Package org.bouncycastle.tls
Class TlsServerProtocol
java.lang.Object
org.bouncycastle.tls.TlsProtocol
org.bouncycastle.tls.TlsServerProtocol
- All Implemented Interfaces:
TlsCloseable
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected CertificateRequestprotected TlsKeyExchangeprotected int[]protected TlsServerFields inherited from class org.bouncycastle.tls.TlsProtocol
ADS_MODE_0_N, ADS_MODE_0_N_FIRSTONLY, ADS_MODE_1_Nsub1, blocking, clientExtensions, connection_state, CS_CLIENT_CERTIFICATE, CS_CLIENT_CERTIFICATE_VERIFY, CS_CLIENT_END_OF_EARLY_DATA, CS_CLIENT_FINISHED, CS_CLIENT_HELLO, CS_CLIENT_HELLO_RETRY, CS_CLIENT_KEY_EXCHANGE, CS_CLIENT_SUPPLEMENTAL_DATA, CS_END, CS_SERVER_CERTIFICATE, CS_SERVER_CERTIFICATE_REQUEST, CS_SERVER_CERTIFICATE_STATUS, CS_SERVER_CERTIFICATE_VERIFY, CS_SERVER_ENCRYPTED_EXTENSIONS, CS_SERVER_FINISHED, CS_SERVER_HELLO, CS_SERVER_HELLO_DONE, CS_SERVER_HELLO_RETRY_REQUEST, CS_SERVER_KEY_EXCHANGE, CS_SERVER_SESSION_TICKET, CS_SERVER_SUPPLEMENTAL_DATA, CS_START, expectSessionTicket, EXT_RenegotiationInfo, EXT_SessionTicket, inputBuffers, outputBuffer, receivedChangeCipherSpec, retryCookie, retryGroup, selectedPSK13, serverExtensions, sessionMasterSecret, sessionParameters, tlsSession -
Constructor Summary
ConstructorsConstructorDescriptionConstructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)to get the corresponding ciphertext.TlsServerProtocol(InputStream input, OutputStream output) Constructor for blocking mode. -
Method Summary
Modifier and TypeMethodDescriptionvoidReceives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete.protected voidprotected booleanprotected ServerHellogenerate13HelloRetryRequest(ClientHello clientHello) protected ServerHellogenerate13ServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest) protected ServerHellogenerateServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage) protected TlsContextprotected TlsPeergetPeer()protected voidhandle13HandshakeMessage(short type, HandshakeMessageInput buf) protected voidhandleAlertWarningMessage(short alertDescription) protected voidhandleHandshakeMessage(short type, HandshakeMessageInput buf) protected voidnotifyClientCertificate(Certificate clientCertificate) protected voidprotected voidprotected voidprotected voidprotected voidprotected ClientHelloprotected voidprotected voidsend13EncryptedExtensionsMessage(Hashtable serverExtensions) protected voidsend13ServerHelloCoda(ServerHello serverHello, boolean afterHelloRetryRequest) protected voidsendCertificateRequestMessage(CertificateRequest certificateRequest) protected voidsendCertificateStatusMessage(CertificateStatus certificateStatus) protected voidprotected voidsendNewSessionTicketMessage(NewSessionTicket newSessionTicket) protected voidprotected voidsendServerHelloMessage(ServerHello serverHello) protected voidsendServerKeyExchangeMessage(byte[] serverKeyExchange) protected voidprotected voidMethods inherited from class org.bouncycastle.tls.TlsProtocol
applicationDataAvailable, applyMaxFragmentLengthExtension, assertEmpty, beginHandshake, blockForHandshake, cancelSession, checkReceivedChangeCipherSpec, close, closeConnection, closeInput, completeHandshake, createRandomBlock, createRenegotiationInfo, establishMasterSecret, establishSession, flush, getAppDataSplitMode, getApplicationDataLimit, getAvailableInputBytes, getAvailableOutputBytes, getInputStream, getOutputStream, getRenegotiationPolicy, handleAlertMessage, handleChangeCipherSpecMessage, handleClose, handleException, handleFailure, handleRenegotiation, invalidateSession, isClosed, isConnected, isHandshaking, isLegacyConnectionState, isResumableHandshake, isTLSv13ConnectionState, offerInput, offerInput, previewInputRecord, previewOutputRecord, previewOutputRecord, process