directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r578636 - in /directory/sandbox/erodriguez/kerberos-pkinit/src: main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
Date Mon, 24 Sep 2007 03:39:02 GMT
Author: erodriguez
Date: Sun Sep 23 20:39:01 2007
New Revision: 578636

URL: http://svn.apache.org/viewvc?rev=578636&view=rev
Log:
Added constants for Modular Exponential (MODP) Diffie-Hellman groups from RFC 4556, Kerberos
PKINIT.
o  Constants.
o  Test cases verifying constructed values.

Added:
    directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java
  (with props)
    directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
  (with props)

Added: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java?rev=578636&view=auto
==============================================================================
--- directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java
(added)
+++ directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java
Sun Sep 23 20:39:01 2007
@@ -0,0 +1,143 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.pkinit;
+
+
+import java.math.BigInteger;
+
+import javax.crypto.spec.DHParameterSpec;
+
+
+/**
+ * "When using the Diffie-Hellman key agreement method, implementations MUST
+ * support Oakley 1024-bit Modular Exponential (MODP) well-known group 2
+ * [RFC2412] and Oakley 2048-bit MODP well-known group 14 [RFC3526] and
+ * SHOULD support Oakley 4096-bit MODP well-known group 16 [RFC3526]."
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DhGroup
+{
+    /**
+     * From:
+     * The OAKLEY Key Determination Protocol
+     * http://www.ietf.org/rfc/rfc2412.txt
+     * 
+     * Well-Known Group 2:  A 1024 bit prime
+     * This group is assigned id 2 (two).
+     * The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
+     * The generator is 2 (decimal)
+     */
+    public static final DHParameterSpec MODP_GROUP2;
+
+    static
+    {
+        StringBuffer sb = new StringBuffer();
+        sb.append( "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" );
+        sb.append( "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" );
+        sb.append( "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" );
+        sb.append( "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" );
+        sb.append( "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" );
+        sb.append( "FFFFFFFFFFFFFFFF" );
+
+        BigInteger prime = new BigInteger( sb.toString(), 16 );
+        BigInteger generator = BigInteger.valueOf( 2 );
+
+        MODP_GROUP2 = new DHParameterSpec( prime, generator );
+    }
+
+    /**
+     * From:
+     * More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
+     * http://www.ietf.org/rfc/rfc3526.txt
+     * 
+     * 2048-bit MODP Group
+     * This group is assigned id 14.
+     * This prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
+     * The generator is: 2.
+     */
+    public static final DHParameterSpec MODP_GROUP14;
+
+    static
+    {
+        StringBuffer sb = new StringBuffer();
+        sb.append( "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" );
+        sb.append( "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" );
+        sb.append( "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" );
+        sb.append( "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" );
+        sb.append( "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" );
+        sb.append( "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" );
+        sb.append( "83655D23DCA3AD961C62F356208552BB9ED529077096966D" );
+        sb.append( "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" );
+        sb.append( "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" );
+        sb.append( "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" );
+        sb.append( "15728E5A8AACAA68FFFFFFFFFFFFFFFF" );
+
+        BigInteger prime = new BigInteger( sb.toString(), 16 );
+        BigInteger generator = BigInteger.valueOf( 2 );
+
+        MODP_GROUP14 = new DHParameterSpec( prime, generator );
+    }
+
+    /**
+     * From:
+     * More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
+     * http://www.ietf.org/rfc/rfc3526.txt
+     * 
+     * 4096-bit MODP Group
+     * This group is assigned id 16.
+     * This prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
+     * The generator is: 2.
+     */
+    public static final DHParameterSpec MODP_GROUP16;
+
+    static
+    {
+        StringBuffer sb = new StringBuffer();
+        sb.append( "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" );
+        sb.append( "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" );
+        sb.append( "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" );
+        sb.append( "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" );
+        sb.append( "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" );
+        sb.append( "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" );
+        sb.append( "83655D23DCA3AD961C62F356208552BB9ED529077096966D" );
+        sb.append( "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" );
+        sb.append( "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" );
+        sb.append( "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" );
+        sb.append( "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" );
+        sb.append( "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" );
+        sb.append( "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" );
+        sb.append( "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" );
+        sb.append( "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" );
+        sb.append( "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" );
+        sb.append( "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" );
+        sb.append( "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" );
+        sb.append( "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" );
+        sb.append( "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" );
+        sb.append( "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" );
+        sb.append( "FFFFFFFFFFFFFFFF" );
+
+        BigInteger prime = new BigInteger( sb.toString(), 16 );
+        BigInteger generator = BigInteger.valueOf( 2 );
+
+        MODP_GROUP16 = new DHParameterSpec( prime, generator );
+    }
+}

Propchange: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/DhGroup.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java?rev=578636&view=auto
==============================================================================
--- directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
(added)
+++ directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
Sun Sep 23 20:39:01 2007
@@ -0,0 +1,58 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.pkinit;
+
+
+import junit.framework.TestCase;
+
+
+/**
+ * "When using the Diffie-Hellman key agreement method, implementations MUST
+ * support Oakley 1024-bit Modular Exponential (MODP) well-known group 2
+ * [RFC2412] and Oakley 2048-bit MODP well-known group 14 [RFC3526] and
+ * SHOULD support Oakley 4096-bit MODP well-known group 16 [RFC3526]."
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DhGroupTest extends TestCase
+{
+    /**
+     * Tests that the translation of the hex representation of the prime modulus
+     * resulted in the expected bit length.
+     */
+    public void testPrimeBitLengths()
+    {
+        assertEquals( 1024, DhGroup.MODP_GROUP2.getP().bitLength() );
+        assertEquals( 2048, DhGroup.MODP_GROUP14.getP().bitLength() );
+        assertEquals( 4096, DhGroup.MODP_GROUP16.getP().bitLength() );
+    }
+
+
+    /**
+     * Tests the generator values.
+     */
+    public void testGeneratorValues()
+    {
+        assertEquals( 2, DhGroup.MODP_GROUP2.getG().intValue() );
+        assertEquals( 2, DhGroup.MODP_GROUP14.getG().intValue() );
+        assertEquals( 2, DhGroup.MODP_GROUP16.getG().intValue() );
+    }
+}

Propchange: directory/sandbox/erodriguez/kerberos-pkinit/src/test/java/org/apache/directory/server/kerberos/pkinit/DhGroupTest.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message