org.bouncycastle.tls

Interface TlsClient

All Superinterfaces:

TlsPeer

All Known Implementing Classes:

AbstractTlsClient, DefaultTlsClient, PSKTlsClient, SRPTlsClient

public interface TlsClient
extends TlsPeer

Interface describing a TLS client endpoint.

Method Summary

Modifier and Type	Method and Description
TlsAuthentication	getAuthentication()
java.util.Hashtable	getClientExtensions()
java.util.Vector	getClientSupplementalData()
TlsDHGroupVerifier	getDHGroupVerifier()
java.util.Vector	getEarlyKeyShareGroups() If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello.
TlsPSKIdentity	getPSKIdentity()
TlsSession	getSessionToResume() Return the session this client wants to resume, if any.
TlsSRPConfigVerifier	getSRPConfigVerifier()
TlsSRPIdentity	getSRPIdentity()
void	init(TlsClientContext context)
boolean	isFallback()
void	notifyNewSessionTicket(NewSessionTicket newSessionTicket) RFC 5077 3.3.
void	notifySelectedCipherSuite(int selectedCipherSuite)
void	notifyServerVersion(ProtocolVersion selectedVersion)
void	notifySessionID(byte[] sessionID) Notifies the client of the session_id sent in the ServerHello.
void	processServerExtensions(java.util.Hashtable serverExtensions) The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent.
void	processServerSupplementalData(java.util.Vector serverSupplementalData)

Methods inherited from interface org.bouncycastle.tls.TlsPeer

allowLegacyResumption, cancel, getCipherSuites, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getProtocolVersions, getRenegotiationPolicy, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeBeginning, notifyHandshakeComplete, notifySecureRenegotiation, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime

Method Detail

init

void init(TlsClientContext context)

getSessionToResume

TlsSession getSessionToResume()

Return the session this client wants to resume, if any. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.

Returns:

A TlsSession representing the resumable session to be used for this connection, or null to use a new session.

See Also:

SessionParameters.getPeerCertificate()

isFallback

boolean isFallback()

getClientExtensions

java.util.Hashtable getClientExtensions()
                                 throws java.io.IOException

Throws:

java.io.IOException

getEarlyKeyShareGroups

java.util.Vector getEarlyKeyShareGroups()

If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello. Groups that were not included in the supported_groups extension (by getClientExtensions() will be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions.

Returns:

a Vector of named group values, possibly empty or null.

Throws:

java.io.IOException

notifyServerVersion

void notifyServerVersion(ProtocolVersion selectedVersion)
                  throws java.io.IOException

Throws:

java.io.IOException

notifySessionID

void notifySessionID(byte[] sessionID)

Notifies the client of the session_id sent in the ServerHello.

Parameters:

sessionID -

See Also:

TlsContext.getSession()

notifySelectedCipherSuite

void notifySelectedCipherSuite(int selectedCipherSuite)

processServerExtensions

void processServerExtensions(java.util.Hashtable serverExtensions)
                      throws java.io.IOException

The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent. If further processing of the server extensions is needed, it can be done in this callback. NOTE: This is not called for session resumption handshakes.

Parameters:

serverExtensions - (Integer -> byte[])

Throws:

java.io.IOException

processServerSupplementalData

void processServerSupplementalData(java.util.Vector serverSupplementalData)
                            throws java.io.IOException

Throws:

java.io.IOException

getPSKIdentity

TlsPSKIdentity getPSKIdentity()
                       throws java.io.IOException

Throws:

java.io.IOException

getSRPIdentity

TlsSRPIdentity getSRPIdentity()
                       throws java.io.IOException

Throws:

java.io.IOException

getDHGroupVerifier

TlsDHGroupVerifier getDHGroupVerifier()
                               throws java.io.IOException

Throws:

java.io.IOException

getSRPConfigVerifier

TlsSRPConfigVerifier getSRPConfigVerifier()
                                   throws java.io.IOException

Throws:

java.io.IOException

getAuthentication

TlsAuthentication getAuthentication()
                             throws java.io.IOException

Throws:

java.io.IOException

getClientSupplementalData

java.util.Vector getClientSupplementalData()
                                    throws java.io.IOException

Throws:

java.io.IOException

notifyNewSessionTicket

void notifyNewSessionTicket(NewSessionTicket newSessionTicket)
                     throws java.io.IOException

RFC 5077 3.3. NewSessionTicket Handshake Message

This method will be called (only) when a NewSessionTicket handshake message is received. The ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.

Parameters:

newSessionTicket - The ticket.

Throws:

java.io.IOException