| org.cougaar.core.service.MessageProtectionService
All known Subclasses: org.cougaar.mts.base.MessageProtectionServiceImpl,
MessageProtectionService | public interface MessageProtectionService extends Service(Code) | | This service is used to cryptographically protect incoming
and outgoing messages.
This service should be called by the transport service for
all Cougaar messages.
|
Method Summary | |
ProtectedInputStream | getInputStream(InputStream is, MessageAddress src, MessageAddress dst, MessageAttributes attrs) Gets a stream to verify incoming messages
This method is called once for each incoming message.
The implementation of this service must construct a
ProtectedInputStream, which is a special kind of FilterInputStream.
The service reads an encrypted message from the ProtectedInputStream.
The service client (MTS) calls the finishInput() method when all the
message has been read.
The service client verifies the message. | ProtectedOutputStream | getOutputStream(OutputStream os, MessageAddress source, MessageAddress destination, MessageAttributes attrs) Gets a stream to encrypt and/or sign outgoing messages
This method is called once for each outgoing message.
The implementation of this service must construct a
ProtectedOutputStream, which is a special kind of FilterOutputStream.
The service client (MTS) serializes a Message to this
ProtectedOutputStream. | byte[] | protectHeader(MessageAttributes attributes, MessageAddress source, MessageAddress destination) Sign and/or encrypt the header of an outgoing message. | MessageAttributes | unprotectHeader(byte[] rawData, MessageAddress source, MessageAddress destination) Verify the signed and/or encrypted header of an incoming message. |
getInputStream | ProtectedInputStream getInputStream(InputStream is, MessageAddress src, MessageAddress dst, MessageAttributes attrs) throws IOException(Code) | | Gets a stream to verify incoming messages
This method is called once for each incoming message.
The implementation of this service must construct a
ProtectedInputStream, which is a special kind of FilterInputStream.
The service reads an encrypted message from the ProtectedInputStream.
The service client (MTS) calls the finishInput() method when all the
message has been read.
The service client verifies the message. The service client reads
the clear-text message from the 'is' input stream.
The first byte of the ProtectedInputStream should be the first byte
of the (serialized) message content.
Since messages may be resent, the method may be called multiple times
for the same message, but this is in a different context.
Parameters: is - The input stream containing the verified clear-text message Parameters: src - The source of the incoming message Parameters: dst - The destination of the incoming message Parameters: attrs - The attributes of the incoming message A filter intput stream throws: IOException - |
getOutputStream | ProtectedOutputStream getOutputStream(OutputStream os, MessageAddress source, MessageAddress destination, MessageAttributes attrs) throws IOException(Code) | | Gets a stream to encrypt and/or sign outgoing messages
This method is called once for each outgoing message.
The implementation of this service must construct a
ProtectedOutputStream, which is a special kind of FilterOutputStream.
The service client (MTS) serializes a Message to this
ProtectedOutputStream. The implementation of the service will in turn
write data to the 'os' stream it was given at creation time.
When the Message has been completely serialized and written
to the ProtectedOutputStream, the service client calls the finish()
method of the ProtectedOutputStream.
The first byte of the ProtectedOutputStream should be the first byte
of the (serialized) message content.
Since messages may be resent, the method may be called multiple times
for the same message, but this is in a different context.
Parameters: os - The output stream containing encrypted and/or signed data Parameters: source - The source of the outgoing message Parameters: destination - The destination of the outgoing message Parameters: attrs - The attributes of the outgoing message A filter output stream throws: IOException - |
protectHeader | byte[] protectHeader(MessageAttributes attributes, MessageAddress source, MessageAddress destination) throws GeneralSecurityException, IOException(Code) | | Sign and/or encrypt the header of an outgoing message.
When a message is sent out:
1) The aspect calls protectHeader().
2) The data protection service encrypts/signs the header.
It uses the information provided in the source and destination
to decide how to encrypt and/or sign.
3) The encrypted header is returned.
4) The aspect calls getOuputStream.
- The source and destination should be the same as what was found
in the call to protectHeader().
5) The service returns an output stream where the MTS will serialize
the clear-text message.
6) The service encrypts the message and write the encrypte/signed
message to the output stream.
7) The encrypted message is actually sent over the network.
Parameters: attributes - data about the message for the header Parameters: source - The source of the message Parameters: destination - The destination of the message the protected header (sign and/or encrypted) throws: GeneralSecurityException - throws: IOException - |
|
|