org.eclipse.californium.scandium.dtls

Class EcdhEcdsaServerKeyExchange

java.lang.Object

org.eclipse.californium.scandium.dtls.AbstractMessage

org.eclipse.californium.scandium.dtls.HandshakeMessage

org.eclipse.californium.scandium.dtls.ServerKeyExchange

org.eclipse.californium.scandium.dtls.ECDHServerKeyExchange

org.eclipse.californium.scandium.dtls.EcdhEcdsaServerKeyExchange

All Implemented Interfaces:

DTLSMessage

public final class EcdhEcdsaServerKeyExchange
extends ECDHServerKeyExchange

The server's ephemeral ECDH with ECDSA signatures. See RFC 4492, section 5.4 Server Key Exchange for details regarding the message format. According RFC 8422, 5.1.1. Supported Elliptic Curves Extension only "named curves" are valid, the "prime" and "char2" curve descriptions are deprecated. Also only "UNCOMPRESSED" as point format is valid, the other formats have been deprecated.

Since:

2.3

Nested Class Summary

Nested classes/interfaces inherited from class org.eclipse.californium.scandium.dtls.ECDHServerKeyExchange

ECDHServerKeyExchange.EcdhData

Field Summary

Fields inherited from class org.eclipse.californium.scandium.dtls.HandshakeMessage

FRAGMENT_LENGTH_BITS, FRAGMENT_OFFSET_BITS, MESSAGE_HEADER_LENGTH_BYTES, MESSAGE_LENGTH_BITS, MESSAGE_SEQ_BITS, MESSAGE_TYPE_BITS

Constructor Summary

Constructors

Constructor and Description
EcdhEcdsaServerKeyExchange(SignatureAndHashAlgorithm signatureAndHashAlgorithm, XECDHECryptography ecdhe, PrivateKey serverPrivateKey, Random clientRandom, Random serverRandom, InetSocketAddress peerAddress) Called by server with generated ephemeral keys and generates signature.

Method Summary

Methods

Modifier and Type	Method and Description
byte[]	fragmentToByteArray() The serialization of the handshake body (without the handshake header).
static HandshakeMessage	fromReader(org.eclipse.californium.elements.util.DatagramReader reader, InetSocketAddress peerAddress)
int	getMessageLength() Must be implemented by each subclass.
String	toString()
void	verifySignature(PublicKey serverPublicKey, Random clientRandom, Random serverRandom) Called by the client after receiving the server's ServerKeyExchange message.

Methods inherited from class org.eclipse.californium.scandium.dtls.ECDHServerKeyExchange

getEncodedPoint, getNamedCurveLength, getSupportedGroup, readNamedCurve, updateSignatureForNamedCurve, writeNamedCurve

Methods inherited from class org.eclipse.californium.scandium.dtls.ServerKeyExchange

getMessageType

Methods inherited from class org.eclipse.californium.scandium.dtls.HandshakeMessage

fragmentChanged, fromByteArray, fromGenericHandshakeMessage, getContentType, getFragmentLength, getFragmentOffset, getMessageSeq, getNextHandshakeMessage, getRawMessage, setMessageSeq, setNextHandshakeMessage, size, toByteArray, writeTo

Methods inherited from class org.eclipse.californium.scandium.dtls.AbstractMessage

getPeer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

EcdhEcdsaServerKeyExchange

public EcdhEcdsaServerKeyExchange(SignatureAndHashAlgorithm signatureAndHashAlgorithm,
                          XECDHECryptography ecdhe,
                          PrivateKey serverPrivateKey,
                          Random clientRandom,
                          Random serverRandom,
                          InetSocketAddress peerAddress)
                           throws GeneralSecurityException

Called by server with generated ephemeral keys and generates signature.

Parameters:

signatureAndHashAlgorithm - the algorithm to use

ecdhe - the ECDHE helper class. Contains generated ephemeral keys.

serverPrivateKey - the server's private key

clientRandom - the client's random (used for signature)

serverRandom - the server's random (used for signature)

peerAddress - the IP address and port of the peer this message has been received from or should be sent to

Throws:

GeneralSecurityException - if generating the signature providing prove of possession of the private key fails, e.g. due to an unsupported signature or hash algorithm or an invalid key

Method Detail

getMessageLength

public int getMessageLength()

Description copied from class: HandshakeMessage

Must be implemented by each subclass. The length is given in bytes and only includes the length of the subclass' specific fields (not the handshake message header).

Specified by:

getMessageLength in class HandshakeMessage

Returns:

the length of the message in bytes.

fragmentToByteArray

public byte[] fragmentToByteArray()

Description copied from class: HandshakeMessage

The serialization of the handshake body (without the handshake header). Must be implemented by each subclass. Except the ClientHello, the fragments are considered to be not modified. If a modification is required, call HandshakeMessage.fragmentChanged().

Specified by:

fragmentToByteArray in class HandshakeMessage

Returns:

the raw byte representation of the handshake body.

fromReader

public static HandshakeMessage fromReader(org.eclipse.californium.elements.util.DatagramReader reader,
                          InetSocketAddress peerAddress)
                                   throws HandshakeException

Throws:

HandshakeException

verifySignature

public void verifySignature(PublicKey serverPublicKey,
                   Random clientRandom,
                   Random serverRandom)
                     throws HandshakeException

Called by the client after receiving the server's ServerKeyExchange message. Verifies the contained signature.

Parameters:

serverPublicKey - the server's public key.

clientRandom - the client's random (used in signature).

serverRandom - the server's random (used in signature).

Throws:

HandshakeException - if the signature could not be verified.

toString

public String toString()

Overrides:

toString in class ECDHServerKeyExchange