Package de.bsvrz.sys.funclib.srp6
Class SRP6Session
java.lang.Object
de.bsvrz.sys.funclib.srp6.SRP6Session
- All Implemented Interfaces:
Serializable
- Direct Known Subclasses:
SRP6ClientSession,SRP6ServerSession
The base abstract class for client and server-side Secure Remote Password
(SRP-6a) authentication sessions.
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected BigIntegerThe client public value 'A'.protected BigIntegerThe server public value 'B'.protected ClientEvidenceRoutineCustom routine for the client evidence message 'M1' computation.protected SRP6CryptoParamsThe crypto configuration.protected URoutineCustom routine for the hashed keys 'u' computation.protected BigIntegerThe multiplier 'k'.protected longThe last activity timestamp, from System.currentTimeMillis().protected BigIntegerThe client evidence message 'M1'.protected BigIntegerThe server evidence message 'M2'.protected SecureRandomSource of randomness.protected BigIntegerThe password salt 's'.protected BigIntegerThe shared session key 'S'.protected ServerEvidenceRoutineCustom routine for the server evidence message 'M2' computation.protected final SRP6Routinesprotected final intThe SRP-6a authentication session timeout in seconds.protected BigIntegerThe random scrambling parameter 'u'.protected StringThe identity 'I' of the authenticating user. -
Constructor Summary
ConstructorsConstructorDescriptionCreates a new SRP-6a authentication session, session timeouts are disabled.SRP6Session(int timeout) Creates a new SRP-6a authentication session.SRP6Session(int timeout, SRP6Routines srp6Routines) Creates a new SRP-6a authentication session. -
Method Summary
Modifier and TypeMethodDescriptiongetAttribute(String key) Gets a session attribute.Gets the client evidence message 'M1'.Gets the custom routine to compute the client evidence message 'M1'.Gets the SRP-6a crypto parameters for this session.Gets the custom routine to compute hashed keys 'u' a 'H(A | B)'.longGets the last session activity timestamp, in milliseconds since midnight, January 1, 1970 UTC (see System.currentTimeMillis()).Gets the public client value 'A'.Gets the public server value 'B'.getSalt()Gets the password salt 's'.Gets the server evidence message 'M2'.Gets the custom routine to compute the server evidence message 'M2'.Gets the shared session key 'S'byte[]Gets the hash of the shared session key H(S).intGets the SRP-6a authentication session timeout.Gets the identity 'I' of the authenticating user.booleanReturnstrueif the session has timed out, based on the timeout configuration and the last activity timestamp.voidsetAttribute(String key, Object value) Sets a session attribute.voidSets a custom routine to compute the client evidence message 'M1'.voidsetHashedKeysRoutine(URoutine hashedKeysRoutine) Sets a custom routine to compute hashed keys 'u' a 'H(A | B)'.voidSets a custom routine to compute the server evidence message 'M2'.protected voidUpdates the last activity timestamp.
-
Field Details
-
srp6Routines
-
config
The crypto configuration. -
random
Source of randomness. -
timeout
protected final int timeoutThe SRP-6a authentication session timeout in seconds. If the authenticating counterparty (server or client) fails to respond within the specified time the session will be closed. Zero implies no timeout. -
lastActivity
protected long lastActivityThe last activity timestamp, from System.currentTimeMillis(). -
userID
The identity 'I' of the authenticating user. -
s
The password salt 's'. -
A
The client public value 'A'. -
B
The server public value 'B'. -
u
The random scrambling parameter 'u'. -
k
The multiplier 'k'. -
S
The shared session key 'S'. -
M1
The client evidence message 'M1'. -
M2
The server evidence message 'M2'. -
clientEvidenceRoutine
Custom routine for the client evidence message 'M1' computation. -
serverEvidenceRoutine
Custom routine for the server evidence message 'M2' computation. -
hashedKeysRoutine
Custom routine for the hashed keys 'u' computation.
-
-
Constructor Details
-
SRP6Session
Creates a new SRP-6a authentication session.- Parameters:
timeout- The SRP-6a authentication session timeout in seconds. If the authenticating counterparty (server or client) fails to respond within the specified time the session will be closed. If zero timeouts are disabled.srp6Routines- The math routines to use.
-
SRP6Session
public SRP6Session(int timeout) Creates a new SRP-6a authentication session.- Parameters:
timeout- The SRP-6a authentication session timeout in seconds. If the authenticating counterparty (server or client) fails to respond within the specified time the session will be closed. If zero timeouts are disabled.
