Package net.luminis.tls.handshake
Class TlsClientEngine
- java.lang.Object
-
- net.luminis.tls.handshake.TlsEngine
-
- net.luminis.tls.handshake.TlsClientEngine
-
- All Implemented Interfaces:
ClientMessageProcessor,MessageProcessor,TrafficSecrets
public class TlsClientEngine extends TlsEngine implements ClientMessageProcessor
-
-
Field Summary
Fields Modifier and Type Field Description static java.util.List<TlsConstants.SignatureScheme>AVAILABLE_SIGNATURES-
Fields inherited from class net.luminis.tls.handshake.TlsEngine
algorithmMapping, privateKey, publicKey, state
-
-
Constructor Summary
Constructors Constructor Description TlsClientEngine(ClientMessageSender clientMessageSender, TlsStatusEventHandler tlsStatusHandler)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidadd(Extension extension)voidaddExtensions(java.util.List<Extension> extensions)voidaddSupportedCiphers(java.util.List<TlsConstants.CipherSuite> supportedCiphers)protected voidcheckCertificateValidity(java.util.List<java.security.cert.X509Certificate> certificates)java.util.List<NewSessionTicket>getNewSessionTickets()Returns tickets provided by the current connection.TlsConstants.CipherSuitegetSelectedCipher()java.util.List<java.security.cert.X509Certificate>getServerCertificateChain()booleanhandshakeFinished()voidreceived(CertificateMessage certificateMessage, ProtectionKeysType protectedBy)voidreceived(CertificateRequestMessage certificateRequestMessage, ProtectionKeysType protectedBy)voidreceived(CertificateVerifyMessage certificateVerifyMessage, ProtectionKeysType protectedBy)voidreceived(EncryptedExtensions encryptedExtensions, ProtectionKeysType protectedBy)voidreceived(FinishedMessage finishedMessage, ProtectionKeysType protectedBy)voidreceived(NewSessionTicketMessage nst, ProtectionKeysType protectedBy)voidreceived(ServerHello serverHello, ProtectionKeysType protectedBy)Updates the (handshake) state with a received Server Hello message.voidsetClientCertificateCallback(java.util.function.Function<java.util.List<javax.security.auth.x500.X500Principal>,CertificateWithPrivateKey> callback)voidsetCompatibilityMode(boolean compatibilityMode)voidsetHostnameVerifier(HostnameVerifier hostnameVerifier)voidsetNewSessionTicket(NewSessionTicket newSessionTicket)Add ticket to use for a new session.voidsetServerName(java.lang.String serverName)voidsetTrustManager(javax.net.ssl.X509TrustManager customTrustManager)voidstartHandshake()voidstartHandshake(TlsConstants.NamedGroup ecCurve)voidstartHandshake(TlsConstants.NamedGroup ecCurve, java.util.List<TlsConstants.SignatureScheme> signatureSchemes)protected booleanverifySignature(byte[] signatureToVerify, TlsConstants.SignatureScheme signatureScheme, java.security.cert.Certificate certificate, byte[] transcriptHash)-
Methods inherited from class net.luminis.tls.handshake.TlsEngine
computeFinishedVerifyData, computeSignature, generateKeys, getClientApplicationTrafficSecret, getClientEarlyTrafficSecret, getClientHandshakeTrafficSecret, getServerApplicationTrafficSecret, getServerHandshakeTrafficSecret, getSignatureAlgorithm, hashLength, keyLength
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.luminis.tls.handshake.ClientMessageProcessor
received
-
-
-
-
Field Detail
-
AVAILABLE_SIGNATURES
public static final java.util.List<TlsConstants.SignatureScheme> AVAILABLE_SIGNATURES
-
-
Constructor Detail
-
TlsClientEngine
public TlsClientEngine(ClientMessageSender clientMessageSender, TlsStatusEventHandler tlsStatusHandler)
-
-
Method Detail
-
startHandshake
public void startHandshake() throws java.io.IOException- Throws:
java.io.IOException
-
startHandshake
public void startHandshake(TlsConstants.NamedGroup ecCurve) throws java.io.IOException
- Throws:
java.io.IOException
-
startHandshake
public void startHandshake(TlsConstants.NamedGroup ecCurve, java.util.List<TlsConstants.SignatureScheme> signatureSchemes) throws java.io.IOException
- Throws:
java.io.IOException
-
received
public void received(ServerHello serverHello, ProtectionKeysType protectedBy) throws MissingExtensionAlert, IllegalParameterAlert
Updates the (handshake) state with a received Server Hello message.- Specified by:
receivedin interfaceMessageProcessor- Parameters:
serverHello-protectedBy-- Throws:
MissingExtensionAlertIllegalParameterAlert
-
received
public void received(EncryptedExtensions encryptedExtensions, ProtectionKeysType protectedBy) throws TlsProtocolException
- Specified by:
receivedin interfaceMessageProcessor- Throws:
TlsProtocolException
-
received
public void received(CertificateMessage certificateMessage, ProtectionKeysType protectedBy) throws TlsProtocolException
- Specified by:
receivedin interfaceMessageProcessor- Throws:
TlsProtocolException
-
received
public void received(CertificateVerifyMessage certificateVerifyMessage, ProtectionKeysType protectedBy) throws TlsProtocolException
- Specified by:
receivedin interfaceMessageProcessor- Throws:
TlsProtocolException
-
received
public void received(FinishedMessage finishedMessage, ProtectionKeysType protectedBy) throws ErrorAlert, java.io.IOException
- Specified by:
receivedin interfaceMessageProcessor- Throws:
ErrorAlertjava.io.IOException
-
received
public void received(NewSessionTicketMessage nst, ProtectionKeysType protectedBy) throws UnexpectedMessageAlert
- Specified by:
receivedin interfaceMessageProcessor- Throws:
UnexpectedMessageAlert
-
received
public void received(CertificateRequestMessage certificateRequestMessage, ProtectionKeysType protectedBy) throws TlsProtocolException, java.io.IOException
- Specified by:
receivedin interfaceMessageProcessor- Throws:
TlsProtocolExceptionjava.io.IOException
-
verifySignature
protected boolean verifySignature(byte[] signatureToVerify, TlsConstants.SignatureScheme signatureScheme, java.security.cert.Certificate certificate, byte[] transcriptHash) throws HandshakeFailureAlert- Throws:
HandshakeFailureAlert
-
checkCertificateValidity
protected void checkCertificateValidity(java.util.List<java.security.cert.X509Certificate> certificates) throws BadCertificateAlert- Throws:
BadCertificateAlert
-
setServerName
public void setServerName(java.lang.String serverName)
-
setCompatibilityMode
public void setCompatibilityMode(boolean compatibilityMode)
-
addSupportedCiphers
public void addSupportedCiphers(java.util.List<TlsConstants.CipherSuite> supportedCiphers)
-
addExtensions
public void addExtensions(java.util.List<Extension> extensions)
-
add
public void add(Extension extension)
-
setTrustManager
public void setTrustManager(javax.net.ssl.X509TrustManager customTrustManager)
-
setNewSessionTicket
public void setNewSessionTicket(NewSessionTicket newSessionTicket)
Add ticket to use for a new session.- Parameters:
newSessionTicket-
-
getSelectedCipher
public TlsConstants.CipherSuite getSelectedCipher()
- Specified by:
getSelectedCipherin classTlsEngine
-
getNewSessionTickets
public java.util.List<NewSessionTicket> getNewSessionTickets()
Returns tickets provided by the current connection.- Returns:
-
getServerCertificateChain
public java.util.List<java.security.cert.X509Certificate> getServerCertificateChain()
-
setHostnameVerifier
public void setHostnameVerifier(HostnameVerifier hostnameVerifier)
-
handshakeFinished
public boolean handshakeFinished()
-
setClientCertificateCallback
public void setClientCertificateCallback(java.util.function.Function<java.util.List<javax.security.auth.x500.X500Principal>,CertificateWithPrivateKey> callback)
-
-