Package org.bouncycastle.crypto.tls
Class AbstractTlsServer
- java.lang.Object
-
- org.bouncycastle.crypto.tls.AbstractTlsPeer
-
- org.bouncycastle.crypto.tls.AbstractTlsServer
-
- Direct Known Subclasses:
DefaultTlsServer,PSKTlsServer,SRPTlsServer
public abstract class AbstractTlsServer extends AbstractTlsPeer implements TlsServer
-
-
Field Summary
Fields Modifier and Type Field Description protected TlsCipherFactorycipherFactoryprotected short[]clientECPointFormatsprotected java.util.HashtableclientExtensionsprotected ProtocolVersionclientVersionprotected TlsServerContextcontextprotected booleaneccCipherSuitesOfferedprotected booleanencryptThenMACOfferedprotected shortmaxFragmentLengthOfferedprotected int[]namedCurvesprotected int[]offeredCipherSuitesprotected short[]offeredCompressionMethodsprotected intselectedCipherSuiteprotected shortselectedCompressionMethodprotected short[]serverECPointFormatsprotected java.util.HashtableserverExtensionsprotected ProtocolVersionserverVersionprotected java.util.VectorsupportedSignatureAlgorithmsprotected booleantruncatedHMacOffered
-
Constructor Summary
Constructors Constructor Description AbstractTlsServer()AbstractTlsServer(TlsCipherFactory cipherFactory)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected booleanallowEncryptThenMAC()protected booleanallowTruncatedHMac()protected java.util.HashtablecheckServerExtensions()CertificateRequestgetCertificateRequest()CertificateStatusgetCertificateStatus()This method will be called (only) if the server included an extension of type "status_request" with empty "extension_data" in the extended server hello.TlsCiphergetCipher()protected abstract int[]getCipherSuites()TlsCompressiongetCompression()protected short[]getCompressionMethods()protected ProtocolVersiongetMaximumVersion()protected ProtocolVersiongetMinimumVersion()NewSessionTicketgetNewSessionTicket()RFC 5077 3.3.intgetSelectedCipherSuite()shortgetSelectedCompressionMethod()java.util.HashtablegetServerExtensions()java.util.VectorgetServerSupplementalData()ProtocolVersiongetServerVersion()voidinit(TlsServerContext context)voidnotifyClientCertificate(Certificate clientCertificate)Called by the protocol handler to report the client certificate, only ifTlsServer.getCertificateRequest()returned non-null.voidnotifyClientVersion(ProtocolVersion clientVersion)voidnotifyFallback(boolean isFallback)voidnotifyOfferedCipherSuites(int[] offeredCipherSuites)voidnotifyOfferedCompressionMethods(short[] offeredCompressionMethods)voidprocessClientExtensions(java.util.Hashtable clientExtensions)voidprocessClientSupplementalData(java.util.Vector clientSupplementalData)protected booleansupportsClientECCCapabilities(int[] namedCurves, short[] ecPointFormats)-
Methods inherited from class org.bouncycastle.crypto.tls.AbstractTlsPeer
notifyAlertRaised, notifyAlertReceived, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldUseGMTUnixTime
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.bouncycastle.crypto.tls.TlsPeer
notifyAlertRaised, notifyAlertReceived, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldUseGMTUnixTime
-
Methods inherited from interface org.bouncycastle.crypto.tls.TlsServer
getCredentials, getKeyExchange
-
-
-
-
Field Detail
-
cipherFactory
protected TlsCipherFactory cipherFactory
-
context
protected TlsServerContext context
-
clientVersion
protected ProtocolVersion clientVersion
-
offeredCipherSuites
protected int[] offeredCipherSuites
-
offeredCompressionMethods
protected short[] offeredCompressionMethods
-
clientExtensions
protected java.util.Hashtable clientExtensions
-
encryptThenMACOffered
protected boolean encryptThenMACOffered
-
maxFragmentLengthOffered
protected short maxFragmentLengthOffered
-
truncatedHMacOffered
protected boolean truncatedHMacOffered
-
supportedSignatureAlgorithms
protected java.util.Vector supportedSignatureAlgorithms
-
eccCipherSuitesOffered
protected boolean eccCipherSuitesOffered
-
namedCurves
protected int[] namedCurves
-
clientECPointFormats
protected short[] clientECPointFormats
-
serverECPointFormats
protected short[] serverECPointFormats
-
serverVersion
protected ProtocolVersion serverVersion
-
selectedCipherSuite
protected int selectedCipherSuite
-
selectedCompressionMethod
protected short selectedCompressionMethod
-
serverExtensions
protected java.util.Hashtable serverExtensions
-
-
Constructor Detail
-
AbstractTlsServer
public AbstractTlsServer()
-
AbstractTlsServer
public AbstractTlsServer(TlsCipherFactory cipherFactory)
-
-
Method Detail
-
allowEncryptThenMAC
protected boolean allowEncryptThenMAC()
-
allowTruncatedHMac
protected boolean allowTruncatedHMac()
-
checkServerExtensions
