org.jboss.security.srp
Class SRPClientSession

java.lang.Object
  extended byorg.jboss.security.srp.SRPClientSession

public class SRPClientSession
extends java.lang.Object

The client side logic to the SRP protocol. The class is intended to be used with a SRPServerSession object via the SRPServerInterface. The SRP algorithm using these classes consists of: 1. Get server, SRPServerInterface server = (SRPServerInterface) Naming.lookup(...); 2. Get SRP parameters, SRPParameters params = server.getSRPParameters(username); 3. Create a client session, SRPClientSession client = new SRPClientSession(username, password, params); 4. Exchange public keys, byte[] A = client.exponential(); byte[] B = server.init(username, A); 5. Exchange challenges, byte[] M1 = client.response(B); byte[] M2 = server.verify(username, M1); 6. Verify the server response, if( client.verify(M2) == false ) throw new SecurityException("Failed to validate server reply"); 7. Validation complete Note that these steps are stateful. They must be performed in order and a step cannot be repeated to update the session state. This product uses the 'Secure Remote Password' cryptographic authentication system developed by Tom Wu (tjw@CS.Stanford.EDU).


Constructor Summary
SRPClientSession(java.lang.String username, char[] password, SRPParameters (src)  params)
          Creates a new SRP server session object from the username, password verifier,
SRPClientSession(java.lang.String username, char[] password, SRPParameters (src)  params, byte[] abytes)
          Creates a new SRP server session object from the username, password verifier,
 
Method Summary
 byte[] exponential()
           
 byte[] getSessionKey()
          Returns the negotiated session K, K = SHA_Interleave(S)
 byte[] response(byte[] Bbytes)
           
 boolean verify(byte[] M2)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SRPClientSession

public SRPClientSession(java.lang.String username,
                        char[] password,
                        SRPParameters (src)  params)
Creates a new SRP server session object from the username, password verifier,


SRPClientSession

public SRPClientSession(java.lang.String username,
                        char[] password,
                        SRPParameters (src)  params,
                        byte[] abytes)
Creates a new SRP server session object from the username, password verifier,

Method Detail

exponential

public byte[] exponential()

response

public byte[] response(byte[] Bbytes)
                throws java.security.NoSuchAlgorithmException
Throws:
java.security.NoSuchAlgorithmException - thrown if the session key MessageDigest algorithm cannot be found.

verify

public boolean verify(byte[] M2)
Parameters:
M2 - The server's response to the client's challenge

getSessionKey

public byte[] getSessionKey()
                     throws java.lang.SecurityException
Returns the negotiated session K, K = SHA_Interleave(S)

Returns:
the private session K byte[]
Throws:
java.lang.SecurityException - - if the current thread does not have an getSessionKey SRPPermission.