-
SRP6Session
public SRP6Session()Creates a new SRP-6a authentication session, session timeouts are disabled. The default math routines are used.
-
-
Method Details
-
updateLastActivityTime
protected void updateLastActivityTime()Updates the last activity timestamp. -
getLastActivityTime
public long getLastActivityTime()Gets the last session activity timestamp, in milliseconds since midnight, January 1, 1970 UTC (see System.currentTimeMillis()).- Returns:
- The last activity timestamp.
-
hasTimedOut
public boolean hasTimedOut()Returnstrueif the session has timed out, based on the timeout configuration and the last activity timestamp.- Returns:
trueif the session has timed out, elsefalse.
-
getCryptoParams
Gets the SRP-6a crypto parameters for this session.- Returns:
- The SRP-6a crypto parameters,
nullif undefined.
-
getUserID
Gets the identity 'I' of the authenticating user.- Returns:
- The user identity 'I',
nullif undefined.
-
getTimeout
public int getTimeout()Gets the SRP-6a authentication session timeout.- Returns:
- The SRP-6a authentication session timeout, in seconds. Zero implies to timeout.
-
setClientEvidenceRoutine
Sets a custom routine to compute the client evidence message 'M1'. Note that the custom routine must be set prior toSRP6ClientSession.State.STEP_2orSRP6ServerSession.State.STEP_2.- Parameters:
routine- The client evidence message 'M1' routine ornullto use the defaultSRP6Routines.computeClientEvidence(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger).
-
getClientEvidenceRoutine
Gets the custom routine to compute the client evidence message 'M1'.- Returns:
- The routine instance or
nullif the defaultSRP6Routines.computeClientEvidence(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger)is used.
-
setServerEvidenceRoutine
Sets a custom routine to compute the server evidence message 'M2'. Note that the custom routine must be set prior toSRP6ClientSession.State.STEP_3orSRP6ServerSession.State.STEP_2.- Parameters:
routine- The server evidence message 'M2' routine ornullto use the defaultSRP6Routines.computeServerEvidence(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger).
-
getServerEvidenceRoutine
Gets the custom routine to compute the server evidence message 'M2'.- Returns:
- The routine instance or
nullif the defaultSRP6Routines.computeServerEvidence(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger)is used.
-
getHashedKeysRoutine
Gets the custom routine to compute hashed keys 'u' a 'H(A | B)'.- Returns:
- The routine instance or
nullif the defaultSRP6Routines.computeU(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger)is to be used.
-
setHashedKeysRoutine
Sets a custom routine to compute hashed keys 'u' a 'H(A | B)'. Note that the custom routine must be set prior toSRP6ServerSession.State.STEP_2.- Parameters:
hashedKeysRoutine- The hashed keys 'u' routine ornullto use the defaultSRP6Routines.computeU(java.security.MessageDigest, java.math.BigInteger, java.math.BigInteger, java.math.BigInteger).
-
getSalt
Gets the password salt 's'.- Returns:
- The salt 's' if available, else
null.
-
getPublicClientValue
Gets the public client value 'A'.- Returns:
- The public client value 'A' if available, else
null.
-
getPublicServerValue
Gets the public server value 'B'.- Returns:
- The public server value 'B' if available, else
null.
-
getClientEvidenceMessage
Gets the client evidence message 'M1'.- Returns:
- The client evidence message 'M1' if available, else
null.
-
getServerEvidenceMessage
Gets the server evidence message 'M2'.- Returns:
- The server evidence message 'M2' if available, else
null.
-
getSessionKey
Gets the shared session key 'S'- Returns:
- The shared session key 'S'.
nullwill be returned if authentication failed or the method is invoked in a session state when the session key 'S' has not been computed yet.
-
getSessionKeyHash
public byte[] getSessionKeyHash()Gets the hash of the shared session key H(S).- Returns:
- The hash of the shared session key H(S).
nullwill be returned if authentication failed or the method is invoked in a session state when the session key 'S' has not been computed yet.
-
setAttribute
Sets a session attribute. This method can be used to store arbitrary objects with this session and retrieve them later withgetAttribute(java.lang.String).- Parameters:
key- The attribute key. Must not benull.value- The attribute value. May benull.
-
getAttribute
Gets a session attribute. This method can be used to retrieve arbitrary objects stored with this session withsetAttribute(java.lang.String, java.lang.Object).- Parameters:
key- The attribute key. Must not benull.- Returns:
- The attribute value,
nullif none was found by the specified key or its value isnull.
-