Bouncy Castle Cryptography 1.50

org.bouncycastle.crypto.tls
Class TlsProtocol

java.lang.Object
  extended by org.bouncycastle.crypto.tls.TlsProtocol
Direct Known Subclasses:
TlsClientProtocol, TlsServerProtocol

public abstract class TlsProtocol
extends java.lang.Object

An implementation of all high level protocols in TLS 1.0/1.1.


Field Summary
protected  boolean allowCertificateStatus
           
protected  java.util.Hashtable clientExtensions
           
protected  short connection_state
           
protected static short CS_CERTIFICATE_REQUEST
           
protected static short CS_CERTIFICATE_STATUS
           
protected static short CS_CERTIFICATE_VERIFY
           
protected static short CS_CLIENT_CERTIFICATE
           
protected static short CS_CLIENT_FINISHED
           
protected static short CS_CLIENT_HELLO
           
protected static short CS_CLIENT_KEY_EXCHANGE
           
protected static short CS_CLIENT_SUPPLEMENTAL_DATA
           
protected static short CS_END
           
protected static short CS_SERVER_CERTIFICATE
           
protected static short CS_SERVER_FINISHED
           
protected static short CS_SERVER_HELLO
           
protected static short CS_SERVER_HELLO_DONE
           
protected static short CS_SERVER_KEY_EXCHANGE
           
protected static short CS_SERVER_SESSION_TICKET
           
protected static short CS_SERVER_SUPPLEMENTAL_DATA
           
protected static short CS_START
           
protected  boolean expectSessionTicket
           
protected static java.lang.Integer EXT_RenegotiationInfo
           
protected static java.lang.Integer EXT_SessionTicket
           
protected  int[] offeredCipherSuites
           
protected  short[] offeredCompressionMethods
           
protected  Certificate peerCertificate
           
protected  boolean receivedChangeCipherSpec
           
protected  org.bouncycastle.crypto.tls.RecordStream recordStream
           
protected  boolean resumedSession
           
protected  boolean secure_renegotiation
           
protected  java.security.SecureRandom secureRandom
           
protected  SecurityParameters securityParameters
           
protected  java.util.Hashtable serverExtensions
           
protected  SessionParameters sessionParameters
           
protected  TlsSession tlsSession
           
 
Constructor Summary
TlsProtocol(java.io.InputStream input, java.io.OutputStream output, java.security.SecureRandom secureRandom)
           
 
Method Summary
protected static void assertEmpty(java.io.ByteArrayInputStream buf)
          Make sure the InputStream 'buf' now empty.
protected  void cleanupHandshake()
           
 void close()
          Closes this connection.
protected  void completeHandshake()
           
protected static byte[] createRandomBlock(java.security.SecureRandom random)
           
protected static byte[] createRenegotiationInfo(byte[] renegotiated_connection)
           
protected  byte[] createVerifyData(boolean isServer)
           
protected static void establishMasterSecret(TlsContext context, TlsKeyExchange keyExchange)
           
protected  void failWithError(short alertLevel, short alertDescription, java.lang.String message, java.lang.Exception cause)
          Terminate this connection with an alert.
protected  void flush()
           
protected abstract  org.bouncycastle.crypto.tls.AbstractTlsContext getContext()
           
protected static byte[] getCurrentPRFHash(TlsContext context, org.bouncycastle.crypto.tls.TlsHandshakeHash handshakeHash, byte[] sslSender)
          'sender' only relevant to SSLv3
 java.io.InputStream getInputStream()
           
 java.io.OutputStream getOutputStream()
           
protected abstract  TlsPeer getPeer()
           
protected static int getPRFAlgorithm(TlsContext context, int ciphersuite)
           
protected  void handleChangeCipherSpecMessage()
           
protected  void handleClose(boolean user_canceled)
           
protected abstract  void handleHandshakeMessage(short type, byte[] buf)
           
protected  void handleWarningMessage(short description)
           
