Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.77.0
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

org.bouncycastle.crypto.agreement.srp
Class SRP6Server

java.lang.Object
  |
  +--org.bouncycastle.crypto.agreement.srp.SRP6Server
public class SRP6Server
extends java.lang.Object

Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"

Field Summary
protected  java.math.BigInteger A
           
protected  java.math.BigInteger b
           
protected  java.math.BigInteger B
           
protected  Digest digest
           
protected  java.math.BigInteger g
           
protected  java.math.BigInteger Key
           
protected  java.math.BigInteger M1
           
protected  java.math.BigInteger M2
           
protected  java.math.BigInteger N
           
protected  java.security.SecureRandom random
           
protected  java.math.BigInteger S
           
protected  java.math.BigInteger u
           
protected  java.math.BigInteger v
           
 
Constructor Summary
SRP6Server()
           
 
Method Summary
 java.math.BigInteger calculateSecret(java.math.BigInteger clientA)
          Processes the client's credentials.
 java.math.BigInteger calculateServerEvidenceMessage()
          Computes the server evidence message M2 using the previously verified values.
 java.math.BigInteger calculateSessionKey()
          Computes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.
 java.math.BigInteger generateServerCredentials()
          Generates the server's credentials that are to be sent to the client.
 void init(java.math.BigInteger N, java.math.BigInteger g, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)
          Initialises the server to accept a new client authentication attempt
 void init(SRP6GroupParameters group, java.math.BigInteger v, Digest digest, java.security.SecureRandom random)
           
protected  java.math.BigInteger selectPrivateValue()
           
 boolean verifyClientEvidenceMessage(java.math.BigInteger clientM1)
          Authenticates the received client evidence message M1 and saves it only if correct.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

N

protected java.math.BigInteger N

g

protected java.math.BigInteger g

v

protected java.math.BigInteger v

random

protected java.security.SecureRandom random

digest

protected Digest digest

A

protected java.math.BigInteger A

b

protected java.math.BigInteger b

B

protected java.math.BigInteger B

u

protected java.math.BigInteger u

S

protected java.math.BigInteger S

M1

protected java.math.BigInteger M1

M2

protected java.math.BigInteger M2

Key

protected java.math.BigInteger Key
Constructor Detail

SRP6Server

public SRP6Server()
Method Detail

init

public void init(java.math.BigInteger N,
                 java.math.BigInteger g,
                 java.math.BigInteger v,
                 Digest digest,
                 java.security.SecureRandom random)
Initialises the server to accept a new client authentication attempt
Parameters:
N - The safe prime associated with the client's verifier
g - The group parameter associated with the client's verifier
v - The client's verifier
digest - The digest algorithm associated with the client's verifier
random - For key generation

init

public void init(SRP6GroupParameters group,
                 java.math.BigInteger v,
                 Digest digest,
                 java.security.SecureRandom random)

generateServerCredentials

public java.math.BigInteger generateServerCredentials()
Generates the server's credentials that are to be sent to the client.
Returns:
The server's public value to the client

calculateSecret

public java.math.BigInteger calculateSecret(java.math.BigInteger clientA)
                                     throws CryptoException
Processes the client's credentials. If valid the shared secret is generated and returned.
Parameters:
clientA - The client's credentials
Returns:
A shared secret BigInteger
Throws:
CryptoException - If client's credentials are invalid

selectPrivateValue

protected java.math.BigInteger selectPrivateValue()

verifyClientEvidenceMessage

public boolean verifyClientEvidenceMessage(java.math.BigInteger clientM1)
                                    throws CryptoException
Authenticates the received client evidence message M1 and saves it only if correct. To be called after calculating the secret S.
Parameters:
clientM1 - the client side generated evidence message
Returns:
A boolean indicating if the client message M1 was the expected one.
Throws:
CryptoException -  

calculateServerEvidenceMessage

public java.math.BigInteger calculateServerEvidenceMessage()
                                                    throws CryptoException
Computes the server evidence message M2 using the previously verified values. To be called after successfully verifying the client evidence message M1.
Returns:
M2: the server side generated evidence message
Throws:
CryptoException -  

calculateSessionKey

public java.math.BigInteger calculateSessionKey()
                                         throws CryptoException
Computes the final session key as a result of the SRP successful mutual authentication To be called after calculating the server evidence message M2.
Returns:
Key: the mutual authenticated symmetric session key
Throws:
CryptoException -  
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.77.0
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD