Class SRP6Server
- java.lang.Object
-
- org.bouncycastle.crypto.agreement.srp.SRP6Server
-
public class SRP6Server extends java.lang.ObjectImplements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
-
-
Field Summary
Fields Modifier and Type Field Description protected java.math.BigIntegerAprotected java.math.BigIntegerbprotected java.math.BigIntegerBprotected Digestdigestprotected java.math.BigIntegergprotected java.math.BigIntegerKeyprotected java.math.BigIntegerM1protected java.math.BigIntegerM2protected java.math.BigIntegerNprotected java.security.SecureRandomrandomprotected java.math.BigIntegerSprotected java.math.BigIntegeruprotected java.math.BigIntegerv
-
Constructor Summary
Constructors Constructor Description SRP6Server()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.math.BigIntegercalculateSecret(java.math.BigInteger clientA)Processes the client's credentials.java.math.BigIntegercalculateServerEvidenceMessage()Computes the server evidence message M2 using the previously verified values.java.math.BigIntegercalculateSessionKey()Computes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.java.math.BigIntegergenerateServerCredentials()Generates the server's credentials that are to be sent to the client.voidinit(java.math.BigInteger N, java.math.BigInteger g, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)Initialises the server to accept a new client authentication attemptvoidinit(SRP6GroupParameters group, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)protected java.math.BigIntegerselectPrivateValue()booleanverifyClientEvidenceMessage(java.math.BigInteger clientM1)Authenticates the received client evidence message M1 and saves it only if correct.
-
-
-
Field Detail
-
N
protected java.math.BigInteger N
-
g
protected java.math.BigInteger g
-
v
protected java.math.BigInteger v
-
random
protected java.security.SecureRandom random
-
digest
protected Digest digest
-
A
protected java.math.BigInteger A
-
b
protected java.math.BigInteger b
-
B
protected java.math.BigInteger B
-
u
protected java.math.BigInteger u
-
S
protected java.math.BigInteger S
-
M1
protected java.math.BigInteger M1
-
M2
protected java.math.BigInteger M2
-
Key
protected java.math.BigInteger Key
-
-
Method Detail
-
init
public void init(java.math.BigInteger N, java.math.BigInteger g, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)Initialises the server to accept a new client authentication attempt- Parameters:
N- The safe prime associated with the client's verifierg- The group parameter associated with the client's verifierv- The client's verifierdigest- The digest algorithm associated with the client's verifierrandom- For key generation
-
init
public void init(SRP6GroupParameters group, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)
-
generateServerCredentials
public java.math.BigInteger generateServerCredentials()
Generates the server's credentials that are to be sent to the client.- Returns:
- The server's public value to the client
-
calculateSecret
public java.math.BigInteger calculateSecret(java.math.BigInteger clientA) throws CryptoExceptionProcesses the client's credentials. If valid the shared secret is generated and returned.- Parameters:
clientA- The client's credentials- Returns:
- A shared secret BigInteger
- Throws:
CryptoException- If client's credentials are invalid
-
selectPrivateValue
protected java.math.BigInteger selectPrivateValue()
-
verifyClientEvidenceMessage
public boolean verifyClientEvidenceMessage(java.math.BigInteger clientM1) throws CryptoExceptionAuthenticates the received client evidence message M1 and saves it only if correct. To be called after calculating the secret S.- Parameters:
clientM1- the client side generated evidence message- Returns:
- A boolean indicating if the client message M1 was the expected one.
- Throws:
CryptoException
-
calculateServerEvidenceMessage
public java.math.BigInteger calculateServerEvidenceMessage() throws CryptoExceptionComputes the server evidence message M2 using the previously verified values. To be called after successfully verifying the client evidence message M1.- Returns:
- M2: the server side generated evidence message
- Throws:
CryptoException
-
calculateSessionKey
public java.math.BigInteger calculateSessionKey() throws CryptoExceptionComputes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.- Returns:
- Key: the mutual authenticated symmetric session key
- Throws:
CryptoException
-
-