org.eclipse.californium.scandium.dtls.pskstore

Class AdvancedSinglePskStore

java.lang.Object

org.eclipse.californium.scandium.dtls.pskstore.AdvancedSinglePskStore

All Implemented Interfaces:

Destroyable, AdvancedPskStore

public class AdvancedSinglePskStore
extends Object
implements AdvancedPskStore, Destroyable

AdvancedPskStore implementation for clients to connect a single other peer.

Since:

2.5

Constructor Summary

Constructors

Constructor and Description
AdvancedSinglePskStore(PskPublicInformation identity, byte[] key) Create simple store with initial credentials.
AdvancedSinglePskStore(PskPublicInformation identity, SecretKey key) Create simple store with initial credentials.
AdvancedSinglePskStore(String identity, byte[] key) Create simple store with initial credentials.
AdvancedSinglePskStore(String identity, SecretKey key) Create simple store with initial credentials.

Method Summary

Methods

Modifier and Type	Method and Description
void	destroy()
PskPublicInformation	getIdentity(InetSocketAddress peerAddress, ServerNames virtualHost) Gets the identity to use for a PSK based handshake with a given peer.
boolean	hasEcdhePskSupported() Check, if ECDHE PSK cipher suites are supported.
boolean	isDestroyed()
PskSecretResult	requestPskSecretResult(ConnectionId cid, ServerNames serverName, PskPublicInformation identity, String hmacAlgorithm, SecretKey otherSecret, byte[] seed) Request psk secret result.
void	setResultHandler(PskSecretResultHandler resultHandler) Set the handler for asynchronous master secret results.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AdvancedSinglePskStore

public AdvancedSinglePskStore(String identity,
                      byte[] key)

Create simple store with initial credentials.

Parameters:

identity - PSK identity

key - PSK secret key

AdvancedSinglePskStore

public AdvancedSinglePskStore(PskPublicInformation identity,
                      byte[] key)

Create simple store with initial credentials.

Parameters:

identity - PSK identity

key - PSK secret key

AdvancedSinglePskStore

public AdvancedSinglePskStore(String identity,
                      SecretKey key)

Create simple store with initial credentials.

Parameters:

identity - PSK identity

key - PSK secret key

AdvancedSinglePskStore

public AdvancedSinglePskStore(PskPublicInformation identity,
                      SecretKey key)

Create simple store with initial credentials.

Parameters:

identity - PSK identity

key - PSK secret key

Method Detail

hasEcdhePskSupported

public boolean hasEcdhePskSupported()

Description copied from interface: AdvancedPskStore

Check, if ECDHE PSK cipher suites are supported.

Specified by:

hasEcdhePskSupported in interface AdvancedPskStore

Returns:

true, if ECDHE PSK cipher suites are supported, false, if not.

requestPskSecretResult

public PskSecretResult requestPskSecretResult(ConnectionId cid,
                                     ServerNames serverName,
                                     PskPublicInformation identity,
                                     String hmacAlgorithm,
                                     SecretKey otherSecret,
                                     byte[] seed)

Description copied from interface: AdvancedPskStore

Request psk secret result. Either return the result, or null and process the request asynchronously. The PskSecretResult must contain the CID, the normalized identity and master secret or PSK secret key, if available. If the result is not returned, it is passed asynchronously to the result handler, provided during DTLSConnector initialization by AdvancedPskStore.setResultHandler(PskSecretResultHandler).

Specified by:

requestPskSecretResult in interface AdvancedPskStore

Parameters:

cid - connection id for stateless asynchronous implementations.

serverName - server names. Maybe null, if SNI is not enabled or not used by the client.

identity - psk identity. Maybe normalized, if identity is available in the store.

hmacAlgorithm - HMAC algorithm name for PRF.

otherSecret - other secret from ECDHE, or null. Must be cloned for asynchronous use. See RFC 5489, other secret

seed - seed for PRF.

Returns:

psk secret result, or null, if result is provided asynchronous.

getIdentity

public PskPublicInformation getIdentity(InetSocketAddress peerAddress,
                               ServerNames virtualHost)

Gets the identity to use for a PSK based handshake with a given peer.

A DTLS client uses this method to determine the identity to include in its CLIENT_KEY_EXCHANGE message during a PSK based DTLS handshake with the peer. Ignores arguments, though only a single destination peers is supported.

Specified by:

getIdentity in interface AdvancedPskStore

Parameters:

peerAddress - The IP address and port of the peer to perform the handshake with.

virtualHost - The virtual host at the peer to connect to. If null, the identity will be looked up in the global scope.

Returns:

The identity to use or null if no peer with the given address and virtual host is registered.

setResultHandler

public void setResultHandler(PskSecretResultHandler resultHandler)

Description copied from interface: AdvancedPskStore

Set the handler for asynchronous master secret results. Called during initialization of the DTLSConnector. Synchronous implementations may just ignore this using an empty implementation. Note: the type of the handler will change to HandshakeResultHandler with 3.0.

Specified by:

setResultHandler in interface AdvancedPskStore

Parameters:

resultHandler - handler for asynchronous master secret results. This handler MUST NOT be called from the thread calling AdvancedPskStore.requestPskSecretResult(ConnectionId, ServerNames, PskPublicInformation, String, SecretKey, byte[]), instead just return the result there.

destroy

public void destroy()
             throws DestroyFailedException

Specified by:

destroy in interface Destroyable

Throws:

DestroyFailedException

isDestroyed

public boolean isDestroyed()

Specified by:

isDestroyed in interface Destroyable