com.nimbusds.srp6.SRP6Session
com.nimbusds.srp6.SRP6ServerSession
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
public class SRP6ServerSession
Stateful server-side Secure Remote Password (SRP-6a) authentication session. Handles the computing and storing of SRP-6a variables between the protocol steps as well as timeouts.
Usage:
step one on receiving a valid user identity
'I' from the authenticating client. Respond with the server public
value 'B' and password salt 's'. If the SRP-6a crypto parameters 'N',
'g' and 'H' were not agreed in advance between server and client
append them to the response.
step two on receiving the public client
value 'A' and evidence message 'M1'. If the client credentials are
valid signal success and return the server evidence message 'M2'. The
established session key 'S' may be retrieved to
encrypt further communication with the client. Else signal an
authentication failure to the client.
| Nested Class Summary | |
|---|---|
static class |
SRP6ServerSession.State
Enumerates the states of a server-side SRP-6a authentication session. |
| Field Summary |
|---|
| Fields inherited from class com.nimbusds.srp6.SRP6Session |
|---|
A, B, clientEvidenceRoutine, config, digest, k, lastActivity, M1, M2, random, s, S, serverEvidenceRoutine, timeout, u, userID |
| Constructor Summary | |
|---|---|
SRP6ServerSession(SRP6CryptoParams config)
Creates a new server-side SRP-6a authentication session and sets its state to SRP6ServerSession.State.INIT. |
|
SRP6ServerSession(SRP6CryptoParams config,
int timeout)
Creates a new server-side SRP-6a authentication session and sets its state to SRP6ServerSession.State.INIT. |
|
| Method Summary | |
|---|---|
SRP6ServerSession.State |
getState()
Returns the current state of this SRP-6a authentication session. |
java.math.BigInteger |
mockStep1(java.lang.String userID,
java.math.BigInteger s,
java.math.BigInteger v)
Increments this SRP-6a authentication session to SRP6ServerSession.State.STEP_1 indicating a non-existing user identity 'I' with
mock (simulated) salt 's' and password verifier 'v' values. |
java.math.BigInteger |
step1(java.lang.String userID,
java.math.BigInteger s,
java.math.BigInteger v)
Increments this SRP-6a authentication session to SRP6ServerSession.State.STEP_1. |
java.math.BigInteger |
step2(java.math.BigInteger A,
java.math.BigInteger M1)
Increments this SRP-6a authentication session to SRP6ServerSession.State.STEP_2. |
| Methods inherited from class com.nimbusds.srp6.SRP6Session |
|---|
getAttribute, getClientEvidenceMessage, getClientEvidenceRoutine, getCryptoParams, getLastActivityTime, getPublicClientValue, getPublicServerValue, getSalt, getServerEvidenceMessage, getServerEvidenceRoutine, getSessionKey, getTimeout, getUserID, hasTimedOut, setAttribute, setClientEvidenceRoutine, setServerEvidenceRoutine, updateLastActivityTime |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public SRP6ServerSession(SRP6CryptoParams config,
int timeout)
SRP6ServerSession.State.INIT.
config - The SRP-6a crypto parameters configuration. Must not
be null.timeout - The SRP-6a authentication session timeout in seconds.
If the authenticating counterparty (server or client)
fails to respond within the specified time the session
will be closed. If zero timeouts are disabled.public SRP6ServerSession(SRP6CryptoParams config)
SRP6ServerSession.State.INIT. Session timeouts are disabled.
config - The SRP-6a crypto parameters configuration. Must not
be null.| Method Detail |
|---|
public java.math.BigInteger step1(java.lang.String userID,
java.math.BigInteger s,
java.math.BigInteger v)
SRP6ServerSession.State.STEP_1.
Argument origin:
userID - The identity 'I' of the authenticating user. Must not
be null or empty.s - The password salt 's'. Must not be null.v - The password verifier 'v'. Must not be null.
java.lang.IllegalStateException - If the mehod is invoked in a state
other than SRP6ServerSession.State.INIT.
public java.math.BigInteger mockStep1(java.lang.String userID,
java.math.BigInteger s,
java.math.BigInteger v)
SRP6ServerSession.State.STEP_1 indicating a non-existing user identity 'I' with
mock (simulated) salt 's' and password verifier 'v' values.
This method can be used to avoid informing the client at step one that the user identity is bad and throw instead a guaranteed general "bad credentials" SRP-6a exception at step two.
Argument origin:
userID - The identity 'I' of the authenticating user. Must not
be null or empty.s - The password salt 's'. Must not be null.v - The password verifier 'v'. Must not be null.
java.lang.IllegalStateException - If the mehod is invoked in a state
other than SRP6ServerSession.State.INIT.
public java.math.BigInteger step2(java.math.BigInteger A,
java.math.BigInteger M1)
throws SRP6Exception
SRP6ServerSession.State.STEP_2.
Argument origin:
A - The client public value. Must not be null.M1 - The client evidence message. Must not be null.
SRP6Exception - If the session has timed out, the client public
value 'A' is invalid or the user credentials
are invalid.
java.lang.IllegalStateException - If the mehod is invoked in a state
other than SRP6ServerSession.State.STEP_1.public SRP6ServerSession.State getState()
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||