org.gudy.bouncycastle.crypto.agreement.srp
Class SRP6Client

java.lang.Object
  extended by org.gudy.bouncycastle.crypto.agreement.srp.SRP6Client

public class SRP6Client
extends Object

Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"


Field Summary
protected  BigInteger a
           
protected  BigInteger A
           
protected  BigInteger B
           
protected  Digest digest
           
protected  BigInteger g
           
protected  BigInteger N
           
protected  SecureRandom random
           
protected  BigInteger S
           
protected  BigInteger u
           
protected  BigInteger x
           
 
Constructor Summary
SRP6Client()
           
 
Method Summary
 BigInteger calculateSecret(BigInteger serverB)
          Generates client's verification message given the server's credentials
 BigInteger generateClientCredentials(byte[] salt, byte[] identity, byte[] password)
          Generates client's credentials given the client's salt, identity and password
 void init(BigInteger N, BigInteger g, Digest digest, SecureRandom random)
          Initialises the client to begin new authentication attempt
protected  BigInteger selectPrivateValue()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

N

protected BigInteger N

g

protected BigInteger g

a

protected BigInteger a

A

protected BigInteger A

B

protected BigInteger B

x

protected BigInteger x

u

protected BigInteger u

S

protected BigInteger S

digest

protected Digest digest

random

protected SecureRandom random
Constructor Detail

SRP6Client

public SRP6Client()
Method Detail

init

public void init(BigInteger N,
                 BigInteger g,
                 Digest digest,
                 SecureRandom random)
Initialises the client to begin new authentication attempt

Parameters:
N - The safe prime associated with the client's verifier
g - The group parameter associated with the client's verifier
digest - The digest algorithm associated with the client's verifier
random - For key generation

generateClientCredentials

public BigInteger generateClientCredentials(byte[] salt,
                                            byte[] identity,
                                            byte[] password)
Generates client's credentials given the client's salt, identity and password

Parameters:
salt - The salt used in the client's verifier.
identity - The user's identity (eg. username)
password - The user's password
Returns:
Client's public value to send to server

calculateSecret

public BigInteger calculateSecret(BigInteger serverB)
                           throws CryptoException
Generates client's verification message given the server's credentials

Parameters:
serverB - The server's credentials
Returns:
Client's verification message for the server
Throws:
CryptoException - If server's credentials are invalid

selectPrivateValue

protected BigInteger selectPrivateValue()