001package com.nimbusds.srp6.cli; 002 003 004import java.io.IOException; 005import java.math.BigInteger; 006 007import com.nimbusds.srp6.BigIntegerUtils; 008import com.nimbusds.srp6.SRP6CryptoParams; 009import com.nimbusds.srp6.SRP6ServerSession; 010 011 012/** 013 * Interactive command-line server for Secure Remote Password (SRP-6a) 014 * authentication. Can be used to test and debug client-side SRP-6a 015 * authentication. 016 * 017 * <p>Uses the default Nimbus SRP {@link com.nimbusds.srp6.SRP6Routines routines} 018 * for computing the password key 'x', the server and client evidence messages 019 * ('M1' and 'M2'). 020 * 021 * @author Vladimir Dzhuvinov 022 */ 023public class SRP6Server extends SRP6Tool { 024 025 026 /** 027 * Creates a new SRP-6a command-line server. 028 */ 029 public SRP6Server() 030 throws IOException { 031 032 super(); 033 } 034 035 036 @Override 037 public void run() 038 throws IOException { 039 040 System.out.println("*** Nimbus SRP-6a server ***"); 041 System.out.println(); 042 043 // Step INIT 044 System.out.println("Initialize server session"); 045 SRP6CryptoParams config = getConfig("\t"); 046 047 SRP6ServerSession server = new SRP6ServerSession(config); 048 049 050 // Step 1 051 System.out.println("Server session step 1"); 052 053 System.out.print("\tEnter user identity 'I': "); 054 String I = readInput(); 055 056 System.out.print("\tEnter password salt 's' (hex): "); 057 BigInteger s = readBigInteger(); 058 059 System.out.print("\tEnter password verifier 'v' (hex): "); 060 BigInteger v = readBigInteger(); 061 062 BigInteger B = server.step1(I, s, v); 063 064 System.out.println(); 065 System.out.println("\tComputed public server value 'B' (hex): " + BigIntegerUtils.toHex(B)); 066 System.out.println(); 067 068 069 // Step 2 070 System.out.println("Server session step 2"); 071 072 System.out.print("\tEnter client public value 'A' (hex): "); 073 BigInteger A = readBigInteger(); 074 075 System.out.print("\tEnter client evidence message 'M1' (hex): "); 076 BigInteger M1 = readBigInteger(); 077 078 BigInteger M2; 079 080 try { 081 M2 = server.step2(A, M1); 082 083 } catch (com.nimbusds.srp6.SRP6Exception e) { 084 085 System.out.println(e.getMessage()); 086 return; 087 } 088 089 System.out.println(); 090 System.out.println("\tComputed server evidence message 'M2 (hex): " + BigIntegerUtils.toHex(M2)); 091 092 // Success 093 System.out.println(); 094 System.out.println("Mutual authentication successfully completed"); 095 } 096 097 098 /** 099 * The main entry point to the command-line SRP-6a server. 100 * 101 * @param args The command line arguments. 102 * 103 * @throws Exception On a CLI or SRP-6a exception. 104 */ 105 public static void main(final String[] args) 106 throws Exception { 107 108 SRP6Server server = new SRP6Server(); 109 110 server.run(); 111 } 112}