SRP password file pathname property. */ 114 String PASSWORD_FILE = "gnu.crypto.sasl.srp.password.file"; 115 /** 116 * Name of the SRP password database property --a reference to 117 * {@link PasswordFile} object. 118 */ 119 String PASSWORD_DB = "gnu.crypto.sasl.srp.password.db"; 120 /** Default fully qualified pathname of the SRP password file. */ 121 String DEFAULT_PASSWORD_FILE = "/etc/tpasswd"; 122 /** Default value for replay detection security service. */ 123 boolean DEFAULT_REPLAY_DETECTION = true; 124 /** Default value for integrity protection security service. */ 125 boolean DEFAULT_INTEGRITY = true; // implied by the previous option 126 /** Default value for confidentiality protection security service. */ 127 boolean DEFAULT_CONFIDENTIALITY = false; 128 // constants defining HMAC names 129 String HMAC_SHA1 = "hmac-sha1"; 130 String HMAC_MD5 = "hmac-md5"; 131 String HMAC_RIPEMD_160 = "hmac-ripemd-160"; 132 /** Available HMAC algorithms for integrity protection. */ 133 String[] INTEGRITY_ALGORITHMS = { HMAC_SHA1, HMAC_MD5, HMAC_RIPEMD_160 }; 134 // constants defining Cipher names 135 String AES = "aes"; 136 String BLOWFISH = "blowfish"; 137 /** Available Cipher algorithms for confidentiality protection. */ 138 String[] CONFIDENTIALITY_ALGORITHMS = { AES, BLOWFISH }; 139 /** String for mandatory replay detection. */ 140 String OPTION_MANDATORY = "mandatory"; 141 /** String for mda: the SRP digest algorithm name. */ 142 String OPTION_SRP_DIGEST = "mda"; 143 /** String for mandatory replay detection. */ 144 String OPTION_REPLAY_DETECTION = "replay_detection"; 145 /** String for mandatory integrity protection. */ 146 String OPTION_INTEGRITY = "integrity"; 147 /** String for mandatory confidentiality protection. */ 148 String OPTION_CONFIDENTIALITY = "confidentiality"; 149 /** String for mandatory replay detection. */ 150 String OPTION_MAX_BUFFER_SIZE = "maxbuffersize"; 151 /** String for no mandatory security service. */ 152 String MANDATORY_NONE = "none"; 153 /** Default mandatory security service required. */ 154 String DEFAULT_MANDATORY = OPTION_REPLAY_DETECTION; 155 /** Name of the UID field in the plain password file. */ 156 String MD_NAME_FIELD = "srp.md.name"; 157 /** Name of the GID field in the plain password file. */ 158 String USER_VERIFIER_FIELD = "srp.user.verifier"; 159 /** Name of the GECOS field in the plain password file. */ 160 String SALT_FIELD = "srp.salt"; 161 /** Name of the SHELL field in the plain password file. */ 162 String CONFIG_NDX_FIELD = "srp.config.ndx"; 163 /** Minimum bitlength of the SRP public modulus. */ 164 int MINIMUM_MODULUS_BITLENGTH = 512; 165 } 166