org.eclipse.californium.scandium.dtls

Class DTLSConnectionState

java.lang.Object

org.eclipse.californium.scandium.dtls.DTLSConnectionState

All Implemented Interfaces:

Destroyable

Direct Known Subclasses:

DtlsAeadConnectionState, DtlsBlockConnectionState

public abstract class DTLSConnectionState
extends Object
implements Destroyable

A set of algorithms and corresponding security parameters that together represent the current read or write state of a TLS connection.

According to the TLS 1.2 specification, a connection state specifies a compression algorithm, an encryption algorithm, and a MAC algorithm. In addition, the parameters for these algorithms are known: the MAC key and the bulk encryption keys for the connection in both the read and the write directions.

This class is immutable and thus only appropriate to reflect a current read or write state whose properties have been negotiated/established already.

Field Summary

Fields

Modifier and Type	Field and Description
protected CipherSuite	cipherSuite
protected CompressionMethod	compressionMethod
static DTLSConnectionState	NULL

Method Summary

Methods

Modifier and Type	Method and Description
static DTLSConnectionState	create(CipherSuite cipherSuite, CompressionMethod compressionMethod, SecretKey encryptionKey, SecretIvParameterSpec iv, SecretKey macKey) Create connection state and initializes all fields with given values.
abstract byte[]	decrypt(Record record, byte[] ciphertextFragment) Decrypt fragment for provided record.
abstract byte[]	encrypt(Record record, byte[] fragment) Encrypt fragment for provided record.
boolean	hasValidCipherSuite() Checks whether the cipher suite is not the NULL_CIPHER.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.security.auth.Destroyable

destroy, isDestroyed

Field Detail

NULL

public static final DTLSConnectionState NULL

cipherSuite

protected final CipherSuite cipherSuite

compressionMethod

protected final CompressionMethod compressionMethod

Method Detail

create

public static DTLSConnectionState create(CipherSuite cipherSuite,
                         CompressionMethod compressionMethod,
                         SecretKey encryptionKey,
                         SecretIvParameterSpec iv,
                         SecretKey macKey)

Create connection state and initializes all fields with given values.

Parameters:

cipherSuite - the cipher and MAC algorithm to use for encrypting message content

compressionMethod - the algorithm to use for compressing message content

encryptionKey - the secret key to use for encrypting message content

iv - the initialization vector to use for encrypting message content

macKey - the key to use for creating/verifying message authentication codes (MAC)

Returns:

created connection state.

Throws:

NullPointerException - if any of the parameter is null

hasValidCipherSuite

public boolean hasValidCipherSuite()

Checks whether the cipher suite is not the NULL_CIPHER.

Returns:

true if the suite is not CipherSuite.TLS_NULL_WITH_NULL_NULL.

encrypt

public abstract byte[] encrypt(Record record,
             byte[] fragment)
                        throws GeneralSecurityException

Encrypt fragment for provided record.

Parameters:

record - record to encrypt fragment for

fragment - fragment to encrypt

Returns:

encrypted fragment

Throws:

GeneralSecurityException - if an error occured during encryption

decrypt

public abstract byte[] decrypt(Record record,
             byte[] ciphertextFragment)
                        throws GeneralSecurityException

Decrypt fragment for provided record.

Parameters:

record - record to decrypt fragment for

ciphertextFragment - encrypted fragment

Returns:

fragment

Throws:

GeneralSecurityException - if an error occurred during decryption