13FinishedMessage, processFinishedMessage, processMaxFragmentLengthExtension, processRecord, raiseAlertFatal, raiseAlertWarning, readApplicationData, readExtensions, readExtensionsData, readExtensionsData13, readExtensionsDataClientHello, readInput, readInput, readOutput, readOutput, readSupplementalDataMessage, receive13KeyUpdate, refuseRenegotiation, resumeHandshake, safePreviewRecordHeader, safeReadFullRecord, safeReadRecord, safeWriteRecord, send13CertificateMessage, send13CertificateVerifyMessage, send13FinishedMessage, send13KeyUpdate, sendCertificateMessage, sendChangeCipherSpec, sendChangeCipherSpecMessage, sendFinishedMessage, sendSupplementalDataMessage, setAppDataSplitMode, setResumableHandshake, writeApplicationData, writeExtensions, writeExtensions, writeExtensionsData, writeExtensionsData, writeExtensionsData, writePreSharedKeyExtension, writeSelectedExtensions, writeSupplementalData
-
Field Details
-
tlsServer
-
offeredCipherSuites
protected int[] offeredCipherSuites -
keyExchange
-
certificateRequest
-
-
Constructor Details
-
TlsServerProtocol
public TlsServerProtocol()Constructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)to get the corresponding ciphertext. -
TlsServerProtocol
Constructor for blocking mode.- Parameters:
input- The stream of data from the clientoutput- The stream of data to the client
-
-
Method Details
-
accept
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete. In non-blocking mode, useTlsPeer.notifyHandshakeComplete()to receive a callback when the handshake is complete.- Parameters:
tlsServer-- Throws:
IOException- If in blocking mode and handshake was not successful.
-
cleanupHandshake
protected void cleanupHandshake()- Overrides:
cleanupHandshakein classTlsProtocol
-
expectCertificateVerifyMessage
protected boolean expectCertificateVerifyMessage() -
generate13HelloRetryRequest
- Throws:
IOException
-
generate13ServerHello
protected ServerHello generate13ServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest) throws IOException - Throws:
IOException
-
generateServerHello
protected ServerHello generateServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage) throws IOException - Throws:
IOException
-
getContext
- Specified by:
getContextin classTlsProtocol
-
getPeer
- Specified by:
getPeerin classTlsProtocol
-
handle13HandshakeMessage
- Throws:
IOException
-
handleHandshakeMessage
- Specified by:
handleHandshakeMessagein classTlsProtocol- Throws:
IOException
-
handleAlertWarningMessage
- Overrides:
handleAlertWarningMessagein classTlsProtocol- Throws:
IOException
-
notifyClientCertificate
- Throws:
IOException
-
receive13ClientCertificate
- Throws:
IOException
-
receive13ClientCertificateVerify
- Throws:
IOException
-
receive13ClientFinished
- Throws:
IOException
-
receiveCertificateMessage
- Throws:
IOException
-
receiveCertificateVerifyMessage
- Throws:
IOException
-
receiveClientHelloMessage
- Throws:
IOException
-
receiveClientKeyExchangeMessage
- Throws:
IOException
-
send13EncryptedExtensionsMessage
- Throws:
IOException
-
send13ServerHelloCoda
protected void send13ServerHelloCoda(ServerHello serverHello, boolean afterHelloRetryRequest) throws IOException - Throws:
IOException
-
sendCertificateRequestMessage
protected void sendCertificateRequestMessage(CertificateRequest certificateRequest) throws IOException - Throws:
IOException
-
sendCertificateStatusMessage
- Throws:
IOException
-
sendHelloRequestMessage
- Throws:
IOException
-
sendNewSessionTicketMessage
- Throws:
IOException
-
sendServerHelloDoneMessage
- Throws:
IOException
-
sendServerHelloMessage
- Throws:
IOException
-
sendServerKeyExchangeMessage
- Throws:
IOException
-
skip13ClientCertificate
- Throws:
IOException
-
skip13ClientCertificateVerify
- Throws:
IOException
-