public interface JSSEServerSecurity extends ServerSecurity
The JSSEServerSecurity interface and partner ClientSecurity interface define a simple yet flexible model for providing security when using the CICS Transaction Gateway. Implementations of the interfaces can be as simple or as robust as deemed necessary; from simple XOR scrambling to use of the Java Cryptographic toolkits.
The JSSEServerSecurity interface has been designed to work in conjunction with the Secure Sockets Layer (SSL) protocol. This interface will allow server-side security objects access to a Client Certificate passed during the initial SSL handshake. The exposure of the Client Certificate is dependent upon the necessary configuration of the CICS Transaction Gateway to support Client Authentication.
An individual JavaGateway instance has an instance of a ClientSecurity class associated with it, until the JavaGateway is closed. Similarly, within the CICS Transaction Gateway, an instance of the partner JSSEServerSecurity class is associated with the connected Java-client, until the connection is closed.
The basic model consists of :
- An initial handshake to exchange pertinent information. For example, this handshake could involve the exchange of public keys. However, since at the interface level the flow consists of a simple byte-array, an implementation has complete control over the contents of its handshake flows.
- The relevant ClientSecurity instance being called to encode outbound requests, and decode inbound replies.
In the CICS Transaction Gateway, the partner JSSEServerSecurity instance being called to decode inbound requests and to encode outbound replies. The inbound request, and Client Certificate, is exposed via the afterDecode() method.
The ClientSecurity and JSSEServerSecurity class instances should maintain as data members sufficient information from the initial handshake to correctly encode and decode the flows.
Modifier and Type | Method and Description |
---|---|
void |
afterDecode(GatewayRequest gatewayRequest,
javax.security.cert.X509Certificate[] clientCertificate)
This method is called after an in-bound request has been decoded.
|
byte[] |
decodeRequest(byte[] encryptedRequestFlow)
This method is called to decode a client request, which has been encoded
by its partner ClientSecurity instance's encodeRequest method.
|
byte[] |
encodeReply(byte[] cryptReplyFlow,
GatewayRequest gatewayRequest)
This method is called to encode a reply to the client program.
|
byte[] |
receiveHandshake(byte[] clientHandshake,
java.net.InetAddress ipClient)
This method is called in response to the initial client-to-Gateway handshake
flow, that is the handshake returned by its partner ClientSecurity instance's
generateHandshake method.
|
afterDecode
byte[] receiveHandshake(byte[] clientHandshake, java.net.InetAddress ipClient) throws java.io.IOException
This method should then generate the return Gateway-to-client handshake flow. The method should return a byte array containing the handshake that it wishes to pass to its partner ClientSecurity instance's repliedHandshake method.
This method is passed the IP address of the client machine that it is handshaking with. It can make decisions based on this address and if it does not wish to allow a connection based upon the address, it should throw an appropriate IOException.
receiveHandshake
in interface ServerSecurity
clientHandshake
- byte array containing the client-to-Gateway handshake dataipClient
- - IP address of the client machine the handshake is forjava.io.IOException
- if an error occurs whilst interpreting the received handshake or when generating the reply handshake databyte[] decodeRequest(byte[] encryptedRequestFlow) throws java.io.IOException
decodeRequest
in interface ServerSecurity
encryptedRequestFlow
- encoded client request data.java.io.IOException
- if an error occurs whilst decoding the requestbyte[] encodeReply(byte[] cryptReplyFlow, GatewayRequest gatewayRequest) throws java.io.IOException
The method is passed a byte array which contains the data-flow, which represents the reply, that is to be flowed across to the client program. Since the reply data is in an indeterminate format, the method is also passed the GatewayRequest object that the reply represents. It can use this GatewayRequest object to determine what action needs to be taken.
The method should encode the reply flow, and return the encoded form. The encoded data need not be the same length as the original unencoded form.
encodeReply
in interface ServerSecurity
cryptReplyFlow
- non-encoded server reply data.gatewayRequest
- GatewayRequest object that the reply data represents.java.io.IOException
- if an error occurs whilst encoding the replyvoid afterDecode(GatewayRequest gatewayRequest, javax.security.cert.X509Certificate[] clientCertificate) throws java.io.IOException
gatewayRequest
- - the request GatewayRequest object that was just decodedclientCertificate
- - client certificate chain passed on the initial SSL handshakejava.io.IOException
- *can* be thrown if the Client Certificate is invalid or unacceptable