Package org.bouncycastle.tls
Class TlsServerProtocol
- java.lang.Object
-
- org.bouncycastle.tls.TlsProtocol
-
- org.bouncycastle.tls.TlsServerProtocol
-
- All Implemented Interfaces:
TlsCloseable
public class TlsServerProtocol extends TlsProtocol
-
-
Field Summary
Fields Modifier and Type Field Description protected CertificateRequest
certificateRequest
protected TlsKeyExchange
keyExchange
protected int[]
offeredCipherSuites
protected TlsServer
tlsServer
-
Fields inherited from class org.bouncycastle.tls.TlsProtocol
ADS_MODE_0_N, ADS_MODE_0_N_FIRSTONLY, ADS_MODE_1_Nsub1, blocking, clientExtensions, connection_state, CS_CLIENT_CERTIFICATE, CS_CLIENT_CERTIFICATE_VERIFY, CS_CLIENT_END_OF_EARLY_DATA, CS_CLIENT_FINISHED, CS_CLIENT_HELLO, CS_CLIENT_HELLO_RETRY, CS_CLIENT_KEY_EXCHANGE, CS_CLIENT_SUPPLEMENTAL_DATA, CS_END, CS_SERVER_CERTIFICATE, CS_SERVER_CERTIFICATE_REQUEST, CS_SERVER_CERTIFICATE_STATUS, CS_SERVER_CERTIFICATE_VERIFY, CS_SERVER_ENCRYPTED_EXTENSIONS, CS_SERVER_FINISHED, CS_SERVER_HELLO, CS_SERVER_HELLO_DONE, CS_SERVER_HELLO_RETRY_REQUEST, CS_SERVER_KEY_EXCHANGE, CS_SERVER_SESSION_TICKET, CS_SERVER_SUPPLEMENTAL_DATA, CS_START, expectSessionTicket, EXT_RenegotiationInfo, EXT_SessionTicket, inputBuffers, outputBuffer, receivedChangeCipherSpec, retryCookie, retryGroup, selectedPSK13, serverExtensions, sessionMasterSecret, sessionParameters, tlsSession
-
-
Constructor Summary
Constructors Constructor Description TlsServerProtocol()
Constructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])
to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)
to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)
to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)
to get the corresponding ciphertext.TlsServerProtocol(java.io.InputStream input, java.io.OutputStream output)
Constructor for blocking mode.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
accept(TlsServer tlsServer)
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete.protected void
cleanupHandshake()
protected boolean
expectCertificateVerifyMessage()
protected ServerHello
generate13HelloRetryRequest(ClientHello clientHello)
protected ServerHello
generate13ServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest)
protected ServerHello
generateServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage)
protected TlsContext
getContext()
protected TlsPeer
getPeer()
protected void
handle13HandshakeMessage(short type, HandshakeMessageInput buf)
protected void
handleAlertWarningMessage(short alertDescription)
protected void
handleHandshakeMessage(short type, HandshakeMessageInput buf)
protected void
notifyClientCertificate(Certificate clientCertificate)
protected void
receive13ClientCertificate(java.io.ByteArrayInputStream buf)
protected void
receive13ClientCertificateVerify(java.io.ByteArrayInputStream buf)
protected void
receive13ClientFinished(java.io.ByteArrayInputStream buf)
protected void
receiveCertificateMessage(java.io.ByteArrayInputStream buf)
protected void
receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf)
protected ClientHello
receiveClientHelloMessage(java.io.ByteArrayInputStream buf)
protected void
receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf)
protected void
send13EncryptedExtensionsMessage(java.util.Hashtable serverExtensions)
protected void
send13ServerHelloCoda(ServerHello serverHello, boolean afterHelloRetryRequest)
protected void
sendCertificateRequestMessage(CertificateRequest certificateRequest)
protected void
sendCertificateStatusMessage(CertificateStatus certificateStatus)
protected void
sendHelloRequestMessage()
protected void
sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
protected void
sendServerHelloDoneMessage()
protected void
sendServerHelloMessage(ServerHello serverHello)
protected void
sendServerKeyExchangeMessage(byte[] serverKeyExchange)
protected void
skip13ClientCertificate()
protected void
skip13ClientCertificateVerify()
-
Methods inherited from class org.bouncycastle.tls.TlsProtocol
applicationDataAvailable, applyMaxFragmentLengthExtension, assertEmpty, beginHandshake, blockForHandshake, checkReceivedChangeCipherSpec, close, closeConnection, closeInput, completeHandshake, createRandomBlock, createRenegotiationInfo, establishMasterSecret, establishSession, flush, getAppDataSplitMode, getApplicationDataLimit, getAvailableInputBytes, getAvailableOutputBytes, getInputStream, getOutputStream, getRenegotiationPolicy, handleAlertMessage, handleChangeCipherSpecMessage, handleClose, handleException, handleFailure, handleRenegotiation, invalidateSession, isClosed, isConnected, isHandshaking, isLegacyConnectionState, isResumableHandshake, isTLSv13ConnectionState, offerInput, offerInput, previewInputRecord, previewOutputRecord, previewOutputRecord, process13FinishedMessage, processFinishedMessage, processMaxFragmentLengthExtension, processRecord, raiseAlertFatal, raiseAlertWarning, readApplicationData, readExtensions, readExtensionsData, readExtensionsData13, readExtensionsDataClientHello, readInput, readInput, readOutput, readOutput, readSupplementalDataMessage, receive13KeyUpdate, refuseRenegotiation, resumeHandshake, safePreviewRecordHeader, safeReadFullRecord, safeReadRecord, safeWriteRecord, send13CertificateMessage, send13CertificateVerifyMessage, send13FinishedMessage, send13KeyUpdate, sendCertificateMessage, sendChangeCipherSpec, sendChangeCipherSpecMessage, sendFinishedMessage, sendSupplementalDataMessage, setAppDataSplitMode, setResumableHandshake, writeApplicationData, writeExtensions, writeExtensions, writeExtensionsData, writeExtensionsData, writeExtensionsData, writePreSharedKeyExtension, writeSelectedExtensions, writeSupplementalData
-
-
-
-
Field Detail
-
tlsServer
protected TlsServer tlsServer
-
offeredCipherSuites
protected int[] offeredCipherSuites
-
keyExchange
protected TlsKeyExchange keyExchange
-
certificateRequest
protected CertificateRequest certificateRequest
-
-
Constructor Detail
-
TlsServerProtocol
public TlsServerProtocol()
Constructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])
to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)
to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)
to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)
to get the corresponding ciphertext.
