Package de.bsvrz.sys.funclib.srp6
Interface XRoutine
-
- All Known Implementing Classes:
XRoutineWithUserIdentity
public interface XRoutine
Custom routine interface for computing the password key 'x'. Calculation of this value is required by the verifier 'v' generator as well as by the authenticatingclient session
.If you don't want to employ the
default routine
for computing 'x' you can use this interface to define your own. Remember to make sure that exactly the same routine is used to generate the verifier 'v' and by client authentication sessions later, else authentication will fail.For a sample implementation see
XRoutineWithUserIdentity
which computes x = H(s | H(I | ":" | P))
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.math.BigInteger
computeX(java.security.MessageDigest digest, byte[] salt, byte[] username, byte[] password)
Computes the password key 'x'.
-
-
-
Method Detail
-
computeX
java.math.BigInteger computeX(java.security.MessageDigest digest, byte[] salt, byte[] username, byte[] password)
Computes the password key 'x'.Tip: To convert a string to a byte array you can use
String.getBytes()
orString.getBytes(java.nio.charset.Charset)
. To convert a big integer to a byte array you can useBigInteger.toByteArray()
.- Parameters:
digest
- The hash function 'H'. To enforce a particular hash algorithm, e.g. "SHA-1", you may perform a check that throws anIllegalArgumentException
or ignore this argument altogether.salt
- The salt 's'. This is considered a mandatory argument in computation of 'x'.username
- The user identity 'I'. It may be ignored if the username is allowed to change or if a user may authenticate with multiple alternate identities, such as name and email address.password
- The user password 'P'. This is considered a mandatory argument in the computation of 'x'.- Returns:
- The resulting 'x' value.
-
-