Class SimulatedTlsSrpIdentityManager
- Namespace
- Org.BouncyCastle.Tls
- Assembly
- BouncyCastle.Cryptography.dll
An implementation of TlsSrpIdentityManager that simulates the existence of "unknown" identities to obscure the fact that there is no verifier for them.
public class SimulatedTlsSrpIdentityManager : TlsSrpIdentityManager- Inheritance
-
SimulatedTlsSrpIdentityManager
- Implements
- Inherited Members
Constructors
SimulatedTlsSrpIdentityManager(Srp6Group, TlsSrp6VerifierGenerator, TlsMac)
public SimulatedTlsSrpIdentityManager(Srp6Group group, TlsSrp6VerifierGenerator verifierGenerator, TlsMac mac)Parameters
groupSrp6GroupverifierGeneratorTlsSrp6VerifierGeneratormacTlsMac
Fields
m_group
protected readonly Srp6Group m_groupField Value
m_mac
protected readonly TlsMac m_macField Value
m_verifierGenerator
protected readonly TlsSrp6VerifierGenerator m_verifierGeneratorField Value
Methods
GetLoginParameters(byte[])
Lookup the TlsSrpLoginParameters corresponding to the specified identity.
public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity)Parameters
identitybyte[]the SRP identity sent by the connecting client.
Returns
- TlsSrpLoginParameters
the TlsSrpLoginParameters for the specified identity, or else 'simulated' parameters if the identity is not recognized. A null value is also allowed, but not recommended.
Remarks
NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC 5054 2.5.1.3. SimulatedTlsSrpIdentityManager is provided for this purpose.
GetRfc5054Default(TlsCrypto, Srp6Group, byte[])
Create a SimulatedTlsSrpIdentityManager that implements the algorithm from RFC 5054 2.5.1.3.
public static SimulatedTlsSrpIdentityManager GetRfc5054Default(TlsCrypto crypto, Srp6Group group, byte[] seedKey)Parameters
cryptoTlsCryptogroupSrp6Groupthe Srp6Group defining the group that SRP is operating in.
seedKeybyte[]the secret "seed key" referred to in RFC 5054 2.5.1.3.
Returns
- SimulatedTlsSrpIdentityManager
an instance of SimulatedTlsSrpIdentityManager.