Package org.bouncycastle.tls
Class TlsServerProtocol
java.lang.Object
org.bouncycastle.tls.TlsProtocol
org.bouncycastle.tls.TlsServerProtocol
- All Implemented Interfaces:
TlsCloseable
-
Field Summary
Modifier and TypeFieldDescriptionprotected CertificateRequest
protected TlsKeyExchange
protected int[]
protected TlsServer
Fields inherited from class org.bouncycastle.tls.TlsProtocol
ADS_MODE_0_N, ADS_MODE_0_N_FIRSTONLY, ADS_MODE_1_Nsub1, blocking, clientExtensions, connection_state, CS_CLIENT_CERTIFICATE, CS_CLIENT_CERTIFICATE_VERIFY, CS_CLIENT_END_OF_EARLY_DATA, CS_CLIENT_FINISHED, CS_CLIENT_HELLO, CS_CLIENT_HELLO_RETRY, CS_CLIENT_KEY_EXCHANGE, CS_CLIENT_SUPPLEMENTAL_DATA, CS_END, CS_SERVER_CERTIFICATE, CS_SERVER_CERTIFICATE_REQUEST, CS_SERVER_CERTIFICATE_STATUS, CS_SERVER_CERTIFICATE_VERIFY, CS_SERVER_ENCRYPTED_EXTENSIONS, CS_SERVER_FINISHED, CS_SERVER_HELLO, CS_SERVER_HELLO_DONE, CS_SERVER_HELLO_RETRY_REQUEST, CS_SERVER_KEY_EXCHANGE, CS_SERVER_SESSION_TICKET, CS_SERVER_SUPPLEMENTAL_DATA, CS_START, expectSessionTicket, EXT_RenegotiationInfo, EXT_SessionTicket, inputBuffers, outputBuffer, receivedChangeCipherSpec, retryCookie, retryGroup, selectedPSK13, serverExtensions, sessionMasterSecret, sessionParameters, tlsSession
-
Constructor Summary
ConstructorDescriptionConstructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])
to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)
to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)
to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)
to get the corresponding ciphertext.TlsServerProtocol
(InputStream input, OutputStream output) Constructor for blocking mode. -
Method Summary
Modifier and TypeMethodDescriptionvoid
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete.protected void
protected boolean
protected ServerHello
generate13HelloRetryRequest
(ClientHello clientHello) protected ServerHello
generate13ServerHello
(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest) protected ServerHello
generateServerHello
(ClientHello clientHello, HandshakeMessageInput clientHelloMessage) protected TlsContext
protected TlsPeer
getPeer()
protected void
handle13HandshakeMessage
(short type, HandshakeMessageInput buf) protected void
handleAlertWarningMessage
(short alertDescription) protected void
handleHandshakeMessage
(short type, HandshakeMessageInput buf) protected void
notifyClientCertificate
(Certificate clientCertificate) protected void
protected void
protected void
protected void
protected void
protected ClientHello
protected void
protected void
send13EncryptedExtensionsMessage
(Hashtable serverExtensions) protected void
send13ServerHelloCoda
(ServerHello serverHello, boolean afterHelloRetryRequest) protected void
sendCertificateRequestMessage
(CertificateRequest certificateRequest) protected void
sendCertificateStatusMessage
(CertificateStatus certificateStatus) protected void
protected void
sendNewSessionTicketMessage
(NewSessionTicket newSessionTicket) protected void
protected void
sendServerHelloMessage
(ServerHello serverHello) protected void
sendServerKeyExchangeMessage
(byte[] serverKeyExchange) protected void
protected void
Methods inherited from class org.bouncycastle.tls.TlsProtocol
applicationDataAvailable, applyMaxFragmentLengthExtension, assertEmpty, beginHandshake, blockForHandshake, cancelSession, checkReceivedChangeCipherSpec, close, closeConnection, closeInput, completeHandshake, createRandomBlock, createRenegotiationInfo, establishMasterSecret, establishSession, flush, getAppDataSplitMode, getApplicationDataLimit, getAvailableInputBytes, getAvailableOutputBytes, getInputStream, getOutputStream, getRenegotiationPolicy, handleAlertMessage, handleChangeCipherSpecMessage, handleClose, handleException, handleFailure, handleRenegotiation, invalidateSession, isClosed, isConnected, isHandshaking, isLegacyConnectionState, isResumableHandshake, isTLSv13ConnectionState, offerInput, offerInput, previewInputRecord, previewOutputRecord, previewOutputRecord, process13FinishedMessage, processFinishedMessage, processMaxFragmentLengthExtension, processRecord, raiseAlertFatal, raiseAlertWarning, readApplicationData, readExtensions, readExtensionsData, readExtensionsData13, readExtensionsDataClientHello, readInput, readInput, readOutput, readOutput, readSupplementalDataMessage, receive13KeyUpdate, refuseRenegotiation, resumeHandshake, safePreviewRecordHeader, safeReadFullRecord, safeReadRecord, safeWriteRecord, send13CertificateMessage, send13CertificateVerifyMessage, send13FinishedMessage, send13KeyUpdate, sendCertificateMessage, sendChangeCipherSpec, sendChangeCipherSpecMessage, sendFinishedMessage, sendSupplementalDataMessage, setAppDataSplitMode, setResumableHandshake, writeApplicationData, writeExtensions, writeExtensions, writeExtensionsData, writeExtensionsData, writeExtensionsData, writePreSharedKeyExtension, writeSelectedExtensions, writeSupplementalData
-
Field Details
-
tlsServer
-
offeredCipherSuites
protected int[] offeredCipherSuites -
keyExchange
-
certificateRequest
-
-
Constructor Details
-
TlsServerProtocol
public TlsServerProtocol()Constructor for non-blocking mode.
