You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dj...@apache.org on 2007/08/11 00:57:48 UTC
svn commit: r564794 [1/2] - in /directory/sandbox/djencks/triplesec-jacc2:
jaas/src/main/java/org/apache/directory/triplesec/jaas/
main/src/main/java/org/apache/directory/triplesec/ otp/
otp/src/main/java/org/apache/ otp/src/main/java/org/apache/direct...
Author: djencks
Date: Fri Aug 10 15:57:44 2007
New Revision: 564794
URL: http://svn.apache.org/viewvc?view=rev&rev=564794
Log:
Another try at changing packages to o.a.d.triplesec. Unfortunately loses history due to idea/svn problems
Added:
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java (with props)
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java (with props)
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java (with props)
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java (with props)
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java (with props)
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/Profile.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/ProfileUtils.java (with props)
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/ServerProfile.java (with props)
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/apache/
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/apache/directory/
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/apache/directory/triplesec/
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/apache/directory/triplesec/profile/
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/apache/directory/triplesec/profile/ProfileTestData.java (with props)
Removed:
directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/safehaus/
directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/safehaus/
directory/sandbox/djencks/triplesec-jacc2/testdata/src/main/java/org/safehaus/
Modified:
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountDisabledException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountLockedOutException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/HotpLoginException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/OldSafehausLoginModule.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/PreauthFailedException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchInProgressException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchStartingException.java
directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java
directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/LoggingHotpMonitor.java
directory/sandbox/djencks/triplesec-jacc2/otp/pom.xml
directory/sandbox/djencks/triplesec-jacc2/utils-hauskeys/src/test/java/org/apache/directory/triplesec/utils/hauskeys/HauskeysMidletBuilderTest.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/AccountDisabledException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/AccountInactiveException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/AccountLockedOutException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/DefaultHotpSamVerifier.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/HotpException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/HotpMonitor.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/HotpMonitorAdapter.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/PreauthFailedException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/ResynchInProgressException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/main/java/org/apache/directory/triplesec/verifier/hotp/ResynchStartingException.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/test/java/org/apache/directory/triplesec/verifier/hotp/GenerateHotp.java
directory/sandbox/djencks/triplesec-jacc2/verifier/src/test/java/org/apache/directory/triplesec/verifier/hotp/HotpSamVerifierITest.java
directory/sandbox/djencks/triplesec-jacc2/webapp-activation/src/main/java/org/apache/directory/triplesec/activation/ActivateAccountFilter.java
directory/sandbox/djencks/triplesec-jacc2/webapp-activation/src/main/java/org/apache/directory/triplesec/activation/ActivationUtils.java
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountDisabledException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountDisabledException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountDisabledException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountDisabledException.java Fri Aug 10 15:57:44 2007
@@ -19,7 +19,7 @@
*/
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountLockedOutException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountLockedOutException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountLockedOutException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/AccountLockedOutException.java Fri Aug 10 15:57:44 2007
@@ -20,7 +20,7 @@
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/BaseKerberosLoginModuleWrapper.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/BaseKerberosLoginModuleWrapper.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/BaseKerberosLoginModuleWrapper.java Fri Aug 10 15:57:44 2007
@@ -23,7 +23,7 @@
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
* @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/HotpLoginException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/HotpLoginException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/HotpLoginException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/HotpLoginException.java Fri Aug 10 15:57:44 2007
@@ -20,7 +20,7 @@
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
import javax.security.auth.login.LoginException;
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/OldSafehausLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/OldSafehausLoginModule.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/OldSafehausLoginModule.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/OldSafehausLoginModule.java Fri Aug 10 15:57:44 2007
@@ -27,7 +27,7 @@
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/PreauthFailedException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/PreauthFailedException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/PreauthFailedException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/PreauthFailedException.java Fri Aug 10 15:57:44 2007
@@ -20,7 +20,7 @@
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchInProgressException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchInProgressException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchInProgressException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchInProgressException.java Fri Aug 10 15:57:44 2007
@@ -20,7 +20,7 @@
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchStartingException.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchStartingException.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchStartingException.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/ResynchStartingException.java Fri Aug 10 15:57:44 2007
@@ -20,7 +20,7 @@
package org.apache.directory.triplesec.jaas;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
/**
Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java Fri Aug 10 15:57:44 2007
@@ -36,7 +36,7 @@
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
-import org.apache.directory.otp.HotpErrorConstants;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
import org.apache.directory.triplesec.guardian.ApplicationPolicy;
import org.apache.directory.triplesec.guardian.Profile;
Modified: directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/LoggingHotpMonitor.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/LoggingHotpMonitor.java?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/LoggingHotpMonitor.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/LoggingHotpMonitor.java Fri Aug 10 15:57:44 2007
@@ -24,7 +24,7 @@
import org.apache.directory.triplesec.verifier.hotp.HotpMonitor;
import org.apache.directory.triplesec.profile.ServerProfile;
-import org.apache.directory.otp.ResynchParameters;
+import org.apache.directory.triplesec.otp.ResynchParameters;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
Modified: directory/sandbox/djencks/triplesec-jacc2/otp/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/pom.xml?view=diff&rev=564794&r1=564793&r2=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/pom.xml (original)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/pom.xml Fri Aug 10 15:57:44 2007
@@ -23,7 +23,7 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.directory.triplesec</groupId>
- <artifactId>build</artifactId>
+ <artifactId>triplesec-parent</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>triplesec-otp</artifactId>
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,211 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+/**
+ * Decoding/Encoding of base64 characters to raw bytes.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class Base64
+{
+
+ /**
+ * passed data array.
+ *
+ * @param a_data the array of bytes to encode
+ * @return base64-coded character array.
+ */
+ public static char[] encode( byte[] a_data )
+ {
+ char [] l_out = new char[( ( a_data.length + 2 ) / 3 ) * 4];
+
+ //
+ // 3 bytes encode to 4 chars. Output is always an even
+ // multiple of 4 characters.
