com.nimbusds.srp6
Class SRP6CryptoParams

java.lang.Object
  com.nimbusds.srp6.SRP6CryptoParams

public class SRP6CryptoParams
extends java.lang.Object

The crypto parameters for the SRP-6a protocol. These must be agreed between client and server before authentication and consist of a large safe prime 'N', a corresponding generator 'g' and a hash function algorithm 'H'.

The practical approach is to have the server manage these and make them available to clients on request. This way, the client does not need to anticipate or otherwise keep track of which parameters are used for which users or servers; it only needs to verify their validity, which can be done mathematically or by simple table lookup.

For convenience this class includes a set of precomputed parameters, obtained from the SRP-6a demo at http://srp.stanford.edu/demo/demo.html.

Version:

1.4 (2011-10-29)

Author:

Vladimir Dzhuvinov

Field Summary

java.math.BigInteger	g The corresponding generator 'g'.
static java.math.BigInteger	g_common Generator 'g' parameter for N_256, N_512, N_768 and N_1024, as decimal.
java.lang.String	H The hash algorithm 'H'.
java.math.BigInteger	N The safe prime 'N'.
static java.math.BigInteger	N_1024 Precomputed safe 1024-bit prime 'N', as decimal.
static java.math.BigInteger	N_256 Precomputed safe 256-bit prime 'N', as decimal.
static java.math.BigInteger	N_512 Precomputed safe 512-bit prime 'N', as decimal.
static java.math.BigInteger	N_768 Precomputed safe 768-bit prime 'N', as decimal.

Constructor Summary

SRP6CryptoParams(java.math.BigInteger N, java.math.BigInteger g, java.lang.String H)
Creates a new SRP-6a crypto parameters instance.

Method Summary

static SRP6CryptoParams	getInstance() Returns an SRP-6a crypto parameters instance with precomputed 512-bit prime 'N', matching 'g' value and "SHA-1" hash algorithm.
static SRP6CryptoParams	getInstance(int bitsize, java.lang.String H) Returns an SRP-6a crypto parameters instance with precomputed 'N' and 'g' values and the specified hash algorithm 'H'.
java.security.MessageDigest	getMessageDigestInstance() Returns a new message digest instance for the hash algorithm 'H'.
static boolean	isSupportedHashAlgorithm(java.lang.String H) Checks if the specified hash algorithm 'H' is supported by the default security provider of the underlying Java runtime.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

N_256

public static final java.math.BigInteger N_256

Precomputed safe 256-bit prime 'N', as decimal.

N_512

public static final java.math.BigInteger N_512

Precomputed safe 512-bit prime 'N', as decimal.

N_768

public static final java.math.BigInteger N_768

Precomputed safe 768-bit prime 'N', as decimal.

N_1024

public static final java.math.BigInteger N_1024

Precomputed safe 1024-bit prime 'N', as decimal.

g_common

public static final java.math.BigInteger g_common

Generator 'g' parameter for N_256, N_512, N_768 and N_1024, as decimal.

N

public final java.math.BigInteger N

The safe prime 'N'.

g

public final java.math.BigInteger g

The corresponding generator 'g'.

H

public final java.lang.String H

The hash algorithm 'H'.

Constructor Detail

SRP6CryptoParams

public SRP6CryptoParams(java.math.BigInteger N,
                        java.math.BigInteger g,
                        java.lang.String H)

Creates a new SRP-6a crypto parameters instance. Note that the 'N' and 'g' values are not validated, nor is the 'H' support by the default security provider of the underlying Java runtime.

Parameters:

N - A large safe prime for the 'N' parameter. Must not be null.

g - A corresponding generator for the 'g' parameter. Must not be null.

H - A hash algorithm. Must by supported by the default security provider of the underlying Java runtime. Must not be null.

Method Detail

getInstance

public static SRP6CryptoParams getInstance(int bitsize,
                                           java.lang.String H)

Returns an SRP-6a crypto parameters instance with precomputed 'N' and 'g' values and the specified hash algorithm 'H'.

Parameters:

bitsize - The preferred prime number bitsize. Must exist as a precomputed constant.

H - The preferred hash algorithm. Must be supported by the default security provider of the underlying Java runtime.

Returns:

The matching SRP-6a crypto parameters instance, or null if no matching constants or hash algorithm provider could be found.

getInstance

public static SRP6CryptoParams getInstance()

Returns an SRP-6a crypto parameters instance with precomputed 512-bit prime 'N', matching 'g' value and "SHA-1" hash algorithm.

Returns:

SRP-6a crypto parameters instance with 512-bit prime 'N', matching 'g' value and "SHA-1" hash algorithm.

isSupportedHashAlgorithm

public static boolean isSupportedHashAlgorithm(java.lang.String H)

Checks if the specified hash algorithm 'H' is supported by the default security provider of the underlying Java runtime.

Parameters:

H - The hash algorithm to check, e.g. "SHA-1".

Returns:

true if the hash algorightm is supported, else false.

getMessageDigestInstance

public java.security.MessageDigest getMessageDigestInstance()

Returns a new message digest instance for the hash algorithm 'H'.

Returns:

A new message digest instance or null if not supported by the default security provider of the underlying Java runtime.