Package org.bouncycastle.tls

Interface TlsClient

All Superinterfaces:
TlsPeer
All Known Implementing Classes:
AbstractTlsClient, DefaultTlsClient, PSKTlsClient, SRPTlsClient
public interface TlsClient extends TlsPeer
Interface describing a TLS client endpoint.

  • Method Details

    • init

      void init(TlsClientContext context)

    • getSessionToResume

      TlsSession getSessionToResume()
      Return the session this client wants to resume, if any. Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.
      Returns:
      A TlsSession representing the resumable session to be used for this connection, or null to use a new session.
      See Also:

    • isFallback

      boolean isFallback()

    • getClientExtensions

      Hashtable getClientExtensions() throws IOException
      Throws:
      IOException

    • getEarlyKeyShareGroups

      Vector getEarlyKeyShareGroups()
      If this client is offering TLS 1.3 or higher, this method may be called to determine for which groups a key share should be included in the initial ClientHello. Groups that were not included in the supported_groups extension (by getClientExtensions() will be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions.
      Returns:
      a Vector of named group values, possibly empty or null.
      Throws:
      IOException

    • notifyServerVersion

      void notifyServerVersion(ProtocolVersion selectedVersion) throws IOException
      Throws:
      IOException

    • notifySessionID

      void notifySessionID(byte[] sessionID)
      Notifies the client of the session_id sent in the ServerHello.
      Parameters:
      sessionID -
      See Also:

    • notifySelectedCipherSuite

      void notifySelectedCipherSuite(int selectedCipherSuite)

    • processServerExtensions

      void processServerExtensions(Hashtable serverExtensions) throws IOException
      The TlsClientProtocol implementation validates that any server extensions received correspond to client extensions sent. If further processing of the server extensions is needed, it can be done in this callback. NOTE: This is not called for session resumption handshakes.
      Parameters:
      serverExtensions - (Integer -> byte[])
      Throws:
      IOException

    • processServerSupplementalData

      void processServerSupplementalData(Vector serverSupplementalData) throws IOException
      Throws:
      IOException

    • getPSKIdentity

      TlsPSKIdentity getPSKIdentity() throws IOException
      Throws:
      IOException

    • getSRPIdentity

      TlsSRPIdentity getSRPIdentity() throws IOException
      Throws:
      IOException

    • getDHGroupVerifier

      TlsDHGroupVerifier getDHGroupVerifier() throws IOException
      Throws:
      IOException

    • getSRPConfigVerifier

      TlsSRPConfigVerifier getSRPConfigVerifier() throws IOException
      Throws:
      IOException

    • getAuthentication

      TlsAuthentication getAuthentication() throws IOException
      Throws:
      IOException

    • getClientSupplementalData

      Vector getClientSupplementalData() throws IOException
      Throws:
      IOException

    • notifyNewSessionTicket

      void notifyNewSessionTicket(NewSessionTicket newSessionTicket) throws IOException
      RFC 5077 3.3. NewSessionTicket Handshake Message

      This method will be called (only) when a NewSessionTicket handshake message is received. The ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.

      Parameters:
      newSessionTicket - The ticket.
      Throws:
      IOException