|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
public interface XRoutine
Custom routine interface for computing the password key 'x'. Calculation of
this value is required by the verifier 'v' generator as well as by the
authenticating client session.
If you don't want to employ the default routine
for computing 'x' you can use this interface to define your own. Remember to
make sure that exactly the same routine is used to generate the verifier 'v'
and by client authentication sessions later, else authentication will fail.
For a sample implementation see XRoutineWithUserIdentity which
computes x = H(s | H(I | ":" | P))
| Method Summary | |
|---|---|
java.math.BigInteger |
computeX(java.security.MessageDigest digest,
byte[] salt,
byte[] username,
byte[] password)
Computes the password key 'x'. |
| Method Detail |
|---|
java.math.BigInteger computeX(java.security.MessageDigest digest,
byte[] salt,
byte[] username,
byte[] password)
Tip: To convert a string to a byte array you can use
String.getBytes() or
String.getBytes(java.nio.charset.Charset). To convert a big
integer to a byte array you can use BigInteger.toByteArray().
digest - The hash function 'H'. To enforce a particular hash
algorithm, e.g. "SHA-1", you may perform a check
that throws an IllegalArgumentExeption or
ignore this argument altogether.salt - The salt 's'. This is considered a mandatory argument
in computation of 'x'.username - The user identity 'I'. It may be ignored if the
username is allowed to change or if a user may
authenticate with multiple alternate identities, such
as name and email address.password - The user password 'P'. This is considered a mandatory
argument in the computation of 'x'.
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||