protected  void invalidateSession()
           
protected  void processFinishedMessage(java.io.ByteArrayInputStream buf)
           
protected  short processMaxFragmentLengthExtension(java.util.Hashtable clientExtensions, java.util.Hashtable serverExtensions, short alertDescription)
           
protected  void processRecord(short protocol, byte[] buf, int offset, int len)
           
protected  void raiseAlert(short alertLevel, short alertDescription, java.lang.String message, java.lang.Exception cause)
           
protected  void raiseWarning(short alertDescription, java.lang.String message)
           
protected  int readApplicationData(byte[] buf, int offset, int len)
          Read data from the network.
protected static java.util.Hashtable readExtensions(java.io.ByteArrayInputStream input)
           
protected static java.util.Vector readSupplementalDataMessage(java.io.ByteArrayInputStream input)
           
protected  void safeReadRecord()
           
protected  void safeWriteRecord(short type, byte[] buf, int offset, int len)
           
protected  void sendCertificateMessage(Certificate certificate)
           
protected  void sendChangeCipherSpecMessage()
           
protected  void sendFinishedMessage()
           
protected  void sendSupplementalDataMessage(java.util.Vector supplementalData)
           
protected  void writeData(byte[] buf, int offset, int len)
          Send some application data to the remote system.
protected static void writeExtensions(java.io.OutputStream output, java.util.Hashtable extensions)
           
protected  void writeHandshakeMessage(byte[] buf, int off, int len)
           
protected static void writeSupplementalData(java.io.OutputStream output, java.util.Vector supplementalData)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

EXT_RenegotiationInfo

protected static final java.lang.Integer EXT_RenegotiationInfo

EXT_SessionTicket

protected static final java.lang.Integer EXT_SessionTicket

CS_START

protected static final short CS_START
See Also:
Constant Field Values

CS_CLIENT_HELLO

protected static final short CS_CLIENT_HELLO
See Also:
Constant Field Values

CS_SERVER_HELLO

protected static final short CS_SERVER_HELLO
See Also:
Constant Field Values

CS_SERVER_SUPPLEMENTAL_DATA

protected static final short CS_SERVER_SUPPLEMENTAL_DATA
See Also:
Constant Field Values

CS_SERVER_CERTIFICATE

protected static final short CS_SERVER_CERTIFICATE
See Also:
Constant Field Values

CS_CERTIFICATE_STATUS

protected static final short CS_CERTIFICATE_STATUS
See Also:
Constant Field Values

CS_SERVER_KEY_EXCHANGE

protected static final short CS_SERVER_KEY_EXCHANGE
See Also:
Constant Field Values

CS_CERTIFICATE_REQUEST

protected static final short CS_CERTIFICATE_REQUEST
See Also:
Constant Field Values

CS_SERVER_HELLO_DONE

protected static final short CS_SERVER_HELLO_DONE
See Also:
Constant Field Values

CS_CLIENT_SUPPLEMENTAL_DATA

protected static final short CS_CLIENT_SUPPLEMENTAL_DATA
See Also:
Constant Field Values

CS_CLIENT_CERTIFICATE

protected static final short CS_CLIENT_CERTIFICATE
See Also:
Constant Field Values

CS_CLIENT_KEY_EXCHANGE

protected static final short CS_CLIENT_KEY_EXCHANGE
See Also:
Constant Field Values

CS_CERTIFICATE_VERIFY

protected static final short CS_CERTIFICATE_VERIFY
See Also:
Constant Field Values

CS_CLIENT_FINISHED

protected static final short CS_CLIENT_FINISHED
See Also:
Constant Field Values

CS_SERVER_SESSION_TICKET

protected static final short CS_SERVER_SESSION_TICKET
See Also:
Constant Field Values

CS_SERVER_FINISHED

protected static final short CS_SERVER_FINISHED
See Also:
Constant Field Values

CS_END

protected static final short CS_END
See Also:
Constant Field Values

recordStream

protected org.bouncycastle.crypto.tls.RecordStream recordStream

secureRandom

protected java.security.SecureRandom secureRandom

tlsSession

protected TlsSession tlsSession

sessionParameters

protected SessionParameters sessionParameters

securityParameters

protected SecurityParameters securityParameters

peerCertificate

protected Certificate peerCertificate

offeredCipherSuites

protected int[] offeredCipherSuites

offeredCompressionMethods

protected short[] offeredCompressionMethods

clientExtensions

protected java.util.Hashtable clientExtensions

serverExtensions

protected java.util.Hashtable serverExtensions

connection_state

protected short connection_state

resumedSession

protected boolean resumedSession

receivedChangeCipherSpec

protected boolean receivedChangeCipherSpec

secure_renegotiation

protected boolean secure_renegotiation

allowCertificateStatus

protected boolean allowCertificateStatus

expectSessionTicket

protected boolean expectSessionTicket
Constructor Detail

TlsProtocol

public TlsProtocol(java.io.InputStream input,
                   java.io.OutputStream output,
                   java.security.SecureRandom secureRandom)
Method Detail

getContext

protected abstract org.bouncycastle.crypto.tls.AbstractTlsContext getContext()

getPeer

protected abstract TlsPeer getPeer()

handleChangeCipherSpecMessage

protected void handleChangeCipherSpecMessage()
                                      throws java.io.IOException
Throws:
java.io.IOException

handleHandshakeMessage

protected abstract void handleHandshakeMessage(short type,
                                               byte[] buf)
                                        throws java.io.IOException
Throws:
java.io.IOException

handleWarningMessage

protected void handleWarningMessage(short description)
                             throws java.io.IOException
Throws:
java.io.IOException

cleanupHandshake

protected void cleanupHandshake()

completeHandshake

protected void completeHandshake()
                          throws java.io.IOException
Throws:
java.io.IOException

processRecord

protected void processRecord(short protocol,
                             byte[] buf,
                             int offset,
                             int len)
                      throws java.io.IOException
Throws:
java.io.IOException

readApplicationData

protected int readApplicationData(byte[] buf,
                                  int offset,
                                  int len)
                           throws java.io.IOException
Read data from the network. The method will return immediately, if there is still some data left in the buffer, or block until some application data has been read from the network.

Parameters:
buf - The buffer where the data will be copied to.
offset - The position where the data will be placed in the buffer.
len - The maximum number of bytes to read.
Returns:
The number of bytes read.
Throws:
java.io.IOException - If something goes wrong during reading data.

safeReadRecord

protected void safeReadRecord()
                       throws java.io.IOException
Throws:
java.io.IOException

safeWriteRecord

protected void safeWriteRecord(short type,
                               byte[] buf,
                               int offset,
                               int len)
                        throws java.io.IOException
Throws:
java.io.IOException

writeData

protected void writeData(byte[] buf,
                         int offset,
                         int len)
                  throws java.io.IOException
Send some application data to the remote system.

The method will handle fragmentation internally.

Parameters:
buf - The buffer with the data.
offset - The position in the buffer where the data is placed.
len - The length of the data.
Throws:
java.io.IOException - If something goes wrong during sending.

writeHandshakeMessage

protected void writeHandshakeMessage(byte[] buf,
                                     int off,
                                     int len)
                              throws java.io.IOException
Throws:
java.io.IOException

getOutputStream

public java.io.OutputStream getOutputStream()
Returns:
An OutputStream which can be used to send data.

getInputStream

public java.io.InputStream getInputStream()
Returns:
An InputStream which can be used to read data.

failWithError

protected void failWithError(short alertLevel,
                             short alertDescription,
                             java.lang.String message,
                             java.lang.Exception cause)
                      throws java.io.IOException
Terminate this connection with an alert. Can be used for normal closure too.

