org.bouncycastle.crypto.tls

Class TlsServerProtocol

java.lang.Object

org.bouncycastle.crypto.tls.TlsProtocol

org.bouncycastle.crypto.tls.TlsServerProtocol

public class TlsServerProtocol
extends TlsProtocol

Field Summary

Fields

Modifier and Type	Field and Description
protected CertificateRequest	certificateRequest
protected short	clientCertificateType
protected TlsKeyExchange	keyExchange
protected TlsHandshakeHash	prepareFinishHash
protected TlsCredentials	serverCredentials
protected TlsServer	tlsServer

Fields inherited from class org.bouncycastle.crypto.tls.TlsProtocol

ADS_MODE_0_N, ADS_MODE_0_N_FIRSTONLY, ADS_MODE_1_Nsub1, allowCertificateStatus, blocking, clientExtensions, connection_state, CS_CERTIFICATE_REQUEST, CS_CERTIFICATE_STATUS, CS_CERTIFICATE_VERIFY, CS_CLIENT_CERTIFICATE, CS_CLIENT_FINISHED, CS_CLIENT_HELLO, CS_CLIENT_KEY_EXCHANGE, CS_CLIENT_SUPPLEMENTAL_DATA, CS_END, CS_SERVER_CERTIFICATE, CS_SERVER_FINISHED, CS_SERVER_HELLO, CS_SERVER_HELLO_DONE, CS_SERVER_KEY_EXCHANGE, CS_SERVER_SESSION_TICKET, CS_SERVER_SUPPLEMENTAL_DATA, CS_START, expectSessionTicket, EXT_RenegotiationInfo, EXT_SessionTicket, inputBuffers, offeredCipherSuites, offeredCompressionMethods, outputBuffer, peerCertificate, receivedChangeCipherSpec, resumedSession, secure_renegotiation, secureRandom, securityParameters, serverExtensions, sessionParameters, tlsSession

Constructor Summary

Constructors

Constructor and Description
TlsServerProtocol(java.io.InputStream input, java.io.OutputStream output, java.security.SecureRandom secureRandom) Constructor for blocking mode.
TlsServerProtocol(java.security.SecureRandom secureRandom) Constructor for non-blocking mode. When data is received, use TlsProtocol.offerInput(byte[]) to provide the received ciphertext, then use TlsProtocol.readInput(byte[], int, int) to read the corresponding cleartext. Similarly, when data needs to be sent, use TlsProtocol.offerOutput(byte[], int, int) to provide the cleartext, then use TlsProtocol.readOutput(byte[], int, int) to get the corresponding ciphertext.

Method Summary

Modifier and Type	Method and Description
void	accept(TlsServer tlsServer) Receives a TLS handshake in the role of server. In blocking mode, this will not return until the handshake is complete.
protected void	cleanupHandshake()
protected boolean	expectCertificateVerifyMessage()
protected TlsContext	getContext()
protected TlsPeer	getPeer()
protected void	handleAlertWarningMessage(short alertDescription)
protected void	handleHandshakeMessage(short type, java.io.ByteArrayInputStream buf)
protected void	notifyClientCertificate(Certificate clientCertificate)
protected void	receiveCertificateMessage(java.io.ByteArrayInputStream buf)
protected void	receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf)
protected void	receiveClientHelloMessage(java.io.ByteArrayInputStream buf)
protected void	receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf)
protected void	sendCertificateRequestMessage(CertificateRequest certificateRequest)
protected void	sendCertificateStatusMessage(CertificateStatus certificateStatus)
protected void	sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
protected void	sendServerHelloDoneMessage()
protected void	sendServerHelloMessage()
protected void	sendServerKeyExchangeMessage(byte[] serverKeyExchange)

Methods inherited from class org.bouncycastle.crypto.tls.TlsProtocol

applicationDataAvailable, applyMaxFragmentLengthExtension, assertEmpty, blockForHandshake, checkReceivedChangeCipherSpec, close, closeInput, completeHandshake, createRandomBlock, createRenegotiationInfo, createVerifyData, establishMasterSecret, flush, getAvailableInputBytes, getAvailableOutputBytes, getCurrentPRFHash, getInputStream, getOutputStream, getPRFAlgorithm, handleAlertMessage, handleChangeCipherSpecMessage, handleClose, handleException, handleFailure, invalidateSession, isClosed, offerInput, offerOutput, processFinishedMessage, processMaxFragmentLengthExtension, processRecord, raiseAlertFatal, raiseAlertWarning, readApplicationData, readExtensions, readInput, readOutput, readSupplementalDataMessage, refuseRenegotiation, safeCheckRecordHeader, safeReadRecord, safeWriteRecord, sendCertificateMessage, sendChangeCipherSpecMessage, sendFinishedMessage, sendSupplementalDataMessage, setAppDataSplitMode, writeData, writeExtensions, writeHandshakeMessage, writeSelectedExtensions, writeSupplementalData

