/** * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3 * * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3 * @return an instance of {@link SimulatedTlsSRPIdentityManager} */ public static SimulatedTlsSRPIdentityManager getRFC5054Default(SRP6GroupParameters group, byte[] seedKey) { SRP6VerifierGenerator verifierGenerator = new SRP6VerifierGenerator(); verifierGenerator.init(group, TlsUtils.createHash(HashAlgorithm.sha1)); HMac mac = new HMac(TlsUtils.createHash(HashAlgorithm.sha1)); mac.init(new KeyParameter(seedKey)); return new SimulatedTlsSRPIdentityManager(group, verifierGenerator, mac); }
private void testMutualVerification(BigInteger N, BigInteger g) throws CryptoException { byte[] I = "username".getBytes(); byte[] P = "password".getBytes(); byte[] s = new byte[16]; random.nextBytes(s); SRP6VerifierGenerator gen = new SRP6VerifierGenerator(); gen.init(N, g, new SHA256Digest()); BigInteger v = gen.generateVerifier(s, I, P); SRP6Client client = new SRP6Client(); client.init(N, g, new SHA256Digest(), random); SRP6Server server = new SRP6Server(); server.init(N, g, v, new SHA256Digest(), random); BigInteger A = client.generateClientCredentials(s, I, P); BigInteger B = server.generateServerCredentials(); BigInteger clientS = client.calculateSecret(B); BigInteger serverS = server.calculateSecret(A); if (!clientS.equals(serverS)) { fail("SRP agreement failed - client/server calculated different secrets"); } }
public SimulatedTlsSRPIdentityManager(SRP6GroupParameters group, SRP6VerifierGenerator verifierGenerator, Mac mac) { this.group = group; this.verifierGenerator = verifierGenerator; this.mac = mac; }
private void testMutualVerification(SRP6GroupParameters group) throws CryptoException { byte[] I = "username".getBytes(); byte[] P = "password".getBytes(); byte[] s = new byte[16]; random.nextBytes(s); SRP6VerifierGenerator gen = new SRP6VerifierGenerator(); gen.init(group, new SHA256Digest()); BigInteger v = gen.generateVerifier(s, I, P); SRP6Client client = new SRP6Client(); client.init(group, new SHA256Digest(), random); SRP6Server server = new SRP6Server(); server.init(group, v, new SHA256Digest(), random); BigInteger A = client.generateClientCredentials(s, I, P); BigInteger B = server.generateServerCredentials(); BigInteger clientS = client.calculateSecret(B); BigInteger serverS = server.calculateSecret(A); if (!clientS.equals(serverS)) { fail("SRP agreement failed - client/server calculated different secrets"); } }
public void setSRPPassword( char[] password ) { if ( password == null || password.length == 0 ){ SRP_SALT = null; SRP_VERIFIER = null; CryptoManagerFactory.getSingleton().setSRPParameters( null, null ); }else{ start(); try{ byte[] I = DEFAULT_IDENTITY.getBytes( "UTF-8" ); byte[] P = new String(password).getBytes( "UTF-8" ); byte[] salt = new byte[16]; RandomUtils.nextSecureBytes( salt ); SRP6VerifierGenerator gen = new SRP6VerifierGenerator(); gen.init( N_3072, G_3072, new SHA256Digest()); BigInteger verifier = gen.generateVerifier( salt, I, P ); CryptoManagerFactory.getSingleton().setSRPParameters( salt, verifier ); SRP_SALT = salt; SRP_VERIFIER = verifier; }catch( Throwable e ){ Debug.out( e ); } } updateActive(); }