+ //
+ for ( int ii = 0, l_index = 0; ii < a_data.length;
+ ii += 3, l_index += 4 )
+ {
+ boolean l_quad = false;
+ boolean l_trip = false;
+
+ int l_val = ( 0xFF & ( int ) a_data[ii] );
+ l_val <<= 8;
+ if ( ( ii + 1 ) < a_data.length )
+ {
+ l_val |= ( 0xFF & ( int ) a_data[ii + 1] );
+ l_trip = true;
+ }
+
+ l_val <<= 8;
+ if ( ( ii + 2 ) < a_data.length )
+ {
+ l_val |= ( 0xFF & ( int ) a_data[ ii + 2] );
+ l_quad = true;
+ }
+
+ l_out[l_index + 3] =
+ s_alphabet[( l_quad ? ( l_val & 0x3F ) : 64 )];
+ l_val >>= 6;
+ l_out[l_index + 2] =
+ s_alphabet[( l_trip ? ( l_val & 0x3F ) : 64 )];
+ l_val >>= 6;
+ l_out[l_index + 1] = s_alphabet[l_val & 0x3F];
+ l_val >>= 6;
+ l_out[l_index + 0] = s_alphabet[l_val & 0x3F];
+ }
+ return l_out;
+ }
+
+
+ /**
+ * Decodes a BASE-64 encoded stream to recover the original
+ * data. White space before and after will be trimmed away,
+ * but no other manipulation of the input will be performed.
+ *
+ * As of version 1.2 this method will properly handle input
+ * containing junk characters (newlines and the like) rather
+ * than throwing an error. It does this by pre-parsing the
+ * input and generating from that a count of VALID input
+ * characters.
+ *
+ * @param a_data data to decode.
+ * @return the decoded binary data.
+ */
+ public static byte[] decode( char[] a_data )
+ {
+ // as our input could contain non-BASE64 data (newlines,
+ // whitespace of any sort, whatever) we must first adjust
+ // our count of USABLE data so that...
+ // (a) we don't misallocate the output array, and
+ // (b) think that we miscalculated our data length
+ // just because of extraneous throw-away junk
+
+ int l_tempLen = a_data.length;
+ for ( int ii = 0; ii < a_data.length; ii++ )
+ {
+ if ( ( a_data[ii] > 255 ) || s_codes[ a_data[ii] ] < 0 )
+ {
+ --l_tempLen; // ignore non-valid chars and padding
+ }
+ }
+ // calculate required length:
+ // -- 3 bytes for every 4 valid base64 chars
+ // -- plus 2 bytes if there are 3 extra base64 chars,
+ // or plus 1 byte if there are 2 extra.
+
+ int l_len = ( l_tempLen / 4 ) * 3;
+
+ if ( ( l_tempLen % 4 ) == 3 )
+ {
+ l_len += 2;
+ }
+
+ if ( ( l_tempLen % 4 ) == 2 )
+ {
+ l_len += 1;
+ }
+
+ byte[] l_out = new byte[l_len];
+
+
+
+ int l_shift = 0; // # of excess bits stored in accum
+ int l_accum = 0; // excess bits
+ int l_index = 0;
+
+ // we now go through the entire array (NOT using the 'tempLen' value)
+ for ( int ii = 0; ii < a_data.length; ii++ )
+ {
+ int l_value = ( a_data[ii] > 255 ) ? -1 :
+ s_codes[ a_data[ii] ];
+
+ if ( l_value >= 0 ) // skip over non-code
+ {
+ l_accum <<= 6; // bits shift up by 6 each time thru
+ l_shift += 6; // loop, with new bits being put in
+ l_accum |= l_value; // at the bottom. whenever there
+ if ( l_shift >= 8 ) // are 8 or more shifted in, write them
+ {
+ l_shift -= 8; // out (from the top, leaving any excess
+ l_out[l_index++] = // at the bottom for next iteration.
+ ( byte ) ( ( l_accum >> l_shift ) & 0xff );
+ }
+ }
+ // we will also have skipped processing a padding null byte ('=') here;
+ // these are used ONLY for padding to an even length and do not legally
+ // occur as encoded data. for this reason we can ignore the fact that
+ // no index++ operation occurs in that special case: the out[] array is
+ // initialized to all-zero bytes to start with and that works to our
+ // advantage in this combination.
+ }
+
+ // if there is STILL something wrong we just have to throw up now!
+ if ( l_index != l_out.length )
+ {
+ StringBuffer buf = new StringBuffer();
+ buf.append( "Miscalculated data length (wrote " );
+ buf.append( l_index );
+ buf.append( " instead of " );
+ buf.append(l_out.length );
+ buf.append( ")" );
+ throw new Error( buf.toString() );
+ }
+
+ return l_out;
+ }
+
+ /** code characters for values 0..63 */
+ private static char[] s_alphabet =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
+ .toCharArray();
+
+ /** lookup table for converting base64 characters to value in range 0..63 */
+ private static byte[] s_codes = new byte[256];
+
+ static {
+ for ( int ii = 0; ii < 256; ii++ )
+ {
+ s_codes[ii] = -1;
+ }
+
+ for ( int ii = 'A'; ii <= 'Z'; ii++ )
+ {
+ s_codes[ii] = ( byte ) ( ii - 'A' );
+ }
+
+ for ( int ii = 'a'; ii <= 'z'; ii++ )
+ {
+ s_codes[ii] = ( byte ) ( 26 + ii - 'a' );
+ }
+
+ for ( int ii = '0'; ii <= '9'; ii++ )
+ {
+ s_codes[ii] = ( byte ) ( 52 + ii - '0' );
+ }
+
+ s_codes['+'] = 62;
+ s_codes['/'] = 63;
+ }
+}
+
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Base64.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,137 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+import org.safehaus.crypto.HMac;
+import org.safehaus.crypto.SHA1Digest;
+import org.safehaus.crypto.KeyParameter;
+import org.safehaus.crypto.CipherParameters;
+
+
+/**
+ * Generates a one time password using HMAC-SHA1. This OTP algorithm is
+ * described within an <a href="http://boxmanei.notlong.com/">ietf draft</a>.
+ *
+ * @author <a href="mailto:aok123@bellsouth.net">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class Hotp
+{
+ private static final int[] DIGITS_POWER
+ = {1, 10, 100, 1000, 10000, 100000, 1000000, 10000000, 100000000};
+
+ /** the default minimum size for the HOTP value */
+ private static final int MIN_DIGITS = 6;
+
+ /** the default maximum size for the HOTP value */
+ private static final int MAX_DIGITS = 10;
+
+
+ /**
+ * Generates an HOTP value using a shared secret (K), a counter for the
+ * moving factor (C), and a HOTP value size (Digits).
