TLS-Design » History » Version 7
Tobias Wich, 10/15/2012 12:20 PM
| 1 | 5 | Tobias Wich | h1. TLS-Design (iteration from 2012-10-08) |
|---|---|---|---|
| 2 | |||
| 3 | h2. TLS and related Classes |
||
| 4 | |||
| 5 | h3. BouncyCastle Classes |
||
| 6 | |||
| 7 | This diagram shows the TLS classes as available in the BouncyCastle library. |
||
| 8 | 7 | Tobias Wich | |
| 9 | The "TlsCredentials":http://www.bouncycastle.org/docs/docs1.5on/org/bouncycastle/crypto/tls/TlsCredentials.html and "TlsSignerCredentials":http://www.bouncycastle.org/docs/docs1.5on/org/bouncycastle/crypto/tls/TlsSignerCredentials.html interface are located in the upper left of the diagram. These interfaces are used in a TLS client authentication to get the client certificate and to produce a signature. For the use of software certificates, BouncyCastle comes with the implementation "DefaultTlsSignerCredentials":http://www.bouncycastle.org/docs/docs1.5on/org/bouncycastle/crypto/tls/DefaultTlsSignerCredentials.html. |
||
| 10 | |||
| 11 | 5 | Tobias Wich | !bc-tls-classes.png! |
| 12 | |||
| 13 | h3. Open eCard Classes |
||
| 14 | |||
| 15 | This diagram shows classes that make use of the BouncyCastle classes in order to select and use custom credentials for the TLS authentication. |
||
| 16 | 6 | Tobias Wich | !oec-tls-classes.png! |
| 17 | 5 | Tobias Wich | |
| 18 | h3. Apache http-core Classes |
||
| 19 | |||
| 20 | !http-core-classes.png! |
||
| 21 | |||
| 22 | h2. Client creation |
||
| 23 | |||
| 24 | The two following diagrams show how the a TLS channel is established and reused. |
||
| 25 | |||
| 26 | !tls-client-creation.png! |
||
| 27 | !tls-client-reuse.png! |
||
| 28 | |||
| 29 | h2. Credential Selection |
||
| 30 | |||
| 31 | The following two activity charts show the process how a credential is selected for the authentication. |
||
| 32 | |||
| 33 | !select-certificate.png! |
||
| 34 | !select-certificate-from-handles.png! |
||
| 35 | |||
| 36 | |||
| 37 | h1. TLS Design (old version left here until design is finished) |
||
| 38 | 1 | Tobias Wich | |
| 39 | 2 | Tobias Wich | h2. Bouncy Castle TLS authentication classes |
| 40 | 1 | Tobias Wich | !bc-tls.png! |
| 41 | |||
| 42 | 2 | Tobias Wich | h2. TLS authentication implementation classes |
| 43 | 1 | Tobias Wich | !sal-tls.png! |
| 44 | |||
| 45 | 2 | Tobias Wich | h2. TLS authentication sequence |
| 46 | 1 | Tobias Wich | !sal-tls-sequence.png! |
| 47 | 3 | Simon Potzernheim | |
| 48 | h1. TLS Design by HSCoburg |
||
| 49 | |||
| 50 | h2. Bouncycastle Implementation Design - class diagramm |
||
| 51 | 4 | Simon Potzernheim | |
| 52 | Description: TODO |
||
| 53 | |||
| 54 | 3 | Simon Potzernheim | !uml_bouncycastleimplementation.png! |