When data is received, useTlsProtocol.offerInput(byte[])
to provide the received ciphertext, then useTlsProtocol.readInput(byte[], int, int)
to read the corresponding cleartext.
Similarly, when data needs to be sent, useTlsProtocol.writeApplicationData(byte[], int, int)
to provide the cleartext, then useTlsProtocol.readOutput(byte[], int, int)
to get the corresponding ciphertext. -
TlsServerProtocol
Constructor for blocking mode.- Parameters:
input
- The stream of data from the clientoutput
- The stream of data to the client
-
-
Method Details
-
accept
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete. In non-blocking mode, useTlsPeer.notifyHandshakeComplete()
to receive a callback when the handshake is complete.- Parameters:
tlsServer
-- Throws:
IOException
- If in blocking mode and handshake was not successful.
-
cleanupHandshake
protected void cleanupHandshake()- Overrides:
cleanupHandshake
in classTlsProtocol
-
expectCertificateVerifyMessage
protected boolean expectCertificateVerifyMessage() -
generate13HelloRetryRequest
- Throws:
IOException
-
generate13ServerHello
protected ServerHello generate13ServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage, boolean afterHelloRetryRequest) throws IOException - Throws:
IOException
-
generateServerHello
protected ServerHello generateServerHello(ClientHello clientHello, HandshakeMessageInput clientHelloMessage) throws IOException - Throws:
IOException
-
getContext
- Specified by:
getContext
in classTlsProtocol
-
getPeer
- Specified by:
getPeer
in classTlsProtocol
-
handle13HandshakeMessage
- Throws:
IOException
-
handleHandshakeMessage
- Specified by:
handleHandshakeMessage
in classTlsProtocol
- Throws:
IOException
-
handleAlertWarningMessage
- Overrides:
handleAlertWarningMessage
in classTlsProtocol
- Throws:
IOException
-
notifyClientCertificate
- Throws:
IOException
-
receive13ClientCertificate
- Throws:
IOException
-
receive13ClientCertificateVerify
- Throws:
IOException
-
receive13ClientFinished
- Throws:
IOException
-
receiveCertificateMessage
- Throws:
IOException
-
receiveCertificateVerifyMessage
- Throws:
IOException
-
receiveClientHelloMessage
- Throws:
IOException
-
receiveClientKeyExchangeMessage
- Throws:
IOException
-
send13EncryptedExtensionsMessage
- Throws:
IOException
-
send13ServerHelloCoda
protected void send13ServerHelloCoda(ServerHello serverHello, boolean afterHelloRetryRequest) throws IOException - Throws:
IOException
-
sendCertificateRequestMessage
protected void sendCertificateRequestMessage(CertificateRequest certificateRequest) throws IOException - Throws:
IOException
-
sendCertificateStatusMessage
- Throws:
IOException
-
sendHelloRequestMessage
- Throws:
IOException
-
sendNewSessionTicketMessage
- Throws:
IOException
-
sendServerHelloDoneMessage
- Throws:
IOException
-
sendServerHelloMessage
- Throws:
IOException
-
sendServerKeyExchangeMessage
- Throws:
IOException
-
skip13ClientCertificate
- Throws:
IOException
-
skip13ClientCertificateVerify
- Throws:
IOException
-