Class SRP6Client


  • public class SRP6Client
    extends Object
    Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
    • Constructor Detail

      • SRP6Client

        public SRP6Client()
    • Method Detail

      • init

        public void init​(BigInteger N,
                         BigInteger g,
                         Digest digest,
                         SecureRandom random)
        Initialises the client to begin new authentication attempt
        Parameters:
        N - The safe prime associated with the client's verifier
        g - The group parameter associated with the client's verifier
        digest - The digest algorithm associated with the client's verifier
        random - For key generation
      • generateClientCredentials

        public BigInteger generateClientCredentials​(byte[] salt,
                                                    byte[] identity,
                                                    byte[] password)
        Generates client's credentials given the client's salt, identity and password
        Parameters:
        salt - The salt used in the client's verifier.
        identity - The user's identity (eg. username)
        password - The user's password
        Returns:
        Client's public value to send to server
      • calculateSecret

        public BigInteger calculateSecret​(BigInteger serverB)
                                   throws CryptoException
        Generates the secret S given the server's credentials
        Parameters:
        serverB - The server's credentials
        Returns:
        Client's verification message for the server
        Throws:
        CryptoException - If server's credentials are invalid
      • selectPrivateValue

        protected BigInteger selectPrivateValue()
      • calculateClientEvidenceMessage

        public BigInteger calculateClientEvidenceMessage()
                                                  throws CryptoException
        Computes the client evidence message M1 using the previously received values. To be called after calculating the secret S.
        Returns:
        M1: the client side generated evidence message
        Throws:
        CryptoException
      • verifyServerEvidenceMessage

        public boolean verifyServerEvidenceMessage​(BigInteger serverM2)
                                            throws CryptoException
        Authenticates the server evidence message M2 received and saves it only if correct.
        Parameters:
        serverM2 - the server side generated evidence message
        Returns:
        A boolean indicating if the server message M2 was the expected one.
        Throws:
        CryptoException
      • calculateSessionKey

        public BigInteger calculateSessionKey()
                                       throws CryptoException
        Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.
        Returns:
        Key: the mutually authenticated symmetric session key
        Throws:
        CryptoException