public interface TlsServer extends TlsPeer
Modifier and Type | Method and Description |
---|---|
CertificateRequest |
getCertificateRequest() |
CertificateStatus |
getCertificateStatus()
This method will be called (only) if the server included an extension of type
"status_request" with empty "extension_data" in the extended server hello.
|
TlsCredentials |
getCredentials()
Return server credentials to use.
|
TlsDHConfig |
getDHConfig() |
TlsECConfig |
getECDHConfig() |
TlsPSKExternal |
getExternalPSK(java.util.Vector identities)
WARNING: EXPERIMENTAL FEATURE, UNSTABLE API
Return the
external PSK to select from the ClientHello. |
byte[] |
getNewSessionID() |
NewSessionTicket |
getNewSessionTicket()
RFC 5077 3.3.
|
TlsPSKIdentityManager |
getPSKIdentityManager() |
int |
getSelectedCipherSuite() |
java.util.Hashtable |
getServerExtensions() |
void |
getServerExtensionsForConnection(java.util.Hashtable serverExtensions) |
java.util.Vector |
getServerSupplementalData() |
ProtocolVersion |
getServerVersion() |
TlsSession |
getSessionToResume(byte[] sessionID)
Return the specified session, if available.
|
TlsSRPLoginParameters |
getSRPLoginParameters() |
int[] |
getSupportedGroups() |
void |
init(TlsServerContext context) |
void |
notifyClientCertificate(Certificate clientCertificate)
Called by the protocol handler to report the client certificate, only if
getCertificateRequest() returned non-null. |
void |
notifyClientVersion(ProtocolVersion clientVersion) |
void |
notifyFallback(boolean isFallback) |
void |
notifyOfferedCipherSuites(int[] offeredCipherSuites) |
void |
notifySession(TlsSession session) |
void |
processClientExtensions(java.util.Hashtable clientExtensions) |
void |
processClientSupplementalData(java.util.Vector clientSupplementalData) |
allowLegacyResumption, cancel, getCipherSuites, getCrypto, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getMaxCertificateChainLength, getMaxHandshakeMessageSize, getProtocolVersions, getPskKeyExchangeModes, getRenegotiationPolicy, notifyAlertRaised, notifyAlertReceived, notifyCloseHandle, notifyHandshakeBeginning, notifyHandshakeComplete, notifySecureRenegotiation, requiresCloseNotify, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime
void init(TlsServerContext context)
TlsSession getSessionToResume(byte[] sessionID)
sessionID
- the ID of the session to resume.TlsSession
with the specified session ID, or null.SessionParameters.getPeerCertificate()
byte[] getNewSessionID()
TlsPSKExternal getExternalPSK(java.util.Vector identities)
external PSK
to select from the ClientHello. Note that this will only
be called when TLS 1.3 or higher is amongst the offered protocol versions, and one or more PSKs are
actually offered.identities
- a Vector
of PskIdentity
instances.TlsPSKExternal
corresponding to the selected identity, or null to not select any.void notifySession(TlsSession session)
void notifyClientVersion(ProtocolVersion clientVersion) throws java.io.IOException
java.io.IOException
void notifyFallback(boolean isFallback) throws java.io.IOException
java.io.IOException
void notifyOfferedCipherSuites(int[] offeredCipherSuites) throws java.io.IOException
java.io.IOException
void processClientExtensions(java.util.Hashtable clientExtensions) throws java.io.IOException
java.io.IOException
ProtocolVersion getServerVersion() throws java.io.IOException
java.io.IOException
int[] getSupportedGroups() throws java.io.IOException
java.io.IOException
int getSelectedCipherSuite() throws java.io.IOException
java.io.IOException
java.util.Hashtable getServerExtensions() throws java.io.IOException
java.io.IOException
void getServerExtensionsForConnection(java.util.Hashtable serverExtensions) throws java.io.IOException
java.io.IOException
java.util.Vector getServerSupplementalData() throws java.io.IOException
java.io.IOException
TlsCredentials getCredentials() throws java.io.IOException
TlsCredentialedAgreement
, TlsCredentialedDecryptor
, or
TlsCredentialedSigner
, depending on the key exchange that was negotiated.java.io.IOException
CertificateStatus getCertificateStatus() throws java.io.IOException
CertificateStatus
is returned, it
is sent to the client as a handshake message of type "certificate_status".CertificateStatus
to be sent to the client (or null for none).java.io.IOException
CertificateRequest getCertificateRequest() throws java.io.IOException
java.io.IOException
TlsPSKIdentityManager getPSKIdentityManager() throws java.io.IOException
java.io.IOException
TlsSRPLoginParameters getSRPLoginParameters() throws java.io.IOException
java.io.IOException
TlsDHConfig getDHConfig() throws java.io.IOException
java.io.IOException
TlsECConfig getECDHConfig() throws java.io.IOException
java.io.IOException
void processClientSupplementalData(java.util.Vector clientSupplementalData) throws java.io.IOException
java.io.IOException
void notifyClientCertificate(Certificate clientCertificate) throws java.io.IOException
getCertificateRequest()
returned non-null.
Note: this method is responsible for certificate verification and validation.clientCertificate
- the effective client certificate (may be an empty chain).java.io.IOException
NewSessionTicket getNewSessionTicket() throws java.io.IOException
This method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 4. Recommended Ticket Construction for recommended format and protection.
java.io.IOException