edu.nyu.cs.pdsg.handshake
Class SecureChannel

java.lang.Object
  extended byedu.nyu.cs.pdsg.handshake.SecureChannel
Direct Known Subclasses:
GenericPKISecureChannel

public abstract class SecureChannel
extends java.lang.Object


Field Summary
private  boolean authentication
          Does the user require the channel to be authenticated
private  int keylength
          The requested secret key length
private  java.util.HashSet preferredAlgorithms
          The requested algorithms
private  boolean security
          Does the user require the channel to be secure
 
Constructor Summary
SecureChannel()
           
 
Method Summary
abstract  boolean client()
          Subclass should return true if this is the initiator of the handshake
abstract  byte[] decode(byte[] token)
          Encode a byte array for transmission to the corresponding SecureChannel
 byte[] decode(byte[] packet, int base, int off)
          Encode a byte array for transmission to the corresponding SecureChannel
abstract  byte[] encode(byte[] packet)
          Encode a byte array for transmission to the corresponding SecureChannel
 byte[] encode(byte[] packet, int base, int off)
          Encode a byte array for transmission to the corresponding SecureChannel
 void finishClient(java.io.DataInputStream in, java.io.DataOutputStream out)
          Utility method that initializes this SecureChannel as a client.
 void finishServer(java.io.DataInputStream in, java.io.DataOutputStream out)
          Utility method that initializes this SecureChannel as a server.
abstract  java.lang.Object identity()
          Returns the identity of this SecureChannel
abstract  byte[] initClient()
          The first stage in the handshake.
 boolean initClient(java.io.DataOutputStream out)
          Utility method to write the initial packet to a DataOutputStream
abstract  byte[] initUpdate(byte[] token, int off, int length)
          Handle the handshaking.
 boolean initUpdate(java.io.DataInputStream in, java.io.DataOutputStream out)
          Utility method that reads a packet from a DataInputStream and writes a packet (if needed) to a DataOutputStream and calls initUpdate()
 int minKeyLength()
           
abstract  java.lang.Object otherIdentity()
          returns the identity of the corresponding SecureChannel
abstract  boolean otherIdentity(java.lang.Object id)
          Compares the identity of this SecureChannel to the presented object
 java.util.HashSet preferredSecurityAlgorithms()
           
abstract  boolean ready()
          Subclass should return true if the channel has completed the handshake
 boolean requiresAuthentication()
           
 boolean requiresSecurity()
           
abstract  boolean server()
          Subclass should return true if this is the acceptor of the handshake
abstract  void setExpectedOtherIdentity(java.lang.Object id)
          Declare the identity of the other side of the channel.
 void setMinKeylength(int _keylength)
           
abstract  void setMyIdentity(java.lang.Object id, java.lang.Object idProof)
          Provide the channel with an identity and proof of identity (eg: a PublicKey and PrivateKey)
 void setPreferredSecurityAlgorithms(java.util.HashSet _preferredAlgorithms)
           
 void setRequiresAuthentication(boolean _authentication)
          Declare the channel's authentication requirements
 void setRequiresSecurity(boolean _security)
          Declare the channel's security requirements
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

authentication

private boolean authentication
Does the user require the channel to be authenticated


security

private boolean security
Does the user require the channel to be secure


keylength

private int keylength
The requested secret key length


preferredAlgorithms

private java.util.HashSet preferredAlgorithms
The requested algorithms

Constructor Detail

SecureChannel

public SecureChannel()
Method Detail

ready

public abstract boolean ready()
Subclass should return true if the channel has completed the handshake


client

public abstract boolean client()
Subclass should return true if this is the initiator of the handshake


server

public abstract boolean server()
Subclass should return true if this is the acceptor of the handshake


setMyIdentity

public abstract void setMyIdentity(java.lang.Object id,
                                   java.lang.Object idProof)
Provide the channel with an identity and proof of identity (eg: a PublicKey and PrivateKey)

Parameters:
id - The identity (eg PublicKey)
idProof - An object which can be used to prove ownership over 'id' (eg PrivateKey)

setExpectedOtherIdentity

public abstract void setExpectedOtherIdentity(java.lang.Object id)
Declare the identity of the other side of the channel. If the identity it authenticates itself as does not match this identity, an exception will be thrown.

