Class SRP6Client
java.lang.Object
org.bouncycastle.tls.crypto.impl.jcajce.srp.SRP6Client
Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
"SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected BigIntegerprotected BigIntegerprotected BigIntegerprotected TlsHashprotected BigIntegerprotected BigIntegerprotected BigIntegerprotected BigIntegerprotected BigIntegerprotected SecureRandomprotected BigIntegerprotected BigIntegerprotected BigInteger -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionComputes the client evidence message M1 using the previously received values.calculateSecret(BigInteger serverB) Generates the secret S given the server's credentialsComputes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.generateClientCredentials(byte[] salt, byte[] identity, byte[] password) Generates client's credentials given the client's salt, identity and passwordvoidinit(BigInteger N, BigInteger g, TlsHash digest, SecureRandom random) Initialises the client to begin new authentication attemptvoidinit(SRP6Group group, TlsHash digest, SecureRandom random) protected BigIntegerbooleanverifyServerEvidenceMessage(BigInteger serverM2) Authenticates the server evidence message M2 received and saves it only if correct.
-
Field Details
-
N
-
g
-
a
-
A
-
B
-
x
-
u
-
S
-
M1
-
M2
-
Key
-
digest
-
random
-
-
Constructor Details
-
SRP6Client
public SRP6Client()
-
-
Method Details
-
init
Initialises the client to begin new authentication attempt- Parameters:
N- The safe prime associated with the client's verifierg- The group parameter associated with the client's verifierdigest- The digest algorithm associated with the client's verifierrandom- For key generation
-
init
-
generateClientCredentials
Generates client's credentials given the client's salt, identity and password- Parameters:
salt- The salt used in the client's verifier.identity- The user's identity (eg. username)password- The user's password- Returns:
- Client's public value to send to server
-
calculateSecret
Generates the secret S given the server's credentials- Parameters:
serverB- The server's credentials- Returns:
- Client's verification message for the server
- Throws:
IllegalArgumentException- If server's credentials are invalid
-
selectPrivateValue
-
calculateClientEvidenceMessage
Computes the client evidence message M1 using the previously received values. To be called after calculating the secret S.- Returns:
- M1: the client side generated evidence message
- Throws:
IllegalStateException
-
verifyServerEvidenceMessage
Authenticates the server evidence message M2 received and saves it only if correct.- Parameters:
serverM2- the server side generated evidence message- Returns:
- A boolean indicating if the server message M2 was the expected one.
- Throws:
IllegalStateException
-
calculateSessionKey
Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.- Returns:
- Key: the mutually authenticated symmetric session key
- Throws:
IllegalStateException
-