4 months ago · 40fdeb44c2
--- a/src/main/asciidoc/specs/security/negotiate.adoc
+++ b/src/main/asciidoc/specs/security/negotiate.adoc
@@ -75,7 +75,7 @@ end
 
															 client -> client: generate random **dataKey** according to negotiationResult
														
 
															 client -> client: crypto plainText with **dataKey** -> cipherText
														
 
															-client -> client: crypto **dataKey** with **negotiationResult** -> cipherDataKey，\ndestroy **dataKey**
														
 
															+client -> client: crypto **dataKey** with **negotiationResult** -> cipherDataKey, \ndestroy **dataKey**
														
 
															 client -> client: sign response with client_privateKey
														
 
															 client -> server: cipherText、**cipherDataKey**、sign
														
@@ -89,7 +89,7 @@ server -> server: <font color="#aaaaaa">process biz....
 
															 server -> server: generate random **dataKey2** according to negotiationResult
														
 
															 server -> server: crypto plainText2 with **dataKey2** -> cipherText2
														
 
															-server -> crypto **dataKey2** with **negotiationResult** -> cipherDataKey2，\ndestroy **dataKey2**
														
 
															+server -> server: crypto **dataKey2** with **negotiationResult** -> cipherDataKey2, \ndestroy **dataKey2**
														
 
															 server -> server: sign response with client_privateKey
														
 
															 client <-- server: cipherText2、**cipherDataKey2**、sign2
														
@@ -124,14 +124,14 @@ client -> server: negotiation, include\n(sessionId、**client_publicKey**、toke
 
															 activate server
														
 
															 server -> server: validate token
														
 
															 server -> server: create **ServerKeyPair** + token
														
 
															-server -> server: use DH + ECC，\nDo negotiation with server_privateKey\nclient_publicKey and obtain\n negotiationResult(negotiationKey)
														
 
															+server -> server: use DH + ECC, \nDo negotiation with server_privateKey\nclient_publicKey and obtain\n negotiationResult(negotiationKey)
														
 
															 server -> server: decide algorithem of crypto which \nboth supported by client and server
														
 
															 server -> server: create token with server_publicKey
														
 
															 client <-- server: server、algorithem of crypto、token
														
 
															 deactivate server
														
 
															 client -> client: validate token
														
 
															-client -> client: use DH + ECC，\nDo negotiation with client_privateKey\nserver_publicKey and obtain\n negotiationResult(negotiationKey)
														
 
															+client -> client: use DH + ECC, \nDo negotiation with client_privateKey\nserver_publicKey and obtain\n negotiationResult(negotiationKey)
														
 
															 deactivate client