protected java.util.Hashtable checkServerExtensions()
-
getCipherSuites
protected abstract int[] getCipherSuites()
-
getCompressionMethods
protected short[] getCompressionMethods()
-
getMaximumVersion
protected ProtocolVersion getMaximumVersion()
-
getMinimumVersion
protected ProtocolVersion getMinimumVersion()
-
supportsClientECCCapabilities
protected boolean supportsClientECCCapabilities(int[] namedCurves, short[] ecPointFormats)
-
init
public void init(TlsServerContext context)
-
notifyClientVersion
public void notifyClientVersion(ProtocolVersion clientVersion) throws java.io.IOException
- Specified by:
notifyClientVersionin interfaceTlsServer- Throws:
java.io.IOException
-
notifyFallback
public void notifyFallback(boolean isFallback) throws java.io.IOException- Specified by:
notifyFallbackin interfaceTlsServer- Throws:
java.io.IOException
-
notifyOfferedCipherSuites
public void notifyOfferedCipherSuites(int[] offeredCipherSuites) throws java.io.IOException- Specified by:
notifyOfferedCipherSuitesin interfaceTlsServer- Throws:
java.io.IOException
-
notifyOfferedCompressionMethods
public void notifyOfferedCompressionMethods(short[] offeredCompressionMethods) throws java.io.IOException- Specified by:
notifyOfferedCompressionMethodsin interfaceTlsServer- Throws:
java.io.IOException
-
processClientExtensions
public void processClientExtensions(java.util.Hashtable clientExtensions) throws java.io.IOException- Specified by:
processClientExtensionsin interfaceTlsServer- Throws:
java.io.IOException
-
getServerVersion
public ProtocolVersion getServerVersion() throws java.io.IOException
- Specified by:
getServerVersionin interfaceTlsServer- Throws:
java.io.IOException
-
getSelectedCipherSuite
public int getSelectedCipherSuite() throws java.io.IOException- Specified by:
getSelectedCipherSuitein interfaceTlsServer- Throws:
java.io.IOException
-
getSelectedCompressionMethod
public short getSelectedCompressionMethod() throws java.io.IOException- Specified by:
getSelectedCompressionMethodin interfaceTlsServer- Throws:
java.io.IOException
-
getServerExtensions
public java.util.Hashtable getServerExtensions() throws java.io.IOException- Specified by:
getServerExtensionsin interfaceTlsServer- Throws:
java.io.IOException
-
getServerSupplementalData
public java.util.Vector getServerSupplementalData() throws java.io.IOException- Specified by:
getServerSupplementalDatain interfaceTlsServer- Throws:
java.io.IOException
-
getCertificateStatus
public CertificateStatus getCertificateStatus() throws java.io.IOException
Description copied from interface:TlsServerThis method will be called (only) if the server included an extension of type "status_request" with empty "extension_data" in the extended server hello. See RFC 3546 3.6. Certificate Status Request. If a non-nullCertificateStatusis returned, it is sent to the client as a handshake message of type "certificate_status".- Specified by:
getCertificateStatusin interfaceTlsServer- Returns:
- A
CertificateStatusto be sent to the client (or null for none). - Throws:
java.io.IOException
-
getCertificateRequest
public CertificateRequest getCertificateRequest() throws java.io.IOException
- Specified by:
getCertificateRequestin interfaceTlsServer- Throws:
java.io.IOException
-
processClientSupplementalData
public void processClientSupplementalData(java.util.Vector clientSupplementalData) throws java.io.IOException- Specified by:
processClientSupplementalDatain interfaceTlsServer- Throws:
java.io.IOException
-
notifyClientCertificate
public void notifyClientCertificate(Certificate clientCertificate) throws java.io.IOException
Description copied from interface:TlsServerCalled by the protocol handler to report the client certificate, only ifTlsServer.getCertificateRequest()returned non-null. Note: this method is responsible for certificate verification and validation.- Specified by:
notifyClientCertificatein interfaceTlsServer- Parameters:
clientCertificate- the effective client certificate (may be an empty chain).- Throws:
java.io.IOException
-
getCompression
public TlsCompression getCompression() throws java.io.IOException
- Specified by:
getCompressionin interfaceTlsPeer- Throws:
java.io.IOException
-
getCipher
public TlsCipher getCipher() throws java.io.IOException
-
getNewSessionTicket
public NewSessionTicket getNewSessionTicket() throws java.io.IOException
Description copied from interface:TlsServerRFC 5077 3.3. NewSessionTicket Handshake Message.This method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 4. Recommended Ticket Construction for recommended format and protection.
- Specified by:
getNewSessionTicketin interfaceTlsServer- Returns:
- The ticket.
- Throws:
java.io.IOException
-
-