public abstract class AbstractTlsServer extends AbstractTlsPeer implements TlsServer
| Modifier and Type | Field and Description |
|---|---|
protected CertificateStatusRequest |
certificateStatusRequest |
protected int[] |
cipherSuites |
protected java.util.Hashtable |
clientExtensions |
protected java.util.Vector |
clientProtocolNames |
protected boolean |
clientSentECPointFormats |
protected TlsServerContext |
context |
protected boolean |
encryptThenMACOffered |
protected short |
maxFragmentLengthOffered |
protected int[] |
offeredCipherSuites |
protected ProtocolVersion[] |
protocolVersions |
protected int |
selectedCipherSuite |
protected ProtocolName |
selectedProtocolName |
protected java.util.Hashtable |
serverExtensions |
protected boolean |
truncatedHMacOffered |
| Constructor and Description |
|---|
AbstractTlsServer(TlsCrypto crypto) |
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
allowCertificateStatus() |
protected boolean |
allowEncryptThenMAC() |
protected boolean |
allowTruncatedHMac() |
protected java.util.Hashtable |
checkServerExtensions() |
CertificateRequest |
getCertificateRequest() |
CertificateStatus |
getCertificateStatus()
This method will be called (only) if the server included an extension of type
"status_request" with empty "extension_data" in the extended server hello.
|
int[] |
getCipherSuites() |
TlsDHConfig |
getDHConfig() |
TlsECConfig |
getECDHConfig() |
protected int |
getMaximumNegotiableCurveBits() |
protected int |
getMaximumNegotiableFiniteFieldBits() |
NewSessionTicket |
getNewSessionTicket()
RFC 5077 3.3.
|
protected java.util.Vector |
getProtocolNames() |
ProtocolVersion[] |
getProtocolVersions() |
TlsPSKIdentityManager |
getPSKIdentityManager() |
int |
getSelectedCipherSuite() |
java.util.Hashtable |
getServerExtensions() |
java.util.Vector |
getServerSupplementalData() |
ProtocolVersion |
getServerVersion() |
TlsSession |
getSessionToResume(byte[] sessionID)
Return the specified session, if available.
|
TlsSRPLoginParameters |
getSRPLoginParameters() |
void |
init(TlsServerContext context) |
protected boolean |
isSelectableCipherSuite(int cipherSuite,
int availCurveBits,
int availFiniteFieldBits,
java.util.Vector sigAlgs) |
void |
notifyClientCertificate(Certificate clientCertificate)
Called by the protocol handler to report the client certificate, only if
TlsServer.getCertificateRequest() returned non-null. |
void |
notifyClientVersion(ProtocolVersion clientVersion) |
void |
notifyFallback(boolean isFallback) |
void |
notifyHandshakeBeginning()
Notifies the peer that a new handshake is about to begin.
|
void |
notifyOfferedCipherSuites(int[] offeredCipherSuites) |
protected boolean |
preferLocalCipherSuites() |
void |
processClientExtensions(java.util.Hashtable clientExtensions) |
void |
processClientSupplementalData(java.util.Vector clientSupplementalData) |
protected boolean |
selectCipherSuite(int cipherSuite) |
protected int |
selectDH(int minimumFiniteFieldBits) |
protected int |
selectDHDefault(int minimumFiniteFieldBits) |
protected int |
selectECDH(int minimumCurveBits) |
protected int |
selectECDHDefault(int minimumCurveBits) |
protected ProtocolName |
selectProtocolName() |
protected ProtocolName |
selectProtocolName(java.util.Vector clientProtocolNames,
java.util.Vector serverProtocolNames) |
protected boolean |
shouldSelectProtocolNameEarly() |
allowLegacyResumption, cancel, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getRenegotiationPolicy, getSupportedCipherSuites, getSupportedVersions, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTimeclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetCredentialsallowLegacyResumption, cancel, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getRenegotiationPolicy, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTimeprotected TlsServerContext context
protected ProtocolVersion[] protocolVersions
protected int[] cipherSuites
protected int[] offeredCipherSuites
protected java.util.Hashtable clientExtensions
protected boolean encryptThenMACOffered
protected short maxFragmentLengthOffered
protected boolean truncatedHMacOffered
protected boolean clientSentECPointFormats
protected CertificateStatusRequest certificateStatusRequest
protected int selectedCipherSuite
protected java.util.Vector clientProtocolNames
protected ProtocolName selectedProtocolName
protected java.util.Hashtable serverExtensions
public AbstractTlsServer(TlsCrypto crypto)
protected boolean allowCertificateStatus()
protected boolean allowEncryptThenMAC()
