Package org.bouncycastle.tls

Class AbstractTlsServer

    • Field Detail

      • cipherSuites

        protected int[] cipherSuites

      • offeredCipherSuites

        protected int[] offeredCipherSuites

      • clientExtensions

        protected java.util.Hashtable clientExtensions

      • encryptThenMACOffered

        protected boolean encryptThenMACOffered

      • maxFragmentLengthOffered

        protected short maxFragmentLengthOffered

      • truncatedHMacOffered

        protected boolean truncatedHMacOffered

      • clientSentECPointFormats

        protected boolean clientSentECPointFormats

      • statusRequestV2

        protected java.util.Vector statusRequestV2

      • trustedCAKeys

        protected java.util.Vector trustedCAKeys

      • selectedCipherSuite

        protected int selectedCipherSuite

      • clientProtocolNames

        protected java.util.Vector clientProtocolNames

      • selectedProtocolName

        protected ProtocolName selectedProtocolName

      • serverExtensions

        protected final java.util.Hashtable serverExtensions

    • Constructor Detail

      • AbstractTlsServer

        public AbstractTlsServer​(TlsCrypto crypto)

    • Method Detail

      • allowCertificateStatus

        protected boolean allowCertificateStatus()

      • allowEncryptThenMAC

        protected boolean allowEncryptThenMAC()

      • allowMultiCertStatus

        protected boolean allowMultiCertStatus()

      • allowTruncatedHMac

        protected boolean allowTruncatedHMac()

      • allowTrustedCAIndication

        protected boolean allowTrustedCAIndication()

      • checkServerExtensions

        protected java.util.Hashtable checkServerExtensions()
        Deprecated.
        Use 'serverExtensions' directly, it is now never null

      • getMaximumNegotiableCurveBits

        protected int getMaximumNegotiableCurveBits()

      • getMaximumNegotiableFiniteFieldBits

        protected int getMaximumNegotiableFiniteFieldBits()

      • getProtocolNames

        protected java.util.Vector getProtocolNames()

      • isSelectableCipherSuite

        protected boolean isSelectableCipherSuite​(int cipherSuite,
                                          int availCurveBits,
                                          int availFiniteFieldBits,
                                          java.util.Vector sigAlgs)

      • preferLocalCipherSuites

        protected boolean preferLocalCipherSuites()

      • selectCipherSuite

        protected boolean selectCipherSuite​(int cipherSuite)
                             throws java.io.IOException
        Throws:
        java.io.IOException

      • selectDH

        protected int selectDH​(int minimumFiniteFieldBits)

      • selectDHDefault

        protected int selectDHDefault​(int minimumFiniteFieldBits)

      • selectECDH

        protected int selectECDH​(int minimumCurveBits)

      • selectECDHDefault

        protected int selectECDHDefault​(int minimumCurveBits)

      • selectProtocolName

        protected ProtocolName selectProtocolName()
                                   throws java.io.IOException
        Throws:
        java.io.IOException

      • selectProtocolName

        protected ProtocolName selectProtocolName​(java.util.Vector clientProtocolNames,
                                          java.util.Vector serverProtocolNames)

      • shouldSelectProtocolNameEarly

        protected boolean shouldSelectProtocolNameEarly()

      • getSessionToResume

        public TlsSession getSessionToResume​(byte[] sessionID)
        Description copied from interface: TlsServer
        Return the specified session, if available. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.
        Specified by:
        getSessionToResume in interface TlsServer
        Parameters:
        sessionID - the ID of the session to resume.
        Returns:
        A TlsSession with the specified session ID, or null.
        See Also:
        SessionParameters.getPeerCertificate()

      • notifyFallback

        public void notifyFallback​(boolean isFallback)
                    throws java.io.IOException
        Specified by:
        notifyFallback in interface TlsServer
        Throws:
        java.io.IOException

      • notifyOfferedCipherSuites

        public void notifyOfferedCipherSuites​(int[] offeredCipherSuites)
                               throws java.io.IOException
        Specified by:
        notifyOfferedCipherSuites in interface TlsServer
        Throws:
        java.io.IOException

      • processClientExtensions

        public void processClientExtensions​(java.util.Hashtable clientExtensions)
                             throws java.io.IOException
        Specified by:
        processClientExtensions in interface TlsServer
        Throws:
        java.io.IOException

      • getSupportedGroups

        public int[] getSupportedGroups()
                         throws java.io.IOException
        Specified by:
        getSupportedGroups in interface TlsServer
        Throws:
        java.io.IOException

      • getSelectedCipherSuite

        public int getSelectedCipherSuite()
                           throws java.io.IOException
        Specified by:
        getSelectedCipherSuite in interface TlsServer
        Throws:
        java.io.IOException

      • getServerExtensions

        public java.util.Hashtable getServerExtensions()
                                        throws java.io.IOException
        Specified by:
        getServerExtensions in interface TlsServer
        Throws:
        java.io.IOException

      • getServerExtensionsForConnection

        public void getServerExtensionsForConnection​(java.util.Hashtable serverExtensions)
                                      throws java.io.IOException
        Specified by:
        getServerExtensionsForConnection in interface TlsServer
        Throws:
        java.io.IOException

      • getServerSupplementalData

        public java.util.Vector getServerSupplementalData()
                                           throws java.io.IOException
        Specified by:
        getServerSupplementalData in interface TlsServer
        Throws:
        java.io.IOException

      • getCertificateStatus

        public CertificateStatus getCertificateStatus()
                                       throws java.io.IOException
        Description copied from interface: TlsServer
        This method will be called (only) if the server included an extension of type "status_request" with empty "extension_data" in the extended server hello. See RFC 3546 3.6. Certificate Status Request. If a non-null CertificateStatus is returned, it is sent to the client as a handshake message of type "certificate_status".
        Specified by:
        getCertificateStatus in interface TlsServer
        Returns:
        A CertificateStatus to be sent to the client (or null for none).
        Throws:
        java.io.IOException

      • processClientSupplementalData

        public void processClientSupplementalData​(java.util.Vector clientSupplementalData)
                                   throws java.io.IOException
        Specified by:
        processClientSupplementalData in interface TlsServer
        Throws:
        java.io.IOException

      • notifyClientCertificate

        public void notifyClientCertificate​(Certificate clientCertificate)
                             throws java.io.IOException
        Description copied from interface: TlsServer
        Called by the protocol handler to report the client certificate, only if TlsServer.getCertificateRequest() returned non-null. Note: this method is responsible for certificate verification and validation.
        Specified by:
        notifyClientCertificate in interface TlsServer
        Parameters:
        clientCertificate - the effective client certificate (may be an empty chain).
        Throws:
        java.io.IOException

      • getNewSessionTicket

        public NewSessionTicket getNewSessionTicket()
                                     throws java.io.IOException
        Description copied from interface: TlsServer
        RFC 5077 3.3. NewSessionTicket Handshake Message.

        This method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 4. Recommended Ticket Construction for recommended format and protection.

        Specified by:
        getNewSessionTicket in interface TlsServer
        Returns:
        The ticket.
        Throws:
        java.io.IOException