Package org.zeromq

Class ZMQ.Curve

  • Enclosing class:
    ZMQ

    public static class ZMQ.Curve
    extends java.lang.Object
    Class that interfaces the generation of CURVE key pairs.

    The CURVE mechanism defines a mechanism for secure authentication and confidentiality for communications between a client and a server. CURVE is intended for use on public networks. The CURVE mechanism is defined by this document: http://rfc.zeromq.org/spec:25.

    Client and server roles

    A socket using CURVE can be either client or server, at any moment, but not both. The role is independent of bind/connect direction. A socket can change roles at any point by setting new options. The role affects all connect and bind calls that follow it.

    To become a CURVE server, the application sets the ZMQ.Socket.setAsServerCurve(boolean) option on the socket, and then sets the ZMQ.Socket.setCurveSecretKey(byte[]) option to provide the socket with its long-term secret key. The application does not provide the socket with its long-term public key, which is used only by clients.

    To become a CURVE client, the application sets the ZMQ.Socket.setCurveServerKey(byte[]) option with the long-term public key of the server it intends to connect to, or accept connections from, next. The application then sets the ZMQ.Socket.setCurvePublicKey(byte[]) and ZMQ.Socket.setCurveSecretKey(byte[]) options with its client long-term key pair. If the server does authentication it will be based on the client's long term public key.

    Key encoding

    The standard representation for keys in source code is either 32 bytes of base 256 (binary) data, or 40 characters of base 85 data encoded using the Z85 algorithm defined by http://rfc.zeromq.org/spec:32. The Z85 algorithm is designed to produce printable key strings for use in configuration files, the command line, and code. There is a reference implementation in C at https://github.com/zeromq/rfc/tree/master/src.

    Test key values

    For test cases, the client shall use this long-term key pair (specified as hexadecimal and in Z85):

    • public:

      BB88471D65E2659B30C55A5321CEBB5AAB2B70A398645C26DCA2B2FCB43FC518

      Yne@$w-vo<fVvi]a<NY6T1ed:M$fCG*[IaLV{hID}</p> </li> <li>secret: <p>7BB864B489AFA3671FBE69101F94B38972F24816DFB01B51656B3FEC8DFD0888</p> <p>{@code D:)Q[IlAW!ahhC2ac:9*A}h:p?([4%wOTJ%JR%cs

    And the server shall use this long-term key pair (specified as hexadecimal and in Z85):

    • public:

      54FCBA24E93249969316FB617C872BB0C1D1FF14800427C594CBFACF1BC2D652

      rq:rM>U?@Lns47E1%kR.o@n%FcmmsL/@{H8]yf7}

    • secret:

      8E0BDD697628B91D8F245587EE95C5B04D48963F79259877B49CD9063AEAD3B7

      JTKVSB%%)wK0E.X)V>+o?pNmC{O&4W4b!Ni{Lh6}

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  ZMQ.Curve.KeyPair
      A container for a public and a corresponding secret key.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int KEY_SIZE  
      static int KEY_SIZE_Z85  
    • Constructor Summary

      Constructors 
      Constructor Description
      Curve()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static ZMQ.Curve.KeyPair generateKeyPair()
      Returns a newly generated random keypair consisting of a public key and a secret key.
      static byte[] z85Decode​(java.lang.String key)
      The function shall decode given key encoded as Z85 string into byte array.
      static java.lang.String z85Encode​(byte[] key)
      Encodes the binary block specified by data into a string.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • Curve

        public Curve()
    • Method Detail

      • z85Decode

        public static byte[] z85Decode​(java.lang.String key)

        The function shall decode given key encoded as Z85 string into byte array.

        The length of string shall be divisible by 5.

        The decoding shall follow the ZMQ RFC 32 specification.

        Parameters:
        key - Key to be decoded
        Returns:
        The resulting key as byte array
      • z85Encode

        public static java.lang.String z85Encode​(byte[] key)

        Encodes the binary block specified by data into a string.

        The size of the binary block must be divisible by 4.

        A 32-byte CURVE key is encoded as 40 ASCII characters plus a null terminator.

        The function shall encode the binary block specified into a string.

        The encoding shall follow the ZMQ RFC 32 specification.

        Parameters:
        key - Key to be encoded
        Returns:
        The resulting key as String in Z85