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

tlsServer

protected TlsServer tlsServer

keyExchange

protected TlsKeyExchange keyExchange

serverCredentials

protected TlsCredentials serverCredentials

certificateRequest

protected CertificateRequest certificateRequest

clientCertificateType

protected short clientCertificateType

prepareFinishHash

protected TlsHandshakeHash prepareFinishHash

Constructor Detail

TlsServerProtocol

public TlsServerProtocol(java.io.InputStream input,
                         java.io.OutputStream output,
                         java.security.SecureRandom secureRandom)

Constructor for blocking mode.

Parameters:

input - The stream of data from the client

output - The stream of data to the client

secureRandom - Random number generator for various cryptographic functions

TlsServerProtocol

public TlsServerProtocol(java.security.SecureRandom secureRandom)

Constructor for non-blocking mode.

When data is received, use TlsProtocol.offerInput(byte[]) to provide the received ciphertext, then use TlsProtocol.readInput(byte[], int, int) to read the corresponding cleartext.

Similarly, when data needs to be sent, use TlsProtocol.offerOutput(byte[], int, int) to provide the cleartext, then use TlsProtocol.readOutput(byte[], int, int) to get the corresponding ciphertext.

Parameters:

secureRandom - Random number generator for various cryptographic functions

Method Detail

accept

public void accept(TlsServer tlsServer)
            throws java.io.IOException

Receives a TLS handshake in the role of server.

In blocking mode, this will not return until the handshake is complete. In non-blocking mode, use TlsPeer.notifyHandshakeComplete() to receive a callback when the handshake is complete.

Parameters:

tlsServer -

Throws:

java.io.IOException - If in blocking mode and handshake was not successful.

cleanupHandshake

protected void cleanupHandshake()

Overrides:

cleanupHandshake in class TlsProtocol

getContext

protected TlsContext getContext()

Specified by:

getContext in class TlsProtocol

getPeer

protected TlsPeer getPeer()

Specified by:

getPeer in class TlsProtocol

handleHandshakeMessage

protected void handleHandshakeMessage(short type,
                                      java.io.ByteArrayInputStream buf)
                               throws java.io.IOException

Specified by:

handleHandshakeMessage in class TlsProtocol

Throws:

java.io.IOException

handleAlertWarningMessage

protected void handleAlertWarningMessage(short alertDescription)
                                  throws java.io.IOException

Overrides:

handleAlertWarningMessage in class TlsProtocol

Throws:

java.io.IOException

notifyClientCertificate

protected void notifyClientCertificate(Certificate clientCertificate)
                                throws java.io.IOException

Throws:

java.io.IOException

receiveCertificateMessage

protected void receiveCertificateMessage(java.io.ByteArrayInputStream buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

receiveCertificateVerifyMessage

protected void receiveCertificateVerifyMessage(java.io.ByteArrayInputStream buf)
                                        throws java.io.IOException

Throws:

java.io.IOException

receiveClientHelloMessage

protected void receiveClientHelloMessage(java.io.ByteArrayInputStream buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

receiveClientKeyExchangeMessage

protected void receiveClientKeyExchangeMessage(java.io.ByteArrayInputStream buf)
                                        throws java.io.IOException

Throws:

java.io.IOException

sendCertificateRequestMessage

protected void sendCertificateRequestMessage(CertificateRequest certificateRequest)
                                      throws java.io.IOException

Throws:

java.io.IOException

sendCertificateStatusMessage

protected void sendCertificateStatusMessage(CertificateStatus certificateStatus)
                                     throws java.io.IOException

Throws:

java.io.IOException

sendNewSessionTicketMessage

protected void sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
                                    throws java.io.IOException

Throws:

java.io.IOException

sendServerHelloMessage

protected void sendServerHelloMessage()
                               throws java.io.IOException

Throws:

java.io.IOException

sendServerHelloDoneMessage

protected void sendServerHelloDoneMessage()
                                   throws java.io.IOException

Throws:

java.io.IOException

sendServerKeyExchangeMessage

protected void sendServerKeyExchangeMessage(byte[] serverKeyExchange)
                                     throws java.io.IOException

Throws:

java.io.IOException

expectCertificateVerifyMessage

protected boolean expectCertificateVerifyMessage()