+ *
+ * @param secret the shared secret key known to the token and the validator
+ * @param counter the movign factor
+ * @param digits the number of digits to produce for the HOTP value which
+ * should be between the range of 6 to 10 inclusive
+ * @return the generated HOTP value according to the specification
+ */
+ public static String generate( byte[] secret, long counter, int digits )
+ {
+ StringBuffer result = new StringBuffer();
+
+ if ( MIN_DIGITS < digits || digits > MAX_DIGITS )
+ {
+ throw new IllegalArgumentException( "Number of digits not within range: "
+ + MIN_DIGITS + " < digits > " + MAX_DIGITS );
+ }
+
+ if ( secret == null || secret.length == 0 )
+ {
+ throw new IllegalArgumentException( "Shared secret shouldn't be null or empty" );
+ }
+
+ byte[] hash = stepOne( secret, counter );
+
+ // put selected bytes into result int
+ int offset = 0;
+ int binary = ( ( hash[offset] & 0x7f ) << 24 ) |
+ ( ( hash[offset + 1] & 0xff ) << 16 ) |
+ ( ( hash[offset + 2] & 0xff ) << 8 ) |
+ ( hash[offset + 3] & 0xff );
+
+ int otp = binary % DIGITS_POWER[digits];
+ result.append( Integer.toString( otp ) );
+ while ( result.length() < digits )
+ {
+ result.insert( 0, "0" );
+ }
+ return result.toString();
+ }
+
+
+ /**
+ * The first step to generate the HMAC-SHA-1 value.
+ *
+ * @param secretKey the shared secret key
+ * @param counter the counter value (moving factor C)
+ * @return the 20 byte HMAC-SHA-1 value
+ */
+ static byte[] stepOne( byte[] secretKey, long counter )
+ {
+ HMac mac = new HMac( new SHA1Digest() );
+ byte[] value = new byte[mac.getMacSize()];
+ CipherParameters params = new KeyParameter( secretKey );
+ mac.init( params );
+ mac.update( getCounterBytes( counter ), 0, 8 );
+ mac.doFinal( value, 0 );
+ return value;
+ }
+
+
+ // -------------------------------------------------------------------------
+ // Utility Methods
+ // -------------------------------------------------------------------------
+
+
+ /**
+ * Calculates the 8 bytes for the long counter where the 8 most significant
+ * bits are in the first byte, then next 8 MSBs are in the second byte and
+ * so on.
+ *
+ * @param counter the long counter value (C)
+ * @return the byte array of length 8 representing the counter
+ */
+ static byte[] getCounterBytes( long counter )
+ {
+ byte[] counterBytes = new byte[8];
+ counterBytes[7] = ( byte ) counter;
+ counterBytes[6] = ( byte ) ( counter >> 8 );
+ counterBytes[5] = ( byte ) ( counter >> 16 );
+ counterBytes[4] = ( byte ) ( counter >> 24 );
+ counterBytes[3] = ( byte ) ( counter >> 32 );
+ counterBytes[2] = ( byte ) ( counter >> 40 );
+ counterBytes[1] = ( byte ) ( counter >> 48 );
+ counterBytes[0] = ( byte ) ( counter >> 56 );
+ return counterBytes;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/Hotp.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,151 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+/**
+ * Attributes use to calculate a HOTP value.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public final class HotpAttributes
+{
+ private static final int DEFAULT_SIZE = 6;
+
+ /** the shared secret key */
+ private final byte[] secret;
+ /** the moving factor */
+ private final long factor;
+ /** the size of the value to generate */
+ private final int size;
+
+
+ /**
+ * Creates a HotpAttributes object with all three attributes.
+ *
+ * @param factor the moving factor
+ * @param secret the shared secret
+ */
+ public HotpAttributes( long factor, byte[] secret )
+ {
+ this( DEFAULT_SIZE, factor, secret );
+ }
+
+
+ /**
+ * Creates a HotpAttributes object with all three attributes.
+ *
+ * @param size the size of the value to generate
+ * @param factor the moving factor
+ * @param secret the shared secret
+ */
+ public HotpAttributes( int size, long factor, byte[] secret )
+ {
+ if ( 6 > size || size > 10 )
+ {
+ StringBuffer buf = new StringBuffer();
+ buf.append( "expecting HOTP value size in range [6,10] but got " );
+ buf.append( size );
+ throw new IllegalArgumentException( buf.toString() );
+ }
+
+ this.size = size;
+ this.factor = factor;
+ this.secret = secret;
+ }
+
+
+ /**
+ * Gets the shared secret key.
+ *
+ * @return the shared secret key
+ */
+ public byte[] getSecret()
+ {
+ return secret;
+ }
+
+
+ /**
+ * Gets the moving factor.
+ *
+ * @return the moving factor
+ */
+ public long getFactor()
+ {
+ return factor;
+ }
+
+
+ /**
+ * Gets the size of the value to generate.
+ *
+ * @return the size of charactor in the generated OTP
+ */
+ public int getSize()
+ {
+ return size;
+ }
+
+
+ /**
+ * Checks to see that another HotpAttributes matches this one exactly.
+ *
+ * @param obj the other object to compare this HotpAttributes to
+ * @return true if the objects are the same for all components
+ */
+ public boolean equals( Object obj )
+ {
+ if ( obj == this )
+ {
+ return true;
+ }
+
+ if ( ! ( obj instanceof HotpAttributes ) )
+ {
+ return false;
+ }
+
+ HotpAttributes other = ( HotpAttributes ) obj;
+ if ( other.getSize() != this.size )
+ {
+ return false;
+ }
+ if ( other.getFactor() != this.factor )
+ {
+ return false;
+ }
+ if ( other.getSecret().length != this.secret.length )
+ {
+ return false;
+ }
+
+ for ( int ii = 0; ii < this.secret.length; ii++ )
+ {
+ if ( this.secret[ii] != other.getSecret()[ii] )
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributes.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,254 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+import org.safehaus.crypto.BlockCipherWrapper;
+import org.safehaus.crypto.DESEngine;
+
+import java.io.UnsupportedEncodingException;
+
+
+/**
+ * Encypts and decrypts HOTP attributes. HOTP attributes are stored as binary information
+ * using the following data structure. The result is DES encrypted then base 64 encoded.
+ * <pre>
+ * [[f1 value][f2 value][hotp size][factor][length][secret]]
+ * where ...
+ * f1 value = 8 bytes = the hotp value generated using factor-1 (encoded long)
+ * f2 value = 8 bytes = the hotp value generated using factor-2 (encoded long)
+ * hotp size = 1 byte = the unsigned # of characters in HOTP value within range [6-10]
+ * factor = 8 bytes = the current moving factor
+ * length = 1 byte = the unsigned length of the shared secret field (max 256)
+ * secret = length bytes = the shared secret
+ * </pre>
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class HotpAttributesCipher
+{
+ /**
+ * Takes HotpAttributes and formats them into a byte[] after calculating f1, f2, hotpSize,
+ * factor, and length bytes. This formated byte[] is then encrypted using the password and
+ * a block cipher. The encrypted result is then Base64 encoded for handling as a printable
+ * String.
+ *
+ * @param password the key to use when encrypting the attributes
+ * @param attributes the HotpAttributes to encrypt
+ * @return the formated, then encrypted, then base64 encoded string
+ * @throws UnsupportedEncodingException if the UTF-8 character encoding is not supported
+ */
+ public static String encrypt( String password, HotpAttributes attributes )
+ throws UnsupportedEncodingException
+ {
+ // encode all the components of the HOTP binary record as specified above in the class level javadoc
+ byte[] f1 = encodeLong( Long.parseLong( Hotp.generate( attributes.getSecret(),
+ attributes.getFactor()-1, attributes.getSize() ) ) );
+ byte[] f2 = encodeLong( Long.parseLong( Hotp.generate( attributes.getSecret(),
+ attributes.getFactor()-2, attributes.getSize() ) ) );
+ byte hotpSize = encodeUnsignedByte( attributes.getSize() );
+ byte[] factor = encodeLong( attributes.getFactor() );
+ byte length = encodeUnsignedByte( attributes.getSecret().length );
+
+ // calculate and build the record by copying all components into their proper positions
+ int totalLength = f1.length + f2.length + 1 + factor.length + 1 + attributes.getSecret().length;
+ byte[] input = new byte[totalLength];
+ int pos = 0;
+
+ // copy the f1 bytes
+ System.arraycopy( f1, 0, input, pos, f1.length );
+ pos += f1.length;
+
+ // copy the f2 bytes
+ System.arraycopy( f2, 0, input, pos, f2.length );
+ pos += f2.length;
+
+ // copy the hotpSize byte
+ input[pos] = hotpSize;
+ pos++;
+
+ // copy the factor bytes
+ System.arraycopy( factor, 0, input, pos, factor.length );
+ pos += factor.length;
+
+ // copy the length bytes
+ input[pos] = length;
+ pos++;
+
+ // copy the secret bytes
+ System.arraycopy( attributes.getSecret(), 0, input, pos, attributes.getSecret().length );
+
+
+ // initialize the cipher engine and encrypt the record
+ BlockCipherWrapper engine = new BlockCipherWrapper( new DESEngine().getClass() );
+ byte[] encrypted = engine.encrypt( password, input );
+
+ // base64 encode the encrypted record and return the string
+ return new String( Base64.encode( encrypted ) );
+ }
+
+
+ /**
+ * Decrypts the encrypted HotpAtrributes using the provided password. It first Base64 decodes
+ * the encrypted string into the encrypted byte array. The encrypted array is then decrypted
+ * using a cypher engine. The decrypted attributes are then decoded based on the format for
+ * the hotp attributes. If any errors or inconsistancies are found while extracting parameters
+ * from the decrypted record, null is returned to denote the failure to decrypt. Once all
+ * parameters are extracted. The HOTP credentials are verified using the f1 and f2 parameters
+ * to check for integrity.
+ *
+ * @param password the password to use for decrypting the encrypted hotp attributes
+ * @param encrypted the attributes in that are encrypted, format encoded and base64 encoded
+ * @return a non-null HotpAttribute if the decryption succeed with verification, or null if it did not
+ * @throws UnsupportedEncodingException if the UTF-8 character encoding is not supported
+ */
+ public static HotpAttributes decrypt( String password, String encrypted ) throws UnsupportedEncodingException
+ {
+ // base 64 decode the input
+ byte[] input = Base64.decode( encrypted.toCharArray() );
+
+ // initialize the cipher wrapper and decrypt
+ BlockCipherWrapper engine = new BlockCipherWrapper( new DESEngine().getClass() );
+ byte[] decrypted = engine.decrypt( password, input );
+
+ // check that we have at least 19 bytes in the decrypted output if not return null for failure
+ if ( decrypted.length < 19 )
+ {
+ return null;
+ }
+
+ // get the f1 and f2 hotp values as longs for integrity verification
+ long f1 = decodeLong( decrypted, 0 );
+ long f2 = decodeLong( decrypted, 8 );
+
+ // get the hotpSize and make sure it's within a valid range if not return null for failure
+ int hotpSize = decodeUnsignedByte( decrypted[16] );
+ if ( 6 > hotpSize || hotpSize > 10 )
+ {
+ return null;
+ }
+
+ // get the moving factor value and the field for the length of the shared secret bytes
+ // determine if the length is valid, meaning that reading this length will not cause
+ // an index out of bounds exception by overrunning the size of the decrypted array
+ long factor = decodeLong( decrypted, 17 );
+ int secretLength = decodeUnsignedByte( decrypted[25] );
+ if ( secretLength + 26 >= decrypted.length )
+ {
+ return null;
+ }
+
+ // acquire the secret and begin verification to make sure decryption succeeded
+ byte[] secret = new byte[secretLength];
+ System.arraycopy( decrypted, 26, secret, 0, secretLength );
+ if ( f1 != Long.parseLong( Hotp.generate( secret, factor-1, hotpSize ) ) )
+ {
+ return null;
+ }
+ if ( f2 != Long.parseLong( Hotp.generate( secret, factor-2, hotpSize ) ) )
+ {
+ return null;
+ }
+
+ return new HotpAttributes( factor, secret );
+ }
+
+
+ /**
+ * Gets unsigned value of a byte as an int.
+ */
+ public static int decodeUnsignedByte( byte bite )
+ {
+ if ( bite > 0 )
+ {
+ return bite;
+ }
+
+ int value = 0;
+ value |= ( (int) bite ) & 0x000000ff;
+ return value;
+ }
+
+
+ /**
+ * Gets encoded byte value of a int as an unsigned bite.
+ */
+ public static byte encodeUnsignedByte( int unsignedByte )
+ {
+ if ( 0 > unsignedByte || unsignedByte > 255 )
+ {
+ StringBuffer buf = new StringBuffer();
+ buf.append( "unsignedByte are was " );
+ buf.append( unsignedByte );
+ buf.append( ": value must be in range [0-255]" );
+ throw new IllegalArgumentException( buf.toString() );
+ }
+
+ return ( byte ) unsignedByte;
+ }
+
+
+ /**
+ * Encodes a long into 8 bytes.
+ *
+ * @param source the long to encode
+ * @return the encoded 8 byte array
+ */
+ public static byte[] encodeLong( long source )
+ {
+ byte[] encoded = new byte[8];
+
+ encoded[7] = ( byte ) source;
+ encoded[6] = ( byte ) ( source >> 8 );
+ encoded[5] = ( byte ) ( source >> 16 );
+ encoded[4] = ( byte ) ( source >> 24 );
+ encoded[3] = ( byte ) ( source >> 32 );
+ encoded[2] = ( byte ) ( source >> 40 );
+ encoded[1] = ( byte ) ( source >> 48 );
+ encoded[0] = ( byte ) ( source >> 56 );
+
+ return encoded;
+ }
+
+
+ /**
+ * Decodes an 8 byte encoded long into a Java primitive long.
+ *
+ * @param bites the bytes containing the encoded long
+ * @param offset the offset from zero where the bytes begin
+ * @return the decoded primitive long
+ */
+ public static long decodeLong( byte[] bites, int offset )
+ {
+ long value = 0 ;
+
+ value |= ( ( (long) bites[offset] ) << 56 ) & 0xff00000000000000L;
+ value |= ( ( (long) bites[offset+1] ) << 48 ) & 0x00ff000000000000L;
+ value |= ( ( (long) bites[offset+2] ) << 40 ) & 0x0000ff0000000000L;
+ value |= ( ( (long) bites[offset+3] ) << 32 ) & 0x000000ff00000000L;
+ value |= ( ( (long) bites[offset+4] ) << 24 ) & 0x00000000ff000000L;
+ value |= ( ( (long) bites[offset+5] ) << 16 ) & 0x0000000000ff0000L;
+ value |= ( ( (long) bites[offset+6] ) << 8 ) & 0x000000000000ff00L;
+ value |= ( (long) bites[offset+7] ) & 0x00000000000000ffL;
+
+ return value ;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpAttributesCipher.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,239 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+import java.util.Vector;
+
+
+/**
+ * Constants used by hotp.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class HotpErrorConstants
+{
+ /*
+ * Nice to have idea
+ * ------------------
+ * It would be nice to be able to grab a ResourceBundle around a Preferences
+ * node and use that to access these error messages in an internationalized
+ * manner. It would be nice to wrap a ResourceBundle around Preferences in
+ * general.
+ */
+
+ /**
+ * Message prefix for locked out accounts
+ */
+ public static final String PREFIX = "HOTP-";
+
+ /**
+ * Message prefix for locked out accounts
+ */
+ public static final int LOCKEDOUT_VAL = 0;
+
+ /**
+ * Message prefix for locked out accounts
+ */
+ public static final int DISABLED_VAL = 5;
+
+ /**
+ * Message prefix for locked out accounts
+ */
+ public static final String LOCKEDOUT_PREFIX = PREFIX + LOCKEDOUT_VAL + ": ";
+
+ /**
+ * Message prefix for disabled accounts
+ */
+ public static final String DISABLED_PREFIX = PREFIX + DISABLED_VAL + ": ";
+
+ /**
+ * Message prefix for resych initiation
+ */
+ public static final int RESYNCH_STARTING_VAL = 1;
+
+ /**
+ * Message prefix for resych initiation
+ */
+ public static final String RESYNCH_STARTING_PREFIX = PREFIX + RESYNCH_STARTING_VAL + ": ";
+
+ /**
+ * Message prefix for progressing resych process
+ */
+ public static final int RESYNCH_INPROGRESS_VAL = 2;
+
+ /**
+ * Message prefix for progressing resych process
+ */
+ public static final String RESYNCH_INPROGRESS_PREFIX = PREFIX + RESYNCH_INPROGRESS_VAL + ": ";
+
+ /**
+ * Message prefix for preauth failure
+ */
+ public static final int HOTPAUTH_FAILURE_VAL = 3;
+
+ /**
+ * Message prefix for preauth failure
+ */
+ public static final String HOTPAUTH_FAILURE_PREFIX = PREFIX + HOTPAUTH_FAILURE_VAL + ": ";
+
+ /**
+ * Message for locked out accounts
+ */
+ public static final String LOCKEDOUT_MSG = LOCKEDOUT_PREFIX + "Account locked - contact your administrator!";
+
+ /**
+ * Message for disabled accounts
+ */
+ public static final String DISABLED_MSG = DISABLED_PREFIX + "Account disabled - contact your administrator!";
+
+ /**
+ * Message for resych initiation
+ */
+ public static final String RESYNCH_STARTING_MSG = RESYNCH_STARTING_PREFIX + "Resynch starting - keep entering passwords!";
+
+ /**
+ * Message for progressing resych process
+ */
+ public static final String RESYNCH_INPROGRESS_MSG = RESYNCH_INPROGRESS_PREFIX + "Resynch in progress - keep entering passwords!";
+
+ /**
+ * Message for preauth failure
+ */
+ public static final String HOTPAUTH_FAILURE_MSG = HOTPAUTH_FAILURE_PREFIX + "Preauth failed!";
+
+ /**
+ * Message prefix for inactive accounts
+ */
+ public static final int INACTIVE_VAL = 4;
+
+ /**
+ * Message prefix for inactive accounts
+ */
+ public static final String INACTIVE_PREFIX = PREFIX + INACTIVE_VAL + ": ";
+
+ /**
+ * Message for inactive accounts
+ */
+ public static final String INACTIVE_MSG = INACTIVE_PREFIX + "Account awaiting activation!";
+
+ /**
+ * An unmodifiable list of messages to be indexed by ordinal
+ */
+ private static final String[] MESSAGES;
+
+
+ static
+ {
+ // gotta use vector here for J2ME instead of ArrayList
+
+ Vector messages = new Vector( 6 );
+ messages.addElement( LOCKEDOUT_MSG );
+ messages.addElement( RESYNCH_STARTING_MSG );
+ messages.addElement( RESYNCH_INPROGRESS_MSG );
+ messages.addElement( HOTPAUTH_FAILURE_MSG );
+ messages.addElement( INACTIVE_MSG );
+ messages.addElement( DISABLED_MSG );
+ MESSAGES = new String[messages.size()];
+ messages.copyInto( MESSAGES );
+ }
+
+
+ /**
+ * Gets the error message associated with an ordinal value.
+ *
+ * @param ordinal the error message code
+ * @return the error message
+ */
+ public static String getErrorMessage( int ordinal )
+ {
+ return MESSAGES[ordinal];
+ }
+
+
+ /**
+ * Checks to see if a message has an embedded ordinal value.
+ *
+ * @param message the message containing an embedded ordinal value
+ * @return true if the message has an ordinal value, false otherwise
+ */
+ public static boolean hasEmbeddedOrdinal( String message )
+ {
+ return message.indexOf( PREFIX ) != -1;
+ }
+
+
+ /**
+ * Gets the embedded ordinal value from a message.
+ *
+ * @param message the message containing an embedded ordinal value
+ * @return the ordinal value within the message
+ */
+ public static int getEmbeddedOrdinal( String message )
+ {
+ if ( !hasEmbeddedOrdinal( message ) )
+ {
+ StringBuffer buf = new StringBuffer();
+ buf.append( "Message '" );
+ buf.append( message );
+ buf.append( "' does not contain embedded ordinal" );
+ }
+
+ String pastPrefix = stripPrefix( message, PREFIX );
+
+ return Integer.parseInt( getPrefix( pastPrefix, ':' ) );
+ }
+
+
+ /**
+ * Extracts the ordinal from a string that has it embedded.
+ *
+ * @param s the message with the ordinal embedded
+ * @return the ordinal embedded within the message type
+ */
+ public static int getOrdinal( String s )
+ {
+ String pastPrefix = stripPrefix( s, PREFIX );
+ return Integer.parseInt( getPrefix( pastPrefix, ']' ) );
+ }
+
+
+ private static String getPrefix( String str, char sep )
+ {
+ int index = -1;
+ if ( ( index = str.indexOf( sep ) ) != -1 )
+ {
+ str = str.substring( 0, index );
+ }
+ return str;
+ }
+
+
+ private static String stripPrefix( String str, String prefix )
+ {
+ int index = str.indexOf( prefix );
+ if ( index != -1 )
+ {
+ return str.substring( index + prefix.length() );
+ }
+ return str;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/HotpErrorConstants.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.otp;
+
+
+/**
+ * HOTP moving factor resynchronization protocol parameters.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public interface ResynchParameters
+{
+ /** an implementation that always returns the default values */
+ ResynchParameters DEFAULTS = new ResynchParameters()
+ {
+ public int getLookaheadSize()
+ {
+ return 10;
+ }
+
+
+ public int getNumResyncValidations()
+ {
+ return 2;
+ }
+
+
+ public int getLockoutCount()
+ {
+ return 3;
+ }
+
+
+ public String toString()
+ {
+ return "(defaults) resync params[lookahead=10, resyncValidations=2, lockoutCount=3]";
+ }
+ };
+
+
+ /**
+ * Gets the HOTP value lookahead window size used to resynchronize the
+ * moving factor for both client and server.
+ *
+ * @return the size of the HOTP lookahead window (s)
+ */
+ int getLookaheadSize();
+
+
+ /**
+ * Gets the number of consecutive HOTP values an out of sync client will
+ * be asked for. 2-3 times is an acceptable and secure value for this
+ * parameter.
+ *
+ * @return the number of consecutive validations for resynch
+ */
+ int getNumResyncValidations();
+
+
+ /**
+ * Gets the 'throttling' (T) parameter used to lock out an account after a
+ * certain number of authentication attempts.
+ *
+ * @return the number of failured authentication attempts before locking
+ * out an account
+ */
+ int getLockoutCount();
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/otp/src/main/java/org/apache/directory/triplesec/otp/ResynchParameters.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,155 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.profile;
+
+
+/**
+ * A base Profile bean.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class BaseProfile implements Profile
+{
+ /** the lable or identifier for this profile */
+ protected String label;
+
+ /** the shared secret */
+ protected byte[] secret;
+
+ /** the moving factor or counter */
+ protected long factor;
+
+ /** additional (optional) account info */
+ protected String info = "";
+
+ /** whether or not this profile is disabled */
+ protected boolean disabled = false;
+
+ /**
+ * Creates a Profile bean with all properties set to defaults.
+ */
+ protected BaseProfile()
+ {
+ // do nothing
+ }
+
+
+ /**
+ * Creates a new profile using a unique label, shared secret key, and moving
+ * factor for the OTP based account.
+ *
+ * @param label a unique label for this BaseProfile
+ * @param factor the moving factor (counter)
+ * @param secret the 160 bit shared secret key
+ */
+ public BaseProfile( String label, long factor, byte[] secret )
+ {
+ this.label = label;
+ this.secret = secret;
+ this.factor = factor;
+ }
+
+
+ /**
+ * Creates a new profile using a unique label, shared secret key, and moving
+ * factor for the OTP based account.
+ *
+ * @param label a unique label for this BaseProfile
+ * @param factor the moving factor (counter)
+ * @param secret the shared secret key
+ */
+ public BaseProfile( String label, long factor, byte[] secret, String info )
+ {
+ this.label = label;
+
+ this.secret = secret;
+
+ this.factor = factor;
+
+ this.info = info;
+ }
+
+
+ public String getLabel()
+ {
+ return label;
+ }
+
+
+ void setLabel( String label )
+ {
+ this.label = label;
+ }
+
+
+ public byte[] getSecret()
+ {
+ return secret;
+ }
+
+
+ void setSecret( byte[] secret )
+ {
+ this.secret = secret;
+ }
+
+
+ public long getFactor()
+ {
+ return factor;
+ }
+
+
+ void setFactor( long factor )
+ {
+ this.factor = factor;
+ }
+
+
+ void incrementFactor()
+ {
+ this.factor++;
+ }
+
+
+ public String getInfo()
+ {
+ return info;
+ }
+
+
+ void setInfo( String info )
+ {
+ this.info = info;
+ }
+
+
+ public boolean isDisabled()
+ {
+ return disabled;
+ }
+
+
+ void setDisabled( boolean disabled )
+ {
+ this.disabled = disabled;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfile.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,208 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.profile;
+
+
+/**
+ * A BaseProfile modifier.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class BaseProfileModifier
+{
+ /** the moveing factor delta */
+ protected long factor;
+
+ /** the optional account info delta */
+ protected String info;
+
+ /** the delta for the account label */
+ protected String label;
+
+ /** the delta for the shared secret */
+ protected byte[] secret;
+
+ private boolean disabled;
+
+
+ // ------------------------------------------------------------------------
+ // C O N S T R U C T O R S
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Creates a BaseProfileModifier without any initial values set.
+ */
+ public BaseProfileModifier()
+ {
+ }
+
+
+ /**
+ * Creates a BaseProfileModifier using initially the values of an existing profile.
