Class Blake3X509AuthenticationSuite
java.lang.Object
jadex.ipc.impl.security.authentication.Blake3X509AuthenticationSuite
- All Implemented Interfaces:
IAuthenticationSuite
Symmetric authentication based on Blake2b MACs.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected static final int
Authentication Suite ID.protected static final int
Size of the derived key.protected static final int
Size of the MAC.protected Map
<PasswordSecret, JadexJPakeParticipant> State for password-authenticated key exchange.protected static final int
Size of the salt. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected static final byte[]
bigIntegerArrayToByteArray
(BigInteger[] bigintarr) Converts a big integer array to a byte array.protected static final BigInteger[]
byteArrayToBigIntegerArray
(byte[] bytes) Converts a byte array back into a big integer array.protected static final org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload
bytesToRound1
(byte[] bytes) Decodes JPAKE round 1.protected static final org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload
bytesToRound2
(byte[] bytes) Decodes JPAKE round 2.createAuthenticationToken
(byte[] msg, AbstractAuthenticationSecret secret) Creates an authentication token for a message based on an abstract implementation-dependent "key".protected static final JadexJPakeParticipant
createJPakeParticipant
(String pid, String password) Creates a new participant for JPAKE.protected byte[]
createSaltedId
(String id, byte[] idsalt) Hashes an id with a salt.void
finalizePake
(Security security, jadex.core.ComponentIdentifier remoteid, byte[] round2data) Finalizes the password-authenticated key exchange.int
getId()
Gets the authentication suite ID.protected static final byte[]
getMessageHash
(byte[] msg, byte[] salt) Create message hash.byte[]
getPakeRound1
(Security security, jadex.core.ComponentIdentifier remoteid) Gets the first round of the password-authenticated key-exchange.byte[]
getPakeRound2
(Security security, jadex.core.ComponentIdentifier remoteid, byte[] round1data) Gets the second round of the password-authenticated key-exchange.protected static final byte[]
round1ToBytes
(org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload r1pl) Encodes JPAKE round 1.protected static final byte[]
round2ToBytes
(org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload r2pl) Encodes JPAKE round 2.boolean
verifyAuthenticationToken
(byte[] msg, AbstractAuthenticationSecret secret, AuthToken authtoken) Creates an authentication token for a message based on an abstract implementation-dependent "key".
-
Field Details
-
AUTH_SUITE_ID
protected static final int AUTH_SUITE_IDAuthentication Suite ID.- See Also:
-
MAC_SIZE
protected static final int MAC_SIZESize of the MAC.- See Also:
-
DERIVED_KEY_SIZE
protected static final int DERIVED_KEY_SIZESize of the derived key.- See Also:
-
SALT_SIZE
protected static final int SALT_SIZESize of the salt.- See Also:
-
pakestate
State for password-authenticated key exchange.
-
-
Constructor Details
-
Blake3X509AuthenticationSuite
public Blake3X509AuthenticationSuite()Creates the suite.
-
-
Method Details
-
getId
public int getId()Gets the authentication suite ID.- Specified by:
getId
in interfaceIAuthenticationSuite
- Returns:
- The authentication suite ID.
-
getPakeRound1
Gets the first round of the password-authenticated key-exchange.- Specified by:
getPakeRound1
in interfaceIAuthenticationSuite
- Returns:
- First round payload.
-
getPakeRound2
public byte[] getPakeRound2(Security security, jadex.core.ComponentIdentifier remoteid, byte[] round1data) Gets the second round of the password-authenticated key-exchange.- Specified by:
getPakeRound2
in interfaceIAuthenticationSuite
- Returns:
- Second round payload.
-
finalizePake
public void finalizePake(Security security, jadex.core.ComponentIdentifier remoteid, byte[] round2data) Finalizes the password-authenticated key exchange.- Specified by:
finalizePake
in interfaceIAuthenticationSuite
-
createAuthenticationToken
Creates an authentication token for a message based on an abstract implementation-dependent "key".- Specified by:
createAuthenticationToken
in interfaceIAuthenticationSuite
- Parameters:
msg
- The message being authenticated.secret
- The secret used for authentication.- Returns:
- Authentication token.
-
verifyAuthenticationToken
public boolean verifyAuthenticationToken(byte[] msg, AbstractAuthenticationSecret secret, AuthToken authtoken) Creates an authentication token for a message based on an abstract implementation-dependent "key".- Specified by:
verifyAuthenticationToken
in interfaceIAuthenticationSuite
- Parameters:
msg
- The message being authenticated.secret
- The secret used for authentication.authtoken
- Authentication token.- Returns:
- True if authenticated, false otherwise.
-
getMessageHash
protected static final byte[] getMessageHash(byte[] msg, byte[] salt) Create message hash.- Parameters:
msg
- The message.- Returns:
- Hashed message.
-
createJPakeParticipant
Creates a new participant for JPAKE.- Parameters:
pid
-- Returns:
-
round1ToBytes
protected static final byte[] round1ToBytes(org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload r1pl) Encodes JPAKE round 1.- Parameters:
r1pl
- JPAKE round 1.- Returns:
- Encoded round.
-
bytesToRound1
protected static final org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload bytesToRound1(byte[] bytes) Decodes JPAKE round 1.- Parameters:
bytes
- Encoded round.- Returns:
- JPAKE round 1.
-
round2ToBytes
protected static final byte[] round2ToBytes(org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload r2pl) Encodes JPAKE round 2.- Parameters:
r1pl
- JPAKE round 2.- Returns:
- Encoded round.
-
bytesToRound2
protected static final org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload bytesToRound2(byte[] bytes) Decodes JPAKE round 2.- Parameters:
bytes
- Encoded round.- Returns:
- JPAKE round 2.
-
createSaltedId
Hashes an id with a salt.- Parameters:
id
- The clear id.idsalt
- The salt.- Returns:
- Salted ID.
-
bigIntegerArrayToByteArray
Converts a big integer array to a byte array.- Parameters:
bigintarr
- Big integer array.- Returns:
- Byte array.
-
byteArrayToBigIntegerArray
Converts a byte array back into a big integer array.- Parameters:
bytes
- The byte array.- Returns:
- The big integer array
-