Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  package org.bouncycastle.crypto.agreement.srp;
  
  
Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
 
 public class SRP6Client
 {
     protected BigInteger N;
     protected BigInteger g;
 
     protected BigInteger a;
     protected BigInteger A;
 
     protected BigInteger B;
 
     protected BigInteger x;
     protected BigInteger u;
     protected BigInteger S;
 
     protected BigInteger M1;
 	protected BigInteger M2;
 	protected BigInteger Key;
 	
     protected Digest digest;
     protected SecureRandom random;
 
     public SRP6Client()
     {
     }

    
Initialises the client to begin new authentication attempt

Parameters:
N The safe prime associated with the client's verifier
g The group parameter associated with the client's verifier
digest The digest algorithm associated with the client's verifier
random For key generation
 
     public void init(BigInteger NBigInteger gDigest digestSecureRandom random)
     {
         this. = N;
         this. = g;
         this. = digest;
         this. = random;
     }
 
     public void init(SRP6GroupParameters groupDigest digestSecureRandom random)
     {
         init(group.getN(), group.getG(), digestrandom);
     }

    
Generates client's credentials given the client's salt, identity and password

Parameters:
salt The salt used in the client's verifier.
identity The user's identity (eg. username)
password The user's password
Returns:
Client's public value to send to server
 
     public BigInteger generateClientCredentials(byte[] saltbyte[] identitybyte[] password)
     {
         this. = SRP6Util.calculateX(saltidentitypassword);
         this. = selectPrivateValue();
         this. = .modPow();
 
         return ;
     }

    
Generates the secret S given the server's credentials

Parameters:
serverB The server's credentials
Returns:
Client's verification message for the server
Throws:
org.bouncycastle.crypto.CryptoException If server's credentials are invalid
 
     public BigInteger calculateSecret(BigInteger serverBthrows CryptoException
     {
         this. = SRP6Util.validatePublicValue(serverB);
         this. = SRP6Util.calculateU();
         this. = calculateS();
 
         return ;
     }
 
     protected BigInteger selectPrivateValue()
     {
         return SRP6Util.generatePrivateValue();        
     }
 
     private BigInteger calculateS()
     {
         BigInteger k = SRP6Util.calculateK();
         BigInteger exp = .multiply().add();
        BigInteger tmp = .modPow().multiply(k).mod();
        return .subtract(tmp).mod().modPow(exp);
    }
    
    
Computes the client evidence message M1 using the previously received values. To be called after calculating the secret S.

Returns:
M1: the client side generated evidence message
Throws:
org.bouncycastle.crypto.CryptoException
		// verify pre-requirements
		if ((this.==null)||(this.==null)||(this.==null)){
			throw new CryptoException("Impossible to compute M1: " +
					"some data are missing from the previous operations (A,B,S)");
		}
		// compute the client evidence message 'M1'
		this. = SRP6Util.calculateM1();  
		return ;
	}

Authenticates the server evidence message M2 received and saves it only if correct.

Parameters:
M2: the server side generated evidence message
Returns:
A boolean indicating if the server message M2 was the expected one.
Throws:
org.bouncycastle.crypto.CryptoException
	public boolean verifyServerEvidenceMessage(BigInteger serverM2throws CryptoException{
		//verify pre-requirements
		if ((this.==null)||(this.==null)||(this.==null)){
			throw new CryptoException("Impossible to compute and verify M2: " +
					"some data are missing from the previous operations (A,M1,S)");
		}
		// Compute the own server evidence message 'M2'
		BigInteger computedM2 = SRP6Util.calculateM2();
		if (computedM2.equals(serverM2)){
			this. = serverM2;
			return true;
		}
		return false;
	}

Computes the final session key as a result of the SRP successful mutual authentication To be called after verifying the server evidence message M2.

Returns:
Key: the mutually authenticated symmetric session key
Throws:
org.bouncycastle.crypto.CryptoException
		//verify pre-requirements (here we enforce a previous calculation of M1 and M2)
		if ((this.==null)||(this.==null)||(this.==null)){
			throw new CryptoException("Impossible to compute Key: " +
					"some data are missing from the previous operations (S,M1,M2)");
		}
		this. = SRP6Util.calculateKey();
		return ;
	}
New to GrepCode? Check out our FAQ X