org.openid4java.association
Class DiffieHellmanSession

java.lang.Object
  extended by org.openid4java.association.DiffieHellmanSession

public class DiffieHellmanSession
extends java.lang.Object

Author:
Marius Scurtescu, Johnny Bufu

Field Summary
static java.lang.String ALGORITHM
           
static long DEFAULT_GENERATOR
           
static java.lang.String DEFAULT_GENERATOR_BASE64
           
static java.lang.String DEFAULT_MODULUS_BASE64
           
static java.lang.String DEFAULT_MODULUS_HEX
           
static java.lang.String H_ALGORITHM_SHA1
           
static java.lang.String H_ALGORITHM_SHA256
           
 
Method Summary
static DiffieHellmanSession create(AssociationSessionType type, javax.crypto.spec.DHParameterSpec dhParameterSpec)
           
static DiffieHellmanSession create(AssociationSessionType type, java.lang.String modulusBase64, java.lang.String generatorBase64)
           
 byte[] decryptMacKey(java.lang.String encMacKeyBase64, java.lang.String serverPublicKeyBase64)
          Decrypts the association AMC key.
 java.lang.String encryptMacKey(byte[] macKey, java.lang.String consumerPublicKeyBase64)
          Encrypts the association MAC key.
protected static java.security.KeyPair generateKeyPair(javax.crypto.spec.DHParameterSpec dhSpec)
           
static javax.crypto.spec.DHParameterSpec generateRandomParameter(int primeSize, int keySize)
           
static javax.crypto.spec.DHParameterSpec getDefaultParameter()
           
protected  byte[] getDigestedZZ(java.lang.String otherPublicKeyBase64)
           
 java.lang.String getGenerator()
          Gets the generator for the Diffie-Hellman key echange.
 java.lang.String getModulus()
          Gets the modulus for the Diffie-Hellman key echange.
protected  javax.crypto.interfaces.DHPrivateKey getPrivateKey()
           
 java.lang.String getPublicKey()
          Get the Diffie-Hellman public key.
 AssociationSessionType getType()
           
static boolean isDhSha1Supported()
           
static boolean isDhSha256Supported()
           
static boolean isDhShaSupported(java.lang.String shaAlgorithm)
           
static boolean isDhSupported(AssociationSessionType type)
           
protected static java.lang.String publicKeyToString(javax.crypto.interfaces.DHPublicKey publicKey)
           
protected  javax.crypto.interfaces.DHPublicKey stringToPublicKey(java.lang.String publicKeyBase64)
           
 java.lang.String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

DEFAULT_MODULUS_HEX

public static final java.lang.String DEFAULT_MODULUS_HEX
See Also:
Constant Field Values

DEFAULT_MODULUS_BASE64

public static final java.lang.String DEFAULT_MODULUS_BASE64
See Also:
Constant Field Values

DEFAULT_GENERATOR

public static final long DEFAULT_GENERATOR
See Also:
Constant Field Values

DEFAULT_GENERATOR_BASE64

public static final java.lang.String DEFAULT_GENERATOR_BASE64
See Also:
Constant Field Values

ALGORITHM

public static final java.lang.String ALGORITHM
See Also:
Constant Field Values

H_ALGORITHM_SHA1

public static final java.lang.String H_ALGORITHM_SHA1
See Also:
Constant Field Values

H_ALGORITHM_SHA256

public static final java.lang.String H_ALGORITHM_SHA256
See Also:
Constant Field Values
Method Detail

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object

create

public static DiffieHellmanSession create(AssociationSessionType type,
                                          java.lang.String modulusBase64,
                                          java.lang.String generatorBase64)
                                   throws AssociationException
Throws:
AssociationException

create

public static DiffieHellmanSession create(AssociationSessionType type,
                                          javax.crypto.spec.DHParameterSpec dhParameterSpec)
                                   throws AssociationException
Throws:
AssociationException

getDefaultParameter

public static javax.crypto.spec.DHParameterSpec getDefaultParameter()

generateRandomParameter

public static javax.crypto.spec.DHParameterSpec generateRandomParameter(int primeSize,
                                                                        int keySize)

generateKeyPair

protected static java.security.KeyPair generateKeyPair(javax.crypto.spec.DHParameterSpec dhSpec)

getType

public AssociationSessionType getType()

getModulus

public java.lang.String getModulus()
Gets the modulus for the Diffie-Hellman key echange. This is the value passed in the openid.dh_modulus association request parameter.

Returns:
The base 64 encoded two's-complement representation of the modulus: base64(btwoc(p))

getGenerator

public java.lang.String getGenerator()
Gets the generator for the Diffie-Hellman key echange. This is the value passed in the openid.dh_gen association request parameter.

Returns:
The base 64 encoded two's-complement representation of the generator: base64(btwoc(g))

getPublicKey

public java.lang.String getPublicKey()
Get the Diffie-Hellman public key. This is the value passed in the openid.dh_consumer_public association request parameter and the value passed in the openid.dh_server_public association response parameter.

Returns:
The base 64 encoded two's-complement representation of the public key: base64(btwoc(g ^ x mod p))

getPrivateKey

protected javax.crypto.interfaces.DHPrivateKey getPrivateKey()

encryptMacKey

public java.lang.String encryptMacKey(byte[] macKey,
                                      java.lang.String consumerPublicKeyBase64)
                               throws AssociationException
Encrypts the association MAC key. The encryption takes palce on the server side (aka OP). This is the value passed in the openid.enc_mac_key association response parameter.

Parameters:
macKey - The MAC key in binary format.
consumerPublicKeyBase64 - The base 64 encoding of the consumer Diffie-Hellman public key. This is the value passed in the openid.dh_consumer_public association request parameter.
Returns:
The base 64 encoded two's-complement representation of the encrypted mac key: base64(H(btwoc(g ^ (xa * xb) mod p)) XOR MAC)
Throws:
AssociationException - if the lengths of the mac key and digest of Diffie-Hellman shared secred do not match.

decryptMacKey

public byte[] decryptMacKey(java.lang.String encMacKeyBase64,
                            java.lang.String serverPublicKeyBase64)
                     throws AssociationException
Decrypts the association AMC key. The decryption takes palce on the consumer side (aka RP).

Parameters:
encMacKeyBase64 - The base 64 encoded two's-complement representation of the encrypted mac key: base64(H(btwoc(g ^ (xa * xb) mod p)) XOR MAC). This is the value passed in the openid.enc_mac_key association response parameter.
serverPublicKeyBase64 - The base 64 encoding of the server Diffie-Hellman public key. This is the value passed in the openid.dh_server_public association response parameter.
Returns:
The MAC key in binary format.
Throws:
AssociationException - if the lengths of the encrypted mac key and digest of Diffie-Hellman shared secret do not match.

publicKeyToString

protected static java.lang.String publicKeyToString(javax.crypto.interfaces.DHPublicKey publicKey)

stringToPublicKey

protected javax.crypto.interfaces.DHPublicKey stringToPublicKey(java.lang.String publicKeyBase64)

getDigestedZZ

protected byte[] getDigestedZZ(java.lang.String otherPublicKeyBase64)

isDhSupported

public static boolean isDhSupported(AssociationSessionType type)

isDhShaSupported

public static boolean isDhShaSupported(java.lang.String shaAlgorithm)

isDhSha1Supported

public static boolean isDhSha1Supported()

isDhSha256Supported

public static boolean isDhSha256Supported()


Copyright © 2012 Sxip. All Rights Reserved.