Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.nimbusds.srp6
Class SRP6ClientSession

java.lang.Object
  extended by com.nimbusds.srp6.SRP6Session
      extended by com.nimbusds.srp6.SRP6ClientSession

public class SRP6ClientSession
extends SRP6Session

Stateful client-side Secure Remote Password (SRP-6a) authentication session. Handles the computing and storing of SRP-6a variables between the protocol steps as well as timeouts.

Usage:

Version:
1.4 (2011-11-18)
Author:
Vladimir Dzhuvinov

Nested Class Summary
static class SRP6ClientSession.State
          Enumerates the states of a client-side SRP-6a authentication session.
 
Field Summary
 
Fields inherited from class com.nimbusds.srp6.SRP6Session
A, B, clientEvidenceRoutine, config, digest, k, lastActivity, M1, M2, random, s, S, serverEvidenceRoutine, timeout, u, userID
 
Constructor Summary
SRP6ClientSession()
          Creates a new client-side SRP-6a authentication session and sets its state to SRP6ClientSession.State.INIT.
SRP6ClientSession(int timeout)
          Creates a new client-side SRP-6a authentication session and sets its state to SRP6ClientSession.State.INIT.
 
Method Summary
 SRP6ClientSession.State getState()
          Returns the current state of this SRP-6a authentication session.
 XRoutine getXRoutine()
          Gets the custom routine for the password key 'x' computation.
 void setXRoutine(XRoutine routine)
          Sets a custom routine for the password key 'x' computation.
 void step1(java.lang.String userID, java.lang.String password)
          Records the identity 'I' and password 'P' of the authenticating user.
 SRP6ClientCredentials step2(SRP6CryptoParams config, java.math.BigInteger s, java.math.BigInteger B)
          Receives the password salt 's' and public value 'B' from the server.
 void step3(java.math.BigInteger M2)
          Receives the server evidence message 'M1'.
 
Methods inherited from class com.nimbusds.srp6.SRP6Session
getAttribute, getClientEvidenceMessage, getClientEvidenceRoutine, getCryptoParams, getLastActivityTime, getPublicClientValue, getPublicServerValue, getSalt, getServerEvidenceMessage, getServerEvidenceRoutine, getSessionKey, getTimeout, getUserID, hasTimedOut, setAttribute, setClientEvidenceRoutine, setServerEvidenceRoutine, updateLastActivityTime
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SRP6ClientSession

public SRP6ClientSession(int timeout)
Creates a new client-side SRP-6a authentication session and sets its state to SRP6ClientSession.State.INIT.

Parameters:
timeout - The SRP-6a authentication session timeout in seconds. If the authenticating counterparty (server or client) fails to respond within the specified time the session will be closed. If zero timeouts are disabled.

SRP6ClientSession

public SRP6ClientSession()
Creates a new client-side SRP-6a authentication session and sets its state to SRP6ClientSession.State.INIT. Session timeouts are disabled.

Method Detail

setXRoutine

public void setXRoutine(XRoutine routine)
Sets a custom routine for the password key 'x' computation. Note that the custom routine must be set prior to SRP6ClientSession.State.STEP_2.

Parameters:
routine - The password key 'x' routine or null to use the default one instead.

getXRoutine

public XRoutine getXRoutine()
Gets the custom routine for the password key 'x' computation.

Returns:
The routine instance or null if the default default one is used.

step1

public void step1(java.lang.String userID,
                  java.lang.String password)
Records the identity 'I' and password 'P' of the authenticating user. The session is incremented to SRP6ClientSession.State.STEP_1.

Argument origin:

Parameters:
userID - The identity 'I' of the authenticating user, UTF-8 encoded. Must not be null or empty.
password - The user password 'P', UTF-8 encoded. Must not be null.
Throws:
java.lang.IllegalStateException - If the mehod is invoked in a state other than SRP6ClientSession.State.INIT.

step2

public SRP6ClientCredentials step2(SRP6CryptoParams config,
                                   java.math.BigInteger s,
                                   java.math.BigInteger B)
                            throws SRP6Exception
Receives the password salt 's' and public value 'B' from the server. The SRP-6a crypto parameters are also set. The session is incremented to SRP6ClientSession.State.STEP_2.

Argument origin:

Parameters:
config - The SRP-6a crypto parameters. Must not be null.
s - The password salt 's'. Must not be null.
B - The public server value 'B'. Must not be null.
Returns:
The client credentials consisting of the client public key 'A' and the client evidence message 'M1'.
Throws:
java.lang.IllegalStateException - If the mehod is invoked in a state other than SRP6ClientSession.State.STEP_1.
SRP6Exception - If the session has timed out or the public server value 'B' is invalid.

step3

public void step3(java.math.BigInteger M2)
           throws SRP6Exception
Receives the server evidence message 'M1'. The session is incremented to SRP6ClientSession.State.STEP_3.

Argument origin:

Parameters:
M2 - The server evidence message 'M2'. Must not be null.
Throws:
java.lang.IllegalStateException - If the mehod is invoked in a state other than SRP6ClientSession.State.STEP_2.
SRP6Exception - If the session has timed out or the server evidence message 'M2' is invalid.

getState

public SRP6ClientSession.State getState()
Returns the current state of this SRP-6a authentication session.

Returns:
The current state.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD