org.bouncycastle.tls

Class AbstractTlsClient

java.lang.Object

org.bouncycastle.tls.AbstractTlsPeer

org.bouncycastle.tls.AbstractTlsClient

All Implemented Interfaces:

TlsClient, TlsPeer

Direct Known Subclasses:

DefaultTlsClient, PSKTlsClient, SRPTlsClient

public abstract class AbstractTlsClient
extends AbstractTlsPeer
implements TlsClient

Base class for a TLS client.

Field Summary

Fields

Modifier and Type	Field and Description
protected int[]	cipherSuites
protected TlsClientContext	context
protected ProtocolVersion[]	protocolVersions
protected java.util.Vector	supportedGroups
protected java.util.Vector	supportedSignatureAlgorithms
protected java.util.Vector	supportedSignatureAlgorithmsCert

Constructor Summary

Constructors

Constructor and Description
AbstractTlsClient(TlsCrypto crypto)

Method Summary

Modifier and Type	Method and Description
protected boolean	allowUnexpectedServerExtension(java.lang.Integer extensionType, byte[] extensionData)
protected void	checkForUnexpectedServerExtension(java.util.Hashtable serverExtensions, java.lang.Integer extensionType)
protected CertificateStatusRequest	getCertificateStatusRequest()
int[]	getCipherSuites()
java.util.Hashtable	getClientExtensions()
java.util.Vector	getClientSupplementalData()
TlsDHGroupVerifier	getDHGroupVerifier()
java.util.Vector	getEarlyKeyShareGroups() If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello.
protected java.util.Vector	getNamedGroupRoles()
protected java.util.Vector	getProtocolNames()
ProtocolVersion[]	getProtocolVersions()
TlsPSKIdentity	getPSKIdentity()
TlsSession	getSessionToResume() Return the session this client wants to resume, if any.
protected java.util.Vector	getSNIServerNames()
TlsSRPConfigVerifier	getSRPConfigVerifier()
TlsSRPIdentity	getSRPIdentity()
protected java.util.Vector	getSupportedGroups(java.util.Vector namedGroupRoles) The default getClientExtensions() implementation calls this to determine which named groups to include in the supported_groups extension for the ClientHello.
protected java.util.Vector	getSupportedSignatureAlgorithms()
protected java.util.Vector	getSupportedSignatureAlgorithmsCert()
void	init(TlsClientContext context)
boolean	isFallback()
void	notifyHandshakeBeginning() Notifies the peer that a new handshake is about to begin.
void	notifyNewSessionTicket(NewSessionTicket newSessionTicket) RFC 5077 3.3.
void	notifySelectedCipherSuite(int selectedCipherSuite)
void	notifyServerVersion(ProtocolVersion serverVersion)
void	notifySessionID(byte[] sessionID) Notifies the client of the session_id sent in the ServerHello.
void	processServerExtensions(java.util.Hashtable serverExtensions)
void	processServerSupplementalData(java.util.Vector serverSupplementalData)

Methods inherited from class org.bouncycastle.tls.AbstractTlsPeer

allowLegacyResumption, cancel, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getRenegotiationPolicy, getSupportedCipherSuites, getSupportedVersions, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.bouncycastle.tls.TlsClient

getAuthentication

Methods inherited from interface org.bouncycastle.tls.TlsPeer

allowLegacyResumption, cancel, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getRenegotiationPolicy, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime

Field Detail

context

protected TlsClientContext context

protocolVersions

protected ProtocolVersion[] protocolVersions

cipherSuites

protected int[] cipherSuites

supportedGroups

protected java.util.Vector supportedGroups

supportedSignatureAlgorithms

protected java.util.Vector supportedSignatureAlgorithms

supportedSignatureAlgorithmsCert

protected java.util.Vector supportedSignatureAlgorithmsCert

Constructor Detail

AbstractTlsClient

public AbstractTlsClient(TlsCrypto crypto)

Method Detail

allowUnexpectedServerExtension

protected boolean allowUnexpectedServerExtension(java.lang.Integer extensionType,
                                                 byte[] extensionData)
                                          throws java.io.IOException

Throws:

java.io.IOException

getNamedGroupRoles

protected java.util.Vector getNamedGroupRoles()

checkForUnexpectedServerExtension

protected void checkForUnexpectedServerExtension(java.util.Hashtable serverExtensions,
                                                 java.lang.Integer extensionType)
                                          throws java.io.IOException

Throws:

java.io.IOException

getPSKIdentity

public TlsPSKIdentity getPSKIdentity()
                              throws java.io.IOException

Specified by:

getPSKIdentity in interface TlsClient

Throws:

java.io.IOException

getSRPIdentity

public TlsSRPIdentity getSRPIdentity()
                              throws java.io.IOException

