SRPServerInterface (Various API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jboss.security.srp
Interface SRPServerInterface

All Known Subinterfaces:: SRPRemoteServerInterface

All Known Implementing Classes:: SimpleSRPServer, SRPRemoteServer

public interface SRPServerInterface

An interface describing the message exchange of the SRP protocol as described in RFC2945. This is an RMI compatible interface in that all methods declare that they throw a RemoteException, but it does not extend from java.rmi.Remote so that it cannot be used in place of a Remote object. For an RMI interface see the SRPRemoteServerInterface. There are two versions of each method. One that takes an arbitrary session number and one that does not. The session number form allows a user to maintain mutiple SRP sessions.

Version:: $Revision: 57210 $
Author:: Scott.Stark@jboss.org
See Also:: SRPRemoteServerInterface

Method Summary
`void`	`close(String username)` Close the SRP session for the given username.
`void`	`close(String username, int sessionID)`
`SRPParameters`	`getSRPParameters(String username)` Get the SRP parameters to use for this session.
`Object[]`	`getSRPParameters(String username, boolean mutipleSessions)` Get the SRP parameters to use for this session and create an arbitrary session id to allow for multiple SRP sessions for this user.
`byte[]`	`init(String username, byte[] A)` Initiate the SRP algorithm.
`byte[]`	`init(String username, byte[] A, int sessionID)` Initiate the SRP algorithm.
`byte[]`	`verify(String username, byte[] M1)` Verify the session key hash.
`byte[]`	`verify(String username, byte[] M1, int sessionID)`
`byte[]`	`verify(String username, byte[] M1, Object auxChallenge)` Verify the session key hash.
`byte[]`	`verify(String username, byte[] M1, Object auxChallenge, int sessionID)`

Method Detail

getSRPParameters

SRPParameters getSRPParameters(String username)
                               throws KeyException,
                                      RemoteException

Get the SRP parameters to use for this session.

Parameters:: username, - the SRP username
Returns:: the users SRPParameters object
Throws:: KeyException; RemoteException

getSRPParameters

Object[] getSRPParameters(String username,
                          boolean mutipleSessions)
                          throws KeyException,
                                 RemoteException

Get the SRP parameters to use for this session and create an arbitrary session id to allow for multiple SRP sessions for this user.

Parameters:: username, - the SRP username; mutipleSessions, - a flag that if true indicates the user may initiate mutiple sessions and an arbitrary session id will be created.
Returns:: an array of {SRPParameters, Integer} where element[0] is the SRPParameters object and element[1] is the session id as an Integer.
Throws:: KeyException; RemoteException

init

byte[] init(String username,
            byte[] A)
            throws SecurityException,
                   NoSuchAlgorithmException,
                   RemoteException

Initiate the SRP algorithm. The client sends their username and the public key A to begin the SRP handshake.

Parameters:: username, - the user ID by which the client is known.; A, - the client public key = (g ^ a) % N
Returns:: byte[], ephemeral server public key B = (v + g ^ b) % N
Throws:: KeyException, - thrown if the username is not known by the server.; RemoteException, - thrown by remote implementations; SecurityException; NoSuchAlgorithmException; RemoteException

init

byte[] init(String username,
            byte[] A,
            int sessionID)
            throws SecurityException,
                   NoSuchAlgorithmException,
                   RemoteException

Initiate the SRP algorithm. The client sends their username and the public key A to begin the SRP handshake.

Parameters:: username, - the user ID by which the client is known.; A, - the client public key = (g ^ a) % N; sessionID, - the arbitrary session id obtained from getSRPParameters. A 0 indicates there is no sessionID.
Returns:: byte[], ephemeral server public key B = (v + g ^ b) % N
Throws:: KeyException, - thrown if the username is not known by the server.; RemoteException, - thrown by remote implementations; SecurityException; NoSuchAlgorithmException; RemoteException

verify

byte[] verify(String username,
              byte[] M1)
              throws SecurityException,
                     RemoteException

Verify the session key hash. The client sends their username and M1 hash to validate completion of the SRP handshake.

Parameters:: username, - the user ID by which the client is known. This is repeated to simplify the server session management.; M1, - the client hash of the session key; M1 = H(H(N) xor H(g) | H(U) | A | B | K)
Returns:: M2, the server hash of the client challenge; M2 = H(A | M1 | K)
Throws:: SecurityException, - thrown if M1 cannot be verified by the server; RemoteException, - thrown by remote implementations; SecurityException; RemoteException

verify

byte[] verify(String username,
              byte[] M1,
              int sessionID)
              throws SecurityException,
                     RemoteException

Throws:: SecurityException; RemoteException

verify

byte[] verify(String username,
              byte[] M1,
              Object auxChallenge)
              throws SecurityException,
                     RemoteException

Verify the session key hash. The client sends their username and M1 hash to validate completion of the SRP handshake.

Parameters:: username, - the user ID by which the client is known. This is repeated to simplify the server session management.; M1, - the client hash of the session key; M1 = H(H(N) xor H(g) | H(U) | A | B | K); auxChallenge, - an arbitrary addition data item that my be used as an additional challenge. One example usage would be to send a hardware generated token that was encrypted with the session private key for validation by the server.
Returns:: M2, the server hash of the client challenge; M2 = H(A | M1 | K)
Throws:: SecurityException, - thrown if M1 cannot be verified by the server; RemoteException, - thrown by remote implementations; SecurityException; RemoteException

verify

byte[] verify(String username,
              byte[] M1,
              Object auxChallenge,
              int sessionID)
              throws SecurityException,
                     RemoteException

Throws:: SecurityException; RemoteException

close

void close(String username)
           throws SecurityException,
                  RemoteException

Close the SRP session for the given username.

Throws:: SecurityException; RemoteException

close

void close(String username,
           int sessionID)
           throws SecurityException,
                  RemoteException

Throws:: SecurityException; RemoteException

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jboss.security.srp Interface SRPServerInterface

getSRPParameters

getSRPParameters

init

init

verify

verify

verify

verify

close

close

org.jboss.security.srp
Interface SRPServerInterface