public class BridgePskStore extends Object implements AdvancedPskStore
PskStore
until having them migrated.
Delegates lookups to provided PskStore.| Constructor and Description |
|---|
BridgePskStore(PskStore pskStore)
Create an advanced pskstore from
PskStore. |
| Modifier and Type | Method and Description |
|---|---|
PskPublicInformation |
getIdentity(InetSocketAddress peerAddress,
ServerNames virtualHost)
Gets the identity to use for a PSK based handshake with a given
peer.
|
boolean |
hasEcdhePskSupported()
Check, if ECDHE PSK cipher suites are supported.
|
PskSecretResult |
requestPskSecretResult(ConnectionId cid,
ServerNames serverNames,
PskPublicInformation identity,
String hmacAlgorithm,
SecretKey otherSecret,
byte[] seed)
Request psk secret result.
|
void |
setResultHandler(PskSecretResultHandler resultHandler)
Set the handler for asynchronous master secret results.
|
protected final PskStore pskStore
public BridgePskStore(PskStore pskStore)
PskStore.pskStore - psk storeNullPointerException - if store is nullpublic boolean hasEcdhePskSupported()
AdvancedPskStorehasEcdhePskSupported in interface AdvancedPskStoretrue, if ECDHE PSK cipher suites are supported,
false, if not.public PskSecretResult requestPskSecretResult(ConnectionId cid, ServerNames serverNames, PskPublicInformation identity, String hmacAlgorithm, SecretKey otherSecret, byte[] seed)
AdvancedPskStorenull and process the request
asynchronously. The PskSecretResult must contain the CID, the
normalized identity and master secret or PSK secret key, if available. If
the result is not returned, it is passed asynchronously to the result
handler, provided during DTLSConnector initialization by
AdvancedPskStore.setResultHandler(PskSecretResultHandler).requestPskSecretResult in interface AdvancedPskStorecid - connection id for stateless asynchronous implementations.serverNames - server names. Maybe null, if SNI is not enabled
or not used by the client.identity - psk identity. Maybe normalized, if identity is available
in the store.hmacAlgorithm - HMAC algorithm name for PRF.otherSecret - other secret from ECDHE, or null. Must be
cloned for asynchronous use. See
RFC
5489, other secretseed - seed for PRF.null, if result is provided
asynchronous.public PskPublicInformation getIdentity(InetSocketAddress peerAddress, ServerNames virtualHost)
AdvancedPskStoreA DTLS client uses this method to determine the identity to include in its CLIENT_KEY_EXCHANGE message during a PSK based DTLS handshake with the peer.
getIdentity in interface AdvancedPskStorepeerAddress - The IP address and port of the peer to perform the
handshake with.virtualHost - The virtual host at the peer to connect to. If
null, the identity will be looked up in the
global scope.null if no peer with the given
address and virtual host is registered.public void setResultHandler(PskSecretResultHandler resultHandler)
AdvancedPskStoreDTLSConnector. Synchronous
implementations may just ignore this using an empty implementation.
Note: the type of the handler will change to HandshakeResultHandler with 3.0.setResultHandler in interface AdvancedPskStoreresultHandler - handler for asynchronous master secret results. This
handler MUST NOT be called from the thread calling
AdvancedPskStore.requestPskSecretResult(ConnectionId, ServerNames, PskPublicInformation, String, SecretKey, byte[]),
instead just return the result there.Copyright © 2023 Eclipse Foundation. All rights reserved.