public class SecurityRequest extends Object implements Encodable
This does not handle the client authenticating itself to the server - that can be done after the channel has been established.
To use it the client first creates a new SecurityRequest and then calls one of the makeRequest()
methods. This returns a byte array that should be sent to the server.
The server uses decodeRequest() to decode the request. If it returns null it indicates that
the message was improperly formatted, indicating
that the client did not use the right public key.
The server checks the level requested and then decides on what level to allow.
The server sets any extraData that might be needed.
The server then calls on of the acceptRequestXXX() methods to produce an array of bytes to
send back to the client.
The client must use the same SecurityRequest as call the decodeReply() method to
decode the server response. If the method returns false then the server response was invalid
or the server did not have the correct private key.
The client then looks at the SecurityRequest and if the level is LEVEL_NO_ENCRYPTION then
a plain-text channel should be used. If the level is LEVEL_USE_SYMMETRIC then a SecureDocument
with symmetric encryption only should be used. If the level is LEVEL_USE_PRIVATE_KEYS then
a SecureDocument with Public/Private encryption should be used.
Modifier and Type | Field and Description |
---|---|
byte[] |
clientCertificate |
byte[] |
clientIndentifier |
PublicPrivateKey |
clientPrivateKey |
String |
errorMessage |
byte[] |
extraData |
byte[] |
identify |
int |
level |
static int |
LEVEL_NO_ENCRYPTION |
static int |
LEVEL_USE_PRIVATE_KEYS |
static int |
LEVEL_USE_SYMMETRIC |
static int |
REQUEST_ERROR |
PublicPrivateKey |
serverPublicKey |
byte[] |
symmetricKey |
Constructor and Description |
---|
SecurityRequest() |
SecurityRequest(int level,
PublicPrivateKey serverPublicKey) |
SecurityRequest(int level,
String serverPublicKey) |
Modifier and Type | Method and Description |
---|---|
byte[] |
acceptRequest(int level) |
byte[] |
acceptRequestNoEncryption() |
byte[] |
acceptRequestSymmetricOnly() |
byte[] |
acceptRequestSymmetricOnly(byte[] symmetric) |
byte[] |
acceptRequestUsePrivate() |
byte[] |
acceptRequestUsePrivate(PublicPrivateKey requestorPrivateKey,
PublicPrivateKey requestorPublicKey,
PublicPrivateKey newServerPrivateKey,
PublicPrivateKey newServerPublicKey) |
boolean |
decodeReply(byte[] data,
int offset,
int length) |
static SecurityRequest |
decodeRequest(byte[] data,
int offset,
int length,
PublicPrivateKey myPrivateKey) |
static SecurityRequest |
decodeRequest(byte[] data,
int offset,
int length,
String myPrivateKey) |
byte[] |
deny(String message) |
SecureChannel |
getChannel() |
static void |
main(String[] args) |
byte[] |
makeRequest()
Make the request to send to the remote server.
|
byte[] |
makeRequest(int level,
PublicPrivateKey remotePublicKey) |
byte[] |
makeRequest(int level,
String remotePublicKey) |
public static final int LEVEL_NO_ENCRYPTION
public static final int LEVEL_USE_SYMMETRIC
public static final int LEVEL_USE_PRIVATE_KEYS
public static final int REQUEST_ERROR
public int level
public PublicPrivateKey serverPublicKey
public PublicPrivateKey clientPrivateKey
public byte[] symmetricKey
public byte[] identify
public byte[] extraData
public byte[] clientIndentifier
public byte[] clientCertificate
public String errorMessage
public SecurityRequest()
public SecurityRequest(int level, String serverPublicKey) throws IOException
IOException
public SecurityRequest(int level, PublicPrivateKey serverPublicKey)
public byte[] makeRequest() throws IOException
IOException
public final byte[] makeRequest(int level, String remotePublicKey) throws IOException
IOException
public final byte[] makeRequest(int level, PublicPrivateKey remotePublicKey) throws IOException
IOException
public boolean decodeReply(byte[] data, int offset, int length)
public static SecurityRequest decodeRequest(byte[] data, int offset, int length, PublicPrivateKey myPrivateKey)
public static SecurityRequest decodeRequest(byte[] data, int offset, int length, String myPrivateKey)
public byte[] acceptRequestNoEncryption() throws IOException
IOException
public byte[] acceptRequestSymmetricOnly() throws IOException
IOException
public byte[] acceptRequestSymmetricOnly(byte[] symmetric) throws IOException
IOException
public byte[] acceptRequestUsePrivate() throws IOException
IOException
public byte[] acceptRequestUsePrivate(PublicPrivateKey requestorPrivateKey, PublicPrivateKey requestorPublicKey, PublicPrivateKey newServerPrivateKey, PublicPrivateKey newServerPublicKey) throws IOException
IOException
public byte[] acceptRequest(int level) throws IOException
IOException
public byte[] deny(String message) throws IOException
IOException
public SecureChannel getChannel() throws IOException
IOException
public static void main(String[] args) throws IOException
IOException