org.gudy.bouncycastle.crypto.agreement.srp
Class SRP6Client
java.lang.Object
org.gudy.bouncycastle.crypto.agreement.srp.SRP6Client
public class SRP6Client
- extends java.lang.Object
Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
"SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
|
Field Summary |
protected java.math.BigInteger |
a
|
protected java.math.BigInteger |
A
|
protected java.math.BigInteger |
B
|
protected Digest |
digest
|
protected java.math.BigInteger |
g
|
protected java.math.BigInteger |
N
|
protected java.security.SecureRandom |
random
|
protected java.math.BigInteger |
S
|
protected java.math.BigInteger |
u
|
protected java.math.BigInteger |
x
|
|
Method Summary |
java.math.BigInteger |
calculateSecret(java.math.BigInteger serverB)
Generates client's verification message given the server's credentials |
java.math.BigInteger |
generateClientCredentials(byte[] salt,
byte[] identity,
byte[] password)
Generates client's credentials given the client's salt, identity and password |
void |
init(java.math.BigInteger N,
java.math.BigInteger g,
Digest digest,
java.security.SecureRandom random)
Initialises the client to begin new authentication attempt |
protected java.math.BigInteger |
selectPrivateValue()
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
N
protected java.math.BigInteger N
g
protected java.math.BigInteger g
a
protected java.math.BigInteger a
A
protected java.math.BigInteger A
B
protected java.math.BigInteger B
x
protected java.math.BigInteger x
u
protected java.math.BigInteger u
S
protected java.math.BigInteger S
digest
protected Digest digest
random
protected java.security.SecureRandom random
SRP6Client
public SRP6Client()
init
public void init(java.math.BigInteger N,
java.math.BigInteger g,
Digest digest,
java.security.SecureRandom random)
- Initialises the client to begin new authentication attempt
- Parameters:
N - The safe prime associated with the client's verifierg - The group parameter associated with the client's verifierdigest - The digest algorithm associated with the client's verifierrandom - For key generation
generateClientCredentials
public java.math.BigInteger generateClientCredentials(byte[] salt,
byte[] identity,
byte[] password)
- Generates client's credentials given the client's salt, identity and password
- Parameters:
salt - The salt used in the client's verifier.identity - The user's identity (eg. username)password - The user's password
- Returns:
- Client's public value to send to server
calculateSecret
public java.math.BigInteger calculateSecret(java.math.BigInteger serverB)
throws CryptoException
- Generates client's verification message given the server's credentials
- Parameters:
serverB - The server's credentials
- Returns:
- Client's verification message for the server
- Throws:
CryptoException - If server's credentials are invalid
selectPrivateValue
protected java.math.BigInteger selectPrivateValue()