org.eclipse.californium.scandium.dtls

Class Finished

java.lang.Object

org.eclipse.californium.scandium.dtls.AbstractMessage

org.eclipse.californium.scandium.dtls.HandshakeMessage

org.eclipse.californium.scandium.dtls.Finished

All Implemented Interfaces:

DTLSMessage

public final class Finished
extends HandshakeMessage

A Finished message is always sent immediately after a ChangeCipherSpecMessage to verify that the key exchange and authentication processes were successful. It is essential that a ChangeCipherSpecMessage be received between the other handshake messages and the Finished message. The Finished message is the first one protected with the just negotiated algorithms, keys, and secrets. The value handshake_messages includes all handshake messages starting at ClientHello up to, but not including, this Finished message. See RFC 5246.

Field Summary

Fields inherited from class org.eclipse.californium.scandium.dtls.HandshakeMessage

FRAGMENT_LENGTH_BITS, FRAGMENT_OFFSET_BITS, MESSAGE_HEADER_LENGTH_BYTES, MESSAGE_LENGTH_BITS, MESSAGE_SEQ_BITS, MESSAGE_TYPE_BITS

Constructor Summary

Constructors

Constructor and Description
Finished(Mac hmac, SecretKey masterSecret, boolean isClient, byte[] handshakeHash, InetSocketAddress peerAddress) Generates the verify data according to RFC 5246: PRF(master_secret, finished_label, Hash(handshake_messages)).

Method Summary

Methods

Modifier and Type	Method and Description
byte[]	fragmentToByteArray() The serialization of the handshake body (without the handshake header).
static HandshakeMessage	fromReader(org.eclipse.californium.elements.util.DatagramReader reader, InetSocketAddress peerAddress)
int	getMessageLength() Must be implemented by each subclass.
HandshakeType	getMessageType() Returns the type of the handshake message.
String	toString()
void	verifyData(Mac hmac, SecretKey masterSecret, boolean isClient, byte[] handshakeHash) See RFC 5246: All of the data from all messages in this handshake (not including any HelloRequest messages) up to, but not including, this message.

Methods inherited from class org.eclipse.californium.scandium.dtls.HandshakeMessage

fragmentChanged, fromByteArray, fromGenericHandshakeMessage, getContentType, getFragmentLength, getFragmentOffset, getMessageSeq, getNextHandshakeMessage, getRawMessage, setMessageSeq, setNextHandshakeMessage, size, toByteArray, writeTo

Methods inherited from class org.eclipse.californium.scandium.dtls.AbstractMessage

getPeer

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

Finished

public Finished(Mac hmac,
        SecretKey masterSecret,
        boolean isClient,
        byte[] handshakeHash,
        InetSocketAddress peerAddress)

Generates the verify data according to RFC 5246:
PRF(master_secret, finished_label, Hash(handshake_messages)).

Parameters:

hmac - the mac. e.g. HmacSHA256

masterSecret - the master_secret

isClient - to determine the finished_label

handshakeHash - the hash

peerAddress - the IP address and port of the peer this message has been received from or should be sent to

Method Detail

verifyData

public void verifyData(Mac hmac,
              SecretKey masterSecret,
              boolean isClient,
              byte[] handshakeHash)
                throws HandshakeException

See RFC 5246: All of the data from all messages in this handshake (not including any HelloRequest messages) up to, but not including, this message. This is only data visible at the handshake layer and does not include record layer headers.

Parameters:

hmac - the mac. e.g. HmacSHA256

masterSecret - the master secret.

isClient - whether the verify data comes from the client or the server.

handshakeHash - the handshake hash.

Throws:

HandshakeException - if the data can not be verified.

getMessageType

public HandshakeType getMessageType()

Description copied from class: HandshakeMessage

Returns the type of the handshake message. See HandshakeType.

Specified by:

getMessageType in class HandshakeMessage

Returns:

the HandshakeType.

getMessageLength

public int getMessageLength()

Description copied from class: HandshakeMessage

Must be implemented by each subclass. The length is given in bytes and only includes the length of the subclass' specific fields (not the handshake message header).

Specified by:

getMessageLength in class HandshakeMessage

Returns:

the length of the message in bytes.

toString

public String toString()

Overrides:

toString in class HandshakeMessage

fragmentToByteArray

public byte[] fragmentToByteArray()

Description copied from class: HandshakeMessage

The serialization of the handshake body (without the handshake header). Must be implemented by each subclass. Except the ClientHello, the fragments are considered to be not modified. If a modification is required, call HandshakeMessage.fragmentChanged().

Specified by:

fragmentToByteArray in class HandshakeMessage

Returns:

the raw byte representation of the handshake body.

fromReader

public static HandshakeMessage fromReader(org.eclipse.californium.elements.util.DatagramReader reader,
                          InetSocketAddress peerAddress)