Source code

001package com.nimbusds.srp6.cli;
002
003
004import java.io.IOException;
005import java.math.BigInteger;
006
007import com.nimbusds.srp6.BigIntegerUtils;
008import com.nimbusds.srp6.SRP6CryptoParams;
009import com.nimbusds.srp6.SRP6ServerSession;
010
011
012/**
013 * Interactive command-line server for Secure Remote Password (SRP-6a) 
014 * authentication. Can be used to test and debug client-side SRP-6a 
015 * authentication.
016 *
017 * <p>Uses the default Nimbus SRP {@link com.nimbusds.srp6.SRP6Routines routines}
018 * for computing the password key 'x', the server and client evidence messages 
019 * ('M1' and 'M2').
020 *
021 * @author Vladimir Dzhuvinov
022 */
023public class SRP6Server extends SRP6Tool {
024
025
026        /**
027         * Creates a new SRP-6a command-line server.
028         */
029        public SRP6Server()
030                throws IOException {
031        
032                super();
033        }
034        
035        
036        @Override
037        public void run()
038                throws IOException {
039                
040                System.out.println("*** Nimbus SRP-6a server ***");
041                System.out.println();
042                
043                // Step INIT
044                System.out.println("Initialize server session");
045                SRP6CryptoParams config = getConfig("\t");
046                
047                SRP6ServerSession server = new SRP6ServerSession(config);
048                
049                
050                // Step 1
051                System.out.println("Server session step 1");
052                
053                System.out.print("\tEnter user identity 'I': ");
054                String I = readInput();
055                
056                System.out.print("\tEnter password salt 's' (hex): ");
057                BigInteger s = readBigInteger();
058                
059                System.out.print("\tEnter password verifier 'v' (hex): ");
060                BigInteger v = readBigInteger();
061                
062                BigInteger B = server.step1(I, s, v);
063                
064                System.out.println();
065                System.out.println("\tComputed public server value 'B' (hex): " + BigIntegerUtils.toHex(B));
066                System.out.println();
067                
068                
069                // Step 2
070                System.out.println("Server session step 2");
071                
072                System.out.print("\tEnter client public value 'A' (hex): ");
073                BigInteger A = readBigInteger();
074                
075                System.out.print("\tEnter client evidence message 'M1' (hex): ");
076                BigInteger M1 = readBigInteger();
077                
078                BigInteger M2;
079                
080                try {
081                        M2 = server.step2(A, M1);
082                        
083                } catch (com.nimbusds.srp6.SRP6Exception e) {
084                
085                        System.out.println(e.getMessage());
086                        return;
087                }
088                
089                System.out.println();
090                System.out.println("\tComputed server evidence message 'M2 (hex): " + BigIntegerUtils.toHex(M2));
091                
092                // Success
093                System.out.println();
094                System.out.println("Mutual authentication successfully completed");
095        }
096        
097        
098        /**
099         * The main entry point to the command-line SRP-6a server.
100         *
101         * @param args The command line arguments.
102         *
103         * @throws Exception On a CLI or SRP-6a exception.
104         */
105        public static void main(final String[] args)
106                throws Exception {
107        
108                SRP6Server server = new SRP6Server();
109                
110                server.run();
111        }
112}