|
Bouncy Castle Cryptography Library 1.85 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.bouncycastle.crypto.agreement.owl.OwlServer
A server in the Elliptic Curve Owl key exchange protocol.
See OwlClient for more details about Owl.
| Field Summary | |
static int |
STATE_INITIALISED
|
static int |
STATE_KC_INITIALISED
|
static int |
STATE_KC_VALIDATED
|
static int |
STATE_KEY_CALCULATED
|
static int |
STATE_LOGIN_FINISHED
|
static int |
STATE_LOGIN_INITIALISED
|
| Constructor Summary | |
OwlServer(java.lang.String serverId)
Convenience constructor for a new OwlServer that uses
the OwlCurves.NIST_P256 elliptic curve,
a SHA-256 digest, and a default SecureRandom implementation.
|
|
OwlServer(java.lang.String serverId,
OwlCurve curve)
Convenience constructor for a new OwlServer that uses
a SHA-256 digest and a default SecureRandom implementation.
|
|
OwlServer(java.lang.String serverId,
OwlCurve curve,
Digest digest,
java.security.SecureRandom random)
Construct a new OwlServer.
|
|
| Method Summary | |
void |
authenticationServerEnd(OwlAuthenticationFinish authenticationFinish)
Validates the payload received from the client during the third pass of the Owl protocol. |
OwlAuthenticationServerResponse |
authenticationServerResponse(OwlAuthenticationInitiate authenticationInitiate,
OwlFinishRegistration userLoginCredentials)
Validates the payload sent by OwlClient.authenticationInitiate() by OwlClient, and then creates a new OwlAuthenticationServerResponse payload and sends it to the OwlClient.
|
java.math.BigInteger |
calculateKeyingMaterial()
Calculates and returns the key material. |
int |
getState()
Gets the current state of this server. |
OwlKeyConfirmation |
initiateKeyConfirmation(java.math.BigInteger keyingMaterial)
Creates and returns the payload to send to the client as part of Key Confirmation. |
void |
validateKeyConfirmation(OwlKeyConfirmation keyConfirmationPayload,
java.math.BigInteger keyingMaterial)
Validates the payload received from the client as part of Key Confirmation. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
public static final int STATE_INITIALISED
public static final int STATE_LOGIN_INITIALISED
public static final int STATE_LOGIN_FINISHED
public static final int STATE_KEY_CALCULATED
public static final int STATE_KC_INITIALISED
public static final int STATE_KC_VALIDATED
| Constructor Detail |
public OwlServer(java.lang.String serverId)
OwlServer that uses
the OwlCurves.NIST_P256 elliptic curve,
a SHA-256 digest, and a default SecureRandom implementation.
After construction, the state will be STATE_INITIALISED.
serverId - unique identifier of this server.
The server and client in the exchange must NOT share the same id.
java.lang.NullPointerException - if any argument is null
public OwlServer(java.lang.String serverId,
OwlCurve curve)
OwlServer that uses
a SHA-256 digest and a default SecureRandom implementation.
After construction, the state will be STATE_INITIALISED.
serverId - unique identifier of this server.
The server and client in the exchange must NOT share the same id.curve - elliptic curve
See OwlCurves for standard curves.
java.lang.NullPointerException - if any argument is null
public OwlServer(java.lang.String serverId,
OwlCurve curve,
Digest digest,
java.security.SecureRandom random)
OwlServer.
After construction, the state will be STATE_INITIALISED.
serverId - unique identifier of this server.
The client and server in the exchange must NOT share the same id.curve - elliptic curve
See OwlCurves for standard curvesdigest - digest to use during zero knowledge proofs and key confirmation (SHA-256 or stronger preferred)random - source of secure random data for x3 and x4, and for the zero knowledge proofs
java.lang.NullPointerException - if any argument is null| Method Detail |
public int getState()
public OwlAuthenticationServerResponse authenticationServerResponse(OwlAuthenticationInitiate authenticationInitiate,
OwlFinishRegistration userLoginCredentials)
throws CryptoException
OwlClient.authenticationInitiate() by OwlClient, and then creates a new OwlAuthenticationServerResponse payload and sends it to the OwlClient.
Must be called prior to authenticationServerEnd(OwlAuthenticationFinish).
After execution, the state will be STATE_LOGIN_INITIALISED.
authenticationInitiate - payload sent by OwlClient.authenticationInitiate() to be validated and used for further calculation.userLoginCredentials - comes from the server where it stored the user login credentials as part of the user login registration.
OwlAuthenticationServerResponse
CryptoException - if validation fails.
java.lang.IllegalStateException - if called multiple times.
public void authenticationServerEnd(OwlAuthenticationFinish authenticationFinish)
throws CryptoException
calculateKeyingMaterial().
After execution, the state will be STATE_LOGIN_FINISHED.
authenticationFinish - payload sent by OwlClient.authenticationFinish(OwlAuthenticationServerResponse) to be validated.
CryptoException - if validation fails.
java.lang.IllegalStateException - if called prior to authenticationServerResponse(OwlAuthenticationInitiate, OwlFinishRegistration), or multiple timespublic java.math.BigInteger calculateKeyingMaterial()
OwlServer).
The keying material will be identical for client and server if and only if
the login password is the same as the password stored by the server. i.e. If the client and
server do not share the same password, then each will derive a different key.
Rememeber, the server does not explicitly hold the password, but a secret value derived from the password
sent to the server by the client during user registration.
Therefore, if you immediately start using a key derived from
the keying material, then you must handle detection of incorrect keys.
Validation of the r value also detects if passwords are different between user registration and user login.
If you want to check the equality of the key materials derived at the two sides explicitly, you can perform explicit
key confirmation. See OwlServer for details on how to execute
key confirmation.
authenticationServerEnd(OwlAuthenticationFinish) must be called prior to this method.
After execution, the state will be STATE_KEY_CALCULATED.
java.lang.IllegalStateException - if called prior to authenticationServerEnd(OwlAuthenticationFinish),
or if called multiple times.public OwlKeyConfirmation initiateKeyConfirmation(java.math.BigInteger keyingMaterial)
See OwlClient for more details on Key Confirmation.
After execution, the state will be STATE_KC_INITIALISED.
keyingMaterial - The keying material as returned from calculateKeyingMaterial().
OwlKeyConfirmation
java.lang.IllegalStateException - if called prior to calculateKeyingMaterial(), or multiple times
public void validateKeyConfirmation(OwlKeyConfirmation keyConfirmationPayload,
java.math.BigInteger keyingMaterial)
throws CryptoException
See OwlClient for more details on Key Confirmation.
After execution, the state will be STATE_KC_VALIDATED.
keyConfirmationPayload - The key confirmation payload received from the client..keyingMaterial - The keying material as returned from calculateKeyingMaterial().
CryptoException - if validation fails.
java.lang.IllegalStateException - if called prior to calculateKeyingMaterial(), or multiple times
|
Bouncy Castle Cryptography Library 1.85 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||