Class SRP6Client
- java.lang.Object
-
- org.bouncycastle.crypto.agreement.srp.SRP6Client
-
public class SRP6Client extends java.lang.Object
Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
-
-
Field Summary
Fields Modifier and Type Field Description protected java.math.BigInteger
a
protected java.math.BigInteger
A
protected java.math.BigInteger
B
protected Digest
digest
protected java.math.BigInteger
g
protected java.math.BigInteger
Key
protected java.math.BigInteger
M1
protected java.math.BigInteger
M2
protected java.math.BigInteger
N
protected java.security.SecureRandom
random
protected java.math.BigInteger
S
protected java.math.BigInteger
u
protected java.math.BigInteger
x
-
Constructor Summary
Constructors Constructor Description SRP6Client()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.math.BigInteger
calculateClientEvidenceMessage()
Computes the client evidence message M1 using the previously received values.java.math.BigInteger
calculateSecret(java.math.BigInteger serverB)
Generates the secret S given the server's credentialsjava.math.BigInteger
calculateSessionKey()
Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.java.math.BigInteger
generateClientCredentials(byte[] salt, byte[] identity, byte[] password)
Generates client's credentials given the client's salt, identity and passwordvoid
init(java.math.BigInteger N, java.math.BigInteger g, Digest digest, java.security.SecureRandom random)
Initialises the client to begin new authentication attemptvoid
init(SRP6GroupParameters group, Digest digest, java.security.SecureRandom random)
protected java.math.BigInteger
selectPrivateValue()
boolean
verifyServerEvidenceMessage(java.math.BigInteger serverM2)
Authenticates the server evidence message M2 received and saves it only if correct.
-
-
-
Field Detail
-
N
protected java.math.BigInteger N
-
g
protected java.math.BigInteger g
-
a
protected java.math.BigInteger a
-
A
protected java.math.BigInteger A
-
B
protected java.math.BigInteger B
-
x
protected java.math.BigInteger x
-
u
protected java.math.BigInteger u
-
S
protected java.math.BigInteger S
-
M1
protected java.math.BigInteger M1
-
M2
protected java.math.BigInteger M2
-
Key
protected java.math.BigInteger Key
-
digest
protected Digest digest
-
random
protected java.security.SecureRandom random
-
-
Method Detail
-
init
public void init(java.math.BigInteger N, java.math.BigInteger g, Digest digest, java.security.SecureRandom random)
Initialises the client to begin new authentication attempt- Parameters:
N
- The safe prime associated with the client's verifierg
- The group parameter associated with the client's verifierdigest
- The digest algorithm associated with the client's verifierrandom
- For key generation
-
init
public void init(SRP6GroupParameters group, Digest digest, java.security.SecureRandom random)
-
generateClientCredentials
public java.math.BigInteger generateClientCredentials(byte[] salt, byte[] identity, byte[] password)
Generates client's credentials given the client's salt, identity and password- Parameters:
salt
- The salt used in the client's verifier.identity
- The user's identity (eg. username)password
- The user's password- Returns:
- Client's public value to send to server
-
calculateSecret
public java.math.BigInteger calculateSecret(java.math.BigInteger serverB) throws CryptoException
Generates the secret S given the server's credentials- Parameters:
serverB
- The server's credentials- Returns:
- Client's verification message for the server
- Throws:
CryptoException
- If server's credentials are invalid
-
selectPrivateValue
protected java.math.BigInteger selectPrivateValue()
-
calculateClientEvidenceMessage
public java.math.BigInteger calculateClientEvidenceMessage() throws CryptoException
Computes the client evidence message M1 using the previously received values. To be called after calculating the secret S.- Returns:
- M1: the client side generated evidence message
- Throws:
CryptoException
-
verifyServerEvidenceMessage
public boolean verifyServerEvidenceMessage(java.math.BigInteger serverM2) throws CryptoException
Authenticates the server evidence message M2 received and saves it only if correct.- Parameters:
serverM2
- the server side generated evidence message- Returns:
- A boolean indicating if the server message M2 was the expected one.
- Throws:
CryptoException
-
calculateSessionKey
public java.math.BigInteger calculateSessionKey() throws CryptoException
Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.- Returns:
- Key: the mutually authenticated symmetric session key
- Throws:
CryptoException
-
-