Package org.bouncycastle.tls
Interface TlsClient
-
- All Superinterfaces:
TlsPeer
- All Known Implementing Classes:
AbstractTlsClient
,DefaultTlsClient
,PSKTlsClient
,SRPTlsClient
public interface TlsClient extends TlsPeer
Interface describing a TLS client endpoint.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description TlsAuthentication
getAuthentication()
java.util.Hashtable
getClientExtensions()
java.util.Vector
getClientSupplementalData()
TlsDHGroupVerifier
getDHGroupVerifier()
java.util.Vector
getEarlyKeyShareGroups()
If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello.java.util.Vector
getExternalPSKs()
Return theexternal PSKs
to offer in the ClientHello.TlsPSKIdentity
getPSKIdentity()
TlsSession
getSessionToResume()
Return the session this client wants to resume, if any.TlsSRPConfigVerifier
getSRPConfigVerifier()
TlsSRPIdentity
getSRPIdentity()
void
init(TlsClientContext context)
boolean
isFallback()
void
notifyNewSessionTicket(NewSessionTicket newSessionTicket)
RFC 5077 3.3.void
notifySelectedCipherSuite(int selectedCipherSuite)
void
notifySelectedPSK(TlsPSK selectedPSK)
void
notifyServerVersion(ProtocolVersion selectedVersion)
void
notifySessionID(byte[] sessionID)
Notifies the client of the session_id sent in the ServerHello.void
notifySessionToResume(TlsSession session)
Notifies the client of the session that will be offered in ClientHello for resumption, if any.void
processServerExtensions(java.util.Hashtable serverExtensions)
The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent.void
processServerSupplementalData(java.util.Vector serverSupplementalData)
boolean
shouldUseCompatibilityMode()
-
Methods inherited from interface org.bouncycastle.tls.TlsPeer
allowLegacyResumption, cancel, getCipherSuites, getCrypto, getHandshakeResendTimeMillis, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getMaxCertificateChainLength, getMaxHandshakeMessageSize, getProtocolVersions, getPskKeyExchangeModes, getRenegotiationPolicy, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyConnectionClosed, notifyHandshakeBeginning, notifyHandshakeComplete, notifySecureRenegotiation, requiresCloseNotify, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime
-
-
-
-
Method Detail
-
init
void init(TlsClientContext context)
-
getSessionToResume
TlsSession getSessionToResume()
Return the session this client wants to resume, if any. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.- Returns:
- A
TlsSession
representing the resumable session to be used for this connection, or null to use a new session. - See Also:
SessionParameters.getPeerCertificate()
-
getExternalPSKs
java.util.Vector getExternalPSKs()
Return theexternal PSKs
to offer in the ClientHello. Note that this will only be called when TLS 1.3 or higher is amongst the offered protocol versions.- Returns:
- a
Vector
ofTlsPSKExternal
instances, or null if none should be offered.
-
isFallback
boolean isFallback()
-
getClientExtensions
java.util.Hashtable getClientExtensions() throws java.io.IOException
- Throws:
java.io.IOException
-
getEarlyKeyShareGroups
java.util.Vector getEarlyKeyShareGroups()
If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello. Groups that were not included in the supported_groups extension (bygetClientExtensions()
will be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions.- Returns:
- a
Vector
ofnamed group
values, possibly empty or null.
-
shouldUseCompatibilityMode
boolean shouldUseCompatibilityMode()
-
notifyServerVersion
void notifyServerVersion(ProtocolVersion selectedVersion) throws java.io.IOException
- Throws:
java.io.IOException
-
notifySessionToResume
void notifySessionToResume(TlsSession session)
Notifies the client of the session that will be offered in ClientHello for resumption, if any. This will be either the session returned fromgetSessionToResume()
or null if that session was unusable. NOTE: the actual negotiated session_id is notified bynotifySessionID(byte[])
.- Parameters:
session
- TheTlsSession
representing the resumable session to be offered for this connection, or null if there is none.- See Also:
notifySessionID(byte[])
-
notifySessionID
void notifySessionID(byte[] sessionID)
Notifies the client of the session_id sent in the ServerHello.- Parameters:
sessionID
-- See Also:
TlsContext.getSession()
-
notifySelectedCipherSuite
void notifySelectedCipherSuite(int selectedCipherSuite)
-
notifySelectedPSK
void notifySelectedPSK(TlsPSK selectedPSK) throws java.io.IOException
- Throws:
java.io.IOException
-
processServerExtensions
void processServerExtensions(java.util.Hashtable serverExtensions) throws java.io.IOException
The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent. If further processing of the server extensions is needed, it can be done in this callback. NOTE: This is not called for session resumption handshakes.- Parameters:
serverExtensions
- (Integer -> byte[])- Throws:
java.io.IOException
-
processServerSupplementalData
void processServerSupplementalData(java.util.Vector serverSupplementalData) throws java.io.IOException
- Throws:
java.io.IOException
-
getPSKIdentity
TlsPSKIdentity getPSKIdentity() throws java.io.IOException
- Throws:
java.io.IOException
-
getSRPIdentity
TlsSRPIdentity getSRPIdentity() throws java.io.IOException
- Throws:
java.io.IOException
-
getDHGroupVerifier
TlsDHGroupVerifier getDHGroupVerifier() throws java.io.IOException
- Throws:
java.io.IOException
-
getSRPConfigVerifier
TlsSRPConfigVerifier getSRPConfigVerifier() throws java.io.IOException
- Throws:
java.io.IOException
-
getAuthentication
TlsAuthentication getAuthentication() throws java.io.IOException
- Throws:
java.io.IOException
-
getClientSupplementalData
java.util.Vector getClientSupplementalData() throws java.io.IOException
- Throws:
java.io.IOException
-
notifyNewSessionTicket
void notifyNewSessionTicket(NewSessionTicket newSessionTicket) throws java.io.IOException
RFC 5077 3.3. NewSessionTicket Handshake MessageThis method will be called (only) when a NewSessionTicket handshake message is received. The ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.
- Parameters:
newSessionTicket
- The ticket.- Throws:
java.io.IOException
-
-