-
TlsServerProtocol
public TlsServerProtocol(java.io.InputStream input, java.io.OutputStream output)
Constructor for blocking mode.- Parameters:
input
- The stream of data from the clientoutput
- The stream of data to the client
-
-
Method Detail
-
accept
public void accept(TlsServer tlsServer) throws java.io.IOException
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete. In non-blocking mode, useTlsPeer.notifyHandshakeComplete()
to receive a callback when the handshake is complete.- Parameters:
tlsServer
-- Throws:
java.io.IOException
- If in blocking mode and handshake was not successful.
-
cleanupHandshake
protected void cleanupHandshake()
- Overrides:
cleanupHandshake
in classTlsProtocol
-
expectCertificateVerifyMessage
protected boolean expectCertificateVerifyMessage()
-
generate13HelloRetryRequest
protected ServerHello generate13HelloRetryRequest(ClientHello clientHello) throws java.io.IOException
- Throws:
java.io.IOException
-
generate13ServerHello
protected ServerHello generate13ServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest) throws java.io.IOException
- Throws:
java.io.IOException
-
generateServerHello
protected ServerHello generateServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage) throws java.io.IOException
- Throws:
java.io.IOException
-
getContext
protected TlsContext getContext()
- Specified by:
getContext
in classTlsProtocol
-
getPeer
protected TlsPeer getPeer()
- Specified by:
getPeer
in classTlsProtocol
-
handle13HandshakeMessage
protected void handle13HandshakeMessage(short type, HandshakeMessageInput buf) throws java.io.IOException
- Throws:
java.io.IOException
-
handleHandshakeMessage
protected void handleHandshakeMessage(short type, HandshakeMessageInput buf) throws java.io.IOException
- Specified by:
handleHandshakeMessage
in classTlsProtocol
- Throws:
java.io.IOException
-
handleAlertWarningMessage
protected void handleAlertWarningMessage(short alertDescription) throws java.io.IOException
- Overrides:
handleAlertWarningMessage
in classTlsProtocol
- Throws:
java.io.IOException
-
notifyClientCertificate
protected void notifyClientCertificate(Certificate clientCertificate) throws java.io.IOException
- Throws:
java.io.IOException
-
receive13ClientCertificate
protected void receive13ClientCertificate(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receive13ClientCertificateVerify
protected void receive13ClientCertificateVerify(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receive13ClientFinished
protected void receive13ClientFinished(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveCertificateMessage
protected void receiveCertificateMessage(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveCertificateVerifyMessage
protected void receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveClientHelloMessage
protected ClientHello receiveClientHelloMessage(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveClientKeyExchangeMessage
protected void receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf) throws java.io.IOException
- Throws:
java.io.IOException
-
send13EncryptedExtensionsMessage
protected void send13EncryptedExtensionsMessage(java.util.Hashtable serverExtensions) throws java.io.IOException
- Throws:
java.io.IOException
-
send13ServerHelloCoda
protected void send13ServerHelloCoda(ServerHello serverHello, boolean afterHelloRetryRequest) throws java.io.IOException
- Throws:
java.io.IOException
-
sendCertificateRequestMessage
protected void sendCertificateRequestMessage(CertificateRequest certificateRequest) throws java.io.IOException
- Throws:
java.io.IOException
-
sendCertificateStatusMessage
protected void sendCertificateStatusMessage(CertificateStatus certificateStatus) throws java.io.IOException
- Throws:
java.io.IOException
-
sendHelloRequestMessage
protected void sendHelloRequestMessage() throws java.io.IOException
- Throws:
java.io.IOException
-
sendNewSessionTicketMessage
protected void sendNewSessionTicketMessage(NewSessionTicket newSessionTicket) throws java.io.IOException
- Throws:
java.io.IOException
-
sendServerHelloDoneMessage
protected void sendServerHelloDoneMessage() throws java.io.IOException
- Throws:
java.io.IOException
-
sendServerHelloMessage
protected void sendServerHelloMessage(ServerHello serverHello) throws java.io.IOException
- Throws:
java.io.IOException
-
sendServerKeyExchangeMessage
protected void sendServerKeyExchangeMessage(byte[] serverKeyExchange) throws java.io.IOException
- Throws:
java.io.IOException
-
skip13ClientCertificate
protected void skip13ClientCertificate() throws java.io.IOException
- Throws:
java.io.IOException
-
skip13ClientCertificateVerify
protected void skip13ClientCertificateVerify() throws java.io.IOException
- Throws:
java.io.IOException
-
-