Parameters:
alertLevel - See AlertLevel for values.
alertDescription - See AlertDescription for values.
Throws:
java.io.IOException - If alert was fatal.

invalidateSession

protected void invalidateSession()

processFinishedMessage

protected void processFinishedMessage(java.io.ByteArrayInputStream buf)
                               throws java.io.IOException
Throws:
java.io.IOException

raiseAlert

protected void raiseAlert(short alertLevel,
                          short alertDescription,
                          java.lang.String message,
                          java.lang.Exception cause)
                   throws java.io.IOException
Throws:
java.io.IOException

raiseWarning

protected void raiseWarning(short alertDescription,
                            java.lang.String message)
                     throws java.io.IOException
Throws:
java.io.IOException

sendCertificateMessage

protected void sendCertificateMessage(Certificate certificate)
                               throws java.io.IOException
Throws:
java.io.IOException

sendChangeCipherSpecMessage

protected void sendChangeCipherSpecMessage()
                                    throws java.io.IOException
Throws:
java.io.IOException

sendFinishedMessage

protected void sendFinishedMessage()
                            throws java.io.IOException
Throws:
java.io.IOException

sendSupplementalDataMessage

protected void sendSupplementalDataMessage(java.util.Vector supplementalData)
                                    throws java.io.IOException
Throws:
java.io.IOException

createVerifyData

protected byte[] createVerifyData(boolean isServer)

close

public void close()
           throws java.io.IOException
Closes this connection.

Throws:
java.io.IOException - If something goes wrong during closing.

handleClose

protected void handleClose(boolean user_canceled)
                    throws java.io.IOException
Throws:
java.io.IOException

flush

protected void flush()
              throws java.io.IOException
Throws:
java.io.IOException

processMaxFragmentLengthExtension

protected short processMaxFragmentLengthExtension(java.util.Hashtable clientExtensions,
                                                  java.util.Hashtable serverExtensions,
                                                  short alertDescription)
                                           throws java.io.IOException
Throws:
java.io.IOException

assertEmpty

protected static void assertEmpty(java.io.ByteArrayInputStream buf)
                           throws java.io.IOException
Make sure the InputStream 'buf' now empty. Fail otherwise.

Parameters:
buf - The InputStream to check.
Throws:
java.io.IOException - If 'buf' is not empty.

createRandomBlock

protected static byte[] createRandomBlock(java.security.SecureRandom random)

createRenegotiationInfo

protected static byte[] createRenegotiationInfo(byte[] renegotiated_connection)
                                         throws java.io.IOException
Throws:
java.io.IOException

establishMasterSecret

protected static void establishMasterSecret(TlsContext context,
                                            TlsKeyExchange keyExchange)
                                     throws java.io.IOException
Throws:
java.io.IOException

getCurrentPRFHash

protected static byte[] getCurrentPRFHash(TlsContext context,
                                          org.bouncycastle.crypto.tls.TlsHandshakeHash handshakeHash,
                                          byte[] sslSender)
'sender' only relevant to SSLv3


readExtensions

protected static java.util.Hashtable readExtensions(java.io.ByteArrayInputStream input)
                                             throws java.io.IOException
Throws:
java.io.IOException

readSupplementalDataMessage

protected static java.util.Vector readSupplementalDataMessage(java.io.ByteArrayInputStream input)
                                                       throws java.io.IOException
Throws:
java.io.IOException

writeExtensions

protected static void writeExtensions(java.io.OutputStream output,
                                      java.util.Hashtable extensions)
                               throws java.io.IOException
Throws:
java.io.IOException

writeSupplementalData

protected static void writeSupplementalData(java.io.OutputStream output,
                                            java.util.Vector supplementalData)
                                     throws java.io.IOException
Throws:
java.io.IOException

getPRFAlgorithm

protected static int getPRFAlgorithm(TlsContext context,
                                     int ciphersuite)
                              throws java.io.IOException
Throws:
java.io.IOException

Bouncy Castle Cryptography 1.50