Package org.bouncycastle.tls

Class TlsServerProtocol

java.lang.Object

org.bouncycastle.tls.TlsProtocol

org.bouncycastle.tls.TlsServerProtocol

All Implemented Interfaces:

TlsCloseable

public class TlsServerProtocol
extends TlsProtocol

Field Summary

Fields

Modifier and Type	Field	Description
protected CertificateRequest	certificateRequest
protected TlsKeyExchange	keyExchange
protected boolean	offeredExtendedMasterSecret
protected TlsCredentials	serverCredentials
protected TlsServer	tlsServer

Fields inherited from class org.bouncycastle.tls.TlsProtocol

ADS_MODE_0_N, ADS_MODE_0_N_FIRSTONLY, ADS_MODE_1_Nsub1, allowCertificateStatus, blocking, clientExtensions, connection_state, CS_CLIENT_CERTIFICATE, CS_CLIENT_CERTIFICATE_VERIFY, CS_CLIENT_END_OF_EARLY_DATA, CS_CLIENT_FINISHED, CS_CLIENT_HELLO, CS_CLIENT_HELLO_RETRY, CS_CLIENT_KEY_EXCHANGE, CS_CLIENT_SUPPLEMENTAL_DATA, CS_END, CS_SERVER_CERTIFICATE, CS_SERVER_CERTIFICATE_REQUEST, CS_SERVER_CERTIFICATE_STATUS, CS_SERVER_CERTIFICATE_VERIFY, CS_SERVER_ENCRYPTED_EXTENSIONS, CS_SERVER_FINISHED, CS_SERVER_HELLO, CS_SERVER_HELLO_DONE, CS_SERVER_HELLO_RETRY_REQUEST, CS_SERVER_KEY_EXCHANGE, CS_SERVER_SESSION_TICKET, CS_SERVER_SUPPLEMENTAL_DATA, CS_START, expectSessionTicket, EXT_RenegotiationInfo, EXT_SessionTicket, inputBuffers, offeredCipherSuites, outputBuffer, receivedChangeCipherSpec, resumedSession, serverExtensions, sessionMasterSecret, sessionParameters, tlsSession

Constructor Summary

Constructors

Constructor	Description
TlsServerProtocol()	Constructor for non-blocking mode. When data is received, use TlsProtocol.offerInput(byte[]) to provide the received ciphertext, then use TlsProtocol.readInput(byte[], int, int) to read the corresponding cleartext. Similarly, when data needs to be sent, use TlsProtocol.writeApplicationData(byte[], int, int) to provide the cleartext, then use TlsProtocol.readOutput(byte[], int, int) to get the corresponding ciphertext.
TlsServerProtocol(java.io.InputStream input, java.io.OutputStream output)	Constructor for blocking mode.

Method Summary

Modifier and Type	Method	Description
void	accept(TlsServer tlsServer)	Receives a TLS handshake in the role of server. In blocking mode, this will not return until the handshake is complete.
protected void	cleanupHandshake()
protected boolean	expectCertificateVerifyMessage()
protected ServerHello	generate13ServerHello()
protected ServerHello	generateServerHelloMessage()
protected TlsContext	getContext()
protected TlsPeer	getPeer()
protected void	handle13HandshakeMessage(short type, org.bouncycastle.tls.HandshakeMessageInput buf)
protected void	handleAlertWarningMessage(short alertDescription)
protected void	handleHandshakeMessage(short type, org.bouncycastle.tls.HandshakeMessageInput buf)
protected void	notifyClientCertificate(Certificate clientCertificate)
protected void	receive13ClientCertificate(java.io.ByteArrayInputStream buf)
protected void	receive13ClientCertificateVerify(java.io.ByteArrayInputStream buf)
protected void	receive13ClientFinished(java.io.ByteArrayInputStream buf)
protected void	receive13ClientHelloRetry(java.io.ByteArrayInputStream buf)
protected void	receive13ClientKeyUpdate(java.io.ByteArrayInputStream buf)
protected void	receiveCertificateMessage(java.io.ByteArrayInputStream buf)
protected void	receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf)
protected void	receiveClientHelloMessage(java.io.ByteArrayInputStream buf)
protected void	receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf)
protected void	sendCertificateRequestMessage(CertificateRequest certificateRequest)
protected void	sendCertificateStatusMessage(CertificateStatus certificateStatus)
protected void	sendHelloRequestMessage()
protected void	sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
protected void	sendServerHelloDoneMessage()
protected void	sendServerHelloMessage(ServerHello serverHello)
protected void	sendServerKeyExchangeMessage(byte[] serverKeyExchange)
protected void	skip13ClientCertificate()
protected void	skip13ClientCertificateVerify()

Methods inherited from class org.bouncycastle.tls.TlsProtocol

applicationDataAvailable, applyMaxFragmentLengthExtension, assertEmpty, beginHandshake, blockForHandshake, checkReceivedChangeCipherSpec, close, closeConnection, closeInput, completeHandshake, createRandomBlock, createRenegotiationInfo, establishMasterSecret, flush, getAppDataSplitMode, getApplicationDataLimit, getAvailableInputBytes, getAvailableOutputBytes, getInputStream, getOutputStream, getPRFAlgorithm, getRenegotiationPolicy, handleAlertMessage, handleChangeCipherSpecMessage, handleClose, handleException, handleFailure, handleRenegotiation, invalidateSession, isClosed, isHandshaking, isLegacyConnectionState, isResumableHandshake, isTLSv13ConnectionState, offerInput, offerInput, previewInputRecord, previewOutputRecord, processFinishedMessage, processMaxFragmentLengthExtension, processRecord, raiseAlertFatal, raiseAlertWarning, readApplicationData, readExtensions, readExtensionsData, readInput, readOutput, readSupplementalDataMessage, refuseRenegotiation, resumeHandshake, safePreviewRecordHeader, safeReadFullRecord, safeReadRecord, safeWriteRecord, sendCertificateMessage, sendChangeCipherSpecMessage, sendFinishedMessage, sendSupplementalDataMessage, setAppDataSplitMode, setResumableHandshake, writeApplicationData, writeExtensions, writeHandshakeMessage, writeSelectedExtensions, writeSupplementalData

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

tlsServer

protected TlsServer tlsServer

keyExchange

protected TlsKeyExchange keyExchange

serverCredentials

protected TlsCredentials serverCredentials

certificateRequest

protected CertificateRequest certificateRequest

offeredExtendedMasterSecret

protected boolean offeredExtendedMasterSecret

Constructor Detail

TlsServerProtocol

public TlsServerProtocol()

Constructor for non-blocking mode.

When data is received, use TlsProtocol.offerInput(byte[]) to provide the received ciphertext, then use TlsProtocol.readInput(byte[], int, int) to read the corresponding cleartext.

Similarly, when data needs to be sent, use TlsProtocol.writeApplicationData(byte[], int, int) to provide the cleartext, then use TlsProtocol.readOutput(byte[], int, int) to get the corresponding ciphertext.

TlsServerProtocol

public TlsServerProtocol(java.io.InputStream input,
                         java.io.OutputStream output)

Constructor for blocking mode.

Parameters:

input - The stream of data from the client

output - The stream of data to the client

Method Detail

accept

public void accept(TlsServer tlsServer)
            throws java.io.IOException

Receives a TLS handshake in the role of server.

In blocking mode, this will not return until the handshake is complete. In non-blocking mode, use TlsPeer.notifyHandshakeComplete() to receive a callback when the handshake is complete.

Parameters:

tlsServer -

Throws:

java.io.IOException - If in blocking mode and handshake was not successful.

cleanupHandshake

protected void cleanupHandshake()

Overrides:

cleanupHandshake in class TlsProtocol

expectCertificateVerifyMessage

protected boolean expectCertificateVerifyMessage()

generate13ServerHello

protected ServerHello generate13ServerHello()
                                     throws java.io.IOException

Throws:

java.io.IOException

generateServerHelloMessage

protected ServerHello generateServerHelloMessage()
                                          throws java.io.IOException

Throws:

java.io.IOException

getContext

protected TlsContext getContext()

Specified by:

getContext in class TlsProtocol

getPeer

protected TlsPeer getPeer()

Specified by:

getPeer in class TlsProtocol

handle13HandshakeMessage

protected void handle13HandshakeMessage(short type,
                                        org.bouncycastle.tls.HandshakeMessageInput buf)
                                 throws java.io.IOException

Throws:

java.io.IOException

handleHandshakeMessage

protected void handleHandshakeMessage(short type,
                                      org.bouncycastle.tls.HandshakeMessageInput buf)
                               throws java.io.IOException

Specified by:

handleHandshakeMessage in class TlsProtocol

Throws:

java.io.IOException

handleAlertWarningMessage

protected void handleAlertWarningMessage(short alertDescription)
                                  throws java.io.IOException

Overrides:

handleAlertWarningMessage in class TlsProtocol

Throws:

java.io.IOException

notifyClientCertificate

protected void notifyClientCertificate(Certificate clientCertificate)
                                throws java.io.IOException

Throws:

java.io.IOException

receive13ClientCertificate

protected void receive13ClientCertificate(java.io.ByteArrayInputStream buf)
                                   throws java.io.IOException

Throws:

java.io.IOException

receive13ClientCertificateVerify

protected void receive13ClientCertificateVerify(java.io.ByteArrayInputStream buf)
                                         throws java.io.IOException

Throws:

java.io.IOException

receive13ClientFinished

protected void receive13ClientFinished(java.io.ByteArrayInputStream buf)
                                throws java.io.IOException

Throws:

java.io.IOException

receive13ClientHelloRetry

protected void receive13ClientHelloRetry(java.io.ByteArrayInputStream buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

receive13ClientKeyUpdate

protected void receive13ClientKeyUpdate(java.io.ByteArrayInputStream buf)
                                 throws java.io.IOException

Throws:

java.io.IOException

receiveCertificateMessage

protected void receiveCertificateMessage(java.io.ByteArrayInputStream buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

receiveCertificateVerifyMessage

protected void receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf)
                                        throws java.io.IOException

Throws:

java.io.IOException

receiveClientHelloMessage

protected void receiveClientHelloMessage(java.io.ByteArrayInputStream buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

receiveClientKeyExchangeMessage

protected void receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf)
                                        throws java.io.IOException

Throws:

java.io.IOException

sendCertificateRequestMessage

protected void sendCertificateRequestMessage(CertificateRequest certificateRequest)
                                      throws java.io.IOException

Throws:

java.io.IOException

sendCertificateStatusMessage

protected void sendCertificateStatusMessage(CertificateStatus certificateStatus)
                                     throws java.io.IOException

Throws:

java.io.IOException

sendHelloRequestMessage

protected void sendHelloRequestMessage()
                                throws java.io.IOException

Throws:

java.io.IOException

sendNewSessionTicketMessage

protected void sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
                                    throws java.io.IOException

Throws:

java.io.IOException

sendServerHelloDoneMessage

protected void sendServerHelloDoneMessage()
                                   throws java.io.IOException

Throws:

java.io.IOException

sendServerHelloMessage

protected void sendServerHelloMessage(ServerHello serverHello)
                               throws java.io.IOException

Throws:

java.io.IOException

sendServerKeyExchangeMessage

protected void sendServerKeyExchangeMessage(byte[] serverKeyExchange)
                                     throws java.io.IOException

Throws:

java.io.IOException

skip13ClientCertificate

protected void skip13ClientCertificate()
                                throws java.io.IOException

Throws:

java.io.IOException

skip13ClientCertificateVerify

protected void skip13ClientCertificateVerify()
                                      throws java.io.IOException

Throws:

java.io.IOException