Package org.bouncycastle.crypto.agreement.srp

Class SRP6Server

  • public class SRP6Server
extends java.lang.Object
    Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected java.math.BigInteger A  
      protected java.math.BigInteger b  
      protected java.math.BigInteger B  
      protected Digest digest  
      protected java.math.BigInteger g  
      protected java.math.BigInteger Key  
      protected java.math.BigInteger M1  
      protected java.math.BigInteger M2  
      protected java.math.BigInteger N  
      protected java.security.SecureRandom random  
      protected java.math.BigInteger S  
      protected java.math.BigInteger u  
      protected java.math.BigInteger v  

    • Constructor Summary

      Constructors 
      Constructor Description
      SRP6Server()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.math.BigInteger calculateSecret​(java.math.BigInteger clientA)
      Processes the client's credentials.
      java.math.BigInteger calculateServerEvidenceMessage()
      Computes the server evidence message M2 using the previously verified values.
      java.math.BigInteger calculateSessionKey()
      Computes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.
      java.math.BigInteger generateServerCredentials()
      Generates the server's credentials that are to be sent to the client.
      void init​(java.math.BigInteger N, java.math.BigInteger g, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)
      Initialises the server to accept a new client authentication attempt
      void init​(SRP6GroupParameters group, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)  
      protected java.math.BigInteger selectPrivateValue()  
      boolean verifyClientEvidenceMessage​(java.math.BigInteger clientM1)
      Authenticates the received client evidence message M1 and saves it only if correct.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • N

        protected java.math.BigInteger N

      • g

        protected java.math.BigInteger g

      • v

        protected java.math.BigInteger v

      • random

        protected java.security.SecureRandom random

      • digest

        protected Digest digest

      • A

        protected java.math.BigInteger A

      • b

        protected java.math.BigInteger b

      • B

        protected java.math.BigInteger B

      • u

        protected java.math.BigInteger u

      • S

        protected java.math.BigInteger S

      • M1

        protected java.math.BigInteger M1

      • M2

        protected java.math.BigInteger M2

      • Key

        protected java.math.BigInteger Key

    • Constructor Detail

      • SRP6Server

        public SRP6Server()

    • Method Detail

      • init

        public void init​(java.math.BigInteger N,
                 java.math.BigInteger g,
                 java.math.BigInteger v,
                 Digest digest,
                 java.security.SecureRandom random)
        Initialises the server to accept a new client authentication attempt
        Parameters:
        N - The safe prime associated with the client's verifier
        g - The group parameter associated with the client's verifier
        v - The client's verifier
        digest - The digest algorithm associated with the client's verifier
        random - For key generation

      • init

        public void init​(SRP6GroupParameters group,
                 java.math.BigInteger v,
                 Digest digest,
                 java.security.SecureRandom random)

      • generateServerCredentials

        public java.math.BigInteger generateServerCredentials()
        Generates the server's credentials that are to be sent to the client.
        Returns:
        The server's public value to the client

      • calculateSecret

        public java.math.BigInteger calculateSecret​(java.math.BigInteger clientA)
                                     throws CryptoException
        Processes the client's credentials. If valid the shared secret is generated and returned.
        Parameters:
        clientA - The client's credentials
        Returns:
        A shared secret BigInteger
        Throws:
        CryptoException - If client's credentials are invalid

      • selectPrivateValue

        protected java.math.BigInteger selectPrivateValue()

      • verifyClientEvidenceMessage

        public boolean verifyClientEvidenceMessage​(java.math.BigInteger clientM1)
                                    throws CryptoException
        Authenticates the received client evidence message M1 and saves it only if correct. To be called after calculating the secret S.
        Parameters:
        clientM1 - the client side generated evidence message
        Returns:
        A boolean indicating if the client message M1 was the expected one.
        Throws:
        CryptoException

      • calculateServerEvidenceMessage

        public java.math.BigInteger calculateServerEvidenceMessage()
                                                    throws CryptoException
        Computes the server evidence message M2 using the previously verified values. To be called after successfully verifying the client evidence message M1.
        Returns:
        M2: the server side generated evidence message
        Throws:
        CryptoException

      • calculateSessionKey

        public java.math.BigInteger calculateSessionKey()
                                         throws CryptoException
        Computes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.
        Returns:
        Key: the mutual authenticated symmetric session key
        Throws:
        CryptoException