Module com.github.glusk.srp6_variables

Package com.github.glusk.srp6_variables

Class SRP6ServerSessionProof

java.lang.Object

com.github.glusk.caesar.AbstractBytes

com.github.glusk.srp6_variables.SRP6ServerSessionProof

All Implemented Interfaces:

Bytes

public final class SRP6ServerSessionProof
extends AbstractBytes

SRP-6 Server Session Proof (M2).

This variable is computed as either (1):

 M2 = H(A, M1, K) 

or (2):

 MM = H(A, M1, S) 

Use (1) to prove a shared, strong session key K.

Use (2) in a password-only proof where the calculation of K can be skipped. Refer to the package docs for more info on notation used.

Constructor Summary

Constructors

Constructor	Description
SRP6ServerSessionProof(ImmutableMessageDigest hashFunction, SRP6IntegerVariable prime, SRP6IntegerVariable clientPublicKey, Bytes clientProof, Bytes sessionKey, ByteOrder byteOrder)	Creates a new SRP-6 Server Session Proof that proves the existence of a shared, strong session key K.
SRP6ServerSessionProof(ImmutableMessageDigest hashFunction, SRP6IntegerVariable prime, SRP6IntegerVariable clientPublicKey, Bytes clientProof, SRP6IntegerVariable sharedSecret, ByteOrder byteOrder)	Creates a new SRP-6 password-only Server Session Proof where the calculation of K can be skipped.

Method Summary

Modifier and Type	Method	Description
byte[]	asArray()

Methods inherited from class com.github.glusk.caesar.AbstractBytes

equals, hashCode

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.github.glusk.caesar.Bytes

asHexString, reversed

Constructor Detail

SRP6ServerSessionProof

public SRP6ServerSessionProof(ImmutableMessageDigest hashFunction,
                              SRP6IntegerVariable prime,
                              SRP6IntegerVariable clientPublicKey,
                              Bytes clientProof,
                              Bytes sessionKey,
                              ByteOrder byteOrder)

Creates a new SRP-6 Server Session Proof that proves the existence of a shared, strong session key K.

The formula used is as follows:

 M2 = H(PAD(A), M1, K)
 

Client public key (A) is zero-padded to the byte length of prime (N).

Parameters:

hashFunction - a one-way hash function - H()

prime - SRP-6 Integer Variable: prime (N)

clientPublicKey - SRP-6 Integer Variable: client public key (A)

clientProof - SRP-6 Variable: client session proof (M1)

sessionKey - SRP-6 Variable: session key (K)

byteOrder - the byte order to use when converting SRP-6 Integer Variables to a byte sequence

SRP6ServerSessionProof

public SRP6ServerSessionProof(ImmutableMessageDigest hashFunction,
                              SRP6IntegerVariable prime,
                              SRP6IntegerVariable clientPublicKey,
                              Bytes clientProof,
                              SRP6IntegerVariable sharedSecret,
                              ByteOrder byteOrder)

Creates a new SRP-6 password-only Server Session Proof where the calculation of K can be skipped.

The formula used is as follows:

 M2 = H(PAD(A), M1, PAD(S))
 

Client public key (A) and shared secret (S) are zero-padded to the byte length of prime (N).

Parameters:

hashFunction - a one-way hash function - H()

prime - SRP-6 Integer Variable: prime (N)

clientPublicKey - SRP-6 Integer Variable: client public key (A)

clientProof - SRP-6 Variable: client session proof (M1)

sharedSecret - SRP-6 Integer Variable: shared secret (S)

byteOrder - the byte order to use when converting SRP-6 Integer Variables to a byte sequence

Method Detail

asArray

public byte[] asArray()
               throws IllegalStateException

Throws:

IllegalStateException - if byte length of N is shorter than the byte length of either A or S