Package org.bouncycastle.tls

Class SimulatedTlsSRPIdentityManager

java.lang.Object

org.bouncycastle.tls.SimulatedTlsSRPIdentityManager

All Implemented Interfaces:

TlsSRPIdentityManager

public class SimulatedTlsSRPIdentityManager
extends Object
implements TlsSRPIdentityManager

An implementation of TlsSRPIdentityManager that simulates the existence of "unknown" identities to obscure the fact that there is no verifier for them.

Field Summary

Fields

Modifier and Type	Field	Description
protected SRP6Group	group
protected TlsMAC	mac
protected TlsSRP6VerifierGenerator	verifierGenerator

Constructor Summary

Constructors

Constructor	Description
SimulatedTlsSRPIdentityManager(SRP6Group group, TlsSRP6VerifierGenerator verifierGenerator, TlsMAC mac)

Method Summary

Modifier and Type	Method	Description
TlsSRPLoginParameters	getLoginParameters(byte[] identity)	Lookup the TlsSRPLoginParameters corresponding to the specified identity.
static SimulatedTlsSRPIdentityManager	getRFC5054Default(TlsCrypto crypto, SRP6Group group, byte[] seedKey)	Create a SimulatedTlsSRPIdentityManager that implements the algorithm from RFC 5054 2.5.1.3

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

group

protected SRP6Group group

verifierGenerator

protected TlsSRP6VerifierGenerator verifierGenerator

mac

protected TlsMAC mac

Constructor Details

SimulatedTlsSRPIdentityManager

public SimulatedTlsSRPIdentityManager(SRP6Group group,
 TlsSRP6VerifierGenerator verifierGenerator,
 TlsMAC mac)

Method Details

getRFC5054Default

public static SimulatedTlsSRPIdentityManager getRFC5054Default(TlsCrypto crypto,
 SRP6Group group,
 byte[] seedKey)
                                                        throws IOException

Create a SimulatedTlsSRPIdentityManager that implements the algorithm from RFC 5054 2.5.1.3

Parameters:

group - the SRP6Group defining the group that SRP is operating in

seedKey - the secret "seed key" referred to in RFC 5054 2.5.1.3

Returns:

an instance of SimulatedTlsSRPIdentityManager

Throws:

IOException

getLoginParameters

public TlsSRPLoginParameters getLoginParameters(byte[] identity)

Description copied from interface: TlsSRPIdentityManager

Lookup the TlsSRPLoginParameters corresponding to the specified identity. NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC 5054 2.5.1.3. SimulatedTlsSRPIdentityManager is provided for this purpose.

Specified by:

getLoginParameters in interface TlsSRPIdentityManager

Parameters:

identity - the SRP identity sent by the connecting client

Returns:

the TlsSRPLoginParameters for the specified identity, or else 'simulated' parameters if the identity is not recognized. A null value is also allowed, but not recommended.