+ *
+ * @param profile the profile to use for initial values
+ */
+ public BaseProfileModifier( Profile profile )
+ {
+ factor = profile.getFactor();
+ info = profile.getInfo();
+ label = profile.getLabel();
+ secret = profile.getSecret();
+ }
+
+
+ // ------------------------------------------------------------------------
+ // Builder method
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Builds the profile using all the properties.
+ *
+ * @return the changed properties
+ */
+ public BaseProfile getProfile()
+ {
+ BaseProfile profile = new BaseProfile( getLabel(), getFactor(), getSecret(), getInfo() );
+ profile.setDisabled( this.disabled );
+ return profile;
+ }
+
+
+ // ------------------------------------------------------------------------
+ // Modifier methods
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Set's whether or not this profile is disabled.
+ */
+ public void setDisabled( boolean disabled )
+ {
+ this.disabled = disabled;
+ }
+
+
+ /**
+ * Sets the label used to identify the Profile
+ *
+ * @param label the new label for the Profile
+ */
+ public void setLabel( String label )
+ {
+ this.label = label;
+ }
+
+
+ /**
+ * Sets the shared secret key used to generate the HOTP value.
+ *
+ * @param secret the shared secret key between client and server
+ */
+ public void setSecret( byte[] secret )
+ {
+ this.secret = secret;
+ }
+
+
+ /**
+ * Sets the moving factor used to generate an OTP.
+ *
+ * @param factor the OTP moving factor (counter)
+ */
+ public void setFactor( long factor )
+ {
+ this.factor = factor;
+ }
+
+
+ /**
+ * Increments the OTP moving factor (counter). This is called after the
+ * password is generated. Then this Profile is serialized back to the
+ * profile store.
+ */
+ public void incrementFactor()
+ {
+ factor = getFactor() + 1;
+ }
+
+
+ /**
+ * Sets additional account information about this Profile. Null values will
+ * become empty Strings when serializing and resusitating Profile records.
+ *
+ * @param info additional account information about this Profile
+ */
+ public void setInfo( String info )
+ {
+ this.info = info;
+ }
+
+
+ // ------------------------------------------------------------------------
+ // protected accessor methods
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Gets the altered label associated with this ProfileModifier.
+ *
+ * @return the altered label that identifies this ProfileModifier
+ */
+ protected String getLabel()
+ {
+ return label;
+ }
+
+
+ /**
+ * Gets the altered shared secret key used to generate the HOTP value.
+ *
+ * @return the altered shared secret key between client and server
+ */
+ protected byte[] getSecret()
+ {
+ return secret;
+ }
+
+
+ /**
+ * The altered moving factor (counter) used to generate an OTP.
+ *
+ * @return altered the OTP moving factor (counter)
+ */
+ protected long getFactor()
+ {
+ return factor;
+ }
+
+
+ /**
+ * Gets altered additional account information about this ProfileModifier.
+ *
+ * @return altered additional account information
+ */
+ protected String getInfo()
+ {
+ return info;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseProfileModifier.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,205 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.profile;
+
+
+/**
+ * The base profile implementation used by servers.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class BaseServerProfile extends BaseProfile implements ServerProfile
+{
+ /** the user id associated with this profile */
+ private String id;
+ /** the realm associated with this profile */
+ private String realm;
+ /** the successful resynch attempt count */
+ private int resynchCount = -1;
+ /** the number of auth failures within a server epoch */
+ private int failuresInEpoch;
+ /** the activation key for this profile if it has not yet been activated */
+ private String activationKey;
+ private String tokenPin;
+ private String notifyBy = "sms";
+ private byte[] password;
+
+
+ /**
+ * Creates a new profile using a unique label, shared secret key, and moving
+ * factor for the OTP based account.
+ *
+ * @param id the user id associated with this profile
+ * @param realm the authentication realm this profile is in
+ * @param label a unique label for this BaseProfile
+ * @param factor the moving factor (counter)
+ * @param secret the 160 bit shared secret key
+ */
+ public BaseServerProfile( String id, String realm, String label, long factor, byte[] secret,
+ String pin, byte[] password )
+ {
+ this.id = id;
+ this.realm = realm;
+ this.label = label;
+ this.secret = secret;
+ this.factor = factor;
+ this.tokenPin = pin;
+ this.password = password;
+ }
+
+
+ /**
+ * Creates a new profile using a unique label, shared secret key, and moving
+ * factor for the OTP based account.
+ *
+ * @param id the user id associated with this profile
+ * @param realm the authentication realm this profile is in
+ * @param label a unique label for this BaseProfile
+ * @param factor the moving factor (counter)
+ * @param secret the shared secret key
+ */
+ public BaseServerProfile( String id, String realm, String label, long factor, byte[] secret,
+ String pin, byte[] password, String info, String activationKey )
+ {
+ this.id = id;
+ this.realm = realm;
+ this.label = label;
+ this.secret = secret;
+ this.factor = factor;
+ this.tokenPin = pin;
+ this.password = password;
+ this.info = info;
+ this.activationKey = activationKey;
+ }
+
+
+ public String getUserId()
+ {
+ return id;
+ }
+
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+
+ public int getResynchCount()
+ {
+ return this.resynchCount;
+ }
+
+
+ public int getFailuresInEpoch()
+ {
+ return this.failuresInEpoch;
+ }
+
+
+ public boolean isActive()
+ {
+ return activationKey == null || activationKey.length() == 0;
+ }
+
+
+ public String getActivationKey()
+ {
+ return activationKey;
+ }
+
+
+ public String getTokenPin()
+ {
+ return tokenPin;
+ }
+
+
+ void setTokenPin( String tokenPin )
+ {
+ this.tokenPin = tokenPin;
+ }
+
+
+ public byte[] getPassword()
+ {
+ return password;
+ }
+
+
+ void setPassword( byte[] password )
+ {
+ this.password = password;
+ }
+
+ void setUserId( String id )
+ {
+ this.id = id;
+ }
+
+
+ void setRealm( String domain )
+ {
+ this.realm = domain;
+ }
+
+
+ void setResynchCount( int resynchCount )
+ {
+ this.resynchCount = resynchCount;
+ }
+
+
+ void setFailuresInEpoch( int failuresInEpoch )
+ {
+ this.failuresInEpoch = failuresInEpoch;
+ }
+
+
+ void setActivationKey( String activationKey )
+ {
+ this.activationKey = activationKey;
+ }
+
+
+ public String toString()
+ {
+ StringBuffer buf = new StringBuffer();
+ buf.append( "ServerProfile[realm=" ).append( this.realm );
+ buf.append( ", id = ").append( this.id );
+ buf.append( ", factor = *****" ); // do not log this for security reasons
+ buf.append( ", secret = *****" ); // do not log this for security reasons
+ buf.append( ", pin = *****" ); // do not log this for security reasons
+ buf.append( ", password = *****" ); // do not log this for security reasons
+ buf.append( ", failuresInEpoch = " ).append( this.failuresInEpoch );
+ buf.append( ", info = " ).append( this.info );
+ buf.append( ", label = " ).append( this.label );
+ buf.append( ", resynchCount = " ).append( this.resynchCount );
+ buf.append( "]" );
+ return buf.toString();
+ }
+
+
+ public String getNotifyBy()
+ {
+ return notifyBy;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfile.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java?view=auto&rev=564794
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java (added)
+++ directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java Fri Aug 10 15:57:44 2007
@@ -0,0 +1,243 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.triplesec.profile;
+
+
+/**
+ * A BaseServerProfileModifier.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class BaseServerProfileModifier extends BaseProfileModifier
+{
+ /** the delta for the user id */
+ private String id;
+
+ /** the delta for the realm */
+ private String realm;
+
+ /** the delta for the resynchronization counts that have succeed */
+ private int resynchCount;
+
+ /** the delta for the number of failures to authenticate in epoch */
+ private int failuresInEpoch;
+
+ private String activationKey;
+
+ private byte[] password;
+ private String tokenPin;
+
+
+ // ------------------------------------------------------------------------
+ // C O N S T R U C T O R S
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Creates a BaseServerProfileModifier without any initial values.