Parameters:
id - the expected other identity, or null if no identity is expected.

setRequiresAuthentication

public void setRequiresAuthentication(boolean _authentication)
Declare the channel's authentication requirements

Parameters:
_authentication - true if the channel will require authentication

setRequiresSecurity

public void setRequiresSecurity(boolean _security)
Declare the channel's security requirements

Parameters:
_security - the

setMinKeylength

public void setMinKeylength(int _keylength)

setPreferredSecurityAlgorithms

public void setPreferredSecurityAlgorithms(java.util.HashSet _preferredAlgorithms)

requiresAuthentication

public boolean requiresAuthentication()

requiresSecurity

public boolean requiresSecurity()

minKeyLength

public int minKeyLength()

preferredSecurityAlgorithms

public java.util.HashSet preferredSecurityAlgorithms()

initClient

public abstract byte[] initClient()
                           throws HandshakeException
The first stage in the handshake. The client should call this to get the first token to transmit to the server.

Returns:
the first token
Throws:
HandshakeException

initUpdate

public abstract byte[] initUpdate(byte[] token,
                                  int off,
                                  int length)
                           throws HandshakeException
Handle the handshaking. Call this method as tokens arrive and it will generate a response token.

Returns:
the next token or null to indicate no token is needed
Throws:
HandshakeException

initClient

public boolean initClient(java.io.DataOutputStream out)
                   throws HandshakeException
Utility method to write the initial packet to a DataOutputStream

Parameters:
out - The DataOutputStream to write to
Returns:
true if a packet was written
Throws:
HandshakeException

initUpdate

public boolean initUpdate(java.io.DataInputStream in,
                          java.io.DataOutputStream out)
                   throws HandshakeException
Utility method that reads a packet from a DataInputStream and writes a packet (if needed) to a DataOutputStream and calls initUpdate()

Parameters:
in - The DataInputStream to read from
out - The DataOutputStream to write to
Returns:
true if a packet was written to out
Throws:
HandshakeException

finishClient

public void finishClient(java.io.DataInputStream in,
                         java.io.DataOutputStream out)
                  throws HandshakeException
Utility method that initializes this SecureChannel as a client. Blocks reading and writing to/from a DataOutputStream/ DataInputStream until the Server is ready.

Parameters:
in - The DataInputStream to read from
out - The DataOutputStream to write to
Throws:
HandshakeException

finishServer

public void finishServer(java.io.DataInputStream in,
                         java.io.DataOutputStream out)
                  throws HandshakeException
Utility method that initializes this SecureChannel as a server. Blocks reading and writing to/from a DataOutputStream/ DataInputStream until the Server is ready.

Parameters:
in - The DataInputStream to read from
out - The DataOutputStream to write to
Throws:
HandshakeException

encode

public abstract byte[] encode(byte[] packet)
                       throws HandshakeException
Encode a byte array for transmission to the corresponding SecureChannel

Parameters:
packet - The byte array to be encoded
Returns:
The encoded byte array
Throws:
HandshakeException

encode

public byte[] encode(byte[] packet,
                     int base,
                     int off)
              throws HandshakeException
Encode a byte array for transmission to the corresponding SecureChannel

Parameters:
packet - The byte array to be encoded
base - The start of the data within the array
off - The length of the data within the array
Returns:
The encoded byte array
Throws:
HandshakeException

decode

public abstract byte[] decode(byte[] token)
                       throws HandshakeException
Encode a byte array for transmission to the corresponding SecureChannel

Parameters:
token - The encoded byte array
Returns:
The byte array to be encoded
Throws:
HandshakeException

decode

public byte[] decode(byte[] packet,
                     int base,
                     int off)
              throws HandshakeException
Encode a byte array for transmission to the corresponding SecureChannel

Parameters:
base - The start of the data within the array
off - The length of the data within the array
Returns:
The byte array to be encoded
Throws:
HandshakeException

identity

public abstract java.lang.Object identity()
Returns the identity of this SecureChannel

Returns:
the identity of this SecureChannel

otherIdentity

public abstract boolean otherIdentity(java.lang.Object id)
Compares the identity of this SecureChannel to the presented object

Returns:
true if the identity of this SecureChannel matches the presented object

otherIdentity

public abstract java.lang.Object otherIdentity()
returns the identity of the corresponding SecureChannel

Returns:
the identity of the corresponding SecureChannel


Copyright (c) 2002-2003 New York University RLAB