Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  package org.bouncycastle.crypto.tls;
  
  import java.util.Vector;
  
  public abstract class AbstractTlsClient
      extends AbstractTlsPeer
      implements TlsClient
 {
     protected TlsCipherFactory cipherFactory;
 
     protected TlsClientContext context;
 
     protected Vector supportedSignatureAlgorithms;
     protected int[] namedCurves;
     protected short[] clientECPointFormatsserverECPointFormats;
 
     protected int selectedCipherSuite;
     protected short selectedCompressionMethod;
 
     public AbstractTlsClient()
     {
         this(new DefaultTlsCipherFactory());
     }
 
     public AbstractTlsClient(TlsCipherFactory cipherFactory)
     {
         this. = cipherFactory;
     }
 
     protected boolean allowUnexpectedServerExtension(Integer extensionTypebyte[] extensionData)
         throws IOException
     {
         switch (extensionType.intValue())
         {
         case .:
             /*
              * Exception added based on field reports that some servers do send this, although the
              * Supported Elliptic Curves Extension is clearly intended to be client-only. If
              * present, we still require that it is a valid EllipticCurveList.
              */
             TlsECCUtils.readSupportedEllipticCurvesExtension(extensionData);
             return true;
         default:
             return false;
         }
     }
 
     protected void checkForUnexpectedServerExtension(Hashtable serverExtensionsInteger extensionType)
         throws IOException
     {
         byte[] extensionData = TlsUtils.getExtensionData(serverExtensionsextensionType);
         if (extensionData != null && !allowUnexpectedServerExtension(extensionTypeextensionData))
         {
             throw new TlsFatalAlert(.);
         }
     }
 
     public void init(TlsClientContext context)
     {
         this. = context;
     }
 
     public TlsSession getSessionToResume()
     {
         return null;
     }

    
RFC 5246 E.1. "TLS clients that wish to negotiate with older servers MAY send any value {03,XX} as the record layer version number. Typical values would be {03,00}, the lowest version number supported by the client, and the value of ClientHello.client_version. No single value will guarantee interoperability with all old servers, but this is a complex topic beyond the scope of this document."
 
     {
         // "{03,00}"
         // return ProtocolVersion.SSLv3;
 
         // "the lowest version number supported by the client"
         // return getMinimumVersion();
 
         // "the value of ClientHello.client_version"
         return getClientVersion();
     }
 
     public ProtocolVersion getClientVersion()
     {
         return .;
     }
 
     public boolean isFallback()
     {
         /*
          * draft-ietf-tls-downgrade-scsv-00 4. [..] is meant for use by clients that repeat a
          * connection attempt with a downgraded protocol in order to avoid interoperability problems
          * with legacy servers.
         */
        return false;
    }
        throws IOException
    {
        Hashtable clientExtensions = null;
        ProtocolVersion clientVersion = .getClientVersion();
        /*
         * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2.
         * Clients MUST NOT offer it if they are offering prior versions.
         */
        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(clientVersion))
        {
            // TODO Provide a way for the user to specify the acceptable hash/signature algorithms.
            this. = TlsUtils.getDefaultSupportedSignatureAlgorithms();
            clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(clientExtensions);
            TlsUtils.addSignatureAlgorithmsExtension(clientExtensions);
        }
        if (TlsECCUtils.containsECCCipherSuites(getCipherSuites()))
        {
            /*
             * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message
             * appends these extensions (along with any others), enumerating the curves it supports
             * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic
             * Curves Extension and the Supported Point Formats Extension.
             */
            /*
             * TODO Could just add all the curves since we support them all, but users may not want
             * to use unnecessarily large fields. Need configuration options.
             */
            this. = new int[]{ .. };
            this. = new short[]{ .,
            clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(clientExtensions);
            TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions);
            TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions);
        }
        return clientExtensions;
    }
    {
        return .;
    }
    public void notifyServerVersion(ProtocolVersion serverVersion)
        throws IOException
    {
        if (!getMinimumVersion().isEqualOrEarlierVersionOf(serverVersion))
        {
            throw new TlsFatalAlert(.);
        }
    }
    public short[] getCompressionMethods()
    {
        return new short[]{.};
    }
    public void notifySessionID(byte[] sessionID)
    {
        // Currently ignored
    }
    public void notifySelectedCipherSuite(int selectedCipherSuite)
    {
        this. = selectedCipherSuite;
    }
    public void notifySelectedCompressionMethod(short selectedCompressionMethod)
    {
        this. = selectedCompressionMethod;
    }
    public void processServerExtensions(Hashtable serverExtensions)
        throws IOException
    {
        /*
         * TlsProtocol implementation validates that any server extensions received correspond to
         * client extensions sent. By default, we don't send any, and this method is not called.
         */
        if (serverExtensions != null)
        {
            /*
             * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension.
             */
            checkForUnexpectedServerExtension(serverExtensions.);
            checkForUnexpectedServerExtension(serverExtensions.);
            if (TlsECCUtils.isECCCipherSuite(this.))
            {
                this. = TlsECCUtils.getSupportedPointFormatsExtension(serverExtensions);
            }
            else
            {
                checkForUnexpectedServerExtension(serverExtensions.);
            }
        }
    }
    public void processServerSupplementalData(Vector serverSupplementalData)
        throws IOException
    {
        if (serverSupplementalData != null)
        {
            throw new TlsFatalAlert(.);
        }
    }
        throws IOException
    {
        return null;
    }
        throws IOException
    {
        switch ()
        {
        case .:
            return new TlsNullCompression();
        default:
            /*
             * Note: internal error here; the TlsProtocol implementation verifies that the
             * server-selected compression method was in the list of client-offered compression
             * methods, so if we now can't produce an implementation, we shouldn't have offered it!
             */
            throw new TlsFatalAlert(.);
        }
    }
    public void notifyNewSessionTicket(NewSessionTicket newSessionTicket)
        throws IOException
    {
    }
New to GrepCode? Check out our FAQ X