+ */
+ public BaseServerProfileModifier()
+ {
+ super();
+ }
+
+
+ /**
+ * Creates a BaseServerProfileModifier with initial values copied from an existing profile.
+ *
+ * @param profile the existing profile used for initial values
+ */
+ public BaseServerProfileModifier( ServerProfile profile )
+ {
+ super( profile );
+
+ this.resynchCount = profile.getResynchCount();
+ this.id = profile.getUserId();
+ this.factor = profile.getFactor();
+ this.realm = profile.getRealm();
+ this.failuresInEpoch = profile.getFailuresInEpoch();
+ this.info = profile.getInfo();
+ this.activationKey = profile.getActivationKey();
+ this.password = profile.getPassword();
+ this.tokenPin = profile.getTokenPin();
+ }
+
+
+ // ------------------------------------------------------------------------
+ // Builder method
+ // ------------------------------------------------------------------------
+
+
+ /**
+ * Builds the profile using all its altered properties.
+ *
+ * @return the changed properties
+ */
+ public BaseServerProfile getServerProfile()
+ {
+ BaseServerProfile profile = new BaseServerProfile( this.id, this.realm, getLabel(),
+ getFactor(), getSecret(), getTokenPin(), getPassword() );
+ profile.setInfo( info );
+ profile.setFailuresInEpoch( failuresInEpoch );
+ profile.setResynchCount( resynchCount );
+ profile.setActivationKey( activationKey );
+ return profile;
+ }
+
+
+ // ------------------------------------------------------------------------
+ // Modifier methods
+ // ------------------------------------------------------------------------
+
+
+ public void setPassword( byte[] password )
+ {
+ this.password = password;
+ }
+
+
+ public void setTokenPin( String tokenPin )
+ {
+ this.tokenPin = tokenPin;
+ }
+
+
+ /**
+ * Sets the number of successful consecutive resync operations that have
+ * passed.
+ *
+ * @param resynchCount the number of successful resynch passes until now
+ */
+ public void setResynchCount( int resynchCount )
+ {
+ this.resynchCount = resynchCount;
+ }
+
+
+ /**
+ * Gets the unique user id associated with this profile.
+ *
+ * @param id the unique user id associated with this profile
+ */
+ public void setUserId( String id )
+ {
+ this.id = id;
+ }
+
+
+ /**
+ * Gets the authentication realm associated with this Profile.
+ *
+ * @param realm the authentication realm associated with this Profile
+ */
+ public void setRealm( String realm )
+ {
+ this.realm = realm;
+ }
+
+
+ /**
+ * Sets the number of authentication failures within an epoch.
+ *
+ * @param failuresInEpoch the number of authentication failures within an epoch
+ */
+ public void setFailuresInEpoch( int failuresInEpoch )
+ {
+ this.failuresInEpoch = failuresInEpoch;
+ }
+
+
+ public void setActivationKey ( String activationKey )
+ {
+ this.activationKey = activationKey;
+ }
+
+
+ // ------------------------------------------------------------------------
+ // Protected accessorr methods
+ // ------------------------------------------------------------------------
+
+
+ protected String getTokenPin()
+ {
+ return tokenPin;
+ }
+
+
+ protected byte[] getPassword()
+ {
+ return password;
+ }
+
+
+ /**
+ * Gets the unique user id associated with this profile.
+ *
+ * @return the unique user id associated with this profile
+ */
+ protected String getUserId()
+ {
+ return this.id;
+ }
+
+
+ /**
+ * Gets the authentication realm associated with this Profile.
+ *
+ * @return the authentication realm associated with this Profile
+ */
+ protected String getRealm()
+ {
+ return this.realm;
+ }
+
+
+ /**
+ * Gets the number of successful consecutive resync operations that have
+ * passed. This count is set to a negative number to denote that no resynch
+ * is in progress. When users are undergoing the resynch process they may
+ * be asked to type in their password a certain number of times
+ * consecutively. Each time the user succeeds this counter is incremented.
+ * When the user has successfully completed the resynch operation the
+ * counter is set to a negative value. If the user fails during resynch
+ * the counter is set to 0.
+ *
+ * @return the number of successful resynch passes until now
+ */
+ protected int getResynchCount()
+ {
+ return this.resynchCount;
+ }
+
+
+ /**
+ * Gets the number of authentication failures within an epoch. The number
+ * of authentication failures are tracked here within time periods
+ * determined by the server. If the user exceeds some threshold the account
+ * is automatically locked to prevent brute force attacks.
+ *
+ * @return the number of authentication failures within an epoch
+ */
+ protected int getFailuresInEpoch()
+ {
+ return this.failuresInEpoch;
+ }
+}
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: directory/sandbox/djencks/triplesec-jacc2/profile/src/main/java/org/apache/directory/triplesec/profile/BaseServerProfileModifier.java
------------------------------------------------------------------------------
svn:mime-type = text/plain