Specified by:

getSRPIdentity in interface TlsClient

Throws:

java.io.IOException

getDHGroupVerifier

public TlsDHGroupVerifier getDHGroupVerifier()

Specified by:

getDHGroupVerifier in interface TlsClient

getSRPConfigVerifier

public TlsSRPConfigVerifier getSRPConfigVerifier()

Specified by:

getSRPConfigVerifier in interface TlsClient

getProtocolNames

protected java.util.Vector getProtocolNames()

getCertificateStatusRequest

protected CertificateStatusRequest getCertificateStatusRequest()

getSNIServerNames

protected java.util.Vector getSNIServerNames()

getSupportedGroups

protected java.util.Vector getSupportedGroups(java.util.Vector namedGroupRoles)

The default getClientExtensions() implementation calls this to determine which named groups to include in the supported_groups extension for the ClientHello.

Parameters:

namedGroupRoles - The named group roles for which there should be at least one supported group. By default this is inferred from the offered cipher suites and signature algorithms.

Returns:

a Vector of Integer. See NamedGroup for group constants.

getSupportedSignatureAlgorithms

protected java.util.Vector getSupportedSignatureAlgorithms()

getSupportedSignatureAlgorithmsCert

protected java.util.Vector getSupportedSignatureAlgorithmsCert()

init

public void init(TlsClientContext context)

Specified by:

init in interface TlsClient

getProtocolVersions

public ProtocolVersion[] getProtocolVersions()

Specified by:

getProtocolVersions in interface TlsPeer

getCipherSuites

public int[] getCipherSuites()

Specified by:

getCipherSuites in interface TlsPeer

notifyHandshakeBeginning

public void notifyHandshakeBeginning()
                              throws java.io.IOException

Description copied from interface: TlsPeer

Notifies the peer that a new handshake is about to begin.

Specified by:

notifyHandshakeBeginning in interface TlsPeer

Overrides:

notifyHandshakeBeginning in class AbstractTlsPeer

Throws:

java.io.IOException

getSessionToResume

public TlsSession getSessionToResume()

Description copied from interface: TlsClient

Return the session this client wants to resume, if any. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.

Specified by:

getSessionToResume in interface TlsClient

Returns:

A TlsSession representing the resumable session to be used for this connection, or null to use a new session.

See Also:

SessionParameters.getPeerCertificate()

isFallback

public boolean isFallback()

Specified by:

isFallback in interface TlsClient

getClientExtensions

public java.util.Hashtable getClientExtensions()
                                        throws java.io.IOException

Specified by:

getClientExtensions in interface TlsClient

Throws:

java.io.IOException

getEarlyKeyShareGroups

public java.util.Vector getEarlyKeyShareGroups()

Description copied from interface: TlsClient

If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello. Groups that were not included in the supported_groups extension (by TlsClient.getClientExtensions() will be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions.

Specified by:

getEarlyKeyShareGroups in interface TlsClient

Returns:

a Vector of named group values, possibly empty or null.

notifyServerVersion

public void notifyServerVersion(ProtocolVersion serverVersion)
                         throws java.io.IOException

Specified by:

notifyServerVersion in interface TlsClient

Throws:

java.io.IOException

notifySessionID

public void notifySessionID(byte[] sessionID)

Description copied from interface: TlsClient

Notifies the client of the session_id sent in the ServerHello.

Specified by:

notifySessionID in interface TlsClient

See Also:

TlsContext.getSession()

notifySelectedCipherSuite

public void notifySelectedCipherSuite(int selectedCipherSuite)

Specified by:

notifySelectedCipherSuite in interface TlsClient

processServerExtensions

public void processServerExtensions(java.util.Hashtable serverExtensions)
                             throws java.io.IOException

Specified by:

processServerExtensions in interface TlsClient

Throws:

java.io.IOException

processServerSupplementalData

public void processServerSupplementalData(java.util.Vector serverSupplementalData)
                                   throws java.io.IOException

Specified by:

processServerSupplementalData in interface TlsClient

Throws:

java.io.IOException

getClientSupplementalData

public java.util.Vector getClientSupplementalData()
                                           throws java.io.IOException

Specified by:

getClientSupplementalData in interface TlsClient

Throws:

java.io.IOException

notifyNewSessionTicket

public void notifyNewSessionTicket(NewSessionTicket newSessionTicket)
                            throws java.io.IOException

Description copied from interface: TlsClient

RFC 5077 3.3. NewSessionTicket Handshake Message

This method will be called (only) when a NewSessionTicket handshake message is received. The ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.

Specified by:

notifyNewSessionTicket in interface TlsClient

Parameters:

newSessionTicket - The ticket.

Throws:

java.io.IOException