protected boolean allowTruncatedHMac()
protected java.util.Hashtable checkServerExtensions()
protected int getMaximumNegotiableCurveBits()
protected int getMaximumNegotiableFiniteFieldBits()
protected java.util.Vector getProtocolNames()
protected boolean isSelectableCipherSuite(int cipherSuite,
int availCurveBits,
int availFiniteFieldBits,
java.util.Vector sigAlgs)
protected boolean preferLocalCipherSuites()
protected boolean selectCipherSuite(int cipherSuite)
throws java.io.IOException
java.io.IOExceptionprotected int selectDH(int minimumFiniteFieldBits)
protected int selectDHDefault(int minimumFiniteFieldBits)
protected int selectECDH(int minimumCurveBits)
protected int selectECDHDefault(int minimumCurveBits)
protected ProtocolName selectProtocolName() throws java.io.IOException
java.io.IOExceptionprotected ProtocolName selectProtocolName(java.util.Vector clientProtocolNames, java.util.Vector serverProtocolNames)
protected boolean shouldSelectProtocolNameEarly()
public void init(TlsServerContext context)
public ProtocolVersion[] getProtocolVersions()
getProtocolVersions in interface TlsPeerpublic int[] getCipherSuites()
getCipherSuites in interface TlsPeerpublic void notifyHandshakeBeginning()
throws java.io.IOException
TlsPeernotifyHandshakeBeginning in interface TlsPeernotifyHandshakeBeginning in class AbstractTlsPeerjava.io.IOExceptionpublic TlsSession getSessionToResume(byte[] sessionID)
TlsServergetSessionToResume in interface TlsServersessionID - the ID of the session to resume.TlsSession with the specified session ID, or null.SessionParameters.getPeerCertificate()public void notifyClientVersion(ProtocolVersion clientVersion) throws java.io.IOException
notifyClientVersion in interface TlsServerjava.io.IOExceptionpublic void notifyFallback(boolean isFallback)
throws java.io.IOException
notifyFallback in interface TlsServerjava.io.IOExceptionpublic void notifyOfferedCipherSuites(int[] offeredCipherSuites)
throws java.io.IOException
notifyOfferedCipherSuites in interface TlsServerjava.io.IOExceptionpublic void processClientExtensions(java.util.Hashtable clientExtensions)
throws java.io.IOException
processClientExtensions in interface TlsServerjava.io.IOExceptionpublic ProtocolVersion getServerVersion() throws java.io.IOException
getServerVersion in interface TlsServerjava.io.IOExceptionpublic int getSelectedCipherSuite()
throws java.io.IOException
getSelectedCipherSuite in interface TlsServerjava.io.IOExceptionpublic java.util.Hashtable getServerExtensions()
throws java.io.IOException
getServerExtensions in interface TlsServerjava.io.IOExceptionpublic java.util.Vector getServerSupplementalData()
throws java.io.IOException
getServerSupplementalData in interface TlsServerjava.io.IOExceptionpublic CertificateStatus getCertificateStatus() throws java.io.IOException
TlsServerCertificateStatus is returned, it
is sent to the client as a handshake message of type "certificate_status".getCertificateStatus in interface TlsServerCertificateStatus to be sent to the client (or null for none).java.io.IOExceptionpublic CertificateRequest getCertificateRequest() throws java.io.IOException
getCertificateRequest in interface TlsServerjava.io.IOExceptionpublic TlsPSKIdentityManager getPSKIdentityManager() throws java.io.IOException
getPSKIdentityManager in interface TlsServerjava.io.IOExceptionpublic TlsSRPLoginParameters getSRPLoginParameters() throws java.io.IOException
getSRPLoginParameters in interface TlsServerjava.io.IOExceptionpublic TlsDHConfig getDHConfig() throws java.io.IOException
getDHConfig in interface TlsServerjava.io.IOExceptionpublic TlsECConfig getECDHConfig() throws java.io.IOException
getECDHConfig in interface TlsServerjava.io.IOExceptionpublic void processClientSupplementalData(java.util.Vector clientSupplementalData)
throws java.io.IOException
processClientSupplementalData in interface TlsServerjava.io.IOExceptionpublic void notifyClientCertificate(Certificate clientCertificate) throws java.io.IOException
TlsServerTlsServer.getCertificateRequest() returned non-null.
Note: this method is responsible for certificate verification and validation.notifyClientCertificate in interface TlsServerclientCertificate - the effective client certificate (may be an empty chain).java.io.IOExceptionpublic NewSessionTicket getNewSessionTicket() throws java.io.IOException
TlsServerThis method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 4. Recommended Ticket Construction for recommended format and protection.
getNewSessionTicket in interface TlsServerjava.io.IOException