org.gudy.bouncycastle.crypto.agreement.srp
Class SRP6Server

java.lang.Object
  extended by org.gudy.bouncycastle.crypto.agreement.srp.SRP6Server

public class SRP6Server
extends Object

Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"


Field Summary
protected  BigInteger A
           
protected  BigInteger b
           
protected  BigInteger B
           
protected  Digest digest
           
protected  BigInteger g
           
protected  BigInteger N
           
protected  SecureRandom random
           
protected  BigInteger S
           
protected  BigInteger u
           
protected  BigInteger v
           
 
Constructor Summary
SRP6Server()
           
 
Method Summary
 BigInteger calculateSecret(BigInteger clientA)
          Processes the client's credentials.
 BigInteger generateServerCredentials()
          Generates the server's credentials that are to be sent to the client.
 void init(BigInteger N, BigInteger g, BigInteger v, Digest digest, SecureRandom random)
          Initialises the server to accept a new client authentication attempt
protected  BigInteger selectPrivateValue()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

N

protected BigInteger N

g

protected BigInteger g

v

protected BigInteger v

random

protected SecureRandom random

digest

protected Digest digest

A

protected BigInteger A

b

protected BigInteger b

B

protected BigInteger B

u

protected BigInteger u

S

protected BigInteger S
Constructor Detail

SRP6Server

public SRP6Server()
Method Detail

init

public void init(BigInteger N,
                 BigInteger g,
                 BigInteger v,
                 Digest digest,
                 SecureRandom random)
Initialises the server to accept a new client authentication attempt

Parameters:
N - The safe prime associated with the client's verifier
g - The group parameter associated with the client's verifier
v - The client's verifier
digest - The digest algorithm associated with the client's verifier
random - For key generation

generateServerCredentials

public BigInteger generateServerCredentials()
Generates the server's credentials that are to be sent to the client.

Returns:
The server's public value to the client

calculateSecret

public BigInteger calculateSecret(BigInteger clientA)
                           throws CryptoException
Processes the client's credentials. If valid the shared secret is generated and returned.

Parameters:
clientA - The client's credentials
Returns:
A shared secret BigInteger
Throws:
CryptoException - If client's credentials are invalid

selectPrivateValue

protected BigInteger selectPrivateValue()