Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.79
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

org.bouncycastle.crypto.agreement.srp
Class SRP6Client

java.lang.Object
  |
  +--org.bouncycastle.crypto.agreement.srp.SRP6Client
public class SRP6Client
extends java.lang.Object

Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"

Field Summary
protected  java.math.BigInteger a
           
protected  java.math.BigInteger A
           
protected  java.math.BigInteger B
           
protected  Digest digest
           
protected  java.math.BigInteger g
           
protected  java.math.BigInteger Key
           
protected  java.math.BigInteger M1
           
protected  java.math.BigInteger M2
           
protected  java.math.BigInteger N
           
protected  java.security.SecureRandom random
           
protected  java.math.BigInteger S
           
protected  java.math.BigInteger u
           
protected  java.math.BigInteger x
           
 
Constructor Summary
SRP6Client()
           
 
Method Summary
 java.math.BigInteger calculateClientEvidenceMessage()
          Computes the client evidence message M1 using the previously received values.
 java.math.BigInteger calculateSecret(java.math.BigInteger serverB)
          Generates the secret S given the server's credentials
 java.math.BigInteger calculateSessionKey()
          Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.
 java.math.BigInteger generateClientCredentials(byte[] salt, byte[] identity, byte[] password)
          Generates client's credentials given the client's salt, identity and password
 void init(java.math.BigInteger N, java.math.BigInteger g, Digest digest, java.security.SecureRandom random)
          Initialises the client to begin new authentication attempt
 void init(SRP6GroupParameters group, Digest digest, java.security.SecureRandom random)
           
protected  java.math.BigInteger selectPrivateValue()
           
 boolean verifyServerEvidenceMessage(java.math.BigInteger serverM2)
          Authenticates the server evidence message M2 received and saves it only if correct.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

N

protected java.math.BigInteger N

g

protected java.math.BigInteger g

a

protected java.math.BigInteger a

A

protected java.math.BigInteger A

B

protected java.math.BigInteger B

x

protected java.math.BigInteger x

u

protected java.math.BigInteger u

S

protected java.math.BigInteger S

M1

protected java.math.BigInteger M1

M2

protected java.math.BigInteger M2

Key

protected java.math.BigInteger Key

digest

protected Digest digest

random

protected java.security.SecureRandom random
Constructor Detail

SRP6Client

public SRP6Client()
Method Detail

init

public void init(java.math.BigInteger N,
                 java.math.BigInteger g,
                 Digest digest,
                 java.security.SecureRandom random)
Initialises the client to begin new authentication attempt
Parameters:
N - The safe prime associated with the client's verifier
g - The group parameter associated with the client's verifier
digest - The digest algorithm associated with the client's verifier
random - For key generation

init

public void init(SRP6GroupParameters group,
                 Digest digest,
                 java.security.SecureRandom random)

generateClientCredentials

public java.math.BigInteger generateClientCredentials(byte[] salt,
                                                      byte[] identity,
                                                      byte[] password)
Generates client's credentials given the client's salt, identity and password
Parameters:
salt - The salt used in the client's verifier.
identity - The user's identity (eg. username)
password - The user's password
Returns:
Client's public value to send to server

calculateSecret

public java.math.BigInteger calculateSecret(java.math.BigInteger serverB)
                                     throws CryptoException
Generates the secret S given the server's credentials
Parameters:
serverB - The server's credentials
Returns:
Client's verification message for the server
Throws:
CryptoException - If server's credentials are invalid

selectPrivateValue

protected java.math.BigInteger selectPrivateValue()

calculateClientEvidenceMessage

public java.math.BigInteger calculateClientEvidenceMessage()
                                                    throws CryptoException
Computes the client evidence message M1 using the previously received values. To be called after calculating the secret S.
Returns:
M1: the client side generated evidence message
Throws:
CryptoException -  

verifyServerEvidenceMessage

public boolean verifyServerEvidenceMessage(java.math.BigInteger serverM2)
                                    throws CryptoException
Authenticates the server evidence message M2 received and saves it only if correct.
Parameters:
serverM2 - the server side generated evidence message
Returns:
A boolean indicating if the server message M2 was the expected one.
Throws:
CryptoException -  

calculateSessionKey

public java.math.BigInteger calculateSessionKey()
                                         throws CryptoException
Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.
Returns:
Key: the mutually authenticated symmetric session key
Throws:
CryptoException -  
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.79
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD