Package org.bouncycastle.tls

Interface TlsClient

All Superinterfaces:
TlsPeer
All Known Implementing Classes:
AbstractTlsClient, DefaultTlsClient, PSKTlsClient, SRPTlsClient
public interface TlsClient extends TlsPeer
Interface describing a TLS client endpoint.

  • Method Details

    • init

      void init(TlsClientContext context)

    • getSessionToResume

      TlsSession getSessionToResume()
      Return the session this client wants to resume, if any. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.
      Returns:
      A TlsSession representing the resumable session to be used for this connection, or null to use a new session.
      See Also:

    • getExternalPSKs

      Vector getExternalPSKs()
      Return the external PSKs to offer in the ClientHello. Note that this will only be called when TLS 1.3 or higher is amongst the offered protocol versions.
      Returns:
      a Vector of TlsPSKExternal instances, or null if none should be offered.

    • isFallback

      boolean isFallback()

    • getClientExtensions

      Hashtable getClientExtensions() throws IOException
      Throws:
      IOException

    • getEarlyKeyShareGroups

      Vector getEarlyKeyShareGroups()
      If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello. Groups that were not included in the supported_groups extension (by getClientExtensions() will be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions.
      Returns:
      a Vector of named group values, possibly empty or null.

    • shouldUseCompatibilityMode

      boolean shouldUseCompatibilityMode()

    • notifyServerVersion

      void notifyServerVersion(ProtocolVersion selectedVersion) throws IOException
      Throws:
      IOException

    • notifySessionToResume

      void notifySessionToResume(TlsSession session)
      Notifies the client of the session that will be offered in ClientHello for resumption, if any. This will be either the session returned from getSessionToResume() or null if that session was unusable. NOTE: the actual negotiated session_id is notified by notifySessionID(byte[]).
      Parameters:
      session - The TlsSession representing the resumable session to be offered for this connection, or null if there is none.
      See Also:

    • notifySessionID

      void notifySessionID(byte[] sessionID)
      Notifies the client of the session_id sent in the ServerHello.
      Parameters:
      sessionID -
      See Also:

    • notifySelectedCipherSuite

      void notifySelectedCipherSuite(int selectedCipherSuite)

    • notifySelectedPSK

      void notifySelectedPSK(TlsPSK selectedPSK) throws IOException
      Throws:
      IOException

    • processServerExtensions

      void processServerExtensions(Hashtable serverExtensions) throws IOException
      The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent. If further processing of the server extensions is needed, it can be done in this callback. NOTE: This is not called for session resumption handshakes.
      Parameters:
      serverExtensions - (Integer -> byte[])
      Throws:
      IOException

    • processServerSupplementalData

      void processServerSupplementalData(Vector serverSupplementalData) throws IOException
      Throws:
      IOException

    • getPSKIdentity

      TlsPSKIdentity getPSKIdentity() throws IOException
      Throws:
      IOException

    • getSRPIdentity

      TlsSRPIdentity getSRPIdentity() throws IOException
      Throws:
      IOException

    • getDHGroupVerifier

      TlsDHGroupVerifier getDHGroupVerifier() throws IOException
      Throws:
      IOException

    • getSRPConfigVerifier

      TlsSRPConfigVerifier getSRPConfigVerifier() throws IOException
      Throws:
      IOException

    • getAuthentication

      TlsAuthentication getAuthentication() throws IOException
      Throws:
      IOException

    • getClientSupplementalData

      Vector getClientSupplementalData() throws IOException
      Throws:
      IOException

    • notifyNewSessionTicket

      void notifyNewSessionTicket(NewSessionTicket newSessionTicket) throws IOException
      RFC 5077 3.3. NewSessionTicket Handshake Message

      This method will be called (only) when a NewSessionTicket handshake message is received. The ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.

      Parameters:
      newSessionTicket - The ticket.
      Throws:
      IOException